From ab646a3b3104b3e673b9bcec333a371969bb01f7 Mon Sep 17 00:00:00 2001
From: ChenXiaoSong <chenxiaosong2@huawei.com>
Date: Thu, 2 Mar 2023 21:58:04 +0800
Subject: [PATCH 1/2] ksmbd: fix possible refcount leak in smb2_open()

mainline inclusion
from mainline-v6.3-rc4
commit 2624b445544ffc1472ccabfb6ec867c199d4c95c
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/IB62JM
CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2624b445544ffc1472ccabfb6ec867c199d4c95c

--------------------------------

Reference count of acls will leak when memory allocation fails. Fix this
by adding the missing posix_acl_release().

Fixes: e2f34481b24d ("cifsd: add server-side procedures for SMB3")
Signed-off-by: ChenXiaoSong <chenxiaosong2@huawei.com>
Acked-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>

Conflicts:
	fs/ksmbd/smb2pdu.c

Signed-off-by: ChenXiaoSong <chenxiaosong@kylinos.cn>
---
 fs/ksmbd/smb2pdu.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 20f97b37e7c6..2bef192de35f 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -3052,8 +3052,11 @@ int smb2_open(struct ksmbd_work *work)
 							sizeof(struct smb_acl) +
 							sizeof(struct smb_ace) * ace_num * 2,
 							GFP_KERNEL);
-					if (!pntsd)
+					if (!pntsd) {
+						posix_acl_release(fattr.cf_acls);
+						posix_acl_release(fattr.cf_dacls);
 						goto err_out;
+					}
 
 					rc = build_sec_desc(pntsd, NULL, 0,
 							    OWNER_SECINFO |
-- 
Gitee


From 18734abca9783627b62f5400500c6391a73ce730 Mon Sep 17 00:00:00 2001
From: ChenXiaoSong <chenxiaosong@kylinos.cn>
Date: Thu, 22 Aug 2024 08:20:50 +0000
Subject: [PATCH 2/2] ksmbd: fix return value of smb2_open()

mainline inclusion
from mainline-v6.11-rc5
commit 2186a116538a715b20e15f84fdd3545e5fe0a39b
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/IB62JM
CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2186a116538a715b20e15f84fdd3545e5fe0a39b

--------------------------------

In most error cases, error code is not returned in smb2_open(),
__process_request() will not print error message.

Fix this by returning the correct value at the end of smb2_open().

Signed-off-by: ChenXiaoSong <chenxiaosong@kylinos.cn>
Acked-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>

Conflicts:
	fs/ksmbd/smb2pdu.c

Signed-off-by: ChenXiaoSong <chenxiaosong@kylinos.cn>
---
 fs/ksmbd/smb2pdu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/ksmbd/smb2pdu.c b/fs/ksmbd/smb2pdu.c
index 2bef192de35f..30f2da671688 100644
--- a/fs/ksmbd/smb2pdu.c
+++ b/fs/ksmbd/smb2pdu.c
@@ -3366,7 +3366,7 @@ int smb2_open(struct ksmbd_work *work)
 
 	kfree(lc);
 
-	return 0;
+	return rc;
 }
 
 static int readdir_info_level_struct_sz(int info_level)
-- 
Gitee