CVE-2025-39688

In the Linux kernel, the following vulnerability has been resolved:

nfsd: allow SCSTATUSFREEABLE when searching via nfs4lookupstateid()

The pynfs DELEG8 test fails when run against nfsd. It acquires a delegation and then lets the lease time out. It then tries to use the deleg stateid and expects to see NFS4ERRDELEGREVOKED, but it gets bad NFS4ERRBADSTATEID instead.

When a delegation is revoked, it's initially marked with SCSTATUSREVOKED, or SCSTATUSADMINREVOKED and later, it's marked with the SCSTATUSFREEABLE flag, which denotes that it is waiting for s FREESTATEID call.

nfs4lookupstateid() accepts a statusmask that includes the status flags that a found stateid is allowed to have. Currently, that mask never includes SCSTATUSFREEABLE, which means that revoked delegations are (almost) never found.

Add SCSTATUSFREEABLE to the always-allowed status flags, and remove it from nfsd4_delegreturn() since it's now always implied.