From cf0d4c8e95b1cf6e97c3f77e89621eb54a7490ff Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Sun, 1 Sep 2024 17:46:23 +0200 Subject: [PATCH] 4.19-stable patches added patches: drm-fb-helper-set-x-yres_virtual-in-drm_fb_helper_check_var.patch ipc-remove-memcg-accounting-for-sops-objects-in-do_semtimedop.patch --- ...s_virtual-in-drm_fb_helper_check_var.patch | 39 +++++++++++++ ...ng-for-sops-objects-in-do_semtimedop.patch | 58 +++++++++++++++++++ queue-4.19/series | 2 + 3 files changed, 99 insertions(+) create mode 100644 queue-4.19/drm-fb-helper-set-x-yres_virtual-in-drm_fb_helper_check_var.patch create mode 100644 queue-4.19/ipc-remove-memcg-accounting-for-sops-objects-in-do_semtimedop.patch diff --git a/queue-4.19/drm-fb-helper-set-x-yres_virtual-in-drm_fb_helper_check_var.patch b/queue-4.19/drm-fb-helper-set-x-yres_virtual-in-drm_fb_helper_check_var.patch new file mode 100644 index 00000000000..d5d0af26acf --- /dev/null +++ b/queue-4.19/drm-fb-helper-set-x-yres_virtual-in-drm_fb_helper_check_var.patch @@ -0,0 +1,39 @@ +From 1935f0deb6116dd785ea64d8035eab0ff441255b Mon Sep 17 00:00:00 2001 +From: Daniel Vetter +Date: Tue, 4 Apr 2023 21:40:36 +0200 +Subject: drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var + +From: Daniel Vetter + +commit 1935f0deb6116dd785ea64d8035eab0ff441255b upstream. + +Drivers are supposed to fix this up if needed if they don't outright +reject it. Uncovered by 6c11df58fd1a ("fbmem: Check virtual screen +sizes in fb_set_var()"). + +Reported-by: syzbot+20dcf81733d43ddff661@syzkaller.appspotmail.com +Link: https://syzkaller.appspot.com/bug?id=c5faf983bfa4a607de530cd3bb008888bf06cefc +Cc: stable@vger.kernel.org # v5.4+ +Cc: Daniel Vetter +Cc: Javier Martinez Canillas +Cc: Thomas Zimmermann +Reviewed-by: Javier Martinez Canillas +Signed-off-by: Daniel Vetter +Link: https://patchwork.freedesktop.org/patch/msgid/20230404194038.472803-1-daniel.vetter@ffwll.ch +Signed-off-by: Greg Kroah-Hartman +--- + drivers/gpu/drm/drm_fb_helper.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/drivers/gpu/drm/drm_fb_helper.c ++++ b/drivers/gpu/drm/drm_fb_helper.c +@@ -1713,6 +1713,9 @@ int drm_fb_helper_check_var(struct fb_va + return -EINVAL; + } + ++ var->xres_virtual = fb->width; ++ var->yres_virtual = fb->height; ++ + /* + * Workaround for SDL 1.2, which is known to be setting all pixel format + * fields values to zero in some cases. We treat this situation as a diff --git a/queue-4.19/ipc-remove-memcg-accounting-for-sops-objects-in-do_semtimedop.patch b/queue-4.19/ipc-remove-memcg-accounting-for-sops-objects-in-do_semtimedop.patch new file mode 100644 index 00000000000..379b8a0551f --- /dev/null +++ b/queue-4.19/ipc-remove-memcg-accounting-for-sops-objects-in-do_semtimedop.patch @@ -0,0 +1,58 @@ +From 6a4746ba06191e23d30230738e94334b26590a8a Mon Sep 17 00:00:00 2001 +From: Vasily Averin +Date: Sat, 11 Sep 2021 10:40:08 +0300 +Subject: ipc: remove memcg accounting for sops objects in do_semtimedop() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Vasily Averin + +commit 6a4746ba06191e23d30230738e94334b26590a8a upstream. + +Linus proposes to revert an accounting for sops objects in +do_semtimedop() because it's really just a temporary buffer +for a single semtimedop() system call. + +This object can consume up to 2 pages, syscall is sleeping +one, size and duration can be controlled by user, and this +allocation can be repeated by many thread at the same time. + +However Shakeel Butt pointed that there are much more popular +objects with the same life time and similar memory +consumption, the accounting of which was decided to be +rejected for performance reasons. + +Considering at least 2 pages for task_struct and 2 pages for +the kernel stack, a back of the envelope calculation gives a +footprint amplification of <1.5 so this temporal buffer can be +safely ignored. + +The factor would IMO be interesting if it was >> 2 (from the +PoV of excessive (ab)use, fine-grained accounting seems to be +currently unfeasible due to performance impact). + +Link: https://lore.kernel.org/lkml/90e254df-0dfe-f080-011e-b7c53ee7fd20@virtuozzo.com/ +Fixes: 18319498fdd4 ("memcg: enable accounting of ipc resources") +Signed-off-by: Vasily Averin +Acked-by: Michal Hocko +Reviewed-by: Michal Koutný +Acked-by: Shakeel Butt +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman +--- + ipc/sem.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +--- a/ipc/sem.c ++++ b/ipc/sem.c +@@ -1962,8 +1962,7 @@ static long do_semtimedop(int semid, str + if (nsops > ns->sc_semopm) + return -E2BIG; + if (nsops > SEMOPM_FAST) { +- sops = kvmalloc_array(nsops, sizeof(*sops), +- GFP_KERNEL_ACCOUNT); ++ sops = kvmalloc_array(nsops, sizeof(*sops), GFP_KERNEL); + if (sops == NULL) + return -ENOMEM; + } diff --git a/queue-4.19/series b/queue-4.19/series index e2a062f3d04..7e51bfcc132 100644 --- a/queue-4.19/series +++ b/queue-4.19/series @@ -94,3 +94,5 @@ usb-dwc3-core-prevent-usb-core-invalid-event-buffer-address-access.patch usb-dwc3-st-fix-probed-platform-device-ref-count-on-probe-error-path.patch usb-core-sysfs-unmerge-usb3_hardware_lpm_attr_group-in-remove_power_attributes.patch scsi-aacraid-fix-double-free-on-probe-failure.patch +ipc-remove-memcg-accounting-for-sops-objects-in-do_semtimedop.patch +drm-fb-helper-set-x-yres_virtual-in-drm_fb_helper_check_var.patch -- 2.47.3