From: Nicolas Pitre <nico@fluxnic.net>
To: gregkh@linuxfoundation.org
Cc: Chen Wandun <chenwandun@huawei.com>,
Adam Borowski <kilobyte@angband.pl>,
jslaby@suse.com, daniel.vetter@ffwll.ch, sam@ravnborg.org,
b.zolnierkie@samsung.com, lukas@wunner.de, ghalat@redhat.com,
linux-kernel@vger.kernel.org
Subject: [PATCH v2] vt: don't use kmalloc() for the unicode screen buffer
Date: Sat, 28 Mar 2020 22:25:11 -0400 (EDT) [thread overview]
Message-ID: <nycvar.YSQ.7.76.2003282214210.2671@knanqh.ubzr> (raw)
In-Reply-To: <nycvar.YSQ.7.76.2003281745280.2671@knanqh.ubzr>
Even if the actual screen size is bounded in vc_do_resize(), the unicode
buffer is still a little more than twice the size of the glyph buffer
and may exceed MAX_ORDER down the kmalloc() path. This can be triggered
from user space.
Since there is no point having a physically contiguous buffer here,
let's avoid the above issue as well as reducing pressure on high order
allocations by using vmalloc() instead.
Signed-off-by: Nicolas Pitre <nico@fluxnic.net>
Cc: <stable@vger.kernel.org>
---
Changes since v1:
- Added missing include, found by kbuild test robot.
Strange that my own build doesn't complain.
diff --git a/drivers/tty/vt/vt.c b/drivers/tty/vt/vt.c
index 15d2769805..d9eb5661e9 100644
--- a/drivers/tty/vt/vt.c
+++ b/drivers/tty/vt/vt.c
@@ -81,6 +81,7 @@
#include <linux/errno.h>
#include <linux/kd.h>
#include <linux/slab.h>
+#include <linux/vmalloc.h>
#include <linux/major.h>
#include <linux/mm.h>
#include <linux/console.h>
@@ -350,7 +351,7 @@ static struct uni_screen *vc_uniscr_alloc(unsigned int cols, unsigned int rows)
/* allocate everything in one go */
memsize = cols * rows * sizeof(char32_t);
memsize += rows * sizeof(char32_t *);
- p = kmalloc(memsize, GFP_KERNEL);
+ p = vmalloc(memsize);
if (!p)
return NULL;
@@ -366,7 +367,7 @@ static struct uni_screen *vc_uniscr_alloc(unsigned int cols, unsigned int rows)
static void vc_uniscr_set(struct vc_data *vc, struct uni_screen *new_uniscr)
{
- kfree(vc->vc_uni_screen);
+ vfree(vc->vc_uni_screen);
vc->vc_uni_screen = new_uniscr;
}
next prev parent reply other threads:[~2020-03-29 2:28 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-28 21:59 [PATCH] vt: don't use kmalloc() for the unicode screen buffer Nicolas Pitre
2020-03-28 23:35 ` kbuild test robot
2020-03-28 23:35 ` kbuild test robot
2020-03-29 0:13 ` kbuild test robot
2020-03-29 0:13 ` kbuild test robot
2020-03-29 2:25 ` Nicolas Pitre [this message]
2020-03-30 19:07 ` [PATCH v2] " Sam Ravnborg
2020-03-31 8:43 ` Daniel Vetter
2020-03-31 9:30 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=nycvar.YSQ.7.76.2003282214210.2671@knanqh.ubzr \
--to=nico@fluxnic.net \
--cc=b.zolnierkie@samsung.com \
--cc=chenwandun@huawei.com \
--cc=daniel.vetter@ffwll.ch \
--cc=ghalat@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=jslaby@suse.com \
--cc=kilobyte@angband.pl \
--cc=linux-kernel@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=sam@ravnborg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.