CVE-2023-53378

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/i915/dpt: Treat the DPT BO as a framebuffer<br /> <br /> Currently i915_gem_object_is_framebuffer() doesn&amp;#39;t treat the<br /> BO containing the framebuffer&amp;#39;s DPT as a framebuffer itself.<br /> This means eg. that the shrinker can evict the DPT BO while<br /> leaving the actual FB BO bound, when the DPT is allocated<br /> from regular shmem.<br /> <br /> That causes an immediate oops during hibernate as we<br /> try to rewrite the PTEs inside the already evicted<br /> DPT obj.<br /> <br /> TODO: presumably this might also be the reason for the<br /> DPT related display faults under heavy memory pressure,<br /> but I&amp;#39;m still not sure how that would happen as the object<br /> should be pinned by intel_dpt_pin() while in active use by<br /> the display engine...<br /> <br /> (cherry picked from commit 779cb5ba64ec7df80675a956c9022929514f517a)