This is a note to let you know that I've just added the patch titled fbdev: flush deferred work in fb_deferred_io_fsync() to the 6.6-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: fbdev-flush-deferred-work-in-fb_deferred_io_fsync.patch and it can be found in the queue-6.6 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 15e4c1f462279b4e128f27de48133e0debe9e0df Mon Sep 17 00:00:00 2001 From: Nam Cao <namcao@xxxxxxxxxxxxx> Date: Mon, 18 Dec 2023 10:57:30 +0100 Subject: fbdev: flush deferred work in fb_deferred_io_fsync() From: Nam Cao <namcao@xxxxxxxxxxxxx> commit 15e4c1f462279b4e128f27de48133e0debe9e0df upstream. The driver's fsync() is supposed to flush any pending operation to hardware. It is implemented in this driver by cancelling the queued deferred IO first, then schedule it for "immediate execution" by calling schedule_delayed_work() again with delay=0. However, setting delay=0 only means the work is scheduled immediately, it does not mean the work is executed immediately. There is no guarantee that the work is finished after schedule_delayed_work() returns. After this driver's fsync() returns, there can still be pending work. Furthermore, if close() is called by users immediately after fsync(), the pending work gets cancelled and fsync() may do nothing. To ensure that the deferred IO completes, use flush_delayed_work() instead. Write operations to this driver either write to the device directly, or invoke schedule_delayed_work(); so by flushing the workqueue, it can be guaranteed that all previous writes make it to the device. Fixes: 5e841b88d23d ("fb: fsync() method for deferred I/O flush.") Cc: stable@xxxxxxxxxxxxxxx Signed-off-by: Nam Cao <namcao@xxxxxxxxxxxxx> Reviewed-by: Sebastian Andrzej Siewior <bigeasy@xxxxxxxxxxxxx> Signed-off-by: Helge Deller <deller@xxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- drivers/video/fbdev/core/fb_defio.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) --- a/drivers/video/fbdev/core/fb_defio.c +++ b/drivers/video/fbdev/core/fb_defio.c @@ -132,11 +132,7 @@ int fb_deferred_io_fsync(struct file *fi return 0; inode_lock(inode); - /* Kill off the delayed work */ - cancel_delayed_work_sync(&info->deferred_work); - - /* Run it immediately */ - schedule_delayed_work(&info->deferred_work, 0); + flush_delayed_work(&info->deferred_work); inode_unlock(inode); return 0; Patches currently in stable-queue which might be from namcao@xxxxxxxxxxxxx are queue-6.6/fbdev-flush-deferred-work-in-fb_deferred_io_fsync.patch queue-6.6/fbdev-flush-deferred-io-before-closing.patch