diff --git a/patches.suse/KVM-use-__vcalloc-for-very-large-allocations b/patches.suse/KVM-use-__vcalloc-for-very-large-allocations
new file mode 100644
index 0000000..d5450db
--- /dev/null
+++ b/patches.suse/KVM-use-__vcalloc-for-very-large-allocations
@@ -0,0 +1,81 @@
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 8 Mar 2022 04:49:37 -0500
+Subject: KVM: use __vcalloc for very large allocations
+Git-commit: 37b2a6510a48ca361ced679f92682b7b7d7d0330
+Patch-mainline: v5.18-rc1
+References: bsc#1198110
+
+Allocations whose size is related to the memslot size can be arbitrarily
+large.  Do not use kvzalloc/kvcalloc, as those are limited to "not crazy"
+sizes that fit in 32 bits.
+
+Cc: stable@vger.kernel.org
+Fixes: 7661809d493b ("mm: don't allow oversized kvmalloc() calls")
+Reviewed-by: David Hildenbrand <david@redhat.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Acked-by: Dario Faggioli <dfaggioli@suse.com>
+---
+ arch/powerpc/kvm/book3s_hv_uvmem.c | 2 +-
+ arch/x86/kvm/mmu/page_track.c      | 7 ++++---
+ arch/x86/kvm/x86.c                 | 4 ++--
+ virt/kvm/kvm_main.c                | 4 ++--
+ 4 files changed, 9 insertions(+), 8 deletions(-)
+
+--- a/arch/powerpc/kvm/book3s_hv_uvmem.c
++++ b/arch/powerpc/kvm/book3s_hv_uvmem.c
+@@ -251,7 +251,7 @@
+ 	p = kzalloc(sizeof(*p), GFP_KERNEL);
+ 	if (!p)
+ 		return -ENOMEM;
+-	p->pfns = vzalloc(array_size(slot->npages, sizeof(*p->pfns)));
++	p->pfns = vcalloc(slot->npages, sizeof(*p->pfns));
+ 	if (!p->pfns) {
+ 		kfree(p);
+ 		return -ENOMEM;
+--- a/arch/x86/kvm/mmu/page_track.c
++++ b/arch/x86/kvm/mmu/page_track.c
+@@ -35,8 +35,8 @@
+ 
+ 	for (i = 0; i < KVM_PAGE_TRACK_MAX; i++) {
+ 		slot->arch.gfn_track[i] =
+-			kvcalloc(npages, sizeof(*slot->arch.gfn_track[i]),
+-				 GFP_KERNEL_ACCOUNT);
++			__vcalloc(npages, sizeof(*slot->arch.gfn_track[i]),
++				  GFP_KERNEL_ACCOUNT);
+ 		if (!slot->arch.gfn_track[i])
+ 			goto track_free;
+ 	}
+--- a/arch/x86/kvm/x86.c
++++ b/arch/x86/kvm/x86.c
+@@ -11246,7 +11246,7 @@
+ 
+ 		WARN_ON(slot->arch.rmap[i]);
+ 
+-		slot->arch.rmap[i] = kvcalloc(lpages, sz, GFP_KERNEL_ACCOUNT);
++		slot->arch.rmap[i] = __vcalloc(lpages, sz, GFP_KERNEL_ACCOUNT);
+ 		if (!slot->arch.rmap[i]) {
+ 			memslot_rmap_free(slot);
+ 			return -ENOMEM;
+@@ -11328,7 +11328,7 @@
+ 		lpages = gfn_to_index(slot->base_gfn + npages - 1,
+ 				      slot->base_gfn, level) + 1;
+ 
+-		linfo = kvcalloc(lpages, sizeof(*linfo), GFP_KERNEL_ACCOUNT);
++		linfo = __vcalloc(lpages, sizeof(*linfo), GFP_KERNEL_ACCOUNT);
+ 		if (!linfo)
+ 			goto out_free;
+ 
+--- a/virt/kvm/kvm_main.c
++++ b/virt/kvm/kvm_main.c
+@@ -1170,9 +1170,9 @@
+  */
+ static int kvm_alloc_dirty_bitmap(struct kvm_memory_slot *memslot)
+ {
+-	unsigned long dirty_bytes = 2 * kvm_dirty_bitmap_bytes(memslot);
++	unsigned long dirty_bytes = kvm_dirty_bitmap_bytes(memslot);
+ 
+-	memslot->dirty_bitmap = kvzalloc(dirty_bytes, GFP_KERNEL_ACCOUNT);
++	memslot->dirty_bitmap = __vcalloc(2, dirty_bytes, GFP_KERNEL_ACCOUNT);
+ 	if (!memslot->dirty_bitmap)
+ 		return -ENOMEM;
+ 
diff --git a/patches.suse/mm-use-vmalloc_array-and-vcalloc-for-array-allocations b/patches.suse/mm-use-vmalloc_array-and-vcalloc-for-array-allocations
new file mode 100644
index 0000000..4fef73b
--- /dev/null
+++ b/patches.suse/mm-use-vmalloc_array-and-vcalloc-for-array-allocations
@@ -0,0 +1,52 @@
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 8 Mar 2022 05:02:21 -0500
+Subject: mm: use vmalloc_array and vcalloc for array allocations
+Git-commit: 3000f2e2fc855664c28d3e6a47e0373737974eb4
+Patch-mainline: v5.18-rc1
+References: bsc#1198110
+
+Instead of using array_size or just a multiply, use a function that
+takes care of both the multiplication and the overflow checks.
+
+Acked-by: Michal Hocko <mhocko@suse.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Acked-by: Dario Faggioli <dfaggioli@suse.com>
+---
+ mm/percpu-stats.c | 2 +-
+ mm/swap_cgroup.c  | 4 +---
+ 2 files changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/mm/percpu-stats.c b/mm/percpu-stats.c
+index c6bd092ff7a3..dd3590dfc23d 100644
+--- a/mm/percpu-stats.c
++++ b/mm/percpu-stats.c
+@@ -144,7 +144,7 @@ static int percpu_stats_show(struct seq_file *m, void *v)
+ 	spin_unlock_irq(&pcpu_lock);
+ 
+ 	/* there can be at most this many free and allocated fragments */
+-	buffer = vmalloc(array_size(sizeof(int), (2 * max_nr_alloc + 1)));
++	buffer = vmalloc_array(2 * max_nr_alloc + 1, sizeof(int));
+ 	if (!buffer)
+ 		return -ENOMEM;
+ 
+diff --git a/mm/swap_cgroup.c b/mm/swap_cgroup.c
+index 7f34343c075a..5a9442979a18 100644
+--- a/mm/swap_cgroup.c
++++ b/mm/swap_cgroup.c
+@@ -167,14 +167,12 @@ unsigned short lookup_swap_cgroup_id(swp_entry_t ent)
+ int swap_cgroup_swapon(int type, unsigned long max_pages)
+ {
+ 	void *array;
+-	unsigned long array_size;
+ 	unsigned long length;
+ 	struct swap_cgroup_ctrl *ctrl;
+ 
+ 	length = DIV_ROUND_UP(max_pages, SC_PER_PAGE);
+-	array_size = length * sizeof(void *);
+ 
+-	array = vzalloc(array_size);
++	array = vcalloc(length, sizeof(void *));
+ 	if (!array)
+ 		goto nomem;
+ 
+
diff --git a/patches.suse/mm-vmalloc-introduce-array-allocation-functions b/patches.suse/mm-vmalloc-introduce-array-allocation-functions
new file mode 100644
index 0000000..1d4c7ac
--- /dev/null
+++ b/patches.suse/mm-vmalloc-introduce-array-allocation-functions
@@ -0,0 +1,93 @@
+From: Paolo Bonzini <pbonzini@redhat.com>
+Date: Tue, 8 Mar 2022 04:47:22 -0500
+Subject: mm: vmalloc: introduce array allocation functions
+Git-commit: a8749a35c39903120ec421ef2525acc8e0daa55c
+Patch-mainline: v5.18-rc1
+References: bsc#1198110
+
+Linux has dozens of occurrences of vmalloc(array_size()) and
+vzalloc(array_size()).  Allow to simplify the code by providing
+vmalloc_array and vcalloc, as well as the underscored variants that let
+the caller specify the GFP flags.
+
+Acked-by: Michal Hocko <mhocko@suse.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+Acked-by: Dario Faggioli <dfaggioli@suse.com>
+---
+ include/linux/vmalloc.h |  5 +++++
+ mm/util.c               | 50 +++++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 55 insertions(+)
+
+--- a/include/linux/vmalloc.h
++++ b/include/linux/vmalloc.h
+@@ -152,6 +152,11 @@
+ 		int node, const void *caller);
+ void *vmalloc_no_huge(unsigned long size);
+ 
++extern void *__vmalloc_array(size_t n, size_t size, gfp_t flags);
++extern void *vmalloc_array(size_t n, size_t size);
++extern void *__vcalloc(size_t n, size_t size, gfp_t flags);
++extern void *vcalloc(size_t n, size_t size);
++
+ extern void vfree(const void *addr);
+ extern void vfree_atomic(const void *addr);
+ 
+--- a/mm/util.c
++++ b/mm/util.c
+@@ -664,6 +664,56 @@
+ 	return (void *)mapping;
+ }
+ 
++/**
++ * __vmalloc_array - allocate memory for a virtually contiguous array.
++ * @n: number of elements.
++ * @size: element size.
++ * @flags: the type of memory to allocate (see kmalloc).
++ */
++void *__vmalloc_array(size_t n, size_t size, gfp_t flags)
++{
++	size_t bytes;
++
++	if (unlikely(check_mul_overflow(n, size, &bytes)))
++		return NULL;
++	return __vmalloc(bytes, flags);
++}
++EXPORT_SYMBOL(__vmalloc_array);
++
++/**
++ * vmalloc_array - allocate memory for a virtually contiguous array.
++ * @n: number of elements.
++ * @size: element size.
++ */
++void *vmalloc_array(size_t n, size_t size)
++{
++	return __vmalloc_array(n, size, GFP_KERNEL);
++}
++EXPORT_SYMBOL(vmalloc_array);
++
++/**
++ * __vcalloc - allocate and zero memory for a virtually contiguous array.
++ * @n: number of elements.
++ * @size: element size.
++ * @flags: the type of memory to allocate (see kmalloc).
++ */
++void *__vcalloc(size_t n, size_t size, gfp_t flags)
++{
++	return __vmalloc_array(n, size, flags | __GFP_ZERO);
++}
++EXPORT_SYMBOL(__vcalloc);
++
++/**
++ * vcalloc - allocate and zero memory for a virtually contiguous array.
++ * @n: number of elements.
++ * @size: element size.
++ */
++void *vcalloc(size_t n, size_t size)
++{
++	return __vmalloc_array(n, size, GFP_KERNEL | __GFP_ZERO);
++}
++EXPORT_SYMBOL(vcalloc);
++
+ /* Neutral page->mapping pointer to address_space or anon_vma or other */
+ void *page_rmapping(struct page *page)
+ {
diff --git a/series.conf b/series.conf
index 33bb811..2a76cf3 100644
--- a/series.conf
+++ b/series.conf
@@ -8391,6 +8391,9 @@
 	patches.suse/ALSA-pcm-Fix-races-among-concurrent-read-write-and-b.patch
 	patches.suse/ALSA-pcm-Fix-races-among-concurrent-prepare-and-hw_p.patch
 	patches.suse/ALSA-pcm-Fix-races-among-concurrent-prealloc-proc-wr.patch
+	patches.suse/mm-vmalloc-introduce-array-allocation-functions
+	patches.suse/mm-use-vmalloc_array-and-vcalloc-for-array-allocations
+	patches.suse/KVM-use-__vcalloc-for-very-large-allocations
 	patches.suse/msft-hv-2551-x86-hyperv-Output-host-build-info-as-normal-Windows-.patch
 	patches.suse/netfilter-nf_tables-validate-registers-coming-from-u.patch
 	patches.suse/0001-drm-ast-Enable-the-supporting-of-wide-screen-on-AST2.patch