The amount of pipe->buffers is basically controlled by userspace by
fcntl(... F_SETPIPE_SZ ...) so it could be large. High order allocations
could be slow (if memory is heavily fragmented) or may fail if the order
is larger than PAGE_ALLOC_COSTLY_ORDER.
Since the 'bufs' doesn't need to be physically contiguous, use
the kvmalloc_array() to allocate memory. If high order
page isn't available, the kvamalloc*() will fallback to 0-order.
Signed-off-by: Andrey Ryabinin <aryabi...@virtuozzo.com>
---
fs/fuse/dev.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
index 702592cce546..fd4a838c1673 100644
--- a/fs/fuse/dev.c
+++ b/fs/fuse/dev.c
@@ -1362,8 +1362,8 @@ static ssize_t fuse_dev_splice_read(struct file *in,
loff_t *ppos,
if (!fud)
return -EPERM;
- bufs = kmalloc_array(pipe->buffers, sizeof(struct pipe_buffer),
- GFP_KERNEL);
+ bufs = kvmalloc_array(pipe->buffers, sizeof(struct pipe_buffer),
+ GFP_KERNEL);
if (!bufs)
return -ENOMEM;
@@ -1396,7 +1396,7 @@ static ssize_t fuse_dev_splice_read(struct file *in,
loff_t *ppos,
for (; page_nr < cs.nr_segs; page_nr++)
put_page(bufs[page_nr].page);
- kfree(bufs);
+ kvfree(bufs);
return ret;
}
@@ -1946,8 +1946,8 @@ static ssize_t fuse_dev_splice_write(struct
pipe_inode_info *pipe,
pipe_lock(pipe);
- bufs = kmalloc_array(pipe->buffers, sizeof(struct pipe_buffer),
- GFP_KERNEL);
+ bufs = kvmalloc_array(pipe->buffers, sizeof(struct pipe_buffer),
+ GFP_KERNEL);
if (!bufs) {
pipe_unlock(pipe);
return -ENOMEM;
@@ -2006,7 +2006,7 @@ static ssize_t fuse_dev_splice_write(struct
pipe_inode_info *pipe,
pipe_buf_release(pipe, &bufs[idx]);
out:
- kfree(bufs);
+ kvfree(bufs);
return ret;
}
--
2.16.4
