mtdchar: use kvmalloc() for potentially large allocations

mtdchar_write_ioctl() calls kmalloc() with the 'size' argument set to
the smaller of two values: the write request's data/OOB length provided
by user space and the erase block size of the MTD device.  If the latter
is large, kmalloc() may not be able to serve such allocation requests.
Use kvmalloc() instead.  Correspondingly, replace kfree() calls with
kvfree() calls.

Suggested-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Michał Kępień <kernel@kempniu.pl>
Acked-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Link: https://lore.kernel.org/linux-mtd/20220516070601.11428-3-kernel@kempniu.pl

diff --git a/drivers/mtd/mtdchar.c b/drivers/mtd/mtdchar.c
index b2700f8..0586028 100644 (file)
--- a/drivers/mtd/mtdchar.c
+++ b/drivers/mtd/mtdchar.c
@@ -623,16 +623,16 @@ static int mtdchar_write_ioctl(struct mtd_info *mtd,
 
        datbuf_len = min_t(size_t, req.len, mtd->erasesize);
        if (datbuf_len > 0) {
-               datbuf = kmalloc(datbuf_len, GFP_KERNEL);
+               datbuf = kvmalloc(datbuf_len, GFP_KERNEL);
                if (!datbuf)
                        return -ENOMEM;
        }
 
        oobbuf_len = min_t(size_t, req.ooblen, mtd->erasesize);
        if (oobbuf_len > 0) {
-               oobbuf = kmalloc(oobbuf_len, GFP_KERNEL);
+               oobbuf = kvmalloc(oobbuf_len, GFP_KERNEL);
                if (!oobbuf) {
-                       kfree(datbuf);
+                       kvfree(datbuf);
                        return -ENOMEM;
                }
        }
@@ -682,8 +682,8 @@ static int mtdchar_write_ioctl(struct mtd_info *mtd,
                usr_oob += ops.oobretlen;
        }
 
-       kfree(datbuf);
-       kfree(oobbuf);
+       kvfree(datbuf);
+       kvfree(oobbuf);
 
        return ret;
 }