From: NeilBrown <neilb@suse.de>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: linux-raid@vger.kernel.org, linux-kernel@vger.kernel.org,
Jeff Zheng <Jeff.Zheng@endace.com>, Neil Brown <neilb@suse.de>,
stable@kernel.org
Subject: [PATCH 001 of 7] md: Avoid overflow in raid0 calculation with large components.
Date: Mon, 21 May 2007 11:33:03 +1000 [thread overview]
Message-ID: <1070521013303.6655@suse.de> (raw)
In-Reply-To: 20070521111837.20906.patches@notabene
If a raid0 has a component device larger than 4TB, and is accessed on
a 32bit machines, then as 'chunk' is unsigned lock,
chunk << chunksize_bits
can overflow (this can be as high as the size of the device in KB).
chunk itself will not overflow (without triggering a BUG).
So change 'chunk' to be 'sector_t, and get rid of the 'BUG' as it becomes
impossible to hit.
Cc: "Jeff Zheng" <Jeff.Zheng@endace.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Cc: stable@kernel.org
### Diffstat output
./drivers/md/raid0.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff .prev/drivers/md/raid0.c ./drivers/md/raid0.c
--- .prev/drivers/md/raid0.c 2007-05-18 11:48:57.000000000 +1000
+++ ./drivers/md/raid0.c 2007-05-18 11:48:57.000000000 +1000
@@ -415,7 +415,7 @@ static int raid0_make_request (request_q
raid0_conf_t *conf = mddev_to_conf(mddev);
struct strip_zone *zone;
mdk_rdev_t *tmp_dev;
- unsigned long chunk;
+ sector_t chunk;
sector_t block, rsect;
const int rw = bio_data_dir(bio);
@@ -470,7 +470,6 @@ static int raid0_make_request (request_q
sector_div(x, zone->nb_dev);
chunk = x;
- BUG_ON(x != (sector_t)chunk);
x = block >> chunksize_bits;
tmp_dev = zone->dev[sector_div(x, zone->nb_dev)];
WARNING: multiple messages have this Message-ID (diff)
From: NeilBrown <neilb@suse.de>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: linux-raid@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: "Jeff Zheng" <Jeff.Zheng@endace.com>
Cc: Neil Brown <neilb@suse.de>
Cc: stable@kernel.org
Subject: [PATCH 001 of 7] md: Avoid overflow in raid0 calculation with large components.
Date: Mon, 21 May 2007 11:33:03 +1000 [thread overview]
Message-ID: <1070521013303.6655@suse.de> (raw)
In-Reply-To: 20070521111837.20906.patches@notabene
If a raid0 has a component device larger than 4TB, and is accessed on
a 32bit machines, then as 'chunk' is unsigned lock,
chunk << chunksize_bits
can overflow (this can be as high as the size of the device in KB).
chunk itself will not overflow (without triggering a BUG).
So change 'chunk' to be 'sector_t, and get rid of the 'BUG' as it becomes
impossible to hit.
Cc: "Jeff Zheng" <Jeff.Zheng@endace.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Cc: stable@kernel.org
### Diffstat output
./drivers/md/raid0.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff .prev/drivers/md/raid0.c ./drivers/md/raid0.c
--- .prev/drivers/md/raid0.c 2007-05-18 11:48:57.000000000 +1000
+++ ./drivers/md/raid0.c 2007-05-18 11:48:57.000000000 +1000
@@ -415,7 +415,7 @@ static int raid0_make_request (request_q
raid0_conf_t *conf = mddev_to_conf(mddev);
struct strip_zone *zone;
mdk_rdev_t *tmp_dev;
- unsigned long chunk;
+ sector_t chunk;
sector_t block, rsect;
const int rw = bio_data_dir(bio);
@@ -470,7 +470,6 @@ static int raid0_make_request (request_q
sector_div(x, zone->nb_dev);
chunk = x;
- BUG_ON(x != (sector_t)chunk);
x = block >> chunksize_bits;
tmp_dev = zone->dev[sector_div(x, zone->nb_dev)];
next prev parent reply other threads:[~2007-05-21 1:33 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-05-21 1:32 [PATCH 000 of 7] md: Introduction EXPLAIN PATCH SET HERE NeilBrown
2007-05-21 1:32 ` NeilBrown
2007-05-21 1:33 ` NeilBrown [this message]
2007-05-21 1:33 ` [PATCH 001 of 7] md: Avoid overflow in raid0 calculation with large components NeilBrown
2007-05-21 1:33 ` [PATCH 002 of 7] md: Don't write more than is required of the last page of a bitmap NeilBrown
2007-05-21 1:33 ` NeilBrown
2007-05-21 1:33 ` [PATCH 003 of 7] md: Fix bug with linear hot-add and elsewhere NeilBrown
2007-05-21 1:33 ` NeilBrown
2007-05-21 1:33 ` [PATCH 004 of 7] md: Improve message about invalid superblock during autodetect NeilBrown
2007-05-21 1:33 ` NeilBrown
2007-05-21 1:33 ` [PATCH 005 of 7] md: Improve the is_mddev_idle test fix NeilBrown
2007-05-21 1:33 ` NeilBrown
2007-05-21 1:33 ` [PATCH 006 of 7] md: Check that internal bitmap does not overlap other data NeilBrown
2007-05-21 1:33 ` NeilBrown
2007-05-21 1:33 ` [PATCH 007 of 7] md: Change bitmap_unplug and others to void functions NeilBrown
2007-05-21 1:33 ` NeilBrown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1070521013303.6655@suse.de \
--to=neilb@suse.de \
--cc=Jeff.Zheng@endace.com \
--cc=akpm@linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-raid@vger.kernel.org \
--cc=stable@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.