From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: Justin Forbes <jmforbes@linuxtx.org>,
Zwane Mwaikambo <zwane@arm.linux.org.uk>,
"Theodore Ts'o" <tytso@mit.edu>,
Randy Dunlap <rdunlap@xenotime.net>,
Dave Jones <davej@redhat.com>,
Chuck Wolber <chuckw@quantumlinux.com>,
Chris Wedgwood <reviews@ml.cw.f00f.org>,
Michael Krufky <mkrufky@linuxtv.org>,
Chuck Ebbert <cebbert@redhat.com>,
Domenico Andreoli <cavokz@gmail.com>, Willy Tarreau <w@1wt.eu>,
Rodrigo Rubira Branco <rbranco@la.checkpoint.com>,
Jake Edge <jake@lwn.net>, Eugene Teo <eteo@redhat.com>,
torvalds@linux-foundation.org, akpm@linux-foundation.org,
alan@lxorguk.ukuu.org.uk, Neil Brown <neilb@suse.de>
Subject: [patch 10/21] md: Dont read past end of bitmap when reading bitmap.
Date: Mon, 12 Jan 2009 17:27:09 -0800 [thread overview]
Message-ID: <20090113012709.GK4512@kroah.com> (raw)
In-Reply-To: <20090113012633.GA4512@kroah.com>
[-- Attachment #1: md-don-t-read-past-end-of-bitmap-when-reading-bitmap.patch --]
[-- Type: text/plain, Size: 2929 bytes --]
2.6.27-stable review patch. If anyone has any objections, please let us know.
------------------
From: NeilBrown <neilb@suse.de>
commit a2ed9615e3222645007fc19991aedf30eed3ecfd upstream.
When we read the write-intent-bitmap off the device, we currently
read a whole number of pages.
When PAGE_SIZE is 4K, this works due to the alignment we enforce
on the superblock and bitmap.
When PAGE_SIZE is 64K, this case read past the end-of-device
which causes an error.
When we write the superblock, we ensure to clip the last page
to just be the required size. Copy that code into the read path
to just read the required number of sectors.
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
drivers/md/bitmap.c | 22 +++++++++++++++++-----
1 file changed, 17 insertions(+), 5 deletions(-)
--- a/drivers/md/bitmap.c
+++ b/drivers/md/bitmap.c
@@ -208,16 +208,19 @@ static void bitmap_checkfree(struct bitm
*/
/* IO operations when bitmap is stored near all superblocks */
-static struct page *read_sb_page(mddev_t *mddev, long offset, unsigned long index)
+static struct page *read_sb_page(mddev_t *mddev, long offset,
+ struct page *page,
+ unsigned long index, int size)
{
/* choose a good rdev and read the page from there */
mdk_rdev_t *rdev;
struct list_head *tmp;
- struct page *page = alloc_page(GFP_KERNEL);
sector_t target;
if (!page)
+ page = alloc_page(GFP_KERNEL);
+ if (!page)
return ERR_PTR(-ENOMEM);
rdev_for_each(rdev, tmp, mddev) {
@@ -227,7 +230,9 @@ static struct page *read_sb_page(mddev_t
target = rdev->sb_start + offset + index * (PAGE_SIZE/512);
- if (sync_page_io(rdev->bdev, target, PAGE_SIZE, page, READ)) {
+ if (sync_page_io(rdev->bdev, target,
+ roundup(size, bdev_hardsect_size(rdev->bdev)),
+ page, READ)) {
page->index = index;
attach_page_buffers(page, NULL); /* so that free_buffer will
* quietly no-op */
@@ -544,7 +549,9 @@ static int bitmap_read_sb(struct bitmap
bitmap->sb_page = read_page(bitmap->file, 0, bitmap, bytes);
} else {
- bitmap->sb_page = read_sb_page(bitmap->mddev, bitmap->offset, 0);
+ bitmap->sb_page = read_sb_page(bitmap->mddev, bitmap->offset,
+ NULL,
+ 0, sizeof(bitmap_super_t));
}
if (IS_ERR(bitmap->sb_page)) {
err = PTR_ERR(bitmap->sb_page);
@@ -957,11 +964,16 @@ static int bitmap_init_from_disk(struct
*/
page = bitmap->sb_page;
offset = sizeof(bitmap_super_t);
+ read_sb_page(bitmap->mddev, bitmap->offset,
+ page,
+ index, count);
} else if (file) {
page = read_page(file, index, bitmap, count);
offset = 0;
} else {
- page = read_sb_page(bitmap->mddev, bitmap->offset, index);
+ page = read_sb_page(bitmap->mddev, bitmap->offset,
+ NULL,
+ index, count);
offset = 0;
}
if (IS_ERR(page)) { /* read error */
next prev parent reply other threads:[~2009-01-13 1:33 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20090113012006.063755472@mini.kroah.org>
2009-01-13 1:26 ` [patch 00/21] 2.6.27-stable review Greg KH
2009-01-13 1:26 ` [patch 01/21] USB: gadget: fix rndis working at high speed Greg KH
2009-01-13 1:26 ` [patch 02/21] usb-storage: update unusual_devs entry for Nokia 5310 Greg KH
2009-01-13 3:15 ` Alan Stern
2009-01-13 1:26 ` [patch 03/21] USB: storage: unusual_devs.h: Nokia 3109c addition Greg KH
2009-01-13 1:26 ` [patch 04/21] USB: Unusual devs patch for Nokia 3500c Greg KH
2009-01-13 1:26 ` [patch 05/21] powerpc: Fix corruption error in rh_alloc_fixed() Greg KH
2009-01-13 1:27 ` [patch 06/21] iwlagn: downgrade BUG_ON in interrupt Greg KH
2009-01-13 1:27 ` [patch 07/21] async_xor: dma_map destination DMA_BIDIRECTIONAL Greg KH
2009-01-13 1:27 ` [patch 08/21] dmaengine: protect id from concurrent registrations Greg KH
2009-01-13 1:27 ` [patch 09/21] ioat: wait for self-test completion Greg KH
2009-01-13 1:27 ` Greg KH [this message]
2009-01-13 1:27 ` [patch 11/21] ALSA: Fix a Oops bug in omap soc driver Greg KH
2009-01-13 1:27 ` [patch 12/21] SCSI: ibmvstgt: move crq_queue_create to the end of initialization Greg KH
2009-01-13 1:27 ` [patch 13/21] SCSI: aacraid: disable Dell Percraid quirk on Adaptec 2200S and 2120S Greg KH
2009-01-13 1:27 ` [patch 14/21] cciss: fix problem that deleting multiple logical drives could cause a panic Greg KH
2009-01-13 1:27 ` [patch 15/21] ALSA: hda - Add missing terminators in patch_sigmatel.c Greg KH
2009-01-13 1:27 ` [patch 16/21] parisc: disable UP-optimized flush_tlb_mm Greg KH
2009-01-13 1:27 ` [patch 17/21] drivers/net: starfire: Fix napi ->poll() weight handling Greg KH
2009-01-13 1:27 ` [patch 18/21] AMD IOMMU: reset command buffer pointers manually Greg KH
2009-01-13 1:27 ` [patch 19/21] AMD IOMMU: allocate rlookup_table with __GFP_ZERO Greg KH
2009-01-13 1:27 ` [patch 20/21] AMD IOMMU: initialize phys_addr correctly in iommu_page_map Greg KH
2009-01-13 1:27 ` [patch 21/21] AMD IOMMU: fix wrong loop counter in free_pagetables Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090113012709.GK4512@kroah.com \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=cavokz@gmail.com \
--cc=cebbert@redhat.com \
--cc=chuckw@quantumlinux.com \
--cc=davej@redhat.com \
--cc=eteo@redhat.com \
--cc=jake@lwn.net \
--cc=jmforbes@linuxtx.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mkrufky@linuxtv.org \
--cc=neilb@suse.de \
--cc=rbranco@la.checkpoint.com \
--cc=rdunlap@xenotime.net \
--cc=reviews@ml.cw.f00f.org \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=w@1wt.eu \
--cc=zwane@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox