From: NeilBrown Date: Wed, 23 May 2007 20:58:09 +0000 (-0700) Subject: md: avoid overflow in raid0 calculation with large components X-Git-Tag: firefly_0821_release~28911 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=787f17feb204ed1c6331892fb8124b80dc9fe288;p=firefly-linux-kernel-4.4.55.git md: avoid overflow in raid0 calculation with large components If a raid0 has a component device larger than 4TB, and is accessed on a 32bit machines, then as 'chunk' is unsigned long, chunk << chunksize_bits can overflow (this can be as high as the size of the device in KB). chunk itself will not overflow (without triggering a BUG). So change 'chunk' to be 'sector_t, and get rid of the 'BUG' as it becomes impossible to hit. Cc: "Jeff Zheng" Signed-off-by: Neil Brown Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/drivers/md/raid0.c b/drivers/md/raid0.c index dfe32149ad3a..2c404f73a377 100644 --- a/drivers/md/raid0.c +++ b/drivers/md/raid0.c @@ -415,7 +415,7 @@ static int raid0_make_request (request_queue_t *q, struct bio *bio) raid0_conf_t *conf = mddev_to_conf(mddev); struct strip_zone *zone; mdk_rdev_t *tmp_dev; - unsigned long chunk; + sector_t chunk; sector_t block, rsect; const int rw = bio_data_dir(bio); @@ -470,7 +470,6 @@ static int raid0_make_request (request_queue_t *q, struct bio *bio) sector_div(x, zone->nb_dev); chunk = x; - BUG_ON(x != (sector_t)chunk); x = block >> chunksize_bits; tmp_dev = zone->dev[sector_div(x, zone->nb_dev)];