summaryrefslogtreecommitdiffstats
path: root/drivers/md/raid0.c
diff options
context:
space:
mode:
authorNeilBrown <neilb@suse.de>2007-05-23 13:58:09 -0700
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-05-23 20:14:14 -0700
commit787f17feb204ed1c6331892fb8124b80dc9fe288 (patch)
treef4403f7ba381255e03fd1b01eccd57c57a7976e8 /drivers/md/raid0.c
parent1dbf37e8adf1ab6b82a510d5e69fa676ed9717c4 (diff)
downloadkernel-crypto-787f17feb204ed1c6331892fb8124b80dc9fe288.tar.gz
kernel-crypto-787f17feb204ed1c6331892fb8124b80dc9fe288.tar.xz
kernel-crypto-787f17feb204ed1c6331892fb8124b80dc9fe288.zip
md: avoid overflow in raid0 calculation with large components
If a raid0 has a component device larger than 4TB, and is accessed on a 32bit machines, then as 'chunk' is unsigned long, chunk << chunksize_bits can overflow (this can be as high as the size of the device in KB). chunk itself will not overflow (without triggering a BUG). So change 'chunk' to be 'sector_t, and get rid of the 'BUG' as it becomes impossible to hit. Cc: "Jeff Zheng" <Jeff.Zheng@endace.com> Signed-off-by: Neil Brown <neilb@suse.de> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'drivers/md/raid0.c')
-rw-r--r--drivers/md/raid0.c3
1 files changed, 1 insertions, 2 deletions
diff --git a/drivers/md/raid0.c b/drivers/md/raid0.c
index dfe32149ad3..2c404f73a37 100644
--- a/drivers/md/raid0.c
+++ b/drivers/md/raid0.c
@@ -415,7 +415,7 @@ static int raid0_make_request (request_queue_t *q, struct bio *bio)
raid0_conf_t *conf = mddev_to_conf(mddev);
struct strip_zone *zone;
mdk_rdev_t *tmp_dev;
- unsigned long chunk;
+ sector_t chunk;
sector_t block, rsect;
const int rw = bio_data_dir(bio);
@@ -470,7 +470,6 @@ static int raid0_make_request (request_queue_t *q, struct bio *bio)
sector_div(x, zone->nb_dev);
chunk = x;
- BUG_ON(x != (sector_t)chunk);
x = block >> chunksize_bits;
tmp_dev = zone->dev[sector_div(x, zone->nb_dev)];