MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-10-22 23:13:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

dm-stripe: fix a possible integer overflow

Browse Source 
commit 1071d560afb4c245c2076494226df47db5a35708 upstream.

There's a possible integer overflow in stripe_io_hints if we have too
large chunk size. Test if the overflow happened, and if it did, don't set
limits->io_min and limits->io_opt;

Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
Reviewed-by: John Garry <john.g.garry@oracle.com>
Suggested-by: Dongsheng Yang <dongsheng.yang@linux.dev>
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Mikulas Patocka 2025-08-11 13:17:32 +02:00 committed by Greg Kroah-Hartman
parent cb58eaad22
commit f8f64254bc
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
drivers/md/dm-stripe.c
View File

@ -457,11 +457,15 @@ static void stripe_io_hints(struct dm_target *ti,
struct queue_limits *limits)
{
struct stripe_c *sc = ti->private;
unsigned int chunk_size = sc->chunk_size << SECTOR_SHIFT;
unsigned int io_min, io_opt;
limits->chunk_sectors = sc->chunk_size;
limits->io_min = chunk_size;
limits->io_opt = chunk_size * sc->stripes;
if (!check_shl_overflow(sc->chunk_size, SECTOR_SHIFT, &io_min) &&
!check_mul_overflow(io_min, sc->stripes, &io_opt)) {
limits->io_min = io_min;
limits->io_opt = io_opt;
}
}
static struct target_type stripe_target = {