Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp4819745ybl; Wed, 22 Jan 2020 05:22:09 -0800 (PST) X-Google-Smtp-Source: APXvYqx0ssZCrzCmf9BdPoGGQdt+KzAXQBfNzIssUQuT4dftR999AB7Fm+QAtk5j+NH2CSVmm/9Y X-Received: by 2002:a9d:6d81:: with SMTP id x1mr7767615otp.9.1579699329252; Wed, 22 Jan 2020 05:22:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1579699329; cv=none; d=google.com; s=arc-20160816; b=vtihiDROkWUe9TgvmHOkWsmO7BVUhgEmEVJ3hOlCyaxnq3KlCSn9NLcLJGwblNGdEQ oTNl+D2ci2q2qvWiHGXFDwFWtM59HlouDWDH8gGvfs2o9R7kYUcjwcJJRkSgp3R4W9Ab oDiqV/vApRIZcyTZZWM2qy4tUewkHPm7RZSnfspP4nv79iBHqL4LY3ZFvmhxVWO+W8rt N+HqCTOYXVOi8XrrhUOTlpfSx+d7o6nsxfdqrYS73Q8OeGSHUxGbLe4zU5DghVNecQao Z+YOvopxyEbDo1BPxSGeonz6xg3dZEKhd3SxWYDbHxDhbjJmTVUJlg1gx3jKwEiJ1ZBL c0VQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=QLHF+n/WOi4zCdcYqCREp0yqwiniGupPhRCGq+ezPLk=; b=DwwfriucfgOya9h06Ja3VZwmAYiEySQUddUp0kWSeCg/Sj9a0X9+GatuOmwpp4nBnR TUOo09lff07+P4qZeBaHvP5gd6ErRCOECXfnB3hKe850XnNq1mHe/RMFWMNJzYzG7aan HHLOtYZFQGPPiW7wt/d26m/GcXyxHsUo0pxmFiL7xOCUgqEwY4u9/nHBw9P2FFJoh+Qm 1Cz4CUObfbzC72+eDvn13OAWyKcbJzotkPBhEOilaExfea6w0kkL35yDfMlRisXPlkUw OdOe9680QUgkFRERoYMAR/skEfkJNdC80/o9nCSv0Hr1Y8Wx+C+YXZ+vWb1U2TDGm7VK boog== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Co6CFDZn; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p14si23931784ota.71.2020.01.22.05.21.57; Wed, 22 Jan 2020 05:22:09 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Co6CFDZn; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726219AbgAVNUX (ORCPT + 99 others); Wed, 22 Jan 2020 08:20:23 -0500 Received: from mail.kernel.org ([198.145.29.99]:36536 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729947AbgAVNUV (ORCPT ); Wed, 22 Jan 2020 08:20:21 -0500 Received: from localhost (unknown [84.241.205.26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id D4CB524125; Wed, 22 Jan 2020 13:20:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1579699220; bh=qYTjOtVB/6GImYvCpgBxWMCVtpws3TOB59bPhO6gvoY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Co6CFDZnmUAyiX3BH6UVyTmc+vR6Q0rTSwRVbt3jBTH8b60kahaFxwyaD91K1wbcS fdHtXzfoHRa0wcRkewwEIpro0L16RO4Aa/u0sVuiQ/+rBIfV7jo63YEoD6oJOSzkJo AGI4dBNtVyVhnRa/KH2OruWN9Uk4uHgRLwPNcjZ8= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, "Martin K. Petersen" , Ming Lei , Mikulas Patocka , Jens Axboe Subject: [PATCH 5.4 031/222] block: fix an integer overflow in logical block size Date: Wed, 22 Jan 2020 10:26:57 +0100 Message-Id: <20200122092835.700575757@linuxfoundation.org> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200122092833.339495161@linuxfoundation.org> References: <20200122092833.339495161@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Mikulas Patocka commit ad6bf88a6c19a39fb3b0045d78ea880325dfcf15 upstream. Logical block size has type unsigned short. That means that it can be at most 32768. However, there are architectures that can run with 64k pages (for example arm64) and on these architectures, it may be possible to create block devices with 64k block size. For exmaple (run this on an architecture with 64k pages): Mount will fail with this error because it tries to read the superblock using 2-sector access: device-mapper: writecache: I/O is not aligned, sector 2, size 1024, block size 65536 EXT4-fs (dm-0): unable to read superblock This patch changes the logical block size from unsigned short to unsigned int to avoid the overflow. Cc: stable@vger.kernel.org Reviewed-by: Martin K. Petersen Reviewed-by: Ming Lei Signed-off-by: Mikulas Patocka Signed-off-by: Jens Axboe Signed-off-by: Greg Kroah-Hartman --- block/blk-settings.c | 2 +- drivers/md/dm-snap-persistent.c | 2 +- drivers/md/raid0.c | 2 +- include/linux/blkdev.h | 8 ++++---- 4 files changed, 7 insertions(+), 7 deletions(-) --- a/block/blk-settings.c +++ b/block/blk-settings.c @@ -328,7 +328,7 @@ EXPORT_SYMBOL(blk_queue_max_segment_size * storage device can address. The default of 512 covers most * hardware. **/ -void blk_queue_logical_block_size(struct request_queue *q, unsigned short size) +void blk_queue_logical_block_size(struct request_queue *q, unsigned int size) { q->limits.logical_block_size = size; --- a/drivers/md/dm-snap-persistent.c +++ b/drivers/md/dm-snap-persistent.c @@ -17,7 +17,7 @@ #include #define DM_MSG_PREFIX "persistent snapshot" -#define DM_CHUNK_SIZE_DEFAULT_SECTORS 32 /* 16KB */ +#define DM_CHUNK_SIZE_DEFAULT_SECTORS 32U /* 16KB */ #define DM_PREFETCH_CHUNKS 12 --- a/drivers/md/raid0.c +++ b/drivers/md/raid0.c @@ -87,7 +87,7 @@ static int create_strip_zones(struct mdd char b[BDEVNAME_SIZE]; char b2[BDEVNAME_SIZE]; struct r0conf *conf = kzalloc(sizeof(*conf), GFP_KERNEL); - unsigned short blksize = 512; + unsigned blksize = 512; *private_conf = ERR_PTR(-ENOMEM); if (!conf) --- a/include/linux/blkdev.h +++ b/include/linux/blkdev.h @@ -328,6 +328,7 @@ struct queue_limits { unsigned int max_sectors; unsigned int max_segment_size; unsigned int physical_block_size; + unsigned int logical_block_size; unsigned int alignment_offset; unsigned int io_min; unsigned int io_opt; @@ -338,7 +339,6 @@ struct queue_limits { unsigned int discard_granularity; unsigned int discard_alignment; - unsigned short logical_block_size; unsigned short max_segments; unsigned short max_integrity_segments; unsigned short max_discard_segments; @@ -1080,7 +1080,7 @@ extern void blk_queue_max_write_same_sec unsigned int max_write_same_sectors); extern void blk_queue_max_write_zeroes_sectors(struct request_queue *q, unsigned int max_write_same_sectors); -extern void blk_queue_logical_block_size(struct request_queue *, unsigned short); +extern void blk_queue_logical_block_size(struct request_queue *, unsigned int); extern void blk_queue_physical_block_size(struct request_queue *, unsigned int); extern void blk_queue_alignment_offset(struct request_queue *q, unsigned int alignment); @@ -1294,7 +1294,7 @@ static inline unsigned int queue_max_seg return q->limits.max_segment_size; } -static inline unsigned short queue_logical_block_size(const struct request_queue *q) +static inline unsigned queue_logical_block_size(const struct request_queue *q) { int retval = 512; @@ -1304,7 +1304,7 @@ static inline unsigned short queue_logic return retval; } -static inline unsigned short bdev_logical_block_size(struct block_device *bdev) +static inline unsigned int bdev_logical_block_size(struct block_device *bdev) { return queue_logical_block_size(bdev_get_queue(bdev)); }