Received: by 2002:a05:6a10:9e8c:0:0:0:0 with SMTP id y12csp916438pxx; Tue, 27 Oct 2020 03:56:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx3fYpaLk795z6vtg0K75z4mEAB+JW/+cQz9Y6dV5tchIw4FyaX/gKEId6zdL6cwvoQCoeF X-Received: by 2002:a17:906:11d5:: with SMTP id o21mr1816437eja.401.1603796194319; Tue, 27 Oct 2020 03:56:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1603796194; cv=none; d=google.com; s=arc-20160816; b=wXIFAgtchLHdLeuVhAP7y0gI7EIOMwS7DXmkHq4Hg5VfJTlKNPVlBRLU6dt54CIePV KxGHNs4yA9S6yZdIrc6+1jprQI5Nl+D18qpGwuKuxDtTjwdZC/cfMIU68XhMTHwsjn0y +kGwcOpGz/2VcnK1xjeMmEIvL1QKWgGGgSEi0HXN4g/3N8PKh2uRv/1zXupRrNKm0iKt 0jZSSXgeTAZLvhg94f3+MxDzwooLqpS6ju0HpUfrkA+AxtmVpjCgcZQ+mVLxMeuHARER wGC3ymlWybAZbI1URYbe2ibifiEftAq+Wlo8cF/3ZLoNGT/SNBjCWBK4Jr065auMlonq hNxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Y1QKIQXOpzq7kpFHhRpNgRHvOX/oxEs+3jW3P9TRIFw=; b=xLpdsSuSAospTqx/4r1ZxijWtiigoe4VNSj0O/OvIkig6SuEPxiO8aXeHdyFectkzt mk8LvsuCgHO7S/QN+NLqO/r6cFwO7K+M9SuPpY0d5ru5Qv0i8lMnbo+r8hRG3qfJHI4r v/GSVqA38D+ffNoqgpgRZInEyVUehwwqyFDIrergTLuxznrlj7yIlbokpkrSJrQR1tpB GRsWwiHmcnrz7v7TZb/fiqeuw3T94TNNwmp93UvNpCBcBc1PmTQd6pkjByR/5R11pSpw Ny5BBHr1Is6t3aYsM7oZd62GKDbGoiWcA+qA/9xkgJrQkX7NdKKEMPjTIYjZDkNUvPTD c7pQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=gnzWcCiL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z6si678530ejf.587.2020.10.27.03.56.11; Tue, 27 Oct 2020 03:56:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=gnzWcCiL; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2437328AbgJ0ABa (ORCPT + 99 others); Mon, 26 Oct 2020 20:01:30 -0400 Received: from mail.kernel.org ([198.145.29.99]:35780 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2411125AbgJZX4Z (ORCPT ); Mon, 26 Oct 2020 19:56:25 -0400 Received: from sasha-vm.mshome.net (c-73-47-72-35.hsd1.nh.comcast.net [73.47.72.35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 46A0A221FC; Mon, 26 Oct 2020 23:56:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1603756584; bh=Iuz/2JXOYt0ENEVGezaeevDY+PL7lz1Y3OheSHKL4xo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=gnzWcCiLh+8pms//pHEFvyZA9oyOYkovSlgjj73ok1hXcJbYAvNO2JjdMadl0u1EA pXea2lxh8HbZWhTp4Zm/6oTu+slc8UarMrTxq0tJhcUySwryfT17FsjFeXYlXWUL5h kUjboPWX7lm7tocKRTmogi+slqGBtFmoXfyVIngY= From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Zhao Heming , Song Liu , Sasha Levin , linux-raid@vger.kernel.org Subject: [PATCH AUTOSEL 5.4 57/80] md/bitmap: md_bitmap_get_counter returns wrong blocks Date: Mon, 26 Oct 2020 19:54:53 -0400 Message-Id: <20201026235516.1025100-57-sashal@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20201026235516.1025100-1-sashal@kernel.org> References: <20201026235516.1025100-1-sashal@kernel.org> MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Zhao Heming [ Upstream commit d837f7277f56e70d82b3a4a037d744854e62f387 ] md_bitmap_get_counter() has code: ``` if (bitmap->bp[page].hijacked || bitmap->bp[page].map == NULL) csize = ((sector_t)1) << (bitmap->chunkshift + PAGE_COUNTER_SHIFT - 1); ``` The minus 1 is wrong, this branch should report 2048 bits of space. With "-1" action, this only report 1024 bit of space. This bug code returns wrong blocks, but it doesn't inflence bitmap logic: 1. Most callers focus this function return value (the counter of offset), not the parameter blocks. 2. The bug is only triggered when hijacked is true or map is NULL. the hijacked true condition is very rare. the "map == null" only true when array is creating or resizing. 3. Even the caller gets wrong blocks, current code makes caller just to call md_bitmap_get_counter() one more time. Signed-off-by: Zhao Heming Signed-off-by: Song Liu Signed-off-by: Sasha Levin --- drivers/md/md-bitmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/md/md-bitmap.c b/drivers/md/md-bitmap.c index 3ad18246fcb3c..3b6fb1664dbea 100644 --- a/drivers/md/md-bitmap.c +++ b/drivers/md/md-bitmap.c @@ -1372,7 +1372,7 @@ __acquires(bitmap->lock) if (bitmap->bp[page].hijacked || bitmap->bp[page].map == NULL) csize = ((sector_t)1) << (bitmap->chunkshift + - PAGE_COUNTER_SHIFT - 1); + PAGE_COUNTER_SHIFT); else csize = ((sector_t)1) << bitmap->chunkshift; *blocks = csize - (offset & (csize - 1)); -- 2.25.1