linux/drivers/md
John Pittman 45422b704d md/raid10: prevent access of uninitialized resync_pages offset
Due to unneeded multiplication in the out_free_pages portion of
r10buf_pool_alloc(), when using a 3-copy raid10 layout, it is
possible to access a resync_pages offset that has not been
initialized.  This access translates into a crash of the system
within resync_free_pages() while passing a bad pointer to
put_page().  Remove the multiplication, preventing access to the
uninitialized area.

Fixes: f025061836 ("md: raid10: don't use bio's vec table to manage resync pages")
Cc: stable@vger.kernel.org # 4.12+
Signed-off-by: John Pittman <jpittman@redhat.com>
Suggested-by: David Jeffery <djeffery@redhat.com>
Reviewed-by: Laurence Oberman <loberman@redhat.com>
Signed-off-by: Song Liu <songliubraving@fb.com>
2019-11-11 16:47:39 -08:00
..
bcache for-5.4/block-2019-09-16 2019-09-17 16:57:47 -07:00
persistent-data dm space map common: remove check for impossible sm_find_free() return value 2019-08-26 15:39:53 -04:00
dm-bio-prison-v1.c
dm-bio-prison-v1.h
dm-bio-prison-v2.c
dm-bio-prison-v2.h
dm-bio-record.h
dm-bufio.c dm bufio: introduce a global cache replacement 2019-09-13 17:00:21 -04:00
dm-builtin.c
dm-cache-background-tracker.c
dm-cache-background-tracker.h
dm-cache-block-types.h
dm-cache-metadata.c dm cache metadata: Fix loading discard bitset 2019-04-18 16:18:25 -04:00
dm-cache-metadata.h
dm-cache-policy-internal.h
dm-cache-policy-smq.c dm: remove unnecessary unlikely() around WARN_ON_ONCE() 2018-10-16 14:34:59 -04:00
dm-cache-policy.c
dm-cache-policy.h
dm-cache-target.c dm cache: add support for discard passdown to the origin device 2019-03-05 14:53:52 -05:00
dm-clone-metadata.c dm: add clone target 2019-09-12 09:32:31 -04:00
dm-clone-metadata.h dm: add clone target 2019-09-12 09:32:31 -04:00
dm-clone-target.c dm: add clone target 2019-09-12 09:32:31 -04:00
dm-core.h dm: disable DISCARD if the underlying storage no longer supports it 2019-04-04 15:33:59 -04:00
dm-crypt.c dm crypt: omit parsing of the encapsulated cipher 2019-09-03 16:46:16 -04:00
dm-delay.c dm delay: fix a crash when invalid device is specified 2019-04-26 11:29:32 -04:00
dm-dust.c dm dust: use dust block size for badblocklist index 2019-08-21 11:27:17 -04:00
dm-era-target.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
dm-exception-store.c
dm-exception-store.h - Improve DM snapshot target's scalability by using finer grained 2019-05-16 15:55:48 -07:00
dm-flakey.c dm: add zone open, close and finish support 2019-11-07 06:36:08 -07:00
dm-init.c docs: device-mapper: move it to the admin-guide 2019-07-15 11:03:01 -03:00
dm-integrity.c block: centralize PI remapping logic to the block layer 2019-09-17 20:03:49 -06:00
dm-io.c
dm-ioctl.c dm: introduce DM_GET_TARGET_VERSION 2019-09-16 10:18:01 -04:00
dm-kcopyd.c dm kcopyd: always complete failed jobs 2019-08-15 15:57:39 -04:00
dm-linear.c dm: add zone open, close and finish support 2019-11-07 06:36:08 -07:00
dm-log-userspace-base.c
dm-log-userspace-transfer.c
dm-log-userspace-transfer.h
dm-log-writes.c dm log writes: fix incorrect comment about the logged sequence example 2019-07-09 14:13:33 -04:00
dm-log.c
dm-mpath.c dm mpath: always free attached_handler_name in parse_path() 2019-04-30 16:51:30 -04:00
dm-mpath.h
dm-path-selector.c
dm-path-selector.h
dm-queue-length.c
dm-raid1.c dm raid1: use struct_size() with kzalloc() 2019-08-26 11:05:32 -04:00
dm-raid.c dm raid: fix updating of max_discard_sectors limit 2019-09-11 16:18:23 -04:00
dm-region-hash.c
dm-round-robin.c
dm-rq.c block: Delay default elevator initialization 2019-09-05 19:52:34 -06:00
dm-rq.h dm: remove unused _rq_tio_cache and _rq_cache 2019-03-05 14:48:50 -05:00
dm-service-time.c
dm-snap-persistent.c
dm-snap-transient.c
dm-snap.c dm snapshot: fix oversights in optional discard support 2019-07-17 11:12:30 -04:00
dm-stats.c dm stats: use struct_size() helper 2019-09-04 09:39:22 -04:00
dm-stats.h
dm-stripe.c
dm-switch.c dm switch: use struct_size() in kzalloc() 2019-03-05 14:48:51 -05:00
dm-sysfs.c dm: remove legacy request-based IO path 2018-10-11 11:36:09 -04:00
dm-table.c dm: make dm_table_find_target return NULL 2019-08-23 10:13:12 -04:00
dm-target.c dm mpath: fix missing call of path selector type->end_io 2019-04-25 15:38:52 -04:00
dm-thin-metadata.c dm thin metadata: check if in fail_io mode when setting needs_check 2019-07-02 15:50:08 -04:00
dm-thin-metadata.h dm thin: fix passdown_double_checking_shared_status() 2019-01-15 16:10:41 -05:00
dm-thin.c dm thin: add sanity checks to thin-pool and external snapshot creation 2019-03-05 14:53:49 -05:00
dm-uevent.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
dm-uevent.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
dm-unstripe.c dm: Check for device sector overflow if CONFIG_LBDAF is not set 2018-12-18 09:02:26 -05:00
dm-verity-fec.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
dm-verity-fec.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
dm-verity-target.c dm verity: add root hash pkcs#7 signature verification 2019-08-23 10:13:14 -04:00
dm-verity-verify-sig.c dm verity: add root hash pkcs#7 signature verification 2019-08-23 10:13:14 -04:00
dm-verity-verify-sig.h dm verity: add root hash pkcs#7 signature verification 2019-08-23 10:13:14 -04:00
dm-verity.h dm verity: add root hash pkcs#7 signature verification 2019-08-23 10:13:14 -04:00
dm-writecache.c dm writecache: skip writecache_wait for pmem mode 2019-09-05 13:22:05 -04:00
dm-zero.c
dm-zoned-metadata.c block: add zone open, close and finish operations 2019-11-07 06:31:48 -07:00
dm-zoned-reclaim.c dm zoned: fix a few typos 2019-08-15 15:57:43 -04:00
dm-zoned-target.c dm zoned: fix invalid memory access 2019-08-26 10:33:58 -04:00
dm-zoned.h dm zoned: add SPDX license identifiers 2019-08-15 15:57:42 -04:00
dm.c dm: add zone open, close and finish support 2019-11-07 06:36:08 -07:00
dm.h dm: make dm_table_find_target return NULL 2019-08-23 10:13:12 -04:00
Kconfig dm: add clone target 2019-09-12 09:32:31 -04:00
Makefile dm: add clone target 2019-09-12 09:32:31 -04:00
md-bitmap.c md/bitmap: avoid race window between md_bitmap_resize and bitmap_file_clear_bit 2019-10-24 15:22:40 -07:00
md-bitmap.h
md-cluster.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 45 2019-05-24 17:27:12 +02:00
md-cluster.h md-cluster: introduce resync_info_get interface for sanity check 2018-10-18 09:36:35 -07:00
md-faulty.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 47 2019-05-24 17:27:13 +02:00
md-linear.c md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-10-24 15:22:40 -07:00
md-linear.h
md-multipath.c md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-10-24 15:22:40 -07:00
md-multipath.h
md.c md: avoid invalid memory access for array sb->dev_roles 2019-11-11 16:32:22 -08:00
md.h md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-10-24 15:22:40 -07:00
raid0.c md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-10-24 15:22:40 -07:00
raid0.h md/raid0: avoid RAID0 data corruption due to layout confusion. 2019-09-13 13:10:05 -07:00
raid1-10.c md: raid1-10: Unify r{1,10}bio_pool_free 2019-06-15 01:37:35 -06:00
raid1.c md/raid1: avoid soft lockup under high load 2019-11-11 16:32:22 -08:00
raid1.h
raid5-cache.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 288 2019-06-05 17:36:37 +02:00
raid5-log.h raid5: set write hint for PPL 2019-03-12 10:15:18 -07:00
raid5-ppl.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 288 2019-06-05 17:36:37 +02:00
raid5.c md: improve handling of bio with REQ_PREFLUSH in md_flush_request() 2019-10-24 15:22:40 -07:00
raid5.h raid5: use bio_end_sector in r5_next_bio 2019-09-13 13:14:43 -07:00
raid10.c md/raid10: prevent access of uninitialized resync_pages offset 2019-11-11 16:47:39 -08:00
raid10.h