linux_dsm_epyc7002/drivers
Darrick J. Wong 9471744767 bcache: fix BUG_ON due to integer overflow with GC_SECTORS_USED
The BUG_ON at the end of __bch_btree_mark_key can be triggered due to
an integer overflow error:

BITMASK(GC_SECTORS_USED, struct bucket, gc_mark, 2, 13);
...
SET_GC_SECTORS_USED(g, min_t(unsigned,
	     GC_SECTORS_USED(g) + KEY_SIZE(k),
	     (1 << 14) - 1));
BUG_ON(!GC_SECTORS_USED(g));

In bcache.h, the SECTORS_USED bitfield is defined to be 13 bits wide.
While the SET_ code tries to ensure that the field doesn't overflow by
clamping it to (1<<14)-1 == 16383, this is incorrect because 16383
requires 14 bits.  Therefore, if GC_SECTORS_USED() + KEY_SIZE() =
8192, the SET_ statement tries to store 8192 into a 13-bit field.  In
a 13-bit field, 8192 becomes zero, thus triggering the BUG_ON.

Therefore, create a field width constant and a max value constant, and
use those to create the bitfield and check the inputs to
SET_GC_SECTORS_USED.  Arguably the BITMASK() template ought to have
BUG_ON checks for too-large values, but that's a separate patch.

Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
2014-01-29 13:06:15 -08:00
..
accessibility
acpi Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2013-12-29 13:35:04 -08:00
amba
ata Merge branch 'for-3.13-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata 2013-12-24 09:35:58 -08:00
atm atm: idt77252: fix dev refcnt leak 2013-11-19 15:53:02 -05:00
auxdisplay
base Revert "cpufreq: suspend governors on system suspend/hibernate" 2013-12-08 01:04:17 +01:00
bcma Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-11-13 17:40:34 +09:00
block Merge branch 'for-3.14/core' into for-3.14/drivers 2014-01-08 09:32:45 -07:00
bluetooth
bus Merge branch 'for-linus' of git://git.linaro.org/people/rmk/linux-arm 2013-11-14 08:51:29 +09:00
cdrom drivers/cdrom/gdrom.c: remove deprecated IRQF_DISABLED 2013-12-03 19:22:17 -07:00
char Char/Misc driver fixes for 3.13-rc3 2013-12-08 18:47:25 -08:00
clk mfd: s2mps11: Fix build after regmap field rename in sec-core.c 2013-12-16 11:30:39 +00:00
clocksource clocksource: dw_apb_timer_of: Fix support for dts binding "snps,dw-apb-timer" 2013-12-10 19:49:18 +01:00
connector connector: improved unaligned access error fix 2013-11-14 17:19:20 -05:00
cpufreq cpufreq: Use CONFIG_CPU_FREQ_DEFAULT_* to set initial policy for setpolicy drivers 2013-12-22 00:51:52 +01:00
cpuidle cpuidle: Check for dev before deregistering it. 2013-12-03 22:05:22 +01:00
crypto crypto: talitos - fix aead sglen for case 'dst != src' 2013-11-28 22:25:17 +08:00
dca
devfreq
dio
dma net_dma: mark broken 2013-12-18 12:53:43 -08:00
edac sb_edac: Shut up compiler warning when EDAC_DEBUG is enabled 2013-11-30 12:26:36 +01:00
eisa
extcon extcon: remove freed groups caused the panic or warning in unregister flow 2013-11-26 15:17:23 +09:00
firewire firewire: sbp2: bring back WRITE SAME support 2013-12-15 16:32:32 +01:00
firmware Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2013-12-29 13:35:04 -08:00
fmc
gpio GPIO fixes for the v3.13 development cycle: 2013-12-17 11:47:40 -08:00
gpu Merge tag 'drm-intel-fixes-2013-12-18' of git://people.freedesktop.org/~danvet/drm-intel into drm-fixes 2013-12-23 10:35:57 +10:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2013-12-13 13:21:28 -08:00
hsi
hv
hwmon hwmon fixes for 3.13-rc4 2013-12-12 11:05:19 -08:00
hwspinlock
i2c i2c: imx: Check the return value from clk_prepare_enable() 2013-12-12 22:48:22 +01:00
ide More ACPI and power management updates for 3.13-rc1 2013-11-20 13:25:04 -08:00
idle x86 idle: Repair large-server 50-watt idle-power regression 2013-12-19 11:47:39 -08:00
iio iio:adc:ad7887 Fix channel reported endianness from cpu to big endian 2013-12-17 20:37:14 +00:00
infiniband Last batch of InfiniBand/RDMA changes for 3.13 / 2014: 2013-12-23 17:23:42 -08:00
input Input: adxl34x - Fix bug in definition of ADXL346_2D_ORIENT 2013-12-09 22:23:31 -08:00
iommu iommu/arm-smmu: fix error return code in arm_smmu_device_dt_probe() 2013-12-06 16:44:25 +00:00
ipack
irqchip Renesas ARM based SoC fixes for v3.13 2013-12-20 11:28:30 -08:00
isdn net: rework recvmsg handler msg_name and msg_namelen logic 2013-11-20 21:52:30 -05:00
leds leds: pwm: Fix for deferred probe in DT booted mode 2013-12-02 11:53:17 -08:00
lguest
macintosh powerpc/windfarm: Fix XServe G5 fan control Makefile issue 2013-11-27 11:35:47 +11:00
mailbox
md bcache: fix BUG_ON due to integer overflow with GC_SECTORS_USED 2014-01-29 13:06:15 -08:00
media [media] videobuf2-dma-sg: fix possible memory leak 2013-12-10 05:40:57 -02:00
memory
memstick tree-wide: use reinit_completion instead of INIT_COMPLETION 2013-11-15 09:32:21 +09:00
message block: Kill bio_segments()/bi_vcnt usage 2013-11-23 22:33:51 -08:00
mfd mfd/rtc: s5m: fix register updating by adding regmap for RTC 2013-12-12 18:19:26 -08:00
misc Char/Misc driver fixes for 3.13-rc3 2013-12-08 18:47:25 -08:00
mmc mmc: omap: Fix I2C dependency and make driver usable with device tree 2013-11-26 15:51:16 -08:00
mtd mtd: nand: pxa3xx: Use info->use_dma to release DMA resources 2013-12-12 15:02:04 -08:00
net Merge branch 'fixes-for-3.13' of git://gitorious.org/linux-can/linux-can 2013-12-17 17:21:30 -05:00
nfc
ntb NTB driver bug fixes to address a missed call to pci_enable_msix, 2013-11-26 11:15:12 -08:00
nubus
of Merge branch 'for-linus-dma-masks' of git://git.linaro.org/people/rmk/linux-arm 2013-11-14 07:55:21 +09:00
oprofile
parisc
parport Kconfig cleanups for v3.13 2013-11-15 14:05:15 -08:00
pci Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-12-15 11:56:47 -08:00
pcmcia DeviceTree updates for 3.13. This is a bit larger pull request than 2013-11-12 16:52:17 +09:00
phy phy: kconfig: add depends on "USB_PHY" to OMAP_USB2 and TWL4030_USB 2013-12-10 12:53:30 -08:00
pinctrl Merge branches 'powercap' and 'acpi-lpss' with new device IDs 2013-12-27 00:43:24 +01:00
platform sony-laptop: do not scribble keyboard backlight registers on resume 2013-11-26 13:03:36 +09:00
pnp PNP: fix restoring devices after hibernation 2013-12-05 02:01:55 +01:00
power Highlights: 2013-11-18 15:35:09 -08:00
powercap powercap / RAPL: add support for ValleyView Soc 2013-12-22 01:27:51 +01:00
pps drivers/pps/clients/pps-gpio.c: remove redundant of_match_ptr 2013-11-13 12:09:35 +09:00
ps3
ptp
pwm
rapidio
regulator mfd: s2mps11: Fix build after regmap field rename in sec-core.c 2013-12-16 11:30:39 +00:00
remoteproc
reset
rpmsg
rtc mfd/rtc: s5m: fix register updating by adding regmap for RTC 2013-12-12 18:19:26 -08:00
s390 Linux 3.13-rc6 2013-12-31 09:51:02 -07:00
sbus
scsi Linux 3.13-rc6 2013-12-31 09:51:02 -07:00
sfi
sh
sn
spi Merge remote-tracking branches 'spi/fix/bcm2835', 'spi/fix/bcm63xx', 'spi/fix/mpc512x-psc', 'spi/fix/mxs', 'spi/fix/pxa2xx', 'spi/fix/qspi', 'spi/fix/rspi' and 'spi/fix/txx9' into spi-linus 2013-11-28 11:31:35 +00:00
ssb
staging Linux 3.13-rc6 2013-12-31 09:51:02 -07:00
target Linux 3.13-rc6 2013-12-31 09:51:02 -07:00
tc
thermal Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-11-19 15:50:47 -08:00
tty tty: xuartps: Properly guard sysrq specific code 2013-12-17 16:02:25 -08:00
uio uio: we cannot mmap unaligned page contents 2013-12-02 11:50:37 -08:00
usb usb: ohci-at91: fix irq and iomem resource retrieval 2013-12-17 13:22:36 -08:00
uwb
vfio
vhost Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2013-11-22 10:52:03 -08:00
video Merge branch 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2013-12-09 19:21:39 -08:00
virt
virtio virtio_balloon: update_balloon_size(): update correct field 2013-12-05 13:12:39 +10:30
vlynq
vme
w1 drivers/w1/masters/w1-gpio.c: use dev_get_platdata() 2013-11-15 09:32:21 +09:00
watchdog sc1200_wdt: Fix oops 2013-12-10 08:48:15 +01:00
xen Bug-fixes: 2013-12-20 09:34:54 -08:00
zorro
Kconfig ACPI and power management updates for 3.13-rc1 2013-11-14 13:41:48 +09:00
Makefile ACPI and power management updates for 3.13-rc1 2013-11-14 13:41:48 +09:00