A zone ID is a 32 bits unsigned int which can overflow when doing the
bit shifts calculations in dmz_start_sect(). With a 256 MB zone size
drive, the overflow happens for a zone ID >= 8192.
Fix this by casting the zone ID to a sector_t before doing the bit
shift. While at it, similarly fix dmz_start_block().
Signed-off-by: Damien Le Moal <damien.lemoal@xxxxxxx>
---
drivers/md/dm-zoned-metadata.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/md/dm-zoned-metadata.c b/drivers/md/dm-zoned-metadata.c
index 4618441c..884ff7c 100644
--- a/drivers/md/dm-zoned-metadata.c
+++ b/drivers/md/dm-zoned-metadata.c
@@ -191,12 +191,12 @@ unsigned int dmz_id(struct dmz_metadata *zmd, struct dm_zone *zone)
sector_t dmz_start_sect(struct dmz_metadata *zmd, struct dm_zone *zone)
{
- return dmz_id(zmd, zone) << zmd->dev->zone_nr_sectors_shift;
+ return (sector_t)dmz_id(zmd, zone) << zmd->dev->zone_nr_sectors_shift;
}
sector_t dmz_start_block(struct dmz_metadata *zmd, struct dm_zone *zone)
{
- return dmz_id(zmd, zone) << zmd->dev->zone_nr_blocks_shift;
+ return (sector_t)dmz_id(zmd, zone) << zmd->dev->zone_nr_blocks_shift;
}
unsigned int dmz_nr_chunks(struct dmz_metadata *zmd)
--
2.9.4
--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel
