The logic in super_1_load() to check the length of the superblock against (new_)data_offset has the same purpose as the newly-created super_1_sb_length_ok(). The latter is also more complete in that it check for overlap between the superblock write and the bitmap. Signed-off-by: Christopher Unkel <cunkel@xxxxxxxxxxxxxx> --- This series replaces the first patch of the previous series (https://lkml.org/lkml/2020/10/22/1058), with the following changes: 1. Creates a helper function super_1_sb_length_ok(). 2. Fixes operator placement style violation. 3. Covers case in super_1_sync(). 4. Refactors duplicate logic. 5. Covers a case in existing code where aligned superblock could run into bitmap. drivers/md/md.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/drivers/md/md.c b/drivers/md/md.c index 802a9a256fe5..3b7bf14922ac 100644 --- a/drivers/md/md.c +++ b/drivers/md/md.c @@ -1768,13 +1768,8 @@ static int super_1_load(struct md_rdev *rdev, struct md_rdev *refdev, int minor_ atomic_set(&rdev->corrected_errors, le32_to_cpu(sb->cnt_corrected_read)); super_1_set_rdev_sb_size(rdev, le32_to_cpu(sb->max_dev), minor_version); - - if (minor_version - && rdev->data_offset < sb_start + (rdev->sb_size/512)) - return -EINVAL; - if (minor_version - && rdev->new_data_offset < sb_start + (rdev->sb_size/512)) - return -EINVAL; + if (!super_1_sb_length_ok(rdev, minor_version, rdev->sb_size)) + return -EINVAL; if (sb->level == cpu_to_le32(LEVEL_MULTIPATH)) rdev->desc_nr = -1; -- 2.17.1
