Commit fa255f51 authored Apr 09, 2014 by Heiko Carstens Committed by Martin Schwidefsky Apr 11, 2014

s390/uaccess: fix possible register corruption in strnlen_user_srst()



The whole point of the out-of-line strnlen_user_srst() function was to
avoid corruption of register 0 due to register asm assignment.
However 'somebody' :) forgot to remove the update_primary_asce() function
call, which may clobber register 0 contents.
So let's remove that call and also move the size check to the calling
function.

Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>

parent a960062e

arch/s390/lib/uaccess.c

+2 −3

Original line number	Diff line number	Diff line
		@@ -338,9 +338,6 @@ static inline unsigned long strnlen_user_srst(const char __user *src,
		register unsigned long reg0 asm("0") = 0;
		unsigned long tmp1, tmp2;

		if (unlikely(!size))
		return 0;
		update_primary_asce(current);
		asm volatile(
		" la %2,0(%1)\n"
		" la %3,0(%0,%1)\n"
		@@ -359,6 +356,8 @@ static inline unsigned long strnlen_user_srst(const char __user *src,

		unsigned long __strnlen_user(const char __user *src, unsigned long size)
		{
		if (unlikely(!size))
		return 0;
		update_primary_asce(current);
		return strnlen_user_srst(src, size);
		}