From fa255f51c95fd91b4d7bb50a0fdcca18dd47db21 Mon Sep 17 00:00:00 2001 From: Heiko Carstens Date: Wed, 9 Apr 2014 09:42:58 +0200 Subject: [PATCH] s390/uaccess: fix possible register corruption in strnlen_user_srst() The whole point of the out-of-line strnlen_user_srst() function was to avoid corruption of register 0 due to register asm assignment. However 'somebody' :) forgot to remove the update_primary_asce() function call, which may clobber register 0 contents. So let's remove that call and also move the size check to the calling function. Signed-off-by: Heiko Carstens Signed-off-by: Martin Schwidefsky --- arch/s390/lib/uaccess.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/arch/s390/lib/uaccess.c b/arch/s390/lib/uaccess.c index 23f866b4c7f1..7416efe8eae4 100644 --- a/arch/s390/lib/uaccess.c +++ b/arch/s390/lib/uaccess.c @@ -338,9 +338,6 @@ static inline unsigned long strnlen_user_srst(const char __user *src, register unsigned long reg0 asm("0") = 0; unsigned long tmp1, tmp2; - if (unlikely(!size)) - return 0; - update_primary_asce(current); asm volatile( " la %2,0(%1)\n" " la %3,0(%0,%1)\n" @@ -359,6 +356,8 @@ static inline unsigned long strnlen_user_srst(const char __user *src, unsigned long __strnlen_user(const char __user *src, unsigned long size) { + if (unlikely(!size)) + return 0; update_primary_asce(current); return strnlen_user_srst(src, size); }