summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHeiko Carstens <heiko.carstens@de.ibm.com>2014-04-09 09:42:58 +0200
committerMartin Schwidefsky <schwidefsky@de.ibm.com>2014-04-11 13:53:33 +0200
commitfa255f51c95fd91b4d7bb50a0fdcca18dd47db21 (patch)
treed7fa3a8ca5b9663078f9847411d3a7a2a9c95d7a
parents390: add 31 bit warning message (diff)
downloadlinux-fa255f51c95fd91b4d7bb50a0fdcca18dd47db21.tar.xz
linux-fa255f51c95fd91b4d7bb50a0fdcca18dd47db21.zip
s390/uaccess: fix possible register corruption in strnlen_user_srst()
The whole point of the out-of-line strnlen_user_srst() function was to avoid corruption of register 0 due to register asm assignment. However 'somebody' :) forgot to remove the update_primary_asce() function call, which may clobber register 0 contents. So let's remove that call and also move the size check to the calling function. Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
-rw-r--r--arch/s390/lib/uaccess.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/arch/s390/lib/uaccess.c b/arch/s390/lib/uaccess.c
index 23f866b4c7f1..7416efe8eae4 100644
--- a/arch/s390/lib/uaccess.c
+++ b/arch/s390/lib/uaccess.c
@@ -338,9 +338,6 @@ static inline unsigned long strnlen_user_srst(const char __user *src,
register unsigned long reg0 asm("0") = 0;
unsigned long tmp1, tmp2;
- if (unlikely(!size))
- return 0;
- update_primary_asce(current);
asm volatile(
" la %2,0(%1)\n"
" la %3,0(%0,%1)\n"
@@ -359,6 +356,8 @@ static inline unsigned long strnlen_user_srst(const char __user *src,
unsigned long __strnlen_user(const char __user *src, unsigned long size)
{
+ if (unlikely(!size))
+ return 0;
update_primary_asce(current);
return strnlen_user_srst(src, size);
}