diff options
author | Heiko Carstens <heiko.carstens@de.ibm.com> | 2014-04-09 09:42:58 +0200 |
---|---|---|
committer | Martin Schwidefsky <schwidefsky@de.ibm.com> | 2014-04-11 13:53:33 +0200 |
commit | fa255f51c95fd91b4d7bb50a0fdcca18dd47db21 (patch) | |
tree | d7fa3a8ca5b9663078f9847411d3a7a2a9c95d7a | |
parent | s390: add 31 bit warning message (diff) | |
download | linux-fa255f51c95fd91b4d7bb50a0fdcca18dd47db21.tar.xz linux-fa255f51c95fd91b4d7bb50a0fdcca18dd47db21.zip |
s390/uaccess: fix possible register corruption in strnlen_user_srst()
The whole point of the out-of-line strnlen_user_srst() function was to
avoid corruption of register 0 due to register asm assignment.
However 'somebody' :) forgot to remove the update_primary_asce() function
call, which may clobber register 0 contents.
So let's remove that call and also move the size check to the calling
function.
Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
-rw-r--r-- | arch/s390/lib/uaccess.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/arch/s390/lib/uaccess.c b/arch/s390/lib/uaccess.c index 23f866b4c7f1..7416efe8eae4 100644 --- a/arch/s390/lib/uaccess.c +++ b/arch/s390/lib/uaccess.c @@ -338,9 +338,6 @@ static inline unsigned long strnlen_user_srst(const char __user *src, register unsigned long reg0 asm("0") = 0; unsigned long tmp1, tmp2; - if (unlikely(!size)) - return 0; - update_primary_asce(current); asm volatile( " la %2,0(%1)\n" " la %3,0(%0,%1)\n" @@ -359,6 +356,8 @@ static inline unsigned long strnlen_user_srst(const char __user *src, unsigned long __strnlen_user(const char __user *src, unsigned long size) { + if (unlikely(!size)) + return 0; update_primary_asce(current); return strnlen_user_srst(src, size); } |