[patch 01/30] S390: user readable uninitialised kernel memory, take 2.

[Chris Wright]

-stable review patch.  If anyone has any objections, please let us know.
------------------

From: Martin Schwidefsky <schwidefsky@xxxxxxxxxx>

The previous patch to correct the copy_from_user padding is quite
broken. The execute instruction needs to be done via the register %r4,
not via %r2 and 31 bit doesn't know the instructions lgr and ahji.

Signed-off-by: Martin Schwidefsky <schwidefsky@xxxxxxxxxx>
Signed-off-by: Chris Wright <chrisw@xxxxxxxxxxxx>
---
 arch/s390/lib/uaccess.S   |   10 +++++-----
 arch/s390/lib/uaccess64.S |    2 +-
 2 files changed, 6 insertions(+), 6 deletions(-)

--- linux-2.6.18.2.orig/arch/s390/lib/uaccess64.S
+++ linux-2.6.18.2/arch/s390/lib/uaccess64.S
@@ -49,7 +49,7 @@ __copy_from_user_asm:
 	la	%r2,256(%r2)
 8:	aghi	%r5,-256
 	jnm	7b
-	ex	%r5,0(%r2)
+	ex	%r5,0(%r4)
 9:	lgr	%r2,%r3
 	br	%r14
         .section __ex_table,"a"
--- linux-2.6.18.2.orig/arch/s390/lib/uaccess.S
+++ linux-2.6.18.2/arch/s390/lib/uaccess.S
@@ -41,15 +41,15 @@ __copy_from_user_asm:
 5:	mvcp	0(%r5,%r2),0(%r4),%r0
 	slr	%r3,%r5
 	alr	%r2,%r5
-6:	lgr	%r5,%r3		# copy remaining size
+6:	lr	%r5,%r3		# copy remaining size
 	ahi	%r5,-1		# subtract 1 for xc loop
 	bras	%r4,8f
-	xc	0(1,%2),0(%2)
-7:	xc	0(256,%2),0(%2)
+	xc	0(1,%r2),0(%r2)
+7:	xc	0(256,%r2),0(%r2)
 	la	%r2,256(%r2)
-8:	ahji	%r5,-256
+8:	ahi	%r5,-256
 	jnm	7b
-	ex	%r5,0(%r2)
+	ex	%r5,0(%r4)
 9:	lr	%r2,%r3
 	br	%r14
         .section __ex_table,"a"

--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/