[PATCH] S390: user readable uninitialised kernel memory, take 2.

The previous patch to correct the copy_from_user padding is quite
broken. The execute instruction needs to be done via the register %r4,
not via %r2 and 31 bit doesn't know the instructions lgr and ahji.

Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>

2 files changed, 6 insertions, 6 deletions

diff --git a/arch/s390/lib/uaccess.S b/arch/s390/lib/uaccess.S
index 3f5511dd2bc4..90443e742fc7 100644
--- a/arch/s390/lib/uaccess.S
+++ b/arch/s390/lib/uaccess.S
@@ -41,15 +41,15 @@ __copy_from_user_asm:
 5:	mvcp	0(%r5,%r2),0(%r4),%r0
 	slr	%r3,%r5
 	alr	%r2,%r5
-6:	lgr	%r5,%r3		# copy remaining size
+6:	lr	%r5,%r3		# copy remaining size
 	ahi	%r5,-1		# subtract 1 for xc loop
 	bras	%r4,8f
-	xc	0(1,%2),0(%2)
-7:	xc	0(256,%2),0(%2)
+	xc	0(1,%r2),0(%r2)
+7:	xc	0(256,%r2),0(%r2)
 	la	%r2,256(%r2)
-8:	ahji	%r5,-256
+8:	ahi	%r5,-256
 	jnm	7b
-	ex	%r5,0(%r2)
+	ex	%r5,0(%r4)
 9:	lr	%r2,%r3
 	br	%r14
         .section __ex_table,"a"
diff --git a/arch/s390/lib/uaccess64.S b/arch/s390/lib/uaccess64.S
index 9376df013e9c..2d42c7e8c368 100644
--- a/arch/s390/lib/uaccess64.S
+++ b/arch/s390/lib/uaccess64.S
@@ -49,7 +49,7 @@ __copy_from_user_asm:
 	la	%r2,256(%r2)
 8:	aghi	%r5,-256
 	jnm	7b
-	ex	%r5,0(%r2)
+	ex	%r5,0(%r4)
 9:	lgr	%r2,%r3
 	br	%r14
         .section __ex_table,"a"