[SRU][K][J][F][B][PATCH 0/1] kernel: fix __clear_user() inline assembly constraints (LP: 2013088)

Tue Apr 4 09:10:47 UTC 2023

BugLink: https://bugs.launchpad.net/bugs/2013088

SRU Justification:

[ Impact ] 

 * In case clear_user() crosses two pages and faults on the second page the
   kernel may write lowcore contents to the first page, instead of
   clearing it.

 * The __clear_user() inline assembly misses earlyclobber constraint
   modifiers. Depending on compiler and compiler options this may lead to
   incorrect code which copies kernel lowcore contents to user space instead
   of clearing memory, in case clear_user() faults.

[Fix]

 * For Kinetic and Jammy cherrypick of
   89aba4c26fae 89aba4c26fae4e459f755a18912845c348ee48f3
   "s390/uaccess: add missing earlyclobber annotations to __clear_user()"

 * For Focal and Bionic a backport of the above commit is needed:
   https://launchpadlibrarian.net/659551648/s390-uaccess.patch

[ Test Plan ]

 * A test program in C is needed and used for testing.

 * The test will be done by IBM.

[ Where problems could occur ]

 * The modification is limited to function 'long __clear_user'.

 * And there, just to one inline assembly constraints line.

 * This is usually difficult to trace.

 * A erroneous modification may lead to a wrong behavior in
   'long __clear_user',

 * and maybe returning a wrong size (in uaccess.c).

[ Other ]

 * This affects all Ubuntu releases in service, down to 18.04.

 * Since we are close to 23.04 kernel freeze, I submit a patch request for
   23.04 separately, and submit the SRU request for the all other
   Ubuntu releases later.

Heiko Carstens (1):
  s390/uaccess: add missing earlyclobber annotations to __clear_user()

 arch/s390/lib/uaccess.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.25.1