s390/stackleak: Fix __stackleak_poison() inline assembly constraint

The __stackleak_poison() inline assembly comes with a "count" operand where
the "d" constraint is used. "count" is used with the exrl instruction and
"d" means that the compiler may allocate any register from 0 to 15.

If the compiler would allocate register 0 then the exrl instruction would
not or the value of "count" into the executed instruction - resulting in a
stackframe which is only partially poisoned.

Use the correct "a" constraint, which excludes register 0 from register
allocation.

Fixes: 2a405f6bb3a5 ("s390/stackleak: provide fast __stackleak_poison() implementation")
Cc: stable@vger.kernel.org
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
Reviewed-by: Vasily Gorbik <gor@linux.ibm.com>
Link: https://lore.kernel.org/r/20260302133500.1560531-4-hca@linux.ibm.com
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>

diff --git a/arch/s390/include/asm/processor.h b/arch/s390/include/asm/processor.h
index cc187afa07b3145eff0d9ce4e1be18f1aad045c9..78195ee5e99f68deece8cfa0723625f4e7f35d66 100644 (file)
--- a/arch/s390/include/asm/processor.h
+++ b/arch/s390/include/asm/processor.h
@@ -159,7 +159,7 @@ static __always_inline void __stackleak_poison(unsigned long erase_low,
                "       j       4f\n"
                "3:     mvc     8(1,%[addr]),0(%[addr])\n"
                "4:"
-               : [addr] "+&a" (erase_low), [count] "+&d" (count), [tmp] "=&a" (tmp)
+               : [addr] "+&a" (erase_low), [count] "+&a" (count), [tmp] "=&a" (tmp)
                : [poison] "d" (poison)
                : "memory", "cc"
                );