s390: fix system call exit path

commit ce9dfafe29bed86fe3cda330ac6072ce84e1ff81 upstream.

The system call exit path is running with interrupts enabled while
checking for TIF/PIF/CIF bits which require special handling. If all
bits have been checked interrupts are disabled and the kernel exits to
user space.
The problem is that after checking all bits and before interrupts are
disabled bits can be set already again, due to interrupt handling.

This means that the kernel can exit to user space with some
TIF/PIF/CIF bits set, which should never happen. E.g. TIF_NEED_RESCHED
might be set, which might lead to additional latencies, since that bit
will only be recognized with next exit to user space.

Fix this by checking the corresponding bits only when interrupts are
disabled.

Fixes: 0b0ed657fe00 ("s390: remove critical section cleanup from entry.S")
Cc: <stable@vger.kernel.org> # 5.8
Acked-by: Sven Schnelle <svens@linux.ibm.com>
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/arch/s390/kernel/entry.S b/arch/s390/kernel/entry.S
index 23edf196d3dcf00ec4921d4d8fd3f17ce19afc27..3349750f930ee8cfb2e50caf9c19dac2a825c063 100644 (file)
--- a/arch/s390/kernel/entry.S
+++ b/arch/s390/kernel/entry.S
@@ -422,6 +422,7 @@ ENTRY(system_call)
 #endif
        LOCKDEP_SYS_EXIT
 .Lsysc_tif:
+       DISABLE_INTS
        TSTMSK  __PT_FLAGS(%r11),_PIF_WORK
        jnz     .Lsysc_work
        TSTMSK  __TI_flags(%r12),_TIF_WORK
@@ -446,6 +447,7 @@ ENTRY(system_call)
 # One of the work bits is on. Find out which one.
 #
 .Lsysc_work:
+       ENABLE_INTS
        TSTMSK  __TI_flags(%r12),_TIF_NEED_RESCHED
        jo      .Lsysc_reschedule
        TSTMSK  __PT_FLAGS(%r11),_PIF_SYSCALL_RESTART