From: Greg Kroah-Hartman Date: Sun, 29 Mar 2026 13:51:45 +0000 (+0200) Subject: 6.6-stable patches X-Git-Tag: v6.6.131~49 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3a56aaca91421d5b98e34106628451ba709d77fd;p=thirdparty%2Fkernel%2Fstable-queue.git 6.6-stable patches added patches: s390-entry-scrub-r12-register-on-kernel-entry.patch --- diff --git a/queue-6.6/s390-entry-scrub-r12-register-on-kernel-entry.patch b/queue-6.6/s390-entry-scrub-r12-register-on-kernel-entry.patch new file mode 100644 index 0000000000..7f5a278dfd --- /dev/null +++ b/queue-6.6/s390-entry-scrub-r12-register-on-kernel-entry.patch @@ -0,0 +1,62 @@ +From 0738d395aab8fae3b5a3ad3fc640630c91693c27 Mon Sep 17 00:00:00 2001 +From: Vasily Gorbik +Date: Thu, 26 Mar 2026 19:50:14 +0100 +Subject: s390/entry: Scrub r12 register on kernel entry + +From: Vasily Gorbik + +commit 0738d395aab8fae3b5a3ad3fc640630c91693c27 upstream. + +Before commit f33f2d4c7c80 ("s390/bp: remove TIF_ISOLATE_BP"), +all entry handlers loaded r12 with the current task pointer +(lg %r12,__LC_CURRENT) for use by the BPENTER/BPEXIT macros. That +commit removed TIF_ISOLATE_BP, dropping both the branch prediction +macros and the r12 load, but did not add r12 to the register clearing +sequence. + +Add the missing xgr %r12,%r12 to make the register scrub consistent +across all entry points. + +Fixes: f33f2d4c7c80 ("s390/bp: remove TIF_ISOLATE_BP") +Cc: stable@kernel.org +Reviewed-by: Ilya Leoshkevich +Signed-off-by: Vasily Gorbik +Signed-off-by: Greg Kroah-Hartman +--- + arch/s390/kernel/entry.S | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/arch/s390/kernel/entry.S ++++ b/arch/s390/kernel/entry.S +@@ -300,6 +300,7 @@ SYM_CODE_START(system_call) + xgr %r9,%r9 + xgr %r10,%r10 + xgr %r11,%r11 ++ xgr %r12,%r12 + la %r2,STACK_FRAME_OVERHEAD(%r15) # pointer to pt_regs + mvc __PT_R8(64,%r2),__LC_SAVE_AREA_SYNC + MBEAR %r2 +@@ -378,6 +379,7 @@ SYM_CODE_START(pgm_check_handler) + xgr %r5,%r5 + xgr %r6,%r6 + xgr %r7,%r7 ++ xgr %r12,%r12 + lgr %r2,%r11 + brasl %r14,__do_pgm_check + tmhh %r8,0x0001 # returning to user space? +@@ -439,6 +441,7 @@ SYM_CODE_START(\name) + xgr %r6,%r6 + xgr %r7,%r7 + xgr %r10,%r10 ++ xgr %r12,%r12 + xc __PT_FLAGS(8,%r11),__PT_FLAGS(%r11) + mvc __PT_R8(64,%r11),__LC_SAVE_AREA_ASYNC + MBEAR %r11 +@@ -547,6 +550,7 @@ SYM_CODE_START(mcck_int_handler) + xgr %r6,%r6 + xgr %r7,%r7 + xgr %r10,%r10 ++ xgr %r12,%r12 + mvc __PT_R8(64,%r11),0(%r14) + stmg %r8,%r9,__PT_PSW(%r11) + xc __PT_FLAGS(8,%r11),__PT_FLAGS(%r11) diff --git a/queue-6.6/series b/queue-6.6/series index 8295512ee2..2c99d32fcc 100644 --- a/queue-6.6/series +++ b/queue-6.6/series @@ -112,3 +112,4 @@ hwmon-peci-cputemp-fix-crit_hyst-returning-delta-instead-of-absolute-temperature hwmon-peci-cputemp-fix-off-by-one-in-cputemp_is_visible.patch media-mc-v4l2-serialize-reinit-and-reqbufs-with-req_queue_mutex.patch virtio_net-fix-uaf-on-dst_ops-when-iff_xmit_dst_release-is-cleared-and-napi_tx-is-false.patch +s390-entry-scrub-r12-register-on-kernel-entry.patch