DEBIAN-CVE-2025-38434

In the Linux kernel, the following vulnerability has been resolved: Revert "riscv: Define TASKSIZEMAX for _accessok()" This reverts commit ad5643cf2f69 ("riscv: Define TASKSIZEMAX for _accessok()"). This commit changes TASKSIZEMAX to be LONGMAX to optimize accessok(), because the previous TASKSIZEMAX (default to TASKSIZE) requires some computation. The reasoning was that all user addresses are less than LONGMAX, and all kernel addresses are greater than LONGMAX. Therefore accessok() can filter kernel addresses. Addresses between TASKSIZE and LONGMAX are not valid user addresses, but accessok() let them pass. That was thought to be okay, because they are not valid addresses at hardware level. Unfortunately, one case is missed: getuserpagesfast() happily accepts addresses between TASKSIZE and LONGMAX. futex(), for instance, uses getuserpagesfast(). This causes the problem reported by Robert [1]. Therefore, revert this commit. TASKSIZEMAX is changed to the default: TASKSIZE. This unfortunately reduces performance, because TASKSIZE is more expensive to compute compared to LONGMAX. But correctness first, we can think about optimization later, if required.