[PATCH v4 4/8] arm64: uaccess: Add additional userspace GCS accessors
Mark Brown
broonie at kernel.org
Thu Jul 24 10:01:36 PDT 2025
On Thu, Jul 24, 2025 at 06:14:42AM +0100, Catalin Marinas wrote:
> On Wed, Jul 23, 2025 at 12:14:17PM -0500, Jeremy Linton wrote:
> > Hence the comment to remind people that this routine isn't assuring the page
> > is correctly marked.
> I think the comment on the load function doesn't make much difference
> since LDR is permitted on an GCS page anyway. It's the pop function that
> we actually emulate without proper GCS instructions that's more
> problematic and won't be checked against actual GCS permissions.
This is used in the emulation of RET where it results in a similar lack
of a permission check - that does:
+ if (task_gcs_el0_enabled(current)) {
+ gcspr = read_sysreg_s(SYS_GCSPR_EL0);
+ gcs_ret_vaddr = load_user_gcs((unsigned long __user *)gcspr, &err);
When implemented by the hardware we would generate a fault if the
address we're loading from is not in a page with GCS permissions. The
issue isn't that userspace wouldn't be permitted to read the value, the
issue is that we are not checking that the value is being read from a
page with GCS permissions.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/linux-arm-kernel/attachments/20250724/eb1ed5ff/attachment.sig>
More information about the linux-arm-kernel
mailing list