On Tue, Mar 18, 2025 at 03:48:37PM -0500, Jeremy Linton wrote:
> +static inline u64 load_user_gcs(unsigned long __user *addr, int *err)
> +{
> + unsigned long ret;
> + u64 load;
> +
> + if (!access_ok((char __user *)addr, sizeof(load))) {
> + *err = -EFAULT;
> + return 0;
> + }
> +
> + gcsb_dsync();
> + ret = copy_from_user(&load, addr, sizeof(load));
> + if (ret != 0)
> + *err = ret;
> + return load;
> +}A GCS load done by the hardware will verify that we are loading from GCS memory (the accesses are marked as AccessType_GCS in the pseudocode which is then validated in for example S1CheckPermissions()). Sadly there's no equivalent of GCSSTR so we'd need to do the permission check ourselves to match this behaviour.
signature.asc
Description: PGP signature
