On Wed, Apr 02, 2025 at 05:07:00PM -0700, Peter Collingbourne wrote: > From: Vincenzo Frascino <[email protected]> > > When we invoke strscpy() with a maximum size of N bytes, it assumes > that: > - It can always read N bytes from the source. > - It always write N bytes (zero-padded) to the destination. > > On aarch64 with Memory Tagging Extension enabled if we pass an N that is > bigger then the source buffer, it would previously trigger an MTE fault. > > Implement a KASAN KUnit test that triggers the issue with the previous > implementation of read_word_at_a_time() on aarch64 with MTE enabled. > > Cc: Will Deacon <[email protected]> > Signed-off-by: Vincenzo Frascino <[email protected]> > Signed-off-by: Catalin Marinas <[email protected]> > Co-developed-by: Peter Collingbourne <[email protected]> > Signed-off-by: Peter Collingbourne <[email protected]> > Reviewed-by: Andrey Konovalov <[email protected]> > Link: > https://linux-review.googlesource.com/id/If88e396b9e7c058c1a4b5a252274120e77b1898a
Reviewed-by: Catalin Marinas <[email protected]>
