On Wed, Apr 02, 2025 at 05:07:00PM -0700, Peter Collingbourne wrote: > From: Vincenzo Frascino <vincenzo.frascino@xxxxxxx> > > When we invoke strscpy() with a maximum size of N bytes, it assumes > that: > - It can always read N bytes from the source. > - It always write N bytes (zero-padded) to the destination. > > On aarch64 with Memory Tagging Extension enabled if we pass an N that is > bigger then the source buffer, it would previously trigger an MTE fault. > > Implement a KASAN KUnit test that triggers the issue with the previous > implementation of read_word_at_a_time() on aarch64 with MTE enabled. > > Cc: Will Deacon <will@xxxxxxxxxx> > Signed-off-by: Vincenzo Frascino <vincenzo.frascino@xxxxxxx> > Signed-off-by: Catalin Marinas <catalin.marinas@xxxxxxx> > Co-developed-by: Peter Collingbourne <pcc@xxxxxxxxxx> > Signed-off-by: Peter Collingbourne <pcc@xxxxxxxxxx> > Reviewed-by: Andrey Konovalov <andreyknvl@xxxxxxxxx> > Link: https://linux-review.googlesource.com/id/If88e396b9e7c058c1a4b5a252274120e77b1898a Reviewed-by: Catalin Marinas <catalin.marinas@xxxxxxx>
