On Tue, Aug 23, 2022 at 10:37:38AM -0700, Linus Torvalds wrote: > On Tue, Aug 23, 2022 at 1:56 AM Catalin Marinas <catalin.marinas@xxxxxxx> wrote: > > With load_unaligned_zeropad(), the arm64 implementation disables tag > > checking temporarily. We could do the same with read_word_at_a_time() > > (there is a kasan_check_read() in this function but it wrongly uses a > > size of 1). > > The "size of 1" is not wrong, it's intentional, exactly because people > do things like > > strscpy(dst, "string", sizeof(dst)); > > which is a bit unfortunate, but very understandable and intended to > work. So that thing may over-read the string by up to a word. And > KASAN ends up being unhappy. Good point. We could attempt a single-byte checked read on arm64 as well and then disable tag checking (the arm64 load_unaligned_zeropad() doesn't bother with this). For KASAN, if we want to be more precise, we could move the kasan_check_read() (or add a new one) in the strscpy() implementation that actually takes into account how much was copied (non-zero bytes). Not sure it's worth it though. The check would be post-read though. -- Catalin
