On Tue, Jul 12, 2022 at 12:08:36AM -0700, Eric Biggers wrote: > > Is the special reproducer really needed? I'd expect this to be reproduced by > the existing crypto self-tests just by booting a kernel built with both > CONFIG_KASAN=y and CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y. > Ah, probably the self-tests don't find this because with poly1305 the key is actually read from the "data", and for the self-tests the data addresses happens to always be in the kernel direct map, so KASAN doesn't work for it (I think). Ideally the self-tests would test with kmalloc'ed data buffers too, or a buffer in vmalloc'ed memory that's directly followed by a guard page. - Eric