On Thu, May 23, 2024 at 11:50 PM Brian Johannesmeyer <bjohannesmeyer@xxxxxxxxx> wrote: > > When called with a 'from' that is not 4-byte-aligned, > string_memcpy_fromio() calls the movs() macro to copy the first few bytes, > so that 'from' becomes 4-byte-aligned before calling rep_movs(). This > movs() macro modifies 'to', and the subsequent line modifies 'n'. > > As a result, on unaligned accesses, kmsan_unpoison_memory() uses the > updated (aligned) values of 'to' and 'n'. Hence, it does not unpoison the > entire region. > > This patch saves the original values of 'to' and 'n', and passes those to > kmsan_unpoison_memory(), so that the entire region is unpoisoned. Nice catch! Does it fix any known bugs? > Signed-off-by: Brian Johannesmeyer <bjohannesmeyer@xxxxxxxxx> Reviewed-by: Alexander Potapenko <glider@xxxxxxxxxx>
