Linus Torvalds writes: (Summary)
No, strnlen_user() definitely does too.
No, strnlen_user() definitely does too.
It's just that KASAN doesn't track user pointers.
It's just that KASAN doesn't track user pointers.
And the important strlen() in the kernel is the pathname hashing code, which *definitely* accesses outside the source, but since it can actually traverse to another page we have that one annotated too (with load_unaligned_zeropad()).
load_unaligned_zeropad()).
So no, strscpy() isn't the only one doing it, it is just the only one that KASAN catches.
that KASAN catches.
Linus
Linus
Linus
No, strnlen_user() definitely does too.
It's just that KASAN doesn't track user pointers.
It's just that KASAN doesn't track user pointers.
And the important strlen() in the kernel is the pathname hashing code, which *definitely* accesses outside the source, but since it can actually traverse to another page we have that one annotated too (with load_unaligned_zeropad()).
load_unaligned_zeropad()).
So no, strscpy() isn't the only one doing it, it is just the only one that KASAN catches.
that KASAN catches.
Linus
Linus
Linus