On 2018-01-09 17:37, Andrey Ryabinin wrote:
strscpy() performs the word-at-a-time optimistic reads. So it may may access the memory past the end of the object, which is perfectly fine since strscpy() doesn't use that (past-the-end) data and makes sure the optimistic read won't cross a page boundary.
But KASAN doesn't know anything about that so it will complain. There are several possible ways to address this issue, but none are perfect. See https://lkml.kernel.org/r/9f0a9cf6-51f7-cd1f-5dc6-6d510a7b8ec4@virtuozzo.com
It seems the best solution is to simply disable word-at-a-time optimization. My trivial testing shows that byte-at-a-time could be up to x4.3 times slower than word-at-a-time. It may seems like a lot, but it's actually ~1.2e-10 sec per symbol vs ~4.8e-10 sec per symbol on modern hardware. And we don't use strscpy() in a performance critical paths to copy large amounts of data, so it shouldn't matter anyway.
Fixes: 30035e45753b7 ("string: provide strscpy()") Signed-off-by: Andrey Ryabinin aryabinin@virtuozzo.com Cc: stable@vger.kernel.org
Acked-by: Rasmus Villemoes linux@rasmusvillemoes.dk
Your microbenchmark even favours word-at-a-time slightly, since in practice I think at least one of src or dst will be unaligned a lot of the time, and while x86 may HAVE_EFFICIENT_UNALIGNED_ACCESS, it's still a little more expensive than doing aligned access. And since strscpy is not called that often, I expect some of the ~300 bytes of instruction cache it occupies can be put to better use elsewhere.
Rasmus