[merged mm-nonmm-stable] maccess-fix-strncpy_from_user_nofault-empty-string-handling.patch removed from -mm tree

[Andrew Morton <akpm@linux-foundation.org>]

The quilt patch titled
     Subject: maccess: fix strncpy_from_user_nofault() empty string handling
has been removed from the -mm tree.  Its filename was
     maccess-fix-strncpy_from_user_nofault-empty-string-handling.patch

This patch was dropped because it was merged into the mm-nonmm-stable branch
of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm

------------------------------------------------------
From: Mykyta Yatsenko <yatsenko@meta.com>
Subject: maccess: fix strncpy_from_user_nofault() empty string handling
Date: Tue, 22 Apr 2025 14:14:49 +0100

strncpy_from_user_nofault() should return the length of the copied string
including the trailing NUL, but if the argument unsafe_addr points to an
empty string ({'\0'}), the return value is 0.

This happens as strncpy_from_user() copies terminal symbol into dst and
returns 0 (as expected), but strncpy_from_user_nofault does not modify ret
as it is not equal to count and not greater than 0, so 0 is returned,
which contradicts the contract.

Link: https://lkml.kernel.org/r/20250422131449.57177-1-mykyta.yatsenko5@gmail.com
Signed-off-by: Mykyta Yatsenko <yatsenko@meta.com>
Reviewed-by: Andrii Nakryiko <andrii@kernel.org>
Cc: "Masami Hiramatsu (Google)" <mhiramat@kernel.org>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

 mm/maccess.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/mm/maccess.c~maccess-fix-strncpy_from_user_nofault-empty-string-handling
+++ a/mm/maccess.c
@@ -196,7 +196,7 @@ long strncpy_from_user_nofault(char *dst
 	if (ret >= count) {
 		ret = count;
 		dst[ret - 1] = '\0';
-	} else if (ret > 0) {
+	} else if (ret >= 0) {
 		ret++;
 	}
 
_

Patches currently in -mm which might be from yatsenko@meta.com are