From 0a3c72df02a8ab8381ff6827afc18b32265e1242 Mon Sep 17 00:00:00 2001
From: Dave Rodgman <dave.rodgman@arm.com>
Date: Thu, 16 Mar 2023 13:43:32 +0000
Subject: [PATCH] Add explanatory comment

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
---
 tests/suites/test_suite_platform_util.function | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/tests/suites/test_suite_platform_util.function b/tests/suites/test_suite_platform_util.function
index d6d6d1f5eb..a4c11433a2 100644
--- a/tests/suites/test_suite_platform_util.function
+++ b/tests/suites/test_suite_platform_util.function
@@ -43,6 +43,16 @@ void mbedtls_platform_zeroize(int len, int null)
 /* BEGIN_CASE */
 void mbedtls_platform_zeroize_uninitialised(int len, int p)
 {
+    /*
+     * As per #7301: on some platforms, including modern Linux, Clang with Msan
+     * does not recognize that explicit_bzero() writes well-defined content to
+     * its output buffer. For us, this causes CMAC operations to fail in Msan
+     * builds when mbedtls_platform_zeroize() is implemented over
+     * explicit_bzero().
+     *
+     * This test ensures we have a simple/obvious MSan test rather than
+     * spurious errors in crypto code that are hard to track down.
+     */
     char buf[128];
     mbedtls_platform_zeroize(buf, len);