grsecurity forums

[jotik]

Using Gentoo's hardened-sources-4.2.3-r4:

Code: Select all

[   13.830353] PAX: size overflow detected in function usbdev_ioctl drivers/usb/core/devio.c:1502 cicus.652_2120 max, count: 105, decl: pipe; num: 0; context: urb;
[   13.831626] CPU: 0 PID: 433 Comm: pcscd Not tainted 4.2.3-hardened-r4 #1
[   13.831628] Hardware name: LENOVO 20AN006VMS/20AN006VMS, BIOS GLET78WW (2.32 ) 03/03/2015
[   13.831629]  ffffffffbbf73c43 e569e18a1e947cef 0000000000000000 ffffffffbbedf7b1
[   13.831632]  ffffc9000407bc98 ffffffffbba4a404 0000000000000000 ffffffffbbedf8e8
[   13.831634]  ffffc9000407bcc8 ffffffffbb19c5e6 ffff88042b4e7708 ffff88042b4e77d0
[   13.831636] Call Trace:
[   13.831642]  [<ffffffffbba4a404>] dump_stack+0x4c/0x79
[   13.831647]  [<ffffffffbb19c5e6>] report_size_overflow+0x36/0x40
[   13.831651]  [<ffffffffbb719649>] usbdev_ioctl+0x2399/0x2760
[   13.831654]  [<ffffffffbb1a7cbd>] do_vfs_ioctl+0x47d/0x7c0
[   13.831657]  [<ffffffffbb1b3228>] ? __fget+0x78/0xa0
[   13.831659]  [<ffffffffbb1a803f>] SyS_ioctl+0x3f/0x70
[   13.831662]  [<ffffffffbba5344b>] entry_SYSCALL_64_fastpath+0x12/0x73

[ephox]

Hi,
Could you please send me the results (drivers/usb/core/devio.*) of make drivers/usb/core/devio.o EXTRA_CFLAGS="-fdump-tree-all -fdump-ipa-all" and your kernel .config? Which gcc version did you use?

[jotik]

Here you go: FREE DIRECT DOWNLOAD LINK

[ephox]

Thanks for the report, can you reproduce it with the latest patch?

[jotik]

I can reproduce it with Gentoo's hardened-sources-4.2.3-r5 (vanilla-4.2.3 + genpatches-4.2-6 + grsecurity-3.1-4.2.3-201510200858). I'll try to remember to retry this when Gentoo version-bumps their ebuilds.

[jotik]

Seems to be fixed with Gentoo's hardened-sources-4.2.4 (vanilla-4.2.4 + genpatches-4.2-6 + grsecurity-3.1-4.2.4-201510222059). Thanks!