grsecurity forums

Hit the following OOPS (doens't seem to have caused any major issue) this morning:

Code: Select all

PAX: size overflow detected in function kernfs_fop_write fs/kernfs/file.c:269 cicus.242_188 max, count: 15
CPU: 0 PID: 2577 Comm: eeepc-acpi-scri Not tainted 3.19.1-grsec #1
Hardware name: ASUSTeK Computer INC. 701/701, BIOS 1302    03/11/2009
 002d4006 000c7379 c1c5538c c1c59120 c1c5910f 0000010d c1c5914f f5d17678
 0011f9e6 c1c5914f 00000000 f5d17684 ffffffff 00000000 0b221630 f6572180
 00000001 f6572180 00000002 0b221630 0011f8f0 000c17ec f5f95f00 ffff4111
Call Trace:
 [<002d4006>] ? 0x2d4006
 [<000c7379>] ? 0x0c7379
 [<0011f9e6>] ? 0x11f9e6
 [<0011f8f0>] ? 0x11f8f0
 [<000c17ec>] ? 0x0c17ec
 [<000c216d>] ? 0x0c216d
 [<002d76ed>] ? 0x2d76ed
 [<002d7709>] ? 0x2d7709


Version of LD

Code: Select all

root@nozzle:/usr/src/linux-3.19.1# ld --version
GNU ld (GNU Binutils for Ubuntu) 2.24

A 7zip'd version of

Code: Select all

vmlinux
bzImage
System.map
.config

is available to download.

Thanks.

Saw "PAX: size overflow detected in function kernfs_fop_write fs/kernfs/file.c:269 cicus.289_334 max, count: 29" too in syslog, so confirming this issue.

thanks for your report but it's already fixed in PaX and soon in grsec as well . in the meantime you can apply this:

Code: Select all

--- a/fs/kernfs/file.c   2015-02-09 21:15:09.433606076 +0100
+++ b/fs/kernfs/file.c   2015-03-12 15:12:02.310932374 +0100
@@ -271,7 +271,7 @@
 {
        struct kernfs_open_file *of = kernfs_of(file);
        const struct kernfs_ops *ops;
-       size_t len;
+       ssize_t len;
        char *buf;

        if (of->atomic_write_len) {


Thanks Magical PaX Team.