PAX: size overflow detected in function iwlagn_hwrate_to_mac

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

PAX: size overflow detected in function iwlagn_hwrate_to_mac

Postby yotann » Sat Dec 12, 2015 3:22 pm

Code: Select all
PAX: size overflow detected in function iwlagn_hwrate_to_mac80211_idx drivers/net/wireless/iwlwifi/dvm/lib.c:104 cicus.213_15 max, count: 1, decl: iwlagn_hwrate_to_mac80211_idx; num: 0; context: fndecl;
Kernel panic - not syncing: Aiee, killing interrupt handler!
CPU: 0 PID: 320 Comm: irq/33-iwlwifi Not tainted 4.2.7.201512092320-1-grsec #1
Hardware name: COMPAL/JHL90, BIOS 1.10 10/22/2008
...
[<ffffffff871a6e3e>] report_size_overflow+0x3e/0x40
[<ffffffffc08ee8cc>] iwlagn_hwrate_to_mac80211_idx+0x8c/0x90 [iwldvm]
[<ffffffffc08ec649>] iwlagn_hwrate_to_tx_control.isra.2+0x139/0x150 [iwldvm]
[<ffffffffc08edacf>] iwlagn_rx_reply_tx+0x40f/0x840 [iwldvm]
[<ffffffff875d7dcd>] ? _raw_write_unlock_bh+0x1d/0x30
[<ffffffffc08f5263>] iwl_rx_dispatch+0x93/0xb0 [iwldvm]
[<ffffffffc076293c>] iwl_pcie_irq_handler+0x6ac/0xe10 [iwlwifi]
[<ffffffff870bbd78>] irq_thread_fn+0x28/0x60
...


Occurs consistently on Arch Linux with linux-grsec=4.2.7.201512092320-1, at a seemingly random time after boot. Hardware info:

Code: Select all
iwlwifi 0000:0e:00.0: can't disable ASPM; OS doesn't have ASPM control
iwlwifi 0000:0e:00.0: loaded firmware version 8.83.5.1 build 33692 op_mode iwldvm
iwlwifi 0000:0e:00.0: CONFIG_IWLWIFI_DEBUG disabled
iwlwifi 0000:0e:00.0: CONFIG_IWLWIFI_DEBUGFS disabled
iwlwifi 0000:0e:00.0: CONFIG_IWLWIFI_DEVICE_TRACING enabled
iwlwifi 0000:0e:00.0: Detected Intel(R) WiFi Link 5100 AGN, REV=0x54
iwlwifi 0000:0e:00.0: L1 Disabled - LTR Disabled
iwlwifi 0000:0e:00.0: Radio type=0x1-0x2-0x0
yotann
 
Posts: 1
Joined: Sat Dec 12, 2015 1:55 pm

Re: PAX: size overflow detected in function iwlagn_hwrate_to

Postby ephox » Sat Dec 12, 2015 4:40 pm

Thanks for the report, it will be fixed in the next grsec patch.
ephox
 
Posts: 134
Joined: Tue Mar 20, 2012 4:36 pm


Return to grsecurity support