[WireGuard] Error building against grsec-enabled kernel
Jason A. Donenfeld
Jason at zx2c4.com
Fri Oct 21 04:32:04 CEST 2016
On Fri, Oct 21, 2016 at 9:24 AM, PaX Team <pageexec at gmail.com> wrote:
> in any case, whoever can reproduce this should print out the value of
> head->mac_header before the increment. my guess based on past experience
> on similar network problems is that the field is probably invalid (ffff
> or similar) and adding to it will trigger the size overflow check. this
> in turn means that there's usually some higher level logic bug and you'll
> have to talk to netdev guys as i'm way out of my depths at that point ;).
Fixed:
https://git.zx2c4.com/WireGuard/commit/?id=867c815c31c754bf97b5fb29afd295b7cf195159
>> >> OK, so turns out just getting rid of the __read_mostly fixes things.
>
> FWIW, i've been carrying such a local patch on my gentoo box too ;).
Got a good #ifdef for PAX that I should use to conditionally not use
__read_mostly in case PAX is in use?
More information about the WireGuard
mailing list