Re: rtlwifi: rtl8192c_common: "BUG: KASAN: slab-out-of-bounds"

[Larry Finger]

On 02/07/2017 10:45 AM, Tobias Guggenmos wrote:
> Am Montag, 6. Februar 2017, 09:45:31 CET schrieb Larry Finger:
> > On 02/06/2017 04:29 AM, Johannes Berg wrote:
> > > On Sat, 2017-02-04 at 12:41 -0600, Larry Finger wrote:
> > > > On 02/04/2017 10:58 AM, Dmitry Osipenko wrote:
> > > > > Seems the problem is caused by rtl92c_dm_*() casting .priv to
> > > > > "struct
> > > > > rtl_pci_priv", while it is "struct rtl_usb_priv".
> > > >
> > > > Those routines are shared by rtl8192ce and rtl8192cu, thus we need to
> > > > make that
> > > > difference in cast to be immaterial. I think we need to move "struct
> > > > bt_coexist_info" to the beginning of both rtlpci_priv and
> > > > rtl_usb_priv. Then it
> > > > should not matter.
> > >
> > > I think you really should consider putting a struct rtl_common into
> > > that or something, and getting rid of all the casting that causes this
> > > problem to start with?
> >
> > The fix you suggest is prepared and will be submitted soon. As it is much
> > more invasive with ~150 insertions and ~160 deletions, I decided not to
> > have it be the one that is pushed to all stable kernels from 4.0 onward.
> >
> > Larry
>
> This is possibly related to the following Fedora Bug:
> https://bugzilla.redhat.com/show_bug.cgi?id=1391987

This bug is unlikely to be the cause of that problem. In fact, this bug only 
affects rtl8192cu, not rtl8192ce. The RedHat problem is more likely caused by 
the not-yet-merged patch entitled "rtlwifi: rtl8192ce: Fix loading of incorrect 
firmware".

Larry