Commit 24b2ec21 authored by Alexey Dobriyan's avatar Alexey Dobriyan Committed by Linus Torvalds

proc: check permissions earlier for /proc/*/wchan

get_wchan() accesses stack page before permissions are checked, let's
not play this game.

Link: http://lkml.kernel.org/r/20180217071923.GA16074@avx2Signed-off-by: default avatarAlexey Dobriyan <adobriyan@gmail.com>
Reviewed-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Cc: Andy Shevchenko <andy.shevchenko@gmail.com>
Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent d0f02231
...@@ -388,14 +388,17 @@ static int proc_pid_wchan(struct seq_file *m, struct pid_namespace *ns, ...@@ -388,14 +388,17 @@ static int proc_pid_wchan(struct seq_file *m, struct pid_namespace *ns,
unsigned long wchan; unsigned long wchan;
char symname[KSYM_NAME_LEN]; char symname[KSYM_NAME_LEN];
wchan = get_wchan(task); if (!ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS))
goto print0;
if (wchan && ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS) wchan = get_wchan(task);
&& !lookup_symbol_name(wchan, symname)) if (wchan && !lookup_symbol_name(wchan, symname)) {
seq_printf(m, "%s", symname); seq_printf(m, "%s", symname);
else return 0;
seq_putc(m, '0'); }
print0:
seq_putc(m, '0');
return 0; return 0;
} }
#endif /* CONFIG_KALLSYMS */ #endif /* CONFIG_KALLSYMS */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment