forked from luck/tmp_suning_uos_patched
proc: check permissions earlier for /proc/*/wchan
get_wchan() accesses stack page before permissions are checked, let's not play this game. Link: http://lkml.kernel.org/r/20180217071923.GA16074@avx2 Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Andy Shevchenko <andy.shevchenko@gmail.com> Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
d0f0223122
commit
24b2ec2119
|
@ -388,14 +388,17 @@ static int proc_pid_wchan(struct seq_file *m, struct pid_namespace *ns,
|
|||
unsigned long wchan;
|
||||
char symname[KSYM_NAME_LEN];
|
||||
|
||||
if (!ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS))
|
||||
goto print0;
|
||||
|
||||
wchan = get_wchan(task);
|
||||
|
||||
if (wchan && ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)
|
||||
&& !lookup_symbol_name(wchan, symname))
|
||||
if (wchan && !lookup_symbol_name(wchan, symname)) {
|
||||
seq_printf(m, "%s", symname);
|
||||
else
|
||||
seq_putc(m, '0');
|
||||
return 0;
|
||||
}
|
||||
|
||||
print0:
|
||||
seq_putc(m, '0');
|
||||
return 0;
|
||||
}
|
||||
#endif /* CONFIG_KALLSYMS */
|
||||
|
|
Loading…
Reference in New Issue
Block a user