proc: check permissions earlier for /proc/*/wchan get_wchan() accesses stack page before permissions are checked, let's not play this game. Link: http://lkml.kernel.org/r/20180217071923.GA16074@avx2 Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Andy Shevchenko <andy.shevchenko@gmail.com> Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

commit: 24b2ec21192c963c17a1b687b6171e95e8b59c06 [log] [tgz]
author: Alexey Dobriyan <adobriyan@gmail.com> Tue Apr 10 16:31:30 2018 -0700
committer: Linus Torvalds <torvalds@linux-foundation.org> Wed Apr 11 10:28:33 2018 -0700
tree: b306741760dc34e5c408055ddf84fb9d253ebdb4
parent: d0f02231222b313d1b49278cd2e3c7e7406fea6d [diff] [blame]
diff --git a/fs/proc/base.c b/fs/proc/base.c
index d5324686..d8b5a16 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c

@@ -388,14 +388,17 @@ static int proc_pid_wchan(struct seq_file *m, struct pid_namespace *ns,
 	unsigned long wchan;
 	char symname[KSYM_NAME_LEN];
 
+	if (!ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS))
+		goto print0;
+
 	wchan = get_wchan(task);
-
-	if (wchan && ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)
-			&& !lookup_symbol_name(wchan, symname))
+	if (wchan && !lookup_symbol_name(wchan, symname)) {
 		seq_printf(m, "%s", symname);
-	else
-		seq_putc(m, '0');
+		return 0;
+	}
 
+print0:
+	seq_putc(m, '0');
 	return 0;
 }
 #endif /* CONFIG_KALLSYMS */
commit	24b2ec21192c963c17a1b687b6171e95e8b59c06	[log] [tgz]
author	Alexey Dobriyan <adobriyan@gmail.com>	Tue Apr 10 16:31:30 2018 -0700
committer	Linus Torvalds <torvalds@linux-foundation.org>	Wed Apr 11 10:28:33 2018 -0700
tree	b306741760dc34e5c408055ddf84fb9d253ebdb4
parent	d0f02231222b313d1b49278cd2e3c7e7406fea6d [diff] [blame]