Fix race between cat /proc/*/wchan and rmmod et al kallsyms_lookup() can go iterating over modules list unprotected which is OK for emergency situations (oops), but not OK for regular stuff like /proc/*/wchan. Introduce lookup_symbol_name()/lookup_module_symbol_name() which copy symbol name into caller-supplied buffer or return -ERANGE. All copying is done with module_mutex held, so... Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> Cc: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

commit: 9d65cb4a1718a072898c7a57a3bc61b2dc4bcd4d [log] [tgz]
author: Alexey Dobriyan <adobriyan@sw.ru> Tue May 08 00:28:43 2007 -0700
committer: Linus Torvalds <torvalds@woody.linux-foundation.org> Tue May 08 11:15:08 2007 -0700
tree: 9e3fd1c9e61e8ed16959d115a9a3f6f7eb0bbf21
parent: ffb45122766db220d0bf3d01848d575fbbcb6430 [diff] [blame]
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 3b4fe21..0c2052c 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c

@@ -278,16 +278,15 @@
  */
 static int proc_pid_wchan(struct task_struct *task, char *buffer)
 {
-	const char *sym_name;
 	unsigned long wchan;
-	char namebuf[KSYM_NAME_LEN+1];
+	char symname[KSYM_NAME_LEN+1];
 
 	wchan = get_wchan(task);
 
-	sym_name = kallsyms_lookup(wchan, NULL, NULL, NULL, namebuf);
-	if (sym_name)
-		return sprintf(buffer, "%s", sym_name);
-	return sprintf(buffer, "%lu", wchan);
+	if (lookup_symbol_name(wchan, symname) < 0)
+		return sprintf(buffer, "%lu", wchan);
+	else
+		return sprintf(buffer, "%s", symname);
 }
 #endif /* CONFIG_KALLSYMS */
commit	9d65cb4a1718a072898c7a57a3bc61b2dc4bcd4d	[log] [tgz]
author	Alexey Dobriyan <adobriyan@sw.ru>	Tue May 08 00:28:43 2007 -0700
committer	Linus Torvalds <torvalds@woody.linux-foundation.org>	Tue May 08 11:15:08 2007 -0700
tree	9e3fd1c9e61e8ed16959d115a9a3f6f7eb0bbf21
parent	ffb45122766db220d0bf3d01848d575fbbcb6430 [diff] [blame]