Fix race between cat /proc/*/wchan and rmmod et al

kallsyms_lookup() can go iterating over modules list unprotected which is OK for emergency situations (oops), but not OK for regular stuff like /proc/*/wchan. Introduce lookup_symbol_name()/lookup_module_symbol_name() which copy symbol name into caller-supplied buffer or return -ERANGE. All copying is done with module_mutex held, so... Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> Cc: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
author: Alexey Dobriyan <adobriyan@sw.ru> 2007-05-08 03:28:43 -0400
committer: Linus Torvalds <torvalds@woody.linux-foundation.org> 2007-05-08 14:15:08 -0400
commit: 9d65cb4a1718a072898c7a57a3bc61b2dc4bcd4d (patch)
tree: 9e3fd1c9e61e8ed16959d115a9a3f6f7eb0bbf21 /kernel
parent: ffb45122766db220d0bf3d01848d575fbbcb6430 (diff)
4 files changed, 48 insertions, 13 deletions
diff --git a/kernel/kallsyms.c b/kernel/kallsyms.c
index f66da025cb7f..4e2ec191a127 100644
--- a/kernel/kallsyms.c
+++ b/kernel/kallsyms.c
@@ -269,6 +269,23 @@ const char *kallsyms_lookup(unsigned long addr,
        return NULL;
 }
+int lookup_symbol_name(unsigned long addr, char *symname)
+{
+        symname[0] = '\0';
+        symname[KSYM_NAME_LEN] = '\0';
+        if (is_ksym_addr(addr)) {
+                unsigned long pos;
+                pos = get_symbol_pos(addr, NULL, NULL);
+                /* Grab name */
+                kallsyms_expand_symbol(get_symbol_offset(pos), symname);
+                return 0;
+        }
+        /* see if it's in a module */
+        return lookup_module_symbol_name(addr, symname);
+}
 /* Look up a kernel symbol and return it in a text buffer. */
 int sprint_symbol(char *buffer, unsigned long address)
 {
diff --git a/kernel/module.c b/kernel/module.c
index bf4dccadf7b8..3da76ad32d78 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -2126,6 +2126,29 @@ const char *module_address_lookup(unsigned long addr,
        return NULL;
 }
+int lookup_module_symbol_name(unsigned long addr, char *symname)
+{
+        struct module *mod;
+        mutex_lock(&module_mutex);
+        list_for_each_entry(mod, &modules, list) {
+                if (within(addr, mod->module_init, mod->init_size) ||
+                    within(addr, mod->module_core, mod->core_size)) {
+                        const char *sym;
+                        sym = get_ksymbol(mod, addr, NULL, NULL);
+                        if (!sym)
+                                goto out;
+                        strlcpy(symname, sym, KSYM_NAME_LEN + 1);
+                        mutex_unlock(&module_mutex);
+                        return 0;
+                }
+        }
+out:
+        mutex_unlock(&module_mutex);
+        return -ERANGE;
+}
 int module_get_kallsym(unsigned int symnum, unsigned long *value, char *type,
                        char *name, char *module_name, int *exported)
 {
diff --git a/kernel/time/timer_list.c b/kernel/time/timer_list.c
index fe9314a89f20..b734ca4bc75e 100644
--- a/kernel/time/timer_list.c
+++ b/kernel/time/timer_list.c
@@ -38,15 +38,12 @@ DECLARE_PER_CPU(struct hrtimer_cpu_base, hrtimer_bases);
 static void print_name_offset(struct seq_file *m, void *sym)
 {
-        unsigned long addr = (unsigned long)sym;
+        char symname[KSYM_NAME_LEN+1];
-        char namebuf[KSYM_NAME_LEN+1];
-        const char *sym_name;
-        sym_name = kallsyms_lookup(addr, NULL, NULL, NULL, namebuf);
+        if (lookup_symbol_name((unsigned long)sym, symname) < 0)
-        if (sym_name)
-                SEQ_printf(m, "%s", sym_name);
-        else
                SEQ_printf(m, "<%p>", sym);
+        else
+                SEQ_printf(m, "%s", symname);
 }
 static void
diff --git a/kernel/time/timer_stats.c b/kernel/time/timer_stats.c
index 946ed45f7d2f..868f1bceb07f 100644
--- a/kernel/time/timer_stats.c
+++ b/kernel/time/timer_stats.c
@@ -257,14 +257,12 @@ void timer_stats_update_stats(void *timer, pid_t pid, void *startf,
 static void print_name_offset(struct seq_file *m, unsigned long addr)
 {
-        char namebuf[KSYM_NAME_LEN+1];
+        char symname[KSYM_NAME_LEN+1];
-        const char *sym_name;
-        sym_name = kallsyms_lookup(addr, NULL, NULL, NULL, namebuf);
+        if (lookup_symbol_name(addr, symname) < 0)
-        if (sym_name)
-                seq_printf(m, "%s", sym_name);
-        else
                seq_printf(m, "<%p>", (void *)addr);
+        else
+                seq_printf(m, "%s", symname);
 }
 static int tstats_show(struct seq_file *m, void *v)
author	Alexey Dobriyan <adobriyan@sw.ru>	2007-05-08 03:28:43 -0400
committer	Linus Torvalds <torvalds@woody.linux-foundation.org>	2007-05-08 14:15:08 -0400
commit	9d65cb4a1718a072898c7a57a3bc61b2dc4bcd4d (patch)
tree	9e3fd1c9e61e8ed16959d115a9a3f6f7eb0bbf21 /kernel
parent	ffb45122766db220d0bf3d01848d575fbbcb6430 (diff)

diff --git a/kernel/kallsyms.c b/kernel/kallsyms.c index f66da025cb7f..4e2ec191a127 100644 --- a/kernel/kallsyms.c +++ b/kernel/kallsyms.c
@@ -269,6 +269,23 @@ const char *kallsyms_lookup(unsigned long addr,
269	return NULL;	269	return NULL;
270	}	270	}
271		271
		272	int lookup_symbol_name(unsigned long addr, char *symname)
		273	{
		274	symname[0] = '\0';
		275	symname[KSYM_NAME_LEN] = '\0';
		276
		277	if (is_ksym_addr(addr)) {
		278	unsigned long pos;
		279
		280	pos = get_symbol_pos(addr, NULL, NULL);
		281	/* Grab name */
		282	kallsyms_expand_symbol(get_symbol_offset(pos), symname);
		283	return 0;
		284	}
		285	/* see if it's in a module */
		286	return lookup_module_symbol_name(addr, symname);
		287	}
		288
272	/* Look up a kernel symbol and return it in a text buffer. */	289	/* Look up a kernel symbol and return it in a text buffer. */
273	int sprint_symbol(char *buffer, unsigned long address)	290	int sprint_symbol(char *buffer, unsigned long address)
274	{	291	{


diff --git a/kernel/module.c b/kernel/module.c index bf4dccadf7b8..3da76ad32d78 100644 --- a/kernel/module.c +++ b/kernel/module.c
@@ -2126,6 +2126,29 @@ const char *module_address_lookup(unsigned long addr,
2126	return NULL;	2126	return NULL;
2127	}	2127	}
2128		2128
		2129	int lookup_module_symbol_name(unsigned long addr, char *symname)
		2130	{
		2131	struct module *mod;
		2132
		2133	mutex_lock(&module_mutex);
		2134	list_for_each_entry(mod, &modules, list) {
		2135	if (within(addr, mod->module_init, mod->init_size) \|\|
		2136	within(addr, mod->module_core, mod->core_size)) {
		2137	const char *sym;
		2138
		2139	sym = get_ksymbol(mod, addr, NULL, NULL);
		2140	if (!sym)
		2141	goto out;
		2142	strlcpy(symname, sym, KSYM_NAME_LEN + 1);
		2143	mutex_unlock(&module_mutex);
		2144	return 0;
		2145	}
		2146	}
		2147	out:
		2148	mutex_unlock(&module_mutex);
		2149	return -ERANGE;
		2150	}
		2151
2129	int module_get_kallsym(unsigned int symnum, unsigned long value, char type,	2152	int module_get_kallsym(unsigned int symnum, unsigned long value, char type,
2130	char name, char module_name, int *exported)	2153	char name, char module_name, int *exported)
2131	{	2154	{


diff --git a/kernel/time/timer_list.c b/kernel/time/timer_list.c index fe9314a89f20..b734ca4bc75e 100644 --- a/kernel/time/timer_list.c +++ b/kernel/time/timer_list.c
@@ -38,15 +38,12 @@ DECLARE_PER_CPU(struct hrtimer_cpu_base, hrtimer_bases);
38		38
39	static void print_name_offset(struct seq_file m, void sym)	39	static void print_name_offset(struct seq_file m, void sym)
40	{	40	{
41	unsigned long addr = (unsigned long)sym;	41	char symname[KSYM_NAME_LEN+1];
42	char namebuf[KSYM_NAME_LEN+1];
43	const char *sym_name;
44		42
45	sym_name = kallsyms_lookup(addr, NULL, NULL, NULL, namebuf);	43	if (lookup_symbol_name((unsigned long)sym, symname) < 0)
46	if (sym_name)
47	SEQ_printf(m, "%s", sym_name);
48	else
49	SEQ_printf(m, "<%p>", sym);	44	SEQ_printf(m, "<%p>", sym);
		45	else
		46	SEQ_printf(m, "%s", symname);
50	}	47	}
51		48
52	static void	49	static void


diff --git a/kernel/time/timer_stats.c b/kernel/time/timer_stats.c index 946ed45f7d2f..868f1bceb07f 100644 --- a/kernel/time/timer_stats.c +++ b/kernel/time/timer_stats.c
@@ -257,14 +257,12 @@ void timer_stats_update_stats(void timer, pid_t pid, void startf,
257		257
258	static void print_name_offset(struct seq_file *m, unsigned long addr)	258	static void print_name_offset(struct seq_file *m, unsigned long addr)
259	{	259	{
260	char namebuf[KSYM_NAME_LEN+1];	260	char symname[KSYM_NAME_LEN+1];
261	const char *sym_name;
262		261
263	sym_name = kallsyms_lookup(addr, NULL, NULL, NULL, namebuf);	262	if (lookup_symbol_name(addr, symname) < 0)
264	if (sym_name)
265	seq_printf(m, "%s", sym_name);
266	else
267	seq_printf(m, "<%p>", (void *)addr);	263	seq_printf(m, "<%p>", (void *)addr);
		264	else
		265	seq_printf(m, "%s", symname);
268	}	266	}
269		267
270	static int tstats_show(struct seq_file m, void v)	268	static int tstats_show(struct seq_file m, void v)