[PATCH 1/1] um: take reference of stack before using it in get_wchan

[Maninder Singh]

Stack of task can be freed earlier than task in case of
THREAD_INFO_IN_TASK. So separate reference of stack should be there.

Help of THREAD_INFO_IN_TASK config also suggests to take this
reference before calling get_wchan.

KASAN also reports it in case of manual race reproduction:
[   18.400000] BUG: KASAN: vmalloc-out-of-bounds in __get_wchan+0x91/0xd9
[   18.400000] Read of size 8 at addr 00000000648bfad0 by task cat/25
..

Adding try_get_task_stack() to make sure stack's sanity.

Fixes: 2f681ba4b352 ("um: move thread info into task")
Signed-off-by: Maninder Singh <maninder1.s at samsung.com>
---
 arch/um/kernel/process.c | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/arch/um/kernel/process.c b/arch/um/kernel/process.c
index 63b38a3f73f7..dfca9e0aeec9 100644
--- a/arch/um/kernel/process.c
+++ b/arch/um/kernel/process.c
@@ -276,16 +276,12 @@ unsigned long arch_align_stack(unsigned long sp)
 }
 #endif
 
-unsigned long __get_wchan(struct task_struct *p)
+static unsigned long ___get_wchan(struct task_struct *p)
 {
 	unsigned long stack_page, sp, ip;
 	bool seen_sched = 0;
 
 	stack_page = (unsigned long) task_stack_page(p);
-	/* Bail if the process has no kernel stack for some reason */
-	if (stack_page == 0)
-		return 0;
-
 	sp = p->thread.switch_buf->JB_SP;
 	/*
 	 * Bail if the stack pointer is below the bottom of the kernel
@@ -306,4 +302,21 @@ unsigned long __get_wchan(struct task_struct *p)
 	}
 
 	return 0;
+
+}
+
+unsigned long __get_wchan(struct task_struct *p)
+{
+	unsigned long ret;
+
+	/* Bail if the process has no kernel stack for some reason */
+	if (!try_get_task_stack(p))
+		return 0;
+
+	ret = ___get_wchan(p);
+
+	put_task_stack(p);
+
+	return ret;
+
 }
-- 
2.34.1