オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.7.x/ccs-patch/patches/ccs-patch-2.6.12.diff

Contents of /trunk/1.7.x/ccs-patch/patches/ccs-patch-2.6.12.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3075 - (show annotations) (download) (as text)
Thu Oct 1 03:33:21 2009 UTC (14 years, 8 months ago) by kumaneko
File MIME type: text/x-diff
File size: 46820 byte(s) 
Update sendmsg() hook.
1 This is TOMOYO Linux patch for kernel 2.6.12.6.
2
3 Source code for this patch is http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.12.6.tar.bz2
4 ---
5 arch/alpha/kernel/ptrace.c | 3 +++
6 arch/arm/kernel/ptrace.c | 3 +++
7 arch/arm26/kernel/ptrace.c | 3 +++
8 arch/cris/arch-v10/kernel/ptrace.c | 3 +++
9 arch/frv/kernel/ptrace.c | 3 +++
10 arch/h8300/kernel/ptrace.c | 3 +++
11 arch/i386/kernel/ptrace.c | 3 +++
12 arch/ia64/ia32/sys_ia32.c | 3 +++
13 arch/ia64/kernel/ptrace.c | 3 +++
14 arch/m32r/kernel/ptrace.c | 3 +++
15 arch/m68k/kernel/ptrace.c | 3 +++
16 arch/m68knommu/kernel/ptrace.c | 3 +++
17 arch/mips/kernel/ptrace.c | 3 +++
18 arch/mips/kernel/ptrace32.c | 3 +++
19 arch/parisc/kernel/ptrace.c | 3 +++
20 arch/ppc/kernel/ptrace.c | 3 +++
21 arch/ppc64/kernel/ptrace.c | 3 +++
22 arch/ppc64/kernel/ptrace32.c | 3 +++
23 arch/s390/kernel/ptrace.c | 3 +++
24 arch/sh/kernel/ptrace.c | 3 +++
25 arch/sh64/kernel/ptrace.c | 3 +++
26 arch/sparc/kernel/ptrace.c | 5 +++++
27 arch/sparc64/kernel/ptrace.c | 5 +++++
28 arch/um/kernel/ptrace.c | 3 +++
29 arch/v850/kernel/ptrace.c | 3 +++
30 arch/x86_64/ia32/ptrace32.c | 3 +++
31 arch/x86_64/kernel/ptrace.c | 3 +++
32 fs/compat.c | 9 ++++++++-
33 fs/exec.c | 12 +++++++++++-
34 fs/fcntl.c | 4 ++++
35 fs/ioctl.c | 5 +++++
36 fs/namei.c | 32 ++++++++++++++++++++++++++++++++
37 fs/namespace.c | 25 +++++++++++++++++++++++--
38 fs/open.c | 28 ++++++++++++++++++++++++++++
39 fs/proc/proc_misc.c | 1 +
40 include/linux/init_task.h | 9 +++++++++
41 include/linux/sched.h | 6 ++++++
42 kernel/compat.c | 3 +++
43 kernel/kmod.c | 5 +++++
44 kernel/module.c | 7 +++++--
45 kernel/sched.c | 3 +++
46 kernel/signal.c | 9 +++++++++
47 kernel/sys.c | 11 +++++++++++
48 kernel/sysctl.c | 16 ++++++++++++++--
49 kernel/time.c | 7 +++++++
50 net/ipv4/raw.c | 4 ++++
51 net/ipv4/tcp_ipv4.c | 5 +++++
52 net/ipv4/udp.c | 8 ++++++++
53 net/ipv6/raw.c | 4 ++++
54 net/ipv6/tcp_ipv6.c | 5 +++++
55 net/ipv6/udp.c | 13 ++++++++++++-
56 net/socket.c | 23 ++++++++++++++++++++---
57 net/unix/af_unix.c | 4 ++++
58 security/Kconfig | 2 ++
59 security/Makefile | 3 +++
60 55 files changed, 336 insertions(+), 12 deletions(-)
61
62 --- linux-2.6.12.6.orig/arch/alpha/kernel/ptrace.c
63 +++ linux-2.6.12.6/arch/alpha/kernel/ptrace.c
64 @@ -20,6 +20,7 @@
65 #include <asm/pgtable.h>
66 #include <asm/system.h>
67 #include <asm/fpu.h>
68 +#include <linux/ccsecurity.h>
69
70 #include "proto.h"
71
72 @@ -261,6 +262,8 @@ do_sys_ptrace(long request, long pid, lo
73 unsigned long tmp;
74 size_t copied;
75 long ret;
76 + if (!ccs_capable(CCS_SYS_PTRACE))
77 + return -EPERM;
78
79 lock_kernel();
80 DBG(DBG_MEM, ("request=%ld pid=%ld addr=0x%lx data=0x%lx\n",
81 --- linux-2.6.12.6.orig/arch/arm/kernel/ptrace.c
82 +++ linux-2.6.12.6/arch/arm/kernel/ptrace.c
83 @@ -25,6 +25,7 @@
84 #include <asm/pgtable.h>
85 #include <asm/system.h>
86 #include <asm/traps.h>
87 +#include <linux/ccsecurity.h>
88
89 #include "ptrace.h"
90
91 @@ -786,6 +787,8 @@ asmlinkage int sys_ptrace(long request,
92 {
93 struct task_struct *child;
94 int ret;
95 + if (!ccs_capable(CCS_SYS_PTRACE))
96 + return -EPERM;
97
98 lock_kernel();
99 ret = -EPERM;
100 --- linux-2.6.12.6.orig/arch/arm26/kernel/ptrace.c
101 +++ linux-2.6.12.6/arch/arm26/kernel/ptrace.c
102 @@ -24,6 +24,7 @@
103 #include <asm/pgtable.h>
104 #include <asm/system.h>
105 //#include <asm/processor.h>
106 +#include <linux/ccsecurity.h>
107
108 #include "ptrace.h"
109
110 @@ -669,6 +670,8 @@ asmlinkage int sys_ptrace(long request,
111 {
112 struct task_struct *child;
113 int ret;
114 + if (!ccs_capable(CCS_SYS_PTRACE))
115 + return -EPERM;
116
117 lock_kernel();
118 ret = -EPERM;
119 --- linux-2.6.12.6.orig/arch/cris/arch-v10/kernel/ptrace.c
120 +++ linux-2.6.12.6/arch/cris/arch-v10/kernel/ptrace.c
121 @@ -17,6 +17,7 @@
122 #include <asm/pgtable.h>
123 #include <asm/system.h>
124 #include <asm/processor.h>
125 +#include <linux/ccsecurity.h>
126
127 /*
128 * Determines which bits in DCCR the user has access to.
129 @@ -81,6 +82,8 @@ sys_ptrace(long request, long pid, long
130 struct task_struct *child;
131 int ret;
132 unsigned long __user *datap = (unsigned long __user *)data;
133 + if (!ccs_capable(CCS_SYS_PTRACE))
134 + return -EPERM;
135
136 lock_kernel();
137 ret = -EPERM;
138 --- linux-2.6.12.6.orig/arch/frv/kernel/ptrace.c
139 +++ linux-2.6.12.6/arch/frv/kernel/ptrace.c
140 @@ -28,6 +28,7 @@
141 #include <asm/system.h>
142 #include <asm/processor.h>
143 #include <asm/unistd.h>
144 +#include <linux/ccsecurity.h>
145
146 /*
147 * does not yet catch signals sent when the child dies.
148 @@ -112,6 +113,8 @@ asmlinkage int sys_ptrace(long request,
149 unsigned long tmp;
150 int ret;
151
152 + if (!ccs_capable(CCS_SYS_PTRACE))
153 + return -EPERM;
154 lock_kernel();
155 ret = -EPERM;
156 if (request == PTRACE_TRACEME) {
157 --- linux-2.6.12.6.orig/arch/h8300/kernel/ptrace.c
158 +++ linux-2.6.12.6/arch/h8300/kernel/ptrace.c
159 @@ -32,6 +32,7 @@
160 #include <asm/system.h>
161 #include <asm/processor.h>
162 #include <asm/signal.h>
163 +#include <linux/ccsecurity.h>
164
165 /* cpu depend functions */
166 extern long h8300_get_reg(struct task_struct *task, int regno);
167 @@ -61,6 +62,8 @@ asmlinkage int sys_ptrace(long request,
168 {
169 struct task_struct *child;
170 int ret;
171 + if (!ccs_capable(CCS_SYS_PTRACE))
172 + return -EPERM;
173
174 lock_kernel();
175 ret = -EPERM;
176 --- linux-2.6.12.6.orig/arch/i386/kernel/ptrace.c
177 +++ linux-2.6.12.6/arch/i386/kernel/ptrace.c
178 @@ -26,6 +26,7 @@
179 #include <asm/debugreg.h>
180 #include <asm/ldt.h>
181 #include <asm/desc.h>
182 +#include <linux/ccsecurity.h>
183
184 /*
185 * does not yet catch signals sent when the child dies.
186 @@ -358,6 +359,8 @@ asmlinkage int sys_ptrace(long request,
187 struct user * dummy = NULL;
188 int i, ret;
189 unsigned long __user *datap = (unsigned long __user *)data;
190 + if (!ccs_capable(CCS_SYS_PTRACE))
191 + return -EPERM;
192
193 lock_kernel();
194 ret = -EPERM;
195 --- linux-2.6.12.6.orig/arch/ia64/ia32/sys_ia32.c
196 +++ linux-2.6.12.6/arch/ia64/ia32/sys_ia32.c
197 @@ -56,6 +56,7 @@
198 #include <asm/types.h>
199 #include <asm/uaccess.h>
200 #include <asm/unistd.h>
201 +#include <linux/ccsecurity.h>
202
203 #include "ia32priv.h"
204
205 @@ -1757,6 +1758,8 @@ sys32_ptrace (int request, pid_t pid, un
206 struct task_struct *child;
207 unsigned int value, tmp;
208 long i, ret;
209 + if (!ccs_capable(CCS_SYS_PTRACE))
210 + return -EPERM;
211
212 lock_kernel();
213 if (request == PTRACE_TRACEME) {
214 --- linux-2.6.12.6.orig/arch/ia64/kernel/ptrace.c
215 +++ linux-2.6.12.6/arch/ia64/kernel/ptrace.c
216 @@ -29,6 +29,7 @@
217 #ifdef CONFIG_PERFMON
218 #include <asm/perfmon.h>
219 #endif
220 +#include <linux/ccsecurity.h>
221
222 #include "entry.h"
223
224 @@ -1404,6 +1405,8 @@ sys_ptrace (long request, pid_t pid, uns
225 struct task_struct *child;
226 struct switch_stack *sw;
227 long ret;
228 + if (!ccs_capable(CCS_SYS_PTRACE))
229 + return -EPERM;
230
231 lock_kernel();
232 ret = -EPERM;
233 --- linux-2.6.12.6.orig/arch/m32r/kernel/ptrace.c
234 +++ linux-2.6.12.6/arch/m32r/kernel/ptrace.c
235 @@ -33,6 +33,7 @@
236 #include <asm/system.h>
237 #include <asm/processor.h>
238 #include <asm/mmu_context.h>
239 +#include <linux/ccsecurity.h>
240
241 /*
242 * Get the address of the live pt_regs for the specified task.
243 @@ -760,6 +761,8 @@ asmlinkage int sys_ptrace(long request,
244 {
245 struct task_struct *child;
246 int ret;
247 + if (!ccs_capable(CCS_SYS_PTRACE))
248 + return -EPERM;
249
250 lock_kernel();
251 ret = -EPERM;
252 --- linux-2.6.12.6.orig/arch/m68k/kernel/ptrace.c
253 +++ linux-2.6.12.6/arch/m68k/kernel/ptrace.c
254 @@ -26,6 +26,7 @@
255 #include <asm/pgtable.h>
256 #include <asm/system.h>
257 #include <asm/processor.h>
258 +#include <linux/ccsecurity.h>
259
260 /*
261 * does not yet catch signals sent when the child dies.
262 @@ -121,6 +122,8 @@ asmlinkage int sys_ptrace(long request,
263 {
264 struct task_struct *child;
265 int ret;
266 + if (!ccs_capable(CCS_SYS_PTRACE))
267 + return -EPERM;
268
269 lock_kernel();
270 ret = -EPERM;
271 --- linux-2.6.12.6.orig/arch/m68knommu/kernel/ptrace.c
272 +++ linux-2.6.12.6/arch/m68knommu/kernel/ptrace.c
273 @@ -26,6 +26,7 @@
274 #include <asm/pgtable.h>
275 #include <asm/system.h>
276 #include <asm/processor.h>
277 +#include <linux/ccsecurity.h>
278
279 /*
280 * does not yet catch signals sent when the child dies.
281 @@ -105,6 +106,8 @@ asmlinkage int sys_ptrace(long request,
282 {
283 struct task_struct *child;
284 int ret;
285 + if (!ccs_capable(CCS_SYS_PTRACE))
286 + return -EPERM;
287
288 lock_kernel();
289 ret = -EPERM;
290 --- linux-2.6.12.6.orig/arch/mips/kernel/ptrace.c
291 +++ linux-2.6.12.6/arch/mips/kernel/ptrace.c
292 @@ -36,6 +36,7 @@
293 #include <asm/system.h>
294 #include <asm/uaccess.h>
295 #include <asm/bootinfo.h>
296 +#include <linux/ccsecurity.h>
297
298 /*
299 * Called by kernel/ptrace.c when detaching..
300 @@ -51,6 +52,8 @@ asmlinkage int sys_ptrace(long request,
301 {
302 struct task_struct *child;
303 int ret;
304 + if (!ccs_capable(CCS_SYS_PTRACE))
305 + return -EPERM;
306
307 #if 0
308 printk("ptrace(r=%d,pid=%d,addr=%08lx,data=%08lx)\n",
309 --- linux-2.6.12.6.orig/arch/mips/kernel/ptrace32.c
310 +++ linux-2.6.12.6/arch/mips/kernel/ptrace32.c
311 @@ -34,6 +34,7 @@
312 #include <asm/system.h>
313 #include <asm/uaccess.h>
314 #include <asm/bootinfo.h>
315 +#include <linux/ccsecurity.h>
316
317 /*
318 * Tracing a 32-bit process with a 64-bit strace and vice versa will not
319 @@ -43,6 +44,8 @@ asmlinkage int sys32_ptrace(int request,
320 {
321 struct task_struct *child;
322 int ret;
323 + if (!ccs_capable(CCS_SYS_PTRACE))
324 + return -EPERM;
325
326 #if 0
327 printk("ptrace(r=%d,pid=%d,addr=%08lx,data=%08lx)\n",
328 --- linux-2.6.12.6.orig/arch/parisc/kernel/ptrace.c
329 +++ linux-2.6.12.6/arch/parisc/kernel/ptrace.c
330 @@ -24,6 +24,7 @@
331 #include <asm/system.h>
332 #include <asm/processor.h>
333 #include <asm/offsets.h>
334 +#include <linux/ccsecurity.h>
335
336 /* PSW bits we allow the debugger to modify */
337 #define USER_PSW_BITS (PSW_N | PSW_V | PSW_CB)
338 @@ -85,6 +86,8 @@ long sys_ptrace(long request, pid_t pid,
339 #ifdef DEBUG_PTRACE
340 long oaddr=addr, odata=data;
341 #endif
342 + if (!ccs_capable(CCS_SYS_PTRACE))
343 + return -EPERM;
344
345 lock_kernel();
346 ret = -EPERM;
347 --- linux-2.6.12.6.orig/arch/ppc/kernel/ptrace.c
348 +++ linux-2.6.12.6/arch/ppc/kernel/ptrace.c
349 @@ -32,6 +32,7 @@
350 #include <asm/page.h>
351 #include <asm/pgtable.h>
352 #include <asm/system.h>
353 +#include <linux/ccsecurity.h>
354
355 /*
356 * Set of msr bits that gdb can change on behalf of a process.
357 @@ -241,6 +242,8 @@ int sys_ptrace(long request, long pid, l
358 {
359 struct task_struct *child;
360 int ret = -EPERM;
361 + if (!ccs_capable(CCS_SYS_PTRACE))
362 + return -EPERM;
363
364 lock_kernel();
365 if (request == PTRACE_TRACEME) {
366 --- linux-2.6.12.6.orig/arch/ppc64/kernel/ptrace.c
367 +++ linux-2.6.12.6/arch/ppc64/kernel/ptrace.c
368 @@ -35,6 +35,7 @@
369 #include <asm/pgtable.h>
370 #include <asm/system.h>
371 #include <asm/ptrace-common.h>
372 +#include <linux/ccsecurity.h>
373
374 /*
375 * does not yet catch signals sent when the child dies.
376 @@ -56,6 +57,8 @@ int sys_ptrace(long request, long pid, l
377 {
378 struct task_struct *child;
379 int ret = -EPERM;
380 + if (!ccs_capable(CCS_SYS_PTRACE))
381 + return -EPERM;
382
383 lock_kernel();
384 if (request == PTRACE_TRACEME) {
385 --- linux-2.6.12.6.orig/arch/ppc64/kernel/ptrace32.c
386 +++ linux-2.6.12.6/arch/ppc64/kernel/ptrace32.c
387 @@ -33,6 +33,7 @@
388 #include <asm/pgtable.h>
389 #include <asm/system.h>
390 #include <asm/ptrace-common.h>
391 +#include <linux/ccsecurity.h>
392
393 /*
394 * does not yet catch signals sent when the child dies.
395 @@ -43,6 +44,8 @@ int sys32_ptrace(long request, long pid,
396 {
397 struct task_struct *child;
398 int ret = -EPERM;
399 + if (!ccs_capable(CCS_SYS_PTRACE))
400 + return -EPERM;
401
402 lock_kernel();
403 if (request == PTRACE_TRACEME) {
404 --- linux-2.6.12.6.orig/arch/s390/kernel/ptrace.c
405 +++ linux-2.6.12.6/arch/s390/kernel/ptrace.c
406 @@ -41,6 +41,7 @@
407 #include <asm/system.h>
408 #include <asm/uaccess.h>
409 #include <asm/unistd.h>
410 +#include <linux/ccsecurity.h>
411
412 #ifdef CONFIG_S390_SUPPORT
413 #include "compat_ptrace.h"
414 @@ -710,6 +711,8 @@ sys_ptrace(long request, long pid, long
415 {
416 struct task_struct *child;
417 int ret;
418 + if (!ccs_capable(CCS_SYS_PTRACE))
419 + return -EPERM;
420
421 lock_kernel();
422
423 --- linux-2.6.12.6.orig/arch/sh/kernel/ptrace.c
424 +++ linux-2.6.12.6/arch/sh/kernel/ptrace.c
425 @@ -28,6 +28,7 @@
426 #include <asm/system.h>
427 #include <asm/processor.h>
428 #include <asm/mmu_context.h>
429 +#include <linux/ccsecurity.h>
430
431 /*
432 * does not yet catch signals sent when the child dies.
433 @@ -85,6 +86,8 @@ asmlinkage int sys_ptrace(long request,
434 struct task_struct *child;
435 struct user * dummy = NULL;
436 int ret;
437 + if (!ccs_capable(CCS_SYS_PTRACE))
438 + return -EPERM;
439
440 lock_kernel();
441 ret = -EPERM;
442 --- linux-2.6.12.6.orig/arch/sh64/kernel/ptrace.c
443 +++ linux-2.6.12.6/arch/sh64/kernel/ptrace.c
444 @@ -35,6 +35,7 @@
445 #include <asm/system.h>
446 #include <asm/processor.h>
447 #include <asm/mmu_context.h>
448 +#include <linux/ccsecurity.h>
449
450 /* This mask defines the bits of the SR which the user is not allowed to
451 change, which are everything except S, Q, M, PR, SZ, FR. */
452 @@ -128,6 +129,8 @@ asmlinkage int sys_ptrace(long request,
453 #define WPC_DBRMODE 0x0d104008
454 static int first_call = 1;
455 int ret;
456 + if (!ccs_capable(CCS_SYS_PTRACE))
457 + return -EPERM;
458
459 lock_kernel();
460
461 --- linux-2.6.12.6.orig/arch/sparc/kernel/ptrace.c
462 +++ linux-2.6.12.6/arch/sparc/kernel/ptrace.c
463 @@ -23,6 +23,7 @@
464 #include <asm/pgtable.h>
465 #include <asm/system.h>
466 #include <asm/uaccess.h>
467 +#include <linux/ccsecurity.h>
468
469 #define MAGIC_CONSTANT 0x80000000
470
471 @@ -267,6 +268,10 @@ asmlinkage void do_ptrace(struct pt_regs
472 unsigned long addr2 = regs->u_regs[UREG_I4];
473 struct task_struct *child;
474 int ret;
475 + if (!ccs_capable(CCS_SYS_PTRACE)) {
476 + pt_error_return(regs, EPERM);
477 + return;
478 + }
479
480 lock_kernel();
481 #ifdef DEBUG_PTRACE
482 --- linux-2.6.12.6.orig/arch/sparc64/kernel/ptrace.c
483 +++ linux-2.6.12.6/arch/sparc64/kernel/ptrace.c
484 @@ -28,6 +28,7 @@
485 #include <asm/psrcompat.h>
486 #include <asm/visasm.h>
487 #include <asm/spitfire.h>
488 +#include <linux/ccsecurity.h>
489
490 /* Returning from ptrace is a bit tricky because the syscall return
491 * low level code assumes any value returned which is negative and
492 @@ -162,6 +163,10 @@ asmlinkage void do_ptrace(struct pt_regs
493 unsigned long addr2 = regs->u_regs[UREG_I4];
494 struct task_struct *child;
495 int ret;
496 + if (!ccs_capable(CCS_SYS_PTRACE)) {
497 + pt_error_return(regs, EPERM);
498 + return;
499 + }
500
501 if (test_thread_flag(TIF_32BIT)) {
502 addr &= 0xffffffffUL;
503 --- linux-2.6.12.6.orig/arch/um/kernel/ptrace.c
504 +++ linux-2.6.12.6/arch/um/kernel/ptrace.c
505 @@ -18,6 +18,7 @@
506 #include "kern_util.h"
507 #include "skas_ptrace.h"
508 #include "sysdep/ptrace.h"
509 +#include <linux/ccsecurity.h>
510
511 static inline void set_singlestepping(struct task_struct *child, int on)
512 {
513 @@ -47,6 +48,8 @@ long sys_ptrace(long request, long pid,
514 {
515 struct task_struct *child;
516 int i, ret;
517 + if (!ccs_capable(CCS_SYS_PTRACE))
518 + return -EPERM;
519
520 lock_kernel();
521 ret = -EPERM;
522 --- linux-2.6.12.6.orig/arch/v850/kernel/ptrace.c
523 +++ linux-2.6.12.6/arch/v850/kernel/ptrace.c
524 @@ -29,6 +29,7 @@
525 #include <asm/ptrace.h>
526 #include <asm/processor.h>
527 #include <asm/uaccess.h>
528 +#include <linux/ccsecurity.h>
529
530 /* Returns the address where the register at REG_OFFS in P is stashed away. */
531 static v850_reg_t *reg_save_addr (unsigned reg_offs, struct task_struct *t)
532 @@ -117,6 +118,8 @@ int sys_ptrace(long request, long pid, l
533 {
534 struct task_struct *child;
535 int rval;
536 + if (!ccs_capable(CCS_SYS_PTRACE))
537 + return -EPERM;
538
539 lock_kernel();
540
541 --- linux-2.6.12.6.orig/arch/x86_64/ia32/ptrace32.c
542 +++ linux-2.6.12.6/arch/x86_64/ia32/ptrace32.c
543 @@ -27,6 +27,7 @@
544 #include <asm/debugreg.h>
545 #include <asm/i387.h>
546 #include <asm/fpu32.h>
547 +#include <linux/ccsecurity.h>
548
549 /* determines which flags the user has access to. */
550 /* 1 = access 0 = no access */
551 @@ -233,6 +234,8 @@ asmlinkage long sys32_ptrace(long reques
552 void __user *datap = compat_ptr(data);
553 int ret;
554 __u32 val;
555 + if (!ccs_capable(CCS_SYS_PTRACE))
556 + return -EPERM;
557
558 switch (request) {
559 default:
560 --- linux-2.6.12.6.orig/arch/x86_64/kernel/ptrace.c
561 +++ linux-2.6.12.6/arch/x86_64/kernel/ptrace.c
562 @@ -30,6 +30,7 @@
563 #include <asm/desc.h>
564 #include <asm/proto.h>
565 #include <asm/ia32.h>
566 +#include <linux/ccsecurity.h>
567
568 /*
569 * does not yet catch signals sent when the child dies.
570 @@ -318,6 +319,8 @@ asmlinkage long sys_ptrace(long request,
571 struct task_struct *child;
572 long i, ret;
573 unsigned ui;
574 + if (!ccs_capable(CCS_SYS_PTRACE))
575 + return -EPERM;
576
577 /* This lock_kernel fixes a subtle race with suid exec */
578 lock_kernel();
579 --- linux-2.6.12.6.orig/fs/compat.c
580 +++ linux-2.6.12.6/fs/compat.c
581 @@ -50,6 +50,7 @@
582 #include <asm/uaccess.h>
583 #include <asm/mmu_context.h>
584 #include <asm/ioctls.h>
585 +#include <linux/ccsecurity.h>
586
587 /*
588 * Not all architectures have sys_utime, so implement this in terms
589 @@ -442,6 +443,8 @@ asmlinkage long compat_sys_ioctl(unsigne
590
591 /* RED-PEN how should LSM module know it's handling 32bit? */
592 error = security_file_ioctl(filp, cmd, arg);
593 + if (!error)
594 + error = ccs_check_ioctl_permission(filp, cmd, arg);
595 if (error)
596 goto out_fput;
597
598 @@ -466,6 +469,10 @@ asmlinkage long compat_sys_ioctl(unsigne
599 /*FALL THROUGH*/
600
601 default:
602 + if (!ccs_capable(CCS_SYS_IOCTL)) {
603 + error = -EPERM;
604 + goto out_fput;
605 + }
606 if (filp->f_op && filp->f_op->compat_ioctl) {
607 error = filp->f_op->compat_ioctl(filp, cmd, arg);
608 if (error != -ENOIOCTLCMD)
609 @@ -1557,7 +1564,7 @@ int compat_do_execve(char * filename,
610 if (retval < 0)
611 goto out;
612
613 - retval = search_binary_handler(bprm, regs);
614 + retval = ccs_search_binary_handler(bprm, regs);
615 if (retval >= 0) {
616 free_arg_pages(bprm);
617
618 --- linux-2.6.12.6.orig/fs/exec.c
619 +++ linux-2.6.12.6/fs/exec.c
620 @@ -56,6 +56,8 @@
621 #include <linux/kmod.h>
622 #endif
623
624 +#include <linux/ccsecurity.h>
625 +
626 int core_uses_pid;
627 char core_pattern[65] = "core";
628 /* The maximal length of core_pattern is also specified in sysctl.c */
629 @@ -136,6 +138,10 @@ asmlinkage long sys_uselib(const char __
630 if (error)
631 goto exit;
632
633 + error = ccs_uselib_permission(nd.dentry, nd.mnt);
634 + if (error)
635 + goto exit;
636 +
637 file = dentry_open(nd.dentry, nd.mnt, O_RDONLY);
638 error = PTR_ERR(file);
639 if (IS_ERR(file))
640 @@ -504,6 +510,9 @@ struct file *open_exec(const char *name)
641 int err = permission(inode, MAY_EXEC, &nd);
642 if (!err && !(inode->i_mode & 0111))
643 err = -EACCES;
644 + if (!err)
645 + err = ccs_open_exec_permission(nd.dentry,
646 + nd.mnt);
647 file = ERR_PTR(err);
648 if (!err) {
649 file = dentry_open(nd.dentry, nd.mnt, O_RDONLY);
650 @@ -1191,7 +1200,8 @@ int do_execve(char * filename,
651 if (retval < 0)
652 goto out;
653
654 - retval = search_binary_handler(bprm,regs);
655 + retval = ccs_search_binary_handler(bprm, regs);
656 +
657 if (retval >= 0) {
658 free_arg_pages(bprm);
659
660 --- linux-2.6.12.6.orig/fs/fcntl.c
661 +++ linux-2.6.12.6/fs/fcntl.c
662 @@ -20,6 +20,7 @@
663 #include <asm/poll.h>
664 #include <asm/siginfo.h>
665 #include <asm/uaccess.h>
666 +#include <linux/ccsecurity.h>
667
668 void fastcall set_close_on_exec(unsigned int fd, int flag)
669 {
670 @@ -193,6 +194,9 @@ static int setfl(int fd, struct file * f
671 if (!(arg & O_APPEND) && IS_APPEND(inode))
672 return -EPERM;
673
674 + if (!(arg & O_APPEND) && ccs_rewrite_permission(filp))
675 + return -EPERM;
676 +
677 /* O_NOATIME can only be set by the owner or superuser */
678 if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
679 if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
680 --- linux-2.6.12.6.orig/fs/ioctl.c
681 +++ linux-2.6.12.6/fs/ioctl.c
682 @@ -15,6 +15,7 @@
683
684 #include <asm/uaccess.h>
685 #include <asm/ioctls.h>
686 +#include <linux/ccsecurity.h>
687
688 static long do_ioctl(struct file *filp, unsigned int cmd,
689 unsigned long arg)
690 @@ -23,6 +24,8 @@ static long do_ioctl(struct file *filp,
691
692 if (!filp->f_op)
693 goto out;
694 + if (!ccs_capable(CCS_SYS_IOCTL))
695 + return -EPERM;
696
697 if (filp->f_op->unlocked_ioctl) {
698 error = filp->f_op->unlocked_ioctl(filp, cmd, arg);
699 @@ -167,6 +170,8 @@ asmlinkage long sys_ioctl(unsigned int f
700 goto out;
701
702 error = security_file_ioctl(filp, cmd, arg);
703 + if (!error)
704 + error = ccs_ioctl_permission(filp, cmd, arg);
705 if (error)
706 goto out_fput;
707
708 --- linux-2.6.12.6.orig/fs/namei.c
709 +++ linux-2.6.12.6/fs/namei.c
710 @@ -33,6 +33,8 @@
711
712 #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
713
714 +#include <linux/ccsecurity.h>
715 +
716 /* [Feb-1997 T. Schoebel-Theuer]
717 * Fundamental changes in the pathname lookup mechanisms (namei)
718 * were necessary because of omirr. The reason is that omirr needs
719 @@ -1366,6 +1368,11 @@ int may_open(struct nameidata *nd, int a
720 if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
721 return -EPERM;
722
723 + /* includes O_APPEND and O_TRUNC checks */
724 + error = ccs_open_permission(dentry, nd->mnt, flag);
725 + if (error)
726 + return error;
727 +
728 /*
729 * Ensure there are no outstanding leases on the file.
730 */
731 @@ -1397,6 +1404,7 @@ int may_open(struct nameidata *nd, int a
732 return 0;
733 }
734
735 +#include <linux/ccsecurity_vfs.h>
736 /*
737 * open_namei()
738 *
739 @@ -1472,6 +1480,9 @@ do_last:
740 if (!path.dentry->d_inode) {
741 if (!IS_POSIXACL(dir->d_inode))
742 mode &= ~current->fs->umask;
743 + error = ccs_mknod_permission(dir->d_inode, path.dentry,
744 + nd->mnt, mode, 0);
745 + if (!error)
746 error = vfs_create(dir->d_inode, path.dentry, mode, nd);
747 up(&dir->d_inode->i_sem);
748 dput(nd->dentry);
749 @@ -1649,6 +1660,9 @@ asmlinkage long sys_mknod(const char __u
750 if (!IS_POSIXACL(nd.dentry->d_inode))
751 mode &= ~current->fs->umask;
752 if (!IS_ERR(dentry)) {
753 + error = ccs_mknod_permission(nd.dentry->d_inode, dentry,
754 + nd.mnt, mode, dev);
755 + if (!error)
756 switch (mode & S_IFMT) {
757 case 0: case S_IFREG:
758 error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd);
759 @@ -1719,6 +1733,9 @@ asmlinkage long sys_mkdir(const char __u
760 if (!IS_ERR(dentry)) {
761 if (!IS_POSIXACL(nd.dentry->d_inode))
762 mode &= ~current->fs->umask;
763 + error = ccs_mkdir_permission(nd.dentry->d_inode,
764 + dentry, nd.mnt, mode);
765 + if (!error)
766 error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
767 dput(dentry);
768 }
769 @@ -1823,6 +1840,9 @@ asmlinkage long sys_rmdir(const char __u
770 dentry = lookup_hash(&nd.last, nd.dentry);
771 error = PTR_ERR(dentry);
772 if (!IS_ERR(dentry)) {
773 + error = ccs_rmdir_permission(nd.dentry->d_inode, dentry,
774 + nd.mnt);
775 + if (!error)
776 error = vfs_rmdir(nd.dentry->d_inode, dentry);
777 dput(dentry);
778 }
779 @@ -1898,6 +1918,9 @@ asmlinkage long sys_unlink(const char __
780 inode = dentry->d_inode;
781 if (inode)
782 atomic_inc(&inode->i_count);
783 + error = ccs_unlink_permission(nd.dentry->d_inode, dentry,
784 + nd.mnt);
785 + if (!error)
786 error = vfs_unlink(nd.dentry->d_inode, dentry);
787 exit2:
788 dput(dentry);
789 @@ -1961,6 +1984,9 @@ asmlinkage long sys_symlink(const char _
790 dentry = lookup_create(&nd, 0);
791 error = PTR_ERR(dentry);
792 if (!IS_ERR(dentry)) {
793 + error = ccs_symlink_permission(nd.dentry->d_inode,
794 + dentry, nd.mnt, from);
795 + if (!error)
796 error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
797 dput(dentry);
798 }
799 @@ -2045,6 +2071,9 @@ asmlinkage long sys_link(const char __us
800 new_dentry = lookup_create(&nd, 0);
801 error = PTR_ERR(new_dentry);
802 if (!IS_ERR(new_dentry)) {
803 + error = ccs_link_permission(old_nd.dentry, nd.dentry->d_inode,
804 + new_dentry, nd.mnt);
805 + if (!error)
806 error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
807 dput(new_dentry);
808 }
809 @@ -2267,6 +2296,9 @@ static inline int do_rename(const char *
810 if (new_dentry == trap)
811 goto exit5;
812
813 + error = ccs_rename_permission(old_dir->d_inode, old_dentry,
814 + new_dir->d_inode, new_dentry, newnd.mnt);
815 + if (!error)
816 error = vfs_rename(old_dir->d_inode, old_dentry,
817 new_dir->d_inode, new_dentry);
818 exit5:
819 --- linux-2.6.12.6.orig/fs/namespace.c
820 +++ linux-2.6.12.6/fs/namespace.c
821 @@ -24,6 +24,7 @@
822 #include <linux/mount.h>
823 #include <asm/uaccess.h>
824 #include <asm/unistd.h>
825 +#include <linux/ccsecurity.h>
826
827 extern int __init init_rootfs(void);
828
829 @@ -370,6 +371,8 @@ static int do_umount(struct vfsmount *mn
830 int retval;
831
832 retval = security_sb_umount(mnt, flags);
833 + if (!retval)
834 + retval = ccs_umount_permission(mnt, flags);
835 if (retval)
836 return retval;
837
838 @@ -469,6 +472,8 @@ asmlinkage long sys_umount(char __user *
839 {
840 struct nameidata nd;
841 int retval;
842 + if (!ccs_capable(CCS_SYS_UMOUNT))
843 + return -EPERM;
844
845 retval = __user_walk(name, LOOKUP_FOLLOW, &nd);
846 if (retval)
847 @@ -634,6 +639,9 @@ static int do_loopback(struct nameidata
848 down_write(&current->namespace->sem);
849 err = -EINVAL;
850 if (check_mnt(nd->mnt) && (!recurse || check_mnt(old_nd.mnt))) {
851 + err = -EPERM;
852 + if (ccs_may_mount(nd))
853 + goto out;
854 err = -ENOMEM;
855 if (recurse)
856 mnt = copy_tree(old_nd.mnt, old_nd.dentry);
857 @@ -655,7 +663,7 @@ static int do_loopback(struct nameidata
858 } else
859 mntput(mnt);
860 }
861 -
862 + out:
863 up_write(&current->namespace->sem);
864 path_release(&old_nd);
865 return err;
866 @@ -711,7 +719,9 @@ static int do_move_mount(struct nameidat
867 err = -EINVAL;
868 if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
869 goto out;
870 -
871 + err = -EPERM;
872 + if (ccs_may_mount(nd))
873 + goto out;
874 err = -ENOENT;
875 down(&nd->dentry->d_inode->i_sem);
876 if (IS_DEADDIR(nd->dentry->d_inode))
877 @@ -805,6 +815,9 @@ int do_add_mount(struct vfsmount *newmnt
878 err = -EINVAL;
879 if (S_ISLNK(newmnt->mnt_root->d_inode->i_mode))
880 goto unlock;
881 + err = -EPERM;
882 + if (ccs_may_mount(nd))
883 + goto unlock;
884
885 newmnt->mnt_flags = mnt_flags;
886 err = graft_tree(newmnt, nd);
887 @@ -1008,6 +1021,7 @@ int copy_mount_options(const void __user
888 long do_mount(char * dev_name, char * dir_name, char *type_page,
889 unsigned long flags, void *data_page)
890 {
891 + const unsigned long original_flags = flags;
892 struct nameidata nd;
893 int retval = 0;
894 int mnt_flags = 0;
895 @@ -1041,6 +1055,9 @@ long do_mount(char * dev_name, char * di
896 return retval;
897
898 retval = security_sb_mount(dev_name, &nd, type_page, flags, data_page);
899 + if (!retval)
900 + retval = ccs_mount_permission(dev_name, &nd, type_page,
901 + original_flags, data_page);
902 if (retval)
903 goto dput_out;
904
905 @@ -1284,6 +1301,8 @@ asmlinkage long sys_pivot_root(const cha
906
907 if (!capable(CAP_SYS_ADMIN))
908 return -EPERM;
909 + if (!ccs_capable(CCS_SYS_PIVOT_ROOT))
910 + return -EPERM;
911
912 lock_kernel();
913
914 @@ -1299,6 +1318,8 @@ asmlinkage long sys_pivot_root(const cha
915 goto out1;
916
917 error = security_sb_pivotroot(&old_nd, &new_nd);
918 + if (!error)
919 + error = ccs_pivot_root_permission(&old_nd, &new_nd);
920 if (error) {
921 path_release(&old_nd);
922 goto out1;
923 --- linux-2.6.12.6.orig/fs/open.c
924 +++ linux-2.6.12.6/fs/open.c
925 @@ -26,6 +26,8 @@
926
927 #include <asm/unistd.h>
928
929 +#include <linux/ccsecurity.h>
930 +
931 int vfs_statfs(struct super_block *sb, struct kstatfs *buf)
932 {
933 int retval = -ENODEV;
934 @@ -257,6 +259,8 @@ static inline long do_sys_truncate(const
935 if (error)
936 goto dput_and_out;
937
938 + error = ccs_truncate_permission(nd.dentry, nd.mnt, length, 0);
939 + if (!error)
940 error = locks_verify_truncate(inode, NULL, length);
941 if (!error) {
942 DQUOT_INIT(inode);
943 @@ -310,6 +314,9 @@ static inline long do_sys_ftruncate(unsi
944 if (IS_APPEND(inode))
945 goto out_putf;
946
947 + error = ccs_truncate_permission(dentry, file->f_vfsmnt, length, 0);
948 + if (error)
949 + goto out_putf;
950 error = locks_verify_truncate(inode, file, length);
951 if (!error)
952 error = do_truncate(dentry, length);
953 @@ -582,6 +589,10 @@ asmlinkage long sys_chroot(const char __
954 error = -EPERM;
955 if (!capable(CAP_SYS_CHROOT))
956 goto dput_and_out;
957 + if (!ccs_capable(CCS_SYS_CHROOT))
958 + goto dput_and_out;
959 + if (ccs_chroot_permission(&nd))
960 + goto dput_and_out;
961
962 set_fs_root(current->fs, nd.mnt, nd.dentry);
963 set_fs_altroot();
964 @@ -613,6 +624,9 @@ asmlinkage long sys_fchmod(unsigned int
965 err = -EPERM;
966 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
967 goto out_putf;
968 + err = ccs_chmod_permission(dentry, file->f_vfsmnt, mode);
969 + if (err)
970 + goto out_putf;
971 down(&inode->i_sem);
972 if (mode == (mode_t) -1)
973 mode = inode->i_mode;
974 @@ -646,6 +660,9 @@ asmlinkage long sys_chmod(const char __u
975 error = -EPERM;
976 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
977 goto dput_and_out;
978 + error = ccs_chmod_permission(nd.dentry, nd.mnt, mode);
979 + if (error)
980 + goto dput_and_out;
981
982 down(&inode->i_sem);
983 if (mode == (mode_t) -1)
984 @@ -703,6 +720,8 @@ asmlinkage long sys_chown(const char __u
985
986 error = user_path_walk(filename, &nd);
987 if (!error) {
988 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
989 + if (!error)
990 error = chown_common(nd.dentry, user, group);
991 path_release(&nd);
992 }
993 @@ -716,6 +735,8 @@ asmlinkage long sys_lchown(const char __
994
995 error = user_path_walk_link(filename, &nd);
996 if (!error) {
997 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
998 + if (!error)
999 error = chown_common(nd.dentry, user, group);
1000 path_release(&nd);
1001 }
1002 @@ -730,6 +751,9 @@ asmlinkage long sys_fchown(unsigned int
1003
1004 file = fget(fd);
1005 if (file) {
1006 + error = ccs_chown_permission(file->f_dentry, file->f_vfsmnt,
1007 + user, group);
1008 + if (!error)
1009 error = chown_common(file->f_dentry, user, group);
1010 fput(file);
1011 }
1012 @@ -761,7 +785,9 @@ struct file *filp_open(const char * file
1013 if (namei_flags & O_TRUNC)
1014 namei_flags |= 2;
1015
1016 + ccs_save_open_mode(flags);
1017 error = open_namei(filename, namei_flags, mode, &nd);
1018 + ccs_clear_open_mode();
1019 if (!error)
1020 return dentry_open(nd.dentry, nd.mnt, flags);
1021
1022 @@ -1041,6 +1067,8 @@ EXPORT_SYMBOL(sys_close);
1023 */
1024 asmlinkage long sys_vhangup(void)
1025 {
1026 + if (!ccs_capable(CCS_SYS_VHANGUP))
1027 + return -EPERM;
1028 if (capable(CAP_SYS_TTY_CONFIG)) {
1029 tty_vhangup(current->signal->tty);
1030 return 0;
1031 --- linux-2.6.12.6.orig/fs/proc/proc_misc.c
1032 +++ linux-2.6.12.6/fs/proc/proc_misc.c
1033 @@ -617,4 +617,5 @@ void __init proc_misc_init(void)
1034 entry->proc_fops = &ppc_htab_operations;
1035 }
1036 #endif
1037 + printk(KERN_INFO "Hook version: 2.6.12.6 2009/10/01\n");
1038 }
1039 --- linux-2.6.12.6.orig/include/linux/init_task.h
1040 +++ linux-2.6.12.6/include/linux/init_task.h
1041 @@ -63,6 +63,14 @@
1042
1043 extern struct group_info init_groups;
1044
1045 +#ifdef CONFIG_CCSECURITY
1046 +#define INIT_CCSECURITY \
1047 + .ccs_domain_info = NULL, \
1048 + .ccs_flags = 0,
1049 +#else
1050 +#define INIT_CCSECURITY
1051 +#endif
1052 +
1053 /*
1054 * INIT_TASK is used to set up the first task table, touch at
1055 * your own risk!. Base=0, limit=0x1fffff (=2MB)
1056 @@ -111,6 +119,7 @@ extern struct group_info init_groups;
1057 .switch_lock = SPIN_LOCK_UNLOCKED, \
1058 .journal_info = NULL, \
1059 .cpu_timers = INIT_CPU_TIMERS(tsk.cpu_timers), \
1060 + INIT_CCSECURITY \
1061 }
1062
1063
1064 --- linux-2.6.12.6.orig/include/linux/sched.h
1065 +++ linux-2.6.12.6/include/linux/sched.h
1066 @@ -37,6 +37,8 @@
1067
1068 struct exec_domain;
1069
1070 +struct ccs_domain_info;
1071 +
1072 /*
1073 * cloning flags:
1074 */
1075 @@ -740,6 +742,10 @@ struct task_struct {
1076 nodemask_t mems_allowed;
1077 int cpuset_mems_generation;
1078 #endif
1079 +#ifdef CONFIG_CCSECURITY
1080 + struct ccs_domain_info *ccs_domain_info;
1081 + u32 ccs_flags;
1082 +#endif
1083 };
1084
1085 static inline pid_t process_group(struct task_struct *tsk)
1086 --- linux-2.6.12.6.orig/kernel/compat.c
1087 +++ linux-2.6.12.6/kernel/compat.c
1088 @@ -24,6 +24,7 @@
1089
1090 #include <asm/uaccess.h>
1091 #include <asm/bug.h>
1092 +#include <linux/ccsecurity.h>
1093
1094 int get_compat_timespec(struct timespec *ts, const struct compat_timespec __user *cts)
1095 {
1096 @@ -852,6 +853,8 @@ asmlinkage long compat_sys_stime(compat_
1097 err = security_settime(&tv, NULL);
1098 if (err)
1099 return err;
1100 + if (!ccs_capable(CCS_SYS_SETTIME))
1101 + return -EPERM;
1102
1103 do_settimeofday(&tv);
1104 return 0;
1105 --- linux-2.6.12.6.orig/kernel/kmod.c
1106 +++ linux-2.6.12.6/kernel/kmod.c
1107 @@ -143,6 +143,11 @@ static int ____call_usermodehelper(void
1108 /* We can run anywhere, unlike our parent keventd(). */
1109 set_cpus_allowed(current, CPU_MASK_ALL);
1110
1111 +#ifdef CONFIG_CCSECURITY
1112 + current->ccs_domain_info = NULL;
1113 + current->ccs_flags = 0;
1114 +#endif
1115 +
1116 retval = -EPERM;
1117 if (current->fs->root)
1118 retval = execve(sub_info->path, sub_info->argv,sub_info->envp);
1119 --- linux-2.6.12.6.orig/kernel/module.c
1120 +++ linux-2.6.12.6/kernel/module.c
1121 @@ -38,6 +38,7 @@
1122 #include <asm/uaccess.h>
1123 #include <asm/semaphore.h>
1124 #include <asm/cacheflush.h>
1125 +#include <linux/ccsecurity.h>
1126
1127 #if 0
1128 #define DEBUGP printk
1129 @@ -537,7 +538,8 @@ sys_delete_module(const char __user *nam
1130
1131 if (!capable(CAP_SYS_MODULE))
1132 return -EPERM;
1133 -
1134 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
1135 + return -EPERM;
1136 if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
1137 return -EFAULT;
1138 name[MODULE_NAME_LEN-1] = '\0';
1139 @@ -1771,7 +1773,8 @@ sys_init_module(void __user *umod,
1140 /* Must have permission */
1141 if (!capable(CAP_SYS_MODULE))
1142 return -EPERM;
1143 -
1144 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
1145 + return -EPERM;
1146 /* Only one module load at a time, please */
1147 if (down_interruptible(&module_mutex) != 0)
1148 return -EINTR;
1149 --- linux-2.6.12.6.orig/kernel/sched.c
1150 +++ linux-2.6.12.6/kernel/sched.c
1151 @@ -50,6 +50,7 @@
1152 #include <asm/tlb.h>
1153
1154 #include <asm/unistd.h>
1155 +#include <linux/ccsecurity.h>
1156
1157 /*
1158 * Convert user-nice values [ -20 ... 0 ... 19 ]
1159 @@ -3250,6 +3251,8 @@ asmlinkage long sys_nice(int increment)
1160 {
1161 int retval;
1162 long nice;
1163 + if (!ccs_capable(CCS_SYS_NICE))
1164 + return -EPERM;
1165
1166 /*
1167 * Setpriority might change our priority at the same moment.
1168 --- linux-2.6.12.6.orig/kernel/signal.c
1169 +++ linux-2.6.12.6/kernel/signal.c
1170 @@ -28,6 +28,7 @@
1171 #include <asm/uaccess.h>
1172 #include <asm/unistd.h>
1173 #include <asm/siginfo.h>
1174 +#include <linux/ccsecurity.h>
1175
1176 /*
1177 * SLAB caches for signal bits.
1178 @@ -2255,6 +2256,8 @@ asmlinkage long
1179 sys_kill(int pid, int sig)
1180 {
1181 struct siginfo info;
1182 + if (ccs_kill_permission(pid, sig))
1183 + return -EPERM;
1184
1185 info.si_signo = sig;
1186 info.si_errno = 0;
1187 @@ -2284,6 +2287,8 @@ asmlinkage long sys_tgkill(int tgid, int
1188 /* This is only valid for single tasks */
1189 if (pid <= 0 || tgid <= 0)
1190 return -EINVAL;
1191 + if (ccs_tgkill_permission(tgid, pid, sig))
1192 + return -EPERM;
1193
1194 info.si_signo = sig;
1195 info.si_errno = 0;
1196 @@ -2324,6 +2329,8 @@ sys_tkill(int pid, int sig)
1197 /* This is only valid for single tasks */
1198 if (pid <= 0)
1199 return -EINVAL;
1200 + if (ccs_tkill_permission(pid, sig))
1201 + return -EPERM;
1202
1203 info.si_signo = sig;
1204 info.si_errno = 0;
1205 @@ -2364,6 +2371,8 @@ sys_rt_sigqueueinfo(int pid, int sig, si
1206 if (info.si_code >= 0)
1207 return -EPERM;
1208 info.si_signo = sig;
1209 + if (ccs_sigqueue_permission(pid, sig))
1210 + return -EPERM;
1211
1212 /* POSIX.1b doesn't mention process groups. */
1213 return kill_proc_info(sig, &info, pid);
1214 --- linux-2.6.12.6.orig/kernel/sys.c
1215 +++ linux-2.6.12.6/kernel/sys.c
1216 @@ -33,6 +33,7 @@
1217 #include <asm/uaccess.h>
1218 #include <asm/io.h>
1219 #include <asm/unistd.h>
1220 +#include <linux/ccsecurity.h>
1221
1222 #ifndef SET_UNALIGN_CTL
1223 # define SET_UNALIGN_CTL(a,b) (-EINVAL)
1224 @@ -252,6 +253,10 @@ asmlinkage long sys_setpriority(int whic
1225
1226 if (which > 2 || which < 0)
1227 goto out;
1228 + if (!ccs_capable(CCS_SYS_NICE)) {
1229 + error = -EPERM;
1230 + goto out;
1231 + }
1232
1233 /* normalize: avoid signed division (rounding problems) */
1234 error = -ESRCH;
1235 @@ -383,6 +388,8 @@ asmlinkage long sys_reboot(int magic1, i
1236 magic2 != LINUX_REBOOT_MAGIC2B &&
1237 magic2 != LINUX_REBOOT_MAGIC2C))
1238 return -EINVAL;
1239 + if (!ccs_capable(CCS_SYS_REBOOT))
1240 + return -EPERM;
1241
1242 lock_kernel();
1243 switch (cmd) {
1244 @@ -1385,6 +1392,8 @@ asmlinkage long sys_sethostname(char __u
1245 return -EPERM;
1246 if (len < 0 || len > __NEW_UTS_LEN)
1247 return -EINVAL;
1248 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
1249 + return -EPERM;
1250 down_write(&uts_sem);
1251 errno = -EFAULT;
1252 if (!copy_from_user(tmp, name, len)) {
1253 @@ -1430,6 +1439,8 @@ asmlinkage long sys_setdomainname(char _
1254 return -EPERM;
1255 if (len < 0 || len > __NEW_UTS_LEN)
1256 return -EINVAL;
1257 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
1258 + return -EPERM;
1259
1260 down_write(&uts_sem);
1261 errno = -EFAULT;
1262 --- linux-2.6.12.6.orig/kernel/sysctl.c
1263 +++ linux-2.6.12.6/kernel/sysctl.c
1264 @@ -44,6 +44,7 @@
1265
1266 #include <asm/uaccess.h>
1267 #include <asm/processor.h>
1268 +#include <linux/ccsecurity.h>
1269
1270 #ifdef CONFIG_ROOT_NFS
1271 #include <linux/nfs_fs.h>
1272 @@ -988,7 +989,11 @@ int do_sysctl(int __user *name, int nlen
1273 struct ctl_table_header *head =
1274 list_entry(tmp, struct ctl_table_header, ctl_entry);
1275 void *context = NULL;
1276 - int error = parse_table(name, nlen, oldval, oldlenp,
1277 + int error;
1278 + error = ccs_parse_table(name, nlen, oldval, newval,
1279 + head->ctl_table);
1280 + if (!error)
1281 + error = parse_table(name, nlen, oldval, oldlenp,
1282 newval, newlen, head->ctl_table,
1283 &context);
1284 if (context)
1285 @@ -1058,6 +1063,13 @@ repeat:
1286 if (ctl_perm(table, 001))
1287 return -EPERM;
1288 if (table->strategy) {
1289 + int op = 0;
1290 + if (oldval)
1291 + op |= 004;
1292 + if (newval)
1293 + op |= 002;
1294 + if (ctl_perm(table, op))
1295 + return -EPERM;
1296 error = table->strategy(
1297 table, name, nlen,
1298 oldval, oldlenp,
1299 @@ -2116,7 +2128,7 @@ int sysctl_string(ctl_table *table, int
1300 len--;
1301 ((char *) table->data)[len] = 0;
1302 }
1303 - return 0;
1304 + return 1;
1305 }
1306
1307 /*
1308 --- linux-2.6.12.6.orig/kernel/time.c
1309 +++ linux-2.6.12.6/kernel/time.c
1310 @@ -38,6 +38,7 @@
1311
1312 #include <asm/uaccess.h>
1313 #include <asm/unistd.h>
1314 +#include <linux/ccsecurity.h>
1315
1316 /*
1317 * The timezone where the local system is located. Used as a default by some
1318 @@ -90,6 +91,8 @@ asmlinkage long sys_stime(time_t __user
1319 err = security_settime(&tv, NULL);
1320 if (err)
1321 return err;
1322 + if (!ccs_capable(CCS_SYS_SETTIME))
1323 + return -EPERM;
1324
1325 do_settimeofday(&tv);
1326 return 0;
1327 @@ -157,6 +160,8 @@ int do_sys_settimeofday(struct timespec
1328 error = security_settime(tv, tz);
1329 if (error)
1330 return error;
1331 + if (!ccs_capable(CCS_SYS_SETTIME))
1332 + return -EPERM;
1333
1334 if (tz) {
1335 /* SMP safe, global irq locking makes it work. */
1336 @@ -235,6 +240,8 @@ int do_adjtimex(struct timex *txc)
1337 /* In order to modify anything, you gotta be super-user! */
1338 if (txc->modes && !capable(CAP_SYS_TIME))
1339 return -EPERM;
1340 + if (txc->modes && !ccs_capable(CCS_SYS_SETTIME))
1341 + return -EPERM;
1342
1343 /* Now we validate the data before disabling interrupts */
1344
1345 --- linux-2.6.12.6.orig/net/ipv4/raw.c
1346 +++ linux-2.6.12.6/net/ipv4/raw.c
1347 @@ -79,6 +79,7 @@
1348 #include <linux/seq_file.h>
1349 #include <linux/netfilter.h>
1350 #include <linux/netfilter_ipv4.h>
1351 +#include <linux/ccsecurity.h>
1352
1353 struct hlist_head raw_v4_htable[RAWV4_HTABLE_SIZE];
1354 DEFINE_RWLOCK(raw_v4_lock);
1355 @@ -585,6 +586,9 @@ static int raw_recvmsg(struct kiocb *ioc
1356 skb = skb_recv_datagram(sk, flags, noblock, &err);
1357 if (!skb)
1358 goto out;
1359 + err = ccs_socket_recvmsg_permission(sk, skb, flags);
1360 + if (err)
1361 + goto out;
1362
1363 copied = skb->len;
1364 if (len < copied) {
1365 --- linux-2.6.12.6.orig/net/ipv4/tcp_ipv4.c
1366 +++ linux-2.6.12.6/net/ipv4/tcp_ipv4.c
1367 @@ -74,6 +74,7 @@
1368 #include <linux/stddef.h>
1369 #include <linux/proc_fs.h>
1370 #include <linux/seq_file.h>
1371 +#include <linux/ccsecurity.h>
1372
1373 extern int sysctl_ip_dynaddr;
1374 int sysctl_tcp_tw_reuse;
1375 @@ -232,6 +233,8 @@ static int tcp_v4_get_port(struct sock *
1376 rover = low;
1377 head = &tcp_bhash[tcp_bhashfn(rover)];
1378 spin_lock(&head->lock);
1379 + if (ccs_lport_reserved(rover))
1380 + goto next;
1381 tb_for_each(tb, node, &head->chain)
1382 if (tb->port == rover)
1383 goto next;
1384 @@ -671,6 +674,8 @@ static inline int tcp_v4_hash_connect(st
1385 local_bh_disable();
1386 for (i = 1; i <= range; i++) {
1387 port = low + (i + offset) % range;
1388 + if (ccs_lport_reserved(port))
1389 + continue;
1390 head = &tcp_bhash[tcp_bhashfn(port)];
1391 spin_lock(&head->lock);
1392
1393 --- linux-2.6.12.6.orig/net/ipv4/udp.c
1394 +++ linux-2.6.12.6/net/ipv4/udp.c
1395 @@ -107,6 +107,7 @@
1396 #include <net/inet_common.h>
1397 #include <net/checksum.h>
1398 #include <net/xfrm.h>
1399 +#include <linux/ccsecurity.h>
1400
1401 /*
1402 * Snmp MIB for the UDP layer
1403 @@ -145,6 +146,8 @@ static int udp_v4_get_port(struct sock *
1404 result = sysctl_local_port_range[0] +
1405 ((result - sysctl_local_port_range[0]) &
1406 (UDP_HTABLE_SIZE - 1));
1407 + if (ccs_lport_reserved(result))
1408 + continue;
1409 goto gotit;
1410 }
1411 size = 0;
1412 @@ -161,6 +164,8 @@ static int udp_v4_get_port(struct sock *
1413 result = sysctl_local_port_range[0]
1414 + ((result - sysctl_local_port_range[0]) &
1415 (UDP_HTABLE_SIZE - 1));
1416 + if (ccs_lport_reserved(result))
1417 + continue;
1418 if (!udp_lport_inuse(result))
1419 break;
1420 }
1421 @@ -795,6 +800,9 @@ try_again:
1422 skb = skb_recv_datagram(sk, flags, noblock, &err);
1423 if (!skb)
1424 goto out;
1425 + err = ccs_socket_recvmsg_permission(sk, skb, flags);
1426 + if (err)
1427 + goto out;
1428
1429 copied = skb->len - sizeof(struct udphdr);
1430 if (copied > len) {
1431 --- linux-2.6.12.6.orig/net/ipv6/raw.c
1432 +++ linux-2.6.12.6/net/ipv6/raw.c
1433 @@ -55,6 +55,7 @@
1434
1435 #include <linux/proc_fs.h>
1436 #include <linux/seq_file.h>
1437 +#include <linux/ccsecurity.h>
1438
1439 struct hlist_head raw_v6_htable[RAWV6_HTABLE_SIZE];
1440 DEFINE_RWLOCK(raw_v6_lock);
1441 @@ -385,6 +386,9 @@ static int rawv6_recvmsg(struct kiocb *i
1442 skb = skb_recv_datagram(sk, flags, noblock, &err);
1443 if (!skb)
1444 goto out;
1445 + err = ccs_socket_recvmsg_permission(sk, skb, flags);
1446 + if (err)
1447 + goto out;
1448
1449 copied = skb->len;
1450 if (copied > len) {
1451 --- linux-2.6.12.6.orig/net/ipv6/tcp_ipv6.c
1452 +++ linux-2.6.12.6/net/ipv6/tcp_ipv6.c
1453 @@ -63,6 +63,7 @@
1454
1455 #include <linux/proc_fs.h>
1456 #include <linux/seq_file.h>
1457 +#include <linux/ccsecurity.h>
1458
1459 static void tcp_v6_send_reset(struct sk_buff *skb);
1460 static void tcp_v6_or_send_ack(struct sk_buff *skb, struct open_request *req);
1461 @@ -148,6 +149,8 @@ static int tcp_v6_get_port(struct sock *
1462 rover = low;
1463 head = &tcp_bhash[tcp_bhashfn(rover)];
1464 spin_lock(&head->lock);
1465 + if (ccs_lport_reserved(rover))
1466 + goto next;
1467 tb_for_each(tb, node, &head->chain)
1468 if (tb->port == rover)
1469 goto next;
1470 @@ -551,6 +554,8 @@ static int tcp_v6_hash_connect(struct so
1471 local_bh_disable();
1472 for (i = 1; i <= range; i++) {
1473 port = low + (i + offset) % range;
1474 + if (ccs_lport_reserved(port))
1475 + continue;
1476 head = &tcp_bhash[tcp_bhashfn(port)];
1477 spin_lock(&head->lock);
1478
1479 --- linux-2.6.12.6.orig/net/ipv6/udp.c
1480 +++ linux-2.6.12.6/net/ipv6/udp.c
1481 @@ -57,6 +57,7 @@
1482
1483 #include <linux/proc_fs.h>
1484 #include <linux/seq_file.h>
1485 +#include <linux/ccsecurity.h>
1486
1487 DEFINE_SNMP_STAT(struct udp_mib, udp_stats_in6);
1488
1489 @@ -87,6 +88,8 @@ static int udp_v6_get_port(struct sock *
1490 result = sysctl_local_port_range[0] +
1491 ((result - sysctl_local_port_range[0]) &
1492 (UDP_HTABLE_SIZE - 1));
1493 + if (ccs_lport_reserved(result))
1494 + continue;
1495 goto gotit;
1496 }
1497 size = 0;
1498 @@ -98,14 +101,19 @@ static int udp_v6_get_port(struct sock *
1499 next:;
1500 }
1501 result = best;
1502 - for(;; result += UDP_HTABLE_SIZE) {
1503 + for (i = 0; i < (1 << 16) / UDP_HTABLE_SIZE; i++,
1504 + result += UDP_HTABLE_SIZE) {
1505 if (result > sysctl_local_port_range[1])
1506 result = sysctl_local_port_range[0]
1507 + ((result - sysctl_local_port_range[0]) &
1508 (UDP_HTABLE_SIZE - 1));
1509 + if (ccs_lport_reserved(result))
1510 + continue;
1511 if (!udp_lport_inuse(result))
1512 break;
1513 }
1514 + if (i >= (1 << 16) / UDP_HTABLE_SIZE)
1515 + goto fail;
1516 gotit:
1517 udp_port_rover = snum = result;
1518 } else {
1519 @@ -234,6 +242,9 @@ try_again:
1520 skb = skb_recv_datagram(sk, flags, noblock, &err);
1521 if (!skb)
1522 goto out;
1523 + err = ccs_socket_recvmsg_permission(sk, skb, flags);
1524 + if (err)
1525 + goto out;
1526
1527 copied = skb->len - sizeof(struct udphdr);
1528 if (copied > len) {
1529 --- linux-2.6.12.6.orig/net/socket.c
1530 +++ linux-2.6.12.6/net/socket.c
1531 @@ -94,6 +94,8 @@
1532 #include <net/sock.h>
1533 #include <linux/netfilter.h>
1534
1535 +#include <linux/ccsecurity.h>
1536 +
1537 static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
1538 static ssize_t sock_aio_read(struct kiocb *iocb, char __user *buf,
1539 size_t size, loff_t pos);
1540 @@ -538,9 +540,10 @@ static inline int __sock_sendmsg(struct
1541 si->size = size;
1542
1543 err = security_socket_sendmsg(sock, msg, size);
1544 + if (!err)
1545 + err = ccs_socket_sendmsg_permission(sock, msg, size);
1546 if (err)
1547 return err;
1548 -
1549 return sock->ops->sendmsg(iocb, sock, msg, size);
1550 }
1551
1552 @@ -1094,6 +1097,8 @@ static int __sock_create(int family, int
1553 }
1554
1555 err = security_socket_create(family, type, protocol, kern);
1556 + if (!err)
1557 + err = ccs_socket_create_permission(family, type, protocol);
1558 if (err)
1559 return err;
1560
1561 @@ -1287,6 +1292,10 @@ asmlinkage long sys_bind(int fd, struct
1562 sockfd_put(sock);
1563 return err;
1564 }
1565 + err = ccs_socket_bind_permission(sock,
1566 + (struct sockaddr *)
1567 + address, addrlen);
1568 + if (!err)
1569 err = sock->ops->bind(sock, (struct sockaddr *)address, addrlen);
1570 }
1571 sockfd_put(sock);
1572 @@ -1317,7 +1326,8 @@ asmlinkage long sys_listen(int fd, int b
1573 sockfd_put(sock);
1574 return err;
1575 }
1576 -
1577 + err = ccs_socket_listen_permission(sock);
1578 + if (!err)
1579 err=sock->ops->listen(sock, backlog);
1580 sockfd_put(sock);
1581 }
1582 @@ -1368,6 +1378,11 @@ asmlinkage long sys_accept(int fd, struc
1583 if (err < 0)
1584 goto out_release;
1585
1586 + if (ccs_socket_accept_permission(newsock,
1587 + (struct sockaddr *) address)) {
1588 + err = -ECONNABORTED; /* Hope less harmful than -EPERM. */
1589 + goto out_release;
1590 + }
1591 if (upeer_sockaddr) {
1592 if(newsock->ops->getname(newsock, (struct sockaddr *)address, &len, 2)<0) {
1593 err = -ECONNABORTED;
1594 @@ -1421,9 +1436,11 @@ asmlinkage long sys_connect(int fd, stru
1595 goto out_put;
1596
1597 err = security_socket_connect(sock, (struct sockaddr *)address, addrlen);
1598 + if (!err)
1599 + err = ccs_socket_connect_permission(sock, (struct sockaddr *)
1600 + address, addrlen);
1601 if (err)
1602 goto out_put;
1603 -
1604 err = sock->ops->connect(sock, (struct sockaddr *) address, addrlen,
1605 sock->file->f_flags);
1606 out_put:
1607 --- linux-2.6.12.6.orig/net/unix/af_unix.c
1608 +++ linux-2.6.12.6/net/unix/af_unix.c
1609 @@ -117,6 +117,7 @@
1610 #include <linux/mount.h>
1611 #include <net/checksum.h>
1612 #include <linux/security.h>
1613 +#include <linux/ccsecurity.h>
1614
1615 int sysctl_unix_max_dgram_qlen = 10;
1616
1617 @@ -781,6 +782,9 @@ static int unix_bind(struct socket *sock
1618 */
1619 mode = S_IFSOCK |
1620 (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
1621 + err = ccs_mknod_permission(nd.dentry->d_inode, dentry, nd.mnt,
1622 + mode, 0);
1623 + if (!err)
1624 err = vfs_mknod(nd.dentry->d_inode, dentry, mode, 0);
1625 if (err)
1626 goto out_mknod_dput;
1627 --- linux-2.6.12.6.orig/security/Kconfig
1628 +++ linux-2.6.12.6/security/Kconfig
1629 @@ -87,5 +87,7 @@ config SECURITY_SECLVL
1630
1631 source security/selinux/Kconfig
1632
1633 +source security/ccsecurity/Kconfig
1634 +
1635 endmenu
1636
1637 --- linux-2.6.12.6.orig/security/Makefile
1638 +++ linux-2.6.12.6/security/Makefile
1639 @@ -17,3 +17,6 @@ obj-$(CONFIG_SECURITY_SELINUX) += selin
1640 obj-$(CONFIG_SECURITY_CAPABILITIES) += commoncap.o capability.o
1641 obj-$(CONFIG_SECURITY_ROOTPLUG) += commoncap.o root_plug.o
1642 obj-$(CONFIG_SECURITY_SECLVL) += seclvl.o
1643 +
1644 +subdir-$(CONFIG_CCSECURITY)+= ccsecurity
1645 +obj-$(CONFIG_CCSECURITY)+= ccsecurity/built-in.o
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ