オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.16-vine-linux-4.2.diff

Annotation of /trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.16-vine-linux-4.2.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1498 - (hide annotations) (download) (as text)
Fri Aug 29 12:08:57 2008 UTC (15 years, 9 months ago) by kumaneko
File MIME type: text/x-diff
File size: 52003 byte(s) 
1.5.5-rc/1.6.4-rc
1 kumaneko 1498 This is TOMOYO Linux patch for VineLinux 4.2.
2    
3     Source code for this patch is http://updates.vinelinux.org/Vine-4.2/updates/SRPMS/kernel-2.6.16-76.39vl4.src.rpm
4     ---
5     arch/alpha/kernel/ptrace.c | 9 +++
6     arch/ia64/ia32/sys_ia32.c | 9 +++
7     arch/ia64/kernel/ptrace.c | 9 +++
8     arch/m32r/kernel/ptrace.c | 9 +++
9     arch/mips/kernel/ptrace32.c | 9 +++
10     arch/powerpc/kernel/ptrace32.c | 9 +++
11     arch/s390/kernel/ptrace.c | 9 +++
12     arch/sh64/kernel/ptrace.c | 9 +++
13     arch/sparc/kernel/ptrace.c | 11 +++
14     arch/sparc64/kernel/ptrace.c | 11 +++
15     arch/x86_64/ia32/ptrace32.c | 9 +++
16     fs/Kconfig | 2
17     fs/Makefile | 2
18     fs/attr.c | 19 ++++++
19     fs/compat.c | 11 +++
20     fs/exec.c | 21 ++++++-
21     fs/fcntl.c | 9 +++
22     fs/ioctl.c | 7 ++
23     fs/namei.c | 118 ++++++++++++++++++++++++++++++++++++++++
24     fs/namespace.c | 50 ++++++++++++++++
25     fs/open.c | 29 +++++++++
26     fs/proc/Makefile | 3 +
27     fs/proc/proc_misc.c | 5 +
28     include/linux/init_task.h | 4 +
29     include/linux/sched.h | 9 +++
30     kernel/compat.c | 7 ++
31     kernel/kexec.c | 7 ++
32     kernel/kmod.c | 5 +
33     kernel/module.c | 13 +++-
34     kernel/ptrace.c | 9 +++
35     kernel/sched.c | 7 ++
36     kernel/signal.c | 21 +++++++
37     kernel/sys.c | 21 +++++++
38     kernel/sysctl.c | 111 +++++++++++++++++++++++++++++++++++++
39     kernel/time.c | 15 +++++
40     net/core/datagram.c | 11 +++
41     net/ipv4/inet_connection_sock.c | 7 ++
42     net/ipv4/inet_hashtables.c | 7 ++
43     net/ipv4/udp.c | 11 +++
44     net/ipv6/inet6_hashtables.c | 9 ++-
45     net/ipv6/udp.c | 11 +++
46     net/socket.c | 43 +++++++++++++-
47     net/unix/af_unix.c | 15 +++++
48     43 files changed, 712 insertions(+), 10 deletions(-)
49    
50     --- linux-2.6.16-76.39vl4.orig/arch/alpha/kernel/ptrace.c
51     +++ linux-2.6.16-76.39vl4/arch/alpha/kernel/ptrace.c
52     @@ -20,6 +20,9 @@
53     #include <asm/pgtable.h>
54     #include <asm/system.h>
55     #include <asm/fpu.h>
56     +/***** TOMOYO Linux start. *****/
57     +#include <linux/tomoyo.h>
58     +/***** TOMOYO Linux end. *****/
59    
60     #include "proto.h"
61    
62     @@ -268,6 +271,12 @@ do_sys_ptrace(long request, long pid, lo
63     unsigned long tmp;
64     size_t copied;
65     long ret;
66     + /***** TOMOYO Linux start. *****/
67     +#ifdef TOMOYO_SYS_PTRACE
68     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
69     + return -EPERM;
70     +#endif
71     + /***** TOMOYO Linux end. *****/
72    
73     lock_kernel();
74     DBG(DBG_MEM, ("request=%ld pid=%ld addr=0x%lx data=0x%lx\n",
75     --- linux-2.6.16-76.39vl4.orig/arch/ia64/ia32/sys_ia32.c
76     +++ linux-2.6.16-76.39vl4/arch/ia64/ia32/sys_ia32.c
77     @@ -58,6 +58,9 @@
78     #include <asm/types.h>
79     #include <asm/uaccess.h>
80     #include <asm/unistd.h>
81     +/***** TOMOYO Linux start. *****/
82     +#include <linux/tomoyo.h>
83     +/***** TOMOYO Linux end. *****/
84    
85     #include "ia32priv.h"
86    
87     @@ -1755,6 +1758,12 @@ sys32_ptrace (int request, pid_t pid, un
88     struct task_struct *child;
89     unsigned int value, tmp;
90     long i, ret;
91     + /***** TOMOYO Linux start. *****/
92     +#ifdef TOMOYO_SYS_PTRACE
93     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
94     + return -EPERM;
95     +#endif
96     + /***** TOMOYO Linux end. *****/
97    
98     lock_kernel();
99     if (request == PTRACE_TRACEME) {
100     --- linux-2.6.16-76.39vl4.orig/arch/ia64/kernel/ptrace.c
101     +++ linux-2.6.16-76.39vl4/arch/ia64/kernel/ptrace.c
102     @@ -29,6 +29,9 @@
103     #ifdef CONFIG_PERFMON
104     #include <asm/perfmon.h>
105     #endif
106     +/***** TOMOYO Linux start. *****/
107     +#include <linux/tomoyo.h>
108     +/***** TOMOYO Linux end. *****/
109    
110     #include "entry.h"
111    
112     @@ -1418,6 +1421,12 @@ sys_ptrace (long request, pid_t pid, uns
113     struct task_struct *child;
114     struct switch_stack *sw;
115     long ret;
116     + /***** TOMOYO Linux start. *****/
117     +#ifdef TOMOYO_SYS_PTRACE
118     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
119     + return -EPERM;
120     +#endif
121     + /***** TOMOYO Linux end. *****/
122    
123     lock_kernel();
124     ret = -EPERM;
125     --- linux-2.6.16-76.39vl4.orig/arch/m32r/kernel/ptrace.c
126     +++ linux-2.6.16-76.39vl4/arch/m32r/kernel/ptrace.c
127     @@ -33,6 +33,9 @@
128     #include <asm/system.h>
129     #include <asm/processor.h>
130     #include <asm/mmu_context.h>
131     +/***** TOMOYO Linux start. *****/
132     +#include <linux/tomoyo.h>
133     +/***** TOMOYO Linux end. *****/
134    
135     /*
136     * This routine will get a word off of the process kernel stack.
137     @@ -743,6 +746,12 @@ asmlinkage long sys_ptrace(long request,
138     {
139     struct task_struct *child;
140     int ret;
141     + /***** TOMOYO Linux start. *****/
142     +#ifdef TOMOYO_SYS_PTRACE
143     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
144     + return -EPERM;
145     +#endif
146     + /***** TOMOYO Linux end. *****/
147    
148     lock_kernel();
149     if (request == PTRACE_TRACEME) {
150     --- linux-2.6.16-76.39vl4.orig/arch/mips/kernel/ptrace32.c
151     +++ linux-2.6.16-76.39vl4/arch/mips/kernel/ptrace32.c
152     @@ -35,6 +35,9 @@
153     #include <asm/system.h>
154     #include <asm/uaccess.h>
155     #include <asm/bootinfo.h>
156     +/***** TOMOYO Linux start. *****/
157     +#include <linux/tomoyo.h>
158     +/***** TOMOYO Linux end. *****/
159    
160     int ptrace_getregs (struct task_struct *child, __s64 __user *data);
161     int ptrace_setregs (struct task_struct *child, __s64 __user *data);
162     @@ -50,6 +53,12 @@ asmlinkage int sys32_ptrace(int request,
163     {
164     struct task_struct *child;
165     int ret;
166     + /***** TOMOYO Linux start. *****/
167     +#ifdef TOMOYO_SYS_PTRACE
168     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
169     + return -EPERM;
170     +#endif
171     + /***** TOMOYO Linux end. *****/
172    
173     #if 0
174     printk("ptrace(r=%d,pid=%d,addr=%08lx,data=%08lx)\n",
175     --- linux-2.6.16-76.39vl4.orig/arch/powerpc/kernel/ptrace32.c
176     +++ linux-2.6.16-76.39vl4/arch/powerpc/kernel/ptrace32.c
177     @@ -33,6 +33,9 @@
178     #include <asm/page.h>
179     #include <asm/pgtable.h>
180     #include <asm/system.h>
181     +/***** TOMOYO Linux start. *****/
182     +#include <linux/tomoyo.h>
183     +/***** TOMOYO Linux end. *****/
184    
185     #include "ptrace-common.h"
186    
187     @@ -46,6 +49,12 @@ long compat_sys_ptrace(int request, int
188     {
189     struct task_struct *child;
190     int ret;
191     + /***** TOMOYO Linux start. *****/
192     +#ifdef TOMOYO_SYS_PTRACE
193     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
194     + return -EPERM;
195     +#endif
196     + /***** TOMOYO Linux end. *****/
197    
198     lock_kernel();
199     if (request == PTRACE_TRACEME) {
200     --- linux-2.6.16-76.39vl4.orig/arch/s390/kernel/ptrace.c
201     +++ linux-2.6.16-76.39vl4/arch/s390/kernel/ptrace.c
202     @@ -41,6 +41,9 @@
203     #include <asm/system.h>
204     #include <asm/uaccess.h>
205     #include <asm/unistd.h>
206     +/***** TOMOYO Linux start. *****/
207     +#include <linux/tomoyo.h>
208     +/***** TOMOYO Linux end. *****/
209    
210     #ifdef CONFIG_COMPAT
211     #include "compat_ptrace.h"
212     @@ -711,6 +714,12 @@ sys_ptrace(long request, long pid, long
213     struct task_struct *child;
214     int ret;
215    
216     + /***** TOMOYO Linux start. *****/
217     +#ifdef TOMOYO_SYS_PTRACE
218     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
219     + return -EPERM;
220     +#endif
221     + /***** TOMOYO Linux end. *****/
222     lock_kernel();
223     if (request == PTRACE_TRACEME) {
224     ret = ptrace_traceme();
225     --- linux-2.6.16-76.39vl4.orig/arch/sh64/kernel/ptrace.c
226     +++ linux-2.6.16-76.39vl4/arch/sh64/kernel/ptrace.c
227     @@ -36,6 +36,9 @@
228     #include <asm/system.h>
229     #include <asm/processor.h>
230     #include <asm/mmu_context.h>
231     +/***** TOMOYO Linux start. *****/
232     +#include <linux/tomoyo.h>
233     +/***** TOMOYO Linux end. *****/
234    
235     /* This mask defines the bits of the SR which the user is not allowed to
236     change, which are everything except S, Q, M, PR, SZ, FR. */
237     @@ -272,6 +275,12 @@ asmlinkage int sh64_ptrace(long request,
238     extern void poke_real_address_q(unsigned long long addr, unsigned long long data);
239     #define WPC_DBRMODE 0x0d104008
240     static int first_call = 1;
241     + /***** TOMOYO Linux start. *****/
242     +#ifdef TOMOYO_SYS_PTRACE
243     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
244     + return -EPERM;
245     +#endif
246     + /***** TOMOYO Linux end. *****/
247    
248     lock_kernel();
249     if (first_call) {
250     --- linux-2.6.16-76.39vl4.orig/arch/sparc/kernel/ptrace.c
251     +++ linux-2.6.16-76.39vl4/arch/sparc/kernel/ptrace.c
252     @@ -23,6 +23,9 @@
253     #include <asm/pgtable.h>
254     #include <asm/system.h>
255     #include <asm/uaccess.h>
256     +/***** TOMOYO Linux start. *****/
257     +#include <linux/tomoyo.h>
258     +/***** TOMOYO Linux end. *****/
259    
260     #define MAGIC_CONSTANT 0x80000000
261    
262     @@ -267,6 +270,14 @@ asmlinkage void do_ptrace(struct pt_regs
263     unsigned long addr2 = regs->u_regs[UREG_I4];
264     struct task_struct *child;
265     int ret;
266     + /***** TOMOYO Linux start. *****/
267     +#ifdef TOMOYO_SYS_PTRACE
268     + if (!ccs_capable(TOMOYO_SYS_PTRACE)) {
269     + pt_error_return(regs, EPERM);
270     + return;
271     + }
272     +#endif
273     + /***** TOMOYO Linux end. *****/
274    
275     lock_kernel();
276     #ifdef DEBUG_PTRACE
277     --- linux-2.6.16-76.39vl4.orig/arch/sparc64/kernel/ptrace.c
278     +++ linux-2.6.16-76.39vl4/arch/sparc64/kernel/ptrace.c
279     @@ -32,6 +32,9 @@
280     #include <asm/spitfire.h>
281     #include <asm/page.h>
282     #include <asm/cpudata.h>
283     +/***** TOMOYO Linux start. *****/
284     +#include <linux/tomoyo.h>
285     +/***** TOMOYO Linux end. *****/
286    
287     /* Returning from ptrace is a bit tricky because the syscall return
288     * low level code assumes any value returned which is negative and
289     @@ -173,6 +176,14 @@ asmlinkage void do_ptrace(struct pt_regs
290     unsigned long addr2 = regs->u_regs[UREG_I4];
291     struct task_struct *child;
292     int ret;
293     + /***** TOMOYO Linux start. *****/
294     +#ifdef TOMOYO_SYS_PTRACE
295     + if (!ccs_capable(TOMOYO_SYS_PTRACE)) {
296     + pt_error_return(regs, EPERM);
297     + return;
298     + }
299     +#endif
300     + /***** TOMOYO Linux end. *****/
301    
302     if (test_thread_flag(TIF_32BIT)) {
303     addr &= 0xffffffffUL;
304     --- linux-2.6.16-76.39vl4.orig/arch/x86_64/ia32/ptrace32.c
305     +++ linux-2.6.16-76.39vl4/arch/x86_64/ia32/ptrace32.c
306     @@ -27,6 +27,9 @@
307     #include <asm/debugreg.h>
308     #include <asm/i387.h>
309     #include <asm/fpu32.h>
310     +/***** TOMOYO Linux start. *****/
311     +#include <linux/tomoyo.h>
312     +/***** TOMOYO Linux end. *****/
313    
314     /*
315     * Determines which flags the user has access to [1 = access, 0 = no access].
316     @@ -206,6 +209,12 @@ asmlinkage long sys32_ptrace(long reques
317     void __user *datap = compat_ptr(data);
318     int ret;
319     __u32 val;
320     + /***** TOMOYO Linux start. *****/
321     +#ifdef TOMOYO_SYS_PTRACE
322     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
323     + return -EPERM;
324     +#endif
325     + /***** TOMOYO Linux end. *****/
326    
327     switch (request) {
328     default:
329     --- linux-2.6.16-76.39vl4.orig/fs/Kconfig
330     +++ linux-2.6.16-76.39vl4/fs/Kconfig
331     @@ -1906,5 +1906,7 @@ endmenu
332    
333     source "fs/nls/Kconfig"
334    
335     +source "fs/Kconfig.ccs"
336     +
337     endmenu
338    
339     --- linux-2.6.16-76.39vl4.orig/fs/Makefile
340     +++ linux-2.6.16-76.39vl4/fs/Makefile
341     @@ -106,3 +106,5 @@ obj-$(CONFIG_CONFIGFS_FS) += configfs/
342     obj-$(CONFIG_OCFS2_FS) += ocfs2/
343     obj-$(CONFIG_SUPERMOUNT) += supermount/
344     obj-$(CONFIG_UNION_FS) += unionfs/
345     +
346     +include $(srctree)/fs/Makefile-2.6.ccs
347     --- linux-2.6.16-76.39vl4.orig/fs/attr.c
348     +++ linux-2.6.16-76.39vl4/fs/attr.c
349     @@ -15,6 +15,9 @@
350     #include <linux/fcntl.h>
351     #include <linux/quotaops.h>
352     #include <linux/security.h>
353     +/***** TOMOYO Linux start. *****/
354     +#include <linux/tomoyo.h>
355     +/***** TOMOYO Linux end. *****/
356    
357     /* Taken over from the old code... */
358    
359     @@ -145,12 +148,28 @@ int notify_change(struct dentry * dentry
360    
361     if (inode->i_op && inode->i_op->setattr) {
362     error = security_inode_setattr(dentry, attr);
363     + /***** TOMOYO Linux start. *****/
364     + if (!error && (ia_valid & ATTR_MODE) &&
365     + !ccs_capable(TOMOYO_SYS_CHMOD))
366     + error = -EPERM;
367     + if (!error && (ia_valid & (ATTR_UID | ATTR_GID)) &&
368     + !ccs_capable(TOMOYO_SYS_CHOWN))
369     + error = -EPERM;
370     + /***** TOMOYO Linux end. *****/
371     if (!error)
372     error = inode->i_op->setattr(dentry, attr);
373     } else {
374     error = inode_change_ok(inode, attr);
375     if (!error)
376     error = security_inode_setattr(dentry, attr);
377     + /***** TOMOYO Linux start. *****/
378     + if (!error && (ia_valid & ATTR_MODE) &&
379     + !ccs_capable(TOMOYO_SYS_CHMOD))
380     + error = -EPERM;
381     + if (!error && (ia_valid & (ATTR_UID | ATTR_GID)) &&
382     + !ccs_capable(TOMOYO_SYS_CHOWN))
383     + error = -EPERM;
384     + /***** TOMOYO Linux end. *****/
385     if (!error) {
386     if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
387     (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid))
388     --- linux-2.6.16-76.39vl4.orig/fs/compat.c
389     +++ linux-2.6.16-76.39vl4/fs/compat.c
390     @@ -52,6 +52,9 @@
391     #include <asm/uaccess.h>
392     #include <asm/mmu_context.h>
393     #include <asm/ioctls.h>
394     +/***** TOMOYO Linux start. *****/
395     +#include <linux/tomoyo.h>
396     +/***** TOMOYO Linux end. *****/
397    
398     extern void sigset_from_compat(sigset_t *set, compat_sigset_t *compat);
399    
400     @@ -405,6 +408,12 @@ asmlinkage long compat_sys_ioctl(unsigne
401     /*FALL THROUGH*/
402    
403     default:
404     + /***** TOMOYO Linux start. *****/
405     + if (!ccs_capable(TOMOYO_SYS_IOCTL)) {
406     + error = -EPERM;
407     + goto out_fput;
408     + }
409     + /***** TOMOYO Linux end. *****/
410     if (filp->f_op && filp->f_op->compat_ioctl) {
411     error = filp->f_op->compat_ioctl(filp, cmd, arg);
412     if (error != -ENOIOCTLCMD)
413     @@ -1532,7 +1541,7 @@ int compat_do_execve(char * filename,
414     if (retval < 0)
415     goto out;
416    
417     - retval = search_binary_handler(bprm, regs);
418     + retval = search_binary_handler_with_transition(bprm, regs);
419     if (retval >= 0) {
420     free_arg_pages(bprm);
421    
422     --- linux-2.6.16-76.39vl4.orig/fs/exec.c
423     +++ linux-2.6.16-76.39vl4/fs/exec.c
424     @@ -57,6 +57,10 @@
425     #include <linux/kmod.h>
426     #endif
427    
428     +/***** TOMOYO Linux start. *****/
429     +#include <linux/tomoyo.h>
430     +/***** TOMOYO Linux end. *****/
431     +
432     int core_uses_pid;
433     char core_pattern[65] = "core";
434     int suid_dumpable = 0;
435     @@ -139,6 +143,13 @@ asmlinkage long sys_uselib(const char __
436     if (error)
437     goto exit;
438    
439     + /***** TOMOYO Linux start. *****/
440     + /* 01 means "read". */
441     + error = ccs_check_open_permission(nd.dentry, nd.mnt, 01);
442     + if (error)
443     + goto exit;
444     + /***** TOMOYO Linux end. *****/
445     +
446     file = nameidata_to_filp(&nd, O_RDONLY);
447     error = PTR_ERR(file);
448     if (IS_ERR(file))
449     @@ -488,6 +499,13 @@ struct file *open_exec(const char *name)
450     int err = vfs_permission(&nd, MAY_EXEC);
451     if (!err && !(inode->i_mode & 0111))
452     err = -EACCES;
453     + /***** TOMOYO Linux start. *****/
454     + if (!err && (current->tomoyo_flags &
455     + TOMOYO_CHECK_READ_FOR_OPEN_EXEC))
456     + /* 01 means "read". */
457     + err = ccs_check_open_permission(nd.dentry,
458     + nd.mnt, 01);
459     + /***** TOMOYO Linux end. *****/
460     file = ERR_PTR(err);
461     if (!err) {
462     file = nameidata_to_filp(&nd, O_RDONLY);
463     @@ -1201,7 +1219,8 @@ int do_execve(char * filename,
464     if (retval < 0)
465     goto out;
466    
467     - retval = search_binary_handler(bprm,regs);
468     + retval = search_binary_handler_with_transition(bprm, regs);
469     +
470     if (retval >= 0) {
471     free_arg_pages(bprm);
472    
473     --- linux-2.6.16-76.39vl4.orig/fs/fcntl.c
474     +++ linux-2.6.16-76.39vl4/fs/fcntl.c
475     @@ -22,6 +22,9 @@
476     #include <asm/poll.h>
477     #include <asm/siginfo.h>
478     #include <asm/uaccess.h>
479     +/***** TOMOYO Linux start. *****/
480     +#include <linux/tomoyo.h>
481     +/***** TOMOYO Linux end. *****/
482    
483     void fastcall set_close_on_exec(unsigned int fd, int flag)
484     {
485     @@ -215,6 +218,12 @@ static int setfl(int fd, struct file * f
486     if (((arg ^ filp->f_flags) & O_APPEND) && IS_APPEND(inode))
487     return -EPERM;
488    
489     + /***** TOMOYO Linux start. *****/
490     + if (((arg ^ filp->f_flags) & O_APPEND) &&
491     + ccs_check_rewrite_permission(filp))
492     + return -EPERM;
493     + /***** TOMOYO Linux end. *****/
494     +
495     /* O_NOATIME can only be set by the owner or superuser */
496     if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
497     if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
498     --- linux-2.6.16-76.39vl4.orig/fs/ioctl.c
499     +++ linux-2.6.16-76.39vl4/fs/ioctl.c
500     @@ -16,6 +16,9 @@
501    
502     #include <asm/uaccess.h>
503     #include <asm/ioctls.h>
504     +/***** TOMOYO Linux start. *****/
505     +#include <linux/tomoyo.h>
506     +/***** TOMOYO Linux end. *****/
507    
508     static long do_ioctl(struct file *filp, unsigned int cmd,
509     unsigned long arg)
510     @@ -24,6 +27,10 @@ static long do_ioctl(struct file *filp,
511    
512     if (!filp->f_op)
513     goto out;
514     + /***** TOMOYO Linux start. *****/
515     + if (!ccs_capable(TOMOYO_SYS_IOCTL))
516     + return -EPERM;
517     + /***** TOMOYO Linux end. *****/
518    
519     if (filp->f_op->unlocked_ioctl) {
520     error = filp->f_op->unlocked_ioctl(filp, cmd, arg);
521     --- linux-2.6.16-76.39vl4.orig/fs/namei.c
522     +++ linux-2.6.16-76.39vl4/fs/namei.c
523     @@ -37,6 +37,10 @@
524    
525     #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
526    
527     +/***** TOMOYO Linux start. *****/
528     +#include <linux/tomoyo.h>
529     +/***** TOMOYO Linux end. *****/
530     +
531     /* [Feb-1997 T. Schoebel-Theuer]
532     * Fundamental changes in the pathname lookup mechanisms (namei)
533     * were necessary because of omirr. The reason is that omirr needs
534     @@ -1470,6 +1474,13 @@ int vfs_create(struct inode *dir, struct
535     error = security_inode_create(dir, dentry, mode);
536     if (error)
537     return error;
538     + /***** TOMOYO Linux start. *****/
539     + if (nd) {
540     + error = ccs_check_1path_perm(TYPE_CREATE_ACL, dentry, nd->mnt);
541     + if (error)
542     + return error;
543     + }
544     + /***** TOMOYO Linux end. *****/
545     DQUOT_INIT(dir);
546     error = dir->i_op->create(dir, dentry, mode, nd);
547     if (!error)
548     @@ -1525,6 +1536,13 @@ int may_open(struct nameidata *nd, int a
549     if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
550     return -EPERM;
551    
552     + /***** TOMOYO Linux start. *****/
553     + /* includes O_APPEND and O_TRUNC checks */
554     + error = ccs_check_open_permission(dentry, nd->mnt, flag);
555     + if (error)
556     + return error;
557     + /***** TOMOYO Linux end. *****/
558     +
559     /*
560     * Ensure there are no outstanding leases on the file.
561     */
562     @@ -1556,6 +1574,9 @@ int may_open(struct nameidata *nd, int a
563     return 0;
564     }
565    
566     +/***** TOMOYO Linux start. *****/
567     +#include <linux/tomoyo_vfs.h>
568     +/***** TOMOYO Linux end. *****/
569     /*
570     * open_namei()
571     *
572     @@ -1820,6 +1841,16 @@ asmlinkage long sys_mknodat(int dfd, con
573    
574     if (S_ISDIR(mode))
575     return -EPERM;
576     + /***** TOMOYO Linux start. *****/
577     + if (S_ISCHR(mode) && !ccs_capable(TOMOYO_CREATE_CHAR_DEV))
578     + return -EPERM;
579     + if (S_ISBLK(mode) && !ccs_capable(TOMOYO_CREATE_BLOCK_DEV))
580     + return -EPERM;
581     + if (S_ISFIFO(mode) && !ccs_capable(TOMOYO_CREATE_FIFO))
582     + return -EPERM;
583     + if (S_ISSOCK(mode) && !ccs_capable(TOMOYO_CREATE_UNIX_SOCKET))
584     + return -EPERM;
585     + /***** TOMOYO Linux end. *****/
586     tmp = getname(filename);
587     if (IS_ERR(tmp))
588     return PTR_ERR(tmp);
589     @@ -1838,10 +1869,32 @@ asmlinkage long sys_mknodat(int dfd, con
590     error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd);
591     break;
592     case S_IFCHR: case S_IFBLK:
593     + /***** TOMOYO Linux start. *****/
594     + error = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode);
595     + if (error)
596     + break;
597     + error = ccs_check_1path_perm(S_ISCHR(mode) ?
598     + TYPE_MKCHAR_ACL :
599     + TYPE_MKBLOCK_ACL,
600     + dentry, nd.mnt);
601     + if (error)
602     + break;
603     + /***** TOMOYO Linux end. *****/
604     error = vfs_mknod(nd.dentry->d_inode,dentry,mode,
605     new_decode_dev(dev));
606     break;
607     case S_IFIFO: case S_IFSOCK:
608     + /***** TOMOYO Linux start. *****/
609     + error = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode);
610     + if (error)
611     + break;
612     + error = ccs_check_1path_perm(S_ISFIFO(mode) ?
613     + TYPE_MKFIFO_ACL :
614     + TYPE_MKSOCK_ACL,
615     + dentry, nd.mnt);
616     + if (error)
617     + break;
618     + /***** TOMOYO Linux end. *****/
619     error = vfs_mknod(nd.dentry->d_inode,dentry,mode,0);
620     break;
621     case S_IFDIR:
622     @@ -1906,6 +1959,13 @@ asmlinkage long sys_mkdirat(int dfd, con
623     if (!IS_ERR(dentry)) {
624     if (!IS_POSIXACL(nd.dentry->d_inode))
625     mode &= ~current->fs->umask;
626     + /***** TOMOYO Linux start. *****/
627     + error = pre_vfs_mkdir(nd.dentry->d_inode, dentry);
628     + if (!error)
629     + error = ccs_check_1path_perm(TYPE_MKDIR_ACL,
630     + dentry, nd.mnt);
631     + if (!error)
632     + /***** TOMOYO Linux end. *****/
633     error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
634     dput(dentry);
635     }
636     @@ -2014,6 +2074,13 @@ static long do_rmdir(int dfd, const char
637     dentry = lookup_hash(&nd);
638     error = PTR_ERR(dentry);
639     if (!IS_ERR(dentry)) {
640     + /***** TOMOYO Linux start. *****/
641     + error = pre_vfs_rmdir(nd.dentry->d_inode, dentry);
642     + if (!error)
643     + error = ccs_check_1path_perm(TYPE_RMDIR_ACL, dentry,
644     + nd.mnt);
645     + if (!error)
646     + /***** TOMOYO Linux end. *****/
647     error = vfs_rmdir(nd.dentry->d_inode, dentry);
648     dput(dentry);
649     }
650     @@ -2073,6 +2140,10 @@ static long do_unlinkat(int dfd, const c
651     struct dentry *dentry;
652     struct nameidata nd;
653     struct inode *inode = NULL;
654     + /***** TOMOYO Linux start. *****/
655     + if (!ccs_capable(TOMOYO_SYS_UNLINK))
656     + return -EPERM;
657     + /***** TOMOYO Linux end. *****/
658    
659     name = getname(pathname);
660     if(IS_ERR(name))
661     @@ -2094,6 +2165,14 @@ static long do_unlinkat(int dfd, const c
662     inode = dentry->d_inode;
663     if (inode)
664     atomic_inc(&inode->i_count);
665     + /***** TOMOYO Linux start. *****/
666     + error = pre_vfs_unlink(nd.dentry->d_inode, dentry);
667     + if (error)
668     + goto exit2;
669     + error = ccs_check_1path_perm(TYPE_UNLINK_ACL, dentry, nd.mnt);
670     + if (error)
671     + goto exit2;
672     + /***** TOMOYO Linux end. *****/
673     error = vfs_unlink(nd.dentry->d_inode, dentry);
674     exit2:
675     dput(dentry);
676     @@ -2156,6 +2235,10 @@ asmlinkage long sys_symlinkat(const char
677     int error = 0;
678     char * from;
679     char * to;
680     + /***** TOMOYO Linux start. *****/
681     + if (!ccs_capable(TOMOYO_SYS_SYMLINK))
682     + return -EPERM;
683     + /***** TOMOYO Linux end. *****/
684    
685     from = getname(oldname);
686     if(IS_ERR(from))
687     @@ -2172,6 +2255,13 @@ asmlinkage long sys_symlinkat(const char
688     dentry = lookup_create(&nd, 0);
689     error = PTR_ERR(dentry);
690     if (!IS_ERR(dentry)) {
691     + /***** TOMOYO Linux start. *****/
692     + error = pre_vfs_symlink(nd.dentry->d_inode, dentry);
693     + if (!error)
694     + error = ccs_check_1path_perm(TYPE_SYMLINK_ACL,
695     + dentry, nd.mnt);
696     + if (!error)
697     + /***** TOMOYO Linux end. *****/
698     error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
699     dput(dentry);
700     }
701     @@ -2244,6 +2334,10 @@ asmlinkage long sys_linkat(int olddfd, c
702     struct nameidata nd, old_nd;
703     int error;
704     char * to;
705     + /***** TOMOYO Linux start. *****/
706     + if (!ccs_capable(TOMOYO_SYS_LINK))
707     + return -EPERM;
708     + /***** TOMOYO Linux end. *****/
709    
710     if (flags != 0)
711     return -EINVAL;
712     @@ -2264,6 +2358,15 @@ asmlinkage long sys_linkat(int olddfd, c
713     new_dentry = lookup_create(&nd, 0);
714     error = PTR_ERR(new_dentry);
715     if (!IS_ERR(new_dentry)) {
716     + /***** TOMOYO Linux start. *****/
717     + error = pre_vfs_link(old_nd.dentry, nd.dentry->d_inode,
718     + new_dentry);
719     + if (!error)
720     + error = ccs_check_2path_perm(TYPE_LINK_ACL,
721     + old_nd.dentry, old_nd.mnt,
722     + new_dentry, nd.mnt);
723     + if (!error)
724     + /***** TOMOYO Linux end. *****/
725     error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
726     dput(new_dentry);
727     }
728     @@ -2490,6 +2593,17 @@ static int do_rename(int olddfd, const c
729     if (new_dentry == trap)
730     goto exit5;
731    
732     + /***** TOMOYO Linux start. *****/
733     + error = pre_vfs_rename(old_dir->d_inode, old_dentry,
734     + new_dir->d_inode, new_dentry);
735     + if (error)
736     + goto exit5;
737     + error = ccs_check_2path_perm(TYPE_RENAME_ACL, old_dentry, oldnd.mnt,
738     + new_dentry, newnd.mnt);
739     + if (error)
740     + goto exit5;
741     + /***** TOMOYO Linux end. *****/
742     +
743     error = vfs_rename(old_dir->d_inode, old_dentry,
744     new_dir->d_inode, new_dentry);
745     exit5:
746     @@ -2512,6 +2626,10 @@ asmlinkage long sys_renameat(int olddfd,
747     int error;
748     char * from;
749     char * to;
750     + /***** TOMOYO Linux start. *****/
751     + if (!ccs_capable(TOMOYO_SYS_RENAME))
752     + return -EPERM;
753     + /***** TOMOYO Linux end. *****/
754    
755     from = getname(oldname);
756     if(IS_ERR(from))
757     --- linux-2.6.16-76.39vl4.orig/fs/namespace.c
758     +++ linux-2.6.16-76.39vl4/fs/namespace.c
759     @@ -26,6 +26,12 @@
760     #include <asm/uaccess.h>
761     #include <asm/unistd.h>
762     #include "pnode.h"
763     +/***** SAKURA Linux start. *****/
764     +#include <linux/sakura.h>
765     +/***** SAKURA Linux end. *****/
766     +/***** TOMOYO Linux start. *****/
767     +#include <linux/tomoyo.h>
768     +/***** TOMOYO Linux end. *****/
769    
770     extern int __init init_rootfs(void);
771    
772     @@ -509,6 +515,11 @@ static int do_umount(struct vfsmount *mn
773     if (retval)
774     return retval;
775    
776     + /***** SAKURA Linux start. *****/
777     + if (ccs_may_umount(mnt))
778     + return -EPERM;
779     + /***** SAKURA Linux end. *****/
780     +
781     /*
782     * Allow userspace to request a mountpoint be expired rather than
783     * unmounting unconditionally. Unmount only happens if:
784     @@ -597,6 +608,10 @@ asmlinkage long sys_umount(char __user *
785     {
786     struct nameidata nd;
787     int retval;
788     + /***** TOMOYO Linux start. *****/
789     + if (!ccs_capable(TOMOYO_SYS_UMOUNT))
790     + return -EPERM;
791     + /***** TOMOYO Linux end. *****/
792    
793     retval = __user_walk(name, LOOKUP_FOLLOW, &nd);
794     if (retval)
795     @@ -881,6 +896,11 @@ static int do_loopback(struct nameidata
796    
797     if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
798     goto out;
799     + /***** SAKURA Linux start. *****/
800     + err = -EPERM;
801     + if (ccs_may_mount(nd))
802     + goto out;
803     + /***** SAKURA Linux end. *****/
804    
805     err = -ENOMEM;
806     if (recurse)
807     @@ -965,7 +985,11 @@ static int do_move_mount(struct nameidat
808     err = -EINVAL;
809     if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
810     goto out;
811     -
812     + /***** SAKURA Linux start. *****/
813     + err = -EPERM;
814     + if (ccs_may_umount(old_nd.mnt) || ccs_may_mount(nd))
815     + goto out;
816     + /***** SAKURA Linux end. *****/
817     err = -ENOENT;
818     mutex_lock(&nd->dentry->d_inode->i_mutex);
819     if (IS_DEADDIR(nd->dentry->d_inode))
820     @@ -1067,6 +1091,11 @@ int do_add_mount(struct vfsmount *newmnt
821     err = -EINVAL;
822     if (S_ISLNK(newmnt->mnt_root->d_inode->i_mode))
823     goto unlock;
824     + /***** SAKURA Linux start. *****/
825     + err = -EPERM;
826     + if (ccs_may_mount(nd))
827     + goto unlock;
828     + /***** SAKURA Linux end. *****/
829    
830     newmnt->mnt_flags = mnt_flags;
831     if ((err = graft_tree(newmnt, nd)))
832     @@ -1284,6 +1313,17 @@ long do_mount(char *dev_name, char *dir_
833     if (data_page)
834     ((char *)data_page)[PAGE_SIZE - 1] = 0;
835    
836     + /***** TOMOYO Linux start. *****/
837     + if (!ccs_capable(TOMOYO_SYS_MOUNT))
838     + return -EPERM;
839     + /***** TOMOYO Linux end. *****/
840     + /***** SAKURA Linux start. *****/
841     + retval = ccs_check_mount_permission(dev_name, dir_name, type_page,
842     + &flags);
843     + if (retval)
844     + return retval;
845     + /***** SAKURA Linux end. *****/
846     +
847     /* Separate the per-mountpoint flags */
848     if (flags & MS_NOSUID)
849     mnt_flags |= MNT_NOSUID;
850     @@ -1582,6 +1622,10 @@ asmlinkage long sys_pivot_root(const cha
851    
852     if (!capable(CAP_SYS_ADMIN))
853     return -EPERM;
854     + /***** TOMOYO Linux start. *****/
855     + if (!ccs_capable(TOMOYO_SYS_PIVOT_ROOT))
856     + return -EPERM;
857     + /***** TOMOYO Linux end. *****/
858    
859     lock_kernel();
860    
861     @@ -1598,6 +1642,10 @@ asmlinkage long sys_pivot_root(const cha
862     goto out1;
863    
864     error = security_sb_pivotroot(&old_nd, &new_nd);
865     + /***** SAKURA Linux start. *****/
866     + if (!error)
867     + error = ccs_check_pivot_root_permission(&old_nd, &new_nd);
868     + /***** SAKURA Linux end. *****/
869     if (error) {
870     path_release(&old_nd);
871     goto out1;
872     --- linux-2.6.16-76.39vl4.orig/fs/open.c
873     +++ linux-2.6.16-76.39vl4/fs/open.c
874     @@ -30,6 +30,13 @@
875    
876     #include <asm/unistd.h>
877    
878     +/***** SAKURA Linux start. *****/
879     +#include <linux/sakura.h>
880     +/***** SAKURA Linux end. *****/
881     +/***** TOMOYO Linux start. *****/
882     +#include <linux/tomoyo.h>
883     +/***** TOMOYO Linux end. *****/
884     +
885     int vfs_statfs(struct super_block *sb, struct kstatfs *buf)
886     {
887     int retval = -ENODEV;
888     @@ -266,6 +273,10 @@ static long do_sys_truncate(const char _
889     if (error)
890     goto dput_and_out;
891    
892     + /***** TOMOYO Linux start. *****/
893     + error = ccs_check_1path_perm(TYPE_TRUNCATE_ACL, nd.dentry, nd.mnt);
894     + if (!error)
895     + /***** TOMOYO Linux end. *****/
896     error = locks_verify_truncate(inode, NULL, length);
897     if (!error) {
898     DQUOT_INIT(inode);
899     @@ -318,7 +329,11 @@ static long do_sys_ftruncate(unsigned in
900     error = -EPERM;
901     if (IS_APPEND(inode))
902     goto out_putf;
903     -
904     + /***** TOMOYO Linux start. *****/
905     + error = ccs_check_1path_perm(TYPE_TRUNCATE_ACL, dentry, file->f_vfsmnt);
906     + if (error)
907     + goto out_putf;
908     + /***** TOMOYO Linux end. *****/
909     error = locks_verify_truncate(inode, file, length);
910     if (!error)
911     error = do_truncate(dentry, length, 0, file);
912     @@ -607,6 +622,14 @@ asmlinkage long sys_chroot(const char __
913     error = -EPERM;
914     if (!capable(CAP_SYS_CHROOT))
915     goto dput_and_out;
916     + /***** TOMOYO Linux start. *****/
917     + if (!ccs_capable(TOMOYO_SYS_CHROOT))
918     + goto dput_and_out;
919     + /***** TOMOYO Linux end. *****/
920     + /***** SAKURA Linux start. *****/
921     + if (ccs_check_chroot_permission(&nd))
922     + goto dput_and_out;
923     + /***** SAKURA Linux end. *****/
924    
925     set_fs_root(current->fs, nd.mnt, nd.dentry);
926     set_fs_altroot();
927     @@ -1189,6 +1212,10 @@ EXPORT_SYMBOL(sys_close);
928     */
929     asmlinkage long sys_vhangup(void)
930     {
931     + /***** TOMOYO Linux start. *****/
932     + if (!ccs_capable(TOMOYO_SYS_VHANGUP))
933     + return -EPERM;
934     + /***** TOMOYO Linux end. *****/
935     if (capable(CAP_SYS_TTY_CONFIG)) {
936     tty_vhangup(current->signal->tty);
937     return 0;
938     --- linux-2.6.16-76.39vl4.orig/fs/proc/Makefile
939     +++ linux-2.6.16-76.39vl4/fs/proc/Makefile
940     @@ -13,3 +13,6 @@ proc-y += inode.o root.o base.o ge
941     proc-$(CONFIG_PROC_KCORE) += kcore.o
942     proc-$(CONFIG_PROC_VMCORE) += vmcore.o
943     proc-$(CONFIG_PROC_DEVICETREE) += proc_devtree.o
944     +
945     +proc-$(CONFIG_SAKURA) += ccs_proc.o
946     +proc-$(CONFIG_TOMOYO) += ccs_proc.o
947     --- linux-2.6.16-76.39vl4.orig/fs/proc/proc_misc.c
948     +++ linux-2.6.16-76.39vl4/fs/proc/proc_misc.c
949     @@ -682,4 +682,9 @@ void __init proc_misc_init(void)
950     if (entry)
951     entry->proc_fops = &proc_sysrq_trigger_operations;
952     #endif
953     + /***** CCS start. *****/
954     +#if defined(CONFIG_SAKURA) || defined(CONFIG_TOMOYO)
955     + printk(KERN_INFO "Hook version: 2.6.16-76.39vl4 2008/08/29\n");
956     +#endif
957     + /***** CCS end. *****/
958     }
959     --- linux-2.6.16-76.39vl4.orig/include/linux/init_task.h
960     +++ linux-2.6.16-76.39vl4/include/linux/init_task.h
961     @@ -121,6 +121,10 @@ extern struct group_info init_groups;
962     .journal_info = NULL, \
963     .cpu_timers = INIT_CPU_TIMERS(tsk.cpu_timers), \
964     .fs_excl = ATOMIC_INIT(0), \
965     + /***** TOMOYO Linux start. *****/ \
966     + .domain_info = &KERNEL_DOMAIN, \
967     + .tomoyo_flags = 0, \
968     + /***** TOMOYO Linux end. *****/ \
969     }
970    
971    
972     --- linux-2.6.16-76.39vl4.orig/include/linux/sched.h
973     +++ linux-2.6.16-76.39vl4/include/linux/sched.h
974     @@ -40,6 +40,11 @@
975    
976     struct exec_domain;
977    
978     +/***** TOMOYO Linux start. *****/
979     +struct domain_info;
980     +extern struct domain_info KERNEL_DOMAIN;
981     +/***** TOMOYO Linux end. *****/
982     +
983     /*
984     * cloning flags:
985     */
986     @@ -871,6 +876,10 @@ struct task_struct {
987     #endif
988     atomic_t fs_excl; /* holding fs exclusive resources */
989     struct rcu_head rcu;
990     + /***** TOMOYO Linux start. *****/
991     + struct domain_info *domain_info;
992     + u32 tomoyo_flags;
993     + /***** TOMOYO Linux end. *****/
994     };
995    
996     static inline pid_t process_group(struct task_struct *tsk)
997     --- linux-2.6.16-76.39vl4.orig/kernel/compat.c
998     +++ linux-2.6.16-76.39vl4/kernel/compat.c
999     @@ -23,6 +23,9 @@
1000     #include <linux/security.h>
1001    
1002     #include <asm/uaccess.h>
1003     +/***** TOMOYO Linux start. *****/
1004     +#include <linux/tomoyo.h>
1005     +/***** TOMOYO Linux end. *****/
1006    
1007     int get_compat_timespec(struct timespec *ts, const struct compat_timespec __user *cts)
1008     {
1009     @@ -864,6 +867,10 @@ asmlinkage long compat_sys_stime(compat_
1010     err = security_settime(&tv, NULL);
1011     if (err)
1012     return err;
1013     + /***** TOMOYO Linux start. *****/
1014     + if (!ccs_capable(TOMOYO_SYS_SETTIME))
1015     + return -EPERM;
1016     + /***** TOMOYO Linux end. *****/
1017    
1018     do_settimeofday(&tv);
1019     return 0;
1020     --- linux-2.6.16-76.39vl4.orig/kernel/kexec.c
1021     +++ linux-2.6.16-76.39vl4/kernel/kexec.c
1022     @@ -26,6 +26,9 @@
1023     #include <asm/io.h>
1024     #include <asm/system.h>
1025     #include <asm/semaphore.h>
1026     +/***** TOMOYO Linux start. *****/
1027     +#include <linux/tomoyo.h>
1028     +/***** TOMOYO Linux end. *****/
1029    
1030     /* Per cpu memory for storing cpu states in case of system crash. */
1031     note_buf_t* crash_notes;
1032     @@ -922,6 +925,10 @@ asmlinkage long sys_kexec_load(unsigned
1033     /* We only trust the superuser with rebooting the system. */
1034     if (!capable(CAP_SYS_BOOT))
1035     return -EPERM;
1036     + /***** TOMOYO Linux start. *****/
1037     + if (!ccs_capable(TOMOYO_SYS_KEXEC_LOAD))
1038     + return -EPERM;
1039     + /***** TOMOYO Linux end. *****/
1040    
1041     /*
1042     * Verify we have a legal set of flags
1043     --- linux-2.6.16-76.39vl4.orig/kernel/kmod.c
1044     +++ linux-2.6.16-76.39vl4/kernel/kmod.c
1045     @@ -150,6 +150,11 @@ static int ____call_usermodehelper(void
1046     /* We can run anywhere, unlike our parent keventd(). */
1047     set_cpus_allowed(current, CPU_MASK_ALL);
1048    
1049     + /***** TOMOYO Linux start. *****/
1050     + current->domain_info = &KERNEL_DOMAIN;
1051     + current->tomoyo_flags = 0;
1052     + /***** TOMOYO Linux end. *****/
1053     +
1054     retval = -EPERM;
1055     if (current->fs->root)
1056     retval = execve(sub_info->path, sub_info->argv,sub_info->envp);
1057     --- linux-2.6.16-76.39vl4.orig/kernel/module.c
1058     +++ linux-2.6.16-76.39vl4/kernel/module.c
1059     @@ -42,6 +42,9 @@
1060     #include <asm/uaccess.h>
1061     #include <asm/semaphore.h>
1062     #include <asm/cacheflush.h>
1063     +/***** TOMOYO Linux start. *****/
1064     +#include <linux/tomoyo.h>
1065     +/***** TOMOYO Linux end. *****/
1066    
1067     #if 0
1068     #define DEBUGP printk
1069     @@ -578,7 +581,10 @@ sys_delete_module(const char __user *nam
1070    
1071     if (!capable(CAP_SYS_MODULE))
1072     return -EPERM;
1073     -
1074     + /***** TOMOYO Linux start. *****/
1075     + if (!ccs_capable(TOMOYO_USE_KERNEL_MODULE))
1076     + return -EPERM;
1077     + /***** TOMOYO Linux end. *****/
1078     if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
1079     return -EFAULT;
1080     name[MODULE_NAME_LEN-1] = '\0';
1081     @@ -1931,7 +1937,10 @@ sys_init_module(void __user *umod,
1082     /* Must have permission */
1083     if (!capable(CAP_SYS_MODULE))
1084     return -EPERM;
1085     -
1086     + /***** TOMOYO Linux start. *****/
1087     + if (!ccs_capable(TOMOYO_USE_KERNEL_MODULE))
1088     + return -EPERM;
1089     + /***** TOMOYO Linux end. *****/
1090     /* Only one module load at a time, please */
1091     if (down_interruptible(&module_mutex) != 0)
1092     return -EINTR;
1093     --- linux-2.6.16-76.39vl4.orig/kernel/ptrace.c
1094     +++ linux-2.6.16-76.39vl4/kernel/ptrace.c
1095     @@ -21,6 +21,9 @@
1096    
1097     #include <asm/pgtable.h>
1098     #include <asm/uaccess.h>
1099     +/***** TOMOYO Linux start. *****/
1100     +#include <linux/tomoyo.h>
1101     +/***** TOMOYO Linux end. *****/
1102    
1103     /*
1104     * ptrace a task: make the debugger its new parent and
1105     @@ -495,6 +498,12 @@ asmlinkage long sys_ptrace(long request,
1106     /*
1107     * This lock_kernel fixes a subtle race with suid exec
1108     */
1109     + /***** TOMOYO Linux start. *****/
1110     +#ifdef TOMOYO_SYS_PTRACE
1111     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
1112     + return -EPERM;
1113     +#endif
1114     + /***** TOMOYO Linux end. *****/
1115     lock_kernel();
1116     if (request == PTRACE_TRACEME) {
1117     ret = ptrace_traceme();
1118     --- linux-2.6.16-76.39vl4.orig/kernel/sched.c
1119     +++ linux-2.6.16-76.39vl4/kernel/sched.c
1120     @@ -52,6 +52,9 @@
1121     #include <asm/tlb.h>
1122    
1123     #include <asm/unistd.h>
1124     +/***** TOMOYO Linux start. *****/
1125     +#include <linux/tomoyo.h>
1126     +/***** TOMOYO Linux end. *****/
1127    
1128     /*
1129     * Convert user-nice values [ -20 ... 0 ... 19 ]
1130     @@ -3545,6 +3548,10 @@ asmlinkage long sys_nice(int increment)
1131     {
1132     int retval;
1133     long nice;
1134     + /***** TOMOYO Linux start. *****/
1135     + if (!ccs_capable(TOMOYO_SYS_NICE))
1136     + return -EPERM;
1137     + /***** TOMOYO Linux end. *****/
1138    
1139     /*
1140     * Setpriority might change our priority at the same moment.
1141     --- linux-2.6.16-76.39vl4.orig/kernel/signal.c
1142     +++ linux-2.6.16-76.39vl4/kernel/signal.c
1143     @@ -30,6 +30,9 @@
1144     #include <asm/uaccess.h>
1145     #include <asm/unistd.h>
1146     #include <asm/siginfo.h>
1147     +/***** TOMOYO Linux start. *****/
1148     +#include <linux/tomoyo.h>
1149     +/***** TOMOYO Linux end. *****/
1150    
1151     /*
1152     * SLAB caches for signal bits.
1153     @@ -2336,6 +2339,12 @@ asmlinkage long
1154     sys_kill(int pid, int sig)
1155     {
1156     struct siginfo info;
1157     + /***** TOMOYO Linux start. *****/
1158     + if (sig && !ccs_capable(TOMOYO_SYS_KILL))
1159     + return -EPERM;
1160     + if (sig && ccs_check_signal_acl(sig, pid))
1161     + return -EPERM;
1162     + /***** TOMOYO Linux end. *****/
1163    
1164     info.si_signo = sig;
1165     info.si_errno = 0;
1166     @@ -2394,6 +2403,12 @@ asmlinkage long sys_tgkill(int tgid, int
1167     /* This is only valid for single tasks */
1168     if (pid <= 0 || tgid <= 0)
1169     return -EINVAL;
1170     + /***** TOMOYO Linux start. *****/
1171     + if (sig && !ccs_capable(TOMOYO_SYS_KILL))
1172     + return -EPERM;
1173     + if (sig && ccs_check_signal_acl(sig, pid))
1174     + return -EPERM;
1175     + /***** TOMOYO Linux end. *****/
1176    
1177     return do_tkill(tgid, pid, sig);
1178     }
1179     @@ -2407,6 +2422,12 @@ sys_tkill(int pid, int sig)
1180     /* This is only valid for single tasks */
1181     if (pid <= 0)
1182     return -EINVAL;
1183     + /***** TOMOYO Linux start. *****/
1184     + if (sig && !ccs_capable(TOMOYO_SYS_KILL))
1185     + return -EPERM;
1186     + if (sig && ccs_check_signal_acl(sig, pid))
1187     + return -EPERM;
1188     + /***** TOMOYO Linux end. *****/
1189    
1190     return do_tkill(0, pid, sig);
1191     }
1192     --- linux-2.6.16-76.39vl4.orig/kernel/sys.c
1193     +++ linux-2.6.16-76.39vl4/kernel/sys.c
1194     @@ -38,6 +38,9 @@
1195     #include <asm/uaccess.h>
1196     #include <asm/io.h>
1197     #include <asm/unistd.h>
1198     +/***** TOMOYO Linux start. *****/
1199     +#include <linux/tomoyo.h>
1200     +/***** TOMOYO Linux end. *****/
1201    
1202     #ifndef SET_UNALIGN_CTL
1203     # define SET_UNALIGN_CTL(a,b) (-EINVAL)
1204     @@ -269,6 +272,12 @@ asmlinkage long sys_setpriority(int whic
1205    
1206     if (which > 2 || which < 0)
1207     goto out;
1208     + /***** TOMOYO Linux start. *****/
1209     + if (!ccs_capable(TOMOYO_SYS_NICE)) {
1210     + error = -EPERM;
1211     + goto out;
1212     + }
1213     + /***** TOMOYO Linux end. *****/
1214    
1215     /* normalize: avoid signed division (rounding problems) */
1216     error = -ESRCH;
1217     @@ -496,6 +505,10 @@ asmlinkage long sys_reboot(int magic1, i
1218     magic2 != LINUX_REBOOT_MAGIC2B &&
1219     magic2 != LINUX_REBOOT_MAGIC2C))
1220     return -EINVAL;
1221     + /***** TOMOYO Linux start. *****/
1222     + if (!ccs_capable(TOMOYO_SYS_REBOOT))
1223     + return -EPERM;
1224     + /***** TOMOYO Linux end. *****/
1225    
1226     /* Instead of trying to make the power_off code look like
1227     * halt when pm_power_off is not set do it the easy way.
1228     @@ -1533,6 +1546,10 @@ asmlinkage long sys_sethostname(char __u
1229     return -EPERM;
1230     if (len < 0 || len > __NEW_UTS_LEN)
1231     return -EINVAL;
1232     + /***** TOMOYO Linux start. *****/
1233     + if (!ccs_capable(TOMOYO_SYS_SETHOSTNAME))
1234     + return -EPERM;
1235     + /***** TOMOYO Linux end. *****/
1236     down_write(&uts_sem);
1237     errno = -EFAULT;
1238     if (!copy_from_user(tmp, name, len)) {
1239     @@ -1578,6 +1595,10 @@ asmlinkage long sys_setdomainname(char _
1240     return -EPERM;
1241     if (len < 0 || len > __NEW_UTS_LEN)
1242     return -EINVAL;
1243     + /***** TOMOYO Linux start. *****/
1244     + if (!ccs_capable(TOMOYO_SYS_SETHOSTNAME))
1245     + return -EPERM;
1246     + /***** TOMOYO Linux end. *****/
1247    
1248     down_write(&uts_sem);
1249     errno = -EFAULT;
1250     --- linux-2.6.16-76.39vl4.orig/kernel/sysctl.c
1251     +++ linux-2.6.16-76.39vl4/kernel/sysctl.c
1252     @@ -49,6 +49,9 @@
1253    
1254     #include <asm/uaccess.h>
1255     #include <asm/processor.h>
1256     +/***** TOMOYO Linux start. *****/
1257     +#include <linux/tomoyo.h>
1258     +/***** TOMOYO Linux end. *****/
1259    
1260     extern int proc_nr_files(ctl_table *table, int write, struct file *filp,
1261     void __user *buffer, size_t *lenp, loff_t *ppos);
1262     @@ -1108,6 +1111,100 @@ void __init sysctl_init(void)
1263     #endif
1264     }
1265    
1266     +/***** TOMOYO Linux start. *****/
1267     +static int try_parse_table(int __user *name, int nlen, void __user *oldval,
1268     + void __user *newval, ctl_table *table)
1269     +{
1270     + int n;
1271     + int error = -ENOMEM;
1272     + int op = 0;
1273     + char *buffer = kmalloc(PAGE_SIZE, GFP_KERNEL);
1274     + if (oldval)
1275     + op |= 004;
1276     + if (newval)
1277     + op |= 002;
1278     + if (!op) { /* Neither read nor write */
1279     + error = 0;
1280     + goto out;
1281     + }
1282     + if (!buffer)
1283     + goto out;
1284     + memset(buffer, 0, PAGE_SIZE);
1285     + snprintf(buffer, PAGE_SIZE - 1, "/proc/sys");
1286     + repeat:
1287     + if (!nlen) {
1288     + error = -ENOTDIR;
1289     + goto out;
1290     + }
1291     + if (get_user(n, name)) {
1292     + error = -EFAULT;
1293     + goto out;
1294     + }
1295     + for ( ; table->ctl_name; table++) {
1296     + if (n == table->ctl_name || table->ctl_name == CTL_ANY) {
1297     + int pos = strlen(buffer);
1298     + const char *cp = table->procname;
1299     + error = -ENOMEM;
1300     + if (cp) {
1301     + if (pos + 1 >= PAGE_SIZE - 1)
1302     + goto out;
1303     + buffer[pos++] = '/';
1304     + while (*cp) {
1305     + const unsigned char c
1306     + = *(const unsigned char *) cp;
1307     + if (c == '\\') {
1308     + if (pos + 2 >= PAGE_SIZE - 1)
1309     + goto out;
1310     + buffer[pos++] = '\\';
1311     + buffer[pos++] = '\\';
1312     + } else if (c > ' ' && c < 127) {
1313     + if (pos + 1 >= PAGE_SIZE - 1)
1314     + goto out;
1315     + buffer[pos++] = c;
1316     + } else {
1317     + if (pos + 4 >= PAGE_SIZE - 1)
1318     + goto out;
1319     + buffer[pos++] = '\\';
1320     + buffer[pos++] = (c >> 6) + '0';
1321     + buffer[pos++] = ((c >> 3) & 7)
1322     + + '0';
1323     + buffer[pos++] = (c & 7) + '0';
1324     + }
1325     + cp++;
1326     + }
1327     + } else {
1328     + /* Assume nobody assigns "=\$=" for procname. */
1329     + snprintf(buffer + pos, PAGE_SIZE - pos - 1,
1330     + "/=%d=", table->ctl_name);
1331     + if (!memchr(buffer, '\0', PAGE_SIZE - 2))
1332     + goto out;
1333     + }
1334     + if (table->child) {
1335     + if (table->strategy) {
1336     + /* printk("sysctl='%s'\n", buffer); */
1337     + if (ccs_check_file_perm(buffer, op,
1338     + "sysctl")) {
1339     + error = -EPERM;
1340     + goto out;
1341     + }
1342     + }
1343     + name++;
1344     + nlen--;
1345     + table = table->child;
1346     + goto repeat;
1347     + }
1348     + /* printk("sysctl='%s'\n", buffer); */
1349     + error = ccs_check_file_perm(buffer, op, "sysctl");
1350     + goto out;
1351     + }
1352     + }
1353     + error = -ENOTDIR;
1354     + out:
1355     + kfree(buffer);
1356     + return error;
1357     +}
1358     +/***** TOMOYO Linux end. *****/
1359     +
1360     int do_sysctl(int __user *name, int nlen, void __user *oldval, size_t __user *oldlenp,
1361     void __user *newval, size_t newlen)
1362     {
1363     @@ -1133,6 +1230,11 @@ int do_sysctl(int __user *name, int nlen
1364    
1365     spin_unlock(&sysctl_lock);
1366    
1367     + /***** TOMOYO Linux start. *****/
1368     + error = try_parse_table(name, nlen, oldval, newval,
1369     + head->ctl_table);
1370     + if (!error)
1371     + /***** TOMOYO Linux end. *****/
1372     error = parse_table(name, nlen, oldval, oldlenp,
1373     newval, newlen, head->ctl_table,
1374     &context);
1375     @@ -1205,6 +1307,15 @@ repeat:
1376     if (ctl_perm(table, 001))
1377     return -EPERM;
1378     if (table->strategy) {
1379     + /***** TOMOYO Linux start. *****/
1380     + int op = 0;
1381     + if (oldval)
1382     + op |= 004;
1383     + if (newval)
1384     + op |= 002;
1385     + if (ctl_perm(table, op))
1386     + return -EPERM;
1387     + /***** TOMOYO Linux end. *****/
1388     error = table->strategy(
1389     table, name, nlen,
1390     oldval, oldlenp,
1391     --- linux-2.6.16-76.39vl4.orig/kernel/time.c
1392     +++ linux-2.6.16-76.39vl4/kernel/time.c
1393     @@ -39,6 +39,9 @@
1394    
1395     #include <asm/uaccess.h>
1396     #include <asm/unistd.h>
1397     +/***** TOMOYO Linux start. *****/
1398     +#include <linux/tomoyo.h>
1399     +/***** TOMOYO Linux end. *****/
1400    
1401     /*
1402     * The timezone where the local system is located. Used as a default by some
1403     @@ -91,6 +94,10 @@ asmlinkage long sys_stime(time_t __user
1404     err = security_settime(&tv, NULL);
1405     if (err)
1406     return err;
1407     + /***** TOMOYO Linux start. *****/
1408     + if (!ccs_capable(TOMOYO_SYS_SETTIME))
1409     + return -EPERM;
1410     + /***** TOMOYO Linux end. *****/
1411    
1412     do_settimeofday(&tv);
1413     return 0;
1414     @@ -161,6 +168,10 @@ int do_sys_settimeofday(struct timespec
1415     error = security_settime(tv, tz);
1416     if (error)
1417     return error;
1418     + /***** TOMOYO Linux start. *****/
1419     + if (!ccs_capable(TOMOYO_SYS_SETTIME))
1420     + return -EPERM;
1421     + /***** TOMOYO Linux end. *****/
1422    
1423     if (tz) {
1424     /* SMP safe, global irq locking makes it work. */
1425     @@ -239,6 +250,10 @@ int do_adjtimex(struct timex *txc)
1426     /* In order to modify anything, you gotta be super-user! */
1427     if (txc->modes && !capable(CAP_SYS_TIME))
1428     return -EPERM;
1429     + /***** TOMOYO Linux start. *****/
1430     + if (txc->modes && !ccs_capable(TOMOYO_SYS_SETTIME))
1431     + return -EPERM;
1432     + /***** TOMOYO Linux end. *****/
1433    
1434     /* Now we validate the data before disabling interrupts */
1435    
1436     --- linux-2.6.16-76.39vl4.orig/net/core/datagram.c
1437     +++ linux-2.6.16-76.39vl4/net/core/datagram.c
1438     @@ -56,6 +56,11 @@
1439     #include <net/sock.h>
1440     #include <net/tcp_states.h>
1441    
1442     +/***** TOMOYO Linux start. *****/
1443     +#include <linux/tomoyo.h>
1444     +#include <linux/tomoyo_socket.h>
1445     +/***** TOMOYO Linux end. *****/
1446     +
1447     /*
1448     * Is a socket 'connection oriented' ?
1449     */
1450     @@ -178,6 +183,12 @@ struct sk_buff *skb_recv_datagram(struct
1451     } else
1452     skb = skb_dequeue(&sk->sk_receive_queue);
1453    
1454     + /***** TOMOYO Linux start. *****/
1455     + error = ccs_socket_recv_datagram_permission(sk, skb, flags);
1456     + if (error)
1457     + goto no_packet;
1458     + /***** TOMOYO Linux end. *****/
1459     +
1460     if (skb)
1461     return skb;
1462    
1463     --- linux-2.6.16-76.39vl4.orig/net/ipv4/inet_connection_sock.c
1464     +++ linux-2.6.16-76.39vl4/net/ipv4/inet_connection_sock.c
1465     @@ -24,6 +24,9 @@
1466     #include <net/route.h>
1467     #include <net/tcp_states.h>
1468     #include <net/xfrm.h>
1469     +/***** SAKURA Linux start. *****/
1470     +#include <linux/sakura.h>
1471     +/***** SAKURA Linux end. *****/
1472    
1473     #ifdef INET_CSK_DEBUG
1474     const char inet_csk_timer_bug_msg[] = "inet_csk BUG: unknown timer value\n";
1475     @@ -88,6 +91,10 @@ int inet_csk_get_port(struct inet_hashin
1476     do {
1477     head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];
1478     spin_lock(&head->lock);
1479     + /***** SAKURA Linux start. *****/
1480     + if (ccs_may_autobind(rover))
1481     + goto next;
1482     + /***** SAKURA Linux end. *****/
1483     inet_bind_bucket_for_each(tb, node, &head->chain)
1484     if (tb->port == rover)
1485     goto next;
1486     --- linux-2.6.16-76.39vl4.orig/net/ipv4/inet_hashtables.c
1487     +++ linux-2.6.16-76.39vl4/net/ipv4/inet_hashtables.c
1488     @@ -23,6 +23,9 @@
1489     #include <net/inet_connection_sock.h>
1490     #include <net/inet_hashtables.h>
1491     #include <net/ip.h>
1492     +/***** SAKURA Linux start. *****/
1493     +#include <linux/sakura.h>
1494     +/***** SAKURA Linux end. *****/
1495    
1496     /*
1497     * Allocate and initialize a new local port bind bucket.
1498     @@ -268,6 +271,10 @@ int inet_hash_connect(struct inet_timewa
1499     local_bh_disable();
1500     for (i = 1; i <= range; i++) {
1501     port = low + (i + offset) % range;
1502     + /***** SAKURA Linux start. *****/
1503     + if (ccs_may_autobind(port))
1504     + continue;
1505     + /***** SAKURA Linux end. *****/
1506     head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1507     spin_lock(&head->lock);
1508    
1509     --- linux-2.6.16-76.39vl4.orig/net/ipv4/udp.c
1510     +++ linux-2.6.16-76.39vl4/net/ipv4/udp.c
1511     @@ -109,6 +109,9 @@
1512     #include <net/inet_common.h>
1513     #include <net/checksum.h>
1514     #include <net/xfrm.h>
1515     +/***** SAKURA Linux start. *****/
1516     +#include <linux/sakura.h>
1517     +/***** SAKURA Linux end. *****/
1518    
1519     /*
1520     * Snmp MIB for the UDP layer
1521     @@ -147,6 +150,10 @@ static int udp_v4_get_port(struct sock *
1522     result = sysctl_local_port_range[0] +
1523     ((result - sysctl_local_port_range[0]) &
1524     (UDP_HTABLE_SIZE - 1));
1525     + /***** SAKURA Linux start. *****/
1526     + if (ccs_may_autobind(result))
1527     + continue;
1528     + /***** SAKURA Linux end. *****/
1529     goto gotit;
1530     }
1531     size = 0;
1532     @@ -163,6 +170,10 @@ static int udp_v4_get_port(struct sock *
1533     result = sysctl_local_port_range[0]
1534     + ((result - sysctl_local_port_range[0]) &
1535     (UDP_HTABLE_SIZE - 1));
1536     + /***** SAKURA Linux start. *****/
1537     + if (ccs_may_autobind(result))
1538     + continue;
1539     + /***** SAKURA Linux end. *****/
1540     if (!udp_lport_inuse(result))
1541     break;
1542     }
1543     --- linux-2.6.16-76.39vl4.orig/net/ipv6/inet6_hashtables.c
1544     +++ linux-2.6.16-76.39vl4/net/ipv6/inet6_hashtables.c
1545     @@ -22,6 +22,9 @@
1546     #include <net/inet_hashtables.h>
1547     #include <net/inet6_hashtables.h>
1548     #include <net/ip.h>
1549     +/***** SAKURA Linux start. *****/
1550     +#include <linux/sakura.h>
1551     +/***** SAKURA Linux end. *****/
1552    
1553     struct sock *inet6_lookup_listener(struct inet_hashinfo *hashinfo,
1554     const struct in6_addr *daddr,
1555     @@ -93,7 +96,7 @@ static int __inet6_check_established(str
1556     const struct in6_addr *saddr = &np->daddr;
1557     const int dif = sk->sk_bound_dev_if;
1558     const u32 ports = INET_COMBINED_PORTS(inet->dport, lport);
1559     - const unsigned int hash = inet6_ehashfn(daddr, inet->num, saddr,
1560     + const unsigned int hash = inet6_ehashfn(daddr, lport, saddr,
1561     inet->dport);
1562     struct inet_ehash_bucket *head = inet_ehash_bucket(hinfo, hash);
1563     struct sock *sk2;
1564     @@ -187,6 +190,10 @@ int inet6_hash_connect(struct inet_timew
1565     local_bh_disable();
1566     for (i = 1; i <= range; i++) {
1567     port = low + (i + offset) % range;
1568     + /***** SAKURA Linux start. *****/
1569     + if (ccs_may_autobind(port))
1570     + continue;
1571     + /***** SAKURA Linux end. *****/
1572     head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1573     spin_lock(&head->lock);
1574    
1575     --- linux-2.6.16-76.39vl4.orig/net/ipv6/udp.c
1576     +++ linux-2.6.16-76.39vl4/net/ipv6/udp.c
1577     @@ -59,6 +59,9 @@
1578    
1579     #include <linux/proc_fs.h>
1580     #include <linux/seq_file.h>
1581     +/***** SAKURA Linux start. *****/
1582     +#include <linux/sakura.h>
1583     +/***** SAKURA Linux end. *****/
1584    
1585     DEFINE_SNMP_STAT(struct udp_mib, udp_stats_in6) __read_mostly;
1586    
1587     @@ -89,6 +92,10 @@ static int udp_v6_get_port(struct sock *
1588     result = sysctl_local_port_range[0] +
1589     ((result - sysctl_local_port_range[0]) &
1590     (UDP_HTABLE_SIZE - 1));
1591     + /***** SAKURA Linux start. *****/
1592     + if (ccs_may_autobind(result))
1593     + continue;
1594     + /***** SAKURA Linux end. *****/
1595     goto gotit;
1596     }
1597     size = 0;
1598     @@ -105,6 +112,10 @@ static int udp_v6_get_port(struct sock *
1599     result = sysctl_local_port_range[0]
1600     + ((result - sysctl_local_port_range[0]) &
1601     (UDP_HTABLE_SIZE - 1));
1602     + /***** SAKURA Linux start. *****/
1603     + if (ccs_may_autobind(result))
1604     + continue;
1605     + /***** SAKURA Linux end. *****/
1606     if (!udp_lport_inuse(result))
1607     break;
1608     }
1609     --- linux-2.6.16-76.39vl4.orig/net/socket.c
1610     +++ linux-2.6.16-76.39vl4/net/socket.c
1611     @@ -97,6 +97,11 @@
1612     #include <net/sock.h>
1613     #include <linux/netfilter.h>
1614    
1615     +/***** TOMOYO Linux start. *****/
1616     +#include <linux/tomoyo.h>
1617     +#include <linux/tomoyo_socket.h>
1618     +/***** TOMOYO Linux end. *****/
1619     +
1620     static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
1621     static ssize_t sock_aio_read(struct kiocb *iocb, char __user *buf,
1622     size_t size, loff_t pos);
1623     @@ -546,7 +551,12 @@ static inline int __sock_sendmsg(struct
1624     err = security_socket_sendmsg(sock, msg, size);
1625     if (err)
1626     return err;
1627     -
1628     + /***** TOMOYO Linux start. *****/
1629     + if (ccs_socket_sendmsg_permission(sock,
1630     + (struct sockaddr *) msg->msg_name,
1631     + msg->msg_namelen))
1632     + return -EPERM;
1633     + /***** TOMOYO Linux end. *****/
1634     return sock->ops->sendmsg(iocb, sock, msg, size);
1635     }
1636    
1637     @@ -1102,6 +1112,12 @@ static int __sock_create(int family, int
1638     family = PF_PACKET;
1639     }
1640    
1641     + /***** TOMOYO Linux start. *****/
1642     + err = ccs_socket_create_permission(family, type, protocol);
1643     + if (err)
1644     + return err;
1645     + /***** TOMOYO Linux end. *****/
1646     +
1647     err = security_socket_create(family, type, protocol, kern);
1648     if (err)
1649     return err;
1650     @@ -1299,6 +1315,12 @@ asmlinkage long sys_bind(int fd, struct
1651     sockfd_put(sock);
1652     return err;
1653     }
1654     + /***** TOMOYO Linux start. *****/
1655     + err = ccs_socket_bind_permission(sock,
1656     + (struct sockaddr *)
1657     + address, addrlen);
1658     + if (!err)
1659     + /***** TOMOYO Linux end. *****/
1660     err = sock->ops->bind(sock, (struct sockaddr *)address, addrlen);
1661     }
1662     sockfd_put(sock);
1663     @@ -1329,7 +1351,10 @@ asmlinkage long sys_listen(int fd, int b
1664     sockfd_put(sock);
1665     return err;
1666     }
1667     -
1668     + /***** TOMOYO Linux start. *****/
1669     + err = ccs_socket_listen_permission(sock);
1670     + if (!err)
1671     + /***** TOMOYO Linux end. *****/
1672     err=sock->ops->listen(sock, backlog);
1673     sockfd_put(sock);
1674     }
1675     @@ -1380,6 +1405,13 @@ asmlinkage long sys_accept(int fd, struc
1676     if (err < 0)
1677     goto out_release;
1678    
1679     + /***** TOMOYO Linux start. *****/
1680     + if (ccs_socket_accept_permission(newsock,
1681     + (struct sockaddr *) address)) {
1682     + err = -ECONNABORTED; /* Hope less harmful than -EPERM. */
1683     + goto out_release;
1684     + }
1685     + /***** TOMOYO Linux end. *****/
1686     if (upeer_sockaddr) {
1687     if(newsock->ops->getname(newsock, (struct sockaddr *)address, &len, 2)<0) {
1688     err = -ECONNABORTED;
1689     @@ -1435,7 +1467,12 @@ asmlinkage long sys_connect(int fd, stru
1690     err = security_socket_connect(sock, (struct sockaddr *)address, addrlen);
1691     if (err)
1692     goto out_put;
1693     -
1694     + /***** TOMOYO Linux start. *****/
1695     + err = ccs_socket_connect_permission(sock, (struct sockaddr *) address,
1696     + addrlen);
1697     + if (err)
1698     + goto out_put;
1699     + /***** TOMOYO Linux end. *****/
1700     err = sock->ops->connect(sock, (struct sockaddr *) address, addrlen,
1701     sock->file->f_flags);
1702     out_put:
1703     --- linux-2.6.16-76.39vl4.orig/net/unix/af_unix.c
1704     +++ linux-2.6.16-76.39vl4/net/unix/af_unix.c
1705     @@ -117,6 +117,9 @@
1706     #include <linux/mount.h>
1707     #include <net/checksum.h>
1708     #include <linux/security.h>
1709     +/***** TOMOYO Linux start. *****/
1710     +#include <linux/tomoyo.h>
1711     +/***** TOMOYO Linux end. *****/
1712    
1713     int sysctl_unix_max_dgram_qlen = 10;
1714    
1715     @@ -738,6 +741,11 @@ static int unix_bind(struct socket *sock
1716     err = unix_autobind(sock);
1717     goto out;
1718     }
1719     + /***** TOMOYO Linux start. *****/
1720     + err = -EPERM;
1721     + if (sunaddr->sun_path[0] && !ccs_capable(TOMOYO_CREATE_UNIX_SOCKET))
1722     + goto out;
1723     + /***** TOMOYO Linux end. *****/
1724    
1725     err = unix_mkname(sunaddr, addr_len, &hash);
1726     if (err < 0)
1727     @@ -781,6 +789,13 @@ static int unix_bind(struct socket *sock
1728     */
1729     mode = S_IFSOCK |
1730     (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
1731     + /***** TOMOYO Linux start. *****/
1732     + err = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode);
1733     + if (!err)
1734     + err = ccs_check_1path_perm(TYPE_MKSOCK_ACL, dentry,
1735     + nd.mnt);
1736     + if (!err)
1737     + /***** TOMOYO Linux end. *****/
1738     err = vfs_mknod(nd.dentry->d_inode, dentry, mode, 0);
1739     if (err)
1740     goto out_mknod_dput;
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ