Diff of /trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.16-vine-linux-4.2.diff

TOMOYO

 Subversion リポジトリの参照



/[tomoyo]/trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.16-vine-linux-4.2.diff




Diff of /trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.16-vine-linux-4.2.diff



 Parent Directory

|  Revision Log



|  Patch














revision 2091 by kumaneko,
Thu Jan 29 09:56:56 2009 UTC




revision 2278 by kumaneko,
Wed Mar 18 08:12:58 2009 UTC






#

Line 2 
 This is TOMOYO Linux patch for VineLinux


Line 2 
 This is TOMOYO Linux patch for VineLinux












2
 
 

















3
 Source code for this patch is http://updates.vinelinux.org/Vine-4.2/updates/SRPMS/kernel-2.6.16-76.40vl4.src.rpm
 Source code for this patch is http://updates.vinelinux.org/Vine-4.2/updates/SRPMS/kernel-2.6.16-76.40vl4.src.rpm

















4
 ---
 ---















5


  arch/alpha/kernel/ptrace.c      |    9 +++


  arch/alpha/kernel/ptrace.c      |    7 ++













6


  arch/ia64/ia32/sys_ia32.c       |    9 +++


  arch/ia64/ia32/sys_ia32.c       |    7 ++













7


  arch/ia64/kernel/ptrace.c       |    9 +++


  arch/ia64/kernel/ptrace.c       |    7 ++













8


  arch/m32r/kernel/ptrace.c       |    9 +++


  arch/m32r/kernel/ptrace.c       |    7 ++













9


  arch/mips/kernel/ptrace32.c     |    9 +++


  arch/mips/kernel/ptrace32.c     |    7 ++













10


  arch/powerpc/kernel/ptrace32.c  |    9 +++


  arch/powerpc/kernel/ptrace32.c  |    7 ++













11


  arch/s390/kernel/ptrace.c       |    9 +++


  arch/s390/kernel/ptrace.c       |    7 ++













12


  arch/sparc/kernel/ptrace.c      |   11 +++


  arch/sparc/kernel/ptrace.c      |    9 +++













13


  arch/sparc64/kernel/ptrace.c    |   11 +++


  arch/sparc64/kernel/ptrace.c    |    9 +++













14


  arch/x86_64/ia32/ptrace32.c     |    9 +++


  arch/x86_64/ia32/ptrace32.c     |    7 ++















15
  fs/Kconfig                      |    2 
  fs/Kconfig                      |    2 

















16
  fs/Makefile                     |    2 
  fs/Makefile                     |    2 

















17
  fs/attr.c                       |   19 ++++++
  fs/attr.c                       |   19 ++++++











#

Line 30 
 Source code for this patch is http://upd


Line 30 
 Source code for this patch is http://upd












30
  kernel/kexec.c                  |    7 ++
  kernel/kexec.c                  |    7 ++

















31
  kernel/kmod.c                   |    5 +
  kernel/kmod.c                   |    5 +

















32
  kernel/module.c                 |   13 +++-
  kernel/module.c                 |   13 +++-















33


  kernel/ptrace.c                 |    9 +++


  kernel/ptrace.c                 |    7 ++















34
  kernel/sched.c                  |    7 ++
  kernel/sched.c                  |    7 ++

















35
  kernel/signal.c                 |   21 +++++++
  kernel/signal.c                 |   21 +++++++

















36
  kernel/sys.c                    |   21 +++++++
  kernel/sys.c                    |   21 +++++++











#

Line 44 
 Source code for this patch is http://upd


Line 44 
 Source code for this patch is http://upd












44
  net/ipv6/udp.c                  |   11 +++
  net/ipv6/udp.c                  |   11 +++

















45
  net/socket.c                    |   43 +++++++++++++-
  net/socket.c                    |   43 +++++++++++++-

















46
  net/unix/af_unix.c              |   15 +++++
  net/unix/af_unix.c              |   15 +++++















47


  42 files changed, 703 insertions(+), 10 deletions(-)


  42 files changed, 681 insertions(+), 10 deletions(-)















48
 
 

















49
 --- linux-2.6.16-76.40vl4.orig/arch/alpha/kernel/ptrace.c
 --- linux-2.6.16-76.40vl4.orig/arch/alpha/kernel/ptrace.c

















50
 +++ linux-2.6.16-76.40vl4/arch/alpha/kernel/ptrace.c
 +++ linux-2.6.16-76.40vl4/arch/alpha/kernel/ptrace.c











#

Line 58 
 Source code for this patch is http://upd


Line 58 
 Source code for this patch is http://upd












58
  
  

















59
  #include "proto.h"
  #include "proto.h"

















60
  
  















61


 @@ -268,6 +271,12 @@ do_sys_ptrace(long request, long pid, lo


 @@ -268,6 +271,10 @@ do_sys_ptrace(long request, long pid, lo















62
         unsigned long tmp;
         unsigned long tmp;

















63
         size_t copied;
         size_t copied;

















64
         long ret;
         long ret;

















65
 +       /***** TOMOYO Linux start. *****/
 +       /***** TOMOYO Linux start. *****/














 +#ifdef TOMOYO_SYS_PTRACE
 













66
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))

















67
 +               return -EPERM;
 +               return -EPERM;














 +#endif
 













68
 +       /***** TOMOYO Linux end. *****/
 +       /***** TOMOYO Linux end. *****/

















69
  
  

















70
         lock_kernel();
         lock_kernel();











#

Line 83 
 Source code for this patch is http://upd


Line 81 
 Source code for this patch is http://upd












81
  
  

















82
  #include "ia32priv.h"
  #include "ia32priv.h"

















83
  
  















84


 @@ -1755,6 +1758,12 @@ sys32_ptrace (int request, pid_t pid, un


 @@ -1755,6 +1758,10 @@ sys32_ptrace (int request, pid_t pid, un















85
         struct task_struct *child;
         struct task_struct *child;

















86
         unsigned int value, tmp;
         unsigned int value, tmp;

















87
         long i, ret;
         long i, ret;

















88
 +       /***** TOMOYO Linux start. *****/
 +       /***** TOMOYO Linux start. *****/














 +#ifdef TOMOYO_SYS_PTRACE
 













89
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))

















90
 +               return -EPERM;
 +               return -EPERM;














 +#endif
 













91
 +       /***** TOMOYO Linux end. *****/
 +       /***** TOMOYO Linux end. *****/

















92
  
  

















93
         lock_kernel();
         lock_kernel();











#

Line 108 
 Source code for this patch is http://upd


Line 104 
 Source code for this patch is http://upd












104
  
  

















105
  #include "entry.h"
  #include "entry.h"

















106
  
  















107


 @@ -1418,6 +1421,12 @@ sys_ptrace (long request, pid_t pid, uns


 @@ -1418,6 +1421,10 @@ sys_ptrace (long request, pid_t pid, uns















108
         struct task_struct *child;
         struct task_struct *child;

















109
         struct switch_stack *sw;
         struct switch_stack *sw;

















110
         long ret;
         long ret;

















111
 +       /***** TOMOYO Linux start. *****/
 +       /***** TOMOYO Linux start. *****/














 +#ifdef TOMOYO_SYS_PTRACE
 













112
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))

















113
 +               return -EPERM;
 +               return -EPERM;














 +#endif
 













114
 +       /***** TOMOYO Linux end. *****/
 +       /***** TOMOYO Linux end. *****/

















115
  
  

















116
         lock_kernel();
         lock_kernel();











#

Line 133 
 Source code for this patch is http://upd


Line 127 
 Source code for this patch is http://upd












127
  
  

















128
  /*
  /*

















129
   * This routine will get a word off of the process kernel stack.
   * This routine will get a word off of the process kernel stack.















130


 @@ -743,6 +746,12 @@ asmlinkage long sys_ptrace(long request,


 @@ -743,6 +746,10 @@ asmlinkage long sys_ptrace(long request,















131
  {
  {

















132
         struct task_struct *child;
         struct task_struct *child;

















133
         int ret;
         int ret;

















134
 +       /***** TOMOYO Linux start. *****/
 +       /***** TOMOYO Linux start. *****/














 +#ifdef TOMOYO_SYS_PTRACE
 













135
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))

















136
 +               return -EPERM;
 +               return -EPERM;














 +#endif
 













137
 +       /***** TOMOYO Linux end. *****/
 +       /***** TOMOYO Linux end. *****/

















138
  
  

















139
         lock_kernel();
         lock_kernel();











#

Line 158 
 Source code for this patch is http://upd


Line 150 
 Source code for this patch is http://upd












150
  
  

















151
  int ptrace_getregs (struct task_struct *child, __s64 __user *data);
  int ptrace_getregs (struct task_struct *child, __s64 __user *data);

















152
  int ptrace_setregs (struct task_struct *child, __s64 __user *data);
  int ptrace_setregs (struct task_struct *child, __s64 __user *data);















153


 @@ -50,6 +53,12 @@ asmlinkage int sys32_ptrace(int request,


 @@ -50,6 +53,10 @@ asmlinkage int sys32_ptrace(int request,















154
  {
  {

















155
         struct task_struct *child;
         struct task_struct *child;

















156
         int ret;
         int ret;

















157
 +       /***** TOMOYO Linux start. *****/
 +       /***** TOMOYO Linux start. *****/














 +#ifdef TOMOYO_SYS_PTRACE
 













158
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))

















159
 +               return -EPERM;
 +               return -EPERM;














 +#endif
 













160
 +       /***** TOMOYO Linux end. *****/
 +       /***** TOMOYO Linux end. *****/

















161
  
  

















162
  #if 0
  #if 0











#

Line 183 
 Source code for this patch is http://upd


Line 173 
 Source code for this patch is http://upd












173
  
  

















174
  #include "ptrace-common.h"
  #include "ptrace-common.h"

















175
  
  















176


 @@ -46,6 +49,12 @@ long compat_sys_ptrace(int request, int 


 @@ -46,6 +49,10 @@ long compat_sys_ptrace(int request, int 















177
  {
  {

















178
         struct task_struct *child;
         struct task_struct *child;

















179
         int ret;
         int ret;

















180
 +       /***** TOMOYO Linux start. *****/
 +       /***** TOMOYO Linux start. *****/














 +#ifdef TOMOYO_SYS_PTRACE
 













181
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))

















182
 +               return -EPERM;
 +               return -EPERM;














 +#endif
 













183
 +       /***** TOMOYO Linux end. *****/
 +       /***** TOMOYO Linux end. *****/

















184
  
  

















185
         lock_kernel();
         lock_kernel();











#

Line 208 
 Source code for this patch is http://upd


Line 196 
 Source code for this patch is http://upd












196
  
  

















197
  #ifdef CONFIG_COMPAT
  #ifdef CONFIG_COMPAT

















198
  #include "compat_ptrace.h"
  #include "compat_ptrace.h"















199


 @@ -711,6 +714,12 @@ sys_ptrace(long request, long pid, long 


 @@ -711,6 +714,10 @@ sys_ptrace(long request, long pid, long 















200
         struct task_struct *child;
         struct task_struct *child;

















201
         int ret;
         int ret;

















202
  
  

















203
 +       /***** TOMOYO Linux start. *****/
 +       /***** TOMOYO Linux start. *****/














 +#ifdef TOMOYO_SYS_PTRACE
 













204
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))

















205
 +               return -EPERM;
 +               return -EPERM;














 +#endif
 













206
 +       /***** TOMOYO Linux end. *****/
 +       /***** TOMOYO Linux end. *****/

















207
         lock_kernel();
         lock_kernel();

















208
         if (request == PTRACE_TRACEME) {
         if (request == PTRACE_TRACEME) {











#

Line 233 
 Source code for this patch is http://upd


Line 219 
 Source code for this patch is http://upd












219
  
  

















220
  #define MAGIC_CONSTANT 0x80000000
  #define MAGIC_CONSTANT 0x80000000

















221
  
  















222


 @@ -267,6 +270,14 @@ asmlinkage void do_ptrace(struct pt_regs


 @@ -267,6 +270,12 @@ asmlinkage void do_ptrace(struct pt_regs















223
         unsigned long addr2 = regs->u_regs[UREG_I4];
         unsigned long addr2 = regs->u_regs[UREG_I4];

















224
         struct task_struct *child;
         struct task_struct *child;

















225
         int ret;
         int ret;

















226
 +       /***** TOMOYO Linux start. *****/
 +       /***** TOMOYO Linux start. *****/














 +#ifdef TOMOYO_SYS_PTRACE
 













227
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE)) {
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE)) {

















228
 +               pt_error_return(regs, EPERM);
 +               pt_error_return(regs, EPERM);

















229
 +               return;
 +               return;

















230
 +       }
 +       }














 +#endif
 













231
 +       /***** TOMOYO Linux end. *****/
 +       /***** TOMOYO Linux end. *****/

















232
  
  

















233
         lock_kernel();
         lock_kernel();











#

Line 260 
 Source code for this patch is http://upd


Line 244 
 Source code for this patch is http://upd












244
  
  

















245
  /* Returning from ptrace is a bit tricky because the syscall return
  /* Returning from ptrace is a bit tricky because the syscall return

















246
   * low level code assumes any value returned which is negative and
   * low level code assumes any value returned which is negative and















247


 @@ -173,6 +176,14 @@ asmlinkage void do_ptrace(struct pt_regs


 @@ -173,6 +176,12 @@ asmlinkage void do_ptrace(struct pt_regs















248
         unsigned long addr2 = regs->u_regs[UREG_I4];
         unsigned long addr2 = regs->u_regs[UREG_I4];

















249
         struct task_struct *child;
         struct task_struct *child;

















250
         int ret;
         int ret;

















251
 +       /***** TOMOYO Linux start. *****/
 +       /***** TOMOYO Linux start. *****/














 +#ifdef TOMOYO_SYS_PTRACE
 













252
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE)) {
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE)) {

















253
 +               pt_error_return(regs, EPERM);
 +               pt_error_return(regs, EPERM);

















254
 +               return;
 +               return;

















255
 +       }
 +       }














 +#endif
 













256
 +       /***** TOMOYO Linux end. *****/
 +       /***** TOMOYO Linux end. *****/

















257
  
  

















258
         if (test_thread_flag(TIF_32BIT)) {
         if (test_thread_flag(TIF_32BIT)) {











#

Line 287 
 Source code for this patch is http://upd


Line 269 
 Source code for this patch is http://upd












269
  
  

















270
  /*
  /*

















271
   * Determines which flags the user has access to [1 = access, 0 = no access].
   * Determines which flags the user has access to [1 = access, 0 = no access].















272


 @@ -206,6 +209,12 @@ asmlinkage long sys32_ptrace(long reques


 @@ -206,6 +209,10 @@ asmlinkage long sys32_ptrace(long reques















273
         void __user *datap = compat_ptr(data);
         void __user *datap = compat_ptr(data);

















274
         int ret;
         int ret;

















275
         __u32 val;
         __u32 val;

















276
 +       /***** TOMOYO Linux start. *****/
 +       /***** TOMOYO Linux start. *****/














 +#ifdef TOMOYO_SYS_PTRACE
 













277
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))

















278
 +               return -EPERM;
 +               return -EPERM;














 +#endif
 













279
 +       /***** TOMOYO Linux end. *****/
 +       /***** TOMOYO Linux end. *****/

















280
  
  

















281
         switch (request) { 
         switch (request) { 











#

Line 1076 
 Source code for this patch is http://upd


Line 1056 
 Source code for this patch is http://upd












1056
  
  

















1057
  /*
  /*

















1058
   * ptrace a task: make the debugger its new parent and
   * ptrace a task: make the debugger its new parent and















1059


 @@ -495,6 +498,12 @@ asmlinkage long sys_ptrace(long request,


 @@ -495,6 +498,10 @@ asmlinkage long sys_ptrace(long request,















1060
         /*
         /*

















1061
          * This lock_kernel fixes a subtle race with suid exec
          * This lock_kernel fixes a subtle race with suid exec

















1062
          */
          */

















1063
 +       /***** TOMOYO Linux start. *****/
 +       /***** TOMOYO Linux start. *****/














 +#ifdef TOMOYO_SYS_PTRACE
 













1064
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
 +       if (!ccs_capable(TOMOYO_SYS_PTRACE))

















1065
 +               return -EPERM;
 +               return -EPERM;














 +#endif
 













1066
 +       /***** TOMOYO Linux end. *****/
 +       /***** TOMOYO Linux end. *****/

















1067
         lock_kernel();
         lock_kernel();

















1068
         if (request == PTRACE_TRACEME) {
         if (request == PTRACE_TRACEME) {





























Legend:



Removed from v.2091
 


changed lines


 
Added in v.2278













Back to OSDN">Back to OSDN
ViewVC Help


Powered by ViewVC 1.1.26
 /[tomoyo]/trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.16-vine-linux-4.2.diff
-revision 2091 by kumaneko,
Thu Jan 29 09:56:56 2009 UTC
+revision 2278 by kumaneko,
Wed Mar 18 08:12:58 2009 UTC
 Line 2 
 This is TOMOYO Linux patch for VineLinux
  Source code for this patch is http://updates.vinelinux.org/Vine-4.2/updates/SRPMS/kernel-2.6.16-76.40vl4.src.rpm
  ---
-  arch/alpha/kernel/ptrace.c      |    9 +++
+  arch/alpha/kernel/ptrace.c      |    7 ++
-  arch/ia64/ia32/sys_ia32.c       |    9 +++
+  arch/ia64/ia32/sys_ia32.c       |    7 ++
-  arch/ia64/kernel/ptrace.c       |    9 +++
+  arch/ia64/kernel/ptrace.c       |    7 ++
-  arch/m32r/kernel/ptrace.c       |    9 +++
+  arch/m32r/kernel/ptrace.c       |    7 ++
-  arch/mips/kernel/ptrace32.c     |    9 +++
+  arch/mips/kernel/ptrace32.c     |    7 ++
-  arch/powerpc/kernel/ptrace32.c  |    9 +++
+  arch/powerpc/kernel/ptrace32.c  |    7 ++
-  arch/s390/kernel/ptrace.c       |    9 +++
+  arch/s390/kernel/ptrace.c       |    7 ++
-  arch/sparc/kernel/ptrace.c      |   11 +++
+  arch/sparc/kernel/ptrace.c      |    9 +++
-  arch/sparc64/kernel/ptrace.c    |   11 +++
+  arch/sparc64/kernel/ptrace.c    |    9 +++
-  arch/x86_64/ia32/ptrace32.c     |    9 +++
+  arch/x86_64/ia32/ptrace32.c     |    7 ++
   fs/Kconfig                      |    2
   fs/Makefile                     |    2
   fs/attr.c                       |   19 ++++++
 Line 30 
 Source code for this patch is http://upd
   kernel/kexec.c                  |    7 ++
   kernel/kmod.c                   |    5 +
   kernel/module.c                 |   13 +++-
-  kernel/ptrace.c                 |    9 +++
+  kernel/ptrace.c                 |    7 ++
   kernel/sched.c                  |    7 ++
   kernel/signal.c                 |   21 +++++++
   kernel/sys.c                    |   21 +++++++
 Line 44 
 Source code for this patch is http://upd
   net/ipv6/udp.c                  |   11 +++
   net/socket.c                    |   43 +++++++++++++-
   net/unix/af_unix.c              |   15 +++++
-files changed, 703 insertions(+), 10 deletions(-)
+files changed, 681 insertions(+), 10 deletions(-)
  --- linux-2.6.16-76.40vl4.orig/arch/alpha/kernel/ptrace.c
  +++ linux-2.6.16-76.40vl4/arch/alpha/kernel/ptrace.c
 Line 58 
 Source code for this patch is http://upd
   #include "proto.h"
- @@ -268,6 +271,12 @@ do_sys_ptrace(long request, long pid, lo
+ @@ -268,6 +271,10 @@ do_sys_ptrace(long request, long pid, lo
          unsigned long tmp;
          size_t copied;
          long ret;
  +       /***** TOMOYO Linux start. *****/
- +#ifdef TOMOYO_SYS_PTRACE
  +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
  +               return -EPERM;
- +#endif
  +       /***** TOMOYO Linux end. *****/
          lock_kernel();
-Line 83 
 Source code for this patch is http://upd
+Line 81 
 Source code for this patch is http://upd
   #include "ia32priv.h"
- @@ -1755,6 +1758,12 @@ sys32_ptrace (int request, pid_t pid, un
+ @@ -1755,6 +1758,10 @@ sys32_ptrace (int request, pid_t pid, un
          struct task_struct *child;
          unsigned int value, tmp;
          long i, ret;
  +       /***** TOMOYO Linux start. *****/
- +#ifdef TOMOYO_SYS_PTRACE
  +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
  +               return -EPERM;
- +#endif
  +       /***** TOMOYO Linux end. *****/
          lock_kernel();
-Line 108 
 Source code for this patch is http://upd
+Line 104 
 Source code for this patch is http://upd
   #include "entry.h"
- @@ -1418,6 +1421,12 @@ sys_ptrace (long request, pid_t pid, uns
+ @@ -1418,6 +1421,10 @@ sys_ptrace (long request, pid_t pid, uns
          struct task_struct *child;
          struct switch_stack *sw;
          long ret;
  +       /***** TOMOYO Linux start. *****/
- +#ifdef TOMOYO_SYS_PTRACE
  +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
  +               return -EPERM;
- +#endif
  +       /***** TOMOYO Linux end. *****/
          lock_kernel();
-Line 133 
 Source code for this patch is http://upd
+Line 127 
 Source code for this patch is http://upd
   /*
    * This routine will get a word off of the process kernel stack.
- @@ -743,6 +746,12 @@ asmlinkage long sys_ptrace(long request,
+ @@ -743,6 +746,10 @@ asmlinkage long sys_ptrace(long request,
   {
          struct task_struct *child;
          int ret;
  +       /***** TOMOYO Linux start. *****/
- +#ifdef TOMOYO_SYS_PTRACE
  +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
  +               return -EPERM;
- +#endif
  +       /***** TOMOYO Linux end. *****/
          lock_kernel();
-Line 158 
 Source code for this patch is http://upd
+Line 150 
 Source code for this patch is http://upd
   int ptrace_getregs (struct task_struct *child, __s64 __user *data);
   int ptrace_setregs (struct task_struct *child, __s64 __user *data);
- @@ -50,6 +53,12 @@ asmlinkage int sys32_ptrace(int request,
+ @@ -50,6 +53,10 @@ asmlinkage int sys32_ptrace(int request,
   {
          struct task_struct *child;
          int ret;
  +       /***** TOMOYO Linux start. *****/
- +#ifdef TOMOYO_SYS_PTRACE
  +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
  +               return -EPERM;
- +#endif
  +       /***** TOMOYO Linux end. *****/
   #if 0
-Line 183 
 Source code for this patch is http://upd
+Line 173 
 Source code for this patch is http://upd
   #include "ptrace-common.h"
- @@ -46,6 +49,12 @@ long compat_sys_ptrace(int request, int
+ @@ -46,6 +49,10 @@ long compat_sys_ptrace(int request, int
   {
          struct task_struct *child;
          int ret;
  +       /***** TOMOYO Linux start. *****/
- +#ifdef TOMOYO_SYS_PTRACE
  +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
  +               return -EPERM;
- +#endif
  +       /***** TOMOYO Linux end. *****/
          lock_kernel();
-Line 208 
 Source code for this patch is http://upd
+Line 196 
 Source code for this patch is http://upd
   #ifdef CONFIG_COMPAT
   #include "compat_ptrace.h"
- @@ -711,6 +714,12 @@ sys_ptrace(long request, long pid, long
+ @@ -711,6 +714,10 @@ sys_ptrace(long request, long pid, long
          struct task_struct *child;
          int ret;
  +       /***** TOMOYO Linux start. *****/
- +#ifdef TOMOYO_SYS_PTRACE
  +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
  +               return -EPERM;
- +#endif
  +       /***** TOMOYO Linux end. *****/
          lock_kernel();
          if (request == PTRACE_TRACEME) {
-Line 233 
 Source code for this patch is http://upd
+Line 219 
 Source code for this patch is http://upd
   #define MAGIC_CONSTANT 0x80000000
- @@ -267,6 +270,14 @@ asmlinkage void do_ptrace(struct pt_regs
+ @@ -267,6 +270,12 @@ asmlinkage void do_ptrace(struct pt_regs
          unsigned long addr2 = regs->u_regs[UREG_I4];
          struct task_struct *child;
          int ret;
  +       /***** TOMOYO Linux start. *****/
- +#ifdef TOMOYO_SYS_PTRACE
  +       if (!ccs_capable(TOMOYO_SYS_PTRACE)) {
  +               pt_error_return(regs, EPERM);
  +               return;
  +       }
- +#endif
  +       /***** TOMOYO Linux end. *****/
          lock_kernel();
-Line 260 
 Source code for this patch is http://upd
+Line 244 
 Source code for this patch is http://upd
   /* Returning from ptrace is a bit tricky because the syscall return
    * low level code assumes any value returned which is negative and
- @@ -173,6 +176,14 @@ asmlinkage void do_ptrace(struct pt_regs
+ @@ -173,6 +176,12 @@ asmlinkage void do_ptrace(struct pt_regs
          unsigned long addr2 = regs->u_regs[UREG_I4];
          struct task_struct *child;
          int ret;
  +       /***** TOMOYO Linux start. *****/
- +#ifdef TOMOYO_SYS_PTRACE
  +       if (!ccs_capable(TOMOYO_SYS_PTRACE)) {
  +               pt_error_return(regs, EPERM);
  +               return;
  +       }
- +#endif
  +       /***** TOMOYO Linux end. *****/
          if (test_thread_flag(TIF_32BIT)) {
-Line 287 
 Source code for this patch is http://upd
+Line 269 
 Source code for this patch is http://upd
   /*
    * Determines which flags the user has access to [1 = access, 0 = no access].
- @@ -206,6 +209,12 @@ asmlinkage long sys32_ptrace(long reques
+ @@ -206,6 +209,10 @@ asmlinkage long sys32_ptrace(long reques
          void __user *datap = compat_ptr(data);
          int ret;
          __u32 val;
  +       /***** TOMOYO Linux start. *****/
- +#ifdef TOMOYO_SYS_PTRACE
  +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
  +               return -EPERM;
- +#endif
  +       /***** TOMOYO Linux end. *****/
          switch (request) {
-Line 1076 
 Source code for this patch is http://upd
+Line 1056 
 Source code for this patch is http://upd
   /*
    * ptrace a task: make the debugger its new parent and
- @@ -495,6 +498,12 @@ asmlinkage long sys_ptrace(long request,
+ @@ -495,6 +498,10 @@ asmlinkage long sys_ptrace(long request,
          /*
           * This lock_kernel fixes a subtle race with suid exec
           */
  +       /***** TOMOYO Linux start. *****/
- +#ifdef TOMOYO_SYS_PTRACE
  +       if (!ccs_capable(TOMOYO_SYS_PTRACE))
  +               return -EPERM;
- +#endif
  +       /***** TOMOYO Linux end. *****/
          lock_kernel();
          if (request == PTRACE_TRACEME) {
 Legend:



Removed from v.2091
 


changed lines


 
Added in v.2278
 Legend:



Removed from v.2091
 


changed lines


 
Added in v.2278
-Removed from v.2091
+Added in v.2278
-Back to OSDN">Back to OSDN
+ViewVC Help
 Powered by ViewVC 1.1.26

オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照