オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.21.diff

Annotation of /trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.21.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 324 - (hide annotations) (download)
Mon Aug 6 12:39:49 2007 UTC (16 years, 10 months ago) by kumaneko
Original Path: trunk/1.5.x/ccs-patch/ccs-patch-2.6.21.txt
File MIME type: text/plain
File size: 42918 byte(s) 
mkdir 1.5.x in trunk
1 kumaneko 193 diff -ubBpEr linux-2.6.21/Makefile linux-2.6.21-ccs/Makefile
2 kumaneko 237 --- linux-2.6.21/Makefile 2007-04-28 04:02:41.000000000 +0900
3     +++ linux-2.6.21-ccs/Makefile 2007-04-26 17:11:12.000000000 +0900
4 kumaneko 193 @@ -1,7 +1,7 @@
5     VERSION = 2
6     PATCHLEVEL = 6
7     SUBLEVEL = 21
8     -EXTRAVERSION =
9     +EXTRAVERSION = -ccs
10     NAME = Nocturnal Monster Puppy
11    
12     # *DOCUMENTATION*
13     diff -ubBpEr linux-2.6.21/fs/Kconfig linux-2.6.21-ccs/fs/Kconfig
14 kumaneko 237 --- linux-2.6.21/fs/Kconfig 2007-04-28 04:02:41.000000000 +0900
15     +++ linux-2.6.21-ccs/fs/Kconfig 2007-04-26 17:17:25.000000000 +0900
16 kumaneko 193 @@ -2055,5 +2055,7 @@ endif
17     source "fs/nls/Kconfig"
18     source "fs/dlm/Kconfig"
19    
20     +source "fs/Kconfig.ccs"
21     +
22     endmenu
23    
24     diff -ubBpEr linux-2.6.21/fs/Makefile linux-2.6.21-ccs/fs/Makefile
25 kumaneko 237 --- linux-2.6.21/fs/Makefile 2007-04-28 04:02:41.000000000 +0900
26     +++ linux-2.6.21-ccs/fs/Makefile 2007-04-28 04:02:47.000000000 +0900
27 kumaneko 193 @@ -114,3 +114,5 @@ obj-$(CONFIG_HPPFS) += hppfs/
28     obj-$(CONFIG_DEBUG_FS) += debugfs/
29     obj-$(CONFIG_OCFS2_FS) += ocfs2/
30     obj-$(CONFIG_GFS2_FS) += gfs2/
31     +
32     +include $(srctree)/fs/Makefile-2.6.ccs
33     diff -ubBpEr linux-2.6.21/fs/attr.c linux-2.6.21-ccs/fs/attr.c
34 kumaneko 237 --- linux-2.6.21/fs/attr.c 2007-04-28 04:02:41.000000000 +0900
35     +++ linux-2.6.21-ccs/fs/attr.c 2007-04-28 04:02:47.000000000 +0900
36 kumaneko 193 @@ -15,6 +15,9 @@
37     #include <linux/fcntl.h>
38     #include <linux/quotaops.h>
39     #include <linux/security.h>
40     +/***** TOMOYO Linux start. *****/
41     +#include <linux/tomoyo.h>
42     +/***** TOMOYO Linux end. *****/
43    
44     /* Taken over from the old code... */
45    
46     @@ -145,12 +148,20 @@ int notify_change(struct dentry * dentry
47    
48     if (inode->i_op && inode->i_op->setattr) {
49     error = security_inode_setattr(dentry, attr);
50     + /***** TOMOYO Linux start. *****/
51     + if (!error && (ia_valid & ATTR_MODE)) error = CheckCapabilityACL(TOMOYO_SYS_CHMOD);
52     + if (!error && (ia_valid & (ATTR_UID | ATTR_GID))) error = CheckCapabilityACL(TOMOYO_SYS_CHOWN);
53     + /***** TOMOYO Linux end. *****/
54     if (!error)
55     error = inode->i_op->setattr(dentry, attr);
56     } else {
57     error = inode_change_ok(inode, attr);
58     if (!error)
59     error = security_inode_setattr(dentry, attr);
60     + /***** TOMOYO Linux start. *****/
61     + if (!error && (ia_valid & ATTR_MODE)) error = CheckCapabilityACL(TOMOYO_SYS_CHMOD);
62     + if (!error && (ia_valid & (ATTR_UID | ATTR_GID))) error = CheckCapabilityACL(TOMOYO_SYS_CHOWN);
63     + /***** TOMOYO Linux end. *****/
64     if (!error) {
65     if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
66     (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid))
67     diff -ubBpEr linux-2.6.21/fs/compat.c linux-2.6.21-ccs/fs/compat.c
68 kumaneko 237 --- linux-2.6.21/fs/compat.c 2007-04-28 04:02:41.000000000 +0900
69     +++ linux-2.6.21-ccs/fs/compat.c 2007-04-28 04:02:47.000000000 +0900
70 kumaneko 193 @@ -56,6 +56,9 @@
71     #include <asm/mmu_context.h>
72     #include <asm/ioctls.h>
73     #include "internal.h"
74     +/***** TOMOYO Linux start. *****/
75     +#include <linux/tomoyo.h>
76     +/***** TOMOYO Linux end. *****/
77    
78     int compat_log = 1;
79    
80     @@ -422,6 +425,9 @@ asmlinkage long compat_sys_ioctl(unsigne
81     /*FALL THROUGH*/
82    
83     default:
84     + /***** TOMOYO Linux start. *****/
85     + if ((error = CheckCapabilityACL(TOMOYO_SYS_IOCTL)) < 0) goto out_fput;
86     + /***** TOMOYO Linux end. *****/
87     if (filp->f_op && filp->f_op->compat_ioctl) {
88     error = filp->f_op->compat_ioctl(filp, cmd, arg);
89     if (error != -ENOIOCTLCMD)
90     @@ -1552,7 +1558,7 @@ int compat_do_execve(char * filename,
91     if (retval < 0)
92     goto out;
93    
94     - retval = search_binary_handler(bprm, regs);
95     + retval = search_binary_handler_with_transition(bprm, regs);
96     if (retval >= 0) {
97     free_arg_pages(bprm);
98    
99     diff -ubBpEr linux-2.6.21/fs/exec.c linux-2.6.21-ccs/fs/exec.c
100 kumaneko 237 --- linux-2.6.21/fs/exec.c 2007-04-28 04:02:41.000000000 +0900
101     +++ linux-2.6.21-ccs/fs/exec.c 2007-04-28 04:02:47.000000000 +0900
102 kumaneko 193 @@ -58,6 +58,10 @@
103     #include <linux/kmod.h>
104     #endif
105    
106     +/***** TOMOYO Linux start. *****/
107     +#include <linux/tomoyo.h>
108     +/***** TOMOYO Linux end. *****/
109     +
110     int core_uses_pid;
111     char core_pattern[128] = "core";
112     int suid_dumpable = 0;
113     @@ -140,6 +144,11 @@ asmlinkage long sys_uselib(const char __
114     if (error)
115     goto exit;
116    
117     + /***** TOMOYO Linux start. *****/
118     + error = CheckOpenPermission(nd.dentry, nd.mnt, 01); /* 01 means "read". */
119     + if (error) goto exit;
120     + /***** TOMOYO Linux end. *****/
121     +
122     file = nameidata_to_filp(&nd, O_RDONLY);
123     error = PTR_ERR(file);
124     if (IS_ERR(file))
125     @@ -485,6 +494,9 @@ struct file *open_exec(const char *name)
126     if (!(nd.mnt->mnt_flags & MNT_NOEXEC) &&
127     S_ISREG(inode->i_mode)) {
128     int err = vfs_permission(&nd, MAY_EXEC);
129     + /***** TOMOYO Linux start. *****/
130     + if (!err && (current->tomoyo_flags & TOMOYO_CHECK_READ_FOR_OPEN_EXEC)) err = CheckOpenPermission(nd.dentry, nd.mnt, 01); /* 01 means "read". */
131     + /***** TOMOYO Linux end. *****/
132     file = ERR_PTR(err);
133     if (!err) {
134     file = nameidata_to_filp(&nd, O_RDONLY);
135     @@ -1183,7 +1195,7 @@ int do_execve(char * filename,
136     if (retval < 0)
137     goto out;
138    
139     - retval = search_binary_handler(bprm,regs);
140     + retval = search_binary_handler_with_transition(bprm,regs);
141     if (retval >= 0) {
142     free_arg_pages(bprm);
143    
144     diff -ubBpEr linux-2.6.21/fs/fcntl.c linux-2.6.21-ccs/fs/fcntl.c
145 kumaneko 237 --- linux-2.6.21/fs/fcntl.c 2007-04-28 04:02:41.000000000 +0900
146     +++ linux-2.6.21-ccs/fs/fcntl.c 2007-04-28 04:02:47.000000000 +0900
147 kumaneko 193 @@ -22,6 +22,9 @@
148     #include <asm/poll.h>
149     #include <asm/siginfo.h>
150     #include <asm/uaccess.h>
151     +/***** TOMOYO Linux start. *****/
152     +#include <linux/tomoyo.h>
153     +/***** TOMOYO Linux end. *****/
154    
155     void fastcall set_close_on_exec(unsigned int fd, int flag)
156     {
157     @@ -213,6 +216,10 @@ static int setfl(int fd, struct file * f
158     if (((arg ^ filp->f_flags) & O_APPEND) && IS_APPEND(inode))
159     return -EPERM;
160    
161     + /***** TOMOYO Linux start. *****/
162     + if (((arg ^ filp->f_flags) & O_APPEND) && CheckReWritePermission(filp)) return -EPERM;
163     + /***** TOMOYO Linux end. *****/
164     +
165     /* O_NOATIME can only be set by the owner or superuser */
166     if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
167     if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
168     diff -ubBpEr linux-2.6.21/fs/ioctl.c linux-2.6.21-ccs/fs/ioctl.c
169 kumaneko 237 --- linux-2.6.21/fs/ioctl.c 2007-04-28 04:02:41.000000000 +0900
170     +++ linux-2.6.21-ccs/fs/ioctl.c 2007-04-28 04:02:47.000000000 +0900
171 kumaneko 193 @@ -15,6 +15,9 @@
172    
173     #include <asm/uaccess.h>
174     #include <asm/ioctls.h>
175     +/***** TOMOYO Linux start. *****/
176     +#include <linux/tomoyo.h>
177     +/***** TOMOYO Linux end. *****/
178    
179     static long do_ioctl(struct file *filp, unsigned int cmd,
180     unsigned long arg)
181     @@ -23,6 +26,9 @@ static long do_ioctl(struct file *filp,
182    
183     if (!filp->f_op)
184     goto out;
185     + /***** TOMOYO Linux start. *****/
186     + if (CheckCapabilityACL(TOMOYO_SYS_IOCTL) < 0) return -EPERM;
187     + /***** TOMOYO Linux end. *****/
188    
189     if (filp->f_op->unlocked_ioctl) {
190     error = filp->f_op->unlocked_ioctl(filp, cmd, arg);
191     diff -ubBpEr linux-2.6.21/fs/namei.c linux-2.6.21-ccs/fs/namei.c
192 kumaneko 237 --- linux-2.6.21/fs/namei.c 2007-04-28 04:02:41.000000000 +0900
193     +++ linux-2.6.21-ccs/fs/namei.c 2007-04-28 04:02:47.000000000 +0900
194 kumaneko 193 @@ -37,6 +37,10 @@
195    
196     #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
197    
198     +/***** TOMOYO Linux start. *****/
199     +#include <linux/tomoyo.h>
200     +/***** TOMOYO Linux end. *****/
201     +
202     /* [Feb-1997 T. Schoebel-Theuer]
203     * Fundamental changes in the pathname lookup mechanisms (namei)
204     * were necessary because of omirr. The reason is that omirr needs
205     @@ -1506,6 +1510,9 @@ int vfs_create(struct inode *dir, struct
206     error = security_inode_create(dir, dentry, mode);
207     if (error)
208     return error;
209     + /***** TOMOYO Linux start. *****/
210     + if (nd && (error = CheckSingleWritePermission(TYPE_CREATE_ACL, dentry, nd->mnt)) < 0) return error;
211     + /***** TOMOYO Linux end. *****/
212     DQUOT_INIT(dir);
213     error = dir->i_op->create(dir, dentry, mode, nd);
214     if (!error)
215     @@ -1561,6 +1568,11 @@ int may_open(struct nameidata *nd, int a
216     if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
217     return -EPERM;
218    
219     + /***** TOMOYO Linux start. *****/
220     + error = CheckOpenPermission(dentry, nd->mnt, flag); /* includes O_APPEND and O_TRUNC checks */
221     + if (error) return error;
222     + /***** TOMOYO Linux end. *****/
223     +
224     /*
225     * Ensure there are no outstanding leases on the file.
226     */
227     @@ -1610,6 +1622,9 @@ static int open_namei_create(struct name
228     return may_open(nd, 0, flag & ~O_TRUNC);
229     }
230    
231     +/***** TOMOYO Linux start. *****/
232     +#include <linux/tomoyo_vfs.h>
233     +/***** TOMOYO Linux end. *****/
234     /*
235     * open_namei()
236     *
237     @@ -1870,6 +1885,12 @@ asmlinkage long sys_mknodat(int dfd, con
238    
239     if (S_ISDIR(mode))
240     return -EPERM;
241     + /***** TOMOYO Linux start. *****/
242     + if (S_ISCHR(mode) && CheckCapabilityACL(TOMOYO_CREATE_CHAR_DEV)) return -EPERM;
243     + if (S_ISBLK(mode) && CheckCapabilityACL(TOMOYO_CREATE_BLOCK_DEV)) return -EPERM;
244     + if (S_ISFIFO(mode) && CheckCapabilityACL(TOMOYO_CREATE_FIFO)) return -EPERM;
245     + if (S_ISSOCK(mode) && CheckCapabilityACL(TOMOYO_CREATE_UNIX_SOCKET)) return -EPERM;
246     + /***** TOMOYO Linux end. *****/
247     tmp = getname(filename);
248     if (IS_ERR(tmp))
249     return PTR_ERR(tmp);
250     @@ -1888,10 +1909,16 @@ asmlinkage long sys_mknodat(int dfd, con
251     error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd);
252     break;
253     case S_IFCHR: case S_IFBLK:
254     + /***** TOMOYO Linux start. *****/
255     + if ((error = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode)) == 0 && (error = CheckSingleWritePermission(S_ISCHR(mode) ? TYPE_MKCHAR_ACL : TYPE_MKBLOCK_ACL, dentry, nd.mnt)) == 0)
256     + /***** TOMOYO Linux end. *****/
257     error = vfs_mknod(nd.dentry->d_inode,dentry,mode,
258     new_decode_dev(dev));
259     break;
260     case S_IFIFO: case S_IFSOCK:
261     + /***** TOMOYO Linux start. *****/
262     + if ((error = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode)) == 0 && (error = CheckSingleWritePermission(S_ISFIFO(mode) ? TYPE_MKFIFO_ACL : TYPE_MKSOCK_ACL, dentry, nd.mnt)) == 0)
263     + /***** TOMOYO Linux end. *****/
264     error = vfs_mknod(nd.dentry->d_inode,dentry,mode,0);
265     break;
266     case S_IFDIR:
267     @@ -1959,6 +1986,9 @@ asmlinkage long sys_mkdirat(int dfd, con
268    
269     if (!IS_POSIXACL(nd.dentry->d_inode))
270     mode &= ~current->fs->umask;
271     + /***** TOMOYO Linux start. *****/
272     + if ((error = pre_vfs_mkdir(nd.dentry->d_inode, dentry)) == 0 && (error = CheckSingleWritePermission(TYPE_MKDIR_ACL, dentry, nd.mnt)) == 0)
273     + /***** TOMOYO Linux end. *****/
274     error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
275     dput(dentry);
276     out_unlock:
277     @@ -2066,6 +2096,9 @@ static long do_rmdir(int dfd, const char
278     error = PTR_ERR(dentry);
279     if (IS_ERR(dentry))
280     goto exit2;
281     + /***** TOMOYO Linux start. *****/
282     + if ((error = pre_vfs_rmdir(nd.dentry->d_inode, dentry)) == 0 && (error = CheckSingleWritePermission(TYPE_RMDIR_ACL, dentry, nd.mnt)) == 0)
283     + /***** TOMOYO Linux end. *****/
284     error = vfs_rmdir(nd.dentry->d_inode, dentry);
285     dput(dentry);
286     exit2:
287     @@ -2125,6 +2158,9 @@ static long do_unlinkat(int dfd, const c
288     struct dentry *dentry;
289     struct nameidata nd;
290     struct inode *inode = NULL;
291     + /***** TOMOYO Linux start. *****/
292     + if (CheckCapabilityACL(TOMOYO_SYS_UNLINK)) return -EPERM;
293     + /***** TOMOYO Linux end. *****/
294    
295     name = getname(pathname);
296     if(IS_ERR(name))
297     @@ -2146,6 +2182,9 @@ static long do_unlinkat(int dfd, const c
298     inode = dentry->d_inode;
299     if (inode)
300     atomic_inc(&inode->i_count);
301     + /***** TOMOYO Linux start. *****/
302     + if ((error = pre_vfs_unlink(nd.dentry->d_inode, dentry)) == 0 && (error = CheckSingleWritePermission(TYPE_UNLINK_ACL, dentry, nd.mnt)) == 0)
303     + /***** TOMOYO Linux end. *****/
304     error = vfs_unlink(nd.dentry->d_inode, dentry);
305     exit2:
306     dput(dentry);
307     @@ -2210,6 +2249,9 @@ asmlinkage long sys_symlinkat(const char
308     char * to;
309     struct dentry *dentry;
310     struct nameidata nd;
311     + /***** TOMOYO Linux start. *****/
312     + if (CheckCapabilityACL(TOMOYO_SYS_SYMLINK)) return -EPERM;
313     + /***** TOMOYO Linux end. *****/
314    
315     from = getname(oldname);
316     if(IS_ERR(from))
317     @@ -2227,6 +2269,9 @@ asmlinkage long sys_symlinkat(const char
318     if (IS_ERR(dentry))
319     goto out_unlock;
320    
321     + /***** TOMOYO Linux start. *****/
322     + if ((error = pre_vfs_symlink(nd.dentry->d_inode, dentry)) == 0 && (error = CheckSingleWritePermission(TYPE_SYMLINK_ACL, dentry, nd.mnt)) == 0)
323     + /***** TOMOYO Linux end. *****/
324     error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
325     dput(dentry);
326     out_unlock:
327     @@ -2299,6 +2344,9 @@ asmlinkage long sys_linkat(int olddfd, c
328     struct nameidata nd, old_nd;
329     int error;
330     char * to;
331     + /***** TOMOYO Linux start. *****/
332     + if (CheckCapabilityACL(TOMOYO_SYS_LINK)) return -EPERM;
333     + /***** TOMOYO Linux end. *****/
334    
335     if ((flags & ~AT_SYMLINK_FOLLOW) != 0)
336     return -EINVAL;
337     @@ -2322,6 +2370,9 @@ asmlinkage long sys_linkat(int olddfd, c
338     error = PTR_ERR(new_dentry);
339     if (IS_ERR(new_dentry))
340     goto out_unlock;
341     + /***** TOMOYO Linux start. *****/
342     + if ((error = pre_vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry)) == 0 && (error = CheckDoubleWritePermission(TYPE_LINK_ACL, old_nd.dentry, old_nd.mnt, new_dentry, nd.mnt)) == 0)
343     + /***** TOMOYO Linux end. *****/
344     error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
345     dput(new_dentry);
346     out_unlock:
347     @@ -2547,6 +2598,12 @@ static int do_rename(int olddfd, const c
348     error = -ENOTEMPTY;
349     if (new_dentry == trap)
350     goto exit5;
351     + /***** TOMOYO Linux start. *****/
352     + if ((error = pre_vfs_rename(old_dir->d_inode, old_dentry, new_dir->d_inode, new_dentry)) < 0 ||
353     + (error = CheckDoubleWritePermission(TYPE_RENAME_ACL, old_dentry, oldnd.mnt, new_dentry, newnd.mnt)) < 0) {
354     + goto exit5;
355     + }
356     + /***** TOMOYO Linux end. *****/
357    
358     error = vfs_rename(old_dir->d_inode, old_dentry,
359     new_dir->d_inode, new_dentry);
360     @@ -2570,6 +2627,9 @@ asmlinkage long sys_renameat(int olddfd,
361     int error;
362     char * from;
363     char * to;
364     + /***** TOMOYO Linux start. *****/
365     + if (CheckCapabilityACL(TOMOYO_SYS_RENAME)) return -EPERM;
366     + /***** TOMOYO Linux end. *****/
367    
368     from = getname(oldname);
369     if(IS_ERR(from))
370     diff -ubBpEr linux-2.6.21/fs/namespace.c linux-2.6.21-ccs/fs/namespace.c
371 kumaneko 237 --- linux-2.6.21/fs/namespace.c 2007-04-28 04:02:41.000000000 +0900
372     +++ linux-2.6.21-ccs/fs/namespace.c 2007-04-28 04:02:47.000000000 +0900
373 kumaneko 193 @@ -28,6 +28,12 @@
374     #include <asm/uaccess.h>
375     #include <asm/unistd.h>
376     #include "pnode.h"
377     +/***** SAKURA Linux start. *****/
378     +#include <linux/sakura.h>
379     +/***** SAKURA Linux end. *****/
380     +/***** TOMOYO Linux start. *****/
381     +#include <linux/tomoyo.h>
382     +/***** TOMOYO Linux end. *****/
383    
384     /* spinlock for vfsmount related operations, inplace of dcache_lock */
385     __cacheline_aligned_in_smp DEFINE_SPINLOCK(vfsmount_lock);
386     @@ -545,6 +551,10 @@ static int do_umount(struct vfsmount *mn
387     if (retval)
388     return retval;
389    
390     + /***** SAKURA Linux start. *****/
391     + if (SAKURA_MayUmount(mnt) < 0) return -EPERM;
392     + /***** SAKURA Linux end. *****/
393     +
394     /*
395     * Allow userspace to request a mountpoint be expired rather than
396     * unmounting unconditionally. Unmount only happens if:
397     @@ -633,6 +643,9 @@ asmlinkage long sys_umount(char __user *
398     {
399     struct nameidata nd;
400     int retval;
401     + /***** TOMOYO Linux start. *****/
402     + if (CheckCapabilityACL(TOMOYO_SYS_UMOUNT)) return -EPERM;
403     + /***** TOMOYO Linux end. *****/
404    
405     retval = __user_walk(name, LOOKUP_FOLLOW, &nd);
406     if (retval)
407     @@ -917,6 +930,10 @@ static int do_loopback(struct nameidata
408    
409     if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
410     goto out;
411     + /***** SAKURA Linux start. *****/
412     + err = -EPERM;
413     + if (SAKURA_MayMount(nd) < 0) goto out;
414     + /***** SAKURA Linux end. *****/
415    
416     err = -ENOMEM;
417     if (recurse)
418     @@ -1002,6 +1019,10 @@ static int do_move_mount(struct nameidat
419     if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
420     goto out;
421    
422     + /***** SAKURA Linux start. *****/
423     + err = -EPERM;
424     + if (SAKURA_MayUmount(old_nd.mnt) < 0 || SAKURA_MayMount(nd) < 0) goto out;
425     + /***** SAKURA Linux end. *****/
426     err = -ENOENT;
427     mutex_lock(&nd->dentry->d_inode->i_mutex);
428     if (IS_DEADDIR(nd->dentry->d_inode))
429     @@ -1103,6 +1124,10 @@ int do_add_mount(struct vfsmount *newmnt
430     err = -EINVAL;
431     if (S_ISLNK(newmnt->mnt_root->d_inode->i_mode))
432     goto unlock;
433     + /***** SAKURA Linux start. *****/
434     + err = -EPERM;
435     + if (SAKURA_MayMount(nd) < 0) goto unlock;
436     + /***** SAKURA Linux end. *****/
437    
438     newmnt->mnt_flags = mnt_flags;
439     if ((err = graft_tree(newmnt, nd)))
440     @@ -1394,6 +1419,13 @@ long do_mount(char *dev_name, char *dir_
441     if (data_page)
442     ((char *)data_page)[PAGE_SIZE - 1] = 0;
443    
444     + /***** TOMOYO Linux start. *****/
445     + if (CheckCapabilityACL(TOMOYO_SYS_MOUNT)) return -EPERM;
446     + /***** TOMOYO Linux end. *****/
447     + /***** SAKURA Linux start. *****/
448     + if (CheckMountPermission(dev_name, dir_name, type_page, &flags)) return -EPERM;
449     + /***** SAKURA Linux end. *****/
450     +
451     /* Separate the per-mountpoint flags */
452     if (flags & MS_NOSUID)
453     mnt_flags |= MNT_NOSUID;
454     @@ -1686,6 +1718,9 @@ asmlinkage long sys_pivot_root(const cha
455    
456     if (!capable(CAP_SYS_ADMIN))
457     return -EPERM;
458     + /***** TOMOYO Linux start. *****/
459     + if (CheckCapabilityACL(TOMOYO_SYS_PIVOT_ROOT)) return -EPERM;
460     + /***** TOMOYO Linux end. *****/
461    
462     lock_kernel();
463    
464     @@ -1702,6 +1737,9 @@ asmlinkage long sys_pivot_root(const cha
465     goto out1;
466    
467     error = security_sb_pivotroot(&old_nd, &new_nd);
468     + /***** SAKURA Linux start. *****/
469     + if (!error) error = CheckPivotRootPermission(&old_nd, &new_nd);
470     + /***** SAKURA Linux end. *****/
471     if (error) {
472     path_release(&old_nd);
473     goto out1;
474     diff -ubBpEr linux-2.6.21/fs/open.c linux-2.6.21-ccs/fs/open.c
475 kumaneko 237 --- linux-2.6.21/fs/open.c 2007-04-28 04:02:41.000000000 +0900
476     +++ linux-2.6.21-ccs/fs/open.c 2007-04-28 04:02:47.000000000 +0900
477 kumaneko 193 @@ -27,6 +27,12 @@
478     #include <linux/syscalls.h>
479     #include <linux/rcupdate.h>
480     #include <linux/audit.h>
481     +/***** SAKURA Linux start. *****/
482     +#include <linux/sakura.h>
483     +/***** SAKURA Linux end. *****/
484     +/***** TOMOYO Linux start. *****/
485     +#include <linux/tomoyo.h>
486     +/***** TOMOYO Linux end. *****/
487    
488     int vfs_statfs(struct dentry *dentry, struct kstatfs *buf)
489     {
490     @@ -264,6 +270,9 @@ static long do_sys_truncate(const char _
491     if (error)
492     goto dput_and_out;
493    
494     + /***** TOMOYO Linux start. *****/
495     + if ((error = CheckSingleWritePermission(TYPE_TRUNCATE_ACL, nd.dentry, nd.mnt)) == 0)
496     + /***** TOMOYO Linux end. *****/
497     error = locks_verify_truncate(inode, NULL, length);
498     if (!error) {
499     DQUOT_INIT(inode);
500     @@ -317,6 +326,9 @@ static long do_sys_ftruncate(unsigned in
501     if (IS_APPEND(inode))
502     goto out_putf;
503    
504     + /***** TOMOYO Linux start. *****/
505     + if ((error = CheckSingleWritePermission(TYPE_TRUNCATE_ACL, dentry, file->f_vfsmnt)) == 0)
506     + /***** TOMOYO Linux end. *****/
507     error = locks_verify_truncate(inode, file, length);
508     if (!error)
509     error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, file);
510     @@ -481,6 +493,12 @@ asmlinkage long sys_chroot(const char __
511     error = -EPERM;
512     if (!capable(CAP_SYS_CHROOT))
513     goto dput_and_out;
514     + /***** TOMOYO Linux start. *****/
515     + if (CheckCapabilityACL(TOMOYO_SYS_CHROOT)) goto dput_and_out;
516     + /***** TOMOYO Linux end. *****/
517     + /***** SAKURA Linux start. *****/
518     + if (CheckChRootPermission(&nd)) goto dput_and_out;
519     + /***** SAKURA Linux end. *****/
520    
521     set_fs_root(current->fs, nd.mnt, nd.dentry);
522     set_fs_altroot();
523     @@ -1085,6 +1103,9 @@ EXPORT_SYMBOL(sys_close);
524     */
525     asmlinkage long sys_vhangup(void)
526     {
527     + /***** TOMOYO Linux start. *****/
528     + if (CheckCapabilityACL(TOMOYO_SYS_VHANGUP) == 0)
529     + /***** TOMOYO Linux end. *****/
530     if (capable(CAP_SYS_TTY_CONFIG)) {
531     /* XXX: this needs locking */
532     tty_vhangup(current->signal->tty);
533     diff -ubBpEr linux-2.6.21/fs/proc/Makefile linux-2.6.21-ccs/fs/proc/Makefile
534 kumaneko 237 --- linux-2.6.21/fs/proc/Makefile 2007-04-28 04:02:41.000000000 +0900
535     +++ linux-2.6.21-ccs/fs/proc/Makefile 2007-04-28 04:02:47.000000000 +0900
536 kumaneko 193 @@ -15,3 +15,6 @@ proc-$(CONFIG_PROC_KCORE) += kcore.o
537     proc-$(CONFIG_PROC_VMCORE) += vmcore.o
538     proc-$(CONFIG_PROC_DEVICETREE) += proc_devtree.o
539     proc-$(CONFIG_PRINTK) += kmsg.o
540     +
541     +proc-$(CONFIG_SAKURA) += ccs_proc.o
542     +proc-$(CONFIG_TOMOYO) += ccs_proc.o
543     diff -ubBpEr linux-2.6.21/fs/proc/proc_misc.c linux-2.6.21-ccs/fs/proc/proc_misc.c
544 kumaneko 237 --- linux-2.6.21/fs/proc/proc_misc.c 2007-04-28 04:02:41.000000000 +0900
545 kumaneko 290 +++ linux-2.6.21-ccs/fs/proc/proc_misc.c 2007-07-10 09:03:54.355527272 +0900
546 kumaneko 193 @@ -747,4 +747,13 @@ void __init proc_misc_init(void)
547     entry->proc_fops = &proc_sysrq_trigger_operations;
548     }
549     #endif
550     + /***** CCS start. *****/
551     +#if defined(CONFIG_SAKURA) || defined(CONFIG_TOMOYO)
552     + {
553     + extern void __init CCSProc_Init(void);
554     + CCSProc_Init();
555 kumaneko 290 + printk("Hook version: 2.6.21 2007/07/10\n");
556 kumaneko 193 + }
557     +#endif
558     + /***** CCS end. *****/
559     }
560     diff -ubBpEr linux-2.6.21/include/linux/init_task.h linux-2.6.21-ccs/include/linux/init_task.h
561 kumaneko 237 --- linux-2.6.21/include/linux/init_task.h 2007-04-28 04:02:41.000000000 +0900
562     +++ linux-2.6.21-ccs/include/linux/init_task.h 2007-04-28 04:02:47.000000000 +0900
563 kumaneko 193 @@ -141,6 +141,10 @@ extern struct group_info init_groups;
564     .pi_lock = SPIN_LOCK_UNLOCKED, \
565     INIT_TRACE_IRQFLAGS \
566     INIT_LOCKDEP \
567     + /***** TOMOYO Linux start. *****/ \
568     + .domain_info = &KERNEL_DOMAIN, \
569     + .tomoyo_flags = 0, \
570     + /***** TOMOYO Linux end. *****/ \
571     }
572    
573    
574     diff -ubBpEr linux-2.6.21/include/linux/sched.h linux-2.6.21-ccs/include/linux/sched.h
575 kumaneko 237 --- linux-2.6.21/include/linux/sched.h 2007-04-28 04:02:41.000000000 +0900
576     +++ linux-2.6.21-ccs/include/linux/sched.h 2007-04-28 04:02:47.000000000 +0900
577 kumaneko 193 @@ -27,6 +27,11 @@
578     #define CLONE_NEWUTS 0x04000000 /* New utsname group? */
579     #define CLONE_NEWIPC 0x08000000 /* New ipcs */
580    
581     +/***** TOMOYO Linux start. *****/
582     +struct domain_info;
583     +extern struct domain_info KERNEL_DOMAIN;
584     +/***** TOMOYO Linux end. *****/
585     +
586     /*
587     * Scheduling policies
588     */
589     @@ -1052,6 +1057,10 @@ struct task_struct {
590     #ifdef CONFIG_FAULT_INJECTION
591     int make_it_fail;
592     #endif
593     + /***** TOMOYO Linux start. *****/
594     + struct domain_info *domain_info;
595     + u32 tomoyo_flags;
596     + /***** TOMOYO Linux end. *****/
597     };
598    
599     static inline pid_t process_group(struct task_struct *tsk)
600 kumaneko 290 diff -ubBpEr linux-2.6.21/kernel/compat.c linux-2.6.21-ccs/kernel/compat.c
601     --- linux-2.6.21/kernel/compat.c 2007-04-26 12:08:32.000000000 +0900
602     +++ linux-2.6.21-ccs/kernel/compat.c 2007-07-10 09:02:19.563937784 +0900
603     @@ -25,6 +25,9 @@
604     #include <linux/posix-timers.h>
605    
606     #include <asm/uaccess.h>
607     +/***** TOMOYO Linux start. *****/
608     +#include <linux/tomoyo.h>
609     +/***** TOMOYO Linux end. *****/
610    
611     int get_compat_timespec(struct timespec *ts, const struct compat_timespec __user *cts)
612     {
613     @@ -869,6 +872,9 @@ asmlinkage long compat_sys_stime(compat_
614     err = security_settime(&tv, NULL);
615     if (err)
616     return err;
617     + /***** TOMOYO Linux start. *****/
618     + if (CheckCapabilityACL(TOMOYO_SYS_SETTIME)) return -EPERM;
619     + /***** TOMOYO Linux end. *****/
620    
621     do_settimeofday(&tv);
622     return 0;
623 kumaneko 193 diff -ubBpEr linux-2.6.21/kernel/kexec.c linux-2.6.21-ccs/kernel/kexec.c
624 kumaneko 237 --- linux-2.6.21/kernel/kexec.c 2007-04-28 04:02:41.000000000 +0900
625     +++ linux-2.6.21-ccs/kernel/kexec.c 2007-04-28 04:02:47.000000000 +0900
626 kumaneko 193 @@ -28,6 +28,9 @@
627     #include <asm/io.h>
628     #include <asm/system.h>
629     #include <asm/semaphore.h>
630     +/***** TOMOYO Linux start. *****/
631     +#include <linux/tomoyo.h>
632     +/***** TOMOYO Linux end. *****/
633    
634     /* Per cpu memory for storing cpu states in case of system crash. */
635     note_buf_t* crash_notes;
636     @@ -924,6 +927,9 @@ asmlinkage long sys_kexec_load(unsigned
637     /* We only trust the superuser with rebooting the system. */
638     if (!capable(CAP_SYS_BOOT))
639     return -EPERM;
640     + /***** TOMOYO Linux start. *****/
641     + if (CheckCapabilityACL(TOMOYO_SYS_KEXEC_LOAD)) return -EPERM;
642     + /***** TOMOYO Linux end. *****/
643    
644     /*
645     * Verify we have a legal set of flags
646     diff -ubBpEr linux-2.6.21/kernel/kmod.c linux-2.6.21-ccs/kernel/kmod.c
647 kumaneko 237 --- linux-2.6.21/kernel/kmod.c 2007-04-28 04:02:41.000000000 +0900
648     +++ linux-2.6.21-ccs/kernel/kmod.c 2007-05-16 14:30:01.000000000 +0900
649 kumaneko 193 @@ -166,6 +166,11 @@ static int ____call_usermodehelper(void
650     /* We can run anywhere, unlike our parent keventd(). */
651     set_cpus_allowed(current, CPU_MASK_ALL);
652    
653     + /***** TOMOYO Linux start. *****/
654     + current->domain_info = &KERNEL_DOMAIN;
655     + current->tomoyo_flags = 0;
656 kumaneko 212 + /***** TOMOYO Linux end. *****/
657 kumaneko 193 +
658     retval = -EPERM;
659     if (current->fs->root)
660     retval = kernel_execve(sub_info->path,
661     diff -ubBpEr linux-2.6.21/kernel/module.c linux-2.6.21-ccs/kernel/module.c
662 kumaneko 237 --- linux-2.6.21/kernel/module.c 2007-04-28 04:02:41.000000000 +0900
663     +++ linux-2.6.21-ccs/kernel/module.c 2007-04-28 04:02:47.000000000 +0900
664 kumaneko 193 @@ -44,6 +44,9 @@
665     #include <asm/semaphore.h>
666     #include <asm/cacheflush.h>
667     #include <linux/license.h>
668     +/***** TOMOYO Linux start. *****/
669     +#include <linux/tomoyo.h>
670     +/***** TOMOYO Linux end. *****/
671    
672     #if 0
673     #define DEBUGP printk
674     @@ -662,6 +665,9 @@ sys_delete_module(const char __user *nam
675    
676     if (!capable(CAP_SYS_MODULE))
677     return -EPERM;
678     + /***** TOMOYO Linux start. *****/
679     + if (CheckCapabilityACL(TOMOYO_USE_KERNEL_MODULE)) return -EPERM;
680     + /***** TOMOYO Linux end. *****/
681    
682     if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
683     return -EFAULT;
684     @@ -1983,6 +1989,9 @@ sys_init_module(void __user *umod,
685     /* Must have permission */
686     if (!capable(CAP_SYS_MODULE))
687     return -EPERM;
688     + /***** TOMOYO Linux start. *****/
689     + if (CheckCapabilityACL(TOMOYO_USE_KERNEL_MODULE)) return -EPERM;
690     + /***** TOMOYO Linux end. *****/
691    
692     /* Only one module load at a time, please */
693     if (mutex_lock_interruptible(&module_mutex) != 0)
694     diff -ubBpEr linux-2.6.21/kernel/sched.c linux-2.6.21-ccs/kernel/sched.c
695 kumaneko 237 --- linux-2.6.21/kernel/sched.c 2007-04-28 04:02:41.000000000 +0900
696     +++ linux-2.6.21-ccs/kernel/sched.c 2007-04-28 04:02:47.000000000 +0900
697 kumaneko 193 @@ -55,6 +55,9 @@
698     #include <asm/tlb.h>
699    
700     #include <asm/unistd.h>
701     +/***** TOMOYO Linux start. *****/
702     +#include <linux/tomoyo.h>
703     +/***** TOMOYO Linux end. *****/
704    
705     /*
706     * Scheduler clock - returns current time in nanosec units.
707     @@ -3960,6 +3963,9 @@ int can_nice(const struct task_struct *p
708     asmlinkage long sys_nice(int increment)
709     {
710     long nice, retval;
711     + /***** TOMOYO Linux start. *****/
712     + if (CheckCapabilityACL(TOMOYO_SYS_NICE)) return -EPERM;
713     + /***** TOMOYO Linux end. *****/
714    
715     /*
716     * Setpriority might change our priority at the same moment.
717     diff -ubBpEr linux-2.6.21/kernel/signal.c linux-2.6.21-ccs/kernel/signal.c
718 kumaneko 237 --- linux-2.6.21/kernel/signal.c 2007-04-28 04:02:41.000000000 +0900
719     +++ linux-2.6.21-ccs/kernel/signal.c 2007-04-28 04:02:47.000000000 +0900
720 kumaneko 193 @@ -32,6 +32,9 @@
721     #include <asm/unistd.h>
722     #include <asm/siginfo.h>
723     #include "audit.h" /* audit_signal_info() */
724     +/***** TOMOYO Linux start. *****/
725     +#include <linux/tomoyo.h>
726     +/***** TOMOYO Linux end. *****/
727    
728     /*
729     * SLAB caches for signal bits.
730     @@ -2235,6 +2238,10 @@ asmlinkage long
731     sys_kill(int pid, int sig)
732     {
733     struct siginfo info;
734     + /***** TOMOYO Linux start. *****/
735     + if (sig && CheckCapabilityACL(TOMOYO_SYS_KILL) < 0) return -EPERM;
736     + if (sig && CheckSignalACL(sig, pid) < 0) return -EPERM;
737     + /***** TOMOYO Linux end. *****/
738    
739     info.si_signo = sig;
740     info.si_errno = 0;
741     @@ -2293,6 +2300,10 @@ asmlinkage long sys_tgkill(int tgid, int
742     /* This is only valid for single tasks */
743     if (pid <= 0 || tgid <= 0)
744     return -EINVAL;
745     + /***** TOMOYO Linux start. *****/
746     + if (sig && CheckCapabilityACL(TOMOYO_SYS_KILL) < 0) return -EPERM;
747     + if (sig && CheckSignalACL(sig, pid) < 0) return -EPERM;
748     + /***** TOMOYO Linux end. *****/
749    
750     return do_tkill(tgid, pid, sig);
751     }
752     @@ -2306,6 +2317,10 @@ sys_tkill(int pid, int sig)
753     /* This is only valid for single tasks */
754     if (pid <= 0)
755     return -EINVAL;
756     + /***** TOMOYO Linux start. *****/
757     + if (sig && CheckCapabilityACL(TOMOYO_SYS_KILL) < 0) return -EPERM;
758     + if (sig && CheckSignalACL(sig, pid) < 0) return -EPERM;
759     + /***** TOMOYO Linux end. *****/
760    
761     return do_tkill(0, pid, sig);
762     }
763     diff -ubBpEr linux-2.6.21/kernel/sys.c linux-2.6.21-ccs/kernel/sys.c
764 kumaneko 237 --- linux-2.6.21/kernel/sys.c 2007-04-28 04:02:41.000000000 +0900
765     +++ linux-2.6.21-ccs/kernel/sys.c 2007-04-28 04:02:47.000000000 +0900
766 kumaneko 193 @@ -37,6 +37,9 @@
767     #include <asm/uaccess.h>
768     #include <asm/io.h>
769     #include <asm/unistd.h>
770     +/***** TOMOYO Linux start. *****/
771     +#include <linux/tomoyo.h>
772     +/***** TOMOYO Linux end. *****/
773    
774     #ifndef SET_UNALIGN_CTL
775     # define SET_UNALIGN_CTL(a,b) (-EINVAL)
776     @@ -600,6 +603,9 @@ asmlinkage long sys_setpriority(int whic
777    
778     if (which > 2 || which < 0)
779     goto out;
780     + /***** TOMOYO Linux start. *****/
781     + if (CheckCapabilityACL(TOMOYO_SYS_NICE)) return -EPERM;
782     + /***** TOMOYO Linux end. *****/
783    
784     /* normalize: avoid signed division (rounding problems) */
785     error = -ESRCH;
786     @@ -830,6 +836,9 @@ asmlinkage long sys_reboot(int magic1, i
787     magic2 != LINUX_REBOOT_MAGIC2B &&
788     magic2 != LINUX_REBOOT_MAGIC2C))
789     return -EINVAL;
790     + /***** TOMOYO Linux start. *****/
791     + if (CheckCapabilityACL(TOMOYO_SYS_REBOOT)) return -EPERM;
792     + /***** TOMOYO Linux end. *****/
793    
794     /* Instead of trying to make the power_off code look like
795     * halt when pm_power_off is not set do it the easy way.
796     @@ -1806,6 +1815,9 @@ asmlinkage long sys_sethostname(char __u
797     return -EPERM;
798     if (len < 0 || len > __NEW_UTS_LEN)
799     return -EINVAL;
800     + /***** TOMOYO Linux start. *****/
801     + if (CheckCapabilityACL(TOMOYO_SYS_SETHOSTNAME)) return -EPERM;
802     + /***** TOMOYO Linux end. *****/
803     down_write(&uts_sem);
804     errno = -EFAULT;
805     if (!copy_from_user(tmp, name, len)) {
806     @@ -1851,6 +1863,9 @@ asmlinkage long sys_setdomainname(char _
807     return -EPERM;
808     if (len < 0 || len > __NEW_UTS_LEN)
809     return -EINVAL;
810     + /***** TOMOYO Linux start. *****/
811     + if (CheckCapabilityACL(TOMOYO_SYS_SETHOSTNAME)) return -EPERM;
812     + /***** TOMOYO Linux end. *****/
813    
814     down_write(&uts_sem);
815     errno = -EFAULT;
816     diff -ubBpEr linux-2.6.21/kernel/sysctl.c linux-2.6.21-ccs/kernel/sysctl.c
817 kumaneko 237 --- linux-2.6.21/kernel/sysctl.c 2007-04-28 04:02:41.000000000 +0900
818     +++ linux-2.6.21-ccs/kernel/sysctl.c 2007-04-28 04:02:47.000000000 +0900
819 kumaneko 193 @@ -48,6 +48,9 @@
820    
821     #include <asm/uaccess.h>
822     #include <asm/processor.h>
823     +/***** TOMOYO Linux start. *****/
824     +#include <linux/tomoyo.h>
825     +/***** TOMOYO Linux end. *****/
826    
827     extern int proc_nr_files(ctl_table *table, int write, struct file *filp,
828     void __user *buffer, size_t *lenp, loff_t *ppos);
829     @@ -1088,6 +1091,81 @@ struct ctl_table_header *sysctl_head_nex
830     }
831    
832     #ifdef CONFIG_SYSCTL_SYSCALL
833     +
834     +/***** TOMOYO Linux start. *****/
835     +static int try_parse_table(int __user *name, int nlen, void __user *oldval, void __user *newval, ctl_table *table)
836     +{
837     + int n;
838     + int error = -ENOMEM;
839     + int op = 0;
840     + char *buffer = kmalloc(PAGE_SIZE, GFP_KERNEL);
841     + if (oldval) op |= 004;
842     + if (newval) op |= 002;
843     + if (!op) { /* Neither read nor write */
844     + error = 0;
845     + goto out;
846     + }
847     + if (!buffer) goto out;
848     + memset(buffer, 0, PAGE_SIZE);
849     + snprintf(buffer, PAGE_SIZE - 1, "/proc/sys");
850     + repeat:
851     + if (!nlen) {
852     + error = -ENOTDIR;
853     + goto out;
854     + }
855     + if (get_user(n, name)) {
856     + error = -EFAULT;
857     + goto out;
858     + }
859     + for ( ; table->ctl_name || table->procname; table++) {
860     + if (n == table->ctl_name && n) {
861     + int pos = strlen(buffer);
862     + const char *cp = table->procname;
863     + error = -ENOMEM;
864     + if (cp) {
865     + if (pos + 1 >= PAGE_SIZE - 1) goto out;
866     + buffer[pos++] = '/';
867     + while (*cp) {
868     + const unsigned char c = * (const unsigned char *) cp;
869     + if (c == '\\') {
870     + if (pos + 2 >= PAGE_SIZE - 1) goto out;
871     + buffer[pos++] = '\\';
872     + buffer[pos++] = '\\';
873     + } else if (c > ' ' && c < 127) {
874     + if (pos + 1 >= PAGE_SIZE - 1) goto out;
875     + buffer[pos++] = c;
876     + } else {
877     + if (pos + 4 >= PAGE_SIZE - 1) goto out;
878     + buffer[pos++] = '\\';
879     + buffer[pos++] = (c >> 6) + '0';
880     + buffer[pos++] = ((c >> 3) & 7) + '0';
881     + buffer[pos++] = (c & 7) + '0';
882     + }
883     + cp++;
884     + }
885     + } else {
886     + /* Assume nobody assigns "=\$=" for procname. */
887     + snprintf(buffer + pos, PAGE_SIZE - pos - 1, "/=%d=", n);
888     + if (memchr(buffer, '\0', PAGE_SIZE - 2) == NULL) goto out;
889     + }
890     + if (table->child) {
891     + name++;
892     + nlen--;
893     + table = table->child;
894     + goto repeat;
895     + }
896     + /* printk("sysctl='%s'\n", buffer); */
897     + error = CheckFilePerm(buffer, op, "sysctl");
898     + goto out;
899     + }
900     + }
901     + error = -ENOTDIR;
902     + out:
903     + kfree(buffer);
904     + return error;
905     +}
906     +/***** TOMOYO Linux end. *****/
907     +
908     int do_sysctl(int __user *name, int nlen, void __user *oldval, size_t __user *oldlenp,
909     void __user *newval, size_t newlen)
910     {
911     @@ -1104,6 +1182,9 @@ int do_sysctl(int __user *name, int nlen
912    
913     for (head = sysctl_head_next(NULL); head;
914     head = sysctl_head_next(head)) {
915     + /***** TOMOYO Linux start. *****/
916     + if ((error = try_parse_table(name, nlen, oldval, newval, head->ctl_table)) == 0)
917     + /***** TOMOYO Linux end. *****/
918     error = parse_table(name, nlen, oldval, oldlenp,
919     newval, newlen, head->ctl_table);
920     if (error != -ENOTDIR) {
921     diff -ubBpEr linux-2.6.21/kernel/time/ntp.c linux-2.6.21-ccs/kernel/time/ntp.c
922 kumaneko 237 --- linux-2.6.21/kernel/time/ntp.c 2007-04-28 04:02:41.000000000 +0900
923     +++ linux-2.6.21-ccs/kernel/time/ntp.c 2007-04-28 04:02:47.000000000 +0900
924 kumaneko 193 @@ -14,6 +14,9 @@
925    
926     #include <asm/div64.h>
927     #include <asm/timex.h>
928     +/***** TOMOYO Linux start. *****/
929     +#include <linux/tomoyo.h>
930     +/***** TOMOYO Linux end. *****/
931    
932     /*
933     * Timekeeping variables
934     @@ -203,6 +206,9 @@ int do_adjtimex(struct timex *txc)
935     /* In order to modify anything, you gotta be super-user! */
936     if (txc->modes && !capable(CAP_SYS_TIME))
937     return -EPERM;
938     + /***** TOMOYO Linux start. *****/
939     + if (txc->modes && CheckCapabilityACL(TOMOYO_SYS_SETTIME)) return -EPERM;
940     + /***** TOMOYO Linux end. *****/
941    
942     /* Now we validate the data before disabling interrupts */
943    
944     diff -ubBpEr linux-2.6.21/kernel/time.c linux-2.6.21-ccs/kernel/time.c
945 kumaneko 237 --- linux-2.6.21/kernel/time.c 2007-04-28 04:02:41.000000000 +0900
946     +++ linux-2.6.21-ccs/kernel/time.c 2007-04-28 04:02:47.000000000 +0900
947 kumaneko 193 @@ -39,6 +39,9 @@
948    
949     #include <asm/uaccess.h>
950     #include <asm/unistd.h>
951     +/***** TOMOYO Linux start. *****/
952     +#include <linux/tomoyo.h>
953     +/***** TOMOYO Linux end. *****/
954    
955     /*
956     * The timezone where the local system is located. Used as a default by some
957     @@ -91,6 +94,9 @@ asmlinkage long sys_stime(time_t __user
958     err = security_settime(&tv, NULL);
959     if (err)
960     return err;
961     + /***** TOMOYO Linux start. *****/
962     + if (CheckCapabilityACL(TOMOYO_SYS_SETTIME)) return -EPERM;
963     + /***** TOMOYO Linux end. *****/
964    
965     do_settimeofday(&tv);
966     return 0;
967     @@ -161,6 +167,9 @@ int do_sys_settimeofday(struct timespec
968     error = security_settime(tv, tz);
969     if (error)
970     return error;
971     + /***** TOMOYO Linux start. *****/
972     + if (CheckCapabilityACL(TOMOYO_SYS_SETTIME)) return -EPERM;
973     + /***** TOMOYO Linux end. *****/
974    
975     if (tz) {
976     /* SMP safe, global irq locking makes it work. */
977     diff -ubBpEr linux-2.6.21/net/ipv4/inet_connection_sock.c linux-2.6.21-ccs/net/ipv4/inet_connection_sock.c
978 kumaneko 237 --- linux-2.6.21/net/ipv4/inet_connection_sock.c 2007-04-28 04:02:41.000000000 +0900
979     +++ linux-2.6.21-ccs/net/ipv4/inet_connection_sock.c 2007-04-28 04:02:47.000000000 +0900
980 kumaneko 193 @@ -23,6 +23,9 @@
981     #include <net/route.h>
982     #include <net/tcp_states.h>
983     #include <net/xfrm.h>
984     +/***** SAKURA Linux start. *****/
985     +#include <linux/sakura.h>
986     +/***** SAKURA Linux end. *****/
987    
988     #ifdef INET_CSK_DEBUG
989     const char inet_csk_timer_bug_msg[] = "inet_csk BUG: unknown timer value\n";
990     @@ -87,6 +90,9 @@ int inet_csk_get_port(struct inet_hashin
991     do {
992     head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];
993     spin_lock(&head->lock);
994     + /***** SAKURA Linux start. *****/
995     + if (SAKURA_MayAutobind(rover) < 0) goto next;
996     + /***** SAKURA Linux end. *****/
997     inet_bind_bucket_for_each(tb, node, &head->chain)
998     if (tb->port == rover)
999     goto next;
1000     diff -ubBpEr linux-2.6.21/net/ipv4/inet_hashtables.c linux-2.6.21-ccs/net/ipv4/inet_hashtables.c
1001 kumaneko 237 --- linux-2.6.21/net/ipv4/inet_hashtables.c 2007-04-28 04:02:41.000000000 +0900
1002     +++ linux-2.6.21-ccs/net/ipv4/inet_hashtables.c 2007-04-28 04:02:47.000000000 +0900
1003 kumaneko 193 @@ -22,6 +22,9 @@
1004     #include <net/inet_connection_sock.h>
1005     #include <net/inet_hashtables.h>
1006     #include <net/ip.h>
1007     +/***** SAKURA Linux start. *****/
1008     +#include <linux/sakura.h>
1009     +/***** SAKURA Linux end. *****/
1010    
1011     /*
1012     * Allocate and initialize a new local port bind bucket.
1013     @@ -292,6 +295,9 @@ int inet_hash_connect(struct inet_timewa
1014     local_bh_disable();
1015     for (i = 1; i <= range; i++) {
1016     port = low + (i + offset) % range;
1017     + /***** SAKURA Linux start. *****/
1018     + if (SAKURA_MayAutobind(port) < 0) continue;
1019     + /***** SAKURA Linux end. *****/
1020     head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1021     spin_lock(&head->lock);
1022    
1023     diff -ubBpEr linux-2.6.21/net/ipv4/udp.c linux-2.6.21-ccs/net/ipv4/udp.c
1024 kumaneko 237 --- linux-2.6.21/net/ipv4/udp.c 2007-04-28 04:02:41.000000000 +0900
1025 kumaneko 238 +++ linux-2.6.21-ccs/net/ipv4/udp.c 2007-05-23 14:50:12.000000000 +0900
1026 kumaneko 193 @@ -102,6 +102,9 @@
1027     #include <net/checksum.h>
1028     #include <net/xfrm.h>
1029     #include "udp_impl.h"
1030     +/***** SAKURA Linux start. *****/
1031     +#include <linux/sakura.h>
1032     +/***** SAKURA Linux end. *****/
1033    
1034     /*
1035     * Snmp MIB for the UDP layer
1036 kumaneko 237 @@ -162,6 +165,9 @@ int __udp_lib_get_port(struct sock *sk,
1037     result = sysctl_local_port_range[0] +
1038     ((result - sysctl_local_port_range[0]) &
1039     (UDP_HTABLE_SIZE - 1));
1040     + /***** SAKURA Linux start. *****/
1041     + if (SAKURA_MayAutobind(result) < 0) continue;
1042     + /***** SAKURA Linux end. *****/
1043     goto gotit;
1044     }
1045     size = 0;
1046 kumaneko 193 @@ -180,6 +186,9 @@ int __udp_lib_get_port(struct sock *sk,
1047     result = sysctl_local_port_range[0]
1048     + ((result - sysctl_local_port_range[0]) &
1049     (UDP_HTABLE_SIZE - 1));
1050     + /***** SAKURA Linux start. *****/
1051     + if (SAKURA_MayAutobind(result) < 0) continue;
1052     + /***** SAKURA Linux end. *****/
1053     if (! __udp_lib_lport_inuse(result, udptable))
1054     break;
1055     }
1056     diff -ubBpEr linux-2.6.21/net/ipv6/inet6_hashtables.c linux-2.6.21-ccs/net/ipv6/inet6_hashtables.c
1057 kumaneko 237 --- linux-2.6.21/net/ipv6/inet6_hashtables.c 2007-04-28 04:02:41.000000000 +0900
1058     +++ linux-2.6.21-ccs/net/ipv6/inet6_hashtables.c 2007-04-28 04:02:47.000000000 +0900
1059 kumaneko 193 @@ -21,6 +21,9 @@
1060     #include <net/inet_hashtables.h>
1061     #include <net/inet6_hashtables.h>
1062     #include <net/ip.h>
1063     +/***** SAKURA Linux start. *****/
1064     +#include <linux/sakura.h>
1065     +/***** SAKURA Linux end. *****/
1066    
1067     void __inet6_hash(struct inet_hashinfo *hashinfo,
1068     struct sock *sk)
1069     @@ -266,6 +269,9 @@ int inet6_hash_connect(struct inet_timew
1070     local_bh_disable();
1071     for (i = 1; i <= range; i++) {
1072     port = low + (i + offset) % range;
1073     + /***** SAKURA Linux start. *****/
1074     + if (SAKURA_MayAutobind(port) < 0) continue;
1075     + /***** SAKURA Linux end. *****/
1076     head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1077     spin_lock(&head->lock);
1078    
1079     diff -ubBpEr linux-2.6.21/net/socket.c linux-2.6.21-ccs/net/socket.c
1080 kumaneko 237 --- linux-2.6.21/net/socket.c 2007-04-28 04:02:41.000000000 +0900
1081     +++ linux-2.6.21-ccs/net/socket.c 2007-04-28 04:02:47.000000000 +0900
1082 kumaneko 193 @@ -93,6 +93,11 @@
1083     #include <net/sock.h>
1084     #include <linux/netfilter.h>
1085    
1086     +/***** TOMOYO Linux start. *****/
1087     +#include <linux/tomoyo.h>
1088     +#include <linux/tomoyo_socket.h>
1089     +/***** TOMOYO Linux end. *****/
1090     +
1091     static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
1092     static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov,
1093     unsigned long nr_segs, loff_t pos);
1094     @@ -549,6 +554,9 @@ static inline int __sock_sendmsg(struct
1095     err = security_socket_sendmsg(sock, msg, size);
1096     if (err)
1097     return err;
1098     + /***** TOMOYO Linux start. *****/
1099     + if (CheckSocketSendMsgPermission(sock, (struct sockaddr *) msg->msg_name, msg->msg_namelen)) return -EPERM;
1100     + /***** TOMOYO Linux start. *****/
1101    
1102     return sock->ops->sendmsg(iocb, sock, msg, size);
1103     }
1104     @@ -616,6 +624,11 @@ int sock_recvmsg(struct socket *sock, st
1105     ret = __sock_recvmsg(&iocb, sock, msg, size, flags);
1106     if (-EIOCBQUEUED == ret)
1107     ret = wait_on_sync_kiocb(&iocb);
1108     + /***** TOMOYO Linux start. *****/
1109     + if (ret >= 0 && CheckSocketRecvMsgPermission(sock, (struct sockaddr *) msg->msg_name, msg->msg_namelen)) {
1110     + ret = -EAGAIN; /* Hope less harmful than -EPERM. */
1111     + }
1112     + /***** TOMOYO Linux end. *****/
1113     return ret;
1114     }
1115    
1116     @@ -1070,6 +1083,10 @@ static int __sock_create(int family, int
1117     family = PF_PACKET;
1118     }
1119    
1120     + /***** TOMOYO Linux start. *****/
1121     + if ((err = CheckSocketCreatePermission(family, type, protocol)) < 0) return err;
1122     + /***** TOMOYO Linux end. *****/
1123     +
1124     err = security_socket_create(family, type, protocol, kern);
1125     if (err)
1126     return err;
1127     @@ -1298,6 +1315,9 @@ asmlinkage long sys_bind(int fd, struct
1128     err = security_socket_bind(sock,
1129     (struct sockaddr *)address,
1130     addrlen);
1131     + /***** TOMOYO Linux start. *****/
1132     + if (!err) err = CheckSocketBindPermission(sock, (struct sockaddr *) address, addrlen);
1133     + /***** TOMOYO Linux end. *****/
1134     if (!err)
1135     err = sock->ops->bind(sock,
1136     (struct sockaddr *)
1137     @@ -1327,6 +1347,9 @@ asmlinkage long sys_listen(int fd, int b
1138     backlog = sysctl_somaxconn;
1139    
1140     err = security_socket_listen(sock, backlog);
1141     + /***** TOMOYO Linux start. *****/
1142     + if (!err) err = CheckSocketListenPermission(sock);
1143     + /***** TOMOYO Linux end. *****/
1144     if (!err)
1145     err = sock->ops->listen(sock, backlog);
1146    
1147     @@ -1391,6 +1414,12 @@ asmlinkage long sys_accept(int fd, struc
1148     if (err < 0)
1149     goto out_fd;
1150    
1151     + /***** TOMOYO Linux start. *****/
1152     + if (CheckSocketAcceptPermission(newsock, (struct sockaddr *) address)) {
1153     + err = -ECONNABORTED; /* Hope less harmful than -EPERM. */
1154     + goto out_fd;
1155     + }
1156     + /***** TOMOYO Linux end. *****/
1157     if (upeer_sockaddr) {
1158     if (newsock->ops->getname(newsock, (struct sockaddr *)address,
1159     &len, 2) < 0) {
1160     @@ -1455,6 +1484,10 @@ asmlinkage long sys_connect(int fd, stru
1161     security_socket_connect(sock, (struct sockaddr *)address, addrlen);
1162     if (err)
1163     goto out_put;
1164     + /***** TOMOYO Linux start. *****/
1165     + err = CheckSocketConnectPermission(sock, (struct sockaddr *) address, addrlen);
1166     + if (err) goto out_put;
1167     + /***** TOMOYO Linux end. *****/
1168    
1169     err = sock->ops->connect(sock, (struct sockaddr *)address, addrlen,
1170     sock->file->f_flags);
1171     diff -ubBpEr linux-2.6.21/net/unix/af_unix.c linux-2.6.21-ccs/net/unix/af_unix.c
1172 kumaneko 237 --- linux-2.6.21/net/unix/af_unix.c 2007-04-28 04:02:41.000000000 +0900
1173     +++ linux-2.6.21-ccs/net/unix/af_unix.c 2007-04-28 04:02:47.000000000 +0900
1174 kumaneko 193 @@ -116,6 +116,9 @@
1175     #include <linux/mount.h>
1176     #include <net/checksum.h>
1177     #include <linux/security.h>
1178     +/***** TOMOYO Linux start. *****/
1179     +#include <linux/tomoyo.h>
1180     +/***** TOMOYO Linux end. *****/
1181    
1182     int sysctl_unix_max_dgram_qlen __read_mostly = 10;
1183    
1184     @@ -765,6 +768,10 @@ static int unix_bind(struct socket *sock
1185     err = unix_autobind(sock);
1186     goto out;
1187     }
1188     + /***** TOMOYO Linux start. *****/
1189     + err = -EPERM;
1190     + if (sunaddr->sun_path[0] && CheckCapabilityACL(TOMOYO_CREATE_UNIX_SOCKET)) goto out;
1191     + /***** TOMOYO Linux end. *****/
1192    
1193     err = unix_mkname(sunaddr, addr_len, &hash);
1194     if (err < 0)
1195     @@ -808,6 +815,9 @@ static int unix_bind(struct socket *sock
1196     */
1197     mode = S_IFSOCK |
1198     (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
1199     + /***** TOMOYO Linux start. *****/
1200     + if ((err = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode)) == 0 && (err = CheckSingleWritePermission(TYPE_MKSOCK_ACL, dentry, nd.mnt)) == 0)
1201     + /***** TOMOYO Linux end. *****/
1202     err = vfs_mknod(nd.dentry->d_inode, dentry, mode, 0);
1203     if (err)
1204     goto out_mknod_dput;
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ