オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.21.diff

Annotation of /trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.21.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 863 - (hide annotations) (download) (as text)
Fri Jan 4 08:20:06 2008 UTC (16 years, 5 months ago) by kumaneko
Original Path: trunk/1.5.x/ccs-patch/patches/ccs-patch-2.6.21.diff
File MIME type: text/x-diff
File size: 45263 byte(s) 
Add sys_ptrace() hook.
1 kumaneko 862 ---
2     Makefile | 2
3 kumaneko 863 arch/alpha/kernel/ptrace.c | 8 +++
4     arch/ia64/kernel/ptrace.c | 8 +++
5     arch/m32r/kernel/ptrace.c | 8 +++
6     arch/s390/kernel/ptrace.c | 8 +++
7     arch/sparc/kernel/ptrace.c | 8 +++
8     arch/sparc64/kernel/ptrace.c | 8 +++
9 kumaneko 862 fs/Kconfig | 2
10     fs/Makefile | 2
11     fs/attr.c | 11 +++++
12     fs/compat.c | 8 +++
13     fs/exec.c | 14 ++++++
14     fs/fcntl.c | 7 +++
15     fs/ioctl.c | 6 ++
16     fs/namei.c | 60 +++++++++++++++++++++++++++++
17     fs/namespace.c | 38 ++++++++++++++++++
18     fs/open.c | 21 ++++++++++
19     fs/proc/Makefile | 3 +
20     fs/proc/proc_misc.c | 9 ++++
21     include/linux/init_task.h | 4 +
22     include/linux/sched.h | 9 ++++
23     kernel/compat.c | 6 ++
24     kernel/kexec.c | 6 ++
25     kernel/kmod.c | 5 ++
26     kernel/module.c | 9 ++++
27 kumaneko 863 kernel/ptrace.c | 8 +++
28 kumaneko 862 kernel/sched.c | 6 ++
29     kernel/signal.c | 15 +++++++
30     kernel/sys.c | 15 +++++++
31     kernel/sysctl.c | 81 ++++++++++++++++++++++++++++++++++++++++
32     kernel/time.c | 9 ++++
33     kernel/time/ntp.c | 6 ++
34     net/core/datagram.c | 9 ++++
35     net/ipv4/inet_connection_sock.c | 6 ++
36     net/ipv4/inet_hashtables.c | 6 ++
37     net/ipv4/udp.c | 9 ++++
38     net/ipv6/inet6_hashtables.c | 6 ++
39     net/socket.c | 28 +++++++++++++
40     net/unix/af_unix.c | 10 ++++
41 kumaneko 863 39 files changed, 481 insertions(+), 3 deletions(-)
42 kumaneko 862
43     --- linux-2.6.21.orig/Makefile
44     +++ linux-2.6.21/Makefile
45 kumaneko 193 @@ -1,7 +1,7 @@
46     VERSION = 2
47     PATCHLEVEL = 6
48     SUBLEVEL = 21
49     -EXTRAVERSION =
50     +EXTRAVERSION = -ccs
51     NAME = Nocturnal Monster Puppy
52    
53     # *DOCUMENTATION*
54 kumaneko 863 --- linux-2.6.21.orig/arch/alpha/kernel/ptrace.c
55     +++ linux-2.6.21/arch/alpha/kernel/ptrace.c
56     @@ -20,6 +20,9 @@
57     #include <asm/pgtable.h>
58     #include <asm/system.h>
59     #include <asm/fpu.h>
60     +/***** TOMOYO Linux start. *****/
61     +#include <linux/tomoyo.h>
62     +/***** TOMOYO Linux end. *****/
63    
64     #include "proto.h"
65    
66     @@ -268,6 +271,11 @@ do_sys_ptrace(long request, long pid, lo
67     unsigned long tmp;
68     size_t copied;
69     long ret;
70     + /***** TOMOYO Linux start. *****/
71     +#ifdef TOMOYO_SYS_PTRACE
72     + if (CheckCapabilityACL(TOMOYO_SYS_PTRACE)) return -EPERM;
73     +#endif
74     + /***** TOMOYO Linux end. *****/
75    
76     lock_kernel();
77     DBG(DBG_MEM, ("request=%ld pid=%ld addr=0x%lx data=0x%lx\n",
78     --- linux-2.6.21.orig/arch/ia64/kernel/ptrace.c
79     +++ linux-2.6.21/arch/ia64/kernel/ptrace.c
80     @@ -28,6 +28,9 @@
81     #ifdef CONFIG_PERFMON
82     #include <asm/perfmon.h>
83     #endif
84     +/***** TOMOYO Linux start. *****/
85     +#include <linux/tomoyo.h>
86     +/***** TOMOYO Linux end. *****/
87    
88     #include "entry.h"
89    
90     @@ -1418,6 +1421,11 @@ sys_ptrace (long request, pid_t pid, uns
91     struct task_struct *child;
92     struct switch_stack *sw;
93     long ret;
94     + /***** TOMOYO Linux start. *****/
95     +#ifdef TOMOYO_SYS_PTRACE
96     + if (CheckCapabilityACL(TOMOYO_SYS_PTRACE)) return -EPERM;
97     +#endif
98     + /***** TOMOYO Linux end. *****/
99    
100     lock_kernel();
101     ret = -EPERM;
102     --- linux-2.6.21.orig/arch/m32r/kernel/ptrace.c
103     +++ linux-2.6.21/arch/m32r/kernel/ptrace.c
104     @@ -32,6 +32,9 @@
105     #include <asm/system.h>
106     #include <asm/processor.h>
107     #include <asm/mmu_context.h>
108     +/***** TOMOYO Linux start. *****/
109     +#include <linux/tomoyo.h>
110     +/***** TOMOYO Linux end. *****/
111    
112     /*
113     * This routine will get a word off of the process kernel stack.
114     @@ -742,6 +745,11 @@ asmlinkage long sys_ptrace(long request,
115     {
116     struct task_struct *child;
117     int ret;
118     + /***** TOMOYO Linux start. *****/
119     +#ifdef TOMOYO_SYS_PTRACE
120     + if (CheckCapabilityACL(TOMOYO_SYS_PTRACE)) return -EPERM;
121     +#endif
122     + /***** TOMOYO Linux end. *****/
123    
124     lock_kernel();
125     if (request == PTRACE_TRACEME) {
126     --- linux-2.6.21.orig/arch/s390/kernel/ptrace.c
127     +++ linux-2.6.21/arch/s390/kernel/ptrace.c
128     @@ -41,6 +41,9 @@
129     #include <asm/system.h>
130     #include <asm/uaccess.h>
131     #include <asm/unistd.h>
132     +/***** TOMOYO Linux start. *****/
133     +#include <linux/tomoyo.h>
134     +/***** TOMOYO Linux end. *****/
135    
136     #ifdef CONFIG_COMPAT
137     #include "compat_ptrace.h"
138     @@ -713,6 +716,11 @@ sys_ptrace(long request, long pid, long
139     struct task_struct *child;
140     int ret;
141    
142     + /***** TOMOYO Linux start. *****/
143     +#ifdef TOMOYO_SYS_PTRACE
144     + if (CheckCapabilityACL(TOMOYO_SYS_PTRACE)) return -EPERM;
145     +#endif
146     + /***** TOMOYO Linux end. *****/
147     lock_kernel();
148     if (request == PTRACE_TRACEME) {
149     ret = ptrace_traceme();
150     --- linux-2.6.21.orig/arch/sparc/kernel/ptrace.c
151     +++ linux-2.6.21/arch/sparc/kernel/ptrace.c
152     @@ -23,6 +23,9 @@
153     #include <asm/pgtable.h>
154     #include <asm/system.h>
155     #include <asm/uaccess.h>
156     +/***** TOMOYO Linux start. *****/
157     +#include <linux/tomoyo.h>
158     +/***** TOMOYO Linux end. *****/
159    
160     #define MAGIC_CONSTANT 0x80000000
161    
162     @@ -267,6 +270,11 @@ asmlinkage void do_ptrace(struct pt_regs
163     unsigned long addr2 = regs->u_regs[UREG_I4];
164     struct task_struct *child;
165     int ret;
166     + /***** TOMOYO Linux start. *****/
167     +#ifdef TOMOYO_SYS_PTRACE
168     + if (CheckCapabilityACL(TOMOYO_SYS_PTRACE)) return -EPERM;
169     +#endif
170     + /***** TOMOYO Linux end. *****/
171    
172     lock_kernel();
173     #ifdef DEBUG_PTRACE
174     --- linux-2.6.21.orig/arch/sparc64/kernel/ptrace.c
175     +++ linux-2.6.21/arch/sparc64/kernel/ptrace.c
176     @@ -32,6 +32,9 @@
177     #include <asm/spitfire.h>
178     #include <asm/page.h>
179     #include <asm/cpudata.h>
180     +/***** TOMOYO Linux start. *****/
181     +#include <linux/tomoyo.h>
182     +/***** TOMOYO Linux end. *****/
183    
184     /* Returning from ptrace is a bit tricky because the syscall return
185     * low level code assumes any value returned which is negative and
186     @@ -176,6 +179,11 @@ asmlinkage void do_ptrace(struct pt_regs
187     unsigned long addr2 = regs->u_regs[UREG_I4];
188     struct task_struct *child;
189     int ret;
190     + /***** TOMOYO Linux start. *****/
191     +#ifdef TOMOYO_SYS_PTRACE
192     + if (CheckCapabilityACL(TOMOYO_SYS_PTRACE)) return -EPERM;
193     +#endif
194     + /***** TOMOYO Linux end. *****/
195    
196     if (test_thread_flag(TIF_32BIT)) {
197     addr &= 0xffffffffUL;
198 kumaneko 862 --- linux-2.6.21.orig/fs/Kconfig
199     +++ linux-2.6.21/fs/Kconfig
200 kumaneko 193 @@ -2055,5 +2055,7 @@ endif
201     source "fs/nls/Kconfig"
202     source "fs/dlm/Kconfig"
203    
204     +source "fs/Kconfig.ccs"
205     +
206     endmenu
207    
208 kumaneko 862 --- linux-2.6.21.orig/fs/Makefile
209     +++ linux-2.6.21/fs/Makefile
210 kumaneko 193 @@ -114,3 +114,5 @@ obj-$(CONFIG_HPPFS) += hppfs/
211     obj-$(CONFIG_DEBUG_FS) += debugfs/
212     obj-$(CONFIG_OCFS2_FS) += ocfs2/
213     obj-$(CONFIG_GFS2_FS) += gfs2/
214     +
215     +include $(srctree)/fs/Makefile-2.6.ccs
216 kumaneko 862 --- linux-2.6.21.orig/fs/attr.c
217     +++ linux-2.6.21/fs/attr.c
218 kumaneko 193 @@ -15,6 +15,9 @@
219     #include <linux/fcntl.h>
220     #include <linux/quotaops.h>
221     #include <linux/security.h>
222     +/***** TOMOYO Linux start. *****/
223     +#include <linux/tomoyo.h>
224     +/***** TOMOYO Linux end. *****/
225    
226     /* Taken over from the old code... */
227    
228     @@ -145,12 +148,20 @@ int notify_change(struct dentry * dentry
229    
230     if (inode->i_op && inode->i_op->setattr) {
231     error = security_inode_setattr(dentry, attr);
232     + /***** TOMOYO Linux start. *****/
233     + if (!error && (ia_valid & ATTR_MODE)) error = CheckCapabilityACL(TOMOYO_SYS_CHMOD);
234     + if (!error && (ia_valid & (ATTR_UID | ATTR_GID))) error = CheckCapabilityACL(TOMOYO_SYS_CHOWN);
235     + /***** TOMOYO Linux end. *****/
236     if (!error)
237     error = inode->i_op->setattr(dentry, attr);
238     } else {
239     error = inode_change_ok(inode, attr);
240     if (!error)
241     error = security_inode_setattr(dentry, attr);
242     + /***** TOMOYO Linux start. *****/
243     + if (!error && (ia_valid & ATTR_MODE)) error = CheckCapabilityACL(TOMOYO_SYS_CHMOD);
244     + if (!error && (ia_valid & (ATTR_UID | ATTR_GID))) error = CheckCapabilityACL(TOMOYO_SYS_CHOWN);
245     + /***** TOMOYO Linux end. *****/
246     if (!error) {
247     if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
248     (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid))
249 kumaneko 862 --- linux-2.6.21.orig/fs/compat.c
250     +++ linux-2.6.21/fs/compat.c
251 kumaneko 193 @@ -56,6 +56,9 @@
252     #include <asm/mmu_context.h>
253     #include <asm/ioctls.h>
254     #include "internal.h"
255     +/***** TOMOYO Linux start. *****/
256     +#include <linux/tomoyo.h>
257     +/***** TOMOYO Linux end. *****/
258    
259     int compat_log = 1;
260    
261     @@ -422,6 +425,9 @@ asmlinkage long compat_sys_ioctl(unsigne
262     /*FALL THROUGH*/
263    
264     default:
265     + /***** TOMOYO Linux start. *****/
266     + if ((error = CheckCapabilityACL(TOMOYO_SYS_IOCTL)) < 0) goto out_fput;
267     + /***** TOMOYO Linux end. *****/
268     if (filp->f_op && filp->f_op->compat_ioctl) {
269     error = filp->f_op->compat_ioctl(filp, cmd, arg);
270     if (error != -ENOIOCTLCMD)
271     @@ -1552,7 +1558,7 @@ int compat_do_execve(char * filename,
272     if (retval < 0)
273     goto out;
274    
275     - retval = search_binary_handler(bprm, regs);
276     + retval = search_binary_handler_with_transition(bprm, regs);
277     if (retval >= 0) {
278     free_arg_pages(bprm);
279    
280 kumaneko 862 --- linux-2.6.21.orig/fs/exec.c
281     +++ linux-2.6.21/fs/exec.c
282 kumaneko 193 @@ -58,6 +58,10 @@
283     #include <linux/kmod.h>
284     #endif
285    
286     +/***** TOMOYO Linux start. *****/
287     +#include <linux/tomoyo.h>
288     +/***** TOMOYO Linux end. *****/
289     +
290     int core_uses_pid;
291     char core_pattern[128] = "core";
292     int suid_dumpable = 0;
293     @@ -140,6 +144,11 @@ asmlinkage long sys_uselib(const char __
294     if (error)
295     goto exit;
296    
297     + /***** TOMOYO Linux start. *****/
298     + error = CheckOpenPermission(nd.dentry, nd.mnt, 01); /* 01 means "read". */
299     + if (error) goto exit;
300     + /***** TOMOYO Linux end. *****/
301     +
302     file = nameidata_to_filp(&nd, O_RDONLY);
303     error = PTR_ERR(file);
304     if (IS_ERR(file))
305     @@ -485,6 +494,9 @@ struct file *open_exec(const char *name)
306     if (!(nd.mnt->mnt_flags & MNT_NOEXEC) &&
307     S_ISREG(inode->i_mode)) {
308     int err = vfs_permission(&nd, MAY_EXEC);
309     + /***** TOMOYO Linux start. *****/
310     + if (!err && (current->tomoyo_flags & TOMOYO_CHECK_READ_FOR_OPEN_EXEC)) err = CheckOpenPermission(nd.dentry, nd.mnt, 01); /* 01 means "read". */
311     + /***** TOMOYO Linux end. *****/
312     file = ERR_PTR(err);
313     if (!err) {
314     file = nameidata_to_filp(&nd, O_RDONLY);
315     @@ -1183,7 +1195,7 @@ int do_execve(char * filename,
316     if (retval < 0)
317     goto out;
318    
319     - retval = search_binary_handler(bprm,regs);
320     + retval = search_binary_handler_with_transition(bprm,regs);
321     if (retval >= 0) {
322     free_arg_pages(bprm);
323    
324 kumaneko 862 --- linux-2.6.21.orig/fs/fcntl.c
325     +++ linux-2.6.21/fs/fcntl.c
326 kumaneko 193 @@ -22,6 +22,9 @@
327     #include <asm/poll.h>
328     #include <asm/siginfo.h>
329     #include <asm/uaccess.h>
330     +/***** TOMOYO Linux start. *****/
331     +#include <linux/tomoyo.h>
332     +/***** TOMOYO Linux end. *****/
333    
334     void fastcall set_close_on_exec(unsigned int fd, int flag)
335     {
336     @@ -213,6 +216,10 @@ static int setfl(int fd, struct file * f
337     if (((arg ^ filp->f_flags) & O_APPEND) && IS_APPEND(inode))
338     return -EPERM;
339    
340     + /***** TOMOYO Linux start. *****/
341     + if (((arg ^ filp->f_flags) & O_APPEND) && CheckReWritePermission(filp)) return -EPERM;
342     + /***** TOMOYO Linux end. *****/
343     +
344     /* O_NOATIME can only be set by the owner or superuser */
345     if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
346     if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
347 kumaneko 862 --- linux-2.6.21.orig/fs/ioctl.c
348     +++ linux-2.6.21/fs/ioctl.c
349 kumaneko 193 @@ -15,6 +15,9 @@
350    
351     #include <asm/uaccess.h>
352     #include <asm/ioctls.h>
353     +/***** TOMOYO Linux start. *****/
354     +#include <linux/tomoyo.h>
355     +/***** TOMOYO Linux end. *****/
356    
357     static long do_ioctl(struct file *filp, unsigned int cmd,
358     unsigned long arg)
359     @@ -23,6 +26,9 @@ static long do_ioctl(struct file *filp,
360    
361     if (!filp->f_op)
362     goto out;
363     + /***** TOMOYO Linux start. *****/
364     + if (CheckCapabilityACL(TOMOYO_SYS_IOCTL) < 0) return -EPERM;
365     + /***** TOMOYO Linux end. *****/
366    
367     if (filp->f_op->unlocked_ioctl) {
368     error = filp->f_op->unlocked_ioctl(filp, cmd, arg);
369 kumaneko 862 --- linux-2.6.21.orig/fs/namei.c
370     +++ linux-2.6.21/fs/namei.c
371 kumaneko 193 @@ -37,6 +37,10 @@
372    
373     #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
374    
375     +/***** TOMOYO Linux start. *****/
376     +#include <linux/tomoyo.h>
377     +/***** TOMOYO Linux end. *****/
378     +
379     /* [Feb-1997 T. Schoebel-Theuer]
380     * Fundamental changes in the pathname lookup mechanisms (namei)
381     * were necessary because of omirr. The reason is that omirr needs
382     @@ -1506,6 +1510,9 @@ int vfs_create(struct inode *dir, struct
383     error = security_inode_create(dir, dentry, mode);
384     if (error)
385     return error;
386     + /***** TOMOYO Linux start. *****/
387     + if (nd && (error = CheckSingleWritePermission(TYPE_CREATE_ACL, dentry, nd->mnt)) < 0) return error;
388     + /***** TOMOYO Linux end. *****/
389     DQUOT_INIT(dir);
390     error = dir->i_op->create(dir, dentry, mode, nd);
391     if (!error)
392     @@ -1561,6 +1568,11 @@ int may_open(struct nameidata *nd, int a
393     if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
394     return -EPERM;
395    
396 kumaneko 449 + /***** TOMOYO Linux start. *****/
397 kumaneko 193 + error = CheckOpenPermission(dentry, nd->mnt, flag); /* includes O_APPEND and O_TRUNC checks */
398 kumaneko 449 + if (error) return error;
399     + /***** TOMOYO Linux end. *****/
400 kumaneko 193 +
401     /*
402     * Ensure there are no outstanding leases on the file.
403     */
404     @@ -1610,6 +1622,9 @@ static int open_namei_create(struct name
405     return may_open(nd, 0, flag & ~O_TRUNC);
406     }
407    
408     +/***** TOMOYO Linux start. *****/
409     +#include <linux/tomoyo_vfs.h>
410     +/***** TOMOYO Linux end. *****/
411     /*
412     * open_namei()
413     *
414     @@ -1870,6 +1885,12 @@ asmlinkage long sys_mknodat(int dfd, con
415    
416     if (S_ISDIR(mode))
417     return -EPERM;
418     + /***** TOMOYO Linux start. *****/
419     + if (S_ISCHR(mode) && CheckCapabilityACL(TOMOYO_CREATE_CHAR_DEV)) return -EPERM;
420     + if (S_ISBLK(mode) && CheckCapabilityACL(TOMOYO_CREATE_BLOCK_DEV)) return -EPERM;
421     + if (S_ISFIFO(mode) && CheckCapabilityACL(TOMOYO_CREATE_FIFO)) return -EPERM;
422     + if (S_ISSOCK(mode) && CheckCapabilityACL(TOMOYO_CREATE_UNIX_SOCKET)) return -EPERM;
423     + /***** TOMOYO Linux end. *****/
424     tmp = getname(filename);
425     if (IS_ERR(tmp))
426     return PTR_ERR(tmp);
427     @@ -1888,10 +1909,16 @@ asmlinkage long sys_mknodat(int dfd, con
428     error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd);
429     break;
430     case S_IFCHR: case S_IFBLK:
431     + /***** TOMOYO Linux start. *****/
432     + if ((error = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode)) == 0 && (error = CheckSingleWritePermission(S_ISCHR(mode) ? TYPE_MKCHAR_ACL : TYPE_MKBLOCK_ACL, dentry, nd.mnt)) == 0)
433     + /***** TOMOYO Linux end. *****/
434     error = vfs_mknod(nd.dentry->d_inode,dentry,mode,
435     new_decode_dev(dev));
436     break;
437     case S_IFIFO: case S_IFSOCK:
438     + /***** TOMOYO Linux start. *****/
439     + if ((error = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode)) == 0 && (error = CheckSingleWritePermission(S_ISFIFO(mode) ? TYPE_MKFIFO_ACL : TYPE_MKSOCK_ACL, dentry, nd.mnt)) == 0)
440     + /***** TOMOYO Linux end. *****/
441     error = vfs_mknod(nd.dentry->d_inode,dentry,mode,0);
442     break;
443     case S_IFDIR:
444     @@ -1959,6 +1986,9 @@ asmlinkage long sys_mkdirat(int dfd, con
445    
446     if (!IS_POSIXACL(nd.dentry->d_inode))
447     mode &= ~current->fs->umask;
448     + /***** TOMOYO Linux start. *****/
449     + if ((error = pre_vfs_mkdir(nd.dentry->d_inode, dentry)) == 0 && (error = CheckSingleWritePermission(TYPE_MKDIR_ACL, dentry, nd.mnt)) == 0)
450     + /***** TOMOYO Linux end. *****/
451     error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
452     dput(dentry);
453     out_unlock:
454     @@ -2066,6 +2096,9 @@ static long do_rmdir(int dfd, const char
455     error = PTR_ERR(dentry);
456     if (IS_ERR(dentry))
457     goto exit2;
458     + /***** TOMOYO Linux start. *****/
459     + if ((error = pre_vfs_rmdir(nd.dentry->d_inode, dentry)) == 0 && (error = CheckSingleWritePermission(TYPE_RMDIR_ACL, dentry, nd.mnt)) == 0)
460     + /***** TOMOYO Linux end. *****/
461     error = vfs_rmdir(nd.dentry->d_inode, dentry);
462     dput(dentry);
463     exit2:
464     @@ -2125,6 +2158,9 @@ static long do_unlinkat(int dfd, const c
465     struct dentry *dentry;
466     struct nameidata nd;
467     struct inode *inode = NULL;
468     + /***** TOMOYO Linux start. *****/
469     + if (CheckCapabilityACL(TOMOYO_SYS_UNLINK)) return -EPERM;
470     + /***** TOMOYO Linux end. *****/
471    
472     name = getname(pathname);
473     if(IS_ERR(name))
474     @@ -2146,6 +2182,9 @@ static long do_unlinkat(int dfd, const c
475     inode = dentry->d_inode;
476     if (inode)
477     atomic_inc(&inode->i_count);
478     + /***** TOMOYO Linux start. *****/
479     + if ((error = pre_vfs_unlink(nd.dentry->d_inode, dentry)) == 0 && (error = CheckSingleWritePermission(TYPE_UNLINK_ACL, dentry, nd.mnt)) == 0)
480     + /***** TOMOYO Linux end. *****/
481     error = vfs_unlink(nd.dentry->d_inode, dentry);
482     exit2:
483     dput(dentry);
484     @@ -2210,6 +2249,9 @@ asmlinkage long sys_symlinkat(const char
485     char * to;
486     struct dentry *dentry;
487     struct nameidata nd;
488     + /***** TOMOYO Linux start. *****/
489     + if (CheckCapabilityACL(TOMOYO_SYS_SYMLINK)) return -EPERM;
490     + /***** TOMOYO Linux end. *****/
491    
492     from = getname(oldname);
493     if(IS_ERR(from))
494     @@ -2227,6 +2269,9 @@ asmlinkage long sys_symlinkat(const char
495     if (IS_ERR(dentry))
496     goto out_unlock;
497    
498     + /***** TOMOYO Linux start. *****/
499     + if ((error = pre_vfs_symlink(nd.dentry->d_inode, dentry)) == 0 && (error = CheckSingleWritePermission(TYPE_SYMLINK_ACL, dentry, nd.mnt)) == 0)
500     + /***** TOMOYO Linux end. *****/
501     error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
502     dput(dentry);
503     out_unlock:
504     @@ -2299,6 +2344,9 @@ asmlinkage long sys_linkat(int olddfd, c
505     struct nameidata nd, old_nd;
506     int error;
507     char * to;
508     + /***** TOMOYO Linux start. *****/
509     + if (CheckCapabilityACL(TOMOYO_SYS_LINK)) return -EPERM;
510     + /***** TOMOYO Linux end. *****/
511    
512     if ((flags & ~AT_SYMLINK_FOLLOW) != 0)
513     return -EINVAL;
514     @@ -2322,6 +2370,9 @@ asmlinkage long sys_linkat(int olddfd, c
515     error = PTR_ERR(new_dentry);
516     if (IS_ERR(new_dentry))
517     goto out_unlock;
518     + /***** TOMOYO Linux start. *****/
519     + if ((error = pre_vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry)) == 0 && (error = CheckDoubleWritePermission(TYPE_LINK_ACL, old_nd.dentry, old_nd.mnt, new_dentry, nd.mnt)) == 0)
520     + /***** TOMOYO Linux end. *****/
521     error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
522     dput(new_dentry);
523     out_unlock:
524     @@ -2547,6 +2598,12 @@ static int do_rename(int olddfd, const c
525     error = -ENOTEMPTY;
526     if (new_dentry == trap)
527     goto exit5;
528     + /***** TOMOYO Linux start. *****/
529     + if ((error = pre_vfs_rename(old_dir->d_inode, old_dentry, new_dir->d_inode, new_dentry)) < 0 ||
530     + (error = CheckDoubleWritePermission(TYPE_RENAME_ACL, old_dentry, oldnd.mnt, new_dentry, newnd.mnt)) < 0) {
531     + goto exit5;
532     + }
533     + /***** TOMOYO Linux end. *****/
534    
535     error = vfs_rename(old_dir->d_inode, old_dentry,
536     new_dir->d_inode, new_dentry);
537     @@ -2570,6 +2627,9 @@ asmlinkage long sys_renameat(int olddfd,
538     int error;
539     char * from;
540     char * to;
541     + /***** TOMOYO Linux start. *****/
542     + if (CheckCapabilityACL(TOMOYO_SYS_RENAME)) return -EPERM;
543     + /***** TOMOYO Linux end. *****/
544    
545     from = getname(oldname);
546     if(IS_ERR(from))
547 kumaneko 862 --- linux-2.6.21.orig/fs/namespace.c
548     +++ linux-2.6.21/fs/namespace.c
549 kumaneko 193 @@ -28,6 +28,12 @@
550     #include <asm/uaccess.h>
551     #include <asm/unistd.h>
552     #include "pnode.h"
553     +/***** SAKURA Linux start. *****/
554     +#include <linux/sakura.h>
555     +/***** SAKURA Linux end. *****/
556     +/***** TOMOYO Linux start. *****/
557     +#include <linux/tomoyo.h>
558     +/***** TOMOYO Linux end. *****/
559    
560     /* spinlock for vfsmount related operations, inplace of dcache_lock */
561     __cacheline_aligned_in_smp DEFINE_SPINLOCK(vfsmount_lock);
562     @@ -545,6 +551,10 @@ static int do_umount(struct vfsmount *mn
563     if (retval)
564     return retval;
565    
566     + /***** SAKURA Linux start. *****/
567     + if (SAKURA_MayUmount(mnt) < 0) return -EPERM;
568     + /***** SAKURA Linux end. *****/
569     +
570     /*
571     * Allow userspace to request a mountpoint be expired rather than
572     * unmounting unconditionally. Unmount only happens if:
573     @@ -633,6 +643,9 @@ asmlinkage long sys_umount(char __user *
574     {
575     struct nameidata nd;
576     int retval;
577     + /***** TOMOYO Linux start. *****/
578     + if (CheckCapabilityACL(TOMOYO_SYS_UMOUNT)) return -EPERM;
579     + /***** TOMOYO Linux end. *****/
580    
581     retval = __user_walk(name, LOOKUP_FOLLOW, &nd);
582     if (retval)
583     @@ -917,6 +930,10 @@ static int do_loopback(struct nameidata
584    
585     if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
586     goto out;
587     + /***** SAKURA Linux start. *****/
588     + err = -EPERM;
589     + if (SAKURA_MayMount(nd) < 0) goto out;
590     + /***** SAKURA Linux end. *****/
591    
592     err = -ENOMEM;
593     if (recurse)
594     @@ -1002,6 +1019,10 @@ static int do_move_mount(struct nameidat
595     if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
596     goto out;
597    
598     + /***** SAKURA Linux start. *****/
599     + err = -EPERM;
600     + if (SAKURA_MayUmount(old_nd.mnt) < 0 || SAKURA_MayMount(nd) < 0) goto out;
601     + /***** SAKURA Linux end. *****/
602     err = -ENOENT;
603     mutex_lock(&nd->dentry->d_inode->i_mutex);
604     if (IS_DEADDIR(nd->dentry->d_inode))
605     @@ -1103,6 +1124,10 @@ int do_add_mount(struct vfsmount *newmnt
606     err = -EINVAL;
607     if (S_ISLNK(newmnt->mnt_root->d_inode->i_mode))
608     goto unlock;
609     + /***** SAKURA Linux start. *****/
610     + err = -EPERM;
611     + if (SAKURA_MayMount(nd) < 0) goto unlock;
612     + /***** SAKURA Linux end. *****/
613    
614     newmnt->mnt_flags = mnt_flags;
615     if ((err = graft_tree(newmnt, nd)))
616     @@ -1394,6 +1419,13 @@ long do_mount(char *dev_name, char *dir_
617     if (data_page)
618     ((char *)data_page)[PAGE_SIZE - 1] = 0;
619    
620     + /***** TOMOYO Linux start. *****/
621     + if (CheckCapabilityACL(TOMOYO_SYS_MOUNT)) return -EPERM;
622     + /***** TOMOYO Linux end. *****/
623     + /***** SAKURA Linux start. *****/
624 kumaneko 448 + if ((retval = CheckMountPermission(dev_name, dir_name, type_page, &flags)) < 0) return retval;
625 kumaneko 193 + /***** SAKURA Linux end. *****/
626     +
627     /* Separate the per-mountpoint flags */
628     if (flags & MS_NOSUID)
629     mnt_flags |= MNT_NOSUID;
630     @@ -1686,6 +1718,9 @@ asmlinkage long sys_pivot_root(const cha
631    
632     if (!capable(CAP_SYS_ADMIN))
633     return -EPERM;
634     + /***** TOMOYO Linux start. *****/
635     + if (CheckCapabilityACL(TOMOYO_SYS_PIVOT_ROOT)) return -EPERM;
636     + /***** TOMOYO Linux end. *****/
637    
638     lock_kernel();
639    
640     @@ -1702,6 +1737,9 @@ asmlinkage long sys_pivot_root(const cha
641     goto out1;
642    
643     error = security_sb_pivotroot(&old_nd, &new_nd);
644     + /***** SAKURA Linux start. *****/
645     + if (!error) error = CheckPivotRootPermission(&old_nd, &new_nd);
646     + /***** SAKURA Linux end. *****/
647     if (error) {
648     path_release(&old_nd);
649     goto out1;
650 kumaneko 862 --- linux-2.6.21.orig/fs/open.c
651     +++ linux-2.6.21/fs/open.c
652 kumaneko 193 @@ -27,6 +27,12 @@
653     #include <linux/syscalls.h>
654     #include <linux/rcupdate.h>
655     #include <linux/audit.h>
656     +/***** SAKURA Linux start. *****/
657     +#include <linux/sakura.h>
658     +/***** SAKURA Linux end. *****/
659     +/***** TOMOYO Linux start. *****/
660     +#include <linux/tomoyo.h>
661     +/***** TOMOYO Linux end. *****/
662    
663     int vfs_statfs(struct dentry *dentry, struct kstatfs *buf)
664     {
665     @@ -264,6 +270,9 @@ static long do_sys_truncate(const char _
666     if (error)
667     goto dput_and_out;
668    
669     + /***** TOMOYO Linux start. *****/
670     + if ((error = CheckSingleWritePermission(TYPE_TRUNCATE_ACL, nd.dentry, nd.mnt)) == 0)
671     + /***** TOMOYO Linux end. *****/
672     error = locks_verify_truncate(inode, NULL, length);
673     if (!error) {
674     DQUOT_INIT(inode);
675     @@ -317,6 +326,9 @@ static long do_sys_ftruncate(unsigned in
676     if (IS_APPEND(inode))
677     goto out_putf;
678    
679     + /***** TOMOYO Linux start. *****/
680     + if ((error = CheckSingleWritePermission(TYPE_TRUNCATE_ACL, dentry, file->f_vfsmnt)) == 0)
681     + /***** TOMOYO Linux end. *****/
682     error = locks_verify_truncate(inode, file, length);
683     if (!error)
684     error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, file);
685     @@ -481,6 +493,12 @@ asmlinkage long sys_chroot(const char __
686     error = -EPERM;
687     if (!capable(CAP_SYS_CHROOT))
688     goto dput_and_out;
689     + /***** TOMOYO Linux start. *****/
690     + if (CheckCapabilityACL(TOMOYO_SYS_CHROOT)) goto dput_and_out;
691     + /***** TOMOYO Linux end. *****/
692     + /***** SAKURA Linux start. *****/
693     + if (CheckChRootPermission(&nd)) goto dput_and_out;
694     + /***** SAKURA Linux end. *****/
695    
696     set_fs_root(current->fs, nd.mnt, nd.dentry);
697     set_fs_altroot();
698     @@ -1085,6 +1103,9 @@ EXPORT_SYMBOL(sys_close);
699     */
700     asmlinkage long sys_vhangup(void)
701     {
702     + /***** TOMOYO Linux start. *****/
703     + if (CheckCapabilityACL(TOMOYO_SYS_VHANGUP) == 0)
704     + /***** TOMOYO Linux end. *****/
705     if (capable(CAP_SYS_TTY_CONFIG)) {
706     /* XXX: this needs locking */
707     tty_vhangup(current->signal->tty);
708 kumaneko 862 --- linux-2.6.21.orig/fs/proc/Makefile
709     +++ linux-2.6.21/fs/proc/Makefile
710 kumaneko 193 @@ -15,3 +15,6 @@ proc-$(CONFIG_PROC_KCORE) += kcore.o
711     proc-$(CONFIG_PROC_VMCORE) += vmcore.o
712     proc-$(CONFIG_PROC_DEVICETREE) += proc_devtree.o
713     proc-$(CONFIG_PRINTK) += kmsg.o
714     +
715     +proc-$(CONFIG_SAKURA) += ccs_proc.o
716     +proc-$(CONFIG_TOMOYO) += ccs_proc.o
717 kumaneko 862 --- linux-2.6.21.orig/fs/proc/proc_misc.c
718     +++ linux-2.6.21/fs/proc/proc_misc.c
719 kumaneko 193 @@ -747,4 +747,13 @@ void __init proc_misc_init(void)
720     entry->proc_fops = &proc_sysrq_trigger_operations;
721     }
722     #endif
723     + /***** CCS start. *****/
724     +#if defined(CONFIG_SAKURA) || defined(CONFIG_TOMOYO)
725     + {
726     + extern void __init CCSProc_Init(void);
727     + CCSProc_Init();
728 kumaneko 863 + printk("Hook version: 2.6.21 2008/01/04\n");
729 kumaneko 193 + }
730     +#endif
731     + /***** CCS end. *****/
732     }
733 kumaneko 862 --- linux-2.6.21.orig/include/linux/init_task.h
734     +++ linux-2.6.21/include/linux/init_task.h
735 kumaneko 193 @@ -141,6 +141,10 @@ extern struct group_info init_groups;
736     .pi_lock = SPIN_LOCK_UNLOCKED, \
737     INIT_TRACE_IRQFLAGS \
738     INIT_LOCKDEP \
739     + /***** TOMOYO Linux start. *****/ \
740     + .domain_info = &KERNEL_DOMAIN, \
741     + .tomoyo_flags = 0, \
742     + /***** TOMOYO Linux end. *****/ \
743     }
744    
745    
746 kumaneko 862 --- linux-2.6.21.orig/include/linux/sched.h
747     +++ linux-2.6.21/include/linux/sched.h
748 kumaneko 193 @@ -27,6 +27,11 @@
749     #define CLONE_NEWUTS 0x04000000 /* New utsname group? */
750     #define CLONE_NEWIPC 0x08000000 /* New ipcs */
751    
752     +/***** TOMOYO Linux start. *****/
753     +struct domain_info;
754     +extern struct domain_info KERNEL_DOMAIN;
755     +/***** TOMOYO Linux end. *****/
756     +
757     /*
758     * Scheduling policies
759     */
760     @@ -1052,6 +1057,10 @@ struct task_struct {
761     #ifdef CONFIG_FAULT_INJECTION
762     int make_it_fail;
763     #endif
764     + /***** TOMOYO Linux start. *****/
765     + struct domain_info *domain_info;
766     + u32 tomoyo_flags;
767     + /***** TOMOYO Linux end. *****/
768     };
769    
770     static inline pid_t process_group(struct task_struct *tsk)
771 kumaneko 862 --- linux-2.6.21.orig/kernel/compat.c
772     +++ linux-2.6.21/kernel/compat.c
773 kumaneko 290 @@ -25,6 +25,9 @@
774     #include <linux/posix-timers.h>
775    
776     #include <asm/uaccess.h>
777     +/***** TOMOYO Linux start. *****/
778     +#include <linux/tomoyo.h>
779     +/***** TOMOYO Linux end. *****/
780    
781     int get_compat_timespec(struct timespec *ts, const struct compat_timespec __user *cts)
782     {
783     @@ -869,6 +872,9 @@ asmlinkage long compat_sys_stime(compat_
784     err = security_settime(&tv, NULL);
785     if (err)
786     return err;
787     + /***** TOMOYO Linux start. *****/
788     + if (CheckCapabilityACL(TOMOYO_SYS_SETTIME)) return -EPERM;
789     + /***** TOMOYO Linux end. *****/
790    
791     do_settimeofday(&tv);
792     return 0;
793 kumaneko 862 --- linux-2.6.21.orig/kernel/kexec.c
794     +++ linux-2.6.21/kernel/kexec.c
795 kumaneko 193 @@ -28,6 +28,9 @@
796     #include <asm/io.h>
797     #include <asm/system.h>
798     #include <asm/semaphore.h>
799     +/***** TOMOYO Linux start. *****/
800     +#include <linux/tomoyo.h>
801     +/***** TOMOYO Linux end. *****/
802    
803     /* Per cpu memory for storing cpu states in case of system crash. */
804     note_buf_t* crash_notes;
805     @@ -924,6 +927,9 @@ asmlinkage long sys_kexec_load(unsigned
806     /* We only trust the superuser with rebooting the system. */
807     if (!capable(CAP_SYS_BOOT))
808     return -EPERM;
809     + /***** TOMOYO Linux start. *****/
810     + if (CheckCapabilityACL(TOMOYO_SYS_KEXEC_LOAD)) return -EPERM;
811     + /***** TOMOYO Linux end. *****/
812    
813     /*
814     * Verify we have a legal set of flags
815 kumaneko 862 --- linux-2.6.21.orig/kernel/kmod.c
816     +++ linux-2.6.21/kernel/kmod.c
817 kumaneko 193 @@ -166,6 +166,11 @@ static int ____call_usermodehelper(void
818     /* We can run anywhere, unlike our parent keventd(). */
819     set_cpus_allowed(current, CPU_MASK_ALL);
820    
821     + /***** TOMOYO Linux start. *****/
822     + current->domain_info = &KERNEL_DOMAIN;
823     + current->tomoyo_flags = 0;
824 kumaneko 212 + /***** TOMOYO Linux end. *****/
825 kumaneko 193 +
826     retval = -EPERM;
827     if (current->fs->root)
828     retval = kernel_execve(sub_info->path,
829 kumaneko 862 --- linux-2.6.21.orig/kernel/module.c
830     +++ linux-2.6.21/kernel/module.c
831 kumaneko 193 @@ -44,6 +44,9 @@
832     #include <asm/semaphore.h>
833     #include <asm/cacheflush.h>
834     #include <linux/license.h>
835     +/***** TOMOYO Linux start. *****/
836     +#include <linux/tomoyo.h>
837     +/***** TOMOYO Linux end. *****/
838    
839     #if 0
840     #define DEBUGP printk
841     @@ -662,6 +665,9 @@ sys_delete_module(const char __user *nam
842    
843     if (!capable(CAP_SYS_MODULE))
844     return -EPERM;
845     + /***** TOMOYO Linux start. *****/
846     + if (CheckCapabilityACL(TOMOYO_USE_KERNEL_MODULE)) return -EPERM;
847     + /***** TOMOYO Linux end. *****/
848    
849     if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
850     return -EFAULT;
851     @@ -1983,6 +1989,9 @@ sys_init_module(void __user *umod,
852     /* Must have permission */
853     if (!capable(CAP_SYS_MODULE))
854     return -EPERM;
855     + /***** TOMOYO Linux start. *****/
856     + if (CheckCapabilityACL(TOMOYO_USE_KERNEL_MODULE)) return -EPERM;
857     + /***** TOMOYO Linux end. *****/
858    
859     /* Only one module load at a time, please */
860     if (mutex_lock_interruptible(&module_mutex) != 0)
861 kumaneko 863 --- linux-2.6.21.orig/kernel/ptrace.c
862     +++ linux-2.6.21/kernel/ptrace.c
863     @@ -21,6 +21,9 @@
864    
865     #include <asm/pgtable.h>
866     #include <asm/uaccess.h>
867     +/***** TOMOYO Linux start. *****/
868     +#include <linux/tomoyo.h>
869     +/***** TOMOYO Linux end. *****/
870    
871     /*
872     * ptrace a task: make the debugger its new parent and
873     @@ -456,6 +459,11 @@ asmlinkage long sys_ptrace(long request,
874     /*
875     * This lock_kernel fixes a subtle race with suid exec
876     */
877     + /***** TOMOYO Linux start. *****/
878     +#ifdef TOMOYO_SYS_PTRACE
879     + if (CheckCapabilityACL(TOMOYO_SYS_PTRACE)) return -EPERM;
880     +#endif
881     + /***** TOMOYO Linux end. *****/
882     lock_kernel();
883     if (request == PTRACE_TRACEME) {
884     ret = ptrace_traceme();
885 kumaneko 862 --- linux-2.6.21.orig/kernel/sched.c
886     +++ linux-2.6.21/kernel/sched.c
887 kumaneko 193 @@ -55,6 +55,9 @@
888     #include <asm/tlb.h>
889    
890     #include <asm/unistd.h>
891     +/***** TOMOYO Linux start. *****/
892     +#include <linux/tomoyo.h>
893     +/***** TOMOYO Linux end. *****/
894    
895     /*
896     * Scheduler clock - returns current time in nanosec units.
897     @@ -3960,6 +3963,9 @@ int can_nice(const struct task_struct *p
898     asmlinkage long sys_nice(int increment)
899     {
900     long nice, retval;
901     + /***** TOMOYO Linux start. *****/
902     + if (CheckCapabilityACL(TOMOYO_SYS_NICE)) return -EPERM;
903     + /***** TOMOYO Linux end. *****/
904    
905     /*
906     * Setpriority might change our priority at the same moment.
907 kumaneko 862 --- linux-2.6.21.orig/kernel/signal.c
908     +++ linux-2.6.21/kernel/signal.c
909 kumaneko 193 @@ -32,6 +32,9 @@
910     #include <asm/unistd.h>
911     #include <asm/siginfo.h>
912     #include "audit.h" /* audit_signal_info() */
913     +/***** TOMOYO Linux start. *****/
914     +#include <linux/tomoyo.h>
915     +/***** TOMOYO Linux end. *****/
916    
917     /*
918     * SLAB caches for signal bits.
919     @@ -2235,6 +2238,10 @@ asmlinkage long
920     sys_kill(int pid, int sig)
921     {
922     struct siginfo info;
923     + /***** TOMOYO Linux start. *****/
924     + if (sig && CheckCapabilityACL(TOMOYO_SYS_KILL) < 0) return -EPERM;
925     + if (sig && CheckSignalACL(sig, pid) < 0) return -EPERM;
926     + /***** TOMOYO Linux end. *****/
927    
928     info.si_signo = sig;
929     info.si_errno = 0;
930     @@ -2293,6 +2300,10 @@ asmlinkage long sys_tgkill(int tgid, int
931     /* This is only valid for single tasks */
932     if (pid <= 0 || tgid <= 0)
933     return -EINVAL;
934     + /***** TOMOYO Linux start. *****/
935     + if (sig && CheckCapabilityACL(TOMOYO_SYS_KILL) < 0) return -EPERM;
936     + if (sig && CheckSignalACL(sig, pid) < 0) return -EPERM;
937     + /***** TOMOYO Linux end. *****/
938    
939     return do_tkill(tgid, pid, sig);
940     }
941     @@ -2306,6 +2317,10 @@ sys_tkill(int pid, int sig)
942     /* This is only valid for single tasks */
943     if (pid <= 0)
944     return -EINVAL;
945     + /***** TOMOYO Linux start. *****/
946     + if (sig && CheckCapabilityACL(TOMOYO_SYS_KILL) < 0) return -EPERM;
947     + if (sig && CheckSignalACL(sig, pid) < 0) return -EPERM;
948     + /***** TOMOYO Linux end. *****/
949    
950     return do_tkill(0, pid, sig);
951     }
952 kumaneko 862 --- linux-2.6.21.orig/kernel/sys.c
953     +++ linux-2.6.21/kernel/sys.c
954 kumaneko 193 @@ -37,6 +37,9 @@
955     #include <asm/uaccess.h>
956     #include <asm/io.h>
957     #include <asm/unistd.h>
958     +/***** TOMOYO Linux start. *****/
959     +#include <linux/tomoyo.h>
960     +/***** TOMOYO Linux end. *****/
961    
962     #ifndef SET_UNALIGN_CTL
963     # define SET_UNALIGN_CTL(a,b) (-EINVAL)
964     @@ -600,6 +603,9 @@ asmlinkage long sys_setpriority(int whic
965    
966     if (which > 2 || which < 0)
967     goto out;
968     + /***** TOMOYO Linux start. *****/
969     + if (CheckCapabilityACL(TOMOYO_SYS_NICE)) return -EPERM;
970     + /***** TOMOYO Linux end. *****/
971    
972     /* normalize: avoid signed division (rounding problems) */
973     error = -ESRCH;
974     @@ -830,6 +836,9 @@ asmlinkage long sys_reboot(int magic1, i
975     magic2 != LINUX_REBOOT_MAGIC2B &&
976     magic2 != LINUX_REBOOT_MAGIC2C))
977     return -EINVAL;
978     + /***** TOMOYO Linux start. *****/
979     + if (CheckCapabilityACL(TOMOYO_SYS_REBOOT)) return -EPERM;
980     + /***** TOMOYO Linux end. *****/
981    
982     /* Instead of trying to make the power_off code look like
983     * halt when pm_power_off is not set do it the easy way.
984     @@ -1806,6 +1815,9 @@ asmlinkage long sys_sethostname(char __u
985     return -EPERM;
986     if (len < 0 || len > __NEW_UTS_LEN)
987     return -EINVAL;
988     + /***** TOMOYO Linux start. *****/
989     + if (CheckCapabilityACL(TOMOYO_SYS_SETHOSTNAME)) return -EPERM;
990     + /***** TOMOYO Linux end. *****/
991     down_write(&uts_sem);
992     errno = -EFAULT;
993     if (!copy_from_user(tmp, name, len)) {
994     @@ -1851,6 +1863,9 @@ asmlinkage long sys_setdomainname(char _
995     return -EPERM;
996     if (len < 0 || len > __NEW_UTS_LEN)
997     return -EINVAL;
998     + /***** TOMOYO Linux start. *****/
999     + if (CheckCapabilityACL(TOMOYO_SYS_SETHOSTNAME)) return -EPERM;
1000     + /***** TOMOYO Linux end. *****/
1001    
1002     down_write(&uts_sem);
1003     errno = -EFAULT;
1004 kumaneko 862 --- linux-2.6.21.orig/kernel/sysctl.c
1005     +++ linux-2.6.21/kernel/sysctl.c
1006 kumaneko 193 @@ -48,6 +48,9 @@
1007    
1008     #include <asm/uaccess.h>
1009     #include <asm/processor.h>
1010     +/***** TOMOYO Linux start. *****/
1011     +#include <linux/tomoyo.h>
1012     +/***** TOMOYO Linux end. *****/
1013    
1014     extern int proc_nr_files(ctl_table *table, int write, struct file *filp,
1015     void __user *buffer, size_t *lenp, loff_t *ppos);
1016     @@ -1088,6 +1091,81 @@ struct ctl_table_header *sysctl_head_nex
1017     }
1018    
1019     #ifdef CONFIG_SYSCTL_SYSCALL
1020     +
1021     +/***** TOMOYO Linux start. *****/
1022     +static int try_parse_table(int __user *name, int nlen, void __user *oldval, void __user *newval, ctl_table *table)
1023     +{
1024     + int n;
1025     + int error = -ENOMEM;
1026     + int op = 0;
1027     + char *buffer = kmalloc(PAGE_SIZE, GFP_KERNEL);
1028     + if (oldval) op |= 004;
1029     + if (newval) op |= 002;
1030     + if (!op) { /* Neither read nor write */
1031     + error = 0;
1032     + goto out;
1033     + }
1034     + if (!buffer) goto out;
1035     + memset(buffer, 0, PAGE_SIZE);
1036     + snprintf(buffer, PAGE_SIZE - 1, "/proc/sys");
1037     + repeat:
1038     + if (!nlen) {
1039     + error = -ENOTDIR;
1040     + goto out;
1041     + }
1042     + if (get_user(n, name)) {
1043     + error = -EFAULT;
1044     + goto out;
1045     + }
1046     + for ( ; table->ctl_name || table->procname; table++) {
1047     + if (n == table->ctl_name && n) {
1048     + int pos = strlen(buffer);
1049     + const char *cp = table->procname;
1050     + error = -ENOMEM;
1051     + if (cp) {
1052     + if (pos + 1 >= PAGE_SIZE - 1) goto out;
1053     + buffer[pos++] = '/';
1054     + while (*cp) {
1055     + const unsigned char c = * (const unsigned char *) cp;
1056     + if (c == '\\') {
1057     + if (pos + 2 >= PAGE_SIZE - 1) goto out;
1058     + buffer[pos++] = '\\';
1059     + buffer[pos++] = '\\';
1060     + } else if (c > ' ' && c < 127) {
1061     + if (pos + 1 >= PAGE_SIZE - 1) goto out;
1062     + buffer[pos++] = c;
1063     + } else {
1064     + if (pos + 4 >= PAGE_SIZE - 1) goto out;
1065     + buffer[pos++] = '\\';
1066     + buffer[pos++] = (c >> 6) + '0';
1067     + buffer[pos++] = ((c >> 3) & 7) + '0';
1068     + buffer[pos++] = (c & 7) + '0';
1069     + }
1070     + cp++;
1071     + }
1072     + } else {
1073     + /* Assume nobody assigns "=\$=" for procname. */
1074     + snprintf(buffer + pos, PAGE_SIZE - pos - 1, "/=%d=", n);
1075     + if (memchr(buffer, '\0', PAGE_SIZE - 2) == NULL) goto out;
1076     + }
1077     + if (table->child) {
1078     + name++;
1079     + nlen--;
1080     + table = table->child;
1081     + goto repeat;
1082     + }
1083     + /* printk("sysctl='%s'\n", buffer); */
1084     + error = CheckFilePerm(buffer, op, "sysctl");
1085     + goto out;
1086     + }
1087     + }
1088     + error = -ENOTDIR;
1089     + out:
1090     + kfree(buffer);
1091     + return error;
1092     +}
1093     +/***** TOMOYO Linux end. *****/
1094     +
1095     int do_sysctl(int __user *name, int nlen, void __user *oldval, size_t __user *oldlenp,
1096     void __user *newval, size_t newlen)
1097     {
1098     @@ -1104,6 +1182,9 @@ int do_sysctl(int __user *name, int nlen
1099    
1100     for (head = sysctl_head_next(NULL); head;
1101     head = sysctl_head_next(head)) {
1102     + /***** TOMOYO Linux start. *****/
1103     + if ((error = try_parse_table(name, nlen, oldval, newval, head->ctl_table)) == 0)
1104     + /***** TOMOYO Linux end. *****/
1105     error = parse_table(name, nlen, oldval, oldlenp,
1106     newval, newlen, head->ctl_table);
1107     if (error != -ENOTDIR) {
1108 kumaneko 862 --- linux-2.6.21.orig/kernel/time.c
1109     +++ linux-2.6.21/kernel/time.c
1110 kumaneko 193 @@ -39,6 +39,9 @@
1111    
1112     #include <asm/uaccess.h>
1113     #include <asm/unistd.h>
1114     +/***** TOMOYO Linux start. *****/
1115     +#include <linux/tomoyo.h>
1116     +/***** TOMOYO Linux end. *****/
1117    
1118     /*
1119     * The timezone where the local system is located. Used as a default by some
1120     @@ -91,6 +94,9 @@ asmlinkage long sys_stime(time_t __user
1121     err = security_settime(&tv, NULL);
1122     if (err)
1123     return err;
1124     + /***** TOMOYO Linux start. *****/
1125     + if (CheckCapabilityACL(TOMOYO_SYS_SETTIME)) return -EPERM;
1126     + /***** TOMOYO Linux end. *****/
1127    
1128     do_settimeofday(&tv);
1129     return 0;
1130     @@ -161,6 +167,9 @@ int do_sys_settimeofday(struct timespec
1131     error = security_settime(tv, tz);
1132     if (error)
1133     return error;
1134     + /***** TOMOYO Linux start. *****/
1135     + if (CheckCapabilityACL(TOMOYO_SYS_SETTIME)) return -EPERM;
1136     + /***** TOMOYO Linux end. *****/
1137    
1138     if (tz) {
1139     /* SMP safe, global irq locking makes it work. */
1140 kumaneko 862 --- linux-2.6.21.orig/kernel/time/ntp.c
1141     +++ linux-2.6.21/kernel/time/ntp.c
1142     @@ -14,6 +14,9 @@
1143    
1144     #include <asm/div64.h>
1145     #include <asm/timex.h>
1146     +/***** TOMOYO Linux start. *****/
1147     +#include <linux/tomoyo.h>
1148     +/***** TOMOYO Linux end. *****/
1149    
1150     /*
1151     * Timekeeping variables
1152     @@ -203,6 +206,9 @@ int do_adjtimex(struct timex *txc)
1153     /* In order to modify anything, you gotta be super-user! */
1154     if (txc->modes && !capable(CAP_SYS_TIME))
1155     return -EPERM;
1156     + /***** TOMOYO Linux start. *****/
1157     + if (txc->modes && CheckCapabilityACL(TOMOYO_SYS_SETTIME)) return -EPERM;
1158     + /***** TOMOYO Linux end. *****/
1159    
1160     /* Now we validate the data before disabling interrupts */
1161    
1162     --- linux-2.6.21.orig/net/core/datagram.c
1163     +++ linux-2.6.21/net/core/datagram.c
1164 kumaneko 352 @@ -56,6 +56,11 @@
1165     #include <net/sock.h>
1166     #include <net/tcp_states.h>
1167    
1168     +/***** TOMOYO Linux start. *****/
1169     +#include <linux/tomoyo.h>
1170     +#include <linux/tomoyo_socket.h>
1171     +/***** TOMOYO Linux end. *****/
1172     +
1173     /*
1174     * Is a socket 'connection oriented' ?
1175     */
1176 kumaneko 448 @@ -178,6 +183,10 @@ struct sk_buff *skb_recv_datagram(struct
1177 kumaneko 352 } else
1178     skb = skb_dequeue(&sk->sk_receive_queue);
1179    
1180 kumaneko 449 + /***** TOMOYO Linux start. *****/
1181     + if ((error = CheckSocketRecvDatagramPermission(sk, skb, flags)) < 0) goto no_packet;
1182     + /***** TOMOYO Linux end. *****/
1183 kumaneko 352 +
1184     if (skb)
1185     return skb;
1186    
1187 kumaneko 862 --- linux-2.6.21.orig/net/ipv4/inet_connection_sock.c
1188     +++ linux-2.6.21/net/ipv4/inet_connection_sock.c
1189 kumaneko 193 @@ -23,6 +23,9 @@
1190     #include <net/route.h>
1191     #include <net/tcp_states.h>
1192     #include <net/xfrm.h>
1193     +/***** SAKURA Linux start. *****/
1194     +#include <linux/sakura.h>
1195     +/***** SAKURA Linux end. *****/
1196    
1197     #ifdef INET_CSK_DEBUG
1198     const char inet_csk_timer_bug_msg[] = "inet_csk BUG: unknown timer value\n";
1199     @@ -87,6 +90,9 @@ int inet_csk_get_port(struct inet_hashin
1200     do {
1201     head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];
1202     spin_lock(&head->lock);
1203     + /***** SAKURA Linux start. *****/
1204     + if (SAKURA_MayAutobind(rover) < 0) goto next;
1205     + /***** SAKURA Linux end. *****/
1206     inet_bind_bucket_for_each(tb, node, &head->chain)
1207     if (tb->port == rover)
1208     goto next;
1209 kumaneko 862 --- linux-2.6.21.orig/net/ipv4/inet_hashtables.c
1210     +++ linux-2.6.21/net/ipv4/inet_hashtables.c
1211 kumaneko 193 @@ -22,6 +22,9 @@
1212     #include <net/inet_connection_sock.h>
1213     #include <net/inet_hashtables.h>
1214     #include <net/ip.h>
1215     +/***** SAKURA Linux start. *****/
1216     +#include <linux/sakura.h>
1217     +/***** SAKURA Linux end. *****/
1218    
1219     /*
1220     * Allocate and initialize a new local port bind bucket.
1221     @@ -292,6 +295,9 @@ int inet_hash_connect(struct inet_timewa
1222     local_bh_disable();
1223     for (i = 1; i <= range; i++) {
1224     port = low + (i + offset) % range;
1225     + /***** SAKURA Linux start. *****/
1226     + if (SAKURA_MayAutobind(port) < 0) continue;
1227     + /***** SAKURA Linux end. *****/
1228     head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1229     spin_lock(&head->lock);
1230    
1231 kumaneko 862 --- linux-2.6.21.orig/net/ipv4/udp.c
1232     +++ linux-2.6.21/net/ipv4/udp.c
1233 kumaneko 193 @@ -102,6 +102,9 @@
1234     #include <net/checksum.h>
1235     #include <net/xfrm.h>
1236     #include "udp_impl.h"
1237     +/***** SAKURA Linux start. *****/
1238     +#include <linux/sakura.h>
1239     +/***** SAKURA Linux end. *****/
1240    
1241     /*
1242     * Snmp MIB for the UDP layer
1243 kumaneko 237 @@ -162,6 +165,9 @@ int __udp_lib_get_port(struct sock *sk,
1244     result = sysctl_local_port_range[0] +
1245     ((result - sysctl_local_port_range[0]) &
1246     (UDP_HTABLE_SIZE - 1));
1247     + /***** SAKURA Linux start. *****/
1248     + if (SAKURA_MayAutobind(result) < 0) continue;
1249     + /***** SAKURA Linux end. *****/
1250     goto gotit;
1251     }
1252     size = 0;
1253 kumaneko 193 @@ -180,6 +186,9 @@ int __udp_lib_get_port(struct sock *sk,
1254     result = sysctl_local_port_range[0]
1255     + ((result - sysctl_local_port_range[0]) &
1256     (UDP_HTABLE_SIZE - 1));
1257     + /***** SAKURA Linux start. *****/
1258     + if (SAKURA_MayAutobind(result) < 0) continue;
1259     + /***** SAKURA Linux end. *****/
1260     if (! __udp_lib_lport_inuse(result, udptable))
1261     break;
1262     }
1263 kumaneko 862 --- linux-2.6.21.orig/net/ipv6/inet6_hashtables.c
1264     +++ linux-2.6.21/net/ipv6/inet6_hashtables.c
1265 kumaneko 193 @@ -21,6 +21,9 @@
1266     #include <net/inet_hashtables.h>
1267     #include <net/inet6_hashtables.h>
1268     #include <net/ip.h>
1269     +/***** SAKURA Linux start. *****/
1270     +#include <linux/sakura.h>
1271     +/***** SAKURA Linux end. *****/
1272    
1273     void __inet6_hash(struct inet_hashinfo *hashinfo,
1274     struct sock *sk)
1275     @@ -266,6 +269,9 @@ int inet6_hash_connect(struct inet_timew
1276     local_bh_disable();
1277     for (i = 1; i <= range; i++) {
1278     port = low + (i + offset) % range;
1279     + /***** SAKURA Linux start. *****/
1280     + if (SAKURA_MayAutobind(port) < 0) continue;
1281     + /***** SAKURA Linux end. *****/
1282     head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1283     spin_lock(&head->lock);
1284    
1285 kumaneko 862 --- linux-2.6.21.orig/net/socket.c
1286     +++ linux-2.6.21/net/socket.c
1287 kumaneko 193 @@ -93,6 +93,11 @@
1288     #include <net/sock.h>
1289     #include <linux/netfilter.h>
1290    
1291     +/***** TOMOYO Linux start. *****/
1292     +#include <linux/tomoyo.h>
1293     +#include <linux/tomoyo_socket.h>
1294     +/***** TOMOYO Linux end. *****/
1295     +
1296     static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
1297     static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov,
1298     unsigned long nr_segs, loff_t pos);
1299     @@ -549,6 +554,9 @@ static inline int __sock_sendmsg(struct
1300     err = security_socket_sendmsg(sock, msg, size);
1301     if (err)
1302     return err;
1303     + /***** TOMOYO Linux start. *****/
1304     + if (CheckSocketSendMsgPermission(sock, (struct sockaddr *) msg->msg_name, msg->msg_namelen)) return -EPERM;
1305 kumaneko 435 + /***** TOMOYO Linux end. *****/
1306 kumaneko 193
1307     return sock->ops->sendmsg(iocb, sock, msg, size);
1308     }
1309 kumaneko 352 @@ -1070,6 +1078,10 @@ static int __sock_create(int family, int
1310 kumaneko 193 family = PF_PACKET;
1311     }
1312    
1313     + /***** TOMOYO Linux start. *****/
1314     + if ((err = CheckSocketCreatePermission(family, type, protocol)) < 0) return err;
1315     + /***** TOMOYO Linux end. *****/
1316     +
1317     err = security_socket_create(family, type, protocol, kern);
1318     if (err)
1319     return err;
1320 kumaneko 352 @@ -1298,6 +1310,9 @@ asmlinkage long sys_bind(int fd, struct
1321 kumaneko 193 err = security_socket_bind(sock,
1322     (struct sockaddr *)address,
1323     addrlen);
1324     + /***** TOMOYO Linux start. *****/
1325     + if (!err) err = CheckSocketBindPermission(sock, (struct sockaddr *) address, addrlen);
1326     + /***** TOMOYO Linux end. *****/
1327     if (!err)
1328     err = sock->ops->bind(sock,
1329     (struct sockaddr *)
1330 kumaneko 352 @@ -1327,6 +1342,9 @@ asmlinkage long sys_listen(int fd, int b
1331 kumaneko 193 backlog = sysctl_somaxconn;
1332    
1333     err = security_socket_listen(sock, backlog);
1334     + /***** TOMOYO Linux start. *****/
1335     + if (!err) err = CheckSocketListenPermission(sock);
1336     + /***** TOMOYO Linux end. *****/
1337     if (!err)
1338     err = sock->ops->listen(sock, backlog);
1339    
1340 kumaneko 352 @@ -1391,6 +1409,12 @@ asmlinkage long sys_accept(int fd, struc
1341 kumaneko 193 if (err < 0)
1342     goto out_fd;
1343    
1344     + /***** TOMOYO Linux start. *****/
1345     + if (CheckSocketAcceptPermission(newsock, (struct sockaddr *) address)) {
1346     + err = -ECONNABORTED; /* Hope less harmful than -EPERM. */
1347     + goto out_fd;
1348     + }
1349     + /***** TOMOYO Linux end. *****/
1350     if (upeer_sockaddr) {
1351     if (newsock->ops->getname(newsock, (struct sockaddr *)address,
1352     &len, 2) < 0) {
1353 kumaneko 352 @@ -1455,6 +1479,10 @@ asmlinkage long sys_connect(int fd, stru
1354 kumaneko 193 security_socket_connect(sock, (struct sockaddr *)address, addrlen);
1355     if (err)
1356     goto out_put;
1357     + /***** TOMOYO Linux start. *****/
1358     + err = CheckSocketConnectPermission(sock, (struct sockaddr *) address, addrlen);
1359     + if (err) goto out_put;
1360     + /***** TOMOYO Linux end. *****/
1361    
1362     err = sock->ops->connect(sock, (struct sockaddr *)address, addrlen,
1363     sock->file->f_flags);
1364 kumaneko 862 --- linux-2.6.21.orig/net/unix/af_unix.c
1365     +++ linux-2.6.21/net/unix/af_unix.c
1366 kumaneko 193 @@ -116,6 +116,9 @@
1367     #include <linux/mount.h>
1368     #include <net/checksum.h>
1369     #include <linux/security.h>
1370     +/***** TOMOYO Linux start. *****/
1371     +#include <linux/tomoyo.h>
1372     +/***** TOMOYO Linux end. *****/
1373    
1374     int sysctl_unix_max_dgram_qlen __read_mostly = 10;
1375    
1376     @@ -765,6 +768,10 @@ static int unix_bind(struct socket *sock
1377     err = unix_autobind(sock);
1378     goto out;
1379     }
1380     + /***** TOMOYO Linux start. *****/
1381     + err = -EPERM;
1382     + if (sunaddr->sun_path[0] && CheckCapabilityACL(TOMOYO_CREATE_UNIX_SOCKET)) goto out;
1383     + /***** TOMOYO Linux end. *****/
1384    
1385     err = unix_mkname(sunaddr, addr_len, &hash);
1386     if (err < 0)
1387     @@ -808,6 +815,9 @@ static int unix_bind(struct socket *sock
1388     */
1389     mode = S_IFSOCK |
1390     (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
1391     + /***** TOMOYO Linux start. *****/
1392     + if ((err = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode)) == 0 && (err = CheckSingleWritePermission(TYPE_MKSOCK_ACL, dentry, nd.mnt)) == 0)
1393     + /***** TOMOYO Linux end. *****/
1394     err = vfs_mknod(nd.dentry->d_inode, dentry, mode, 0);
1395     if (err)
1396     goto out_mknod_dput;
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ