オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.7.x/ccs-patch/patches/ccs-patch-2.6.15-ubuntu-6.06.diff

Annotation of /trunk/1.7.x/ccs-patch/patches/ccs-patch-2.6.15-ubuntu-6.06.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1498 - (hide annotations) (download) (as text)
Fri Aug 29 12:08:57 2008 UTC (15 years, 9 months ago) by kumaneko
Original Path: trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.15-ubuntu-6.06.diff
File MIME type: text/x-diff
File size: 51365 byte(s) 
1.5.5-rc/1.6.4-rc
1 kumaneko 1498 This is TOMOYO Linux patch for Ubuntu 6.06.
2    
3     Source code for this patch is "apt-get install linux-source-2.6.15"
4     ---
5     arch/alpha/kernel/ptrace.c | 9 +++
6     arch/ia64/ia32/sys_ia32.c | 9 +++
7     arch/ia64/kernel/ptrace.c | 9 +++
8     arch/m32r/kernel/ptrace.c | 9 +++
9     arch/mips/kernel/ptrace32.c | 9 +++
10     arch/powerpc/kernel/ptrace32.c | 9 +++
11     arch/s390/kernel/ptrace.c | 9 +++
12     arch/sh64/kernel/ptrace.c | 9 +++
13     arch/sparc/kernel/ptrace.c | 11 +++
14     arch/sparc64/kernel/ptrace.c | 11 +++
15     arch/x86_64/ia32/ptrace32.c | 9 +++
16     fs/Kconfig | 2
17     fs/Makefile | 2
18     fs/attr.c | 19 ++++++
19     fs/compat.c | 11 +++
20     fs/exec.c | 21 ++++++-
21     fs/fcntl.c | 8 ++
22     fs/ioctl.c | 7 ++
23     fs/namei.c | 118 ++++++++++++++++++++++++++++++++++++++++
24     fs/namespace.c | 50 ++++++++++++++++
25     fs/open.c | 29 +++++++++
26     fs/proc/Makefile | 3 +
27     fs/proc/proc_misc.c | 5 +
28     include/linux/init_task.h | 4 +
29     include/linux/sched.h | 9 +++
30     kernel/compat.c | 7 ++
31     kernel/kexec.c | 7 ++
32     kernel/kmod.c | 5 +
33     kernel/module.c | 13 +++-
34     kernel/ptrace.c | 9 +++
35     kernel/sched.c | 7 ++
36     kernel/signal.c | 21 +++++++
37     kernel/sys.c | 21 +++++++
38     kernel/sysctl.c | 111 +++++++++++++++++++++++++++++++++++++
39     kernel/time.c | 15 +++++
40     net/core/datagram.c | 11 +++
41     net/ipv4/inet_connection_sock.c | 7 ++
42     net/ipv4/tcp_ipv4.c | 7 ++
43     net/ipv4/udp.c | 11 +++
44     net/ipv6/tcp_ipv6.c | 11 +++
45     net/ipv6/udp.c | 11 +++
46     net/socket.c | 43 +++++++++++++-
47     net/unix/af_unix.c | 15 +++++
48     43 files changed, 714 insertions(+), 9 deletions(-)
49    
50     --- linux-2.6.15-52.71.orig/arch/alpha/kernel/ptrace.c
51     +++ linux-2.6.15-52.71/arch/alpha/kernel/ptrace.c
52     @@ -20,6 +20,9 @@
53     #include <asm/pgtable.h>
54     #include <asm/system.h>
55     #include <asm/fpu.h>
56     +/***** TOMOYO Linux start. *****/
57     +#include <linux/tomoyo.h>
58     +/***** TOMOYO Linux end. *****/
59    
60     #include "proto.h"
61    
62     @@ -261,6 +264,12 @@ do_sys_ptrace(long request, long pid, lo
63     unsigned long tmp;
64     size_t copied;
65     long ret;
66     + /***** TOMOYO Linux start. *****/
67     +#ifdef TOMOYO_SYS_PTRACE
68     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
69     + return -EPERM;
70     +#endif
71     + /***** TOMOYO Linux end. *****/
72    
73     lock_kernel();
74     DBG(DBG_MEM, ("request=%ld pid=%ld addr=0x%lx data=0x%lx\n",
75     --- linux-2.6.15-52.71.orig/arch/ia64/ia32/sys_ia32.c
76     +++ linux-2.6.15-52.71/arch/ia64/ia32/sys_ia32.c
77     @@ -57,6 +57,9 @@
78     #include <asm/types.h>
79     #include <asm/uaccess.h>
80     #include <asm/unistd.h>
81     +/***** TOMOYO Linux start. *****/
82     +#include <linux/tomoyo.h>
83     +/***** TOMOYO Linux end. *****/
84    
85     #include "ia32priv.h"
86    
87     @@ -1758,6 +1761,12 @@ sys32_ptrace (int request, pid_t pid, un
88     struct task_struct *child;
89     unsigned int value, tmp;
90     long i, ret;
91     + /***** TOMOYO Linux start. *****/
92     +#ifdef TOMOYO_SYS_PTRACE
93     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
94     + return -EPERM;
95     +#endif
96     + /***** TOMOYO Linux end. *****/
97    
98     lock_kernel();
99     if (request == PTRACE_TRACEME) {
100     --- linux-2.6.15-52.71.orig/arch/ia64/kernel/ptrace.c
101     +++ linux-2.6.15-52.71/arch/ia64/kernel/ptrace.c
102     @@ -29,6 +29,9 @@
103     #ifdef CONFIG_PERFMON
104     #include <asm/perfmon.h>
105     #endif
106     +/***** TOMOYO Linux start. *****/
107     +#include <linux/tomoyo.h>
108     +/***** TOMOYO Linux end. *****/
109    
110     #include "entry.h"
111    
112     @@ -1418,6 +1421,12 @@ sys_ptrace (long request, pid_t pid, uns
113     struct task_struct *child;
114     struct switch_stack *sw;
115     long ret;
116     + /***** TOMOYO Linux start. *****/
117     +#ifdef TOMOYO_SYS_PTRACE
118     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
119     + return -EPERM;
120     +#endif
121     + /***** TOMOYO Linux end. *****/
122    
123     lock_kernel();
124     ret = -EPERM;
125     --- linux-2.6.15-52.71.orig/arch/m32r/kernel/ptrace.c
126     +++ linux-2.6.15-52.71/arch/m32r/kernel/ptrace.c
127     @@ -33,6 +33,9 @@
128     #include <asm/system.h>
129     #include <asm/processor.h>
130     #include <asm/mmu_context.h>
131     +/***** TOMOYO Linux start. *****/
132     +#include <linux/tomoyo.h>
133     +/***** TOMOYO Linux end. *****/
134    
135     /*
136     * Get the address of the live pt_regs for the specified task.
137     @@ -760,6 +763,12 @@ asmlinkage long sys_ptrace(long request,
138     {
139     struct task_struct *child;
140     int ret;
141     + /***** TOMOYO Linux start. *****/
142     +#ifdef TOMOYO_SYS_PTRACE
143     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
144     + return -EPERM;
145     +#endif
146     + /***** TOMOYO Linux end. *****/
147    
148     lock_kernel();
149     ret = -EPERM;
150     --- linux-2.6.15-52.71.orig/arch/mips/kernel/ptrace32.c
151     +++ linux-2.6.15-52.71/arch/mips/kernel/ptrace32.c
152     @@ -35,6 +35,9 @@
153     #include <asm/system.h>
154     #include <asm/uaccess.h>
155     #include <asm/bootinfo.h>
156     +/***** TOMOYO Linux start. *****/
157     +#include <linux/tomoyo.h>
158     +/***** TOMOYO Linux end. *****/
159    
160     int ptrace_getregs (struct task_struct *child, __s64 __user *data);
161     int ptrace_setregs (struct task_struct *child, __s64 __user *data);
162     @@ -50,6 +53,12 @@ asmlinkage int sys32_ptrace(int request,
163     {
164     struct task_struct *child;
165     int ret;
166     + /***** TOMOYO Linux start. *****/
167     +#ifdef TOMOYO_SYS_PTRACE
168     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
169     + return -EPERM;
170     +#endif
171     + /***** TOMOYO Linux end. *****/
172    
173     #if 0
174     printk("ptrace(r=%d,pid=%d,addr=%08lx,data=%08lx)\n",
175     --- linux-2.6.15-52.71.orig/arch/powerpc/kernel/ptrace32.c
176     +++ linux-2.6.15-52.71/arch/powerpc/kernel/ptrace32.c
177     @@ -33,6 +33,9 @@
178     #include <asm/page.h>
179     #include <asm/pgtable.h>
180     #include <asm/system.h>
181     +/***** TOMOYO Linux start. *****/
182     +#include <linux/tomoyo.h>
183     +/***** TOMOYO Linux end. *****/
184    
185     #include "ptrace-common.h"
186    
187     @@ -46,6 +49,12 @@ long compat_sys_ptrace(int request, int
188     {
189     struct task_struct *child;
190     int ret = -EPERM;
191     + /***** TOMOYO Linux start. *****/
192     +#ifdef TOMOYO_SYS_PTRACE
193     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
194     + return -EPERM;
195     +#endif
196     + /***** TOMOYO Linux end. *****/
197    
198     lock_kernel();
199     if (request == PTRACE_TRACEME) {
200     --- linux-2.6.15-52.71.orig/arch/s390/kernel/ptrace.c
201     +++ linux-2.6.15-52.71/arch/s390/kernel/ptrace.c
202     @@ -41,6 +41,9 @@
203     #include <asm/system.h>
204     #include <asm/uaccess.h>
205     #include <asm/unistd.h>
206     +/***** TOMOYO Linux start. *****/
207     +#include <linux/tomoyo.h>
208     +/***** TOMOYO Linux end. *****/
209    
210     #ifdef CONFIG_S390_SUPPORT
211     #include "compat_ptrace.h"
212     @@ -711,6 +714,12 @@ sys_ptrace(long request, long pid, long
213     struct task_struct *child;
214     int ret;
215    
216     + /***** TOMOYO Linux start. *****/
217     +#ifdef TOMOYO_SYS_PTRACE
218     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
219     + return -EPERM;
220     +#endif
221     + /***** TOMOYO Linux end. *****/
222     lock_kernel();
223    
224     if (request == PTRACE_TRACEME) {
225     --- linux-2.6.15-52.71.orig/arch/sh64/kernel/ptrace.c
226     +++ linux-2.6.15-52.71/arch/sh64/kernel/ptrace.c
227     @@ -36,6 +36,9 @@
228     #include <asm/system.h>
229     #include <asm/processor.h>
230     #include <asm/mmu_context.h>
231     +/***** TOMOYO Linux start. *****/
232     +#include <linux/tomoyo.h>
233     +/***** TOMOYO Linux end. *****/
234    
235     /* This mask defines the bits of the SR which the user is not allowed to
236     change, which are everything except S, Q, M, PR, SZ, FR. */
237     @@ -272,6 +275,12 @@ asmlinkage int sh64_ptrace(long request,
238     extern void poke_real_address_q(unsigned long long addr, unsigned long long data);
239     #define WPC_DBRMODE 0x0d104008
240     static int first_call = 1;
241     + /***** TOMOYO Linux start. *****/
242     +#ifdef TOMOYO_SYS_PTRACE
243     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
244     + return -EPERM;
245     +#endif
246     + /***** TOMOYO Linux end. *****/
247    
248     lock_kernel();
249     if (first_call) {
250     --- linux-2.6.15-52.71.orig/arch/sparc/kernel/ptrace.c
251     +++ linux-2.6.15-52.71/arch/sparc/kernel/ptrace.c
252     @@ -23,6 +23,9 @@
253     #include <asm/pgtable.h>
254     #include <asm/system.h>
255     #include <asm/uaccess.h>
256     +/***** TOMOYO Linux start. *****/
257     +#include <linux/tomoyo.h>
258     +/***** TOMOYO Linux end. *****/
259    
260     #define MAGIC_CONSTANT 0x80000000
261    
262     @@ -267,6 +270,14 @@ asmlinkage void do_ptrace(struct pt_regs
263     unsigned long addr2 = regs->u_regs[UREG_I4];
264     struct task_struct *child;
265     int ret;
266     + /***** TOMOYO Linux start. *****/
267     +#ifdef TOMOYO_SYS_PTRACE
268     + if (!ccs_capable(TOMOYO_SYS_PTRACE)) {
269     + pt_error_return(regs, EPERM);
270     + return;
271     + }
272     +#endif
273     + /***** TOMOYO Linux end. *****/
274    
275     lock_kernel();
276     #ifdef DEBUG_PTRACE
277     --- linux-2.6.15-52.71.orig/arch/sparc64/kernel/ptrace.c
278     +++ linux-2.6.15-52.71/arch/sparc64/kernel/ptrace.c
279     @@ -32,6 +32,9 @@
280     #include <asm/spitfire.h>
281     #include <asm/page.h>
282     #include <asm/cpudata.h>
283     +/***** TOMOYO Linux start. *****/
284     +#include <linux/tomoyo.h>
285     +/***** TOMOYO Linux end. *****/
286    
287     /* Returning from ptrace is a bit tricky because the syscall return
288     * low level code assumes any value returned which is negative and
289     @@ -176,6 +179,14 @@ asmlinkage void do_ptrace(struct pt_regs
290     unsigned long addr2 = regs->u_regs[UREG_I4];
291     struct task_struct *child;
292     int ret;
293     + /***** TOMOYO Linux start. *****/
294     +#ifdef TOMOYO_SYS_PTRACE
295     + if (!ccs_capable(TOMOYO_SYS_PTRACE)) {
296     + pt_error_return(regs, EPERM);
297     + return;
298     + }
299     +#endif
300     + /***** TOMOYO Linux end. *****/
301    
302     if (test_thread_flag(TIF_32BIT)) {
303     addr &= 0xffffffffUL;
304     --- linux-2.6.15-52.71.orig/arch/x86_64/ia32/ptrace32.c
305     +++ linux-2.6.15-52.71/arch/x86_64/ia32/ptrace32.c
306     @@ -27,6 +27,9 @@
307     #include <asm/debugreg.h>
308     #include <asm/i387.h>
309     #include <asm/fpu32.h>
310     +/***** TOMOYO Linux start. *****/
311     +#include <linux/tomoyo.h>
312     +/***** TOMOYO Linux end. *****/
313    
314     /* determines which flags the user has access to. */
315     /* 1 = access 0 = no access */
316     @@ -233,6 +236,12 @@ asmlinkage long sys32_ptrace(long reques
317     void __user *datap = compat_ptr(data);
318     int ret;
319     __u32 val;
320     + /***** TOMOYO Linux start. *****/
321     +#ifdef TOMOYO_SYS_PTRACE
322     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
323     + return -EPERM;
324     +#endif
325     + /***** TOMOYO Linux end. *****/
326    
327     switch (request) {
328     default:
329     --- linux-2.6.15-52.71.orig/fs/Kconfig
330     +++ linux-2.6.15-52.71/fs/Kconfig
331     @@ -1910,5 +1910,7 @@ endmenu
332    
333     source "fs/nls/Kconfig"
334    
335     +source "fs/Kconfig.ccs"
336     +
337     endmenu
338    
339     --- linux-2.6.15-52.71.orig/fs/Makefile
340     +++ linux-2.6.15-52.71/fs/Makefile
341     @@ -108,3 +108,5 @@ obj-$(CONFIG_CONFIGFS_FS) += configfs/
342     obj-$(CONFIG_OCFS2_FS) += ocfs2/
343     obj-$(CONFIG_UNION_FS) += unionfs/
344     obj-$(CONFIG_DAZUKO) += dazuko/
345     +
346     +include $(srctree)/fs/Makefile-2.6.ccs
347     --- linux-2.6.15-52.71.orig/fs/attr.c
348     +++ linux-2.6.15-52.71/fs/attr.c
349     @@ -15,6 +15,9 @@
350     #include <linux/quotaops.h>
351     #include <linux/security.h>
352     #include <linux/time.h>
353     +/***** TOMOYO Linux start. *****/
354     +#include <linux/tomoyo.h>
355     +/***** TOMOYO Linux end. *****/
356    
357     /* Taken over from the old code... */
358    
359     @@ -153,12 +156,28 @@ int notify_change(struct dentry * dentry
360    
361     if (inode->i_op && inode->i_op->setattr) {
362     error = security_inode_setattr(dentry, attr);
363     + /***** TOMOYO Linux start. *****/
364     + if (!error && (ia_valid & ATTR_MODE) &&
365     + !ccs_capable(TOMOYO_SYS_CHMOD))
366     + error = -EPERM;
367     + if (!error && (ia_valid & (ATTR_UID | ATTR_GID)) &&
368     + !ccs_capable(TOMOYO_SYS_CHOWN))
369     + error = -EPERM;
370     + /***** TOMOYO Linux end. *****/
371     if (!error)
372     error = inode->i_op->setattr(dentry, attr);
373     } else {
374     error = inode_change_ok(inode, attr);
375     if (!error)
376     error = security_inode_setattr(dentry, attr);
377     + /***** TOMOYO Linux start. *****/
378     + if (!error && (ia_valid & ATTR_MODE) &&
379     + !ccs_capable(TOMOYO_SYS_CHMOD))
380     + error = -EPERM;
381     + if (!error && (ia_valid & (ATTR_UID | ATTR_GID)) &&
382     + !ccs_capable(TOMOYO_SYS_CHOWN))
383     + error = -EPERM;
384     + /***** TOMOYO Linux end. *****/
385     if (!error) {
386     if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
387     (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid))
388     --- linux-2.6.15-52.71.orig/fs/compat.c
389     +++ linux-2.6.15-52.71/fs/compat.c
390     @@ -52,6 +52,9 @@
391     #include <asm/uaccess.h>
392     #include <asm/mmu_context.h>
393     #include <asm/ioctls.h>
394     +/***** TOMOYO Linux start. *****/
395     +#include <linux/tomoyo.h>
396     +/***** TOMOYO Linux end. *****/
397    
398     /*
399     * Not all architectures have sys_utime, so implement this in terms
400     @@ -377,6 +380,12 @@ asmlinkage long compat_sys_ioctl(unsigne
401     /*FALL THROUGH*/
402    
403     default:
404     + /***** TOMOYO Linux start. *****/
405     + if (!ccs_capable(TOMOYO_SYS_IOCTL)) {
406     + error = -EPERM;
407     + goto out_fput;
408     + }
409     + /***** TOMOYO Linux end. *****/
410     if (filp->f_op && filp->f_op->compat_ioctl) {
411     error = filp->f_op->compat_ioctl(filp, cmd, arg);
412     if (error != -ENOIOCTLCMD)
413     @@ -1480,7 +1489,7 @@ int compat_do_execve(char * filename,
414     if (retval < 0)
415     goto out;
416    
417     - retval = search_binary_handler(bprm, regs);
418     + retval = search_binary_handler_with_transition(bprm, regs);
419     if (retval >= 0) {
420     free_arg_pages(bprm);
421    
422     --- linux-2.6.15-52.71.orig/fs/exec.c
423     +++ linux-2.6.15-52.71/fs/exec.c
424     @@ -57,6 +57,10 @@
425     #include <linux/kmod.h>
426     #endif
427    
428     +/***** TOMOYO Linux start. *****/
429     +#include <linux/tomoyo.h>
430     +/***** TOMOYO Linux end. *****/
431     +
432     int core_uses_pid;
433     char core_pattern[65] = "core";
434     int suid_dumpable = 0;
435     @@ -139,6 +143,13 @@ asmlinkage long sys_uselib(const char __
436     if (error)
437     goto exit;
438    
439     + /***** TOMOYO Linux start. *****/
440     + /* 01 means "read". */
441     + error = ccs_check_open_permission(nd.dentry, nd.mnt, 01);
442     + if (error)
443     + goto exit;
444     + /***** TOMOYO Linux end. *****/
445     +
446     file = nameidata_to_filp(&nd, O_RDONLY);
447     error = PTR_ERR(file);
448     if (IS_ERR(file))
449     @@ -488,6 +499,13 @@ struct file *open_exec(const char *name)
450     int err = vfs_permission(&nd, MAY_EXEC);
451     if (!err && !(inode->i_mode & 0111))
452     err = -EACCES;
453     + /***** TOMOYO Linux start. *****/
454     + if (!err && (current->tomoyo_flags &
455     + TOMOYO_CHECK_READ_FOR_OPEN_EXEC))
456     + /* 01 means "read". */
457     + err = ccs_check_open_permission(nd.dentry,
458     + nd.mnt, 01);
459     + /***** TOMOYO Linux end. *****/
460     file = ERR_PTR(err);
461     if (!err) {
462     file = nameidata_to_filp(&nd, O_RDONLY);
463     @@ -1197,7 +1215,8 @@ int do_execve(char * filename,
464     if (retval < 0)
465     goto out;
466    
467     - retval = search_binary_handler(bprm,regs);
468     + retval = search_binary_handler_with_transition(bprm, regs);
469     +
470     if (retval >= 0) {
471     free_arg_pages(bprm);
472    
473     --- linux-2.6.15-52.71.orig/fs/fcntl.c
474     +++ linux-2.6.15-52.71/fs/fcntl.c
475     @@ -21,6 +21,9 @@
476     #include <asm/poll.h>
477     #include <asm/siginfo.h>
478     #include <asm/uaccess.h>
479     +/***** TOMOYO Linux start. *****/
480     +#include <linux/tomoyo.h>
481     +/***** TOMOYO Linux end. *****/
482    
483     void fastcall set_close_on_exec(unsigned int fd, int flag)
484     {
485     @@ -211,6 +214,11 @@ static int setfl(int fd, struct file * f
486     if (!(arg & O_APPEND) && IS_APPEND(inode))
487     return -EPERM;
488    
489     + /***** TOMOYO Linux start. *****/
490     + if (!(arg & O_APPEND) && ccs_check_rewrite_permission(filp))
491     + return -EPERM;
492     + /***** TOMOYO Linux end. *****/
493     +
494     /* O_NOATIME can only be set by the owner or superuser */
495     if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
496     if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
497     --- linux-2.6.15-52.71.orig/fs/ioctl.c
498     +++ linux-2.6.15-52.71/fs/ioctl.c
499     @@ -15,6 +15,9 @@
500    
501     #include <asm/uaccess.h>
502     #include <asm/ioctls.h>
503     +/***** TOMOYO Linux start. *****/
504     +#include <linux/tomoyo.h>
505     +/***** TOMOYO Linux end. *****/
506    
507     static long do_ioctl(struct file *filp, unsigned int cmd,
508     unsigned long arg)
509     @@ -23,6 +26,10 @@ static long do_ioctl(struct file *filp,
510    
511     if (!filp->f_op)
512     goto out;
513     + /***** TOMOYO Linux start. *****/
514     + if (!ccs_capable(TOMOYO_SYS_IOCTL))
515     + return -EPERM;
516     + /***** TOMOYO Linux end. *****/
517    
518     if (filp->f_op->unlocked_ioctl) {
519     error = filp->f_op->unlocked_ioctl(filp, cmd, arg);
520     --- linux-2.6.15-52.71.orig/fs/namei.c
521     +++ linux-2.6.15-52.71/fs/namei.c
522     @@ -34,6 +34,10 @@
523    
524     #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
525    
526     +/***** TOMOYO Linux start. *****/
527     +#include <linux/tomoyo.h>
528     +/***** TOMOYO Linux end. *****/
529     +
530     /* [Feb-1997 T. Schoebel-Theuer]
531     * Fundamental changes in the pathname lookup mechanisms (namei)
532     * were necessary because of omirr. The reason is that omirr needs
533     @@ -1433,6 +1437,13 @@ int vfs_create(struct inode *dir, struct
534     error = security_inode_create(dir, dentry, mode);
535     if (error)
536     return error;
537     + /***** TOMOYO Linux start. *****/
538     + if (nd) {
539     + error = ccs_check_1path_perm(TYPE_CREATE_ACL, dentry, nd->mnt);
540     + if (error)
541     + return error;
542     + }
543     + /***** TOMOYO Linux end. *****/
544     DQUOT_INIT(dir);
545     error = dir->i_op->create(dir, dentry, mode, nd);
546     if (!error)
547     @@ -1488,6 +1499,13 @@ int may_open(struct nameidata *nd, int a
548     if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
549     return -EPERM;
550    
551     + /***** TOMOYO Linux start. *****/
552     + /* includes O_APPEND and O_TRUNC checks */
553     + error = ccs_check_open_permission(dentry, nd->mnt, flag);
554     + if (error)
555     + return error;
556     + /***** TOMOYO Linux end. *****/
557     +
558     /*
559     * Ensure there are no outstanding leases on the file.
560     */
561     @@ -1519,6 +1537,9 @@ int may_open(struct nameidata *nd, int a
562     return 0;
563     }
564    
565     +/***** TOMOYO Linux start. *****/
566     +#include <linux/tomoyo_vfs.h>
567     +/***** TOMOYO Linux end. *****/
568     /*
569     * open_namei()
570     *
571     @@ -1768,6 +1789,16 @@ asmlinkage long sys_mknod(const char __u
572    
573     if (S_ISDIR(mode))
574     return -EPERM;
575     + /***** TOMOYO Linux start. *****/
576     + if (S_ISCHR(mode) && !ccs_capable(TOMOYO_CREATE_CHAR_DEV))
577     + return -EPERM;
578     + if (S_ISBLK(mode) && !ccs_capable(TOMOYO_CREATE_BLOCK_DEV))
579     + return -EPERM;
580     + if (S_ISFIFO(mode) && !ccs_capable(TOMOYO_CREATE_FIFO))
581     + return -EPERM;
582     + if (S_ISSOCK(mode) && !ccs_capable(TOMOYO_CREATE_UNIX_SOCKET))
583     + return -EPERM;
584     + /***** TOMOYO Linux end. *****/
585     tmp = getname(filename);
586     if (IS_ERR(tmp))
587     return PTR_ERR(tmp);
588     @@ -1786,10 +1817,32 @@ asmlinkage long sys_mknod(const char __u
589     error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd);
590     break;
591     case S_IFCHR: case S_IFBLK:
592     + /***** TOMOYO Linux start. *****/
593     + error = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode);
594     + if (error)
595     + break;
596     + error = ccs_check_1path_perm(S_ISCHR(mode) ?
597     + TYPE_MKCHAR_ACL :
598     + TYPE_MKBLOCK_ACL,
599     + dentry, nd.mnt);
600     + if (error)
601     + break;
602     + /***** TOMOYO Linux end. *****/
603     error = vfs_mknod(nd.dentry->d_inode,dentry,mode,
604     new_decode_dev(dev));
605     break;
606     case S_IFIFO: case S_IFSOCK:
607     + /***** TOMOYO Linux start. *****/
608     + error = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode);
609     + if (error)
610     + break;
611     + error = ccs_check_1path_perm(S_ISFIFO(mode) ?
612     + TYPE_MKFIFO_ACL :
613     + TYPE_MKSOCK_ACL,
614     + dentry, nd.mnt);
615     + if (error)
616     + break;
617     + /***** TOMOYO Linux end. *****/
618     error = vfs_mknod(nd.dentry->d_inode,dentry,mode,0);
619     break;
620     case S_IFDIR:
621     @@ -1849,6 +1902,13 @@ asmlinkage long sys_mkdir(const char __u
622     if (!IS_ERR(dentry)) {
623     if (!IS_POSIXACL(nd.dentry->d_inode))
624     mode &= ~current->fs->umask;
625     + /***** TOMOYO Linux start. *****/
626     + error = pre_vfs_mkdir(nd.dentry->d_inode, dentry);
627     + if (!error)
628     + error = ccs_check_1path_perm(TYPE_MKDIR_ACL,
629     + dentry, nd.mnt);
630     + if (!error)
631     + /***** TOMOYO Linux end. *****/
632     error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
633     dput(dentry);
634     }
635     @@ -1952,6 +2012,13 @@ asmlinkage long sys_rmdir(const char __u
636     dentry = lookup_hash(&nd);
637     error = PTR_ERR(dentry);
638     if (!IS_ERR(dentry)) {
639     + /***** TOMOYO Linux start. *****/
640     + error = pre_vfs_rmdir(nd.dentry->d_inode, dentry);
641     + if (!error)
642     + error = ccs_check_1path_perm(TYPE_RMDIR_ACL, dentry,
643     + nd.mnt);
644     + if (!error)
645     + /***** TOMOYO Linux end. *****/
646     error = vfs_rmdir(nd.dentry->d_inode, dentry);
647     dput(dentry);
648     }
649     @@ -2006,6 +2073,10 @@ asmlinkage long sys_unlink(const char __
650     struct dentry *dentry;
651     struct nameidata nd;
652     struct inode *inode = NULL;
653     + /***** TOMOYO Linux start. *****/
654     + if (!ccs_capable(TOMOYO_SYS_UNLINK))
655     + return -EPERM;
656     + /***** TOMOYO Linux end. *****/
657    
658     name = getname(pathname);
659     if(IS_ERR(name))
660     @@ -2027,6 +2098,14 @@ asmlinkage long sys_unlink(const char __
661     inode = dentry->d_inode;
662     if (inode)
663     atomic_inc(&inode->i_count);
664     + /***** TOMOYO Linux start. *****/
665     + error = pre_vfs_unlink(nd.dentry->d_inode, dentry);
666     + if (error)
667     + goto exit2;
668     + error = ccs_check_1path_perm(TYPE_UNLINK_ACL, dentry, nd.mnt);
669     + if (error)
670     + goto exit2;
671     + /***** TOMOYO Linux end. *****/
672     error = vfs_unlink(nd.dentry->d_inode, dentry);
673     exit2:
674     dput(dentry);
675     @@ -2072,6 +2151,10 @@ asmlinkage long sys_symlink(const char _
676     int error = 0;
677     char * from;
678     char * to;
679     + /***** TOMOYO Linux start. *****/
680     + if (!ccs_capable(TOMOYO_SYS_SYMLINK))
681     + return -EPERM;
682     + /***** TOMOYO Linux end. *****/
683    
684     from = getname(oldname);
685     if(IS_ERR(from))
686     @@ -2088,6 +2171,13 @@ asmlinkage long sys_symlink(const char _
687     dentry = lookup_create(&nd, 0);
688     error = PTR_ERR(dentry);
689     if (!IS_ERR(dentry)) {
690     + /***** TOMOYO Linux start. *****/
691     + error = pre_vfs_symlink(nd.dentry->d_inode, dentry);
692     + if (!error)
693     + error = ccs_check_1path_perm(TYPE_SYMLINK_ACL,
694     + dentry, nd.mnt);
695     + if (!error)
696     + /***** TOMOYO Linux end. *****/
697     error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
698     dput(dentry);
699     }
700     @@ -2153,6 +2243,10 @@ asmlinkage long sys_link(const char __us
701     struct nameidata nd, old_nd;
702     int error;
703     char * to;
704     + /***** TOMOYO Linux start. *****/
705     + if (!ccs_capable(TOMOYO_SYS_LINK))
706     + return -EPERM;
707     + /***** TOMOYO Linux end. *****/
708    
709     to = getname(newname);
710     if (IS_ERR(to))
711     @@ -2170,6 +2264,15 @@ asmlinkage long sys_link(const char __us
712     new_dentry = lookup_create(&nd, 0);
713     error = PTR_ERR(new_dentry);
714     if (!IS_ERR(new_dentry)) {
715     + /***** TOMOYO Linux start. *****/
716     + error = pre_vfs_link(old_nd.dentry, nd.dentry->d_inode,
717     + new_dentry);
718     + if (!error)
719     + error = ccs_check_2path_perm(TYPE_LINK_ACL,
720     + old_nd.dentry, old_nd.mnt,
721     + new_dentry, nd.mnt);
722     + if (!error)
723     + /***** TOMOYO Linux end. *****/
724     error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
725     dput(new_dentry);
726     }
727     @@ -2390,6 +2493,17 @@ static inline int do_rename(const char *
728     if (new_dentry == trap)
729     goto exit5;
730    
731     + /***** TOMOYO Linux start. *****/
732     + error = pre_vfs_rename(old_dir->d_inode, old_dentry,
733     + new_dir->d_inode, new_dentry);
734     + if (error)
735     + goto exit5;
736     + error = ccs_check_2path_perm(TYPE_RENAME_ACL, old_dentry, oldnd.mnt,
737     + new_dentry, newnd.mnt);
738     + if (error)
739     + goto exit5;
740     + /***** TOMOYO Linux end. *****/
741     +
742     error = vfs_rename(old_dir->d_inode, old_dentry,
743     new_dir->d_inode, new_dentry);
744     exit5:
745     @@ -2411,6 +2525,10 @@ asmlinkage long sys_rename(const char __
746     int error;
747     char * from;
748     char * to;
749     + /***** TOMOYO Linux start. *****/
750     + if (!ccs_capable(TOMOYO_SYS_RENAME))
751     + return -EPERM;
752     + /***** TOMOYO Linux end. *****/
753    
754     from = getname(oldname);
755     if(IS_ERR(from))
756     --- linux-2.6.15-52.71.orig/fs/namespace.c
757     +++ linux-2.6.15-52.71/fs/namespace.c
758     @@ -25,6 +25,12 @@
759     #include <asm/uaccess.h>
760     #include <asm/unistd.h>
761     #include "pnode.h"
762     +/***** SAKURA Linux start. *****/
763     +#include <linux/sakura.h>
764     +/***** SAKURA Linux end. *****/
765     +/***** TOMOYO Linux start. *****/
766     +#include <linux/tomoyo.h>
767     +/***** TOMOYO Linux end. *****/
768    
769     extern int __init init_rootfs(void);
770    
771     @@ -504,6 +510,11 @@ static int do_umount(struct vfsmount *mn
772     if (retval)
773     return retval;
774    
775     + /***** SAKURA Linux start. *****/
776     + if (ccs_may_umount(mnt))
777     + return -EPERM;
778     + /***** SAKURA Linux end. *****/
779     +
780     /*
781     * Allow userspace to request a mountpoint be expired rather than
782     * unmounting unconditionally. Unmount only happens if:
783     @@ -592,6 +603,10 @@ asmlinkage long sys_umount(char __user *
784     {
785     struct nameidata nd;
786     int retval;
787     + /***** TOMOYO Linux start. *****/
788     + if (!ccs_capable(TOMOYO_SYS_UMOUNT))
789     + return -EPERM;
790     + /***** TOMOYO Linux end. *****/
791    
792     retval = __user_walk(name, LOOKUP_FOLLOW, &nd);
793     if (retval)
794     @@ -879,6 +894,11 @@ static int do_loopback(struct nameidata
795    
796     if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
797     goto out;
798     + /***** SAKURA Linux start. *****/
799     + err = -EPERM;
800     + if (ccs_may_mount(nd))
801     + goto out;
802     + /***** SAKURA Linux end. *****/
803    
804     err = -ENOMEM;
805     if (recurse)
806     @@ -963,7 +983,11 @@ static int do_move_mount(struct nameidat
807     err = -EINVAL;
808     if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
809     goto out;
810     -
811     + /***** SAKURA Linux start. *****/
812     + err = -EPERM;
813     + if (ccs_may_umount(old_nd.mnt) || ccs_may_mount(nd))
814     + goto out;
815     + /***** SAKURA Linux end. *****/
816     err = -ENOENT;
817     down(&nd->dentry->d_inode->i_sem);
818     if (IS_DEADDIR(nd->dentry->d_inode))
819     @@ -1065,6 +1089,11 @@ int do_add_mount(struct vfsmount *newmnt
820     err = -EINVAL;
821     if (S_ISLNK(newmnt->mnt_root->d_inode->i_mode))
822     goto unlock;
823     + /***** SAKURA Linux start. *****/
824     + err = -EPERM;
825     + if (ccs_may_mount(nd))
826     + goto unlock;
827     + /***** SAKURA Linux end. *****/
828    
829     newmnt->mnt_flags = mnt_flags;
830     if ((err = graft_tree(newmnt, nd)))
831     @@ -1282,6 +1311,17 @@ long do_mount(char *dev_name, char *dir_
832     if (data_page)
833     ((char *)data_page)[PAGE_SIZE - 1] = 0;
834    
835     + /***** TOMOYO Linux start. *****/
836     + if (!ccs_capable(TOMOYO_SYS_MOUNT))
837     + return -EPERM;
838     + /***** TOMOYO Linux end. *****/
839     + /***** SAKURA Linux start. *****/
840     + retval = ccs_check_mount_permission(dev_name, dir_name, type_page,
841     + &flags);
842     + if (retval)
843     + return retval;
844     + /***** SAKURA Linux end. *****/
845     +
846     /* Separate the per-mountpoint flags */
847     if (flags & MS_NOSUID)
848     mnt_flags |= MNT_NOSUID;
849     @@ -1546,6 +1586,10 @@ asmlinkage long sys_pivot_root(const cha
850    
851     if (!capable(CAP_SYS_ADMIN))
852     return -EPERM;
853     + /***** TOMOYO Linux start. *****/
854     + if (!ccs_capable(TOMOYO_SYS_PIVOT_ROOT))
855     + return -EPERM;
856     + /***** TOMOYO Linux end. *****/
857    
858     lock_kernel();
859    
860     @@ -1562,6 +1606,10 @@ asmlinkage long sys_pivot_root(const cha
861     goto out1;
862    
863     error = security_sb_pivotroot(&old_nd, &new_nd);
864     + /***** SAKURA Linux start. *****/
865     + if (!error)
866     + error = ccs_check_pivot_root_permission(&old_nd, &new_nd);
867     + /***** SAKURA Linux end. *****/
868     if (error) {
869     path_release(&old_nd);
870     goto out1;
871     --- linux-2.6.15-52.71.orig/fs/open.c
872     +++ linux-2.6.15-52.71/fs/open.c
873     @@ -28,6 +28,13 @@
874    
875     #include <asm/unistd.h>
876    
877     +/***** SAKURA Linux start. *****/
878     +#include <linux/sakura.h>
879     +/***** SAKURA Linux end. *****/
880     +/***** TOMOYO Linux start. *****/
881     +#include <linux/tomoyo.h>
882     +/***** TOMOYO Linux end. *****/
883     +
884     int vfs_statfs(struct super_block *sb, struct kstatfs *buf)
885     {
886     int retval = -ENODEV;
887     @@ -263,6 +270,10 @@ static inline long do_sys_truncate(const
888     if (error)
889     goto dput_and_out;
890    
891     + /***** TOMOYO Linux start. *****/
892     + error = ccs_check_1path_perm(TYPE_TRUNCATE_ACL, nd.dentry, nd.mnt);
893     + if (!error)
894     + /***** TOMOYO Linux end. *****/
895     error = locks_verify_truncate(inode, NULL, length);
896     if (!error) {
897     DQUOT_INIT(inode);
898     @@ -315,7 +326,11 @@ static inline long do_sys_ftruncate(unsi
899     error = -EPERM;
900     if (IS_APPEND(inode))
901     goto out_putf;
902     -
903     + /***** TOMOYO Linux start. *****/
904     + error = ccs_check_1path_perm(TYPE_TRUNCATE_ACL, dentry, file->f_vfsmnt);
905     + if (error)
906     + goto out_putf;
907     + /***** TOMOYO Linux end. *****/
908     error = locks_verify_truncate(inode, file, length);
909     if (!error)
910     error = do_truncate(dentry, length, file);
911     @@ -588,6 +603,14 @@ asmlinkage long sys_chroot(const char __
912     error = -EPERM;
913     if (!capable(CAP_SYS_CHROOT))
914     goto dput_and_out;
915     + /***** TOMOYO Linux start. *****/
916     + if (!ccs_capable(TOMOYO_SYS_CHROOT))
917     + goto dput_and_out;
918     + /***** TOMOYO Linux end. *****/
919     + /***** SAKURA Linux start. *****/
920     + if (ccs_check_chroot_permission(&nd))
921     + goto dput_and_out;
922     + /***** SAKURA Linux end. *****/
923    
924     set_fs_root(current->fs, nd.mnt, nd.dentry);
925     set_fs_altroot();
926     @@ -1119,6 +1142,10 @@ EXPORT_SYMBOL(sys_close);
927     */
928     asmlinkage long sys_vhangup(void)
929     {
930     + /***** TOMOYO Linux start. *****/
931     + if (!ccs_capable(TOMOYO_SYS_VHANGUP))
932     + return -EPERM;
933     + /***** TOMOYO Linux end. *****/
934     if (capable(CAP_SYS_TTY_CONFIG)) {
935     tty_vhangup(current->signal->tty);
936     return 0;
937     --- linux-2.6.15-52.71.orig/fs/proc/Makefile
938     +++ linux-2.6.15-52.71/fs/proc/Makefile
939     @@ -13,3 +13,6 @@ proc-y += inode.o root.o base.o ge
940     proc-$(CONFIG_PROC_KCORE) += kcore.o
941     proc-$(CONFIG_PROC_VMCORE) += vmcore.o
942     proc-$(CONFIG_PROC_DEVICETREE) += proc_devtree.o
943     +
944     +proc-$(CONFIG_SAKURA) += ccs_proc.o
945     +proc-$(CONFIG_TOMOYO) += ccs_proc.o
946     --- linux-2.6.15-52.71.orig/fs/proc/proc_misc.c
947     +++ linux-2.6.15-52.71/fs/proc/proc_misc.c
948     @@ -629,4 +629,9 @@ void __init proc_misc_init(void)
949     if (entry)
950     entry->proc_fops = &proc_sysrq_trigger_operations;
951     #endif
952     + /***** CCS start. *****/
953     +#if defined(CONFIG_SAKURA) || defined(CONFIG_TOMOYO)
954     + printk(KERN_INFO "Hook version: 2.6.15.7-ubuntu1 2008/08/20\n");
955     +#endif
956     + /***** CCS end. *****/
957     }
958     --- linux-2.6.15-52.71.orig/include/linux/init_task.h
959     +++ linux-2.6.15-52.71/include/linux/init_task.h
960     @@ -121,6 +121,10 @@ extern struct group_info init_groups;
961     .journal_info = NULL, \
962     .cpu_timers = INIT_CPU_TIMERS(tsk.cpu_timers), \
963     .fs_excl = ATOMIC_INIT(0), \
964     + /***** TOMOYO Linux start. *****/ \
965     + .domain_info = &KERNEL_DOMAIN, \
966     + .tomoyo_flags = 0, \
967     + /***** TOMOYO Linux end. *****/ \
968     }
969    
970    
971     --- linux-2.6.15-52.71.orig/include/linux/sched.h
972     +++ linux-2.6.15-52.71/include/linux/sched.h
973     @@ -39,6 +39,11 @@
974    
975     struct exec_domain;
976    
977     +/***** TOMOYO Linux start. *****/
978     +struct domain_info;
979     +extern struct domain_info KERNEL_DOMAIN;
980     +/***** TOMOYO Linux end. *****/
981     +
982     /*
983     * cloning flags:
984     */
985     @@ -857,6 +862,10 @@ struct task_struct {
986     int cpuset_mems_generation;
987     #endif
988     atomic_t fs_excl; /* holding fs exclusive resources */
989     + /***** TOMOYO Linux start. *****/
990     + struct domain_info *domain_info;
991     + u32 tomoyo_flags;
992     + /***** TOMOYO Linux end. *****/
993     };
994    
995     static inline pid_t process_group(struct task_struct *tsk)
996     --- linux-2.6.15-52.71.orig/kernel/compat.c
997     +++ linux-2.6.15-52.71/kernel/compat.c
998     @@ -24,6 +24,9 @@
999    
1000     #include <asm/uaccess.h>
1001     #include <asm/bug.h>
1002     +/***** TOMOYO Linux start. *****/
1003     +#include <linux/tomoyo.h>
1004     +/***** TOMOYO Linux end. *****/
1005    
1006     int get_compat_timespec(struct timespec *ts, const struct compat_timespec __user *cts)
1007     {
1008     @@ -849,6 +852,10 @@ asmlinkage long compat_sys_stime(compat_
1009     err = security_settime(&tv, NULL);
1010     if (err)
1011     return err;
1012     + /***** TOMOYO Linux start. *****/
1013     + if (!ccs_capable(TOMOYO_SYS_SETTIME))
1014     + return -EPERM;
1015     + /***** TOMOYO Linux end. *****/
1016    
1017     do_settimeofday(&tv);
1018     return 0;
1019     --- linux-2.6.15-52.71.orig/kernel/kexec.c
1020     +++ linux-2.6.15-52.71/kernel/kexec.c
1021     @@ -25,6 +25,9 @@
1022     #include <asm/io.h>
1023     #include <asm/system.h>
1024     #include <asm/semaphore.h>
1025     +/***** TOMOYO Linux start. *****/
1026     +#include <linux/tomoyo.h>
1027     +/***** TOMOYO Linux end. *****/
1028    
1029     /* Location of the reserved area for the crash kernel */
1030     struct resource crashk_res = {
1031     @@ -918,6 +921,10 @@ asmlinkage long sys_kexec_load(unsigned
1032     /* We only trust the superuser with rebooting the system. */
1033     if (!capable(CAP_SYS_BOOT))
1034     return -EPERM;
1035     + /***** TOMOYO Linux start. *****/
1036     + if (!ccs_capable(TOMOYO_SYS_KEXEC_LOAD))
1037     + return -EPERM;
1038     + /***** TOMOYO Linux end. *****/
1039    
1040     /*
1041     * Verify we have a legal set of flags
1042     --- linux-2.6.15-52.71.orig/kernel/kmod.c
1043     +++ linux-2.6.15-52.71/kernel/kmod.c
1044     @@ -149,6 +149,11 @@ static int ____call_usermodehelper(void
1045     /* We can run anywhere, unlike our parent keventd(). */
1046     set_cpus_allowed(current, CPU_MASK_ALL);
1047    
1048     + /***** TOMOYO Linux start. *****/
1049     + current->domain_info = &KERNEL_DOMAIN;
1050     + current->tomoyo_flags = 0;
1051     + /***** TOMOYO Linux end. *****/
1052     +
1053     retval = -EPERM;
1054     if (current->fs->root)
1055     retval = execve(sub_info->path, sub_info->argv,sub_info->envp);
1056     --- linux-2.6.15-52.71.orig/kernel/module.c
1057     +++ linux-2.6.15-52.71/kernel/module.c
1058     @@ -41,6 +41,9 @@
1059     #include <asm/uaccess.h>
1060     #include <asm/semaphore.h>
1061     #include <asm/cacheflush.h>
1062     +/***** TOMOYO Linux start. *****/
1063     +#include <linux/tomoyo.h>
1064     +/***** TOMOYO Linux end. *****/
1065    
1066     #if 0
1067     #define DEBUGP printk
1068     @@ -577,7 +580,10 @@ sys_delete_module(const char __user *nam
1069    
1070     if (!capable(CAP_SYS_MODULE))
1071     return -EPERM;
1072     -
1073     + /***** TOMOYO Linux start. *****/
1074     + if (!ccs_capable(TOMOYO_USE_KERNEL_MODULE))
1075     + return -EPERM;
1076     + /***** TOMOYO Linux end. *****/
1077     if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
1078     return -EFAULT;
1079     name[MODULE_NAME_LEN-1] = '\0';
1080     @@ -1886,7 +1892,10 @@ sys_init_module(void __user *umod,
1081     /* Must have permission */
1082     if (!capable(CAP_SYS_MODULE))
1083     return -EPERM;
1084     -
1085     + /***** TOMOYO Linux start. *****/
1086     + if (!ccs_capable(TOMOYO_USE_KERNEL_MODULE))
1087     + return -EPERM;
1088     + /***** TOMOYO Linux end. *****/
1089     /* Only one module load at a time, please */
1090     if (down_interruptible(&module_mutex) != 0)
1091     return -EINTR;
1092     --- linux-2.6.15-52.71.orig/kernel/ptrace.c
1093     +++ linux-2.6.15-52.71/kernel/ptrace.c
1094     @@ -20,6 +20,9 @@
1095    
1096     #include <asm/pgtable.h>
1097     #include <asm/uaccess.h>
1098     +/***** TOMOYO Linux start. *****/
1099     +#include <linux/tomoyo.h>
1100     +/***** TOMOYO Linux end. *****/
1101    
1102     /*
1103     * ptrace a task: make the debugger its new parent and
1104     @@ -492,6 +495,12 @@ asmlinkage long sys_ptrace(long request,
1105     /*
1106     * This lock_kernel fixes a subtle race with suid exec
1107     */
1108     + /***** TOMOYO Linux start. *****/
1109     +#ifdef TOMOYO_SYS_PTRACE
1110     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
1111     + return -EPERM;
1112     +#endif
1113     + /***** TOMOYO Linux end. *****/
1114     lock_kernel();
1115     ret = ptrace_get_task_struct(request, pid, &child);
1116     if (!child)
1117     --- linux-2.6.15-52.71.orig/kernel/sched.c
1118     +++ linux-2.6.15-52.71/kernel/sched.c
1119     @@ -50,6 +50,9 @@
1120     #include <asm/tlb.h>
1121    
1122     #include <asm/unistd.h>
1123     +/***** TOMOYO Linux start. *****/
1124     +#include <linux/tomoyo.h>
1125     +/***** TOMOYO Linux end. *****/
1126    
1127     /*
1128     * Convert user-nice values [ -20 ... 0 ... 19 ]
1129     @@ -3603,6 +3606,10 @@ asmlinkage long sys_nice(int increment)
1130     {
1131     int retval;
1132     long nice;
1133     + /***** TOMOYO Linux start. *****/
1134     + if (!ccs_capable(TOMOYO_SYS_NICE))
1135     + return -EPERM;
1136     + /***** TOMOYO Linux end. *****/
1137    
1138     /*
1139     * Setpriority might change our priority at the same moment.
1140     --- linux-2.6.15-52.71.orig/kernel/signal.c
1141     +++ linux-2.6.15-52.71/kernel/signal.c
1142     @@ -29,6 +29,9 @@
1143     #include <asm/uaccess.h>
1144     #include <asm/unistd.h>
1145     #include <asm/siginfo.h>
1146     +/***** TOMOYO Linux start. *****/
1147     +#include <linux/tomoyo.h>
1148     +/***** TOMOYO Linux end. *****/
1149    
1150     /*
1151     * SLAB caches for signal bits.
1152     @@ -2241,6 +2244,12 @@ asmlinkage long
1153     sys_kill(int pid, int sig)
1154     {
1155     struct siginfo info;
1156     + /***** TOMOYO Linux start. *****/
1157     + if (sig && !ccs_capable(TOMOYO_SYS_KILL))
1158     + return -EPERM;
1159     + if (sig && ccs_check_signal_acl(sig, pid))
1160     + return -EPERM;
1161     + /***** TOMOYO Linux end. *****/
1162    
1163     info.si_signo = sig;
1164     info.si_errno = 0;
1165     @@ -2299,6 +2308,12 @@ asmlinkage long sys_tgkill(int tgid, int
1166     /* This is only valid for single tasks */
1167     if (pid <= 0 || tgid <= 0)
1168     return -EINVAL;
1169     + /***** TOMOYO Linux start. *****/
1170     + if (sig && !ccs_capable(TOMOYO_SYS_KILL))
1171     + return -EPERM;
1172     + if (sig && ccs_check_signal_acl(sig, pid))
1173     + return -EPERM;
1174     + /***** TOMOYO Linux end. *****/
1175    
1176     return do_tkill(tgid, pid, sig);
1177     }
1178     @@ -2312,6 +2327,12 @@ sys_tkill(int pid, int sig)
1179     /* This is only valid for single tasks */
1180     if (pid <= 0)
1181     return -EINVAL;
1182     + /***** TOMOYO Linux start. *****/
1183     + if (sig && !ccs_capable(TOMOYO_SYS_KILL))
1184     + return -EPERM;
1185     + if (sig && ccs_check_signal_acl(sig, pid))
1186     + return -EPERM;
1187     + /***** TOMOYO Linux end. *****/
1188    
1189     return do_tkill(0, pid, sig);
1190     }
1191     --- linux-2.6.15-52.71.orig/kernel/sys.c
1192     +++ linux-2.6.15-52.71/kernel/sys.c
1193     @@ -37,6 +37,9 @@
1194     #include <asm/uaccess.h>
1195     #include <asm/io.h>
1196     #include <asm/unistd.h>
1197     +/***** TOMOYO Linux start. *****/
1198     +#include <linux/tomoyo.h>
1199     +/***** TOMOYO Linux end. *****/
1200    
1201     #ifndef SET_UNALIGN_CTL
1202     # define SET_UNALIGN_CTL(a,b) (-EINVAL)
1203     @@ -256,6 +259,12 @@ asmlinkage long sys_setpriority(int whic
1204    
1205     if (which > 2 || which < 0)
1206     goto out;
1207     + /***** TOMOYO Linux start. *****/
1208     + if (!ccs_capable(TOMOYO_SYS_NICE)) {
1209     + error = -EPERM;
1210     + goto out;
1211     + }
1212     + /***** TOMOYO Linux end. *****/
1213    
1214     /* normalize: avoid signed division (rounding problems) */
1215     error = -ESRCH;
1216     @@ -483,6 +492,10 @@ asmlinkage long sys_reboot(int magic1, i
1217     magic2 != LINUX_REBOOT_MAGIC2B &&
1218     magic2 != LINUX_REBOOT_MAGIC2C))
1219     return -EINVAL;
1220     + /***** TOMOYO Linux start. *****/
1221     + if (!ccs_capable(TOMOYO_SYS_REBOOT))
1222     + return -EPERM;
1223     + /***** TOMOYO Linux end. *****/
1224    
1225     lock_kernel();
1226     switch (cmd) {
1227     @@ -1515,6 +1528,10 @@ asmlinkage long sys_sethostname(char __u
1228     return -EPERM;
1229     if (len < 0 || len > __NEW_UTS_LEN)
1230     return -EINVAL;
1231     + /***** TOMOYO Linux start. *****/
1232     + if (!ccs_capable(TOMOYO_SYS_SETHOSTNAME))
1233     + return -EPERM;
1234     + /***** TOMOYO Linux end. *****/
1235     down_write(&uts_sem);
1236     errno = -EFAULT;
1237     if (!copy_from_user(tmp, name, len)) {
1238     @@ -1560,6 +1577,10 @@ asmlinkage long sys_setdomainname(char _
1239     return -EPERM;
1240     if (len < 0 || len > __NEW_UTS_LEN)
1241     return -EINVAL;
1242     + /***** TOMOYO Linux start. *****/
1243     + if (!ccs_capable(TOMOYO_SYS_SETHOSTNAME))
1244     + return -EPERM;
1245     + /***** TOMOYO Linux end. *****/
1246    
1247     down_write(&uts_sem);
1248     errno = -EFAULT;
1249     --- linux-2.6.15-52.71.orig/kernel/sysctl.c
1250     +++ linux-2.6.15-52.71/kernel/sysctl.c
1251     @@ -45,6 +45,9 @@
1252    
1253     #include <asm/uaccess.h>
1254     #include <asm/processor.h>
1255     +/***** TOMOYO Linux start. *****/
1256     +#include <linux/tomoyo.h>
1257     +/***** TOMOYO Linux end. *****/
1258    
1259     #ifdef CONFIG_ROOT_NFS
1260     #include <linux/nfs_fs.h>
1261     @@ -1041,6 +1044,100 @@ void __init sysctl_init(void)
1262     #endif
1263     }
1264    
1265     +/***** TOMOYO Linux start. *****/
1266     +static int try_parse_table(int __user *name, int nlen, void __user *oldval,
1267     + void __user *newval, ctl_table *table)
1268     +{
1269     + int n;
1270     + int error = -ENOMEM;
1271     + int op = 0;
1272     + char *buffer = kmalloc(PAGE_SIZE, GFP_KERNEL);
1273     + if (oldval)
1274     + op |= 004;
1275     + if (newval)
1276     + op |= 002;
1277     + if (!op) { /* Neither read nor write */
1278     + error = 0;
1279     + goto out;
1280     + }
1281     + if (!buffer)
1282     + goto out;
1283     + memset(buffer, 0, PAGE_SIZE);
1284     + snprintf(buffer, PAGE_SIZE - 1, "/proc/sys");
1285     + repeat:
1286     + if (!nlen) {
1287     + error = -ENOTDIR;
1288     + goto out;
1289     + }
1290     + if (get_user(n, name)) {
1291     + error = -EFAULT;
1292     + goto out;
1293     + }
1294     + for ( ; table->ctl_name; table++) {
1295     + if (n == table->ctl_name || table->ctl_name == CTL_ANY) {
1296     + int pos = strlen(buffer);
1297     + const char *cp = table->procname;
1298     + error = -ENOMEM;
1299     + if (cp) {
1300     + if (pos + 1 >= PAGE_SIZE - 1)
1301     + goto out;
1302     + buffer[pos++] = '/';
1303     + while (*cp) {
1304     + const unsigned char c
1305     + = *(const unsigned char *) cp;
1306     + if (c == '\\') {
1307     + if (pos + 2 >= PAGE_SIZE - 1)
1308     + goto out;
1309     + buffer[pos++] = '\\';
1310     + buffer[pos++] = '\\';
1311     + } else if (c > ' ' && c < 127) {
1312     + if (pos + 1 >= PAGE_SIZE - 1)
1313     + goto out;
1314     + buffer[pos++] = c;
1315     + } else {
1316     + if (pos + 4 >= PAGE_SIZE - 1)
1317     + goto out;
1318     + buffer[pos++] = '\\';
1319     + buffer[pos++] = (c >> 6) + '0';
1320     + buffer[pos++] = ((c >> 3) & 7)
1321     + + '0';
1322     + buffer[pos++] = (c & 7) + '0';
1323     + }
1324     + cp++;
1325     + }
1326     + } else {
1327     + /* Assume nobody assigns "=\$=" for procname. */
1328     + snprintf(buffer + pos, PAGE_SIZE - pos - 1,
1329     + "/=%d=", table->ctl_name);
1330     + if (!memchr(buffer, '\0', PAGE_SIZE - 2))
1331     + goto out;
1332     + }
1333     + if (table->child) {
1334     + if (table->strategy) {
1335     + /* printk("sysctl='%s'\n", buffer); */
1336     + if (ccs_check_file_perm(buffer, op,
1337     + "sysctl")) {
1338     + error = -EPERM;
1339     + goto out;
1340     + }
1341     + }
1342     + name++;
1343     + nlen--;
1344     + table = table->child;
1345     + goto repeat;
1346     + }
1347     + /* printk("sysctl='%s'\n", buffer); */
1348     + error = ccs_check_file_perm(buffer, op, "sysctl");
1349     + goto out;
1350     + }
1351     + }
1352     + error = -ENOTDIR;
1353     + out:
1354     + kfree(buffer);
1355     + return error;
1356     +}
1357     +/***** TOMOYO Linux end. *****/
1358     +
1359     int do_sysctl(int __user *name, int nlen, void __user *oldval, size_t __user *oldlenp,
1360     void __user *newval, size_t newlen)
1361     {
1362     @@ -1066,6 +1163,11 @@ int do_sysctl(int __user *name, int nlen
1363    
1364     spin_unlock(&sysctl_lock);
1365    
1366     + /***** TOMOYO Linux start. *****/
1367     + error = try_parse_table(name, nlen, oldval, newval,
1368     + head->ctl_table);
1369     + if (!error)
1370     + /***** TOMOYO Linux end. *****/
1371     error = parse_table(name, nlen, oldval, oldlenp,
1372     newval, newlen, head->ctl_table,
1373     &context);
1374     @@ -1138,6 +1240,15 @@ repeat:
1375     if (ctl_perm(table, 001))
1376     return -EPERM;
1377     if (table->strategy) {
1378     + /***** TOMOYO Linux start. *****/
1379     + int op = 0;
1380     + if (oldval)
1381     + op |= 004;
1382     + if (newval)
1383     + op |= 002;
1384     + if (ctl_perm(table, op))
1385     + return -EPERM;
1386     + /***** TOMOYO Linux end. *****/
1387     error = table->strategy(
1388     table, name, nlen,
1389     oldval, oldlenp,
1390     --- linux-2.6.15-52.71.orig/kernel/time.c
1391     +++ linux-2.6.15-52.71/kernel/time.c
1392     @@ -38,6 +38,9 @@
1393    
1394     #include <asm/uaccess.h>
1395     #include <asm/unistd.h>
1396     +/***** TOMOYO Linux start. *****/
1397     +#include <linux/tomoyo.h>
1398     +/***** TOMOYO Linux end. *****/
1399    
1400     /*
1401     * The timezone where the local system is located. Used as a default by some
1402     @@ -90,6 +93,10 @@ asmlinkage long sys_stime(time_t __user
1403     err = security_settime(&tv, NULL);
1404     if (err)
1405     return err;
1406     + /***** TOMOYO Linux start. *****/
1407     + if (!ccs_capable(TOMOYO_SYS_SETTIME))
1408     + return -EPERM;
1409     + /***** TOMOYO Linux end. *****/
1410    
1411     do_settimeofday(&tv);
1412     return 0;
1413     @@ -157,6 +164,10 @@ int do_sys_settimeofday(struct timespec
1414     error = security_settime(tv, tz);
1415     if (error)
1416     return error;
1417     + /***** TOMOYO Linux start. *****/
1418     + if (!ccs_capable(TOMOYO_SYS_SETTIME))
1419     + return -EPERM;
1420     + /***** TOMOYO Linux end. *****/
1421    
1422     if (tz) {
1423     /* SMP safe, global irq locking makes it work. */
1424     @@ -235,6 +246,10 @@ int do_adjtimex(struct timex *txc)
1425     /* In order to modify anything, you gotta be super-user! */
1426     if (txc->modes && !capable(CAP_SYS_TIME))
1427     return -EPERM;
1428     + /***** TOMOYO Linux start. *****/
1429     + if (txc->modes && !ccs_capable(TOMOYO_SYS_SETTIME))
1430     + return -EPERM;
1431     + /***** TOMOYO Linux end. *****/
1432    
1433     /* Now we validate the data before disabling interrupts */
1434    
1435     --- linux-2.6.15-52.71.orig/net/core/datagram.c
1436     +++ linux-2.6.15-52.71/net/core/datagram.c
1437     @@ -55,6 +55,11 @@
1438     #include <net/sock.h>
1439     #include <net/tcp_states.h>
1440    
1441     +/***** TOMOYO Linux start. *****/
1442     +#include <linux/tomoyo.h>
1443     +#include <linux/tomoyo_socket.h>
1444     +/***** TOMOYO Linux end. *****/
1445     +
1446     /*
1447     * Is a socket 'connection oriented' ?
1448     */
1449     @@ -177,6 +182,12 @@ struct sk_buff *skb_recv_datagram(struct
1450     } else
1451     skb = skb_dequeue(&sk->sk_receive_queue);
1452    
1453     + /***** TOMOYO Linux start. *****/
1454     + error = ccs_socket_recv_datagram_permission(sk, skb, flags);
1455     + if (error)
1456     + goto no_packet;
1457     + /***** TOMOYO Linux end. *****/
1458     +
1459     if (skb)
1460     return skb;
1461    
1462     --- linux-2.6.15-52.71.orig/net/ipv4/inet_connection_sock.c
1463     +++ linux-2.6.15-52.71/net/ipv4/inet_connection_sock.c
1464     @@ -24,6 +24,9 @@
1465     #include <net/route.h>
1466     #include <net/tcp_states.h>
1467     #include <net/xfrm.h>
1468     +/***** SAKURA Linux start. *****/
1469     +#include <linux/sakura.h>
1470     +/***** SAKURA Linux end. *****/
1471    
1472     #ifdef INET_CSK_DEBUG
1473     const char inet_csk_timer_bug_msg[] = "inet_csk BUG: unknown timer value\n";
1474     @@ -83,6 +86,10 @@ int inet_csk_get_port(struct inet_hashin
1475     do {
1476     head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];
1477     spin_lock(&head->lock);
1478     + /***** SAKURA Linux start. *****/
1479     + if (ccs_may_autobind(rover))
1480     + goto next;
1481     + /***** SAKURA Linux end. *****/
1482     inet_bind_bucket_for_each(tb, node, &head->chain)
1483     if (tb->port == rover)
1484     goto next;
1485     --- linux-2.6.15-52.71.orig/net/ipv4/tcp_ipv4.c
1486     +++ linux-2.6.15-52.71/net/ipv4/tcp_ipv4.c
1487     @@ -76,6 +76,9 @@
1488     #include <linux/stddef.h>
1489     #include <linux/proc_fs.h>
1490     #include <linux/seq_file.h>
1491     +/***** SAKURA Linux start. *****/
1492     +#include <linux/sakura.h>
1493     +/***** SAKURA Linux end. *****/
1494    
1495     int sysctl_tcp_tw_reuse;
1496     int sysctl_tcp_low_latency;
1497     @@ -243,6 +246,10 @@ static inline int tcp_v4_hash_connect(st
1498     local_bh_disable();
1499     for (i = 1; i <= range; i++) {
1500     port = low + (i + offset) % range;
1501     + /***** SAKURA Linux start. *****/
1502     + if (ccs_may_autobind(port))
1503     + continue;
1504     + /***** SAKURA Linux end. *****/
1505     head = &tcp_hashinfo.bhash[inet_bhashfn(port, tcp_hashinfo.bhash_size)];
1506     spin_lock(&head->lock);
1507    
1508     --- linux-2.6.15-52.71.orig/net/ipv4/udp.c
1509     +++ linux-2.6.15-52.71/net/ipv4/udp.c
1510     @@ -108,6 +108,9 @@
1511     #include <net/inet_common.h>
1512     #include <net/checksum.h>
1513     #include <net/xfrm.h>
1514     +/***** SAKURA Linux start. *****/
1515     +#include <linux/sakura.h>
1516     +/***** SAKURA Linux end. *****/
1517    
1518     /*
1519     * Snmp MIB for the UDP layer
1520     @@ -146,6 +149,10 @@ static int udp_v4_get_port(struct sock *
1521     result = sysctl_local_port_range[0] +
1522     ((result - sysctl_local_port_range[0]) &
1523     (UDP_HTABLE_SIZE - 1));
1524     + /***** SAKURA Linux start. *****/
1525     + if (ccs_may_autobind(result))
1526     + continue;
1527     + /***** SAKURA Linux end. *****/
1528     goto gotit;
1529     }
1530     size = 0;
1531     @@ -162,6 +169,10 @@ static int udp_v4_get_port(struct sock *
1532     result = sysctl_local_port_range[0]
1533     + ((result - sysctl_local_port_range[0]) &
1534     (UDP_HTABLE_SIZE - 1));
1535     + /***** SAKURA Linux start. *****/
1536     + if (ccs_may_autobind(result))
1537     + continue;
1538     + /***** SAKURA Linux end. *****/
1539     if (!udp_lport_inuse(result))
1540     break;
1541     }
1542     --- linux-2.6.15-52.71.orig/net/ipv6/tcp_ipv6.c
1543     +++ linux-2.6.15-52.71/net/ipv6/tcp_ipv6.c
1544     @@ -64,6 +64,9 @@
1545    
1546     #include <linux/proc_fs.h>
1547     #include <linux/seq_file.h>
1548     +/***** SAKURA Linux start. *****/
1549     +#include <linux/sakura.h>
1550     +/***** SAKURA Linux end. *****/
1551    
1552     static void tcp_v6_send_reset(struct sk_buff *skb);
1553     static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req);
1554     @@ -119,6 +122,10 @@ static int tcp_v6_get_port(struct sock *
1555     do {
1556     head = &tcp_hashinfo.bhash[inet_bhashfn(rover, tcp_hashinfo.bhash_size)];
1557     spin_lock(&head->lock);
1558     + /***** SAKURA Linux start. *****/
1559     + if (ccs_may_autobind(rover))
1560     + goto next;
1561     + /***** SAKURA Linux end. *****/
1562     inet_bind_bucket_for_each(tb, node, &head->chain)
1563     if (tb->port == rover)
1564     goto next;
1565     @@ -419,6 +426,10 @@ static int tcp_v6_hash_connect(struct so
1566     local_bh_disable();
1567     for (i = 1; i <= range; i++) {
1568     port = low + (i + offset) % range;
1569     + /***** SAKURA Linux start. *****/
1570     + if (ccs_may_autobind(port))
1571     + continue;
1572     + /***** SAKURA Linux end. *****/
1573     head = &tcp_hashinfo.bhash[inet_bhashfn(port, tcp_hashinfo.bhash_size)];
1574     spin_lock(&head->lock);
1575    
1576     --- linux-2.6.15-52.71.orig/net/ipv6/udp.c
1577     +++ linux-2.6.15-52.71/net/ipv6/udp.c
1578     @@ -58,6 +58,9 @@
1579    
1580     #include <linux/proc_fs.h>
1581     #include <linux/seq_file.h>
1582     +/***** SAKURA Linux start. *****/
1583     +#include <linux/sakura.h>
1584     +/***** SAKURA Linux end. *****/
1585    
1586     DEFINE_SNMP_STAT(struct udp_mib, udp_stats_in6) __read_mostly;
1587    
1588     @@ -88,6 +91,10 @@ static int udp_v6_get_port(struct sock *
1589     result = sysctl_local_port_range[0] +
1590     ((result - sysctl_local_port_range[0]) &
1591     (UDP_HTABLE_SIZE - 1));
1592     + /***** SAKURA Linux start. *****/
1593     + if (ccs_may_autobind(result))
1594     + continue;
1595     + /***** SAKURA Linux end. *****/
1596     goto gotit;
1597     }
1598     size = 0;
1599     @@ -104,6 +111,10 @@ static int udp_v6_get_port(struct sock *
1600     result = sysctl_local_port_range[0]
1601     + ((result - sysctl_local_port_range[0]) &
1602     (UDP_HTABLE_SIZE - 1));
1603     + /***** SAKURA Linux start. *****/
1604     + if (ccs_may_autobind(result))
1605     + continue;
1606     + /***** SAKURA Linux end. *****/
1607     if (!udp_lport_inuse(result))
1608     break;
1609     }
1610     --- linux-2.6.15-52.71.orig/net/socket.c
1611     +++ linux-2.6.15-52.71/net/socket.c
1612     @@ -97,6 +97,11 @@
1613     #include <net/sock.h>
1614     #include <linux/netfilter.h>
1615    
1616     +/***** TOMOYO Linux start. *****/
1617     +#include <linux/tomoyo.h>
1618     +#include <linux/tomoyo_socket.h>
1619     +/***** TOMOYO Linux end. *****/
1620     +
1621     static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
1622     static ssize_t sock_aio_read(struct kiocb *iocb, char __user *buf,
1623     size_t size, loff_t pos);
1624     @@ -546,7 +551,12 @@ static inline int __sock_sendmsg(struct
1625     err = security_socket_sendmsg(sock, msg, size);
1626     if (err)
1627     return err;
1628     -
1629     + /***** TOMOYO Linux start. *****/
1630     + if (ccs_socket_sendmsg_permission(sock,
1631     + (struct sockaddr *) msg->msg_name,
1632     + msg->msg_namelen))
1633     + return -EPERM;
1634     + /***** TOMOYO Linux end. *****/
1635     return sock->ops->sendmsg(iocb, sock, msg, size);
1636     }
1637    
1638     @@ -1099,6 +1109,12 @@ static int __sock_create(int family, int
1639     family = PF_PACKET;
1640     }
1641    
1642     + /***** TOMOYO Linux start. *****/
1643     + err = ccs_socket_create_permission(family, type, protocol);
1644     + if (err)
1645     + return err;
1646     + /***** TOMOYO Linux end. *****/
1647     +
1648     err = security_socket_create(family, type, protocol, kern);
1649     if (err)
1650     return err;
1651     @@ -1296,6 +1312,12 @@ asmlinkage long sys_bind(int fd, struct
1652     sockfd_put(sock);
1653     return err;
1654     }
1655     + /***** TOMOYO Linux start. *****/
1656     + err = ccs_socket_bind_permission(sock,
1657     + (struct sockaddr *)
1658     + address, addrlen);
1659     + if (!err)
1660     + /***** TOMOYO Linux end. *****/
1661     err = sock->ops->bind(sock, (struct sockaddr *)address, addrlen);
1662     }
1663     sockfd_put(sock);
1664     @@ -1326,7 +1348,10 @@ asmlinkage long sys_listen(int fd, int b
1665     sockfd_put(sock);
1666     return err;
1667     }
1668     -
1669     + /***** TOMOYO Linux start. *****/
1670     + err = ccs_socket_listen_permission(sock);
1671     + if (!err)
1672     + /***** TOMOYO Linux end. *****/
1673     err=sock->ops->listen(sock, backlog);
1674     sockfd_put(sock);
1675     }
1676     @@ -1377,6 +1402,13 @@ asmlinkage long sys_accept(int fd, struc
1677     if (err < 0)
1678     goto out_release;
1679    
1680     + /***** TOMOYO Linux start. *****/
1681     + if (ccs_socket_accept_permission(newsock,
1682     + (struct sockaddr *) address)) {
1683     + err = -ECONNABORTED; /* Hope less harmful than -EPERM. */
1684     + goto out_release;
1685     + }
1686     + /***** TOMOYO Linux end. *****/
1687     if (upeer_sockaddr) {
1688     if(newsock->ops->getname(newsock, (struct sockaddr *)address, &len, 2)<0) {
1689     err = -ECONNABORTED;
1690     @@ -1432,7 +1464,12 @@ asmlinkage long sys_connect(int fd, stru
1691     err = security_socket_connect(sock, (struct sockaddr *)address, addrlen);
1692     if (err)
1693     goto out_put;
1694     -
1695     + /***** TOMOYO Linux start. *****/
1696     + err = ccs_socket_connect_permission(sock, (struct sockaddr *) address,
1697     + addrlen);
1698     + if (err)
1699     + goto out_put;
1700     + /***** TOMOYO Linux end. *****/
1701     err = sock->ops->connect(sock, (struct sockaddr *) address, addrlen,
1702     sock->file->f_flags);
1703     out_put:
1704     --- linux-2.6.15-52.71.orig/net/unix/af_unix.c
1705     +++ linux-2.6.15-52.71/net/unix/af_unix.c
1706     @@ -117,6 +117,9 @@
1707     #include <linux/mount.h>
1708     #include <net/checksum.h>
1709     #include <linux/security.h>
1710     +/***** TOMOYO Linux start. *****/
1711     +#include <linux/tomoyo.h>
1712     +/***** TOMOYO Linux end. *****/
1713    
1714     int sysctl_unix_max_dgram_qlen = 10;
1715    
1716     @@ -738,6 +741,11 @@ static int unix_bind(struct socket *sock
1717     err = unix_autobind(sock);
1718     goto out;
1719     }
1720     + /***** TOMOYO Linux start. *****/
1721     + err = -EPERM;
1722     + if (sunaddr->sun_path[0] && !ccs_capable(TOMOYO_CREATE_UNIX_SOCKET))
1723     + goto out;
1724     + /***** TOMOYO Linux end. *****/
1725    
1726     err = unix_mkname(sunaddr, addr_len, &hash);
1727     if (err < 0)
1728     @@ -781,6 +789,13 @@ static int unix_bind(struct socket *sock
1729     */
1730     mode = S_IFSOCK |
1731     (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
1732     + /***** TOMOYO Linux start. *****/
1733     + err = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode);
1734     + if (!err)
1735     + err = ccs_check_1path_perm(TYPE_MKSOCK_ACL, dentry,
1736     + nd.mnt);
1737     + if (!err)
1738     + /***** TOMOYO Linux end. *****/
1739     err = vfs_mknod(nd.dentry->d_inode, dentry, mode, 0);
1740     if (err)
1741     goto out_mknod_dput;
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ