26 |
arch/x86_64/kernel/ptrace.c | 3 +++ |
arch/x86_64/kernel/ptrace.c | 3 +++ |
27 |
fs/Config.in | 3 +++ |
fs/Config.in | 3 +++ |
28 |
fs/exec.c | 12 +++++++++++- |
fs/exec.c | 12 +++++++++++- |
29 |
fs/fcntl.c | 4 ++++ |
fs/fcntl.c | 5 +++++ |
30 |
fs/ioctl.c | 6 ++++++ |
fs/ioctl.c | 6 ++++++ |
31 |
fs/namei.c | 39 +++++++++++++++++++++++++++++++++++++++ |
fs/namei.c | 39 +++++++++++++++++++++++++++++++++++++++ |
32 |
fs/namespace.c | 17 +++++++++++++++++ |
fs/namespace.c | 17 +++++++++++++++++ |
48 |
net/ipv6/udp.c | 14 +++++++++++++- |
net/ipv6/udp.c | 14 +++++++++++++- |
49 |
net/socket.c | 23 +++++++++++++++++++++-- |
net/socket.c | 23 +++++++++++++++++++++-- |
50 |
net/unix/af_unix.c | 9 +++++++++ |
net/unix/af_unix.c | 9 +++++++++ |
51 |
46 files changed, 331 insertions(+), 12 deletions(-) |
46 files changed, 332 insertions(+), 12 deletions(-) |
52 |
|
|
53 |
--- linux-2.4.37.10.orig/Makefile |
--- linux-2.4.37.10.orig/Makefile |
54 |
+++ linux-2.4.37.10/Makefile |
+++ linux-2.4.37.10/Makefile |
541 |
|
|
542 |
extern int sock_fcntl (struct file *, unsigned int cmd, unsigned long arg); |
extern int sock_fcntl (struct file *, unsigned int cmd, unsigned long arg); |
543 |
extern int fcntl_setlease(unsigned int fd, struct file *filp, long arg); |
extern int fcntl_setlease(unsigned int fd, struct file *filp, long arg); |
544 |
@@ -214,6 +215,9 @@ static int setfl(int fd, struct file * f |
@@ -346,6 +347,8 @@ asmlinkage long sys_fcntl(unsigned int f |
545 |
if (!(arg & O_APPEND) && IS_APPEND(inode)) |
if (!filp) |
546 |
return -EPERM; |
goto out; |
547 |
|
|
548 |
+ if (!(arg & O_APPEND) && ccs_rewrite_permission(filp)) |
+ err = ccs_fcntl_permission(filp, cmd, arg); |
549 |
+ return -EPERM; |
+ if (!err) |
550 |
+ |
err = do_fcntl(fd, cmd, arg, filp); |
551 |
/* Did FASYNC state change? */ |
|
552 |
if ((arg ^ filp->f_flags) & FASYNC) { |
fput(filp); |
553 |
if (filp->f_op && filp->f_op->fasync) { |
@@ -364,6 +367,8 @@ asmlinkage long sys_fcntl64(unsigned int |
554 |
|
if (!filp) |
555 |
|
goto out; |
556 |
|
|
557 |
|
+ err = ccs_fcntl_permission(filp, cmd, arg); |
558 |
|
+ if (!err) |
559 |
|
switch (cmd) { |
560 |
|
case F_GETLK64: |
561 |
|
err = fcntl_getlk64(fd, (struct flock64 *) arg); |
562 |
--- linux-2.4.37.10.orig/fs/ioctl.c |
--- linux-2.4.37.10.orig/fs/ioctl.c |
563 |
+++ linux-2.4.37.10/fs/ioctl.c |
+++ linux-2.4.37.10/fs/ioctl.c |
564 |
@@ -10,6 +10,7 @@ |
@@ -10,6 +10,7 @@ |