15 |
fs/compat.c | 9 ++++++++- |
fs/compat.c | 9 ++++++++- |
16 |
fs/exec.c | 12 +++++++++++- |
fs/exec.c | 12 +++++++++++- |
17 |
fs/fcntl.c | 4 ++++ |
fs/fcntl.c | 4 ++++ |
18 |
fs/ioctl.c | 5 +++++ |
fs/ioctl.c | 3 +++ |
19 |
fs/namei.c | 32 ++++++++++++++++++++++++++++++++ |
fs/namei.c | 31 +++++++++++++++++++++++++++++++ |
20 |
fs/namespace.c | 21 ++++++++++++++++++++- |
fs/namespace.c | 10 +++++++++- |
21 |
fs/open.c | 27 ++++++++++++++++++++++++++- |
fs/open.c | 27 ++++++++++++++++++++++++++- |
22 |
fs/proc/proc_misc.c | 1 + |
fs/proc/proc_misc.c | 1 + |
23 |
include/linux/init_task.h | 9 +++++++++ |
include/linux/init_task.h | 9 +++++++++ |
43 |
net/unix/af_unix.c | 4 ++++ |
net/unix/af_unix.c | 4 ++++ |
44 |
security/Kconfig | 2 ++ |
security/Kconfig | 2 ++ |
45 |
security/Makefile | 3 +++ |
security/Makefile | 3 +++ |
46 |
41 files changed, 300 insertions(+), 17 deletions(-) |
41 files changed, 286 insertions(+), 17 deletions(-) |
47 |
|
|
48 |
--- linux-2.6.15-cat.orig/arch/alpha/kernel/ptrace.c |
--- linux-2.6.15-cat.orig/arch/alpha/kernel/ptrace.c |
49 |
+++ linux-2.6.15-cat/arch/alpha/kernel/ptrace.c |
+++ linux-2.6.15-cat/arch/alpha/kernel/ptrace.c |
350 |
|
|
351 |
static long do_ioctl(struct file *filp, unsigned int cmd, |
static long do_ioctl(struct file *filp, unsigned int cmd, |
352 |
unsigned long arg) |
unsigned long arg) |
353 |
@@ -23,6 +24,8 @@ static long do_ioctl(struct file *filp, |
@@ -167,6 +168,8 @@ asmlinkage long sys_ioctl(unsigned int f |
|
|
|
|
if (!filp->f_op) |
|
|
goto out; |
|
|
+ if (!ccs_capable(CCS_SYS_IOCTL)) |
|
|
+ return -EPERM; |
|
|
|
|
|
if (filp->f_op->unlocked_ioctl) { |
|
|
error = filp->f_op->unlocked_ioctl(filp, cmd, arg); |
|
|
@@ -167,6 +170,8 @@ asmlinkage long sys_ioctl(unsigned int f |
|
354 |
goto out; |
goto out; |
355 |
|
|
356 |
error = security_file_ioctl(filp, cmd, arg); |
error = security_file_ioctl(filp, cmd, arg); |
382 |
/* |
/* |
383 |
* Ensure there are no outstanding leases on the file. |
* Ensure there are no outstanding leases on the file. |
384 |
*/ |
*/ |
385 |
@@ -1503,6 +1510,7 @@ int may_open(struct nameidata *nd, int a |
@@ -1578,6 +1585,9 @@ do_last: |
|
return 0; |
|
|
} |
|
|
|
|
|
+#include <linux/ccsecurity_vfs.h> |
|
|
/* |
|
|
* open_namei() |
|
|
* |
|
|
@@ -1578,6 +1586,9 @@ do_last: |
|
386 |
if (!path.dentry->d_inode) { |
if (!path.dentry->d_inode) { |
387 |
if (!IS_POSIXACL(dir->d_inode)) |
if (!IS_POSIXACL(dir->d_inode)) |
388 |
mode &= ~current->fs->umask; |
mode &= ~current->fs->umask; |
392 |
error = vfs_create(dir->d_inode, path.dentry, mode, nd); |
error = vfs_create(dir->d_inode, path.dentry, mode, nd); |
393 |
up(&dir->d_inode->i_sem); |
up(&dir->d_inode->i_sem); |
394 |
dput(nd->dentry); |
dput(nd->dentry); |
395 |
@@ -1765,6 +1776,9 @@ asmlinkage long sys_mknod(const char __u |
@@ -1765,6 +1775,9 @@ asmlinkage long sys_mknod(const char __u |
396 |
if (!IS_POSIXACL(nd.dentry->d_inode)) |
if (!IS_POSIXACL(nd.dentry->d_inode)) |
397 |
mode &= ~current->fs->umask; |
mode &= ~current->fs->umask; |
398 |
if (!IS_ERR(dentry)) { |
if (!IS_ERR(dentry)) { |
402 |
switch (mode & S_IFMT) { |
switch (mode & S_IFMT) { |
403 |
case 0: case S_IFREG: |
case 0: case S_IFREG: |
404 |
error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd); |
error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd); |
405 |
@@ -1833,6 +1847,9 @@ asmlinkage long sys_mkdir(const char __u |
@@ -1833,6 +1846,9 @@ asmlinkage long sys_mkdir(const char __u |
406 |
if (!IS_ERR(dentry)) { |
if (!IS_ERR(dentry)) { |
407 |
if (!IS_POSIXACL(nd.dentry->d_inode)) |
if (!IS_POSIXACL(nd.dentry->d_inode)) |
408 |
mode &= ~current->fs->umask; |
mode &= ~current->fs->umask; |
412 |
error = vfs_mkdir(nd.dentry->d_inode, dentry, mode); |
error = vfs_mkdir(nd.dentry->d_inode, dentry, mode); |
413 |
dput(dentry); |
dput(dentry); |
414 |
} |
} |
415 |
@@ -1936,6 +1953,9 @@ asmlinkage long sys_rmdir(const char __u |
@@ -1936,6 +1952,9 @@ asmlinkage long sys_rmdir(const char __u |
416 |
dentry = lookup_hash(&nd); |
dentry = lookup_hash(&nd); |
417 |
error = PTR_ERR(dentry); |
error = PTR_ERR(dentry); |
418 |
if (!IS_ERR(dentry)) { |
if (!IS_ERR(dentry)) { |
422 |
error = vfs_rmdir(nd.dentry->d_inode, dentry); |
error = vfs_rmdir(nd.dentry->d_inode, dentry); |
423 |
dput(dentry); |
dput(dentry); |
424 |
} |
} |
425 |
@@ -2011,6 +2031,9 @@ asmlinkage long sys_unlink(const char __ |
@@ -2011,6 +2030,9 @@ asmlinkage long sys_unlink(const char __ |
426 |
inode = dentry->d_inode; |
inode = dentry->d_inode; |
427 |
if (inode) |
if (inode) |
428 |
atomic_inc(&inode->i_count); |
atomic_inc(&inode->i_count); |
432 |
error = vfs_unlink(nd.dentry->d_inode, dentry); |
error = vfs_unlink(nd.dentry->d_inode, dentry); |
433 |
exit2: |
exit2: |
434 |
dput(dentry); |
dput(dentry); |
435 |
@@ -2072,6 +2095,9 @@ asmlinkage long sys_symlink(const char _ |
@@ -2072,6 +2094,9 @@ asmlinkage long sys_symlink(const char _ |
436 |
dentry = lookup_create(&nd, 0); |
dentry = lookup_create(&nd, 0); |
437 |
error = PTR_ERR(dentry); |
error = PTR_ERR(dentry); |
438 |
if (!IS_ERR(dentry)) { |
if (!IS_ERR(dentry)) { |
442 |
error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO); |
error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO); |
443 |
dput(dentry); |
dput(dentry); |
444 |
} |
} |
445 |
@@ -2154,6 +2180,9 @@ asmlinkage long sys_link(const char __us |
@@ -2154,6 +2179,9 @@ asmlinkage long sys_link(const char __us |
446 |
new_dentry = lookup_create(&nd, 0); |
new_dentry = lookup_create(&nd, 0); |
447 |
error = PTR_ERR(new_dentry); |
error = PTR_ERR(new_dentry); |
448 |
if (!IS_ERR(new_dentry)) { |
if (!IS_ERR(new_dentry)) { |
452 |
error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry); |
error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry); |
453 |
dput(new_dentry); |
dput(new_dentry); |
454 |
} |
} |
455 |
@@ -2374,6 +2403,9 @@ static inline int do_rename(const char * |
@@ -2374,6 +2402,9 @@ static inline int do_rename(const char * |
456 |
if (new_dentry == trap) |
if (new_dentry == trap) |
457 |
goto exit5; |
goto exit5; |
458 |
|
|
481 |
if (retval) |
if (retval) |
482 |
return retval; |
return retval; |
483 |
|
|
484 |
@@ -592,6 +595,8 @@ asmlinkage long sys_umount(char __user * |
@@ -960,7 +963,6 @@ static int do_move_mount(struct nameidat |
|
{ |
|
|
struct nameidata nd; |
|
|
int retval; |
|
|
+ if (!ccs_capable(CCS_SYS_UMOUNT)) |
|
|
+ return -EPERM; |
|
|
|
|
|
retval = __user_walk(name, LOOKUP_FOLLOW, &nd); |
|
|
if (retval) |
|
|
@@ -876,6 +881,9 @@ static int do_loopback(struct nameidata |
|
|
|
|
|
if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt)) |
|
|
goto out; |
|
|
+ err = -EPERM; |
|
|
+ if (ccs_may_mount(nd)) |
|
|
+ goto out; |
|
|
|
|
|
err = -ENOMEM; |
|
|
if (recurse) |
|
|
@@ -960,7 +968,9 @@ static int do_move_mount(struct nameidat |
|
485 |
err = -EINVAL; |
err = -EINVAL; |
486 |
if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt)) |
if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt)) |
487 |
goto out; |
goto out; |
488 |
- |
- |
|
+ err = -EPERM; |
|
|
+ if (ccs_may_mount(nd)) |
|
|
+ goto out; |
|
489 |
err = -ENOENT; |
err = -ENOENT; |
490 |
down(&nd->dentry->d_inode->i_sem); |
down(&nd->dentry->d_inode->i_sem); |
491 |
if (IS_DEADDIR(nd->dentry->d_inode)) |
if (IS_DEADDIR(nd->dentry->d_inode)) |
492 |
@@ -1062,6 +1072,9 @@ int do_add_mount(struct vfsmount *newmnt |
@@ -1261,6 +1263,7 @@ int copy_mount_options(const void __user |
|
err = -EINVAL; |
|
|
if (S_ISLNK(newmnt->mnt_root->d_inode->i_mode)) |
|
|
goto unlock; |
|
|
+ err = -EPERM; |
|
|
+ if (ccs_may_mount(nd)) |
|
|
+ goto unlock; |
|
|
|
|
|
newmnt->mnt_flags = mnt_flags; |
|
|
if ((err = graft_tree(newmnt, nd))) |
|
|
@@ -1261,6 +1274,7 @@ int copy_mount_options(const void __user |
|
493 |
long do_mount(char *dev_name, char *dir_name, char *type_page, |
long do_mount(char *dev_name, char *dir_name, char *type_page, |
494 |
unsigned long flags, void *data_page) |
unsigned long flags, void *data_page) |
495 |
{ |
{ |
497 |
struct nameidata nd; |
struct nameidata nd; |
498 |
int retval = 0; |
int retval = 0; |
499 |
int mnt_flags = 0; |
int mnt_flags = 0; |
500 |
@@ -1294,6 +1308,9 @@ long do_mount(char *dev_name, char *dir_ |
@@ -1294,6 +1297,9 @@ long do_mount(char *dev_name, char *dir_ |
501 |
return retval; |
return retval; |
502 |
|
|
503 |
retval = security_sb_mount(dev_name, &nd, type_page, flags, data_page); |
retval = security_sb_mount(dev_name, &nd, type_page, flags, data_page); |
507 |
if (retval) |
if (retval) |
508 |
goto dput_out; |
goto dput_out; |
509 |
|
|
510 |
@@ -1559,6 +1576,8 @@ asmlinkage long sys_pivot_root(const cha |
@@ -1559,6 +1565,8 @@ asmlinkage long sys_pivot_root(const cha |
511 |
goto out1; |
goto out1; |
512 |
|
|
513 |
error = security_sb_pivotroot(&old_nd, &new_nd); |
error = security_sb_pivotroot(&old_nd, &new_nd); |
531 |
if (error) |
if (error) |
532 |
goto dput_and_out; |
goto dput_and_out; |
533 |
|
|
534 |
+ error = ccs_truncate_permission(nd.dentry, nd.mnt, length, 0); |
+ error = ccs_truncate_permission(nd.dentry, nd.mnt); |
535 |
+ if (!error) |
+ if (!error) |
536 |
error = locks_verify_truncate(inode, NULL, length); |
error = locks_verify_truncate(inode, NULL, length); |
537 |
if (!error) { |
if (!error) { |
541 |
if (IS_APPEND(inode)) |
if (IS_APPEND(inode)) |
542 |
goto out_putf; |
goto out_putf; |
543 |
- |
- |
544 |
+ error = ccs_truncate_permission(dentry, file->f_vfsmnt, length, 0); |
+ error = ccs_truncate_permission(dentry, file->f_vfsmnt); |
545 |
+ if (error) |
+ if (error) |
546 |
+ goto out_putf; |
+ goto out_putf; |
547 |
error = locks_verify_truncate(inode, file, length); |
error = locks_verify_truncate(inode, file, length); |
629 |
if (entry) |
if (entry) |
630 |
entry->proc_fops = &proc_sysrq_trigger_operations; |
entry->proc_fops = &proc_sysrq_trigger_operations; |
631 |
#endif |
#endif |
632 |
+ printk(KERN_INFO "Hook version: 2.6.15-cat_20080502 2010/07/21\n"); |
+ printk(KERN_INFO "Hook version: 2.6.15-cat_20080502 2010/07/26\n"); |
633 |
} |
} |
634 |
--- linux-2.6.15-cat.orig/include/linux/init_task.h |
--- linux-2.6.15-cat.orig/include/linux/init_task.h |
635 |
+++ linux-2.6.15-cat/include/linux/init_task.h |
+++ linux-2.6.15-cat/include/linux/init_task.h |