オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.16-vine-linux-4.2.diff

Annotation of /trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.16-vine-linux-4.2.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 2279 - (hide annotations) (download) (as text)
Wed Mar 18 09:16:37 2009 UTC (15 years, 2 months ago) by kumaneko
Original Path: trunk/1.6.x/ccs-patch/patches/ccs-patch-2.6.16-vine-linux-4.2.diff
File MIME type: text/x-diff
File size: 51369 byte(s) 
Fix misplaced ccs_capable() for kernel 2.6.8 and kernel 2.6.9 . Add ccs_check_ioctl_permission() for TOMOYO 1.6.7 .
1 kumaneko 1498 This is TOMOYO Linux patch for VineLinux 4.2.
2    
3 kumaneko 2069 Source code for this patch is http://updates.vinelinux.org/Vine-4.2/updates/SRPMS/kernel-2.6.16-76.40vl4.src.rpm
4 kumaneko 1498 ---
5 kumaneko 2278 arch/alpha/kernel/ptrace.c | 7 ++
6     arch/ia64/ia32/sys_ia32.c | 7 ++
7     arch/ia64/kernel/ptrace.c | 7 ++
8     arch/m32r/kernel/ptrace.c | 7 ++
9     arch/mips/kernel/ptrace32.c | 7 ++
10     arch/powerpc/kernel/ptrace32.c | 7 ++
11     arch/s390/kernel/ptrace.c | 7 ++
12     arch/sparc/kernel/ptrace.c | 9 +++
13     arch/sparc64/kernel/ptrace.c | 9 +++
14     arch/x86_64/ia32/ptrace32.c | 7 ++
15 kumaneko 1498 fs/Kconfig | 2
16     fs/Makefile | 2
17     fs/attr.c | 19 ++++++
18 kumaneko 2279 fs/compat.c | 15 ++++-
19 kumaneko 1498 fs/exec.c | 21 ++++++-
20     fs/fcntl.c | 9 +++
21 kumaneko 2279 fs/ioctl.c | 11 +++
22 kumaneko 1498 fs/namei.c | 118 ++++++++++++++++++++++++++++++++++++++++
23     fs/namespace.c | 50 ++++++++++++++++
24     fs/open.c | 29 +++++++++
25     fs/proc/Makefile | 3 +
26     fs/proc/proc_misc.c | 5 +
27     include/linux/init_task.h | 4 +
28     include/linux/sched.h | 9 +++
29     kernel/compat.c | 7 ++
30     kernel/kexec.c | 7 ++
31     kernel/kmod.c | 5 +
32     kernel/module.c | 13 +++-
33 kumaneko 2278 kernel/ptrace.c | 7 ++
34 kumaneko 1498 kernel/sched.c | 7 ++
35     kernel/signal.c | 21 +++++++
36     kernel/sys.c | 21 +++++++
37     kernel/sysctl.c | 111 +++++++++++++++++++++++++++++++++++++
38     kernel/time.c | 15 +++++
39     net/core/datagram.c | 11 +++
40     net/ipv4/inet_connection_sock.c | 7 ++
41     net/ipv4/inet_hashtables.c | 7 ++
42     net/ipv4/udp.c | 11 +++
43     net/ipv6/inet6_hashtables.c | 9 ++-
44     net/ipv6/udp.c | 11 +++
45     net/socket.c | 43 +++++++++++++-
46     net/unix/af_unix.c | 15 +++++
47 kumaneko 2279 42 files changed, 689 insertions(+), 10 deletions(-)
48 kumaneko 1498
49 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/arch/alpha/kernel/ptrace.c
50     +++ linux-2.6.16-76.40vl4/arch/alpha/kernel/ptrace.c
51 kumaneko 1498 @@ -20,6 +20,9 @@
52     #include <asm/pgtable.h>
53     #include <asm/system.h>
54     #include <asm/fpu.h>
55     +/***** TOMOYO Linux start. *****/
56     +#include <linux/tomoyo.h>
57     +/***** TOMOYO Linux end. *****/
58    
59     #include "proto.h"
60    
61 kumaneko 2278 @@ -268,6 +271,10 @@ do_sys_ptrace(long request, long pid, lo
62 kumaneko 1498 unsigned long tmp;
63     size_t copied;
64     long ret;
65     + /***** TOMOYO Linux start. *****/
66     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
67     + return -EPERM;
68     + /***** TOMOYO Linux end. *****/
69    
70     lock_kernel();
71     DBG(DBG_MEM, ("request=%ld pid=%ld addr=0x%lx data=0x%lx\n",
72 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/arch/ia64/ia32/sys_ia32.c
73     +++ linux-2.6.16-76.40vl4/arch/ia64/ia32/sys_ia32.c
74 kumaneko 1498 @@ -58,6 +58,9 @@
75     #include <asm/types.h>
76     #include <asm/uaccess.h>
77     #include <asm/unistd.h>
78     +/***** TOMOYO Linux start. *****/
79     +#include <linux/tomoyo.h>
80     +/***** TOMOYO Linux end. *****/
81    
82     #include "ia32priv.h"
83    
84 kumaneko 2278 @@ -1755,6 +1758,10 @@ sys32_ptrace (int request, pid_t pid, un
85 kumaneko 1498 struct task_struct *child;
86     unsigned int value, tmp;
87     long i, ret;
88     + /***** TOMOYO Linux start. *****/
89     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
90     + return -EPERM;
91     + /***** TOMOYO Linux end. *****/
92    
93     lock_kernel();
94     if (request == PTRACE_TRACEME) {
95 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/arch/ia64/kernel/ptrace.c
96     +++ linux-2.6.16-76.40vl4/arch/ia64/kernel/ptrace.c
97 kumaneko 1498 @@ -29,6 +29,9 @@
98     #ifdef CONFIG_PERFMON
99     #include <asm/perfmon.h>
100     #endif
101     +/***** TOMOYO Linux start. *****/
102     +#include <linux/tomoyo.h>
103     +/***** TOMOYO Linux end. *****/
104    
105     #include "entry.h"
106    
107 kumaneko 2278 @@ -1418,6 +1421,10 @@ sys_ptrace (long request, pid_t pid, uns
108 kumaneko 1498 struct task_struct *child;
109     struct switch_stack *sw;
110     long ret;
111     + /***** TOMOYO Linux start. *****/
112     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
113     + return -EPERM;
114     + /***** TOMOYO Linux end. *****/
115    
116     lock_kernel();
117     ret = -EPERM;
118 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/arch/m32r/kernel/ptrace.c
119     +++ linux-2.6.16-76.40vl4/arch/m32r/kernel/ptrace.c
120 kumaneko 1498 @@ -33,6 +33,9 @@
121     #include <asm/system.h>
122     #include <asm/processor.h>
123     #include <asm/mmu_context.h>
124     +/***** TOMOYO Linux start. *****/
125     +#include <linux/tomoyo.h>
126     +/***** TOMOYO Linux end. *****/
127    
128     /*
129     * This routine will get a word off of the process kernel stack.
130 kumaneko 2278 @@ -743,6 +746,10 @@ asmlinkage long sys_ptrace(long request,
131 kumaneko 1498 {
132     struct task_struct *child;
133     int ret;
134     + /***** TOMOYO Linux start. *****/
135     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
136     + return -EPERM;
137     + /***** TOMOYO Linux end. *****/
138    
139     lock_kernel();
140     if (request == PTRACE_TRACEME) {
141 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/arch/mips/kernel/ptrace32.c
142     +++ linux-2.6.16-76.40vl4/arch/mips/kernel/ptrace32.c
143 kumaneko 1498 @@ -35,6 +35,9 @@
144     #include <asm/system.h>
145     #include <asm/uaccess.h>
146     #include <asm/bootinfo.h>
147     +/***** TOMOYO Linux start. *****/
148     +#include <linux/tomoyo.h>
149     +/***** TOMOYO Linux end. *****/
150    
151     int ptrace_getregs (struct task_struct *child, __s64 __user *data);
152     int ptrace_setregs (struct task_struct *child, __s64 __user *data);
153 kumaneko 2278 @@ -50,6 +53,10 @@ asmlinkage int sys32_ptrace(int request,
154 kumaneko 1498 {
155     struct task_struct *child;
156     int ret;
157     + /***** TOMOYO Linux start. *****/
158     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
159     + return -EPERM;
160     + /***** TOMOYO Linux end. *****/
161    
162     #if 0
163     printk("ptrace(r=%d,pid=%d,addr=%08lx,data=%08lx)\n",
164 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/arch/powerpc/kernel/ptrace32.c
165     +++ linux-2.6.16-76.40vl4/arch/powerpc/kernel/ptrace32.c
166 kumaneko 1498 @@ -33,6 +33,9 @@
167     #include <asm/page.h>
168     #include <asm/pgtable.h>
169     #include <asm/system.h>
170     +/***** TOMOYO Linux start. *****/
171     +#include <linux/tomoyo.h>
172     +/***** TOMOYO Linux end. *****/
173    
174     #include "ptrace-common.h"
175    
176 kumaneko 2278 @@ -46,6 +49,10 @@ long compat_sys_ptrace(int request, int
177 kumaneko 1498 {
178     struct task_struct *child;
179     int ret;
180     + /***** TOMOYO Linux start. *****/
181     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
182     + return -EPERM;
183     + /***** TOMOYO Linux end. *****/
184    
185     lock_kernel();
186     if (request == PTRACE_TRACEME) {
187 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/arch/s390/kernel/ptrace.c
188     +++ linux-2.6.16-76.40vl4/arch/s390/kernel/ptrace.c
189 kumaneko 1498 @@ -41,6 +41,9 @@
190     #include <asm/system.h>
191     #include <asm/uaccess.h>
192     #include <asm/unistd.h>
193     +/***** TOMOYO Linux start. *****/
194     +#include <linux/tomoyo.h>
195     +/***** TOMOYO Linux end. *****/
196    
197     #ifdef CONFIG_COMPAT
198     #include "compat_ptrace.h"
199 kumaneko 2278 @@ -711,6 +714,10 @@ sys_ptrace(long request, long pid, long
200 kumaneko 1498 struct task_struct *child;
201     int ret;
202    
203     + /***** TOMOYO Linux start. *****/
204     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
205     + return -EPERM;
206     + /***** TOMOYO Linux end. *****/
207     lock_kernel();
208     if (request == PTRACE_TRACEME) {
209     ret = ptrace_traceme();
210 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/arch/sparc/kernel/ptrace.c
211     +++ linux-2.6.16-76.40vl4/arch/sparc/kernel/ptrace.c
212 kumaneko 1498 @@ -23,6 +23,9 @@
213     #include <asm/pgtable.h>
214     #include <asm/system.h>
215     #include <asm/uaccess.h>
216     +/***** TOMOYO Linux start. *****/
217     +#include <linux/tomoyo.h>
218     +/***** TOMOYO Linux end. *****/
219    
220     #define MAGIC_CONSTANT 0x80000000
221    
222 kumaneko 2278 @@ -267,6 +270,12 @@ asmlinkage void do_ptrace(struct pt_regs
223 kumaneko 1498 unsigned long addr2 = regs->u_regs[UREG_I4];
224     struct task_struct *child;
225     int ret;
226     + /***** TOMOYO Linux start. *****/
227     + if (!ccs_capable(TOMOYO_SYS_PTRACE)) {
228     + pt_error_return(regs, EPERM);
229     + return;
230     + }
231     + /***** TOMOYO Linux end. *****/
232    
233     lock_kernel();
234     #ifdef DEBUG_PTRACE
235 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/arch/sparc64/kernel/ptrace.c
236     +++ linux-2.6.16-76.40vl4/arch/sparc64/kernel/ptrace.c
237 kumaneko 1498 @@ -32,6 +32,9 @@
238     #include <asm/spitfire.h>
239     #include <asm/page.h>
240     #include <asm/cpudata.h>
241     +/***** TOMOYO Linux start. *****/
242     +#include <linux/tomoyo.h>
243     +/***** TOMOYO Linux end. *****/
244    
245     /* Returning from ptrace is a bit tricky because the syscall return
246     * low level code assumes any value returned which is negative and
247 kumaneko 2278 @@ -173,6 +176,12 @@ asmlinkage void do_ptrace(struct pt_regs
248 kumaneko 1498 unsigned long addr2 = regs->u_regs[UREG_I4];
249     struct task_struct *child;
250     int ret;
251     + /***** TOMOYO Linux start. *****/
252     + if (!ccs_capable(TOMOYO_SYS_PTRACE)) {
253     + pt_error_return(regs, EPERM);
254     + return;
255     + }
256     + /***** TOMOYO Linux end. *****/
257    
258     if (test_thread_flag(TIF_32BIT)) {
259     addr &= 0xffffffffUL;
260 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/arch/x86_64/ia32/ptrace32.c
261     +++ linux-2.6.16-76.40vl4/arch/x86_64/ia32/ptrace32.c
262 kumaneko 1498 @@ -27,6 +27,9 @@
263     #include <asm/debugreg.h>
264     #include <asm/i387.h>
265     #include <asm/fpu32.h>
266     +/***** TOMOYO Linux start. *****/
267     +#include <linux/tomoyo.h>
268     +/***** TOMOYO Linux end. *****/
269    
270     /*
271     * Determines which flags the user has access to [1 = access, 0 = no access].
272 kumaneko 2278 @@ -206,6 +209,10 @@ asmlinkage long sys32_ptrace(long reques
273 kumaneko 1498 void __user *datap = compat_ptr(data);
274     int ret;
275     __u32 val;
276     + /***** TOMOYO Linux start. *****/
277     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
278     + return -EPERM;
279     + /***** TOMOYO Linux end. *****/
280    
281     switch (request) {
282     default:
283 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/Kconfig
284     +++ linux-2.6.16-76.40vl4/fs/Kconfig
285 kumaneko 1498 @@ -1906,5 +1906,7 @@ endmenu
286    
287     source "fs/nls/Kconfig"
288    
289     +source "fs/Kconfig.ccs"
290     +
291     endmenu
292    
293 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/Makefile
294     +++ linux-2.6.16-76.40vl4/fs/Makefile
295 kumaneko 1498 @@ -106,3 +106,5 @@ obj-$(CONFIG_CONFIGFS_FS) += configfs/
296     obj-$(CONFIG_OCFS2_FS) += ocfs2/
297     obj-$(CONFIG_SUPERMOUNT) += supermount/
298     obj-$(CONFIG_UNION_FS) += unionfs/
299     +
300     +include $(srctree)/fs/Makefile-2.6.ccs
301 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/attr.c
302     +++ linux-2.6.16-76.40vl4/fs/attr.c
303 kumaneko 1498 @@ -15,6 +15,9 @@
304     #include <linux/fcntl.h>
305     #include <linux/quotaops.h>
306     #include <linux/security.h>
307     +/***** TOMOYO Linux start. *****/
308     +#include <linux/tomoyo.h>
309     +/***** TOMOYO Linux end. *****/
310    
311     /* Taken over from the old code... */
312    
313     @@ -145,12 +148,28 @@ int notify_change(struct dentry * dentry
314    
315     if (inode->i_op && inode->i_op->setattr) {
316     error = security_inode_setattr(dentry, attr);
317     + /***** TOMOYO Linux start. *****/
318     + if (!error && (ia_valid & ATTR_MODE) &&
319     + !ccs_capable(TOMOYO_SYS_CHMOD))
320     + error = -EPERM;
321     + if (!error && (ia_valid & (ATTR_UID | ATTR_GID)) &&
322     + !ccs_capable(TOMOYO_SYS_CHOWN))
323     + error = -EPERM;
324     + /***** TOMOYO Linux end. *****/
325     if (!error)
326     error = inode->i_op->setattr(dentry, attr);
327     } else {
328     error = inode_change_ok(inode, attr);
329     if (!error)
330     error = security_inode_setattr(dentry, attr);
331     + /***** TOMOYO Linux start. *****/
332     + if (!error && (ia_valid & ATTR_MODE) &&
333     + !ccs_capable(TOMOYO_SYS_CHMOD))
334     + error = -EPERM;
335     + if (!error && (ia_valid & (ATTR_UID | ATTR_GID)) &&
336     + !ccs_capable(TOMOYO_SYS_CHOWN))
337     + error = -EPERM;
338     + /***** TOMOYO Linux end. *****/
339     if (!error) {
340     if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
341     (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid))
342 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/compat.c
343     +++ linux-2.6.16-76.40vl4/fs/compat.c
344 kumaneko 1498 @@ -52,6 +52,9 @@
345     #include <asm/uaccess.h>
346     #include <asm/mmu_context.h>
347     #include <asm/ioctls.h>
348     +/***** TOMOYO Linux start. *****/
349     +#include <linux/tomoyo.h>
350     +/***** TOMOYO Linux end. *****/
351    
352     extern void sigset_from_compat(sigset_t *set, compat_sigset_t *compat);
353    
354 kumaneko 2279 @@ -381,6 +384,10 @@ asmlinkage long compat_sys_ioctl(unsigne
355    
356     /* RED-PEN how should LSM module know it's handling 32bit? */
357     error = security_file_ioctl(filp, cmd, arg);
358     + /***** TOMOYO Linux start. *****/
359     + if (!error)
360     + error = ccs_check_ioctl_permission(filp, cmd, arg);
361     + /***** TOMOYO Linux end. *****/
362     if (error)
363     goto out_fput;
364    
365     @@ -405,6 +412,12 @@ asmlinkage long compat_sys_ioctl(unsigne
366 kumaneko 1498 /*FALL THROUGH*/
367    
368     default:
369     + /***** TOMOYO Linux start. *****/
370     + if (!ccs_capable(TOMOYO_SYS_IOCTL)) {
371     + error = -EPERM;
372     + goto out_fput;
373     + }
374     + /***** TOMOYO Linux end. *****/
375     if (filp->f_op && filp->f_op->compat_ioctl) {
376     error = filp->f_op->compat_ioctl(filp, cmd, arg);
377     if (error != -ENOIOCTLCMD)
378 kumaneko 2279 @@ -1532,7 +1545,7 @@ int compat_do_execve(char * filename,
379 kumaneko 1498 if (retval < 0)
380     goto out;
381    
382     - retval = search_binary_handler(bprm, regs);
383     + retval = search_binary_handler_with_transition(bprm, regs);
384     if (retval >= 0) {
385     free_arg_pages(bprm);
386    
387 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/exec.c
388     +++ linux-2.6.16-76.40vl4/fs/exec.c
389 kumaneko 1498 @@ -57,6 +57,10 @@
390     #include <linux/kmod.h>
391     #endif
392    
393     +/***** TOMOYO Linux start. *****/
394     +#include <linux/tomoyo.h>
395     +/***** TOMOYO Linux end. *****/
396     +
397     int core_uses_pid;
398     char core_pattern[65] = "core";
399     int suid_dumpable = 0;
400     @@ -139,6 +143,13 @@ asmlinkage long sys_uselib(const char __
401     if (error)
402     goto exit;
403    
404     + /***** TOMOYO Linux start. *****/
405     + /* 01 means "read". */
406     + error = ccs_check_open_permission(nd.dentry, nd.mnt, 01);
407     + if (error)
408     + goto exit;
409     + /***** TOMOYO Linux end. *****/
410     +
411     file = nameidata_to_filp(&nd, O_RDONLY);
412     error = PTR_ERR(file);
413     if (IS_ERR(file))
414     @@ -488,6 +499,13 @@ struct file *open_exec(const char *name)
415     int err = vfs_permission(&nd, MAY_EXEC);
416     if (!err && !(inode->i_mode & 0111))
417     err = -EACCES;
418     + /***** TOMOYO Linux start. *****/
419     + if (!err && (current->tomoyo_flags &
420     + TOMOYO_CHECK_READ_FOR_OPEN_EXEC))
421     + /* 01 means "read". */
422     + err = ccs_check_open_permission(nd.dentry,
423     + nd.mnt, 01);
424     + /***** TOMOYO Linux end. *****/
425     file = ERR_PTR(err);
426     if (!err) {
427     file = nameidata_to_filp(&nd, O_RDONLY);
428     @@ -1201,7 +1219,8 @@ int do_execve(char * filename,
429     if (retval < 0)
430     goto out;
431    
432     - retval = search_binary_handler(bprm,regs);
433     + retval = search_binary_handler_with_transition(bprm, regs);
434     +
435     if (retval >= 0) {
436     free_arg_pages(bprm);
437    
438 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/fcntl.c
439     +++ linux-2.6.16-76.40vl4/fs/fcntl.c
440 kumaneko 1498 @@ -22,6 +22,9 @@
441     #include <asm/poll.h>
442     #include <asm/siginfo.h>
443     #include <asm/uaccess.h>
444     +/***** TOMOYO Linux start. *****/
445     +#include <linux/tomoyo.h>
446     +/***** TOMOYO Linux end. *****/
447    
448     void fastcall set_close_on_exec(unsigned int fd, int flag)
449     {
450     @@ -215,6 +218,12 @@ static int setfl(int fd, struct file * f
451     if (((arg ^ filp->f_flags) & O_APPEND) && IS_APPEND(inode))
452     return -EPERM;
453    
454     + /***** TOMOYO Linux start. *****/
455     + if (((arg ^ filp->f_flags) & O_APPEND) &&
456     + ccs_check_rewrite_permission(filp))
457     + return -EPERM;
458     + /***** TOMOYO Linux end. *****/
459     +
460     /* O_NOATIME can only be set by the owner or superuser */
461     if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
462     if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
463 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/ioctl.c
464     +++ linux-2.6.16-76.40vl4/fs/ioctl.c
465 kumaneko 1498 @@ -16,6 +16,9 @@
466    
467     #include <asm/uaccess.h>
468     #include <asm/ioctls.h>
469     +/***** TOMOYO Linux start. *****/
470     +#include <linux/tomoyo.h>
471     +/***** TOMOYO Linux end. *****/
472    
473     static long do_ioctl(struct file *filp, unsigned int cmd,
474     unsigned long arg)
475     @@ -24,6 +27,10 @@ static long do_ioctl(struct file *filp,
476    
477     if (!filp->f_op)
478     goto out;
479     + /***** TOMOYO Linux start. *****/
480     + if (!ccs_capable(TOMOYO_SYS_IOCTL))
481     + return -EPERM;
482     + /***** TOMOYO Linux end. *****/
483    
484     if (filp->f_op->unlocked_ioctl) {
485     error = filp->f_op->unlocked_ioctl(filp, cmd, arg);
486 kumaneko 2279 @@ -168,6 +175,10 @@ asmlinkage long sys_ioctl(unsigned int f
487     goto out;
488    
489     error = security_file_ioctl(filp, cmd, arg);
490     + /***** TOMOYO Linux start. *****/
491     + if (!error)
492     + error = ccs_check_ioctl_permission(filp, cmd, arg);
493     + /***** TOMOYO Linux end. *****/
494     if (error)
495     goto out_fput;
496    
497 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/namei.c
498     +++ linux-2.6.16-76.40vl4/fs/namei.c
499 kumaneko 1498 @@ -37,6 +37,10 @@
500    
501     #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
502    
503     +/***** TOMOYO Linux start. *****/
504     +#include <linux/tomoyo.h>
505     +/***** TOMOYO Linux end. *****/
506     +
507     /* [Feb-1997 T. Schoebel-Theuer]
508     * Fundamental changes in the pathname lookup mechanisms (namei)
509     * were necessary because of omirr. The reason is that omirr needs
510 kumaneko 2069 @@ -1484,6 +1488,13 @@ int vfs_create(struct inode *dir, struct
511 kumaneko 1498 error = security_inode_create(dir, dentry, mode);
512     if (error)
513     return error;
514     + /***** TOMOYO Linux start. *****/
515     + if (nd) {
516     + error = ccs_check_1path_perm(TYPE_CREATE_ACL, dentry, nd->mnt);
517     + if (error)
518     + return error;
519     + }
520     + /***** TOMOYO Linux end. *****/
521     DQUOT_INIT(dir);
522     error = dir->i_op->create(dir, dentry, mode, nd);
523     if (!error)
524 kumaneko 2069 @@ -1539,6 +1550,13 @@ int may_open(struct nameidata *nd, int a
525 kumaneko 1498 if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
526     return -EPERM;
527    
528     + /***** TOMOYO Linux start. *****/
529     + /* includes O_APPEND and O_TRUNC checks */
530     + error = ccs_check_open_permission(dentry, nd->mnt, flag);
531     + if (error)
532     + return error;
533     + /***** TOMOYO Linux end. *****/
534     +
535     /*
536     * Ensure there are no outstanding leases on the file.
537     */
538 kumaneko 2069 @@ -1570,6 +1588,9 @@ int may_open(struct nameidata *nd, int a
539 kumaneko 1498 return 0;
540     }
541    
542     +/***** TOMOYO Linux start. *****/
543     +#include <linux/tomoyo_vfs.h>
544     +/***** TOMOYO Linux end. *****/
545     /*
546     * open_namei()
547     *
548 kumaneko 2069 @@ -1834,6 +1855,16 @@ asmlinkage long sys_mknodat(int dfd, con
549 kumaneko 1498
550     if (S_ISDIR(mode))
551     return -EPERM;
552     + /***** TOMOYO Linux start. *****/
553     + if (S_ISCHR(mode) && !ccs_capable(TOMOYO_CREATE_CHAR_DEV))
554     + return -EPERM;
555     + if (S_ISBLK(mode) && !ccs_capable(TOMOYO_CREATE_BLOCK_DEV))
556     + return -EPERM;
557     + if (S_ISFIFO(mode) && !ccs_capable(TOMOYO_CREATE_FIFO))
558     + return -EPERM;
559     + if (S_ISSOCK(mode) && !ccs_capable(TOMOYO_CREATE_UNIX_SOCKET))
560     + return -EPERM;
561     + /***** TOMOYO Linux end. *****/
562     tmp = getname(filename);
563     if (IS_ERR(tmp))
564     return PTR_ERR(tmp);
565 kumaneko 2069 @@ -1852,10 +1883,32 @@ asmlinkage long sys_mknodat(int dfd, con
566 kumaneko 1498 error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd);
567     break;
568     case S_IFCHR: case S_IFBLK:
569     + /***** TOMOYO Linux start. *****/
570     + error = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode);
571     + if (error)
572     + break;
573     + error = ccs_check_1path_perm(S_ISCHR(mode) ?
574     + TYPE_MKCHAR_ACL :
575     + TYPE_MKBLOCK_ACL,
576     + dentry, nd.mnt);
577     + if (error)
578     + break;
579     + /***** TOMOYO Linux end. *****/
580     error = vfs_mknod(nd.dentry->d_inode,dentry,mode,
581     new_decode_dev(dev));
582     break;
583     case S_IFIFO: case S_IFSOCK:
584     + /***** TOMOYO Linux start. *****/
585     + error = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode);
586     + if (error)
587     + break;
588     + error = ccs_check_1path_perm(S_ISFIFO(mode) ?
589     + TYPE_MKFIFO_ACL :
590     + TYPE_MKSOCK_ACL,
591     + dentry, nd.mnt);
592     + if (error)
593     + break;
594     + /***** TOMOYO Linux end. *****/
595     error = vfs_mknod(nd.dentry->d_inode,dentry,mode,0);
596     break;
597     case S_IFDIR:
598 kumaneko 2069 @@ -1920,6 +1973,13 @@ asmlinkage long sys_mkdirat(int dfd, con
599 kumaneko 1498 if (!IS_ERR(dentry)) {
600     if (!IS_POSIXACL(nd.dentry->d_inode))
601     mode &= ~current->fs->umask;
602     + /***** TOMOYO Linux start. *****/
603     + error = pre_vfs_mkdir(nd.dentry->d_inode, dentry);
604     + if (!error)
605     + error = ccs_check_1path_perm(TYPE_MKDIR_ACL,
606     + dentry, nd.mnt);
607     + if (!error)
608     + /***** TOMOYO Linux end. *****/
609     error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
610     dput(dentry);
611     }
612 kumaneko 2069 @@ -2028,6 +2088,13 @@ static long do_rmdir(int dfd, const char
613 kumaneko 1498 dentry = lookup_hash(&nd);
614     error = PTR_ERR(dentry);
615     if (!IS_ERR(dentry)) {
616     + /***** TOMOYO Linux start. *****/
617     + error = pre_vfs_rmdir(nd.dentry->d_inode, dentry);
618     + if (!error)
619     + error = ccs_check_1path_perm(TYPE_RMDIR_ACL, dentry,
620     + nd.mnt);
621     + if (!error)
622     + /***** TOMOYO Linux end. *****/
623     error = vfs_rmdir(nd.dentry->d_inode, dentry);
624     dput(dentry);
625     }
626 kumaneko 2069 @@ -2087,6 +2154,10 @@ static long do_unlinkat(int dfd, const c
627 kumaneko 1498 struct dentry *dentry;
628     struct nameidata nd;
629     struct inode *inode = NULL;
630     + /***** TOMOYO Linux start. *****/
631     + if (!ccs_capable(TOMOYO_SYS_UNLINK))
632     + return -EPERM;
633     + /***** TOMOYO Linux end. *****/
634    
635     name = getname(pathname);
636     if(IS_ERR(name))
637 kumaneko 2069 @@ -2108,6 +2179,14 @@ static long do_unlinkat(int dfd, const c
638 kumaneko 1498 inode = dentry->d_inode;
639     if (inode)
640     atomic_inc(&inode->i_count);
641     + /***** TOMOYO Linux start. *****/
642     + error = pre_vfs_unlink(nd.dentry->d_inode, dentry);
643     + if (error)
644     + goto exit2;
645     + error = ccs_check_1path_perm(TYPE_UNLINK_ACL, dentry, nd.mnt);
646     + if (error)
647     + goto exit2;
648     + /***** TOMOYO Linux end. *****/
649     error = vfs_unlink(nd.dentry->d_inode, dentry);
650     exit2:
651     dput(dentry);
652 kumaneko 2069 @@ -2170,6 +2249,10 @@ asmlinkage long sys_symlinkat(const char
653 kumaneko 1498 int error = 0;
654     char * from;
655     char * to;
656     + /***** TOMOYO Linux start. *****/
657     + if (!ccs_capable(TOMOYO_SYS_SYMLINK))
658     + return -EPERM;
659     + /***** TOMOYO Linux end. *****/
660    
661     from = getname(oldname);
662     if(IS_ERR(from))
663 kumaneko 2069 @@ -2186,6 +2269,13 @@ asmlinkage long sys_symlinkat(const char
664 kumaneko 1498 dentry = lookup_create(&nd, 0);
665     error = PTR_ERR(dentry);
666     if (!IS_ERR(dentry)) {
667     + /***** TOMOYO Linux start. *****/
668     + error = pre_vfs_symlink(nd.dentry->d_inode, dentry);
669     + if (!error)
670     + error = ccs_check_1path_perm(TYPE_SYMLINK_ACL,
671     + dentry, nd.mnt);
672     + if (!error)
673     + /***** TOMOYO Linux end. *****/
674     error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
675     dput(dentry);
676     }
677 kumaneko 2069 @@ -2258,6 +2348,10 @@ asmlinkage long sys_linkat(int olddfd, c
678 kumaneko 1498 struct nameidata nd, old_nd;
679     int error;
680     char * to;
681     + /***** TOMOYO Linux start. *****/
682     + if (!ccs_capable(TOMOYO_SYS_LINK))
683     + return -EPERM;
684     + /***** TOMOYO Linux end. *****/
685    
686     if (flags != 0)
687     return -EINVAL;
688 kumaneko 2069 @@ -2278,6 +2372,15 @@ asmlinkage long sys_linkat(int olddfd, c
689 kumaneko 1498 new_dentry = lookup_create(&nd, 0);
690     error = PTR_ERR(new_dentry);
691     if (!IS_ERR(new_dentry)) {
692     + /***** TOMOYO Linux start. *****/
693     + error = pre_vfs_link(old_nd.dentry, nd.dentry->d_inode,
694     + new_dentry);
695     + if (!error)
696     + error = ccs_check_2path_perm(TYPE_LINK_ACL,
697     + old_nd.dentry, old_nd.mnt,
698     + new_dentry, nd.mnt);
699     + if (!error)
700     + /***** TOMOYO Linux end. *****/
701     error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
702     dput(new_dentry);
703     }
704 kumaneko 2069 @@ -2504,6 +2607,17 @@ static int do_rename(int olddfd, const c
705 kumaneko 1498 if (new_dentry == trap)
706     goto exit5;
707    
708     + /***** TOMOYO Linux start. *****/
709     + error = pre_vfs_rename(old_dir->d_inode, old_dentry,
710     + new_dir->d_inode, new_dentry);
711     + if (error)
712     + goto exit5;
713     + error = ccs_check_2path_perm(TYPE_RENAME_ACL, old_dentry, oldnd.mnt,
714     + new_dentry, newnd.mnt);
715     + if (error)
716     + goto exit5;
717     + /***** TOMOYO Linux end. *****/
718     +
719     error = vfs_rename(old_dir->d_inode, old_dentry,
720     new_dir->d_inode, new_dentry);
721     exit5:
722 kumaneko 2069 @@ -2526,6 +2640,10 @@ asmlinkage long sys_renameat(int olddfd,
723 kumaneko 1498 int error;
724     char * from;
725     char * to;
726     + /***** TOMOYO Linux start. *****/
727     + if (!ccs_capable(TOMOYO_SYS_RENAME))
728     + return -EPERM;
729     + /***** TOMOYO Linux end. *****/
730    
731     from = getname(oldname);
732     if(IS_ERR(from))
733 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/namespace.c
734     +++ linux-2.6.16-76.40vl4/fs/namespace.c
735 kumaneko 1498 @@ -26,6 +26,12 @@
736     #include <asm/uaccess.h>
737     #include <asm/unistd.h>
738     #include "pnode.h"
739     +/***** SAKURA Linux start. *****/
740     +#include <linux/sakura.h>
741     +/***** SAKURA Linux end. *****/
742     +/***** TOMOYO Linux start. *****/
743     +#include <linux/tomoyo.h>
744     +/***** TOMOYO Linux end. *****/
745    
746     extern int __init init_rootfs(void);
747    
748     @@ -509,6 +515,11 @@ static int do_umount(struct vfsmount *mn
749     if (retval)
750     return retval;
751    
752     + /***** SAKURA Linux start. *****/
753     + if (ccs_may_umount(mnt))
754     + return -EPERM;
755     + /***** SAKURA Linux end. *****/
756     +
757     /*
758     * Allow userspace to request a mountpoint be expired rather than
759     * unmounting unconditionally. Unmount only happens if:
760     @@ -597,6 +608,10 @@ asmlinkage long sys_umount(char __user *
761     {
762     struct nameidata nd;
763     int retval;
764     + /***** TOMOYO Linux start. *****/
765     + if (!ccs_capable(TOMOYO_SYS_UMOUNT))
766     + return -EPERM;
767     + /***** TOMOYO Linux end. *****/
768    
769     retval = __user_walk(name, LOOKUP_FOLLOW, &nd);
770     if (retval)
771 kumaneko 2069 @@ -884,6 +899,11 @@ static int do_loopback(struct nameidata
772 kumaneko 1498
773     if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
774     goto out;
775     + /***** SAKURA Linux start. *****/
776     + err = -EPERM;
777     + if (ccs_may_mount(nd))
778     + goto out;
779     + /***** SAKURA Linux end. *****/
780    
781     err = -ENOMEM;
782     if (recurse)
783 kumaneko 2069 @@ -968,7 +988,11 @@ static int do_move_mount(struct nameidat
784 kumaneko 1498 err = -EINVAL;
785     if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
786     goto out;
787     -
788     + /***** SAKURA Linux start. *****/
789     + err = -EPERM;
790     + if (ccs_may_umount(old_nd.mnt) || ccs_may_mount(nd))
791     + goto out;
792     + /***** SAKURA Linux end. *****/
793     err = -ENOENT;
794     mutex_lock(&nd->dentry->d_inode->i_mutex);
795     if (IS_DEADDIR(nd->dentry->d_inode))
796 kumaneko 2069 @@ -1070,6 +1094,11 @@ int do_add_mount(struct vfsmount *newmnt
797 kumaneko 1498 err = -EINVAL;
798     if (S_ISLNK(newmnt->mnt_root->d_inode->i_mode))
799     goto unlock;
800     + /***** SAKURA Linux start. *****/
801     + err = -EPERM;
802     + if (ccs_may_mount(nd))
803     + goto unlock;
804     + /***** SAKURA Linux end. *****/
805    
806     newmnt->mnt_flags = mnt_flags;
807     if ((err = graft_tree(newmnt, nd)))
808 kumaneko 2069 @@ -1287,6 +1316,17 @@ long do_mount(char *dev_name, char *dir_
809 kumaneko 1498 if (data_page)
810     ((char *)data_page)[PAGE_SIZE - 1] = 0;
811    
812     + /***** TOMOYO Linux start. *****/
813     + if (!ccs_capable(TOMOYO_SYS_MOUNT))
814     + return -EPERM;
815     + /***** TOMOYO Linux end. *****/
816     + /***** SAKURA Linux start. *****/
817     + retval = ccs_check_mount_permission(dev_name, dir_name, type_page,
818     + &flags);
819     + if (retval)
820     + return retval;
821     + /***** SAKURA Linux end. *****/
822     +
823     /* Separate the per-mountpoint flags */
824     if (flags & MS_NOSUID)
825     mnt_flags |= MNT_NOSUID;
826 kumaneko 2069 @@ -1585,6 +1625,10 @@ asmlinkage long sys_pivot_root(const cha
827 kumaneko 1498
828     if (!capable(CAP_SYS_ADMIN))
829     return -EPERM;
830     + /***** TOMOYO Linux start. *****/
831     + if (!ccs_capable(TOMOYO_SYS_PIVOT_ROOT))
832     + return -EPERM;
833     + /***** TOMOYO Linux end. *****/
834    
835     lock_kernel();
836    
837 kumaneko 2069 @@ -1601,6 +1645,10 @@ asmlinkage long sys_pivot_root(const cha
838 kumaneko 1498 goto out1;
839    
840     error = security_sb_pivotroot(&old_nd, &new_nd);
841     + /***** SAKURA Linux start. *****/
842     + if (!error)
843     + error = ccs_check_pivot_root_permission(&old_nd, &new_nd);
844     + /***** SAKURA Linux end. *****/
845     if (error) {
846     path_release(&old_nd);
847     goto out1;
848 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/open.c
849     +++ linux-2.6.16-76.40vl4/fs/open.c
850 kumaneko 1498 @@ -30,6 +30,13 @@
851    
852     #include <asm/unistd.h>
853    
854     +/***** SAKURA Linux start. *****/
855     +#include <linux/sakura.h>
856     +/***** SAKURA Linux end. *****/
857     +/***** TOMOYO Linux start. *****/
858     +#include <linux/tomoyo.h>
859     +/***** TOMOYO Linux end. *****/
860     +
861     int vfs_statfs(struct super_block *sb, struct kstatfs *buf)
862     {
863     int retval = -ENODEV;
864 kumaneko 2069 @@ -269,6 +276,10 @@ static long do_sys_truncate(const char _
865 kumaneko 1498 if (error)
866     goto dput_and_out;
867    
868     + /***** TOMOYO Linux start. *****/
869     + error = ccs_check_1path_perm(TYPE_TRUNCATE_ACL, nd.dentry, nd.mnt);
870     + if (!error)
871     + /***** TOMOYO Linux end. *****/
872     error = locks_verify_truncate(inode, NULL, length);
873     if (!error) {
874     DQUOT_INIT(inode);
875 kumaneko 2069 @@ -321,7 +332,11 @@ static long do_sys_ftruncate(unsigned in
876 kumaneko 1498 error = -EPERM;
877     if (IS_APPEND(inode))
878     goto out_putf;
879     -
880     + /***** TOMOYO Linux start. *****/
881     + error = ccs_check_1path_perm(TYPE_TRUNCATE_ACL, dentry, file->f_vfsmnt);
882     + if (error)
883     + goto out_putf;
884     + /***** TOMOYO Linux end. *****/
885     error = locks_verify_truncate(inode, file, length);
886     if (!error)
887     error = do_truncate(dentry, length, 0, file);
888 kumaneko 2069 @@ -610,6 +625,14 @@ asmlinkage long sys_chroot(const char __
889 kumaneko 1498 error = -EPERM;
890     if (!capable(CAP_SYS_CHROOT))
891     goto dput_and_out;
892     + /***** TOMOYO Linux start. *****/
893     + if (!ccs_capable(TOMOYO_SYS_CHROOT))
894     + goto dput_and_out;
895     + /***** TOMOYO Linux end. *****/
896     + /***** SAKURA Linux start. *****/
897     + if (ccs_check_chroot_permission(&nd))
898     + goto dput_and_out;
899     + /***** SAKURA Linux end. *****/
900    
901     set_fs_root(current->fs, nd.mnt, nd.dentry);
902     set_fs_altroot();
903 kumaneko 2069 @@ -1192,6 +1215,10 @@ EXPORT_SYMBOL(sys_close);
904 kumaneko 1498 */
905     asmlinkage long sys_vhangup(void)
906     {
907     + /***** TOMOYO Linux start. *****/
908     + if (!ccs_capable(TOMOYO_SYS_VHANGUP))
909     + return -EPERM;
910     + /***** TOMOYO Linux end. *****/
911     if (capable(CAP_SYS_TTY_CONFIG)) {
912     tty_vhangup(current->signal->tty);
913     return 0;
914 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/proc/Makefile
915     +++ linux-2.6.16-76.40vl4/fs/proc/Makefile
916 kumaneko 1498 @@ -13,3 +13,6 @@ proc-y += inode.o root.o base.o ge
917     proc-$(CONFIG_PROC_KCORE) += kcore.o
918     proc-$(CONFIG_PROC_VMCORE) += vmcore.o
919     proc-$(CONFIG_PROC_DEVICETREE) += proc_devtree.o
920     +
921     +proc-$(CONFIG_SAKURA) += ccs_proc.o
922     +proc-$(CONFIG_TOMOYO) += ccs_proc.o
923 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/fs/proc/proc_misc.c
924     +++ linux-2.6.16-76.40vl4/fs/proc/proc_misc.c
925 kumaneko 1498 @@ -682,4 +682,9 @@ void __init proc_misc_init(void)
926     if (entry)
927     entry->proc_fops = &proc_sysrq_trigger_operations;
928     #endif
929     + /***** CCS start. *****/
930     +#if defined(CONFIG_SAKURA) || defined(CONFIG_TOMOYO)
931 kumaneko 2279 + printk(KERN_INFO "Hook version: 2.6.16-76.40vl4 2009/03/18\n");
932 kumaneko 1498 +#endif
933     + /***** CCS end. *****/
934     }
935 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/include/linux/init_task.h
936     +++ linux-2.6.16-76.40vl4/include/linux/init_task.h
937 kumaneko 1498 @@ -121,6 +121,10 @@ extern struct group_info init_groups;
938     .journal_info = NULL, \
939     .cpu_timers = INIT_CPU_TIMERS(tsk.cpu_timers), \
940     .fs_excl = ATOMIC_INIT(0), \
941     + /***** TOMOYO Linux start. *****/ \
942     + .domain_info = &KERNEL_DOMAIN, \
943     + .tomoyo_flags = 0, \
944     + /***** TOMOYO Linux end. *****/ \
945     }
946    
947    
948 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/include/linux/sched.h
949     +++ linux-2.6.16-76.40vl4/include/linux/sched.h
950 kumaneko 1498 @@ -40,6 +40,11 @@
951    
952     struct exec_domain;
953    
954     +/***** TOMOYO Linux start. *****/
955     +struct domain_info;
956     +extern struct domain_info KERNEL_DOMAIN;
957     +/***** TOMOYO Linux end. *****/
958     +
959     /*
960     * cloning flags:
961     */
962     @@ -871,6 +876,10 @@ struct task_struct {
963     #endif
964     atomic_t fs_excl; /* holding fs exclusive resources */
965     struct rcu_head rcu;
966     + /***** TOMOYO Linux start. *****/
967     + struct domain_info *domain_info;
968     + u32 tomoyo_flags;
969     + /***** TOMOYO Linux end. *****/
970     };
971    
972     static inline pid_t process_group(struct task_struct *tsk)
973 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/kernel/compat.c
974     +++ linux-2.6.16-76.40vl4/kernel/compat.c
975 kumaneko 1498 @@ -23,6 +23,9 @@
976     #include <linux/security.h>
977    
978     #include <asm/uaccess.h>
979     +/***** TOMOYO Linux start. *****/
980     +#include <linux/tomoyo.h>
981     +/***** TOMOYO Linux end. *****/
982    
983     int get_compat_timespec(struct timespec *ts, const struct compat_timespec __user *cts)
984     {
985     @@ -864,6 +867,10 @@ asmlinkage long compat_sys_stime(compat_
986     err = security_settime(&tv, NULL);
987     if (err)
988     return err;
989     + /***** TOMOYO Linux start. *****/
990     + if (!ccs_capable(TOMOYO_SYS_SETTIME))
991     + return -EPERM;
992     + /***** TOMOYO Linux end. *****/
993    
994     do_settimeofday(&tv);
995     return 0;
996 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/kernel/kexec.c
997     +++ linux-2.6.16-76.40vl4/kernel/kexec.c
998 kumaneko 1498 @@ -26,6 +26,9 @@
999     #include <asm/io.h>
1000     #include <asm/system.h>
1001     #include <asm/semaphore.h>
1002     +/***** TOMOYO Linux start. *****/
1003     +#include <linux/tomoyo.h>
1004     +/***** TOMOYO Linux end. *****/
1005    
1006     /* Per cpu memory for storing cpu states in case of system crash. */
1007     note_buf_t* crash_notes;
1008     @@ -922,6 +925,10 @@ asmlinkage long sys_kexec_load(unsigned
1009     /* We only trust the superuser with rebooting the system. */
1010     if (!capable(CAP_SYS_BOOT))
1011     return -EPERM;
1012     + /***** TOMOYO Linux start. *****/
1013     + if (!ccs_capable(TOMOYO_SYS_KEXEC_LOAD))
1014     + return -EPERM;
1015     + /***** TOMOYO Linux end. *****/
1016    
1017     /*
1018     * Verify we have a legal set of flags
1019 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/kernel/kmod.c
1020     +++ linux-2.6.16-76.40vl4/kernel/kmod.c
1021 kumaneko 1498 @@ -150,6 +150,11 @@ static int ____call_usermodehelper(void
1022     /* We can run anywhere, unlike our parent keventd(). */
1023     set_cpus_allowed(current, CPU_MASK_ALL);
1024    
1025     + /***** TOMOYO Linux start. *****/
1026     + current->domain_info = &KERNEL_DOMAIN;
1027     + current->tomoyo_flags = 0;
1028     + /***** TOMOYO Linux end. *****/
1029     +
1030     retval = -EPERM;
1031     if (current->fs->root)
1032     retval = execve(sub_info->path, sub_info->argv,sub_info->envp);
1033 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/kernel/module.c
1034     +++ linux-2.6.16-76.40vl4/kernel/module.c
1035 kumaneko 1498 @@ -42,6 +42,9 @@
1036     #include <asm/uaccess.h>
1037     #include <asm/semaphore.h>
1038     #include <asm/cacheflush.h>
1039     +/***** TOMOYO Linux start. *****/
1040     +#include <linux/tomoyo.h>
1041     +/***** TOMOYO Linux end. *****/
1042    
1043     #if 0
1044     #define DEBUGP printk
1045     @@ -578,7 +581,10 @@ sys_delete_module(const char __user *nam
1046    
1047     if (!capable(CAP_SYS_MODULE))
1048     return -EPERM;
1049     -
1050     + /***** TOMOYO Linux start. *****/
1051     + if (!ccs_capable(TOMOYO_USE_KERNEL_MODULE))
1052     + return -EPERM;
1053     + /***** TOMOYO Linux end. *****/
1054     if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
1055     return -EFAULT;
1056     name[MODULE_NAME_LEN-1] = '\0';
1057     @@ -1931,7 +1937,10 @@ sys_init_module(void __user *umod,
1058     /* Must have permission */
1059     if (!capable(CAP_SYS_MODULE))
1060     return -EPERM;
1061     -
1062     + /***** TOMOYO Linux start. *****/
1063     + if (!ccs_capable(TOMOYO_USE_KERNEL_MODULE))
1064     + return -EPERM;
1065     + /***** TOMOYO Linux end. *****/
1066     /* Only one module load at a time, please */
1067     if (down_interruptible(&module_mutex) != 0)
1068     return -EINTR;
1069 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/kernel/ptrace.c
1070     +++ linux-2.6.16-76.40vl4/kernel/ptrace.c
1071 kumaneko 1498 @@ -21,6 +21,9 @@
1072    
1073     #include <asm/pgtable.h>
1074     #include <asm/uaccess.h>
1075     +/***** TOMOYO Linux start. *****/
1076     +#include <linux/tomoyo.h>
1077     +/***** TOMOYO Linux end. *****/
1078    
1079     /*
1080     * ptrace a task: make the debugger its new parent and
1081 kumaneko 2278 @@ -495,6 +498,10 @@ asmlinkage long sys_ptrace(long request,
1082 kumaneko 1498 /*
1083     * This lock_kernel fixes a subtle race with suid exec
1084     */
1085     + /***** TOMOYO Linux start. *****/
1086     + if (!ccs_capable(TOMOYO_SYS_PTRACE))
1087     + return -EPERM;
1088     + /***** TOMOYO Linux end. *****/
1089     lock_kernel();
1090     if (request == PTRACE_TRACEME) {
1091     ret = ptrace_traceme();
1092 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/kernel/sched.c
1093     +++ linux-2.6.16-76.40vl4/kernel/sched.c
1094 kumaneko 1498 @@ -52,6 +52,9 @@
1095     #include <asm/tlb.h>
1096    
1097     #include <asm/unistd.h>
1098     +/***** TOMOYO Linux start. *****/
1099     +#include <linux/tomoyo.h>
1100     +/***** TOMOYO Linux end. *****/
1101    
1102     /*
1103     * Convert user-nice values [ -20 ... 0 ... 19 ]
1104     @@ -3545,6 +3548,10 @@ asmlinkage long sys_nice(int increment)
1105     {
1106     int retval;
1107     long nice;
1108     + /***** TOMOYO Linux start. *****/
1109     + if (!ccs_capable(TOMOYO_SYS_NICE))
1110     + return -EPERM;
1111     + /***** TOMOYO Linux end. *****/
1112    
1113     /*
1114     * Setpriority might change our priority at the same moment.
1115 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/kernel/signal.c
1116     +++ linux-2.6.16-76.40vl4/kernel/signal.c
1117 kumaneko 1498 @@ -30,6 +30,9 @@
1118     #include <asm/uaccess.h>
1119     #include <asm/unistd.h>
1120     #include <asm/siginfo.h>
1121     +/***** TOMOYO Linux start. *****/
1122     +#include <linux/tomoyo.h>
1123     +/***** TOMOYO Linux end. *****/
1124    
1125     /*
1126     * SLAB caches for signal bits.
1127     @@ -2336,6 +2339,12 @@ asmlinkage long
1128     sys_kill(int pid, int sig)
1129     {
1130     struct siginfo info;
1131     + /***** TOMOYO Linux start. *****/
1132     + if (sig && !ccs_capable(TOMOYO_SYS_KILL))
1133     + return -EPERM;
1134     + if (sig && ccs_check_signal_acl(sig, pid))
1135     + return -EPERM;
1136     + /***** TOMOYO Linux end. *****/
1137    
1138     info.si_signo = sig;
1139     info.si_errno = 0;
1140     @@ -2394,6 +2403,12 @@ asmlinkage long sys_tgkill(int tgid, int
1141     /* This is only valid for single tasks */
1142     if (pid <= 0 || tgid <= 0)
1143     return -EINVAL;
1144     + /***** TOMOYO Linux start. *****/
1145     + if (sig && !ccs_capable(TOMOYO_SYS_KILL))
1146     + return -EPERM;
1147     + if (sig && ccs_check_signal_acl(sig, pid))
1148     + return -EPERM;
1149     + /***** TOMOYO Linux end. *****/
1150    
1151     return do_tkill(tgid, pid, sig);
1152     }
1153     @@ -2407,6 +2422,12 @@ sys_tkill(int pid, int sig)
1154     /* This is only valid for single tasks */
1155     if (pid <= 0)
1156     return -EINVAL;
1157     + /***** TOMOYO Linux start. *****/
1158     + if (sig && !ccs_capable(TOMOYO_SYS_KILL))
1159     + return -EPERM;
1160     + if (sig && ccs_check_signal_acl(sig, pid))
1161     + return -EPERM;
1162     + /***** TOMOYO Linux end. *****/
1163    
1164     return do_tkill(0, pid, sig);
1165     }
1166 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/kernel/sys.c
1167     +++ linux-2.6.16-76.40vl4/kernel/sys.c
1168 kumaneko 1498 @@ -38,6 +38,9 @@
1169     #include <asm/uaccess.h>
1170     #include <asm/io.h>
1171     #include <asm/unistd.h>
1172     +/***** TOMOYO Linux start. *****/
1173     +#include <linux/tomoyo.h>
1174     +/***** TOMOYO Linux end. *****/
1175    
1176     #ifndef SET_UNALIGN_CTL
1177     # define SET_UNALIGN_CTL(a,b) (-EINVAL)
1178     @@ -269,6 +272,12 @@ asmlinkage long sys_setpriority(int whic
1179    
1180     if (which > 2 || which < 0)
1181     goto out;
1182     + /***** TOMOYO Linux start. *****/
1183     + if (!ccs_capable(TOMOYO_SYS_NICE)) {
1184     + error = -EPERM;
1185     + goto out;
1186     + }
1187     + /***** TOMOYO Linux end. *****/
1188    
1189     /* normalize: avoid signed division (rounding problems) */
1190     error = -ESRCH;
1191     @@ -496,6 +505,10 @@ asmlinkage long sys_reboot(int magic1, i
1192     magic2 != LINUX_REBOOT_MAGIC2B &&
1193     magic2 != LINUX_REBOOT_MAGIC2C))
1194     return -EINVAL;
1195     + /***** TOMOYO Linux start. *****/
1196     + if (!ccs_capable(TOMOYO_SYS_REBOOT))
1197     + return -EPERM;
1198     + /***** TOMOYO Linux end. *****/
1199    
1200     /* Instead of trying to make the power_off code look like
1201     * halt when pm_power_off is not set do it the easy way.
1202     @@ -1533,6 +1546,10 @@ asmlinkage long sys_sethostname(char __u
1203     return -EPERM;
1204     if (len < 0 || len > __NEW_UTS_LEN)
1205     return -EINVAL;
1206     + /***** TOMOYO Linux start. *****/
1207     + if (!ccs_capable(TOMOYO_SYS_SETHOSTNAME))
1208     + return -EPERM;
1209     + /***** TOMOYO Linux end. *****/
1210     down_write(&uts_sem);
1211     errno = -EFAULT;
1212     if (!copy_from_user(tmp, name, len)) {
1213     @@ -1578,6 +1595,10 @@ asmlinkage long sys_setdomainname(char _
1214     return -EPERM;
1215     if (len < 0 || len > __NEW_UTS_LEN)
1216     return -EINVAL;
1217     + /***** TOMOYO Linux start. *****/
1218     + if (!ccs_capable(TOMOYO_SYS_SETHOSTNAME))
1219     + return -EPERM;
1220     + /***** TOMOYO Linux end. *****/
1221    
1222     down_write(&uts_sem);
1223     errno = -EFAULT;
1224 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/kernel/sysctl.c
1225     +++ linux-2.6.16-76.40vl4/kernel/sysctl.c
1226 kumaneko 1498 @@ -49,6 +49,9 @@
1227    
1228     #include <asm/uaccess.h>
1229     #include <asm/processor.h>
1230     +/***** TOMOYO Linux start. *****/
1231     +#include <linux/tomoyo.h>
1232     +/***** TOMOYO Linux end. *****/
1233    
1234     extern int proc_nr_files(ctl_table *table, int write, struct file *filp,
1235     void __user *buffer, size_t *lenp, loff_t *ppos);
1236     @@ -1108,6 +1111,100 @@ void __init sysctl_init(void)
1237     #endif
1238     }
1239    
1240     +/***** TOMOYO Linux start. *****/
1241     +static int try_parse_table(int __user *name, int nlen, void __user *oldval,
1242     + void __user *newval, ctl_table *table)
1243     +{
1244     + int n;
1245     + int error = -ENOMEM;
1246     + int op = 0;
1247     + char *buffer = kmalloc(PAGE_SIZE, GFP_KERNEL);
1248     + if (oldval)
1249     + op |= 004;
1250     + if (newval)
1251     + op |= 002;
1252     + if (!op) { /* Neither read nor write */
1253     + error = 0;
1254     + goto out;
1255     + }
1256     + if (!buffer)
1257     + goto out;
1258     + memset(buffer, 0, PAGE_SIZE);
1259     + snprintf(buffer, PAGE_SIZE - 1, "/proc/sys");
1260     + repeat:
1261     + if (!nlen) {
1262     + error = -ENOTDIR;
1263     + goto out;
1264     + }
1265     + if (get_user(n, name)) {
1266     + error = -EFAULT;
1267     + goto out;
1268     + }
1269     + for ( ; table->ctl_name; table++) {
1270     + if (n == table->ctl_name || table->ctl_name == CTL_ANY) {
1271     + int pos = strlen(buffer);
1272     + const char *cp = table->procname;
1273     + error = -ENOMEM;
1274     + if (cp) {
1275     + if (pos + 1 >= PAGE_SIZE - 1)
1276     + goto out;
1277     + buffer[pos++] = '/';
1278     + while (*cp) {
1279     + const unsigned char c
1280     + = *(const unsigned char *) cp;
1281     + if (c == '\\') {
1282     + if (pos + 2 >= PAGE_SIZE - 1)
1283     + goto out;
1284     + buffer[pos++] = '\\';
1285     + buffer[pos++] = '\\';
1286     + } else if (c > ' ' && c < 127) {
1287     + if (pos + 1 >= PAGE_SIZE - 1)
1288     + goto out;
1289     + buffer[pos++] = c;
1290     + } else {
1291     + if (pos + 4 >= PAGE_SIZE - 1)
1292     + goto out;
1293     + buffer[pos++] = '\\';
1294     + buffer[pos++] = (c >> 6) + '0';
1295     + buffer[pos++] = ((c >> 3) & 7)
1296     + + '0';
1297     + buffer[pos++] = (c & 7) + '0';
1298     + }
1299     + cp++;
1300     + }
1301     + } else {
1302     + /* Assume nobody assigns "=\$=" for procname. */
1303     + snprintf(buffer + pos, PAGE_SIZE - pos - 1,
1304     + "/=%d=", table->ctl_name);
1305     + if (!memchr(buffer, '\0', PAGE_SIZE - 2))
1306     + goto out;
1307     + }
1308     + if (table->child) {
1309     + if (table->strategy) {
1310     + /* printk("sysctl='%s'\n", buffer); */
1311     + if (ccs_check_file_perm(buffer, op,
1312     + "sysctl")) {
1313     + error = -EPERM;
1314     + goto out;
1315     + }
1316     + }
1317     + name++;
1318     + nlen--;
1319     + table = table->child;
1320     + goto repeat;
1321     + }
1322     + /* printk("sysctl='%s'\n", buffer); */
1323     + error = ccs_check_file_perm(buffer, op, "sysctl");
1324     + goto out;
1325     + }
1326     + }
1327     + error = -ENOTDIR;
1328     + out:
1329     + kfree(buffer);
1330     + return error;
1331     +}
1332     +/***** TOMOYO Linux end. *****/
1333     +
1334     int do_sysctl(int __user *name, int nlen, void __user *oldval, size_t __user *oldlenp,
1335     void __user *newval, size_t newlen)
1336     {
1337     @@ -1133,6 +1230,11 @@ int do_sysctl(int __user *name, int nlen
1338    
1339     spin_unlock(&sysctl_lock);
1340    
1341     + /***** TOMOYO Linux start. *****/
1342     + error = try_parse_table(name, nlen, oldval, newval,
1343     + head->ctl_table);
1344     + if (!error)
1345     + /***** TOMOYO Linux end. *****/
1346     error = parse_table(name, nlen, oldval, oldlenp,
1347     newval, newlen, head->ctl_table,
1348     &context);
1349     @@ -1205,6 +1307,15 @@ repeat:
1350     if (ctl_perm(table, 001))
1351     return -EPERM;
1352     if (table->strategy) {
1353     + /***** TOMOYO Linux start. *****/
1354     + int op = 0;
1355     + if (oldval)
1356     + op |= 004;
1357     + if (newval)
1358     + op |= 002;
1359     + if (ctl_perm(table, op))
1360     + return -EPERM;
1361     + /***** TOMOYO Linux end. *****/
1362     error = table->strategy(
1363     table, name, nlen,
1364     oldval, oldlenp,
1365 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/kernel/time.c
1366     +++ linux-2.6.16-76.40vl4/kernel/time.c
1367 kumaneko 1498 @@ -39,6 +39,9 @@
1368    
1369     #include <asm/uaccess.h>
1370     #include <asm/unistd.h>
1371     +/***** TOMOYO Linux start. *****/
1372     +#include <linux/tomoyo.h>
1373     +/***** TOMOYO Linux end. *****/
1374    
1375     /*
1376     * The timezone where the local system is located. Used as a default by some
1377     @@ -91,6 +94,10 @@ asmlinkage long sys_stime(time_t __user
1378     err = security_settime(&tv, NULL);
1379     if (err)
1380     return err;
1381     + /***** TOMOYO Linux start. *****/
1382     + if (!ccs_capable(TOMOYO_SYS_SETTIME))
1383     + return -EPERM;
1384     + /***** TOMOYO Linux end. *****/
1385    
1386     do_settimeofday(&tv);
1387     return 0;
1388     @@ -161,6 +168,10 @@ int do_sys_settimeofday(struct timespec
1389     error = security_settime(tv, tz);
1390     if (error)
1391     return error;
1392     + /***** TOMOYO Linux start. *****/
1393     + if (!ccs_capable(TOMOYO_SYS_SETTIME))
1394     + return -EPERM;
1395     + /***** TOMOYO Linux end. *****/
1396    
1397     if (tz) {
1398     /* SMP safe, global irq locking makes it work. */
1399     @@ -239,6 +250,10 @@ int do_adjtimex(struct timex *txc)
1400     /* In order to modify anything, you gotta be super-user! */
1401     if (txc->modes && !capable(CAP_SYS_TIME))
1402     return -EPERM;
1403     + /***** TOMOYO Linux start. *****/
1404     + if (txc->modes && !ccs_capable(TOMOYO_SYS_SETTIME))
1405     + return -EPERM;
1406     + /***** TOMOYO Linux end. *****/
1407    
1408     /* Now we validate the data before disabling interrupts */
1409    
1410 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/net/core/datagram.c
1411     +++ linux-2.6.16-76.40vl4/net/core/datagram.c
1412 kumaneko 1498 @@ -56,6 +56,11 @@
1413     #include <net/sock.h>
1414     #include <net/tcp_states.h>
1415    
1416     +/***** TOMOYO Linux start. *****/
1417     +#include <linux/tomoyo.h>
1418     +#include <linux/tomoyo_socket.h>
1419     +/***** TOMOYO Linux end. *****/
1420     +
1421     /*
1422     * Is a socket 'connection oriented' ?
1423     */
1424     @@ -178,6 +183,12 @@ struct sk_buff *skb_recv_datagram(struct
1425     } else
1426     skb = skb_dequeue(&sk->sk_receive_queue);
1427    
1428     + /***** TOMOYO Linux start. *****/
1429     + error = ccs_socket_recv_datagram_permission(sk, skb, flags);
1430     + if (error)
1431     + goto no_packet;
1432     + /***** TOMOYO Linux end. *****/
1433     +
1434     if (skb)
1435     return skb;
1436    
1437 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/net/ipv4/inet_connection_sock.c
1438     +++ linux-2.6.16-76.40vl4/net/ipv4/inet_connection_sock.c
1439 kumaneko 1498 @@ -24,6 +24,9 @@
1440     #include <net/route.h>
1441     #include <net/tcp_states.h>
1442     #include <net/xfrm.h>
1443     +/***** SAKURA Linux start. *****/
1444     +#include <linux/sakura.h>
1445     +/***** SAKURA Linux end. *****/
1446    
1447     #ifdef INET_CSK_DEBUG
1448     const char inet_csk_timer_bug_msg[] = "inet_csk BUG: unknown timer value\n";
1449     @@ -88,6 +91,10 @@ int inet_csk_get_port(struct inet_hashin
1450     do {
1451     head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];
1452     spin_lock(&head->lock);
1453     + /***** SAKURA Linux start. *****/
1454     + if (ccs_may_autobind(rover))
1455     + goto next;
1456     + /***** SAKURA Linux end. *****/
1457     inet_bind_bucket_for_each(tb, node, &head->chain)
1458     if (tb->port == rover)
1459     goto next;
1460 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/net/ipv4/inet_hashtables.c
1461     +++ linux-2.6.16-76.40vl4/net/ipv4/inet_hashtables.c
1462 kumaneko 1498 @@ -23,6 +23,9 @@
1463     #include <net/inet_connection_sock.h>
1464     #include <net/inet_hashtables.h>
1465     #include <net/ip.h>
1466     +/***** SAKURA Linux start. *****/
1467     +#include <linux/sakura.h>
1468     +/***** SAKURA Linux end. *****/
1469    
1470     /*
1471     * Allocate and initialize a new local port bind bucket.
1472     @@ -268,6 +271,10 @@ int inet_hash_connect(struct inet_timewa
1473     local_bh_disable();
1474     for (i = 1; i <= range; i++) {
1475     port = low + (i + offset) % range;
1476     + /***** SAKURA Linux start. *****/
1477     + if (ccs_may_autobind(port))
1478     + continue;
1479     + /***** SAKURA Linux end. *****/
1480     head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1481     spin_lock(&head->lock);
1482    
1483 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/net/ipv4/udp.c
1484     +++ linux-2.6.16-76.40vl4/net/ipv4/udp.c
1485 kumaneko 1498 @@ -109,6 +109,9 @@
1486     #include <net/inet_common.h>
1487     #include <net/checksum.h>
1488     #include <net/xfrm.h>
1489     +/***** SAKURA Linux start. *****/
1490     +#include <linux/sakura.h>
1491     +/***** SAKURA Linux end. *****/
1492    
1493     /*
1494     * Snmp MIB for the UDP layer
1495     @@ -147,6 +150,10 @@ static int udp_v4_get_port(struct sock *
1496     result = sysctl_local_port_range[0] +
1497     ((result - sysctl_local_port_range[0]) &
1498     (UDP_HTABLE_SIZE - 1));
1499     + /***** SAKURA Linux start. *****/
1500     + if (ccs_may_autobind(result))
1501     + continue;
1502     + /***** SAKURA Linux end. *****/
1503     goto gotit;
1504     }
1505     size = 0;
1506     @@ -163,6 +170,10 @@ static int udp_v4_get_port(struct sock *
1507     result = sysctl_local_port_range[0]
1508     + ((result - sysctl_local_port_range[0]) &
1509     (UDP_HTABLE_SIZE - 1));
1510     + /***** SAKURA Linux start. *****/
1511     + if (ccs_may_autobind(result))
1512     + continue;
1513     + /***** SAKURA Linux end. *****/
1514     if (!udp_lport_inuse(result))
1515     break;
1516     }
1517 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/net/ipv6/inet6_hashtables.c
1518     +++ linux-2.6.16-76.40vl4/net/ipv6/inet6_hashtables.c
1519 kumaneko 1498 @@ -22,6 +22,9 @@
1520     #include <net/inet_hashtables.h>
1521     #include <net/inet6_hashtables.h>
1522     #include <net/ip.h>
1523     +/***** SAKURA Linux start. *****/
1524     +#include <linux/sakura.h>
1525     +/***** SAKURA Linux end. *****/
1526    
1527     struct sock *inet6_lookup_listener(struct inet_hashinfo *hashinfo,
1528     const struct in6_addr *daddr,
1529     @@ -93,7 +96,7 @@ static int __inet6_check_established(str
1530     const struct in6_addr *saddr = &np->daddr;
1531     const int dif = sk->sk_bound_dev_if;
1532     const u32 ports = INET_COMBINED_PORTS(inet->dport, lport);
1533     - const unsigned int hash = inet6_ehashfn(daddr, inet->num, saddr,
1534     + const unsigned int hash = inet6_ehashfn(daddr, lport, saddr,
1535     inet->dport);
1536     struct inet_ehash_bucket *head = inet_ehash_bucket(hinfo, hash);
1537     struct sock *sk2;
1538     @@ -187,6 +190,10 @@ int inet6_hash_connect(struct inet_timew
1539     local_bh_disable();
1540     for (i = 1; i <= range; i++) {
1541     port = low + (i + offset) % range;
1542     + /***** SAKURA Linux start. *****/
1543     + if (ccs_may_autobind(port))
1544     + continue;
1545     + /***** SAKURA Linux end. *****/
1546     head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1547     spin_lock(&head->lock);
1548    
1549 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/net/ipv6/udp.c
1550     +++ linux-2.6.16-76.40vl4/net/ipv6/udp.c
1551 kumaneko 1498 @@ -59,6 +59,9 @@
1552    
1553     #include <linux/proc_fs.h>
1554     #include <linux/seq_file.h>
1555     +/***** SAKURA Linux start. *****/
1556     +#include <linux/sakura.h>
1557     +/***** SAKURA Linux end. *****/
1558    
1559     DEFINE_SNMP_STAT(struct udp_mib, udp_stats_in6) __read_mostly;
1560    
1561     @@ -89,6 +92,10 @@ static int udp_v6_get_port(struct sock *
1562     result = sysctl_local_port_range[0] +
1563     ((result - sysctl_local_port_range[0]) &
1564     (UDP_HTABLE_SIZE - 1));
1565     + /***** SAKURA Linux start. *****/
1566     + if (ccs_may_autobind(result))
1567     + continue;
1568     + /***** SAKURA Linux end. *****/
1569     goto gotit;
1570     }
1571     size = 0;
1572     @@ -105,6 +112,10 @@ static int udp_v6_get_port(struct sock *
1573     result = sysctl_local_port_range[0]
1574     + ((result - sysctl_local_port_range[0]) &
1575     (UDP_HTABLE_SIZE - 1));
1576     + /***** SAKURA Linux start. *****/
1577     + if (ccs_may_autobind(result))
1578     + continue;
1579     + /***** SAKURA Linux end. *****/
1580     if (!udp_lport_inuse(result))
1581     break;
1582     }
1583 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/net/socket.c
1584     +++ linux-2.6.16-76.40vl4/net/socket.c
1585 kumaneko 1498 @@ -97,6 +97,11 @@
1586     #include <net/sock.h>
1587     #include <linux/netfilter.h>
1588    
1589     +/***** TOMOYO Linux start. *****/
1590     +#include <linux/tomoyo.h>
1591     +#include <linux/tomoyo_socket.h>
1592     +/***** TOMOYO Linux end. *****/
1593     +
1594     static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
1595     static ssize_t sock_aio_read(struct kiocb *iocb, char __user *buf,
1596     size_t size, loff_t pos);
1597     @@ -546,7 +551,12 @@ static inline int __sock_sendmsg(struct
1598     err = security_socket_sendmsg(sock, msg, size);
1599     if (err)
1600     return err;
1601     -
1602     + /***** TOMOYO Linux start. *****/
1603     + if (ccs_socket_sendmsg_permission(sock,
1604     + (struct sockaddr *) msg->msg_name,
1605     + msg->msg_namelen))
1606     + return -EPERM;
1607     + /***** TOMOYO Linux end. *****/
1608     return sock->ops->sendmsg(iocb, sock, msg, size);
1609     }
1610    
1611     @@ -1102,6 +1112,12 @@ static int __sock_create(int family, int
1612     family = PF_PACKET;
1613     }
1614    
1615     + /***** TOMOYO Linux start. *****/
1616     + err = ccs_socket_create_permission(family, type, protocol);
1617     + if (err)
1618     + return err;
1619     + /***** TOMOYO Linux end. *****/
1620     +
1621     err = security_socket_create(family, type, protocol, kern);
1622     if (err)
1623     return err;
1624     @@ -1299,6 +1315,12 @@ asmlinkage long sys_bind(int fd, struct
1625     sockfd_put(sock);
1626     return err;
1627     }
1628     + /***** TOMOYO Linux start. *****/
1629     + err = ccs_socket_bind_permission(sock,
1630     + (struct sockaddr *)
1631     + address, addrlen);
1632     + if (!err)
1633     + /***** TOMOYO Linux end. *****/
1634     err = sock->ops->bind(sock, (struct sockaddr *)address, addrlen);
1635     }
1636     sockfd_put(sock);
1637     @@ -1329,7 +1351,10 @@ asmlinkage long sys_listen(int fd, int b
1638     sockfd_put(sock);
1639     return err;
1640     }
1641     -
1642     + /***** TOMOYO Linux start. *****/
1643     + err = ccs_socket_listen_permission(sock);
1644     + if (!err)
1645     + /***** TOMOYO Linux end. *****/
1646     err=sock->ops->listen(sock, backlog);
1647     sockfd_put(sock);
1648     }
1649     @@ -1380,6 +1405,13 @@ asmlinkage long sys_accept(int fd, struc
1650     if (err < 0)
1651     goto out_release;
1652    
1653     + /***** TOMOYO Linux start. *****/
1654     + if (ccs_socket_accept_permission(newsock,
1655     + (struct sockaddr *) address)) {
1656     + err = -ECONNABORTED; /* Hope less harmful than -EPERM. */
1657     + goto out_release;
1658     + }
1659     + /***** TOMOYO Linux end. *****/
1660     if (upeer_sockaddr) {
1661     if(newsock->ops->getname(newsock, (struct sockaddr *)address, &len, 2)<0) {
1662     err = -ECONNABORTED;
1663     @@ -1435,7 +1467,12 @@ asmlinkage long sys_connect(int fd, stru
1664     err = security_socket_connect(sock, (struct sockaddr *)address, addrlen);
1665     if (err)
1666     goto out_put;
1667     -
1668     + /***** TOMOYO Linux start. *****/
1669     + err = ccs_socket_connect_permission(sock, (struct sockaddr *) address,
1670     + addrlen);
1671     + if (err)
1672     + goto out_put;
1673     + /***** TOMOYO Linux end. *****/
1674     err = sock->ops->connect(sock, (struct sockaddr *) address, addrlen,
1675     sock->file->f_flags);
1676     out_put:
1677 kumaneko 2069 --- linux-2.6.16-76.40vl4.orig/net/unix/af_unix.c
1678     +++ linux-2.6.16-76.40vl4/net/unix/af_unix.c
1679 kumaneko 1498 @@ -117,6 +117,9 @@
1680     #include <linux/mount.h>
1681     #include <net/checksum.h>
1682     #include <linux/security.h>
1683     +/***** TOMOYO Linux start. *****/
1684     +#include <linux/tomoyo.h>
1685     +/***** TOMOYO Linux end. *****/
1686    
1687     int sysctl_unix_max_dgram_qlen = 10;
1688    
1689     @@ -738,6 +741,11 @@ static int unix_bind(struct socket *sock
1690     err = unix_autobind(sock);
1691     goto out;
1692     }
1693     + /***** TOMOYO Linux start. *****/
1694     + err = -EPERM;
1695     + if (sunaddr->sun_path[0] && !ccs_capable(TOMOYO_CREATE_UNIX_SOCKET))
1696     + goto out;
1697     + /***** TOMOYO Linux end. *****/
1698    
1699     err = unix_mkname(sunaddr, addr_len, &hash);
1700     if (err < 0)
1701     @@ -781,6 +789,13 @@ static int unix_bind(struct socket *sock
1702     */
1703     mode = S_IFSOCK |
1704     (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
1705     + /***** TOMOYO Linux start. *****/
1706     + err = pre_vfs_mknod(nd.dentry->d_inode, dentry, mode);
1707     + if (!err)
1708     + err = ccs_check_1path_perm(TYPE_MKSOCK_ACL, dentry,
1709     + nd.mnt);
1710     + if (!err)
1711     + /***** TOMOYO Linux end. *****/
1712     err = vfs_mknod(nd.dentry->d_inode, dentry, mode, 0);
1713     if (err)
1714     goto out_mknod_dput;
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ