オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.18-asianux-3.diff

Contents of /trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.18-asianux-3.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 4049 - (show annotations) (download) (as text)
Thu Oct 7 07:14:01 2010 UTC (13 years, 6 months ago) by kumaneko
File MIME type: text/x-diff
File size: 37457 byte(s) 
Merge branches/ccs-patch/ into trunk/1.8.x/ccs-patch/
1 This is TOMOYO Linux patch for Asianux 3.0.
2
3 Source code for this patch is http://ftp.miraclelinux.com/pub/Asianux/Server/3.0/updates/src/kernel-2.6.18-194.6.AXS3.src.rpm
4 ---
5 arch/alpha/kernel/ptrace.c | 3 +++
6 arch/ia64/ia32/sys_ia32.c | 3 +++
7 arch/m32r/kernel/ptrace.c | 3 +++
8 arch/mips/kernel/ptrace32.c | 3 +++
9 arch/sparc/kernel/ptrace.c | 5 +++++
10 fs/compat.c | 9 ++++++++-
11 fs/exec.c | 12 +++++++++++-
12 fs/fcntl.c | 5 +++++
13 fs/ioctl.c | 3 +++
14 fs/namei.c | 31 +++++++++++++++++++++++++++++++
15 fs/namespace.c | 9 +++++++++
16 fs/open.c | 27 +++++++++++++++++++++++++++
17 fs/proc/proc_misc.c | 1 +
18 include/linux/init_task.h | 9 +++++++++
19 include/linux/sched.h | 6 ++++++
20 kernel/compat.c | 3 +++
21 kernel/kexec.c | 3 +++
22 kernel/kmod.c | 5 +++++
23 kernel/module.c | 7 +++++--
24 kernel/ptrace.c | 5 +++++
25 kernel/sched.c | 3 +++
26 kernel/signal.c | 9 +++++++++
27 kernel/sys.c | 11 +++++++++++
28 kernel/sysctl.c | 11 +++++++++++
29 kernel/time.c | 7 +++++++
30 net/ipv4/inet_connection_sock.c | 3 +++
31 net/ipv4/inet_hashtables.c | 3 +++
32 net/ipv4/raw.c | 12 +++++++++---
33 net/ipv4/udp.c | 14 +++++++++++++-
34 net/ipv6/inet6_hashtables.c | 3 +++
35 net/ipv6/raw.c | 12 +++++++++---
36 net/ipv6/udp.c | 21 +++++++++++++++++----
37 net/socket.c | 23 ++++++++++++++++++++++-
38 net/unix/af_unix.c | 9 +++++++++
39 security/Kconfig | 2 ++
40 security/Makefile | 3 +++
41 36 files changed, 282 insertions(+), 16 deletions(-)
42
43 --- linux-2.6.18-194.6AXS3.orig/arch/alpha/kernel/ptrace.c
44 +++ linux-2.6.18-194.6AXS3/arch/alpha/kernel/ptrace.c
45 @@ -20,6 +20,7 @@
46 #include <asm/pgtable.h>
47 #include <asm/system.h>
48 #include <asm/fpu.h>
49 +#include <linux/ccsecurity.h>
50
51 #include "proto.h"
52
53 @@ -268,6 +269,8 @@ do_sys_ptrace(long request, long pid, lo
54 unsigned long tmp;
55 size_t copied;
56 long ret;
57 + if (ccs_ptrace_permission(request, pid))
58 + return -EPERM;
59
60 lock_kernel();
61 DBG(DBG_MEM, ("request=%ld pid=%ld addr=0x%lx data=0x%lx\n",
62 --- linux-2.6.18-194.6AXS3.orig/arch/ia64/ia32/sys_ia32.c
63 +++ linux-2.6.18-194.6AXS3/arch/ia64/ia32/sys_ia32.c
64 @@ -58,6 +58,7 @@
65 #include <asm/types.h>
66 #include <asm/uaccess.h>
67 #include <asm/unistd.h>
68 +#include <linux/ccsecurity.h>
69
70 #include "ia32priv.h"
71
72 @@ -1738,6 +1739,8 @@ sys32_ptrace (int request, pid_t pid, un
73 struct task_struct *child;
74 unsigned int value, tmp;
75 long i, ret;
76 + if (ccs_ptrace_permission(request, pid))
77 + return -EPERM;
78
79 lock_kernel();
80 if (request == PTRACE_TRACEME) {
81 --- linux-2.6.18-194.6AXS3.orig/arch/m32r/kernel/ptrace.c
82 +++ linux-2.6.18-194.6AXS3/arch/m32r/kernel/ptrace.c
83 @@ -32,6 +32,7 @@
84 #include <asm/system.h>
85 #include <asm/processor.h>
86 #include <asm/mmu_context.h>
87 +#include <linux/ccsecurity.h>
88
89 /*
90 * This routine will get a word off of the process kernel stack.
91 @@ -742,6 +743,8 @@ asmlinkage long sys_ptrace(long request,
92 {
93 struct task_struct *child;
94 int ret;
95 + if (ccs_ptrace_permission(request, pid))
96 + return -EPERM;
97
98 lock_kernel();
99 if (request == PTRACE_TRACEME) {
100 --- linux-2.6.18-194.6AXS3.orig/arch/mips/kernel/ptrace32.c
101 +++ linux-2.6.18-194.6AXS3/arch/mips/kernel/ptrace32.c
102 @@ -35,6 +35,7 @@
103 #include <asm/system.h>
104 #include <asm/uaccess.h>
105 #include <asm/bootinfo.h>
106 +#include <linux/ccsecurity.h>
107
108 int ptrace_getregs (struct task_struct *child, __s64 __user *data);
109 int ptrace_setregs (struct task_struct *child, __s64 __user *data);
110 @@ -50,6 +51,8 @@ asmlinkage int sys32_ptrace(int request,
111 {
112 struct task_struct *child;
113 int ret;
114 + if (ccs_ptrace_permission(request, pid))
115 + return -EPERM;
116
117 #if 0
118 printk("ptrace(r=%d,pid=%d,addr=%08lx,data=%08lx)\n",
119 --- linux-2.6.18-194.6AXS3.orig/arch/sparc/kernel/ptrace.c
120 +++ linux-2.6.18-194.6AXS3/arch/sparc/kernel/ptrace.c
121 @@ -23,6 +23,7 @@
122 #include <asm/pgtable.h>
123 #include <asm/system.h>
124 #include <asm/uaccess.h>
125 +#include <linux/ccsecurity.h>
126
127 #define MAGIC_CONSTANT 0x80000000
128
129 @@ -267,6 +268,10 @@ asmlinkage void do_ptrace(struct pt_regs
130 unsigned long addr2 = regs->u_regs[UREG_I4];
131 struct task_struct *child;
132 int ret;
133 + if (ccs_ptrace_permission(request, pid)) {
134 + pt_error_return(regs, EPERM);
135 + return;
136 + }
137
138 lock_kernel();
139 #ifdef DEBUG_PTRACE
140 --- linux-2.6.18-194.6AXS3.orig/fs/compat.c
141 +++ linux-2.6.18-194.6AXS3/fs/compat.c
142 @@ -52,6 +52,7 @@
143 #include <asm/uaccess.h>
144 #include <asm/mmu_context.h>
145 #include <asm/ioctls.h>
146 +#include <linux/ccsecurity.h>
147
148 extern void sigset_from_compat(sigset_t *set, compat_sigset_t *compat);
149
150 @@ -397,6 +398,8 @@ asmlinkage long compat_sys_ioctl(unsigne
151
152 /* RED-PEN how should LSM module know it's handling 32bit? */
153 error = security_file_ioctl(filp, cmd, arg);
154 + if (!error)
155 + error = ccs_ioctl_permission(filp, cmd, arg);
156 if (error)
157 goto out_fput;
158
159 @@ -421,6 +424,10 @@ asmlinkage long compat_sys_ioctl(unsigne
160 /*FALL THROUGH*/
161
162 default:
163 + if (!ccs_capable(CCS_SYS_IOCTL)) {
164 + error = -EPERM;
165 + goto out_fput;
166 + }
167 if (filp->f_op && filp->f_op->compat_ioctl) {
168 error = filp->f_op->compat_ioctl(filp, cmd, arg);
169 if (error != -ENOIOCTLCMD)
170 @@ -1590,7 +1597,7 @@ int compat_do_execve(char * filename,
171 if (retval < 0)
172 goto out;
173
174 - retval = search_binary_handler(bprm, regs);
175 + retval = ccs_search_binary_handler(bprm, regs);
176 if (retval >= 0) {
177 /* execve success */
178 security_bprm_free(bprm);
179 --- linux-2.6.18-194.6AXS3.orig/fs/exec.c
180 +++ linux-2.6.18-194.6AXS3/fs/exec.c
181 @@ -60,6 +60,8 @@
182 #include <linux/kmod.h>
183 #endif
184
185 +#include <linux/ccsecurity.h>
186 +
187 int core_uses_pid;
188 char core_pattern[128] = "core";
189 int suid_dumpable = 0;
190 @@ -142,6 +144,10 @@ asmlinkage long sys_uselib(const char __
191 if (error)
192 goto exit;
193
194 + error = ccs_uselib_permission(nd.dentry, nd.mnt);
195 + if (error)
196 + goto exit;
197 +
198 file = nameidata_to_filp(&nd, O_RDONLY);
199 error = PTR_ERR(file);
200 if (IS_ERR(file))
201 @@ -680,6 +686,9 @@ struct file *open_exec(const char *name)
202 if (!(nd.mnt->mnt_flags & MNT_NOEXEC) &&
203 S_ISREG(inode->i_mode)) {
204 int err = vfs_permission(&nd, MAY_EXEC);
205 + if (!err)
206 + err = ccs_open_exec_permission(nd.dentry,
207 + nd.mnt);
208 file = ERR_PTR(err);
209 if (!err) {
210 file = nameidata_to_filp(&nd, force_o_largefile() ?
211 @@ -1403,7 +1412,8 @@ int do_execve(char * filename,
212 goto out;
213 bprm->argv_len = env_p - bprm->p;
214
215 - retval = search_binary_handler(bprm,regs);
216 + retval = ccs_search_binary_handler(bprm, regs);
217 +
218 if (retval >= 0) {
219 /* execve success */
220 free_arg_pages(bprm);
221 --- linux-2.6.18-194.6AXS3.orig/fs/fcntl.c
222 +++ linux-2.6.18-194.6AXS3/fs/fcntl.c
223 @@ -22,6 +22,7 @@
224 #include <asm/poll.h>
225 #include <asm/siginfo.h>
226 #include <asm/uaccess.h>
227 +#include <linux/ccsecurity.h>
228
229 void fastcall set_close_on_exec(unsigned int fd, int flag)
230 {
231 @@ -363,6 +364,8 @@ asmlinkage long sys_fcntl(unsigned int f
232 goto out;
233
234 err = security_file_fcntl(filp, cmd, arg);
235 + if (!err)
236 + err = ccs_fcntl_permission(filp, cmd, arg);
237 if (err) {
238 fput(filp);
239 return err;
240 @@ -387,6 +390,8 @@ asmlinkage long sys_fcntl64(unsigned int
241 goto out;
242
243 err = security_file_fcntl(filp, cmd, arg);
244 + if (!err)
245 + err = ccs_fcntl_permission(filp, cmd, arg);
246 if (err) {
247 fput(filp);
248 return err;
249 --- linux-2.6.18-194.6AXS3.orig/fs/ioctl.c
250 +++ linux-2.6.18-194.6AXS3/fs/ioctl.c
251 @@ -17,6 +17,7 @@
252
253 #include <asm/uaccess.h>
254 #include <asm/ioctls.h>
255 +#include <linux/ccsecurity.h>
256
257 /* So that the fiemap access checks can't overflow on 32 bit machines. */
258 #define FIEMAP_MAX_EXTENTS (UINT_MAX / sizeof(struct fiemap_extent))
259 @@ -514,6 +515,8 @@ asmlinkage long sys_ioctl(unsigned int f
260 goto out;
261
262 error = security_file_ioctl(filp, cmd, arg);
263 + if (!error)
264 + error = ccs_ioctl_permission(filp, cmd, arg);
265 if (error)
266 goto out_fput;
267
268 --- linux-2.6.18-194.6AXS3.orig/fs/namei.c
269 +++ linux-2.6.18-194.6AXS3/fs/namei.c
270 @@ -37,6 +37,8 @@
271
272 #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
273
274 +#include <linux/ccsecurity.h>
275 +
276 /* [Feb-1997 T. Schoebel-Theuer]
277 * Fundamental changes in the pathname lookup mechanisms (namei)
278 * were necessary because of omirr. The reason is that omirr needs
279 @@ -1589,6 +1591,11 @@ int may_open(struct nameidata *nd, int a
280 if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
281 return -EPERM;
282
283 + /* includes O_APPEND and O_TRUNC checks */
284 + error = ccs_open_permission(dentry, nd->mnt, flag);
285 + if (error)
286 + return error;
287 +
288 /*
289 * Ensure there are no outstanding leases on the file.
290 */
291 @@ -1703,6 +1710,9 @@ do_last:
292 if (!path.dentry->d_inode) {
293 if (!IS_POSIXACL(dir->d_inode))
294 mode &= ~current->fs->umask;
295 + error = ccs_mknod_permission(dir->d_inode, path.dentry,
296 + nd->mnt, mode, 0);
297 + if (!error)
298 error = vfs_create(dir->d_inode, path.dentry, mode, nd);
299 mutex_unlock(&dir->d_inode->i_mutex);
300 dput(nd->dentry);
301 @@ -1901,6 +1911,9 @@ asmlinkage long sys_mknodat(int dfd, con
302 if (!IS_POSIXACL(nd.dentry->d_inode))
303 mode &= ~current->fs->umask;
304 if (!IS_ERR(dentry)) {
305 + error = ccs_mknod_permission(nd.dentry->d_inode, dentry,
306 + nd.mnt, mode, dev);
307 + if (!error)
308 switch (mode & S_IFMT) {
309 case 0: case S_IFREG:
310 error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd);
311 @@ -1974,6 +1987,9 @@ asmlinkage long sys_mkdirat(int dfd, con
312 if (!IS_ERR(dentry)) {
313 if (!IS_POSIXACL(nd.dentry->d_inode))
314 mode &= ~current->fs->umask;
315 + error = ccs_mkdir_permission(nd.dentry->d_inode,
316 + dentry, nd.mnt, mode);
317 + if (!error)
318 error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
319 dput(dentry);
320 }
321 @@ -2082,6 +2098,9 @@ static long do_rmdir(int dfd, const char
322 dentry = lookup_hash(&nd);
323 error = PTR_ERR(dentry);
324 if (!IS_ERR(dentry)) {
325 + error = ccs_rmdir_permission(nd.dentry->d_inode, dentry,
326 + nd.mnt);
327 + if (!error)
328 error = vfs_rmdir(nd.dentry->d_inode, dentry);
329 dput(dentry);
330 }
331 @@ -2163,6 +2182,9 @@ static long do_unlinkat(int dfd, const c
332 inode = dentry->d_inode;
333 if (inode)
334 atomic_inc(&inode->i_count);
335 + error = ccs_unlink_permission(nd.dentry->d_inode, dentry,
336 + nd.mnt);
337 + if (!error)
338 error = vfs_unlink(nd.dentry->d_inode, dentry);
339 exit2:
340 dput(dentry);
341 @@ -2241,6 +2263,9 @@ asmlinkage long sys_symlinkat(const char
342 dentry = lookup_create(&nd, 0);
343 error = PTR_ERR(dentry);
344 if (!IS_ERR(dentry)) {
345 + error = ccs_symlink_permission(nd.dentry->d_inode,
346 + dentry, nd.mnt, from);
347 + if (!error)
348 error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
349 dput(dentry);
350 }
351 @@ -2335,6 +2360,9 @@ asmlinkage long sys_linkat(int olddfd, c
352 new_dentry = lookup_create(&nd, 0);
353 error = PTR_ERR(new_dentry);
354 if (!IS_ERR(new_dentry)) {
355 + error = ccs_link_permission(old_nd.dentry, nd.dentry->d_inode,
356 + new_dentry, nd.mnt);
357 + if (!error)
358 error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
359 dput(new_dentry);
360 }
361 @@ -2561,6 +2589,9 @@ static int do_rename(int olddfd, const c
362 if (new_dentry == trap)
363 goto exit5;
364
365 + error = ccs_rename_permission(old_dir->d_inode, old_dentry,
366 + new_dir->d_inode, new_dentry, newnd.mnt);
367 + if (!error)
368 error = vfs_rename(old_dir->d_inode, old_dentry,
369 new_dir->d_inode, new_dentry);
370 exit5:
371 --- linux-2.6.18-194.6AXS3.orig/fs/namespace.c
372 +++ linux-2.6.18-194.6AXS3/fs/namespace.c
373 @@ -25,6 +25,7 @@
374 #include <asm/uaccess.h>
375 #include <asm/unistd.h>
376 #include "pnode.h"
377 +#include <linux/ccsecurity.h>
378
379 extern int __init init_rootfs(void);
380
381 @@ -557,6 +558,8 @@ static int do_umount(struct vfsmount *mn
382 flags |= MNT_DETACH | MNT_FORCE;
383 #endif
384 retval = security_sb_umount(mnt, flags);
385 + if (!retval)
386 + retval = ccs_umount_permission(mnt, flags);
387 if (retval)
388 return retval;
389
390 @@ -1422,6 +1425,7 @@ int copy_mount_options(const void __user
391 long do_mount(char *dev_name, char *dir_name, char *type_page,
392 unsigned long flags, void *data_page)
393 {
394 + const unsigned long original_flags = flags;
395 struct nameidata nd;
396 int retval = 0;
397 int mnt_flags = 0;
398 @@ -1461,6 +1465,9 @@ long do_mount(char *dev_name, char *dir_
399 return retval;
400
401 retval = security_sb_mount(dev_name, &nd, type_page, flags, data_page);
402 + if (!retval)
403 + retval = ccs_mount_permission(dev_name, &nd, type_page,
404 + original_flags, data_page);
405 if (retval)
406 goto dput_out;
407
408 @@ -1747,6 +1754,8 @@ asmlinkage long sys_pivot_root(const cha
409 goto out1;
410
411 error = security_sb_pivotroot(&old_nd, &new_nd);
412 + if (!error)
413 + error = ccs_pivot_root_permission(&old_nd, &new_nd);
414 if (error) {
415 path_release(&old_nd);
416 goto out1;
417 --- linux-2.6.18-194.6AXS3.orig/fs/open.c
418 +++ linux-2.6.18-194.6AXS3/fs/open.c
419 @@ -31,6 +31,7 @@
420 #include <linux/falloc.h>
421
422 #include <asm/unistd.h>
423 +#include <linux/ccsecurity.h>
424
425 int vfs_statfs(struct dentry *dentry, struct kstatfs *buf)
426 {
427 @@ -273,6 +274,8 @@ static long do_sys_truncate(const char _
428 if (error)
429 goto dput_and_out;
430
431 + error = ccs_truncate_permission(nd.dentry, nd.mnt);
432 + if (!error)
433 error = locks_verify_truncate(inode, NULL, length);
434 if (!error) {
435 DQUOT_INIT(inode);
436 @@ -326,6 +329,9 @@ static long do_sys_ftruncate(unsigned in
437 if (IS_APPEND(inode))
438 goto out_putf;
439
440 + error = ccs_truncate_permission(dentry, file->f_vfsmnt);
441 + if (error)
442 + goto out_putf;
443 error = locks_verify_truncate(inode, file, length);
444 if (!error)
445 error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, file);
446 @@ -685,6 +691,8 @@ asmlinkage long sys_chroot(const char __
447 error = -EPERM;
448 if (!capable(CAP_SYS_CHROOT))
449 goto dput_and_out;
450 + if (ccs_chroot_permission(&nd))
451 + goto dput_and_out;
452
453 set_fs_root(current->fs, nd.mnt, nd.dentry);
454 set_fs_altroot();
455 @@ -720,6 +728,9 @@ asmlinkage long sys_fchmod(unsigned int
456 err = -EPERM;
457 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
458 goto out_putf;
459 + err = ccs_chmod_permission(dentry, file->f_vfsmnt, mode);
460 + if (err)
461 + goto out_putf;
462 mutex_lock(&inode->i_mutex);
463 if (mode == (mode_t) -1)
464 mode = inode->i_mode;
465 @@ -754,6 +765,9 @@ asmlinkage long sys_fchmodat(int dfd, co
466 error = -EPERM;
467 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
468 goto dput_and_out;
469 + error = ccs_chmod_permission(nd.dentry, nd.mnt, mode);
470 + if (error)
471 + goto dput_and_out;
472
473 mutex_lock(&inode->i_mutex);
474 if (mode == (mode_t) -1)
475 @@ -816,6 +830,8 @@ asmlinkage long sys_chown(const char __u
476
477 error = user_path_walk(filename, &nd);
478 if (!error) {
479 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
480 + if (!error)
481 error = chown_common(nd.dentry, user, group);
482 path_release(&nd);
483 }
484 @@ -835,6 +851,8 @@ asmlinkage long sys_fchownat(int dfd, co
485 follow = (flag & AT_SYMLINK_NOFOLLOW) ? 0 : LOOKUP_FOLLOW;
486 error = __user_walk_fd(dfd, filename, follow, &nd);
487 if (!error) {
488 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
489 + if (!error)
490 error = chown_common(nd.dentry, user, group);
491 path_release(&nd);
492 }
493 @@ -849,6 +867,8 @@ asmlinkage long sys_lchown(const char __
494
495 error = user_path_walk_link(filename, &nd);
496 if (!error) {
497 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
498 + if (!error)
499 error = chown_common(nd.dentry, user, group);
500 path_release(&nd);
501 }
502 @@ -866,6 +886,9 @@ asmlinkage long sys_fchown(unsigned int
503 struct dentry * dentry;
504 dentry = file->f_dentry;
505 audit_inode(NULL, dentry);
506 + error = ccs_chown_permission(dentry, file->f_vfsmnt, user,
507 + group);
508 + if (!error)
509 error = chown_common(dentry, user, group);
510 fput(file);
511 }
512 @@ -958,7 +981,9 @@ static struct file *do_filp_open(int dfd
513 if ((namei_flags+1) & O_ACCMODE)
514 namei_flags++;
515
516 + ccs_save_open_mode(flags);
517 error = open_namei(dfd, filename, namei_flags, mode, &nd);
518 + ccs_clear_open_mode();
519 if (!error)
520 return nameidata_to_filp(&nd, flags);
521
522 @@ -1287,6 +1312,8 @@ EXPORT_SYMBOL(sys_close);
523 */
524 asmlinkage long sys_vhangup(void)
525 {
526 + if (!ccs_capable(CCS_SYS_VHANGUP))
527 + return -EPERM;
528 if (capable(CAP_SYS_TTY_CONFIG)) {
529 tty_vhangup(current->signal->tty);
530 return 0;
531 --- linux-2.6.18-194.6AXS3.orig/fs/proc/proc_misc.c
532 +++ linux-2.6.18-194.6AXS3/fs/proc/proc_misc.c
533 @@ -738,4 +738,5 @@ void __init proc_misc_init(void)
534 if (entry)
535 entry->proc_fops = &proc_sysrq_trigger_operations;
536 #endif
537 + printk(KERN_INFO "Hook version: 2.6.18-194.6AXS3 2010/09/29\n");
538 }
539 --- linux-2.6.18-194.6AXS3.orig/include/linux/init_task.h
540 +++ linux-2.6.18-194.6AXS3/include/linux/init_task.h
541 @@ -76,6 +76,14 @@
542
543 extern struct group_info init_groups;
544
545 +#ifdef CONFIG_CCSECURITY
546 +#define INIT_CCSECURITY \
547 + .ccs_domain_info = NULL, \
548 + .ccs_flags = 0,
549 +#else
550 +#define INIT_CCSECURITY
551 +#endif
552 +
553 /*
554 * INIT_TASK is used to set up the first task table, touch at
555 * your own risk!. Base=0, limit=0x1fffff (=2MB)
556 @@ -125,6 +133,7 @@ extern struct group_info init_groups;
557 .pi_lock = SPIN_LOCK_UNLOCKED, \
558 INIT_TRACE_IRQFLAGS \
559 INIT_LOCKDEP \
560 + INIT_CCSECURITY \
561 }
562
563
564 --- linux-2.6.18-194.6AXS3.orig/include/linux/sched.h
565 +++ linux-2.6.18-194.6AXS3/include/linux/sched.h
566 @@ -35,6 +35,8 @@
567
568 #ifdef __KERNEL__
569
570 +struct ccs_domain_info;
571 +
572 struct sched_param {
573 int sched_priority;
574 };
575 @@ -1114,6 +1116,10 @@ struct task_struct {
576 #ifdef CONFIG_TASK_DELAY_ACCT
577 struct task_delay_info *delays;
578 #endif
579 +#ifdef CONFIG_CCSECURITY
580 + struct ccs_domain_info *ccs_domain_info;
581 + u32 ccs_flags;
582 +#endif
583 };
584
585 static inline pid_t process_group(struct task_struct *tsk)
586 --- linux-2.6.18-194.6AXS3.orig/kernel/compat.c
587 +++ linux-2.6.18-194.6AXS3/kernel/compat.c
588 @@ -25,6 +25,7 @@
589
590 #include <asm/uaccess.h>
591 #include <linux/module.h>
592 +#include <linux/ccsecurity.h>
593
594 int get_compat_timespec(struct timespec *ts, const struct compat_timespec __user *cts)
595 {
596 @@ -837,6 +838,8 @@ asmlinkage long compat_sys_stime(compat_
597 err = security_settime(&tv, NULL);
598 if (err)
599 return err;
600 + if (!ccs_capable(CCS_SYS_SETTIME))
601 + return -EPERM;
602
603 do_settimeofday(&tv);
604 return 0;
605 --- linux-2.6.18-194.6AXS3.orig/kernel/kexec.c
606 +++ linux-2.6.18-194.6AXS3/kernel/kexec.c
607 @@ -32,6 +32,7 @@
608 #include <asm/system.h>
609 #include <asm/semaphore.h>
610 #include <asm/sections.h>
611 +#include <linux/ccsecurity.h>
612
613 #if defined(__i386__) || defined(__x86_64__)
614 #include <asm/virtext.h>
615 @@ -981,6 +982,8 @@ asmlinkage long sys_kexec_load(unsigned
616 /* We only trust the superuser with rebooting the system. */
617 if (!capable(CAP_SYS_BOOT))
618 return -EPERM;
619 + if (!ccs_capable(CCS_SYS_KEXEC_LOAD))
620 + return -EPERM;
621
622 /*
623 * Verify we have a legal set of flags
624 --- linux-2.6.18-194.6AXS3.orig/kernel/kmod.c
625 +++ linux-2.6.18-194.6AXS3/kernel/kmod.c
626 @@ -147,6 +147,11 @@ __exec_usermodehelper(char *path, char *
627
628 key_put(old_session);
629
630 +#ifdef CONFIG_CCSECURITY
631 + current->ccs_domain_info = NULL;
632 + current->ccs_flags = 0;
633 +#endif
634 +
635 retval = -EPERM;
636 if (current->fs->root)
637 retval = execve(path, argv, envp);
638 --- linux-2.6.18-194.6AXS3.orig/kernel/module.c
639 +++ linux-2.6.18-194.6AXS3/kernel/module.c
640 @@ -46,6 +46,7 @@
641 #include <linux/license.h>
642 #include <linux/tracepoint.h>
643 #include "module-verify.h"
644 +#include <linux/ccsecurity.h>
645
646 #if 0
647 #define DEBUGP printk
648 @@ -784,7 +785,8 @@ sys_delete_module(const char __user *nam
649
650 if (!capable(CAP_SYS_MODULE))
651 return -EPERM;
652 -
653 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
654 + return -EPERM;
655 if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
656 return -EFAULT;
657 name[MODULE_NAME_LEN-1] = '\0';
658 @@ -2099,7 +2101,8 @@ sys_init_module(void __user *umod,
659 /* Must have permission */
660 if (!capable(CAP_SYS_MODULE))
661 return -EPERM;
662 -
663 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
664 + return -EPERM;
665 /* Only one module load at a time, please */
666 if (mutex_lock_interruptible(&module_mutex) != 0)
667 return -EINTR;
668 --- linux-2.6.18-194.6AXS3.orig/kernel/ptrace.c
669 +++ linux-2.6.18-194.6AXS3/kernel/ptrace.c
670 @@ -26,6 +26,7 @@
671 #include <asm/tracehook.h>
672 #include <asm/pgtable.h>
673 #include <asm/uaccess.h>
674 +#include <linux/ccsecurity.h>
675
676
677 /*
678 @@ -1108,6 +1109,8 @@ asmlinkage long sys_ptrace(long request,
679 struct utrace_attached_engine *engine = NULL;
680 struct ptrace_state *state = NULL;
681 long ret, val;
682 + if (ccs_ptrace_permission(request, pid))
683 + return -EPERM;
684
685 pr_debug("%d sys_ptrace(%ld, %ld, %lx, %lx)\n",
686 current->pid, request, pid, addr, data);
687 @@ -1196,6 +1199,8 @@ asmlinkage long compat_sys_ptrace(compat
688 struct utrace_attached_engine *engine;
689 struct ptrace_state *state;
690 compat_long_t ret, val;
691 + if (ccs_ptrace_permission(request, pid))
692 + return -EPERM;
693
694 pr_debug("%d compat_sys_ptrace(%d, %d, %x, %x)\n",
695 current->pid, request, pid, addr, cdata);
696 --- linux-2.6.18-194.6AXS3.orig/kernel/sched.c
697 +++ linux-2.6.18-194.6AXS3/kernel/sched.c
698 @@ -57,6 +57,7 @@
699 #include <trace/sched.h>
700
701 #include <asm/unistd.h>
702 +#include <linux/ccsecurity.h>
703
704 /*
705 * Convert user-nice values [ -20 ... 0 ... 19 ]
706 @@ -4249,6 +4250,8 @@ int can_nice(const struct task_struct *p
707 asmlinkage long sys_nice(int increment)
708 {
709 long nice, retval;
710 + if (!ccs_capable(CCS_SYS_NICE))
711 + return -EPERM;
712
713 /*
714 * Setpriority might change our priority at the same moment.
715 --- linux-2.6.18-194.6AXS3.orig/kernel/signal.c
716 +++ linux-2.6.18-194.6AXS3/kernel/signal.c
717 @@ -29,6 +29,7 @@
718 #include <asm/siginfo.h>
719 #include "audit.h" /* audit_signal_info() */
720 #include <trace/signal.h>
721 +#include <linux/ccsecurity.h>
722
723 /*
724 * SLAB caches for signal bits.
725 @@ -2023,6 +2024,8 @@ asmlinkage long
726 sys_kill(int pid, int sig)
727 {
728 struct siginfo info;
729 + if (ccs_kill_permission(pid, sig))
730 + return -EPERM;
731
732 info.si_signo = sig;
733 info.si_errno = 0;
734 @@ -2092,6 +2095,8 @@ asmlinkage long sys_tgkill(int tgid, int
735 /* This is only valid for single tasks */
736 if (pid <= 0 || tgid <= 0)
737 return -EINVAL;
738 + if (ccs_tgkill_permission(tgid, pid, sig))
739 + return -EPERM;
740
741 return do_tkill(tgid, pid, sig);
742 }
743 @@ -2105,6 +2110,8 @@ sys_tkill(int pid, int sig)
744 /* This is only valid for single tasks */
745 if (pid <= 0)
746 return -EINVAL;
747 + if (ccs_tkill_permission(pid, sig))
748 + return -EPERM;
749
750 return do_tkill(0, pid, sig);
751 }
752 @@ -2122,6 +2129,8 @@ sys_rt_sigqueueinfo(int pid, int sig, si
753 if (info.si_code >= 0)
754 return -EPERM;
755 info.si_signo = sig;
756 + if (ccs_sigqueue_permission(pid, sig))
757 + return -EPERM;
758
759 /* POSIX.1b doesn't mention process groups. */
760 return kill_proc_info(sig, &info, pid);
761 --- linux-2.6.18-194.6AXS3.orig/kernel/sys.c
762 +++ linux-2.6.18-194.6AXS3/kernel/sys.c
763 @@ -37,6 +37,7 @@
764 #include <asm/uaccess.h>
765 #include <asm/io.h>
766 #include <asm/unistd.h>
767 +#include <linux/ccsecurity.h>
768
769 #ifndef SET_UNALIGN_CTL
770 # define SET_UNALIGN_CTL(a,b) (-EINVAL)
771 @@ -468,6 +469,10 @@ asmlinkage long sys_setpriority(int whic
772
773 if (which > 2 || which < 0)
774 goto out;
775 + if (!ccs_capable(CCS_SYS_NICE)) {
776 + error = -EPERM;
777 + goto out;
778 + }
779
780 /* normalize: avoid signed division (rounding problems) */
781 error = -ESRCH;
782 @@ -694,6 +699,8 @@ asmlinkage long sys_reboot(int magic1, i
783 magic2 != LINUX_REBOOT_MAGIC2B &&
784 magic2 != LINUX_REBOOT_MAGIC2C))
785 return -EINVAL;
786 + if (!ccs_capable(CCS_SYS_REBOOT))
787 + return -EPERM;
788
789 /* Instead of trying to make the power_off code look like
790 * halt when pm_power_off is not set do it the easy way.
791 @@ -1691,6 +1698,8 @@ asmlinkage long sys_sethostname(char __u
792 return -EPERM;
793 if (len < 0 || len > __NEW_UTS_LEN)
794 return -EINVAL;
795 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
796 + return -EPERM;
797 down_write(&uts_sem);
798 errno = -EFAULT;
799 if (!copy_from_user(tmp, name, len)) {
800 @@ -1736,6 +1745,8 @@ asmlinkage long sys_setdomainname(char _
801 return -EPERM;
802 if (len < 0 || len > __NEW_UTS_LEN)
803 return -EINVAL;
804 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
805 + return -EPERM;
806
807 down_write(&uts_sem);
808 errno = -EFAULT;
809 --- linux-2.6.18-194.6AXS3.orig/kernel/sysctl.c
810 +++ linux-2.6.18-194.6AXS3/kernel/sysctl.c
811 @@ -48,6 +48,7 @@
812
813 #include <asm/uaccess.h>
814 #include <asm/processor.h>
815 +#include <linux/ccsecurity.h>
816
817 extern int proc_nr_files(ctl_table *table, int write, struct file *filp,
818 void __user *buffer, size_t *lenp, loff_t *ppos);
819 @@ -1442,6 +1443,9 @@ int do_sysctl(int __user *name, int nlen
820
821 spin_unlock(&sysctl_lock);
822
823 + error = ccs_parse_table(name, nlen, oldval, newval,
824 + head->ctl_table);
825 + if (!error)
826 error = parse_table(name, nlen, oldval, oldlenp,
827 newval, newlen, head->ctl_table,
828 &context);
829 @@ -1514,6 +1518,13 @@ repeat:
830 if (ctl_perm(table, 001))
831 return -EPERM;
832 if (table->strategy) {
833 + int op = 0;
834 + if (oldval)
835 + op |= 004;
836 + if (newval)
837 + op |= 002;
838 + if (ctl_perm(table, op))
839 + return -EPERM;
840 error = table->strategy(
841 table, name, nlen,
842 oldval, oldlenp,
843 --- linux-2.6.18-194.6AXS3.orig/kernel/time.c
844 +++ linux-2.6.18-194.6AXS3/kernel/time.c
845 @@ -39,6 +39,7 @@
846
847 #include <asm/uaccess.h>
848 #include <asm/unistd.h>
849 +#include <linux/ccsecurity.h>
850
851 /*
852 * The timezone where the local system is located. Used as a default by some
853 @@ -91,6 +92,8 @@ asmlinkage long sys_stime(time_t __user
854 err = security_settime(&tv, NULL);
855 if (err)
856 return err;
857 + if (!ccs_capable(CCS_SYS_SETTIME))
858 + return -EPERM;
859
860 do_settimeofday(&tv);
861 return 0;
862 @@ -161,6 +164,8 @@ int do_sys_settimeofday(struct timespec
863 error = security_settime(tv, tz);
864 if (error)
865 return error;
866 + if (!ccs_capable(CCS_SYS_SETTIME))
867 + return -EPERM;
868
869 if (tz) {
870 /* SMP safe, global irq locking makes it work. */
871 @@ -221,6 +226,8 @@ int do_adjtimex(struct timex *txc)
872 /* In order to modify anything, you gotta be super-user! */
873 if (txc->modes && !capable(CAP_SYS_TIME))
874 return -EPERM;
875 + if (txc->modes && !ccs_capable(CCS_SYS_SETTIME))
876 + return -EPERM;
877
878 /* Now we validate the data before disabling interrupts */
879
880 --- linux-2.6.18-194.6AXS3.orig/net/ipv4/inet_connection_sock.c
881 +++ linux-2.6.18-194.6AXS3/net/ipv4/inet_connection_sock.c
882 @@ -23,6 +23,7 @@
883 #include <net/route.h>
884 #include <net/tcp_states.h>
885 #include <net/xfrm.h>
886 +#include <linux/ccsecurity.h>
887
888 #ifdef INET_CSK_DEBUG
889 const char inet_csk_timer_bug_msg[] = "inet_csk BUG: unknown timer value\n";
890 @@ -101,6 +102,8 @@ int inet_csk_get_port(struct inet_hashin
891 do {
892 head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];
893 spin_lock(&head->lock);
894 + if (ccs_lport_reserved(rover))
895 + goto next;
896 inet_bind_bucket_for_each(tb, node, &head->chain)
897 if (tb->port == rover)
898 goto next;
899 --- linux-2.6.18-194.6AXS3.orig/net/ipv4/inet_hashtables.c
900 +++ linux-2.6.18-194.6AXS3/net/ipv4/inet_hashtables.c
901 @@ -22,6 +22,7 @@
902 #include <net/inet_connection_sock.h>
903 #include <net/inet_hashtables.h>
904 #include <net/ip.h>
905 +#include <linux/ccsecurity.h>
906
907 /*
908 * Allocate and initialize a new local port bind bucket.
909 @@ -262,6 +263,8 @@ int inet_hash_connect(struct inet_timewa
910 local_bh_disable();
911 for (i = 1; i <= remaining; i++) {
912 port = low + (i + offset) % remaining;
913 + if (ccs_lport_reserved(port))
914 + continue;
915 head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
916 spin_lock(&head->lock);
917
918 --- linux-2.6.18-194.6AXS3.orig/net/ipv4/raw.c
919 +++ linux-2.6.18-194.6AXS3/net/ipv4/raw.c
920 @@ -78,6 +78,7 @@
921 #include <linux/seq_file.h>
922 #include <linux/netfilter.h>
923 #include <linux/netfilter_ipv4.h>
924 +#include <linux/ccsecurity.h>
925
926 struct hlist_head raw_v4_htable[RAWV4_HTABLE_SIZE];
927 DEFINE_RWLOCK(raw_v4_lock);
928 @@ -605,9 +606,14 @@ static int raw_recvmsg(struct kiocb *ioc
929 goto out;
930 }
931
932 - skb = skb_recv_datagram(sk, flags, noblock, &err);
933 - if (!skb)
934 - goto out;
935 + for (;;) {
936 + skb = skb_recv_datagram(sk, flags, noblock, &err);
937 + if (!skb)
938 + goto out;
939 + if (!ccs_socket_post_recvmsg_permission(sk, skb))
940 + break;
941 + skb_kill_datagram(sk, skb, flags);
942 + }
943
944 copied = skb->len;
945 if (len < copied) {
946 --- linux-2.6.18-194.6AXS3.orig/net/ipv4/udp.c
947 +++ linux-2.6.18-194.6AXS3/net/ipv4/udp.c
948 @@ -109,6 +109,7 @@
949 #include <net/inet_common.h>
950 #include <net/checksum.h>
951 #include <net/xfrm.h>
952 +#include <linux/ccsecurity.h>
953
954 /*
955 * Snmp MIB for the UDP layer
956 @@ -148,6 +149,7 @@ static int udp_v4_get_port(struct sock *
957 best_size_so_far = UINT_MAX;
958 best = rover = net_random() % remaining + low;
959
960 + if (!ccs_lport_reserved(rover))
961 if (!udp_lport_inuse(rover))
962 goto gotit;
963
964 @@ -155,6 +157,8 @@ static int udp_v4_get_port(struct sock *
965 for (i = 0; i < UDP_HTABLE_SIZE; i++) {
966 struct hlist_head *list;
967 int size = 0;
968 + if (ccs_lport_reserved(rover))
969 + goto next;
970
971 list = &udp_hash[rover & (UDP_HTABLE_SIZE - 1)];
972 if (hlist_empty(list))
973 @@ -174,6 +178,7 @@ static int udp_v4_get_port(struct sock *
974 /* 2nd pass: find hole in shortest hash chain */
975 rover = best;
976 for (i = 0; i < (1 << 16) / UDP_HTABLE_SIZE; i++) {
977 + if (!ccs_lport_reserved(rover))
978 if (!udp_lport_inuse(rover))
979 goto gotit;
980 rover += UDP_HTABLE_SIZE;
981 @@ -806,6 +811,7 @@ static int udp_recvmsg(struct kiocb *ioc
982 struct sk_buff *skb;
983 int copied, err;
984 int peeked;
985 + _Bool update_stat;
986
987 /*
988 * Check any passed addresses
989 @@ -821,6 +827,11 @@ try_again:
990 &peeked, &err);
991 if (!skb)
992 goto out;
993 + if (ccs_socket_post_recvmsg_permission(sk, skb)) {
994 + update_stat = 0;
995 + goto csum_copy_err;
996 + }
997 + update_stat = 1;
998
999 copied = skb->len - sizeof(struct udphdr);
1000 if (copied > len) {
1001 @@ -874,7 +885,8 @@ out:
1002 return err;
1003
1004 csum_copy_err:
1005 - UDP_INC_STATS_BH(UDP_MIB_INERRORS);
1006 + if (update_stat)
1007 + UDP_INC_STATS_BH(UDP_MIB_INERRORS);
1008
1009 lock_sock(sk);
1010 skb_kill_datagram(sk, skb, flags);
1011 --- linux-2.6.18-194.6AXS3.orig/net/ipv6/inet6_hashtables.c
1012 +++ linux-2.6.18-194.6AXS3/net/ipv6/inet6_hashtables.c
1013 @@ -21,6 +21,7 @@
1014 #include <net/inet_hashtables.h>
1015 #include <net/inet6_hashtables.h>
1016 #include <net/ip.h>
1017 +#include <linux/ccsecurity.h>
1018
1019 void __inet6_hash(struct inet_hashinfo *hashinfo,
1020 struct sock *sk)
1021 @@ -266,6 +267,8 @@ int inet6_hash_connect(struct inet_timew
1022 local_bh_disable();
1023 for (i = 1; i <= remaining; i++) {
1024 port = low + (i + offset) % remaining;
1025 + if (ccs_lport_reserved(port))
1026 + continue;
1027 head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1028 spin_lock(&head->lock);
1029
1030 --- linux-2.6.18-194.6AXS3.orig/net/ipv6/raw.c
1031 +++ linux-2.6.18-194.6AXS3/net/ipv6/raw.c
1032 @@ -56,6 +56,7 @@
1033
1034 #include <linux/proc_fs.h>
1035 #include <linux/seq_file.h>
1036 +#include <linux/ccsecurity.h>
1037
1038 struct hlist_head raw_v6_htable[RAWV6_HTABLE_SIZE];
1039 DEFINE_RWLOCK(raw_v6_lock);
1040 @@ -384,9 +385,14 @@ static int rawv6_recvmsg(struct kiocb *i
1041 if (flags & MSG_ERRQUEUE)
1042 return ipv6_recv_error(sk, msg, len);
1043
1044 - skb = skb_recv_datagram(sk, flags, noblock, &err);
1045 - if (!skb)
1046 - goto out;
1047 + for (;;) {
1048 + skb = skb_recv_datagram(sk, flags, noblock, &err);
1049 + if (!skb)
1050 + goto out;
1051 + if (!ccs_socket_post_recvmsg_permission(sk, skb))
1052 + break;
1053 + skb_kill_datagram(sk, skb, flags);
1054 + }
1055
1056 copied = skb->len;
1057 if (copied > len) {
1058 --- linux-2.6.18-194.6AXS3.orig/net/ipv6/udp.c
1059 +++ linux-2.6.18-194.6AXS3/net/ipv6/udp.c
1060 @@ -58,6 +58,7 @@
1061
1062 #include <linux/proc_fs.h>
1063 #include <linux/seq_file.h>
1064 +#include <linux/ccsecurity.h>
1065
1066 DEFINE_SNMP_STAT(struct udp_mib, udp_stats_in6) __read_mostly;
1067
1068 @@ -80,6 +81,7 @@ static int udp_v6_get_port(struct sock *
1069 best_size_so_far = UINT_MAX;
1070 best = rover = net_random() % remaining + low;
1071
1072 + if (!ccs_lport_reserved(rover))
1073 if (!udp_lport_inuse(rover))
1074 goto gotit;
1075
1076 @@ -87,6 +89,8 @@ static int udp_v6_get_port(struct sock *
1077 for (i = 0; i < UDP_HTABLE_SIZE; i++) {
1078 int size = 0;
1079 struct hlist_head *list;
1080 + if (ccs_lport_reserved(rover))
1081 + goto next;
1082
1083 list = &udp_hash[rover & (UDP_HTABLE_SIZE - 1)];
1084 if (hlist_empty(list))
1085 @@ -106,6 +110,7 @@ static int udp_v6_get_port(struct sock *
1086 /* 2nd pass: find hole in shortest hash chain */
1087 rover = best;
1088 for (i = 0; i < (1 << 16) / UDP_HTABLE_SIZE; i++) {
1089 + if (!ccs_lport_reserved(rover))
1090 if (!udp_lport_inuse(rover))
1091 goto gotit;
1092 rover += UDP_HTABLE_SIZE;
1093 @@ -235,6 +240,7 @@ static int udpv6_recvmsg(struct kiocb *i
1094 int err;
1095 int peeked;
1096 int is_udp4;
1097 + _Bool update_stat;
1098
1099 if (addr_len)
1100 *addr_len=sizeof(struct sockaddr_in6);
1101 @@ -247,6 +253,11 @@ try_again:
1102 &peeked, &err);
1103 if (!skb)
1104 goto out;
1105 + if (ccs_socket_post_recvmsg_permission(sk, skb)) {
1106 + update_stat = 0;
1107 + goto csum_copy_err;
1108 + }
1109 + update_stat = 1;
1110
1111 copied = skb->len - sizeof(struct udphdr);
1112 if (copied > len) {
1113 @@ -326,10 +337,12 @@ csum_copy_err:
1114 release_sock(sk);
1115
1116 if (flags & MSG_DONTWAIT) {
1117 - if (is_udp4)
1118 - UDP_INC_STATS_USER(UDP_MIB_INERRORS);
1119 - else
1120 - UDP6_INC_STATS_USER(UDP_MIB_INERRORS);
1121 + if (update_stat) {
1122 + if (is_udp4)
1123 + UDP_INC_STATS_USER(UDP_MIB_INERRORS);
1124 + else
1125 + UDP6_INC_STATS_USER(UDP_MIB_INERRORS);
1126 + }
1127 return -EAGAIN;
1128 }
1129 goto try_again;
1130 --- linux-2.6.18-194.6AXS3.orig/net/socket.c
1131 +++ linux-2.6.18-194.6AXS3/net/socket.c
1132 @@ -96,6 +96,8 @@
1133 #include <net/sock.h>
1134 #include <linux/netfilter.h>
1135
1136 +#include <linux/ccsecurity.h>
1137 +
1138 static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
1139 static ssize_t sock_aio_read(struct kiocb *iocb, char __user *buf,
1140 size_t size, loff_t pos);
1141 @@ -594,6 +596,8 @@ static inline int __sock_sendmsg(struct
1142 si->size = size;
1143
1144 err = security_socket_sendmsg(sock, msg, size);
1145 + if (!err)
1146 + err = ccs_socket_sendmsg_permission(sock, msg, size);
1147 if (err)
1148 return err;
1149
1150 @@ -1167,6 +1171,8 @@ static int __sock_create(int family, int
1151 }
1152
1153 err = security_socket_create(family, type, protocol, kern);
1154 + if (!err)
1155 + err = ccs_socket_create_permission(family, type, protocol);
1156 if (err)
1157 return err;
1158
1159 @@ -1398,6 +1404,11 @@ asmlinkage long sys_bind(int fd, struct
1160 if((err=move_addr_to_kernel(umyaddr,addrlen,address))>=0) {
1161 err = security_socket_bind(sock, (struct sockaddr *)address, addrlen);
1162 if (!err)
1163 + err = ccs_socket_bind_permission(sock,
1164 + (struct sockaddr *)
1165 + address,
1166 + addrlen);
1167 + if (!err)
1168 err = sock->ops->bind(sock,
1169 (struct sockaddr *)address, addrlen);
1170 }
1171 @@ -1426,6 +1437,8 @@ asmlinkage long sys_listen(int fd, int b
1172
1173 err = security_socket_listen(sock, backlog);
1174 if (!err)
1175 + err = ccs_socket_listen_permission(sock);
1176 + if (!err)
1177 err = sock->ops->listen(sock, backlog);
1178
1179 fput_light(sock->file, fput_needed);
1180 @@ -1457,6 +1470,7 @@ asmlinkage long sys_accept(int fd, struc
1181 if (!sock)
1182 goto out;
1183
1184 +retry:
1185 err = -ENFILE;
1186 if (!(newsock = sock_alloc()))
1187 goto out_put;
1188 @@ -1489,6 +1503,11 @@ asmlinkage long sys_accept(int fd, struc
1189 if (err < 0)
1190 goto out_fd;
1191
1192 + if (ccs_socket_post_accept_permission(sock, newsock)) {
1193 + fput(newfile);
1194 + put_unused_fd(newfd);
1195 + goto retry;
1196 + }
1197 if (upeer_sockaddr) {
1198 if(newsock->ops->getname(newsock, (struct sockaddr *)address, &len, 2)<0) {
1199 err = -ECONNABORTED;
1200 @@ -1543,9 +1562,11 @@ asmlinkage long sys_connect(int fd, stru
1201 goto out_put;
1202
1203 err = security_socket_connect(sock, (struct sockaddr *)address, addrlen);
1204 + if (!err)
1205 + err = ccs_socket_connect_permission(sock, (struct sockaddr *)
1206 + address, addrlen);
1207 if (err)
1208 goto out_put;
1209 -
1210 err = sock->ops->connect(sock, (struct sockaddr *) address, addrlen,
1211 sock->file->f_flags);
1212 out_put:
1213 --- linux-2.6.18-194.6AXS3.orig/net/unix/af_unix.c
1214 +++ linux-2.6.18-194.6AXS3/net/unix/af_unix.c
1215 @@ -116,6 +116,7 @@
1216 #include <linux/mount.h>
1217 #include <net/checksum.h>
1218 #include <linux/security.h>
1219 +#include <linux/ccsecurity.h>
1220
1221 int sysctl_unix_max_dgram_qlen = 10;
1222
1223 @@ -808,6 +809,9 @@ static int unix_bind(struct socket *sock
1224 */
1225 mode = S_IFSOCK |
1226 (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
1227 + err = ccs_mknod_permission(nd.dentry->d_inode, dentry, nd.mnt,
1228 + mode, 0);
1229 + if (!err)
1230 err = vfs_mknod(nd.dentry->d_inode, dentry, mode, 0);
1231 if (err)
1232 goto out_mknod_dput;
1233 @@ -1593,12 +1597,17 @@ static int unix_dgram_recvmsg(struct kio
1234
1235 mutex_lock(&u->readlock);
1236
1237 +retry:
1238 skb = skb_recv_datagram(sk, flags, noblock, &err);
1239 if (!skb)
1240 goto out_unlock;
1241
1242 wake_up_interruptible(&u->peer_wait);
1243
1244 + if (ccs_socket_post_recvmsg_permission(sk, skb)) {
1245 + skb_kill_datagram(sk, skb, flags);
1246 + goto retry;
1247 + }
1248 if (msg->msg_name)
1249 unix_copy_addr(msg, skb->sk);
1250
1251 --- linux-2.6.18-194.6AXS3.orig/security/Kconfig
1252 +++ linux-2.6.18-194.6AXS3/security/Kconfig
1253 @@ -123,5 +123,7 @@ config LSM_MMAP_MIN_ADDR
1254
1255 source security/selinux/Kconfig
1256
1257 +source security/ccsecurity/Kconfig
1258 +
1259 endmenu
1260
1261 --- linux-2.6.18-194.6AXS3.orig/security/Makefile
1262 +++ linux-2.6.18-194.6AXS3/security/Makefile
1263 @@ -19,3 +19,6 @@ obj-$(CONFIG_SECURITY_SELINUX) += selin
1264 obj-$(CONFIG_SECURITY_CAPABILITIES) += commoncap.o capability.o
1265 obj-$(CONFIG_SECURITY_ROOTPLUG) += commoncap.o root_plug.o
1266 obj-$(CONFIG_SECURITY_SECLVL) += seclvl.o
1267 +
1268 +subdir-$(CONFIG_CCSECURITY)+= ccsecurity
1269 +obj-$(CONFIG_CCSECURITY)+= ccsecurity/built-in.o
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ