オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.18-debian-etch.diff

Diff of /trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.18-debian-etch.diff

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 3075 by kumaneko, Thu Oct 1 03:33:21 2009 UTC revision 3111 by kumaneko, Tue Oct 20 03:12:41 2009 UTC
# Line 59  Source code for this patch is "apt-get i Line 59  Source code for this patch is "apt-get i
59          unsigned long tmp;          unsigned long tmp;
60          size_t copied;          size_t copied;
61          long ret;          long ret;
62  +       if (!ccs_capable(CCS_SYS_PTRACE))  +       if (ccs_ptrace_permission(request, pid))
63  +               return -EPERM;  +               return -EPERM;
64    
65          lock_kernel();          lock_kernel();
# Line 78  Source code for this patch is "apt-get i Line 78  Source code for this patch is "apt-get i
78          struct task_struct *child;          struct task_struct *child;
79          unsigned int value, tmp;          unsigned int value, tmp;
80          long i, ret;          long i, ret;
81  +       if (!ccs_capable(CCS_SYS_PTRACE))  +       if (ccs_ptrace_permission(request, pid))
82  +               return -EPERM;  +               return -EPERM;
83    
84          lock_kernel();          lock_kernel();
# Line 97  Source code for this patch is "apt-get i Line 97  Source code for this patch is "apt-get i
97          struct task_struct *child;          struct task_struct *child;
98          struct switch_stack *sw;          struct switch_stack *sw;
99          long ret;          long ret;
100  +       if (!ccs_capable(CCS_SYS_PTRACE))  +       if (ccs_ptrace_permission(request, pid))
101  +               return -EPERM;  +               return -EPERM;
102    
103          lock_kernel();          lock_kernel();
# Line 116  Source code for this patch is "apt-get i Line 116  Source code for this patch is "apt-get i
116   {   {
117          struct task_struct *child;          struct task_struct *child;
118          int ret;          int ret;
119  +       if (!ccs_capable(CCS_SYS_PTRACE))  +       if (ccs_ptrace_permission(request, pid))
120  +               return -EPERM;  +               return -EPERM;
121    
122          lock_kernel();          lock_kernel();
# Line 135  Source code for this patch is "apt-get i Line 135  Source code for this patch is "apt-get i
135   {   {
136          struct task_struct *child;          struct task_struct *child;
137          int ret;          int ret;
138  +       if (!ccs_capable(CCS_SYS_PTRACE))  +       if (ccs_ptrace_permission(request, pid))
139  +               return -EPERM;  +               return -EPERM;
140    
141   #if 0   #if 0
# Line 154  Source code for this patch is "apt-get i Line 154  Source code for this patch is "apt-get i
154   {   {
155          struct task_struct *child;          struct task_struct *child;
156          int ret;          int ret;
157  +       if (!ccs_capable(CCS_SYS_PTRACE))  +       if (ccs_ptrace_permission(request, pid))
158  +               return -EPERM;  +               return -EPERM;
159    
160          lock_kernel();          lock_kernel();
# Line 173  Source code for this patch is "apt-get i Line 173  Source code for this patch is "apt-get i
173          struct task_struct *child;          struct task_struct *child;
174          int ret;          int ret;
175    
176  +       if (!ccs_capable(CCS_SYS_PTRACE))  +       if (ccs_ptrace_permission(request, pid))
177  +               return -EPERM;  +               return -EPERM;
178          lock_kernel();          lock_kernel();
179          if (request == PTRACE_TRACEME) {          if (request == PTRACE_TRACEME) {
# Line 192  Source code for this patch is "apt-get i Line 192  Source code for this patch is "apt-get i
192          unsigned long addr2 = regs->u_regs[UREG_I4];          unsigned long addr2 = regs->u_regs[UREG_I4];
193          struct task_struct *child;          struct task_struct *child;
194          int ret;          int ret;
195  +       if (!ccs_capable(CCS_SYS_PTRACE)) {  +       if (ccs_ptrace_permission(request, pid)) {
196  +               pt_error_return(regs, EPERM);  +               pt_error_return(regs, EPERM);
197  +               return;  +               return;
198  +       }  +       }
# Line 213  Source code for this patch is "apt-get i Line 213  Source code for this patch is "apt-get i
213          unsigned long addr2 = regs->u_regs[UREG_I4];          unsigned long addr2 = regs->u_regs[UREG_I4];
214          struct task_struct *child;          struct task_struct *child;
215          int ret;          int ret;
216  +       if (!ccs_capable(CCS_SYS_PTRACE)) {  +       if (ccs_ptrace_permission(request, pid)) {
217  +               pt_error_return(regs, EPERM);  +               pt_error_return(regs, EPERM);
218  +               return;  +               return;
219  +       }  +       }
# Line 234  Source code for this patch is "apt-get i Line 234  Source code for this patch is "apt-get i
234          void __user *datap = compat_ptr(data);          void __user *datap = compat_ptr(data);
235          int ret;          int ret;
236          __u32 val;          __u32 val;
237  +       if (!ccs_capable(CCS_SYS_PTRACE))  +       if (ccs_ptrace_permission(request, pid))
238  +               return -EPERM;  +               return -EPERM;
239    
240          switch (request) {          switch (request) {
# Line 696  Source code for this patch is "apt-get i Line 696  Source code for this patch is "apt-get i
696          if (entry)          if (entry)
697                  entry->proc_fops = &proc_sysrq_trigger_operations;                  entry->proc_fops = &proc_sysrq_trigger_operations;
698   #endif   #endif
699  +       printk(KERN_INFO "Hook version: 2.6.18-24etch4 2009/10/01\n");  +       printk(KERN_INFO "Hook version: 2.6.18-24etch4 2009/10/20\n");
700   }   }
701  --- linux-2.6.18-24etch4.orig/include/linux/init_task.h  --- linux-2.6.18-24etch4.orig/include/linux/init_task.h
702  +++ linux-2.6.18-24etch4/include/linux/init_task.h  +++ linux-2.6.18-24etch4/include/linux/init_task.h
# Line 841  Source code for this patch is "apt-get i Line 841  Source code for this patch is "apt-get i
841          /*          /*
842           * This lock_kernel fixes a subtle race with suid exec           * This lock_kernel fixes a subtle race with suid exec
843           */           */
844  +       if (!ccs_capable(CCS_SYS_PTRACE))  +       if (ccs_ptrace_permission(request, pid))
845  +               return -EPERM;  +               return -EPERM;
846          lock_kernel();          lock_kernel();
847          if (request == PTRACE_TRACEME) {          if (request == PTRACE_TRACEME) {
Legend:
Removed from v.3075  
changed lines
  Added in v.3111
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ