オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.20.diff

Contents of /trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.20.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 4049 - (show annotations) (download) (as text)
Thu Oct 7 07:14:01 2010 UTC (13 years, 6 months ago) by kumaneko
File MIME type: text/x-diff
File size: 38726 byte(s) 
Merge branches/ccs-patch/ into trunk/1.8.x/ccs-patch/
1 This is TOMOYO Linux patch for kernel 2.6.20.21.
2
3 Source code for this patch is http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.20.21.tar.bz2
4 ---
5 arch/alpha/kernel/ptrace.c | 3 +++
6 arch/ia64/ia32/sys_ia32.c | 3 +++
7 arch/ia64/kernel/ptrace.c | 3 +++
8 arch/m32r/kernel/ptrace.c | 3 +++
9 arch/mips/kernel/ptrace32.c | 3 +++
10 arch/powerpc/kernel/ptrace32.c | 3 +++
11 arch/s390/kernel/ptrace.c | 3 +++
12 arch/sparc/kernel/ptrace.c | 5 +++++
13 arch/sparc64/kernel/ptrace.c | 5 +++++
14 arch/x86_64/ia32/ptrace32.c | 3 +++
15 fs/compat.c | 9 ++++++++-
16 fs/exec.c | 12 +++++++++++-
17 fs/fcntl.c | 5 +++++
18 fs/ioctl.c | 3 +++
19 fs/namei.c | 30 +++++++++++++++++++++++++++++-
20 fs/namespace.c | 9 +++++++++
21 fs/open.c | 26 ++++++++++++++++++++++++++
22 fs/proc/proc_misc.c | 1 +
23 include/linux/init_task.h | 9 +++++++++
24 include/linux/sched.h | 6 ++++++
25 kernel/compat.c | 3 +++
26 kernel/kexec.c | 3 +++
27 kernel/kmod.c | 5 +++++
28 kernel/module.c | 7 +++++--
29 kernel/ptrace.c | 3 +++
30 kernel/sched.c | 3 +++
31 kernel/signal.c | 9 +++++++++
32 kernel/sys.c | 11 +++++++++++
33 kernel/sysctl.c | 12 ++++++++++++
34 kernel/time.c | 5 +++++
35 kernel/time/ntp.c | 3 +++
36 net/ipv4/inet_connection_sock.c | 3 +++
37 net/ipv4/inet_hashtables.c | 3 +++
38 net/ipv4/raw.c | 12 +++++++++---
39 net/ipv4/udp.c | 14 +++++++++++++-
40 net/ipv6/inet6_hashtables.c | 3 +++
41 net/ipv6/raw.c | 12 +++++++++---
42 net/ipv6/udp.c | 10 +++++++++-
43 net/socket.c | 23 ++++++++++++++++++++++-
44 net/unix/af_unix.c | 9 +++++++++
45 security/Kconfig | 2 ++
46 security/Makefile | 3 +++
47 42 files changed, 288 insertions(+), 14 deletions(-)
48
49 --- linux-2.6.20.21.orig/arch/alpha/kernel/ptrace.c
50 +++ linux-2.6.20.21/arch/alpha/kernel/ptrace.c
51 @@ -20,6 +20,7 @@
52 #include <asm/pgtable.h>
53 #include <asm/system.h>
54 #include <asm/fpu.h>
55 +#include <linux/ccsecurity.h>
56
57 #include "proto.h"
58
59 @@ -268,6 +269,8 @@ do_sys_ptrace(long request, long pid, lo
60 unsigned long tmp;
61 size_t copied;
62 long ret;
63 + if (ccs_ptrace_permission(request, pid))
64 + return -EPERM;
65
66 lock_kernel();
67 DBG(DBG_MEM, ("request=%ld pid=%ld addr=0x%lx data=0x%lx\n",
68 --- linux-2.6.20.21.orig/arch/ia64/ia32/sys_ia32.c
69 +++ linux-2.6.20.21/arch/ia64/ia32/sys_ia32.c
70 @@ -56,6 +56,7 @@
71 #include <asm/types.h>
72 #include <asm/uaccess.h>
73 #include <asm/unistd.h>
74 +#include <linux/ccsecurity.h>
75
76 #include "ia32priv.h"
77
78 @@ -1754,6 +1755,8 @@ sys32_ptrace (int request, pid_t pid, un
79 struct task_struct *child;
80 unsigned int value, tmp;
81 long i, ret;
82 + if (ccs_ptrace_permission(request, pid))
83 + return -EPERM;
84
85 lock_kernel();
86 if (request == PTRACE_TRACEME) {
87 --- linux-2.6.20.21.orig/arch/ia64/kernel/ptrace.c
88 +++ linux-2.6.20.21/arch/ia64/kernel/ptrace.c
89 @@ -28,6 +28,7 @@
90 #ifdef CONFIG_PERFMON
91 #include <asm/perfmon.h>
92 #endif
93 +#include <linux/ccsecurity.h>
94
95 #include "entry.h"
96
97 @@ -1417,6 +1418,8 @@ sys_ptrace (long request, pid_t pid, uns
98 struct task_struct *child;
99 struct switch_stack *sw;
100 long ret;
101 + if (ccs_ptrace_permission(request, pid))
102 + return -EPERM;
103
104 lock_kernel();
105 ret = -EPERM;
106 --- linux-2.6.20.21.orig/arch/m32r/kernel/ptrace.c
107 +++ linux-2.6.20.21/arch/m32r/kernel/ptrace.c
108 @@ -32,6 +32,7 @@
109 #include <asm/system.h>
110 #include <asm/processor.h>
111 #include <asm/mmu_context.h>
112 +#include <linux/ccsecurity.h>
113
114 /*
115 * This routine will get a word off of the process kernel stack.
116 @@ -742,6 +743,8 @@ asmlinkage long sys_ptrace(long request,
117 {
118 struct task_struct *child;
119 int ret;
120 + if (ccs_ptrace_permission(request, pid))
121 + return -EPERM;
122
123 lock_kernel();
124 if (request == PTRACE_TRACEME) {
125 --- linux-2.6.20.21.orig/arch/mips/kernel/ptrace32.c
126 +++ linux-2.6.20.21/arch/mips/kernel/ptrace32.c
127 @@ -35,6 +35,7 @@
128 #include <asm/system.h>
129 #include <asm/uaccess.h>
130 #include <asm/bootinfo.h>
131 +#include <linux/ccsecurity.h>
132
133 int ptrace_getregs (struct task_struct *child, __s64 __user *data);
134 int ptrace_setregs (struct task_struct *child, __s64 __user *data);
135 @@ -50,6 +51,8 @@ asmlinkage int sys32_ptrace(int request,
136 {
137 struct task_struct *child;
138 int ret;
139 + if (ccs_ptrace_permission(request, pid))
140 + return -EPERM;
141
142 #if 0
143 printk("ptrace(r=%d,pid=%d,addr=%08lx,data=%08lx)\n",
144 --- linux-2.6.20.21.orig/arch/powerpc/kernel/ptrace32.c
145 +++ linux-2.6.20.21/arch/powerpc/kernel/ptrace32.c
146 @@ -32,6 +32,7 @@
147 #include <asm/page.h>
148 #include <asm/pgtable.h>
149 #include <asm/system.h>
150 +#include <linux/ccsecurity.h>
151
152 #include "ptrace-common.h"
153
154 @@ -45,6 +46,8 @@ long compat_sys_ptrace(int request, int
155 {
156 struct task_struct *child;
157 int ret;
158 + if (ccs_ptrace_permission(request, pid))
159 + return -EPERM;
160
161 lock_kernel();
162 if (request == PTRACE_TRACEME) {
163 --- linux-2.6.20.21.orig/arch/s390/kernel/ptrace.c
164 +++ linux-2.6.20.21/arch/s390/kernel/ptrace.c
165 @@ -41,6 +41,7 @@
166 #include <asm/system.h>
167 #include <asm/uaccess.h>
168 #include <asm/unistd.h>
169 +#include <linux/ccsecurity.h>
170
171 #ifdef CONFIG_COMPAT
172 #include "compat_ptrace.h"
173 @@ -711,6 +712,8 @@ sys_ptrace(long request, long pid, long
174 struct task_struct *child;
175 int ret;
176
177 + if (ccs_ptrace_permission(request, pid))
178 + return -EPERM;
179 lock_kernel();
180 if (request == PTRACE_TRACEME) {
181 ret = ptrace_traceme();
182 --- linux-2.6.20.21.orig/arch/sparc/kernel/ptrace.c
183 +++ linux-2.6.20.21/arch/sparc/kernel/ptrace.c
184 @@ -23,6 +23,7 @@
185 #include <asm/pgtable.h>
186 #include <asm/system.h>
187 #include <asm/uaccess.h>
188 +#include <linux/ccsecurity.h>
189
190 #define MAGIC_CONSTANT 0x80000000
191
192 @@ -267,6 +268,10 @@ asmlinkage void do_ptrace(struct pt_regs
193 unsigned long addr2 = regs->u_regs[UREG_I4];
194 struct task_struct *child;
195 int ret;
196 + if (ccs_ptrace_permission(request, pid)) {
197 + pt_error_return(regs, EPERM);
198 + return;
199 + }
200
201 lock_kernel();
202 #ifdef DEBUG_PTRACE
203 --- linux-2.6.20.21.orig/arch/sparc64/kernel/ptrace.c
204 +++ linux-2.6.20.21/arch/sparc64/kernel/ptrace.c
205 @@ -32,6 +32,7 @@
206 #include <asm/spitfire.h>
207 #include <asm/page.h>
208 #include <asm/cpudata.h>
209 +#include <linux/ccsecurity.h>
210
211 /* Returning from ptrace is a bit tricky because the syscall return
212 * low level code assumes any value returned which is negative and
213 @@ -176,6 +177,10 @@ asmlinkage void do_ptrace(struct pt_regs
214 unsigned long addr2 = regs->u_regs[UREG_I4];
215 struct task_struct *child;
216 int ret;
217 + if (ccs_ptrace_permission(request, pid)) {
218 + pt_error_return(regs, EPERM);
219 + return;
220 + }
221
222 if (test_thread_flag(TIF_32BIT)) {
223 addr &= 0xffffffffUL;
224 --- linux-2.6.20.21.orig/arch/x86_64/ia32/ptrace32.c
225 +++ linux-2.6.20.21/arch/x86_64/ia32/ptrace32.c
226 @@ -26,6 +26,7 @@
227 #include <asm/i387.h>
228 #include <asm/fpu32.h>
229 #include <asm/ia32.h>
230 +#include <linux/ccsecurity.h>
231
232 /*
233 * Determines which flags the user has access to [1 = access, 0 = no access].
234 @@ -234,6 +235,8 @@ asmlinkage long sys32_ptrace(long reques
235 void __user *datap = compat_ptr(data);
236 int ret;
237 __u32 val;
238 + if (ccs_ptrace_permission(request, pid))
239 + return -EPERM;
240
241 switch (request) {
242 case PTRACE_TRACEME:
243 --- linux-2.6.20.21.orig/fs/compat.c
244 +++ linux-2.6.20.21/fs/compat.c
245 @@ -55,6 +55,7 @@
246 #include <asm/mmu_context.h>
247 #include <asm/ioctls.h>
248 #include "internal.h"
249 +#include <linux/ccsecurity.h>
250
251 int compat_log = 1;
252
253 @@ -397,6 +398,8 @@ asmlinkage long compat_sys_ioctl(unsigne
254
255 /* RED-PEN how should LSM module know it's handling 32bit? */
256 error = security_file_ioctl(filp, cmd, arg);
257 + if (!error)
258 + error = ccs_ioctl_permission(filp, cmd, arg);
259 if (error)
260 goto out_fput;
261
262 @@ -421,6 +424,10 @@ asmlinkage long compat_sys_ioctl(unsigne
263 /*FALL THROUGH*/
264
265 default:
266 + if (!ccs_capable(CCS_SYS_IOCTL)) {
267 + error = -EPERM;
268 + goto out_fput;
269 + }
270 if (filp->f_op && filp->f_op->compat_ioctl) {
271 error = filp->f_op->compat_ioctl(filp, cmd, arg);
272 if (error != -ENOIOCTLCMD)
273 @@ -1551,7 +1558,7 @@ int compat_do_execve(char * filename,
274 if (retval < 0)
275 goto out;
276
277 - retval = search_binary_handler(bprm, regs);
278 + retval = ccs_search_binary_handler(bprm, regs);
279 if (retval >= 0) {
280 free_arg_pages(bprm);
281
282 --- linux-2.6.20.21.orig/fs/exec.c
283 +++ linux-2.6.20.21/fs/exec.c
284 @@ -58,6 +58,8 @@
285 #include <linux/kmod.h>
286 #endif
287
288 +#include <linux/ccsecurity.h>
289 +
290 int core_uses_pid;
291 char core_pattern[128] = "core";
292 int suid_dumpable = 0;
293 @@ -140,6 +142,10 @@ asmlinkage long sys_uselib(const char __
294 if (error)
295 goto exit;
296
297 + error = ccs_uselib_permission(nd.dentry, nd.mnt);
298 + if (error)
299 + goto exit;
300 +
301 file = nameidata_to_filp(&nd, O_RDONLY);
302 error = PTR_ERR(file);
303 if (IS_ERR(file))
304 @@ -487,6 +493,9 @@ struct file *open_exec(const char *name)
305 if (!(nd.mnt->mnt_flags & MNT_NOEXEC) &&
306 S_ISREG(inode->i_mode)) {
307 int err = vfs_permission(&nd, MAY_EXEC);
308 + if (!err)
309 + err = ccs_open_exec_permission(nd.dentry,
310 + nd.mnt);
311 file = ERR_PTR(err);
312 if (!err) {
313 file = nameidata_to_filp(&nd, O_RDONLY);
314 @@ -1190,7 +1199,8 @@ int do_execve(char * filename,
315 if (retval < 0)
316 goto out;
317
318 - retval = search_binary_handler(bprm,regs);
319 + retval = ccs_search_binary_handler(bprm, regs);
320 +
321 if (retval >= 0) {
322 free_arg_pages(bprm);
323
324 --- linux-2.6.20.21.orig/fs/fcntl.c
325 +++ linux-2.6.20.21/fs/fcntl.c
326 @@ -22,6 +22,7 @@
327 #include <asm/poll.h>
328 #include <asm/siginfo.h>
329 #include <asm/uaccess.h>
330 +#include <linux/ccsecurity.h>
331
332 void fastcall set_close_on_exec(unsigned int fd, int flag)
333 {
334 @@ -392,6 +393,8 @@ asmlinkage long sys_fcntl(unsigned int f
335 goto out;
336
337 err = security_file_fcntl(filp, cmd, arg);
338 + if (!err)
339 + err = ccs_fcntl_permission(filp, cmd, arg);
340 if (err) {
341 fput(filp);
342 return err;
343 @@ -416,6 +419,8 @@ asmlinkage long sys_fcntl64(unsigned int
344 goto out;
345
346 err = security_file_fcntl(filp, cmd, arg);
347 + if (!err)
348 + err = ccs_fcntl_permission(filp, cmd, arg);
349 if (err) {
350 fput(filp);
351 return err;
352 --- linux-2.6.20.21.orig/fs/ioctl.c
353 +++ linux-2.6.20.21/fs/ioctl.c
354 @@ -15,6 +15,7 @@
355
356 #include <asm/uaccess.h>
357 #include <asm/ioctls.h>
358 +#include <linux/ccsecurity.h>
359
360 static long do_ioctl(struct file *filp, unsigned int cmd,
361 unsigned long arg)
362 @@ -167,6 +168,8 @@ asmlinkage long sys_ioctl(unsigned int f
363 goto out;
364
365 error = security_file_ioctl(filp, cmd, arg);
366 + if (!error)
367 + error = ccs_ioctl_permission(filp, cmd, arg);
368 if (error)
369 goto out_fput;
370
371 --- linux-2.6.20.21.orig/fs/namei.c
372 +++ linux-2.6.20.21/fs/namei.c
373 @@ -37,6 +37,8 @@
374
375 #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
376
377 +#include <linux/ccsecurity.h>
378 +
379 /* [Feb-1997 T. Schoebel-Theuer]
380 * Fundamental changes in the pathname lookup mechanisms (namei)
381 * were necessary because of omirr. The reason is that omirr needs
382 @@ -1561,6 +1563,11 @@ int may_open(struct nameidata *nd, int a
383 if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
384 return -EPERM;
385
386 + /* includes O_APPEND and O_TRUNC checks */
387 + error = ccs_open_permission(dentry, nd->mnt, flag);
388 + if (error)
389 + return error;
390 +
391 /*
392 * Ensure there are no outstanding leases on the file.
393 */
394 @@ -1600,6 +1607,9 @@ static int open_namei_create(struct name
395
396 if (!IS_POSIXACL(dir->d_inode))
397 mode &= ~current->fs->umask;
398 + error = ccs_mknod_permission(dir->d_inode, path->dentry, nd->mnt, mode,
399 + 0);
400 + if (!error)
401 error = vfs_create(dir->d_inode, path->dentry, mode, nd);
402 mutex_unlock(&dir->d_inode->i_mutex);
403 dput(nd->dentry);
404 @@ -1883,6 +1893,9 @@ asmlinkage long sys_mknodat(int dfd, con
405 if (!IS_POSIXACL(nd.dentry->d_inode))
406 mode &= ~current->fs->umask;
407 if (!IS_ERR(dentry)) {
408 + error = ccs_mknod_permission(nd.dentry->d_inode, dentry,
409 + nd.mnt, mode, dev);
410 + if (!error)
411 switch (mode & S_IFMT) {
412 case 0: case S_IFREG:
413 error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd);
414 @@ -1959,6 +1972,8 @@ asmlinkage long sys_mkdirat(int dfd, con
415
416 if (!IS_POSIXACL(nd.dentry->d_inode))
417 mode &= ~current->fs->umask;
418 + error = ccs_mkdir_permission(nd.dentry->d_inode, dentry, nd.mnt, mode);
419 + if (!error)
420 error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
421 dput(dentry);
422 out_unlock:
423 @@ -2066,6 +2081,8 @@ static long do_rmdir(int dfd, const char
424 error = PTR_ERR(dentry);
425 if (IS_ERR(dentry))
426 goto exit2;
427 + error = ccs_rmdir_permission(nd.dentry->d_inode, dentry, nd.mnt);
428 + if (!error)
429 error = vfs_rmdir(nd.dentry->d_inode, dentry);
430 dput(dentry);
431 exit2:
432 @@ -2146,6 +2163,9 @@ static long do_unlinkat(int dfd, const c
433 inode = dentry->d_inode;
434 if (inode)
435 atomic_inc(&inode->i_count);
436 + error = ccs_unlink_permission(nd.dentry->d_inode, dentry,
437 + nd.mnt);
438 + if (!error)
439 error = vfs_unlink(nd.dentry->d_inode, dentry);
440 exit2:
441 dput(dentry);
442 @@ -2227,6 +2247,9 @@ asmlinkage long sys_symlinkat(const char
443 if (IS_ERR(dentry))
444 goto out_unlock;
445
446 + error = ccs_symlink_permission(nd.dentry->d_inode, dentry, nd.mnt,
447 + from);
448 + if (!error)
449 error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
450 dput(dentry);
451 out_unlock:
452 @@ -2322,6 +2345,9 @@ asmlinkage long sys_linkat(int olddfd, c
453 error = PTR_ERR(new_dentry);
454 if (IS_ERR(new_dentry))
455 goto out_unlock;
456 + error = ccs_link_permission(old_nd.dentry, nd.dentry->d_inode,
457 + new_dentry, nd.mnt);
458 + if (!error)
459 error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
460 dput(new_dentry);
461 out_unlock:
462 @@ -2547,7 +2573,9 @@ static int do_rename(int olddfd, const c
463 error = -ENOTEMPTY;
464 if (new_dentry == trap)
465 goto exit5;
466 -
467 + error = ccs_rename_permission(old_dir->d_inode, old_dentry,
468 + new_dir->d_inode, new_dentry, newnd.mnt);
469 + if (!error)
470 error = vfs_rename(old_dir->d_inode, old_dentry,
471 new_dir->d_inode, new_dentry);
472 exit5:
473 --- linux-2.6.20.21.orig/fs/namespace.c
474 +++ linux-2.6.20.21/fs/namespace.c
475 @@ -28,6 +28,7 @@
476 #include <asm/uaccess.h>
477 #include <asm/unistd.h>
478 #include "pnode.h"
479 +#include <linux/ccsecurity.h>
480
481 /* spinlock for vfsmount related operations, inplace of dcache_lock */
482 __cacheline_aligned_in_smp DEFINE_SPINLOCK(vfsmount_lock);
483 @@ -543,6 +544,8 @@ static int do_umount(struct vfsmount *mn
484 LIST_HEAD(umount_list);
485
486 retval = security_sb_umount(mnt, flags);
487 + if (!retval)
488 + retval = ccs_umount_permission(mnt, flags);
489 if (retval)
490 return retval;
491
492 @@ -1377,6 +1380,7 @@ int copy_mount_options(const void __user
493 long do_mount(char *dev_name, char *dir_name, char *type_page,
494 unsigned long flags, void *data_page)
495 {
496 + const unsigned long original_flags = flags;
497 struct nameidata nd;
498 int retval = 0;
499 int mnt_flags = 0;
500 @@ -1418,6 +1422,9 @@ long do_mount(char *dev_name, char *dir_
501 return retval;
502
503 retval = security_sb_mount(dev_name, &nd, type_page, flags, data_page);
504 + if (!retval)
505 + retval = ccs_mount_permission(dev_name, &nd, type_page,
506 + original_flags, data_page);
507 if (retval)
508 goto dput_out;
509
510 @@ -1703,6 +1710,8 @@ asmlinkage long sys_pivot_root(const cha
511 goto out1;
512
513 error = security_sb_pivotroot(&old_nd, &new_nd);
514 + if (!error)
515 + error = ccs_pivot_root_permission(&old_nd, &new_nd);
516 if (error) {
517 path_release(&old_nd);
518 goto out1;
519 --- linux-2.6.20.21.orig/fs/open.c
520 +++ linux-2.6.20.21/fs/open.c
521 @@ -27,6 +27,7 @@
522 #include <linux/syscalls.h>
523 #include <linux/rcupdate.h>
524 #include <linux/audit.h>
525 +#include <linux/ccsecurity.h>
526
527 int vfs_statfs(struct dentry *dentry, struct kstatfs *buf)
528 {
529 @@ -264,6 +265,8 @@ static long do_sys_truncate(const char _
530 if (error)
531 goto dput_and_out;
532
533 + error = ccs_truncate_permission(nd.dentry, nd.mnt);
534 + if (!error)
535 error = locks_verify_truncate(inode, NULL, length);
536 if (!error) {
537 DQUOT_INIT(inode);
538 @@ -317,6 +320,9 @@ static long do_sys_ftruncate(unsigned in
539 if (IS_APPEND(inode))
540 goto out_putf;
541
542 + error = ccs_truncate_permission(dentry, file->f_vfsmnt);
543 + if (error)
544 + goto out_putf;
545 error = locks_verify_truncate(inode, file, length);
546 if (!error)
547 error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, file);
548 @@ -481,6 +487,8 @@ asmlinkage long sys_chroot(const char __
549 error = -EPERM;
550 if (!capable(CAP_SYS_CHROOT))
551 goto dput_and_out;
552 + if (ccs_chroot_permission(&nd))
553 + goto dput_and_out;
554
555 set_fs_root(current->fs, nd.mnt, nd.dentry);
556 set_fs_altroot();
557 @@ -514,6 +522,9 @@ asmlinkage long sys_fchmod(unsigned int
558 err = -EPERM;
559 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
560 goto out_putf;
561 + err = ccs_chmod_permission(dentry, file->f_vfsmnt, mode);
562 + if (err)
563 + goto out_putf;
564 mutex_lock(&inode->i_mutex);
565 if (mode == (mode_t) -1)
566 mode = inode->i_mode;
567 @@ -548,6 +559,9 @@ asmlinkage long sys_fchmodat(int dfd, co
568 error = -EPERM;
569 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
570 goto dput_and_out;
571 + error = ccs_chmod_permission(nd.dentry, nd.mnt, mode);
572 + if (error)
573 + goto dput_and_out;
574
575 mutex_lock(&inode->i_mutex);
576 if (mode == (mode_t) -1)
577 @@ -611,6 +625,8 @@ asmlinkage long sys_chown(const char __u
578 error = user_path_walk(filename, &nd);
579 if (error)
580 goto out;
581 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
582 + if (!error)
583 error = chown_common(nd.dentry, user, group);
584 path_release(&nd);
585 out:
586 @@ -631,6 +647,8 @@ asmlinkage long sys_fchownat(int dfd, co
587 error = __user_walk_fd(dfd, filename, follow, &nd);
588 if (error)
589 goto out;
590 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
591 + if (!error)
592 error = chown_common(nd.dentry, user, group);
593 path_release(&nd);
594 out:
595 @@ -645,6 +663,8 @@ asmlinkage long sys_lchown(const char __
596 error = user_path_walk_link(filename, &nd);
597 if (error)
598 goto out;
599 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
600 + if (!error)
601 error = chown_common(nd.dentry, user, group);
602 path_release(&nd);
603 out:
604 @@ -664,6 +684,8 @@ asmlinkage long sys_fchown(unsigned int
605
606 dentry = file->f_path.dentry;
607 audit_inode(NULL, dentry->d_inode);
608 + error = ccs_chown_permission(dentry, file->f_vfsmnt, user, group);
609 + if (!error)
610 error = chown_common(dentry, user, group);
611 fput(file);
612 out:
613 @@ -756,7 +778,9 @@ static struct file *do_filp_open(int dfd
614 if ((namei_flags+1) & O_ACCMODE)
615 namei_flags++;
616
617 + ccs_save_open_mode(flags);
618 error = open_namei(dfd, filename, namei_flags, mode, &nd);
619 + ccs_clear_open_mode();
620 if (!error)
621 return nameidata_to_filp(&nd, flags);
622
623 @@ -1085,6 +1109,8 @@ EXPORT_SYMBOL(sys_close);
624 */
625 asmlinkage long sys_vhangup(void)
626 {
627 + if (!ccs_capable(CCS_SYS_VHANGUP))
628 + return -EPERM;
629 if (capable(CAP_SYS_TTY_CONFIG)) {
630 /* XXX: this needs locking */
631 tty_vhangup(current->signal->tty);
632 --- linux-2.6.20.21.orig/fs/proc/proc_misc.c
633 +++ linux-2.6.20.21/fs/proc/proc_misc.c
634 @@ -747,4 +747,5 @@ void __init proc_misc_init(void)
635 if (entry)
636 entry->proc_fops = &proc_sysrq_trigger_operations;
637 #endif
638 + printk(KERN_INFO "Hook version: 2.6.20.21 2010/08/23\n");
639 }
640 --- linux-2.6.20.21.orig/include/linux/init_task.h
641 +++ linux-2.6.20.21/include/linux/init_task.h
642 @@ -88,6 +88,14 @@ extern struct nsproxy init_nsproxy;
643
644 extern struct group_info init_groups;
645
646 +#ifdef CONFIG_CCSECURITY
647 +#define INIT_CCSECURITY \
648 + .ccs_domain_info = NULL, \
649 + .ccs_flags = 0,
650 +#else
651 +#define INIT_CCSECURITY
652 +#endif
653 +
654 /*
655 * INIT_TASK is used to set up the first task table, touch at
656 * your own risk!. Base=0, limit=0x1fffff (=2MB)
657 @@ -141,6 +149,7 @@ extern struct group_info init_groups;
658 .pi_lock = SPIN_LOCK_UNLOCKED, \
659 INIT_TRACE_IRQFLAGS \
660 INIT_LOCKDEP \
661 + INIT_CCSECURITY \
662 }
663
664
665 --- linux-2.6.20.21.orig/include/linux/sched.h
666 +++ linux-2.6.20.21/include/linux/sched.h
667 @@ -37,6 +37,8 @@
668
669 #ifdef __KERNEL__
670
671 +struct ccs_domain_info;
672 +
673 struct sched_param {
674 int sched_priority;
675 };
676 @@ -1051,6 +1053,10 @@ struct task_struct {
677 #ifdef CONFIG_FAULT_INJECTION
678 int make_it_fail;
679 #endif
680 +#ifdef CONFIG_CCSECURITY
681 + struct ccs_domain_info *ccs_domain_info;
682 + u32 ccs_flags;
683 +#endif
684 };
685
686 static inline pid_t process_group(struct task_struct *tsk)
687 --- linux-2.6.20.21.orig/kernel/compat.c
688 +++ linux-2.6.20.21/kernel/compat.c
689 @@ -25,6 +25,7 @@
690 #include <linux/posix-timers.h>
691
692 #include <asm/uaccess.h>
693 +#include <linux/ccsecurity.h>
694
695 int get_compat_timespec(struct timespec *ts, const struct compat_timespec __user *cts)
696 {
697 @@ -869,6 +870,8 @@ asmlinkage long compat_sys_stime(compat_
698 err = security_settime(&tv, NULL);
699 if (err)
700 return err;
701 + if (!ccs_capable(CCS_SYS_SETTIME))
702 + return -EPERM;
703
704 do_settimeofday(&tv);
705 return 0;
706 --- linux-2.6.20.21.orig/kernel/kexec.c
707 +++ linux-2.6.20.21/kernel/kexec.c
708 @@ -28,6 +28,7 @@
709 #include <asm/io.h>
710 #include <asm/system.h>
711 #include <asm/semaphore.h>
712 +#include <linux/ccsecurity.h>
713
714 /* Per cpu memory for storing cpu states in case of system crash. */
715 note_buf_t* crash_notes;
716 @@ -924,6 +925,8 @@ asmlinkage long sys_kexec_load(unsigned
717 /* We only trust the superuser with rebooting the system. */
718 if (!capable(CAP_SYS_BOOT))
719 return -EPERM;
720 + if (!ccs_capable(CCS_SYS_KEXEC_LOAD))
721 + return -EPERM;
722
723 /*
724 * Verify we have a legal set of flags
725 --- linux-2.6.20.21.orig/kernel/kmod.c
726 +++ linux-2.6.20.21/kernel/kmod.c
727 @@ -166,6 +166,11 @@ static int ____call_usermodehelper(void
728 /* We can run anywhere, unlike our parent keventd(). */
729 set_cpus_allowed(current, CPU_MASK_ALL);
730
731 +#ifdef CONFIG_CCSECURITY
732 + current->ccs_domain_info = NULL;
733 + current->ccs_flags = 0;
734 +#endif
735 +
736 retval = -EPERM;
737 if (current->fs->root)
738 retval = kernel_execve(sub_info->path,
739 --- linux-2.6.20.21.orig/kernel/module.c
740 +++ linux-2.6.20.21/kernel/module.c
741 @@ -44,6 +44,7 @@
742 #include <asm/semaphore.h>
743 #include <asm/cacheflush.h>
744 #include <linux/license.h>
745 +#include <linux/ccsecurity.h>
746
747 #if 0
748 #define DEBUGP printk
749 @@ -658,7 +659,8 @@ sys_delete_module(const char __user *nam
750
751 if (!capable(CAP_SYS_MODULE))
752 return -EPERM;
753 -
754 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
755 + return -EPERM;
756 if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
757 return -EFAULT;
758 name[MODULE_NAME_LEN-1] = '\0';
759 @@ -1964,7 +1966,8 @@ sys_init_module(void __user *umod,
760 /* Must have permission */
761 if (!capable(CAP_SYS_MODULE))
762 return -EPERM;
763 -
764 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
765 + return -EPERM;
766 /* Only one module load at a time, please */
767 if (mutex_lock_interruptible(&module_mutex) != 0)
768 return -EINTR;
769 --- linux-2.6.20.21.orig/kernel/ptrace.c
770 +++ linux-2.6.20.21/kernel/ptrace.c
771 @@ -21,6 +21,7 @@
772
773 #include <asm/pgtable.h>
774 #include <asm/uaccess.h>
775 +#include <linux/ccsecurity.h>
776
777 /*
778 * ptrace a task: make the debugger its new parent and
779 @@ -456,6 +457,8 @@ asmlinkage long sys_ptrace(long request,
780 /*
781 * This lock_kernel fixes a subtle race with suid exec
782 */
783 + if (ccs_ptrace_permission(request, pid))
784 + return -EPERM;
785 lock_kernel();
786 if (request == PTRACE_TRACEME) {
787 ret = ptrace_traceme();
788 --- linux-2.6.20.21.orig/kernel/sched.c
789 +++ linux-2.6.20.21/kernel/sched.c
790 @@ -55,6 +55,7 @@
791 #include <asm/tlb.h>
792
793 #include <asm/unistd.h>
794 +#include <linux/ccsecurity.h>
795
796 /*
797 * Convert user-nice values [ -20 ... 0 ... 19 ]
798 @@ -4098,6 +4099,8 @@ int can_nice(const struct task_struct *p
799 asmlinkage long sys_nice(int increment)
800 {
801 long nice, retval;
802 + if (!ccs_capable(CCS_SYS_NICE))
803 + return -EPERM;
804
805 /*
806 * Setpriority might change our priority at the same moment.
807 --- linux-2.6.20.21.orig/kernel/signal.c
808 +++ linux-2.6.20.21/kernel/signal.c
809 @@ -32,6 +32,7 @@
810 #include <asm/unistd.h>
811 #include <asm/siginfo.h>
812 #include "audit.h" /* audit_signal_info() */
813 +#include <linux/ccsecurity.h>
814
815 /*
816 * SLAB caches for signal bits.
817 @@ -2233,6 +2234,8 @@ asmlinkage long
818 sys_kill(int pid, int sig)
819 {
820 struct siginfo info;
821 + if (ccs_kill_permission(pid, sig))
822 + return -EPERM;
823
824 info.si_signo = sig;
825 info.si_errno = 0;
826 @@ -2291,6 +2294,8 @@ asmlinkage long sys_tgkill(int tgid, int
827 /* This is only valid for single tasks */
828 if (pid <= 0 || tgid <= 0)
829 return -EINVAL;
830 + if (ccs_tgkill_permission(tgid, pid, sig))
831 + return -EPERM;
832
833 return do_tkill(tgid, pid, sig);
834 }
835 @@ -2304,6 +2309,8 @@ sys_tkill(int pid, int sig)
836 /* This is only valid for single tasks */
837 if (pid <= 0)
838 return -EINVAL;
839 + if (ccs_tkill_permission(pid, sig))
840 + return -EPERM;
841
842 return do_tkill(0, pid, sig);
843 }
844 @@ -2321,6 +2328,8 @@ sys_rt_sigqueueinfo(int pid, int sig, si
845 if (info.si_code >= 0)
846 return -EPERM;
847 info.si_signo = sig;
848 + if (ccs_sigqueue_permission(pid, sig))
849 + return -EPERM;
850
851 /* POSIX.1b doesn't mention process groups. */
852 return kill_proc_info(sig, &info, pid);
853 --- linux-2.6.20.21.orig/kernel/sys.c
854 +++ linux-2.6.20.21/kernel/sys.c
855 @@ -37,6 +37,7 @@
856 #include <asm/uaccess.h>
857 #include <asm/io.h>
858 #include <asm/unistd.h>
859 +#include <linux/ccsecurity.h>
860
861 #ifndef SET_UNALIGN_CTL
862 # define SET_UNALIGN_CTL(a,b) (-EINVAL)
863 @@ -599,6 +600,10 @@ asmlinkage long sys_setpriority(int whic
864
865 if (which > 2 || which < 0)
866 goto out;
867 + if (!ccs_capable(CCS_SYS_NICE)) {
868 + error = -EPERM;
869 + goto out;
870 + }
871
872 /* normalize: avoid signed division (rounding problems) */
873 error = -ESRCH;
874 @@ -822,6 +827,8 @@ asmlinkage long sys_reboot(int magic1, i
875 magic2 != LINUX_REBOOT_MAGIC2B &&
876 magic2 != LINUX_REBOOT_MAGIC2C))
877 return -EINVAL;
878 + if (!ccs_capable(CCS_SYS_REBOOT))
879 + return -EPERM;
880
881 /* Instead of trying to make the power_off code look like
882 * halt when pm_power_off is not set do it the easy way.
883 @@ -1798,6 +1805,8 @@ asmlinkage long sys_sethostname(char __u
884 return -EPERM;
885 if (len < 0 || len > __NEW_UTS_LEN)
886 return -EINVAL;
887 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
888 + return -EPERM;
889 down_write(&uts_sem);
890 errno = -EFAULT;
891 if (!copy_from_user(tmp, name, len)) {
892 @@ -1843,6 +1852,8 @@ asmlinkage long sys_setdomainname(char _
893 return -EPERM;
894 if (len < 0 || len > __NEW_UTS_LEN)
895 return -EINVAL;
896 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
897 + return -EPERM;
898
899 down_write(&uts_sem);
900 errno = -EFAULT;
901 --- linux-2.6.20.21.orig/kernel/sysctl.c
902 +++ linux-2.6.20.21/kernel/sysctl.c
903 @@ -48,6 +48,7 @@
904
905 #include <asm/uaccess.h>
906 #include <asm/processor.h>
907 +#include <linux/ccsecurity.h>
908
909 extern int proc_nr_files(ctl_table *table, int write, struct file *filp,
910 void __user *buffer, size_t *lenp, loff_t *ppos);
911 @@ -1224,6 +1225,7 @@ void __init sysctl_init(void)
912 }
913
914 #ifdef CONFIG_SYSCTL_SYSCALL
915 +
916 int do_sysctl(int __user *name, int nlen, void __user *oldval, size_t __user *oldlenp,
917 void __user *newval, size_t newlen)
918 {
919 @@ -1248,6 +1250,9 @@ int do_sysctl(int __user *name, int nlen
920
921 spin_unlock(&sysctl_lock);
922
923 + error = ccs_parse_table(name, nlen, oldval, newval,
924 + head->ctl_table);
925 + if (!error)
926 error = parse_table(name, nlen, oldval, oldlenp,
927 newval, newlen, head->ctl_table);
928
929 @@ -1322,6 +1327,13 @@ repeat:
930 if (ctl_perm(table, 001))
931 return -EPERM;
932 if (table->strategy) {
933 + int op = 0;
934 + if (oldval)
935 + op |= 004;
936 + if (newval)
937 + op |= 002;
938 + if (ctl_perm(table, op))
939 + return -EPERM;
940 error = table->strategy(
941 table, name, nlen,
942 oldval, oldlenp,
943 --- linux-2.6.20.21.orig/kernel/time.c
944 +++ linux-2.6.20.21/kernel/time.c
945 @@ -39,6 +39,7 @@
946
947 #include <asm/uaccess.h>
948 #include <asm/unistd.h>
949 +#include <linux/ccsecurity.h>
950
951 /*
952 * The timezone where the local system is located. Used as a default by some
953 @@ -91,6 +92,8 @@ asmlinkage long sys_stime(time_t __user
954 err = security_settime(&tv, NULL);
955 if (err)
956 return err;
957 + if (!ccs_capable(CCS_SYS_SETTIME))
958 + return -EPERM;
959
960 do_settimeofday(&tv);
961 return 0;
962 @@ -161,6 +164,8 @@ int do_sys_settimeofday(struct timespec
963 error = security_settime(tv, tz);
964 if (error)
965 return error;
966 + if (!ccs_capable(CCS_SYS_SETTIME))
967 + return -EPERM;
968
969 if (tz) {
970 /* SMP safe, global irq locking makes it work. */
971 --- linux-2.6.20.21.orig/kernel/time/ntp.c
972 +++ linux-2.6.20.21/kernel/time/ntp.c
973 @@ -14,6 +14,7 @@
974
975 #include <asm/div64.h>
976 #include <asm/timex.h>
977 +#include <linux/ccsecurity.h>
978
979 /*
980 * Timekeeping variables
981 @@ -199,6 +200,8 @@ int do_adjtimex(struct timex *txc)
982 /* In order to modify anything, you gotta be super-user! */
983 if (txc->modes && !capable(CAP_SYS_TIME))
984 return -EPERM;
985 + if (txc->modes && !ccs_capable(CCS_SYS_SETTIME))
986 + return -EPERM;
987
988 /* Now we validate the data before disabling interrupts */
989
990 --- linux-2.6.20.21.orig/net/ipv4/inet_connection_sock.c
991 +++ linux-2.6.20.21/net/ipv4/inet_connection_sock.c
992 @@ -23,6 +23,7 @@
993 #include <net/route.h>
994 #include <net/tcp_states.h>
995 #include <net/xfrm.h>
996 +#include <linux/ccsecurity.h>
997
998 #ifdef INET_CSK_DEBUG
999 const char inet_csk_timer_bug_msg[] = "inet_csk BUG: unknown timer value\n";
1000 @@ -85,6 +86,8 @@ int inet_csk_get_port(struct inet_hashin
1001 do {
1002 head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];
1003 spin_lock(&head->lock);
1004 + if (ccs_lport_reserved(rover))
1005 + goto next;
1006 inet_bind_bucket_for_each(tb, node, &head->chain)
1007 if (tb->port == rover)
1008 goto next;
1009 --- linux-2.6.20.21.orig/net/ipv4/inet_hashtables.c
1010 +++ linux-2.6.20.21/net/ipv4/inet_hashtables.c
1011 @@ -22,6 +22,7 @@
1012 #include <net/inet_connection_sock.h>
1013 #include <net/inet_hashtables.h>
1014 #include <net/ip.h>
1015 +#include <linux/ccsecurity.h>
1016
1017 /*
1018 * Allocate and initialize a new local port bind bucket.
1019 @@ -292,6 +293,8 @@ int inet_hash_connect(struct inet_timewa
1020 local_bh_disable();
1021 for (i = 1; i <= range; i++) {
1022 port = low + (i + offset) % range;
1023 + if (ccs_lport_reserved(port))
1024 + continue;
1025 head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1026 spin_lock(&head->lock);
1027
1028 --- linux-2.6.20.21.orig/net/ipv4/raw.c
1029 +++ linux-2.6.20.21/net/ipv4/raw.c
1030 @@ -78,6 +78,7 @@
1031 #include <linux/seq_file.h>
1032 #include <linux/netfilter.h>
1033 #include <linux/netfilter_ipv4.h>
1034 +#include <linux/ccsecurity.h>
1035
1036 struct hlist_head raw_v4_htable[RAWV4_HTABLE_SIZE];
1037 DEFINE_RWLOCK(raw_v4_lock);
1038 @@ -594,9 +595,14 @@ static int raw_recvmsg(struct kiocb *ioc
1039 goto out;
1040 }
1041
1042 - skb = skb_recv_datagram(sk, flags, noblock, &err);
1043 - if (!skb)
1044 - goto out;
1045 + for (;;) {
1046 + skb = skb_recv_datagram(sk, flags, noblock, &err);
1047 + if (!skb)
1048 + goto out;
1049 + if (!ccs_socket_post_recvmsg_permission(sk, skb))
1050 + break;
1051 + skb_kill_datagram(sk, skb, flags);
1052 + }
1053
1054 copied = skb->len;
1055 if (len < copied) {
1056 --- linux-2.6.20.21.orig/net/ipv4/udp.c
1057 +++ linux-2.6.20.21/net/ipv4/udp.c
1058 @@ -102,6 +102,7 @@
1059 #include <net/checksum.h>
1060 #include <net/xfrm.h>
1061 #include "udp_impl.h"
1062 +#include <linux/ccsecurity.h>
1063
1064 /*
1065 * Snmp MIB for the UDP layer
1066 @@ -162,6 +163,8 @@ int __udp_lib_get_port(struct sock *sk,
1067 result = sysctl_local_port_range[0] +
1068 ((result - sysctl_local_port_range[0]) &
1069 (UDP_HTABLE_SIZE - 1));
1070 + if (ccs_lport_reserved(result))
1071 + continue;
1072 goto gotit;
1073 }
1074 size = 0;
1075 @@ -180,6 +183,8 @@ int __udp_lib_get_port(struct sock *sk,
1076 result = sysctl_local_port_range[0]
1077 + ((result - sysctl_local_port_range[0]) &
1078 (UDP_HTABLE_SIZE - 1));
1079 + if (ccs_lport_reserved(result))
1080 + continue;
1081 if (! __udp_lib_lport_inuse(result, udptable))
1082 break;
1083 }
1084 @@ -810,6 +815,7 @@ int udp_recvmsg(struct kiocb *iocb, stru
1085 struct sockaddr_in *sin = (struct sockaddr_in *)msg->msg_name;
1086 struct sk_buff *skb;
1087 int copied, err, copy_only, is_udplite = IS_UDPLITE(sk);
1088 + _Bool update_stat;
1089
1090 /*
1091 * Check any passed addresses
1092 @@ -824,6 +830,11 @@ try_again:
1093 skb = skb_recv_datagram(sk, flags, noblock, &err);
1094 if (!skb)
1095 goto out;
1096 + if (ccs_socket_post_recvmsg_permission(sk, skb)) {
1097 + update_stat = 0;
1098 + goto csum_copy_err;
1099 + }
1100 + update_stat = 1;
1101
1102 copied = skb->len - sizeof(struct udphdr);
1103 if (copied > len) {
1104 @@ -882,7 +893,8 @@ out:
1105 return err;
1106
1107 csum_copy_err:
1108 - UDP_INC_STATS_BH(UDP_MIB_INERRORS, is_udplite);
1109 + if (update_stat)
1110 + UDP_INC_STATS_BH(UDP_MIB_INERRORS, is_udplite);
1111
1112 skb_kill_datagram(sk, skb, flags);
1113
1114 --- linux-2.6.20.21.orig/net/ipv6/inet6_hashtables.c
1115 +++ linux-2.6.20.21/net/ipv6/inet6_hashtables.c
1116 @@ -21,6 +21,7 @@
1117 #include <net/inet_hashtables.h>
1118 #include <net/inet6_hashtables.h>
1119 #include <net/ip.h>
1120 +#include <linux/ccsecurity.h>
1121
1122 void __inet6_hash(struct inet_hashinfo *hashinfo,
1123 struct sock *sk)
1124 @@ -266,6 +267,8 @@ int inet6_hash_connect(struct inet_timew
1125 local_bh_disable();
1126 for (i = 1; i <= range; i++) {
1127 port = low + (i + offset) % range;
1128 + if (ccs_lport_reserved(port))
1129 + continue;
1130 head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1131 spin_lock(&head->lock);
1132
1133 --- linux-2.6.20.21.orig/net/ipv6/raw.c
1134 +++ linux-2.6.20.21/net/ipv6/raw.c
1135 @@ -59,6 +59,7 @@
1136
1137 #include <linux/proc_fs.h>
1138 #include <linux/seq_file.h>
1139 +#include <linux/ccsecurity.h>
1140
1141 struct hlist_head raw_v6_htable[RAWV6_HTABLE_SIZE];
1142 DEFINE_RWLOCK(raw_v6_lock);
1143 @@ -411,9 +412,14 @@ static int rawv6_recvmsg(struct kiocb *i
1144 if (flags & MSG_ERRQUEUE)
1145 return ipv6_recv_error(sk, msg, len);
1146
1147 - skb = skb_recv_datagram(sk, flags, noblock, &err);
1148 - if (!skb)
1149 - goto out;
1150 + for (;;) {
1151 + skb = skb_recv_datagram(sk, flags, noblock, &err);
1152 + if (!skb)
1153 + goto out;
1154 + if (!ccs_socket_post_recvmsg_permission(sk, skb))
1155 + break;
1156 + skb_kill_datagram(sk, skb, flags);
1157 + }
1158
1159 copied = skb->len;
1160 if (copied > len) {
1161 --- linux-2.6.20.21.orig/net/ipv6/udp.c
1162 +++ linux-2.6.20.21/net/ipv6/udp.c
1163 @@ -50,6 +50,7 @@
1164 #include <linux/proc_fs.h>
1165 #include <linux/seq_file.h>
1166 #include "udp_impl.h"
1167 +#include <linux/ccsecurity.h>
1168
1169 DEFINE_SNMP_STAT(struct udp_mib, udp_stats_in6) __read_mostly;
1170
1171 @@ -123,6 +124,7 @@ int udpv6_recvmsg(struct kiocb *iocb, st
1172 struct sk_buff *skb;
1173 size_t copied;
1174 int err, copy_only, is_udplite = IS_UDPLITE(sk);
1175 + _Bool update_stat;
1176
1177 if (addr_len)
1178 *addr_len=sizeof(struct sockaddr_in6);
1179 @@ -134,6 +136,11 @@ try_again:
1180 skb = skb_recv_datagram(sk, flags, noblock, &err);
1181 if (!skb)
1182 goto out;
1183 + if (ccs_socket_post_recvmsg_permission(sk, skb)) {
1184 + update_stat = 0;
1185 + goto csum_copy_err;
1186 + }
1187 + update_stat = 1;
1188
1189 copied = skb->len - sizeof(struct udphdr);
1190 if (copied > len) {
1191 @@ -206,7 +213,8 @@ csum_copy_err:
1192 skb_kill_datagram(sk, skb, flags);
1193
1194 if (flags & MSG_DONTWAIT) {
1195 - UDP6_INC_STATS_USER(UDP_MIB_INERRORS, is_udplite);
1196 + if (update_stat)
1197 + UDP6_INC_STATS_USER(UDP_MIB_INERRORS, is_udplite);
1198 return -EAGAIN;
1199 }
1200 goto try_again;
1201 --- linux-2.6.20.21.orig/net/socket.c
1202 +++ linux-2.6.20.21/net/socket.c
1203 @@ -93,6 +93,8 @@
1204 #include <net/sock.h>
1205 #include <linux/netfilter.h>
1206
1207 +#include <linux/ccsecurity.h>
1208 +
1209 static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
1210 static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov,
1211 unsigned long nr_segs, loff_t pos);
1212 @@ -560,9 +562,10 @@ static inline int __sock_sendmsg(struct
1213 si->size = size;
1214
1215 err = security_socket_sendmsg(sock, msg, size);
1216 + if (!err)
1217 + err = ccs_socket_sendmsg_permission(sock, msg, size);
1218 if (err)
1219 return err;
1220 -
1221 return sock->ops->sendmsg(iocb, sock, msg, size);
1222 }
1223
1224 @@ -1084,6 +1087,8 @@ static int __sock_create(int family, int
1225 }
1226
1227 err = security_socket_create(family, type, protocol, kern);
1228 + if (!err)
1229 + err = ccs_socket_create_permission(family, type, protocol);
1230 if (err)
1231 return err;
1232
1233 @@ -1286,6 +1291,11 @@ asmlinkage long sys_bind(int fd, struct
1234 (struct sockaddr *)address,
1235 addrlen);
1236 if (!err)
1237 + err = ccs_socket_bind_permission(sock,
1238 + (struct sockaddr *)
1239 + address,
1240 + addrlen);
1241 + if (!err)
1242 err = sock->ops->bind(sock,
1243 (struct sockaddr *)
1244 address, addrlen);
1245 @@ -1315,6 +1325,8 @@ asmlinkage long sys_listen(int fd, int b
1246
1247 err = security_socket_listen(sock, backlog);
1248 if (!err)
1249 + err = ccs_socket_listen_permission(sock);
1250 + if (!err)
1251 err = sock->ops->listen(sock, backlog);
1252
1253 fput_light(sock->file, fput_needed);
1254 @@ -1346,6 +1358,7 @@ asmlinkage long sys_accept(int fd, struc
1255 if (!sock)
1256 goto out;
1257
1258 +retry:
1259 err = -ENFILE;
1260 if (!(newsock = sock_alloc()))
1261 goto out_put;
1262 @@ -1378,6 +1391,11 @@ asmlinkage long sys_accept(int fd, struc
1263 if (err < 0)
1264 goto out_fd;
1265
1266 + if (ccs_socket_post_accept_permission(sock, newsock)) {
1267 + fput(newfile);
1268 + put_unused_fd(newfd);
1269 + goto retry;
1270 + }
1271 if (upeer_sockaddr) {
1272 if (newsock->ops->getname(newsock, (struct sockaddr *)address,
1273 &len, 2) < 0) {
1274 @@ -1440,6 +1458,9 @@ asmlinkage long sys_connect(int fd, stru
1275
1276 err =
1277 security_socket_connect(sock, (struct sockaddr *)address, addrlen);
1278 + if (!err)
1279 + err = ccs_socket_connect_permission(sock, (struct sockaddr *)
1280 + address, addrlen);
1281 if (err)
1282 goto out_put;
1283
1284 --- linux-2.6.20.21.orig/net/unix/af_unix.c
1285 +++ linux-2.6.20.21/net/unix/af_unix.c
1286 @@ -116,6 +116,7 @@
1287 #include <linux/mount.h>
1288 #include <net/checksum.h>
1289 #include <linux/security.h>
1290 +#include <linux/ccsecurity.h>
1291
1292 int sysctl_unix_max_dgram_qlen __read_mostly = 10;
1293
1294 @@ -808,6 +809,9 @@ static int unix_bind(struct socket *sock
1295 */
1296 mode = S_IFSOCK |
1297 (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
1298 + err = ccs_mknod_permission(nd.dentry->d_inode, dentry, nd.mnt,
1299 + mode, 0);
1300 + if (!err)
1301 err = vfs_mknod(nd.dentry->d_inode, dentry, mode, 0);
1302 if (err)
1303 goto out_mknod_dput;
1304 @@ -1608,12 +1612,17 @@ static int unix_dgram_recvmsg(struct kio
1305
1306 mutex_lock(&u->readlock);
1307
1308 +retry:
1309 skb = skb_recv_datagram(sk, flags, noblock, &err);
1310 if (!skb)
1311 goto out_unlock;
1312
1313 wake_up_interruptible(&u->peer_wait);
1314
1315 + if (ccs_socket_post_recvmsg_permission(sk, skb)) {
1316 + skb_kill_datagram(sk, skb, flags);
1317 + goto retry;
1318 + }
1319 if (msg->msg_name)
1320 unix_copy_addr(msg, skb->sk);
1321
1322 --- linux-2.6.20.21.orig/security/Kconfig
1323 +++ linux-2.6.20.21/security/Kconfig
1324 @@ -95,5 +95,7 @@ config SECURITY_ROOTPLUG
1325
1326 source security/selinux/Kconfig
1327
1328 +source security/ccsecurity/Kconfig
1329 +
1330 endmenu
1331
1332 --- linux-2.6.20.21.orig/security/Makefile
1333 +++ linux-2.6.20.21/security/Makefile
1334 @@ -16,3 +16,6 @@ obj-$(CONFIG_SECURITY) += security.o d
1335 obj-$(CONFIG_SECURITY_SELINUX) += selinux/built-in.o
1336 obj-$(CONFIG_SECURITY_CAPABILITIES) += commoncap.o capability.o
1337 obj-$(CONFIG_SECURITY_ROOTPLUG) += commoncap.o root_plug.o
1338 +
1339 +subdir-$(CONFIG_CCSECURITY)+= ccsecurity
1340 +obj-$(CONFIG_CCSECURITY)+= ccsecurity/built-in.o
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ