オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.21.diff

Diff of /trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.21.diff

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 352 by kumaneko, Tue Aug 14 11:27:50 2007 UTC revision 449 by kumaneko, Thu Sep 6 08:31:39 2007 UTC
# Line 216  diff -ubBpEr linux-2.6.21/fs/namei.c lin Line 216  diff -ubBpEr linux-2.6.21/fs/namei.c lin
216                  if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))                  if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
217                          return -EPERM;                          return -EPERM;
218    
219  +    /***** TOMOYO Linux start. *****/  +       /***** TOMOYO Linux start. *****/
220  +       error = CheckOpenPermission(dentry, nd->mnt, flag); /* includes O_APPEND and O_TRUNC checks */  +       error = CheckOpenPermission(dentry, nd->mnt, flag); /* includes O_APPEND and O_TRUNC checks */
221  +    if (error) return error;  +       if (error) return error;
222  +    /***** TOMOYO Linux end. *****/  +       /***** TOMOYO Linux end. *****/
223  +  +
224          /*          /*
225           * Ensure there are no outstanding leases on the file.           * Ensure there are no outstanding leases on the file.
# Line 369  diff -ubBpEr linux-2.6.21/fs/namei.c lin Line 369  diff -ubBpEr linux-2.6.21/fs/namei.c lin
369          if(IS_ERR(from))          if(IS_ERR(from))
370  diff -ubBpEr linux-2.6.21/fs/namespace.c linux-2.6.21-ccs/fs/namespace.c  diff -ubBpEr linux-2.6.21/fs/namespace.c linux-2.6.21-ccs/fs/namespace.c
371  --- linux-2.6.21/fs/namespace.c 2007-04-28 04:02:41.000000000 +0900  --- linux-2.6.21/fs/namespace.c 2007-04-28 04:02:41.000000000 +0900
372  +++ linux-2.6.21-ccs/fs/namespace.c     2007-04-28 04:02:47.000000000 +0900  +++ linux-2.6.21-ccs/fs/namespace.c     2007-09-05 14:52:13.677479112 +0900
373  @@ -28,6 +28,12 @@  @@ -28,6 +28,12 @@
374   #include <asm/uaccess.h>   #include <asm/uaccess.h>
375   #include <asm/unistd.h>   #include <asm/unistd.h>
# Line 445  diff -ubBpEr linux-2.6.21/fs/namespace.c Line 445  diff -ubBpEr linux-2.6.21/fs/namespace.c
445  +       if (CheckCapabilityACL(TOMOYO_SYS_MOUNT)) return -EPERM;  +       if (CheckCapabilityACL(TOMOYO_SYS_MOUNT)) return -EPERM;
446  +       /***** TOMOYO Linux end. *****/  +       /***** TOMOYO Linux end. *****/
447  +       /***** SAKURA Linux start. *****/  +       /***** SAKURA Linux start. *****/
448  +       if (CheckMountPermission(dev_name, dir_name, type_page, &flags)) return -EPERM;  +       if ((retval = CheckMountPermission(dev_name, dir_name, type_page, &flags)) < 0) return retval;
449  +       /***** SAKURA Linux end. *****/  +       /***** SAKURA Linux end. *****/
450  +  +
451          /* Separate the per-mountpoint flags */          /* Separate the per-mountpoint flags */
# Line 542  diff -ubBpEr linux-2.6.21/fs/proc/Makefi Line 542  diff -ubBpEr linux-2.6.21/fs/proc/Makefi
542  +proc-$(CONFIG_TOMOYO) += ccs_proc.o  +proc-$(CONFIG_TOMOYO) += ccs_proc.o
543  diff -ubBpEr linux-2.6.21/fs/proc/proc_misc.c linux-2.6.21-ccs/fs/proc/proc_misc.c  diff -ubBpEr linux-2.6.21/fs/proc/proc_misc.c linux-2.6.21-ccs/fs/proc/proc_misc.c
544  --- linux-2.6.21/fs/proc/proc_misc.c    2007-04-28 04:02:41.000000000 +0900  --- linux-2.6.21/fs/proc/proc_misc.c    2007-04-28 04:02:41.000000000 +0900
545  +++ linux-2.6.21-ccs/fs/proc/proc_misc.c        2007-07-10 09:03:54.000000000 +0900  +++ linux-2.6.21-ccs/fs/proc/proc_misc.c        2007-09-05 14:49:39.022990168 +0900
546  @@ -747,4 +747,13 @@ void __init proc_misc_init(void)  @@ -747,4 +747,13 @@ void __init proc_misc_init(void)
547                          entry->proc_fops = &proc_sysrq_trigger_operations;                          entry->proc_fops = &proc_sysrq_trigger_operations;
548          }          }
# Line 552  diff -ubBpEr linux-2.6.21/fs/proc/proc_m Line 552  diff -ubBpEr linux-2.6.21/fs/proc/proc_m
552  +       {  +       {
553  +               extern void __init CCSProc_Init(void);  +               extern void __init CCSProc_Init(void);
554  +               CCSProc_Init();  +               CCSProc_Init();
555  +               printk("Hook version: 2.6.21 2007/08/14\n");  +               printk("Hook version: 2.6.21 2007/09/05\n");
556  +       }  +       }
557  +#endif  +#endif
558  +       /***** CCS end. *****/  +       /***** CCS end. *****/
# Line 976  diff -ubBpEr linux-2.6.21/kernel/time.c Line 976  diff -ubBpEr linux-2.6.21/kernel/time.c
976                  /* SMP safe, global irq locking makes it work. */                  /* SMP safe, global irq locking makes it work. */
977  diff -ubBpEr linux-2.6.21/net/core/datagram.c linux-2.6.21-ccs/net/core/datagram.c  diff -ubBpEr linux-2.6.21/net/core/datagram.c linux-2.6.21-ccs/net/core/datagram.c
978  --- linux-2.6.21/net/core/datagram.c    2007-04-26 12:08:32.000000000 +0900  --- linux-2.6.21/net/core/datagram.c    2007-04-26 12:08:32.000000000 +0900
979  +++ linux-2.6.21-ccs/net/core/datagram.c        2007-08-14 10:55:26.000000000 +0900  +++ linux-2.6.21-ccs/net/core/datagram.c        2007-09-05 14:46:28.016027640 +0900
980  @@ -56,6 +56,11 @@  @@ -56,6 +56,11 @@
981   #include <net/sock.h>   #include <net/sock.h>
982   #include <net/tcp_states.h>   #include <net/tcp_states.h>
# Line 989  diff -ubBpEr linux-2.6.21/net/core/datag Line 989  diff -ubBpEr linux-2.6.21/net/core/datag
989   /*   /*
990    *     Is a socket 'connection oriented' ?    *     Is a socket 'connection oriented' ?
991    */    */
992  @@ -178,6 +183,14 @@ struct sk_buff *skb_recv_datagram(struct  @@ -178,6 +183,10 @@ struct sk_buff *skb_recv_datagram(struct
993                  } else                  } else
994                          skb = skb_dequeue(&sk->sk_receive_queue);                          skb = skb_dequeue(&sk->sk_receive_queue);
995    
996  +                /***** TOMOYO Linux start. *****/  +               /***** TOMOYO Linux start. *****/
997  +                error = CheckSocketRecvDatagramPermission(sk, skb);  +               if ((error = CheckSocketRecvDatagramPermission(sk, skb, flags)) < 0) goto no_packet;
998  +                if (error) {  +               /***** TOMOYO Linux end. *****/
 +                        skb_kill_datagram(sk, skb, flags);  
 +                        goto no_packet;  
 +                }  
 +                /***** TOMOYO Linux end. *****/  
999  +  +
1000                  if (skb)                  if (skb)
1001                          return skb;                          return skb;
# Line 1052  diff -ubBpEr linux-2.6.21/net/ipv4/inet_ Line 1048  diff -ubBpEr linux-2.6.21/net/ipv4/inet_
1048    
1049  diff -ubBpEr linux-2.6.21/net/ipv4/udp.c linux-2.6.21-ccs/net/ipv4/udp.c  diff -ubBpEr linux-2.6.21/net/ipv4/udp.c linux-2.6.21-ccs/net/ipv4/udp.c
1050  --- linux-2.6.21/net/ipv4/udp.c 2007-04-28 04:02:41.000000000 +0900  --- linux-2.6.21/net/ipv4/udp.c 2007-04-28 04:02:41.000000000 +0900
1051  +++ linux-2.6.21-ccs/net/ipv4/udp.c     2007-05-23 14:50:12.000000000 +0900  +++ linux-2.6.21-ccs/net/ipv4/udp.c     2007-08-15 16:15:01.000000000 +0900
1052  @@ -102,6 +102,9 @@  @@ -102,6 +102,9 @@
1053   #include <net/checksum.h>   #include <net/checksum.h>
1054   #include <net/xfrm.h>   #include <net/xfrm.h>
# Line 1108  diff -ubBpEr linux-2.6.21/net/ipv6/inet6 Line 1104  diff -ubBpEr linux-2.6.21/net/ipv6/inet6
1104    
1105  diff -ubBpEr linux-2.6.21/net/socket.c linux-2.6.21-ccs/net/socket.c  diff -ubBpEr linux-2.6.21/net/socket.c linux-2.6.21-ccs/net/socket.c
1106  --- linux-2.6.21/net/socket.c   2007-04-28 04:02:41.000000000 +0900  --- linux-2.6.21/net/socket.c   2007-04-28 04:02:41.000000000 +0900
1107  +++ linux-2.6.21-ccs/net/socket.c       2007-08-14 10:46:32.000000000 +0900  +++ linux-2.6.21-ccs/net/socket.c       2007-08-27 16:06:11.000000000 +0900
1108  @@ -93,6 +93,11 @@  @@ -93,6 +93,11 @@
1109   #include <net/sock.h>   #include <net/sock.h>
1110   #include <linux/netfilter.h>   #include <linux/netfilter.h>
# Line 1127  diff -ubBpEr linux-2.6.21/net/socket.c l Line 1123  diff -ubBpEr linux-2.6.21/net/socket.c l
1123                  return err;                  return err;
1124  +       /***** TOMOYO Linux start. *****/  +       /***** TOMOYO Linux start. *****/
1125  +       if (CheckSocketSendMsgPermission(sock, (struct sockaddr *) msg->msg_name, msg->msg_namelen)) return -EPERM;  +       if (CheckSocketSendMsgPermission(sock, (struct sockaddr *) msg->msg_name, msg->msg_namelen)) return -EPERM;
1126  +       /***** TOMOYO Linux start. *****/  +       /***** TOMOYO Linux end. *****/
1127    
1128          return sock->ops->sendmsg(iocb, sock, msg, size);          return sock->ops->sendmsg(iocb, sock, msg, size);
1129   }   }
Legend:
Removed from v.352  
changed lines
  Added in v.449
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ