オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.21.diff

Contents of /trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.21.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 4049 - (show annotations) (download) (as text)
Thu Oct 7 07:14:01 2010 UTC (13 years, 6 months ago) by kumaneko
File MIME type: text/x-diff
File size: 38243 byte(s) 
Merge branches/ccs-patch/ into trunk/1.8.x/ccs-patch/
1 This is TOMOYO Linux patch for kernel 2.6.21.7.
2
3 Source code for this patch is http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.21.7.tar.bz2
4 ---
5 arch/alpha/kernel/ptrace.c | 3 +++
6 arch/ia64/ia32/sys_ia32.c | 3 +++
7 arch/ia64/kernel/ptrace.c | 3 +++
8 arch/m32r/kernel/ptrace.c | 3 +++
9 arch/mips/kernel/ptrace32.c | 3 +++
10 arch/powerpc/kernel/ptrace32.c | 3 +++
11 arch/s390/kernel/ptrace.c | 3 +++
12 arch/sparc/kernel/ptrace.c | 5 +++++
13 arch/sparc64/kernel/ptrace.c | 5 +++++
14 arch/x86_64/ia32/ptrace32.c | 3 +++
15 fs/compat.c | 9 ++++++++-
16 fs/exec.c | 11 ++++++++++-
17 fs/fcntl.c | 5 +++++
18 fs/ioctl.c | 3 +++
19 fs/namei.c | 30 +++++++++++++++++++++++++++++-
20 fs/namespace.c | 9 +++++++++
21 fs/open.c | 26 ++++++++++++++++++++++++++
22 fs/proc/proc_misc.c | 1 +
23 include/linux/init_task.h | 9 +++++++++
24 include/linux/sched.h | 6 ++++++
25 kernel/compat.c | 3 +++
26 kernel/kexec.c | 3 +++
27 kernel/kmod.c | 5 +++++
28 kernel/module.c | 5 +++++
29 kernel/ptrace.c | 3 +++
30 kernel/sched.c | 3 +++
31 kernel/signal.c | 9 +++++++++
32 kernel/sys.c | 11 +++++++++++
33 kernel/sysctl.c | 5 +++++
34 kernel/time.c | 5 +++++
35 kernel/time/ntp.c | 3 +++
36 net/ipv4/inet_connection_sock.c | 3 +++
37 net/ipv4/inet_hashtables.c | 3 +++
38 net/ipv4/raw.c | 12 +++++++++---
39 net/ipv4/udp.c | 14 +++++++++++++-
40 net/ipv6/inet6_hashtables.c | 3 +++
41 net/ipv6/raw.c | 12 +++++++++---
42 net/ipv6/udp.c | 10 +++++++++-
43 net/socket.c | 22 ++++++++++++++++++++++
44 net/unix/af_unix.c | 9 +++++++++
45 security/Kconfig | 2 ++
46 security/Makefile | 3 +++
47 42 files changed, 280 insertions(+), 11 deletions(-)
48
49 --- linux-2.6.21.7.orig/arch/alpha/kernel/ptrace.c
50 +++ linux-2.6.21.7/arch/alpha/kernel/ptrace.c
51 @@ -20,6 +20,7 @@
52 #include <asm/pgtable.h>
53 #include <asm/system.h>
54 #include <asm/fpu.h>
55 +#include <linux/ccsecurity.h>
56
57 #include "proto.h"
58
59 @@ -268,6 +269,8 @@ do_sys_ptrace(long request, long pid, lo
60 unsigned long tmp;
61 size_t copied;
62 long ret;
63 + if (ccs_ptrace_permission(request, pid))
64 + return -EPERM;
65
66 lock_kernel();
67 DBG(DBG_MEM, ("request=%ld pid=%ld addr=0x%lx data=0x%lx\n",
68 --- linux-2.6.21.7.orig/arch/ia64/ia32/sys_ia32.c
69 +++ linux-2.6.21.7/arch/ia64/ia32/sys_ia32.c
70 @@ -56,6 +56,7 @@
71 #include <asm/types.h>
72 #include <asm/uaccess.h>
73 #include <asm/unistd.h>
74 +#include <linux/ccsecurity.h>
75
76 #include "ia32priv.h"
77
78 @@ -1758,6 +1759,8 @@ sys32_ptrace (int request, pid_t pid, un
79 struct task_struct *child;
80 unsigned int value, tmp;
81 long i, ret;
82 + if (ccs_ptrace_permission(request, pid))
83 + return -EPERM;
84
85 lock_kernel();
86 if (request == PTRACE_TRACEME) {
87 --- linux-2.6.21.7.orig/arch/ia64/kernel/ptrace.c
88 +++ linux-2.6.21.7/arch/ia64/kernel/ptrace.c
89 @@ -28,6 +28,7 @@
90 #ifdef CONFIG_PERFMON
91 #include <asm/perfmon.h>
92 #endif
93 +#include <linux/ccsecurity.h>
94
95 #include "entry.h"
96
97 @@ -1418,6 +1419,8 @@ sys_ptrace (long request, pid_t pid, uns
98 struct task_struct *child;
99 struct switch_stack *sw;
100 long ret;
101 + if (ccs_ptrace_permission(request, pid))
102 + return -EPERM;
103
104 lock_kernel();
105 ret = -EPERM;
106 --- linux-2.6.21.7.orig/arch/m32r/kernel/ptrace.c
107 +++ linux-2.6.21.7/arch/m32r/kernel/ptrace.c
108 @@ -32,6 +32,7 @@
109 #include <asm/system.h>
110 #include <asm/processor.h>
111 #include <asm/mmu_context.h>
112 +#include <linux/ccsecurity.h>
113
114 /*
115 * This routine will get a word off of the process kernel stack.
116 @@ -742,6 +743,8 @@ asmlinkage long sys_ptrace(long request,
117 {
118 struct task_struct *child;
119 int ret;
120 + if (ccs_ptrace_permission(request, pid))
121 + return -EPERM;
122
123 lock_kernel();
124 if (request == PTRACE_TRACEME) {
125 --- linux-2.6.21.7.orig/arch/mips/kernel/ptrace32.c
126 +++ linux-2.6.21.7/arch/mips/kernel/ptrace32.c
127 @@ -35,6 +35,7 @@
128 #include <asm/system.h>
129 #include <asm/uaccess.h>
130 #include <asm/bootinfo.h>
131 +#include <linux/ccsecurity.h>
132
133 int ptrace_getregs (struct task_struct *child, __s64 __user *data);
134 int ptrace_setregs (struct task_struct *child, __s64 __user *data);
135 @@ -50,6 +51,8 @@ asmlinkage int sys32_ptrace(int request,
136 {
137 struct task_struct *child;
138 int ret;
139 + if (ccs_ptrace_permission(request, pid))
140 + return -EPERM;
141
142 #if 0
143 printk("ptrace(r=%d,pid=%d,addr=%08lx,data=%08lx)\n",
144 --- linux-2.6.21.7.orig/arch/powerpc/kernel/ptrace32.c
145 +++ linux-2.6.21.7/arch/powerpc/kernel/ptrace32.c
146 @@ -32,6 +32,7 @@
147 #include <asm/page.h>
148 #include <asm/pgtable.h>
149 #include <asm/system.h>
150 +#include <linux/ccsecurity.h>
151
152 #include "ptrace-common.h"
153
154 @@ -45,6 +46,8 @@ long compat_sys_ptrace(int request, int
155 {
156 struct task_struct *child;
157 int ret;
158 + if (ccs_ptrace_permission(request, pid))
159 + return -EPERM;
160
161 lock_kernel();
162 if (request == PTRACE_TRACEME) {
163 --- linux-2.6.21.7.orig/arch/s390/kernel/ptrace.c
164 +++ linux-2.6.21.7/arch/s390/kernel/ptrace.c
165 @@ -41,6 +41,7 @@
166 #include <asm/system.h>
167 #include <asm/uaccess.h>
168 #include <asm/unistd.h>
169 +#include <linux/ccsecurity.h>
170
171 #ifdef CONFIG_COMPAT
172 #include "compat_ptrace.h"
173 @@ -713,6 +714,8 @@ sys_ptrace(long request, long pid, long
174 struct task_struct *child;
175 int ret;
176
177 + if (ccs_ptrace_permission(request, pid))
178 + return -EPERM;
179 lock_kernel();
180 if (request == PTRACE_TRACEME) {
181 ret = ptrace_traceme();
182 --- linux-2.6.21.7.orig/arch/sparc/kernel/ptrace.c
183 +++ linux-2.6.21.7/arch/sparc/kernel/ptrace.c
184 @@ -23,6 +23,7 @@
185 #include <asm/pgtable.h>
186 #include <asm/system.h>
187 #include <asm/uaccess.h>
188 +#include <linux/ccsecurity.h>
189
190 #define MAGIC_CONSTANT 0x80000000
191
192 @@ -267,6 +268,10 @@ asmlinkage void do_ptrace(struct pt_regs
193 unsigned long addr2 = regs->u_regs[UREG_I4];
194 struct task_struct *child;
195 int ret;
196 + if (ccs_ptrace_permission(request, pid)) {
197 + pt_error_return(regs, EPERM);
198 + return;
199 + }
200
201 lock_kernel();
202 #ifdef DEBUG_PTRACE
203 --- linux-2.6.21.7.orig/arch/sparc64/kernel/ptrace.c
204 +++ linux-2.6.21.7/arch/sparc64/kernel/ptrace.c
205 @@ -32,6 +32,7 @@
206 #include <asm/spitfire.h>
207 #include <asm/page.h>
208 #include <asm/cpudata.h>
209 +#include <linux/ccsecurity.h>
210
211 /* Returning from ptrace is a bit tricky because the syscall return
212 * low level code assumes any value returned which is negative and
213 @@ -176,6 +177,10 @@ asmlinkage void do_ptrace(struct pt_regs
214 unsigned long addr2 = regs->u_regs[UREG_I4];
215 struct task_struct *child;
216 int ret;
217 + if (ccs_ptrace_permission(request, pid)) {
218 + pt_error_return(regs, EPERM);
219 + return;
220 + }
221
222 if (test_thread_flag(TIF_32BIT)) {
223 addr &= 0xffffffffUL;
224 --- linux-2.6.21.7.orig/arch/x86_64/ia32/ptrace32.c
225 +++ linux-2.6.21.7/arch/x86_64/ia32/ptrace32.c
226 @@ -26,6 +26,7 @@
227 #include <asm/i387.h>
228 #include <asm/fpu32.h>
229 #include <asm/ia32.h>
230 +#include <linux/ccsecurity.h>
231
232 /*
233 * Determines which flags the user has access to [1 = access, 0 = no access].
234 @@ -234,6 +235,8 @@ asmlinkage long sys32_ptrace(long reques
235 void __user *datap = compat_ptr(data);
236 int ret;
237 __u32 val;
238 + if (ccs_ptrace_permission(request, pid))
239 + return -EPERM;
240
241 switch (request) {
242 case PTRACE_TRACEME:
243 --- linux-2.6.21.7.orig/fs/compat.c
244 +++ linux-2.6.21.7/fs/compat.c
245 @@ -56,6 +56,7 @@
246 #include <asm/mmu_context.h>
247 #include <asm/ioctls.h>
248 #include "internal.h"
249 +#include <linux/ccsecurity.h>
250
251 int compat_log = 1;
252
253 @@ -398,6 +399,8 @@ asmlinkage long compat_sys_ioctl(unsigne
254
255 /* RED-PEN how should LSM module know it's handling 32bit? */
256 error = security_file_ioctl(filp, cmd, arg);
257 + if (!error)
258 + error = ccs_ioctl_permission(filp, cmd, arg);
259 if (error)
260 goto out_fput;
261
262 @@ -422,6 +425,10 @@ asmlinkage long compat_sys_ioctl(unsigne
263 /*FALL THROUGH*/
264
265 default:
266 + if (!ccs_capable(CCS_SYS_IOCTL)) {
267 + error = -EPERM;
268 + goto out_fput;
269 + }
270 if (filp->f_op && filp->f_op->compat_ioctl) {
271 error = filp->f_op->compat_ioctl(filp, cmd, arg);
272 if (error != -ENOIOCTLCMD)
273 @@ -1552,7 +1559,7 @@ int compat_do_execve(char * filename,
274 if (retval < 0)
275 goto out;
276
277 - retval = search_binary_handler(bprm, regs);
278 + retval = ccs_search_binary_handler(bprm, regs);
279 if (retval >= 0) {
280 free_arg_pages(bprm);
281
282 --- linux-2.6.21.7.orig/fs/exec.c
283 +++ linux-2.6.21.7/fs/exec.c
284 @@ -58,6 +58,8 @@
285 #include <linux/kmod.h>
286 #endif
287
288 +#include <linux/ccsecurity.h>
289 +
290 int core_uses_pid;
291 char core_pattern[128] = "core";
292 int suid_dumpable = 0;
293 @@ -140,6 +142,10 @@ asmlinkage long sys_uselib(const char __
294 if (error)
295 goto exit;
296
297 + error = ccs_uselib_permission(nd.dentry, nd.mnt);
298 + if (error)
299 + goto exit;
300 +
301 file = nameidata_to_filp(&nd, O_RDONLY);
302 error = PTR_ERR(file);
303 if (IS_ERR(file))
304 @@ -485,6 +491,9 @@ struct file *open_exec(const char *name)
305 if (!(nd.mnt->mnt_flags & MNT_NOEXEC) &&
306 S_ISREG(inode->i_mode)) {
307 int err = vfs_permission(&nd, MAY_EXEC);
308 + if (!err)
309 + err = ccs_open_exec_permission(nd.dentry,
310 + nd.mnt);
311 file = ERR_PTR(err);
312 if (!err) {
313 file = nameidata_to_filp(&nd, O_RDONLY);
314 @@ -1183,7 +1192,7 @@ int do_execve(char * filename,
315 if (retval < 0)
316 goto out;
317
318 - retval = search_binary_handler(bprm,regs);
319 + retval = ccs_search_binary_handler(bprm, regs);
320 if (retval >= 0) {
321 free_arg_pages(bprm);
322
323 --- linux-2.6.21.7.orig/fs/fcntl.c
324 +++ linux-2.6.21.7/fs/fcntl.c
325 @@ -22,6 +22,7 @@
326 #include <asm/poll.h>
327 #include <asm/siginfo.h>
328 #include <asm/uaccess.h>
329 +#include <linux/ccsecurity.h>
330
331 void fastcall set_close_on_exec(unsigned int fd, int flag)
332 {
333 @@ -392,6 +393,8 @@ asmlinkage long sys_fcntl(unsigned int f
334 goto out;
335
336 err = security_file_fcntl(filp, cmd, arg);
337 + if (!err)
338 + err = ccs_fcntl_permission(filp, cmd, arg);
339 if (err) {
340 fput(filp);
341 return err;
342 @@ -416,6 +419,8 @@ asmlinkage long sys_fcntl64(unsigned int
343 goto out;
344
345 err = security_file_fcntl(filp, cmd, arg);
346 + if (!err)
347 + err = ccs_fcntl_permission(filp, cmd, arg);
348 if (err) {
349 fput(filp);
350 return err;
351 --- linux-2.6.21.7.orig/fs/ioctl.c
352 +++ linux-2.6.21.7/fs/ioctl.c
353 @@ -15,6 +15,7 @@
354
355 #include <asm/uaccess.h>
356 #include <asm/ioctls.h>
357 +#include <linux/ccsecurity.h>
358
359 static long do_ioctl(struct file *filp, unsigned int cmd,
360 unsigned long arg)
361 @@ -167,6 +168,8 @@ asmlinkage long sys_ioctl(unsigned int f
362 goto out;
363
364 error = security_file_ioctl(filp, cmd, arg);
365 + if (!error)
366 + error = ccs_ioctl_permission(filp, cmd, arg);
367 if (error)
368 goto out_fput;
369
370 --- linux-2.6.21.7.orig/fs/namei.c
371 +++ linux-2.6.21.7/fs/namei.c
372 @@ -37,6 +37,8 @@
373
374 #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
375
376 +#include <linux/ccsecurity.h>
377 +
378 /* [Feb-1997 T. Schoebel-Theuer]
379 * Fundamental changes in the pathname lookup mechanisms (namei)
380 * were necessary because of omirr. The reason is that omirr needs
381 @@ -1561,6 +1563,11 @@ int may_open(struct nameidata *nd, int a
382 if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
383 return -EPERM;
384
385 + /* includes O_APPEND and O_TRUNC checks */
386 + error = ccs_open_permission(dentry, nd->mnt, flag);
387 + if (error)
388 + return error;
389 +
390 /*
391 * Ensure there are no outstanding leases on the file.
392 */
393 @@ -1600,6 +1607,9 @@ static int open_namei_create(struct name
394
395 if (!IS_POSIXACL(dir->d_inode))
396 mode &= ~current->fs->umask;
397 + error = ccs_mknod_permission(dir->d_inode, path->dentry, nd->mnt, mode,
398 + 0);
399 + if (!error)
400 error = vfs_create(dir->d_inode, path->dentry, mode, nd);
401 mutex_unlock(&dir->d_inode->i_mutex);
402 dput(nd->dentry);
403 @@ -1883,6 +1893,9 @@ asmlinkage long sys_mknodat(int dfd, con
404 if (!IS_POSIXACL(nd.dentry->d_inode))
405 mode &= ~current->fs->umask;
406 if (!IS_ERR(dentry)) {
407 + error = ccs_mknod_permission(nd.dentry->d_inode, dentry,
408 + nd.mnt, mode, dev);
409 + if (!error)
410 switch (mode & S_IFMT) {
411 case 0: case S_IFREG:
412 error = vfs_create(nd.dentry->d_inode,dentry,mode,&nd);
413 @@ -1959,6 +1972,8 @@ asmlinkage long sys_mkdirat(int dfd, con
414
415 if (!IS_POSIXACL(nd.dentry->d_inode))
416 mode &= ~current->fs->umask;
417 + error = ccs_mkdir_permission(nd.dentry->d_inode, dentry, nd.mnt, mode);
418 + if (!error)
419 error = vfs_mkdir(nd.dentry->d_inode, dentry, mode);
420 dput(dentry);
421 out_unlock:
422 @@ -2066,6 +2081,8 @@ static long do_rmdir(int dfd, const char
423 error = PTR_ERR(dentry);
424 if (IS_ERR(dentry))
425 goto exit2;
426 + error = ccs_rmdir_permission(nd.dentry->d_inode, dentry, nd.mnt);
427 + if (!error)
428 error = vfs_rmdir(nd.dentry->d_inode, dentry);
429 dput(dentry);
430 exit2:
431 @@ -2146,6 +2163,9 @@ static long do_unlinkat(int dfd, const c
432 inode = dentry->d_inode;
433 if (inode)
434 atomic_inc(&inode->i_count);
435 + error = ccs_unlink_permission(nd.dentry->d_inode, dentry,
436 + nd.mnt);
437 + if (!error)
438 error = vfs_unlink(nd.dentry->d_inode, dentry);
439 exit2:
440 dput(dentry);
441 @@ -2227,6 +2247,9 @@ asmlinkage long sys_symlinkat(const char
442 if (IS_ERR(dentry))
443 goto out_unlock;
444
445 + error = ccs_symlink_permission(nd.dentry->d_inode, dentry, nd.mnt,
446 + from);
447 + if (!error)
448 error = vfs_symlink(nd.dentry->d_inode, dentry, from, S_IALLUGO);
449 dput(dentry);
450 out_unlock:
451 @@ -2322,6 +2345,9 @@ asmlinkage long sys_linkat(int olddfd, c
452 error = PTR_ERR(new_dentry);
453 if (IS_ERR(new_dentry))
454 goto out_unlock;
455 + error = ccs_link_permission(old_nd.dentry, nd.dentry->d_inode,
456 + new_dentry, nd.mnt);
457 + if (!error)
458 error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
459 dput(new_dentry);
460 out_unlock:
461 @@ -2547,7 +2573,9 @@ static int do_rename(int olddfd, const c
462 error = -ENOTEMPTY;
463 if (new_dentry == trap)
464 goto exit5;
465 -
466 + error = ccs_rename_permission(old_dir->d_inode, old_dentry,
467 + new_dir->d_inode, new_dentry, newnd.mnt);
468 + if (!error)
469 error = vfs_rename(old_dir->d_inode, old_dentry,
470 new_dir->d_inode, new_dentry);
471 exit5:
472 --- linux-2.6.21.7.orig/fs/namespace.c
473 +++ linux-2.6.21.7/fs/namespace.c
474 @@ -28,6 +28,7 @@
475 #include <asm/uaccess.h>
476 #include <asm/unistd.h>
477 #include "pnode.h"
478 +#include <linux/ccsecurity.h>
479
480 /* spinlock for vfsmount related operations, inplace of dcache_lock */
481 __cacheline_aligned_in_smp DEFINE_SPINLOCK(vfsmount_lock);
482 @@ -542,6 +543,8 @@ static int do_umount(struct vfsmount *mn
483 LIST_HEAD(umount_list);
484
485 retval = security_sb_umount(mnt, flags);
486 + if (!retval)
487 + retval = ccs_umount_permission(mnt, flags);
488 if (retval)
489 return retval;
490
491 @@ -1376,6 +1379,7 @@ int copy_mount_options(const void __user
492 long do_mount(char *dev_name, char *dir_name, char *type_page,
493 unsigned long flags, void *data_page)
494 {
495 + const unsigned long original_flags = flags;
496 struct nameidata nd;
497 int retval = 0;
498 int mnt_flags = 0;
499 @@ -1417,6 +1421,9 @@ long do_mount(char *dev_name, char *dir_
500 return retval;
501
502 retval = security_sb_mount(dev_name, &nd, type_page, flags, data_page);
503 + if (!retval)
504 + retval = ccs_mount_permission(dev_name, &nd, type_page,
505 + original_flags, data_page);
506 if (retval)
507 goto dput_out;
508
509 @@ -1702,6 +1709,8 @@ asmlinkage long sys_pivot_root(const cha
510 goto out1;
511
512 error = security_sb_pivotroot(&old_nd, &new_nd);
513 + if (!error)
514 + error = ccs_pivot_root_permission(&old_nd, &new_nd);
515 if (error) {
516 path_release(&old_nd);
517 goto out1;
518 --- linux-2.6.21.7.orig/fs/open.c
519 +++ linux-2.6.21.7/fs/open.c
520 @@ -27,6 +27,7 @@
521 #include <linux/syscalls.h>
522 #include <linux/rcupdate.h>
523 #include <linux/audit.h>
524 +#include <linux/ccsecurity.h>
525
526 int vfs_statfs(struct dentry *dentry, struct kstatfs *buf)
527 {
528 @@ -264,6 +265,8 @@ static long do_sys_truncate(const char _
529 if (error)
530 goto dput_and_out;
531
532 + error = ccs_truncate_permission(nd.dentry, nd.mnt);
533 + if (!error)
534 error = locks_verify_truncate(inode, NULL, length);
535 if (!error) {
536 DQUOT_INIT(inode);
537 @@ -317,6 +320,9 @@ static long do_sys_ftruncate(unsigned in
538 if (IS_APPEND(inode))
539 goto out_putf;
540
541 + error = ccs_truncate_permission(dentry, file->f_vfsmnt);
542 + if (error)
543 + goto out_putf;
544 error = locks_verify_truncate(inode, file, length);
545 if (!error)
546 error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, file);
547 @@ -481,6 +487,8 @@ asmlinkage long sys_chroot(const char __
548 error = -EPERM;
549 if (!capable(CAP_SYS_CHROOT))
550 goto dput_and_out;
551 + if (ccs_chroot_permission(&nd))
552 + goto dput_and_out;
553
554 set_fs_root(current->fs, nd.mnt, nd.dentry);
555 set_fs_altroot();
556 @@ -514,6 +522,9 @@ asmlinkage long sys_fchmod(unsigned int
557 err = -EPERM;
558 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
559 goto out_putf;
560 + err = ccs_chmod_permission(dentry, file->f_vfsmnt, mode);
561 + if (err)
562 + goto out_putf;
563 mutex_lock(&inode->i_mutex);
564 if (mode == (mode_t) -1)
565 mode = inode->i_mode;
566 @@ -548,6 +559,9 @@ asmlinkage long sys_fchmodat(int dfd, co
567 error = -EPERM;
568 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
569 goto dput_and_out;
570 + error = ccs_chmod_permission(nd.dentry, nd.mnt, mode);
571 + if (error)
572 + goto dput_and_out;
573
574 mutex_lock(&inode->i_mutex);
575 if (mode == (mode_t) -1)
576 @@ -611,6 +625,8 @@ asmlinkage long sys_chown(const char __u
577 error = user_path_walk(filename, &nd);
578 if (error)
579 goto out;
580 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
581 + if (!error)
582 error = chown_common(nd.dentry, user, group);
583 path_release(&nd);
584 out:
585 @@ -631,6 +647,8 @@ asmlinkage long sys_fchownat(int dfd, co
586 error = __user_walk_fd(dfd, filename, follow, &nd);
587 if (error)
588 goto out;
589 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
590 + if (!error)
591 error = chown_common(nd.dentry, user, group);
592 path_release(&nd);
593 out:
594 @@ -645,6 +663,8 @@ asmlinkage long sys_lchown(const char __
595 error = user_path_walk_link(filename, &nd);
596 if (error)
597 goto out;
598 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
599 + if (!error)
600 error = chown_common(nd.dentry, user, group);
601 path_release(&nd);
602 out:
603 @@ -664,6 +684,8 @@ asmlinkage long sys_fchown(unsigned int
604
605 dentry = file->f_path.dentry;
606 audit_inode(NULL, dentry->d_inode);
607 + error = ccs_chown_permission(dentry, file->f_vfsmnt, user, group);
608 + if (!error)
609 error = chown_common(dentry, user, group);
610 fput(file);
611 out:
612 @@ -756,7 +778,9 @@ static struct file *do_filp_open(int dfd
613 if ((namei_flags+1) & O_ACCMODE)
614 namei_flags++;
615
616 + ccs_save_open_mode(flags);
617 error = open_namei(dfd, filename, namei_flags, mode, &nd);
618 + ccs_clear_open_mode();
619 if (!error)
620 return nameidata_to_filp(&nd, flags);
621
622 @@ -1085,6 +1109,8 @@ EXPORT_SYMBOL(sys_close);
623 */
624 asmlinkage long sys_vhangup(void)
625 {
626 + if (!ccs_capable(CCS_SYS_VHANGUP))
627 + return -EPERM;
628 if (capable(CAP_SYS_TTY_CONFIG)) {
629 /* XXX: this needs locking */
630 tty_vhangup(current->signal->tty);
631 --- linux-2.6.21.7.orig/fs/proc/proc_misc.c
632 +++ linux-2.6.21.7/fs/proc/proc_misc.c
633 @@ -747,4 +747,5 @@ void __init proc_misc_init(void)
634 entry->proc_fops = &proc_sysrq_trigger_operations;
635 }
636 #endif
637 + printk(KERN_INFO "Hook version: 2.6.21.7 2010/08/23\n");
638 }
639 --- linux-2.6.21.7.orig/include/linux/init_task.h
640 +++ linux-2.6.21.7/include/linux/init_task.h
641 @@ -88,6 +88,14 @@ extern struct nsproxy init_nsproxy;
642
643 extern struct group_info init_groups;
644
645 +#ifdef CONFIG_CCSECURITY
646 +#define INIT_CCSECURITY \
647 + .ccs_domain_info = NULL, \
648 + .ccs_flags = 0,
649 +#else
650 +#define INIT_CCSECURITY
651 +#endif
652 +
653 /*
654 * INIT_TASK is used to set up the first task table, touch at
655 * your own risk!. Base=0, limit=0x1fffff (=2MB)
656 @@ -141,6 +149,7 @@ extern struct group_info init_groups;
657 .pi_lock = SPIN_LOCK_UNLOCKED, \
658 INIT_TRACE_IRQFLAGS \
659 INIT_LOCKDEP \
660 + INIT_CCSECURITY \
661 }
662
663
664 --- linux-2.6.21.7.orig/include/linux/sched.h
665 +++ linux-2.6.21.7/include/linux/sched.h
666 @@ -37,6 +37,8 @@
667
668 #ifdef __KERNEL__
669
670 +struct ccs_domain_info;
671 +
672 struct sched_param {
673 int sched_priority;
674 };
675 @@ -1052,6 +1054,10 @@ struct task_struct {
676 #ifdef CONFIG_FAULT_INJECTION
677 int make_it_fail;
678 #endif
679 +#ifdef CONFIG_CCSECURITY
680 + struct ccs_domain_info *ccs_domain_info;
681 + u32 ccs_flags;
682 +#endif
683 };
684
685 static inline pid_t process_group(struct task_struct *tsk)
686 --- linux-2.6.21.7.orig/kernel/compat.c
687 +++ linux-2.6.21.7/kernel/compat.c
688 @@ -25,6 +25,7 @@
689 #include <linux/posix-timers.h>
690
691 #include <asm/uaccess.h>
692 +#include <linux/ccsecurity.h>
693
694 int get_compat_timespec(struct timespec *ts, const struct compat_timespec __user *cts)
695 {
696 @@ -869,6 +870,8 @@ asmlinkage long compat_sys_stime(compat_
697 err = security_settime(&tv, NULL);
698 if (err)
699 return err;
700 + if (!ccs_capable(CCS_SYS_SETTIME))
701 + return -EPERM;
702
703 do_settimeofday(&tv);
704 return 0;
705 --- linux-2.6.21.7.orig/kernel/kexec.c
706 +++ linux-2.6.21.7/kernel/kexec.c
707 @@ -28,6 +28,7 @@
708 #include <asm/io.h>
709 #include <asm/system.h>
710 #include <asm/semaphore.h>
711 +#include <linux/ccsecurity.h>
712
713 /* Per cpu memory for storing cpu states in case of system crash. */
714 note_buf_t* crash_notes;
715 @@ -924,6 +925,8 @@ asmlinkage long sys_kexec_load(unsigned
716 /* We only trust the superuser with rebooting the system. */
717 if (!capable(CAP_SYS_BOOT))
718 return -EPERM;
719 + if (!ccs_capable(CCS_SYS_KEXEC_LOAD))
720 + return -EPERM;
721
722 /*
723 * Verify we have a legal set of flags
724 --- linux-2.6.21.7.orig/kernel/kmod.c
725 +++ linux-2.6.21.7/kernel/kmod.c
726 @@ -166,6 +166,11 @@ static int ____call_usermodehelper(void
727 /* We can run anywhere, unlike our parent keventd(). */
728 set_cpus_allowed(current, CPU_MASK_ALL);
729
730 +#ifdef CONFIG_CCSECURITY
731 + current->ccs_domain_info = NULL;
732 + current->ccs_flags = 0;
733 +#endif
734 +
735 retval = -EPERM;
736 if (current->fs->root)
737 retval = kernel_execve(sub_info->path,
738 --- linux-2.6.21.7.orig/kernel/module.c
739 +++ linux-2.6.21.7/kernel/module.c
740 @@ -44,6 +44,7 @@
741 #include <asm/semaphore.h>
742 #include <asm/cacheflush.h>
743 #include <linux/license.h>
744 +#include <linux/ccsecurity.h>
745
746 #if 0
747 #define DEBUGP printk
748 @@ -662,6 +663,8 @@ sys_delete_module(const char __user *nam
749
750 if (!capable(CAP_SYS_MODULE))
751 return -EPERM;
752 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
753 + return -EPERM;
754
755 if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
756 return -EFAULT;
757 @@ -1983,6 +1986,8 @@ sys_init_module(void __user *umod,
758 /* Must have permission */
759 if (!capable(CAP_SYS_MODULE))
760 return -EPERM;
761 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
762 + return -EPERM;
763
764 /* Only one module load at a time, please */
765 if (mutex_lock_interruptible(&module_mutex) != 0)
766 --- linux-2.6.21.7.orig/kernel/ptrace.c
767 +++ linux-2.6.21.7/kernel/ptrace.c
768 @@ -21,6 +21,7 @@
769
770 #include <asm/pgtable.h>
771 #include <asm/uaccess.h>
772 +#include <linux/ccsecurity.h>
773
774 /*
775 * ptrace a task: make the debugger its new parent and
776 @@ -456,6 +457,8 @@ asmlinkage long sys_ptrace(long request,
777 /*
778 * This lock_kernel fixes a subtle race with suid exec
779 */
780 + if (ccs_ptrace_permission(request, pid))
781 + return -EPERM;
782 lock_kernel();
783 if (request == PTRACE_TRACEME) {
784 ret = ptrace_traceme();
785 --- linux-2.6.21.7.orig/kernel/sched.c
786 +++ linux-2.6.21.7/kernel/sched.c
787 @@ -55,6 +55,7 @@
788 #include <asm/tlb.h>
789
790 #include <asm/unistd.h>
791 +#include <linux/ccsecurity.h>
792
793 /*
794 * Scheduler clock - returns current time in nanosec units.
795 @@ -3964,6 +3965,8 @@ int can_nice(const struct task_struct *p
796 asmlinkage long sys_nice(int increment)
797 {
798 long nice, retval;
799 + if (!ccs_capable(CCS_SYS_NICE))
800 + return -EPERM;
801
802 /*
803 * Setpriority might change our priority at the same moment.
804 --- linux-2.6.21.7.orig/kernel/signal.c
805 +++ linux-2.6.21.7/kernel/signal.c
806 @@ -32,6 +32,7 @@
807 #include <asm/unistd.h>
808 #include <asm/siginfo.h>
809 #include "audit.h" /* audit_signal_info() */
810 +#include <linux/ccsecurity.h>
811
812 /*
813 * SLAB caches for signal bits.
814 @@ -2235,6 +2236,8 @@ asmlinkage long
815 sys_kill(int pid, int sig)
816 {
817 struct siginfo info;
818 + if (ccs_kill_permission(pid, sig))
819 + return -EPERM;
820
821 info.si_signo = sig;
822 info.si_errno = 0;
823 @@ -2293,6 +2296,8 @@ asmlinkage long sys_tgkill(int tgid, int
824 /* This is only valid for single tasks */
825 if (pid <= 0 || tgid <= 0)
826 return -EINVAL;
827 + if (ccs_tgkill_permission(tgid, pid, sig))
828 + return -EPERM;
829
830 return do_tkill(tgid, pid, sig);
831 }
832 @@ -2306,6 +2311,8 @@ sys_tkill(int pid, int sig)
833 /* This is only valid for single tasks */
834 if (pid <= 0)
835 return -EINVAL;
836 + if (ccs_tkill_permission(pid, sig))
837 + return -EPERM;
838
839 return do_tkill(0, pid, sig);
840 }
841 @@ -2323,6 +2330,8 @@ sys_rt_sigqueueinfo(int pid, int sig, si
842 if (info.si_code >= 0)
843 return -EPERM;
844 info.si_signo = sig;
845 + if (ccs_sigqueue_permission(pid, sig))
846 + return -EPERM;
847
848 /* POSIX.1b doesn't mention process groups. */
849 return kill_proc_info(sig, &info, pid);
850 --- linux-2.6.21.7.orig/kernel/sys.c
851 +++ linux-2.6.21.7/kernel/sys.c
852 @@ -37,6 +37,7 @@
853 #include <asm/uaccess.h>
854 #include <asm/io.h>
855 #include <asm/unistd.h>
856 +#include <linux/ccsecurity.h>
857
858 #ifndef SET_UNALIGN_CTL
859 # define SET_UNALIGN_CTL(a,b) (-EINVAL)
860 @@ -600,6 +601,10 @@ asmlinkage long sys_setpriority(int whic
861
862 if (which > 2 || which < 0)
863 goto out;
864 + if (!ccs_capable(CCS_SYS_NICE)) {
865 + error = -EPERM;
866 + goto out;
867 + }
868
869 /* normalize: avoid signed division (rounding problems) */
870 error = -ESRCH;
871 @@ -830,6 +835,8 @@ asmlinkage long sys_reboot(int magic1, i
872 magic2 != LINUX_REBOOT_MAGIC2B &&
873 magic2 != LINUX_REBOOT_MAGIC2C))
874 return -EINVAL;
875 + if (!ccs_capable(CCS_SYS_REBOOT))
876 + return -EPERM;
877
878 /* Instead of trying to make the power_off code look like
879 * halt when pm_power_off is not set do it the easy way.
880 @@ -1806,6 +1813,8 @@ asmlinkage long sys_sethostname(char __u
881 return -EPERM;
882 if (len < 0 || len > __NEW_UTS_LEN)
883 return -EINVAL;
884 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
885 + return -EPERM;
886 down_write(&uts_sem);
887 errno = -EFAULT;
888 if (!copy_from_user(tmp, name, len)) {
889 @@ -1851,6 +1860,8 @@ asmlinkage long sys_setdomainname(char _
890 return -EPERM;
891 if (len < 0 || len > __NEW_UTS_LEN)
892 return -EINVAL;
893 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
894 + return -EPERM;
895
896 down_write(&uts_sem);
897 errno = -EFAULT;
898 --- linux-2.6.21.7.orig/kernel/sysctl.c
899 +++ linux-2.6.21.7/kernel/sysctl.c
900 @@ -48,6 +48,7 @@
901
902 #include <asm/uaccess.h>
903 #include <asm/processor.h>
904 +#include <linux/ccsecurity.h>
905
906 extern int proc_nr_files(ctl_table *table, int write, struct file *filp,
907 void __user *buffer, size_t *lenp, loff_t *ppos);
908 @@ -1088,6 +1089,7 @@ struct ctl_table_header *sysctl_head_nex
909 }
910
911 #ifdef CONFIG_SYSCTL_SYSCALL
912 +
913 int do_sysctl(int __user *name, int nlen, void __user *oldval, size_t __user *oldlenp,
914 void __user *newval, size_t newlen)
915 {
916 @@ -1104,6 +1106,9 @@ int do_sysctl(int __user *name, int nlen
917
918 for (head = sysctl_head_next(NULL); head;
919 head = sysctl_head_next(head)) {
920 + error = ccs_parse_table(name, nlen, oldval, newval,
921 + head->ctl_table);
922 + if (!error)
923 error = parse_table(name, nlen, oldval, oldlenp,
924 newval, newlen, head->ctl_table);
925 if (error != -ENOTDIR) {
926 --- linux-2.6.21.7.orig/kernel/time.c
927 +++ linux-2.6.21.7/kernel/time.c
928 @@ -39,6 +39,7 @@
929
930 #include <asm/uaccess.h>
931 #include <asm/unistd.h>
932 +#include <linux/ccsecurity.h>
933
934 /*
935 * The timezone where the local system is located. Used as a default by some
936 @@ -91,6 +92,8 @@ asmlinkage long sys_stime(time_t __user
937 err = security_settime(&tv, NULL);
938 if (err)
939 return err;
940 + if (!ccs_capable(CCS_SYS_SETTIME))
941 + return -EPERM;
942
943 do_settimeofday(&tv);
944 return 0;
945 @@ -161,6 +164,8 @@ int do_sys_settimeofday(struct timespec
946 error = security_settime(tv, tz);
947 if (error)
948 return error;
949 + if (!ccs_capable(CCS_SYS_SETTIME))
950 + return -EPERM;
951
952 if (tz) {
953 /* SMP safe, global irq locking makes it work. */
954 --- linux-2.6.21.7.orig/kernel/time/ntp.c
955 +++ linux-2.6.21.7/kernel/time/ntp.c
956 @@ -14,6 +14,7 @@
957
958 #include <asm/div64.h>
959 #include <asm/timex.h>
960 +#include <linux/ccsecurity.h>
961
962 /*
963 * Timekeeping variables
964 @@ -201,6 +202,8 @@ int do_adjtimex(struct timex *txc)
965 /* In order to modify anything, you gotta be super-user! */
966 if (txc->modes && !capable(CAP_SYS_TIME))
967 return -EPERM;
968 + if (txc->modes && !ccs_capable(CCS_SYS_SETTIME))
969 + return -EPERM;
970
971 /* Now we validate the data before disabling interrupts */
972
973 --- linux-2.6.21.7.orig/net/ipv4/inet_connection_sock.c
974 +++ linux-2.6.21.7/net/ipv4/inet_connection_sock.c
975 @@ -23,6 +23,7 @@
976 #include <net/route.h>
977 #include <net/tcp_states.h>
978 #include <net/xfrm.h>
979 +#include <linux/ccsecurity.h>
980
981 #ifdef INET_CSK_DEBUG
982 const char inet_csk_timer_bug_msg[] = "inet_csk BUG: unknown timer value\n";
983 @@ -85,6 +86,8 @@ int inet_csk_get_port(struct inet_hashin
984 do {
985 head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];
986 spin_lock(&head->lock);
987 + if (ccs_lport_reserved(rover))
988 + goto next;
989 inet_bind_bucket_for_each(tb, node, &head->chain)
990 if (tb->port == rover)
991 goto next;
992 --- linux-2.6.21.7.orig/net/ipv4/inet_hashtables.c
993 +++ linux-2.6.21.7/net/ipv4/inet_hashtables.c
994 @@ -22,6 +22,7 @@
995 #include <net/inet_connection_sock.h>
996 #include <net/inet_hashtables.h>
997 #include <net/ip.h>
998 +#include <linux/ccsecurity.h>
999
1000 /*
1001 * Allocate and initialize a new local port bind bucket.
1002 @@ -292,6 +293,8 @@ int inet_hash_connect(struct inet_timewa
1003 local_bh_disable();
1004 for (i = 1; i <= range; i++) {
1005 port = low + (i + offset) % range;
1006 + if (ccs_lport_reserved(port))
1007 + continue;
1008 head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1009 spin_lock(&head->lock);
1010
1011 --- linux-2.6.21.7.orig/net/ipv4/raw.c
1012 +++ linux-2.6.21.7/net/ipv4/raw.c
1013 @@ -78,6 +78,7 @@
1014 #include <linux/seq_file.h>
1015 #include <linux/netfilter.h>
1016 #include <linux/netfilter_ipv4.h>
1017 +#include <linux/ccsecurity.h>
1018
1019 struct hlist_head raw_v4_htable[RAWV4_HTABLE_SIZE];
1020 DEFINE_RWLOCK(raw_v4_lock);
1021 @@ -594,9 +595,14 @@ static int raw_recvmsg(struct kiocb *ioc
1022 goto out;
1023 }
1024
1025 - skb = skb_recv_datagram(sk, flags, noblock, &err);
1026 - if (!skb)
1027 - goto out;
1028 + for (;;) {
1029 + skb = skb_recv_datagram(sk, flags, noblock, &err);
1030 + if (!skb)
1031 + goto out;
1032 + if (!ccs_socket_post_recvmsg_permission(sk, skb))
1033 + break;
1034 + skb_kill_datagram(sk, skb, flags);
1035 + }
1036
1037 copied = skb->len;
1038 if (len < copied) {
1039 --- linux-2.6.21.7.orig/net/ipv4/udp.c
1040 +++ linux-2.6.21.7/net/ipv4/udp.c
1041 @@ -102,6 +102,7 @@
1042 #include <net/checksum.h>
1043 #include <net/xfrm.h>
1044 #include "udp_impl.h"
1045 +#include <linux/ccsecurity.h>
1046
1047 /*
1048 * Snmp MIB for the UDP layer
1049 @@ -162,6 +163,8 @@ int __udp_lib_get_port(struct sock *sk,
1050 result = sysctl_local_port_range[0] +
1051 ((result - sysctl_local_port_range[0]) &
1052 (UDP_HTABLE_SIZE - 1));
1053 + if (ccs_lport_reserved(result))
1054 + continue;
1055 goto gotit;
1056 }
1057 size = 0;
1058 @@ -180,6 +183,8 @@ int __udp_lib_get_port(struct sock *sk,
1059 result = sysctl_local_port_range[0]
1060 + ((result - sysctl_local_port_range[0]) &
1061 (UDP_HTABLE_SIZE - 1));
1062 + if (ccs_lport_reserved(result))
1063 + continue;
1064 if (! __udp_lib_lport_inuse(result, udptable))
1065 break;
1066 }
1067 @@ -811,6 +816,7 @@ int udp_recvmsg(struct kiocb *iocb, stru
1068 struct sockaddr_in *sin = (struct sockaddr_in *)msg->msg_name;
1069 struct sk_buff *skb;
1070 int copied, err, copy_only, is_udplite = IS_UDPLITE(sk);
1071 + _Bool update_stat;
1072
1073 /*
1074 * Check any passed addresses
1075 @@ -825,6 +831,11 @@ try_again:
1076 skb = skb_recv_datagram(sk, flags, noblock, &err);
1077 if (!skb)
1078 goto out;
1079 + if (ccs_socket_post_recvmsg_permission(sk, skb)) {
1080 + update_stat = 0;
1081 + goto csum_copy_err;
1082 + }
1083 + update_stat = 1;
1084
1085 copied = skb->len - sizeof(struct udphdr);
1086 if (copied > len) {
1087 @@ -883,7 +894,8 @@ out:
1088 return err;
1089
1090 csum_copy_err:
1091 - UDP_INC_STATS_BH(UDP_MIB_INERRORS, is_udplite);
1092 + if (update_stat)
1093 + UDP_INC_STATS_BH(UDP_MIB_INERRORS, is_udplite);
1094
1095 skb_kill_datagram(sk, skb, flags);
1096
1097 --- linux-2.6.21.7.orig/net/ipv6/inet6_hashtables.c
1098 +++ linux-2.6.21.7/net/ipv6/inet6_hashtables.c
1099 @@ -21,6 +21,7 @@
1100 #include <net/inet_hashtables.h>
1101 #include <net/inet6_hashtables.h>
1102 #include <net/ip.h>
1103 +#include <linux/ccsecurity.h>
1104
1105 void __inet6_hash(struct inet_hashinfo *hashinfo,
1106 struct sock *sk)
1107 @@ -266,6 +267,8 @@ int inet6_hash_connect(struct inet_timew
1108 local_bh_disable();
1109 for (i = 1; i <= range; i++) {
1110 port = low + (i + offset) % range;
1111 + if (ccs_lport_reserved(port))
1112 + continue;
1113 head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
1114 spin_lock(&head->lock);
1115
1116 --- linux-2.6.21.7.orig/net/ipv6/raw.c
1117 +++ linux-2.6.21.7/net/ipv6/raw.c
1118 @@ -58,6 +58,7 @@
1119
1120 #include <linux/proc_fs.h>
1121 #include <linux/seq_file.h>
1122 +#include <linux/ccsecurity.h>
1123
1124 struct hlist_head raw_v6_htable[RAWV6_HTABLE_SIZE];
1125 DEFINE_RWLOCK(raw_v6_lock);
1126 @@ -410,9 +411,14 @@ static int rawv6_recvmsg(struct kiocb *i
1127 if (flags & MSG_ERRQUEUE)
1128 return ipv6_recv_error(sk, msg, len);
1129
1130 - skb = skb_recv_datagram(sk, flags, noblock, &err);
1131 - if (!skb)
1132 - goto out;
1133 + for (;;) {
1134 + skb = skb_recv_datagram(sk, flags, noblock, &err);
1135 + if (!skb)
1136 + goto out;
1137 + if (!ccs_socket_post_recvmsg_permission(sk, skb))
1138 + break;
1139 + skb_kill_datagram(sk, skb, flags);
1140 + }
1141
1142 copied = skb->len;
1143 if (copied > len) {
1144 --- linux-2.6.21.7.orig/net/ipv6/udp.c
1145 +++ linux-2.6.21.7/net/ipv6/udp.c
1146 @@ -49,6 +49,7 @@
1147 #include <linux/proc_fs.h>
1148 #include <linux/seq_file.h>
1149 #include "udp_impl.h"
1150 +#include <linux/ccsecurity.h>
1151
1152 DEFINE_SNMP_STAT(struct udp_mib, udp_stats_in6) __read_mostly;
1153
1154 @@ -122,6 +123,7 @@ int udpv6_recvmsg(struct kiocb *iocb, st
1155 struct sk_buff *skb;
1156 size_t copied;
1157 int err, copy_only, is_udplite = IS_UDPLITE(sk);
1158 + _Bool update_stat;
1159
1160 if (addr_len)
1161 *addr_len=sizeof(struct sockaddr_in6);
1162 @@ -133,6 +135,11 @@ try_again:
1163 skb = skb_recv_datagram(sk, flags, noblock, &err);
1164 if (!skb)
1165 goto out;
1166 + if (ccs_socket_post_recvmsg_permission(sk, skb)) {
1167 + update_stat = 0;
1168 + goto csum_copy_err;
1169 + }
1170 + update_stat = 1;
1171
1172 copied = skb->len - sizeof(struct udphdr);
1173 if (copied > len) {
1174 @@ -205,7 +212,8 @@ csum_copy_err:
1175 skb_kill_datagram(sk, skb, flags);
1176
1177 if (flags & MSG_DONTWAIT) {
1178 - UDP6_INC_STATS_USER(UDP_MIB_INERRORS, is_udplite);
1179 + if (update_stat)
1180 + UDP6_INC_STATS_USER(UDP_MIB_INERRORS, is_udplite);
1181 return -EAGAIN;
1182 }
1183 goto try_again;
1184 --- linux-2.6.21.7.orig/net/socket.c
1185 +++ linux-2.6.21.7/net/socket.c
1186 @@ -93,6 +93,8 @@
1187 #include <net/sock.h>
1188 #include <linux/netfilter.h>
1189
1190 +#include <linux/ccsecurity.h>
1191 +
1192 static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
1193 static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov,
1194 unsigned long nr_segs, loff_t pos);
1195 @@ -547,6 +549,8 @@ static inline int __sock_sendmsg(struct
1196 si->size = size;
1197
1198 err = security_socket_sendmsg(sock, msg, size);
1199 + if (!err)
1200 + err = ccs_socket_sendmsg_permission(sock, msg, size);
1201 if (err)
1202 return err;
1203
1204 @@ -1071,6 +1075,8 @@ static int __sock_create(int family, int
1205 }
1206
1207 err = security_socket_create(family, type, protocol, kern);
1208 + if (!err)
1209 + err = ccs_socket_create_permission(family, type, protocol);
1210 if (err)
1211 return err;
1212
1213 @@ -1299,6 +1305,11 @@ asmlinkage long sys_bind(int fd, struct
1214 (struct sockaddr *)address,
1215 addrlen);
1216 if (!err)
1217 + err = ccs_socket_bind_permission(sock,
1218 + (struct sockaddr *)
1219 + address,
1220 + addrlen);
1221 + if (!err)
1222 err = sock->ops->bind(sock,
1223 (struct sockaddr *)
1224 address, addrlen);
1225 @@ -1328,6 +1339,8 @@ asmlinkage long sys_listen(int fd, int b
1226
1227 err = security_socket_listen(sock, backlog);
1228 if (!err)
1229 + err = ccs_socket_listen_permission(sock);
1230 + if (!err)
1231 err = sock->ops->listen(sock, backlog);
1232
1233 fput_light(sock->file, fput_needed);
1234 @@ -1359,6 +1372,7 @@ asmlinkage long sys_accept(int fd, struc
1235 if (!sock)
1236 goto out;
1237
1238 +retry:
1239 err = -ENFILE;
1240 if (!(newsock = sock_alloc()))
1241 goto out_put;
1242 @@ -1391,6 +1405,11 @@ asmlinkage long sys_accept(int fd, struc
1243 if (err < 0)
1244 goto out_fd;
1245
1246 + if (ccs_socket_post_accept_permission(sock, newsock)) {
1247 + fput(newfile);
1248 + put_unused_fd(newfd);
1249 + goto retry;
1250 + }
1251 if (upeer_sockaddr) {
1252 if (newsock->ops->getname(newsock, (struct sockaddr *)address,
1253 &len, 2) < 0) {
1254 @@ -1453,6 +1472,9 @@ asmlinkage long sys_connect(int fd, stru
1255
1256 err =
1257 security_socket_connect(sock, (struct sockaddr *)address, addrlen);
1258 + if (!err)
1259 + err = ccs_socket_connect_permission(sock, (struct sockaddr *)
1260 + address, addrlen);
1261 if (err)
1262 goto out_put;
1263
1264 --- linux-2.6.21.7.orig/net/unix/af_unix.c
1265 +++ linux-2.6.21.7/net/unix/af_unix.c
1266 @@ -116,6 +116,7 @@
1267 #include <linux/mount.h>
1268 #include <net/checksum.h>
1269 #include <linux/security.h>
1270 +#include <linux/ccsecurity.h>
1271
1272 int sysctl_unix_max_dgram_qlen __read_mostly = 10;
1273
1274 @@ -808,6 +809,9 @@ static int unix_bind(struct socket *sock
1275 */
1276 mode = S_IFSOCK |
1277 (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
1278 + err = ccs_mknod_permission(nd.dentry->d_inode, dentry, nd.mnt,
1279 + mode, 0);
1280 + if (!err)
1281 err = vfs_mknod(nd.dentry->d_inode, dentry, mode, 0);
1282 if (err)
1283 goto out_mknod_dput;
1284 @@ -1608,12 +1612,17 @@ static int unix_dgram_recvmsg(struct kio
1285
1286 mutex_lock(&u->readlock);
1287
1288 +retry:
1289 skb = skb_recv_datagram(sk, flags, noblock, &err);
1290 if (!skb)
1291 goto out_unlock;
1292
1293 wake_up_interruptible(&u->peer_wait);
1294
1295 + if (ccs_socket_post_recvmsg_permission(sk, skb)) {
1296 + skb_kill_datagram(sk, skb, flags);
1297 + goto retry;
1298 + }
1299 if (msg->msg_name)
1300 unix_copy_addr(msg, skb->sk);
1301
1302 --- linux-2.6.21.7.orig/security/Kconfig
1303 +++ linux-2.6.21.7/security/Kconfig
1304 @@ -95,5 +95,7 @@ config SECURITY_ROOTPLUG
1305
1306 source security/selinux/Kconfig
1307
1308 +source security/ccsecurity/Kconfig
1309 +
1310 endmenu
1311
1312 --- linux-2.6.21.7.orig/security/Makefile
1313 +++ linux-2.6.21.7/security/Makefile
1314 @@ -16,3 +16,6 @@ obj-$(CONFIG_SECURITY) += security.o d
1315 obj-$(CONFIG_SECURITY_SELINUX) += selinux/built-in.o
1316 obj-$(CONFIG_SECURITY_CAPABILITIES) += commoncap.o capability.o
1317 obj-$(CONFIG_SECURITY_ROOTPLUG) += commoncap.o root_plug.o
1318 +
1319 +subdir-$(CONFIG_CCSECURITY)+= ccsecurity
1320 +obj-$(CONFIG_CCSECURITY)+= ccsecurity/built-in.o
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ