オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.25-suse-11.0.diff

Contents of /trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.25-suse-11.0.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3831 - (show annotations) (download) (as text)
Wed Jul 21 04:25:17 2010 UTC (13 years, 10 months ago) by kumaneko
Original Path: trunk/1.7.x/ccs-patch/patches/ccs-patch-2.6.25-suse-11.0.diff
File MIME type: text/x-diff
File size: 36475 byte(s) 
Fix post accept()/recvmsg() hooks.
1 This is TOMOYO Linux patch for openSUSE 11.0.
2
3 Source code for this patch is http://download.opensuse.org/update/11.0/rpm/i586/kernel-source-2.6.25.20-0.7.i586.rpm
4 ---
5 arch/ia64/ia32/sys_ia32.c | 3 +++
6 arch/mips/kernel/ptrace32.c | 3 +++
7 arch/s390/kernel/ptrace.c | 3 +++
8 arch/x86/kernel/ptrace.c | 3 +++
9 fs/compat.c | 3 ++-
10 fs/compat_ioctl.c | 7 +++++++
11 fs/exec.c | 12 +++++++++++-
12 fs/fcntl.c | 4 ++++
13 fs/ioctl.c | 5 +++++
14 fs/namei.c | 35 ++++++++++++++++++++++++++++++++++-
15 fs/namespace.c | 20 ++++++++++++++++++++
16 fs/open.c | 28 ++++++++++++++++++++++++++++
17 fs/proc/proc_misc.c | 1 +
18 include/linux/init_task.h | 9 +++++++++
19 include/linux/sched.h | 6 ++++++
20 kernel/compat.c | 3 +++
21 kernel/kexec.c | 3 +++
22 kernel/kmod.c | 5 +++++
23 kernel/module.c | 5 +++++
24 kernel/ptrace.c | 5 +++++
25 kernel/sched.c | 3 +++
26 kernel/signal.c | 9 +++++++++
27 kernel/sys.c | 11 +++++++++++
28 kernel/sysctl.c | 5 +++++
29 kernel/time.c | 5 +++++
30 kernel/time/ntp.c | 3 +++
31 net/ipv4/inet_connection_sock.c | 3 +++
32 net/ipv4/inet_hashtables.c | 3 +++
33 net/ipv4/raw.c | 12 +++++++++---
34 net/ipv4/udp.c | 12 +++++++++++-
35 net/ipv6/raw.c | 12 +++++++++---
36 net/ipv6/udp.c | 9 ++++++++-
37 net/socket.c | 22 ++++++++++++++++++++++
38 net/unix/af_unix.c | 4 ++++
39 security/Kconfig | 2 ++
40 security/Makefile | 3 +++
41 36 files changed, 270 insertions(+), 11 deletions(-)
42
43 --- linux-2.6.25.20-0.7.orig/arch/ia64/ia32/sys_ia32.c
44 +++ linux-2.6.25.20-0.7/arch/ia64/ia32/sys_ia32.c
45 @@ -50,6 +50,7 @@
46 #include <asm/types.h>
47 #include <asm/uaccess.h>
48 #include <asm/unistd.h>
49 +#include <linux/ccsecurity.h>
50
51 #include "ia32priv.h"
52
53 @@ -1753,6 +1754,8 @@ sys32_ptrace (int request, pid_t pid, un
54 struct task_struct *child;
55 unsigned int value, tmp;
56 long i, ret;
57 + if (ccs_ptrace_permission(request, pid))
58 + return -EPERM;
59
60 lock_kernel();
61 if (request == PTRACE_TRACEME) {
62 --- linux-2.6.25.20-0.7.orig/arch/mips/kernel/ptrace32.c
63 +++ linux-2.6.25.20-0.7/arch/mips/kernel/ptrace32.c
64 @@ -35,6 +35,7 @@
65 #include <asm/system.h>
66 #include <asm/uaccess.h>
67 #include <asm/bootinfo.h>
68 +#include <linux/ccsecurity.h>
69
70 int ptrace_getregs(struct task_struct *child, __s64 __user *data);
71 int ptrace_setregs(struct task_struct *child, __s64 __user *data);
72 @@ -50,6 +51,8 @@ asmlinkage int sys32_ptrace(int request,
73 {
74 struct task_struct *child;
75 int ret;
76 + if (ccs_ptrace_permission(request, pid))
77 + return -EPERM;
78
79 #if 0
80 printk("ptrace(r=%d,pid=%d,addr=%08lx,data=%08lx)\n",
81 --- linux-2.6.25.20-0.7.orig/arch/s390/kernel/ptrace.c
82 +++ linux-2.6.25.20-0.7/arch/s390/kernel/ptrace.c
83 @@ -41,6 +41,7 @@
84 #include <asm/system.h>
85 #include <asm/uaccess.h>
86 #include <asm/unistd.h>
87 +#include <linux/ccsecurity.h>
88
89 #ifdef CONFIG_COMPAT
90 #include "compat_ptrace.h"
91 @@ -698,6 +699,8 @@ sys_ptrace(long request, long pid, long
92 struct task_struct *child;
93 int ret;
94
95 + if (ccs_ptrace_permission(request, pid))
96 + return -EPERM;
97 lock_kernel();
98 if (request == PTRACE_TRACEME) {
99 ret = ptrace_traceme();
100 --- linux-2.6.25.20-0.7.orig/arch/x86/kernel/ptrace.c
101 +++ linux-2.6.25.20-0.7/arch/x86/kernel/ptrace.c
102 @@ -32,6 +32,7 @@
103 #include <asm/prctl.h>
104 #include <asm/proto.h>
105 #include <asm/ds.h>
106 +#include <linux/ccsecurity.h>
107
108 #include "tls.h"
109
110 @@ -1240,6 +1241,8 @@ asmlinkage long sys32_ptrace(long reques
111 void __user *datap = compat_ptr(data);
112 int ret;
113 __u32 val;
114 + if (ccs_ptrace_permission(request, pid))
115 + return -EPERM;
116
117 switch (request) {
118 case PTRACE_TRACEME:
119 --- linux-2.6.25.20-0.7.orig/fs/compat.c
120 +++ linux-2.6.25.20-0.7/fs/compat.c
121 @@ -55,6 +55,7 @@
122 #include <asm/mmu_context.h>
123 #include <asm/ioctls.h>
124 #include "internal.h"
125 +#include <linux/ccsecurity.h>
126
127 int compat_log = 1;
128
129 @@ -1399,7 +1400,7 @@ int compat_do_execve(char * filename,
130 if (retval < 0)
131 goto out;
132
133 - retval = search_binary_handler(bprm, regs);
134 + retval = ccs_search_binary_handler(bprm, regs);
135 if (retval >= 0) {
136 /* execve success */
137 security_bprm_free(bprm);
138 --- linux-2.6.25.20-0.7.orig/fs/compat_ioctl.c
139 +++ linux-2.6.25.20-0.7/fs/compat_ioctl.c
140 @@ -120,6 +120,7 @@
141 #include <xen/public/privcmd.h>
142 #include <xen/compat_ioctl.h>
143 #endif
144 +#include <linux/ccsecurity.h>
145
146 static int do_ioctl32_pointer(unsigned int fd, unsigned int cmd,
147 unsigned long arg, struct file *f)
148 @@ -2906,6 +2907,8 @@ asmlinkage long compat_sys_ioctl(unsigne
149
150 /* RED-PEN how should LSM module know it's handling 32bit? */
151 error = security_file_ioctl(filp, cmd, arg);
152 + if (!error)
153 + error = ccs_ioctl_permission(filp, cmd, arg);
154 if (error)
155 goto out_fput;
156
157 @@ -2930,6 +2933,10 @@ asmlinkage long compat_sys_ioctl(unsigne
158 /*FALL THROUGH*/
159
160 default:
161 + if (!ccs_capable(CCS_SYS_IOCTL)) {
162 + error = -EPERM;
163 + goto out_fput;
164 + }
165 if (filp->f_op && filp->f_op->compat_ioctl) {
166 error = filp->f_op->compat_ioctl(filp, cmd, arg);
167 if (error != -ENOIOCTLCMD)
168 --- linux-2.6.25.20-0.7.orig/fs/exec.c
169 +++ linux-2.6.25.20-0.7/fs/exec.c
170 @@ -60,6 +60,8 @@
171 #include <linux/kmod.h>
172 #endif
173
174 +#include <linux/ccsecurity.h>
175 +
176 int core_uses_pid;
177 char core_pattern[CORENAME_MAX_SIZE] = "core";
178 int suid_dumpable = 0;
179 @@ -118,6 +120,9 @@ asmlinkage long sys_uselib(const char __
180 error = vfs_permission(&nd, MAY_READ | MAY_EXEC);
181 if (error)
182 goto exit;
183 + error = ccs_uselib_permission(nd.path.dentry, nd.path.mnt);
184 + if (error)
185 + goto exit;
186
187 file = nameidata_to_filp(&nd, O_RDONLY|O_LARGEFILE);
188 error = PTR_ERR(file);
189 @@ -664,6 +669,11 @@ struct file *open_exec(const char *name)
190 file = ERR_PTR(-EACCES);
191 if (S_ISREG(inode->i_mode)) {
192 int err = vfs_permission(&nd, MAY_EXEC);
193 + if (!err)
194 + err = ccs_open_exec_permission(nd.path.
195 + dentry,
196 + nd.path.
197 + mnt);
198 file = ERR_PTR(err);
199 if (!err) {
200 file = nameidata_to_filp(&nd,
201 @@ -1340,7 +1350,7 @@ int do_execve(char * filename,
202 goto out;
203 bprm->argv_len = env_p - bprm->p;
204
205 - retval = search_binary_handler(bprm,regs);
206 + retval = ccs_search_binary_handler(bprm, regs);
207 if (retval >= 0) {
208 /* execve success */
209 free_arg_pages(bprm);
210 --- linux-2.6.25.20-0.7.orig/fs/fcntl.c
211 +++ linux-2.6.25.20-0.7/fs/fcntl.c
212 @@ -23,6 +23,7 @@
213 #include <asm/poll.h>
214 #include <asm/siginfo.h>
215 #include <asm/uaccess.h>
216 +#include <linux/ccsecurity.h>
217
218 void set_close_on_exec(unsigned int fd, int flag)
219 {
220 @@ -217,6 +218,9 @@ static int setfl(int fd, struct file * f
221 if (((arg ^ filp->f_flags) & O_APPEND) && IS_APPEND(inode))
222 return -EPERM;
223
224 + if (((arg ^ filp->f_flags) & O_APPEND) && ccs_rewrite_permission(filp))
225 + return -EPERM;
226 +
227 /* O_NOATIME can only be set by the owner or superuser */
228 if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
229 if (!is_owner_or_cap(inode))
230 --- linux-2.6.25.20-0.7.orig/fs/ioctl.c
231 +++ linux-2.6.25.20-0.7/fs/ioctl.c
232 @@ -15,6 +15,7 @@
233 #include <linux/uaccess.h>
234
235 #include <asm/ioctls.h>
236 +#include <linux/ccsecurity.h>
237
238 /**
239 * vfs_ioctl - call filesystem specific ioctl methods
240 @@ -35,6 +36,8 @@ long vfs_ioctl(struct file *filp, unsign
241
242 if (!filp->f_op)
243 goto out;
244 + if (!ccs_capable(CCS_SYS_IOCTL))
245 + return -EPERM;
246
247 if (filp->f_op->unlocked_ioctl) {
248 error = filp->f_op->unlocked_ioctl(filp, cmd, arg);
249 @@ -202,6 +205,8 @@ asmlinkage long sys_ioctl(unsigned int f
250 goto out;
251
252 error = security_file_ioctl(filp, cmd, arg);
253 + if (!error)
254 + error = ccs_ioctl_permission(filp, cmd, arg);
255 if (error)
256 goto out_fput;
257
258 --- linux-2.6.25.20-0.7.orig/fs/namei.c
259 +++ linux-2.6.25.20-0.7/fs/namei.c
260 @@ -35,6 +35,8 @@
261
262 #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
263
264 +#include <linux/ccsecurity.h>
265 +
266 /* [Feb-1997 T. Schoebel-Theuer]
267 * Fundamental changes in the pathname lookup mechanisms (namei)
268 * were necessary because of omirr. The reason is that omirr needs
269 @@ -1690,6 +1692,11 @@ int may_open(struct nameidata *nd, int a
270 if (!is_owner_or_cap(inode))
271 return -EPERM;
272
273 + /* includes O_APPEND and O_TRUNC checks */
274 + error = ccs_open_permission(dentry, nd->path.mnt, flag);
275 + if (error)
276 + return error;
277 +
278 /*
279 * Ensure there are no outstanding leases on the file.
280 */
281 @@ -1731,6 +1738,9 @@ static int open_namei_create(struct name
282
283 if (!IS_POSIXACL(dir->d_inode))
284 mode &= ~current->fs->umask;
285 + error = ccs_mknod_permission(dir->d_inode, path->dentry, nd->path.mnt,
286 + mode, 0);
287 + if (!error)
288 error = vfs_create(dir->d_inode, path->dentry, mode, nd);
289 mutex_unlock(&dir->d_inode->i_mutex);
290 dput(nd->path.dentry);
291 @@ -1741,6 +1751,7 @@ static int open_namei_create(struct name
292 return may_open(nd, 0, flag & ~O_TRUNC);
293 }
294
295 +#include <linux/ccsecurity_vfs.h>
296 /*
297 * open_namei()
298 *
299 @@ -2019,6 +2030,9 @@ asmlinkage long sys_mknodat(int dfd, con
300 if (!IS_POSIXACL(nd.path.dentry->d_inode))
301 mode &= ~current->fs->umask;
302 if (!IS_ERR(dentry)) {
303 + error = ccs_mknod_permission(nd.path.dentry->d_inode, dentry,
304 + nd.path.mnt, mode, dev);
305 + if (!error)
306 switch (mode & S_IFMT) {
307 case 0: case S_IFREG:
308 error = vfs_create(nd.path.dentry->d_inode,dentry,mode,&nd);
309 @@ -2097,6 +2111,9 @@ asmlinkage long sys_mkdirat(int dfd, con
310
311 if (!IS_POSIXACL(nd.path.dentry->d_inode))
312 mode &= ~current->fs->umask;
313 + error = ccs_mkdir_permission(nd.path.dentry->d_inode, dentry,
314 + nd.path.mnt, mode);
315 + if (!error)
316 error = vfs_mkdir(nd.path.dentry->d_inode, dentry, nd.path.mnt, mode);
317 dput(dentry);
318 out_unlock:
319 @@ -2205,6 +2222,9 @@ static long do_rmdir(int dfd, const char
320 error = PTR_ERR(dentry);
321 if (IS_ERR(dentry))
322 goto exit2;
323 + error = ccs_rmdir_permission(nd.path.dentry->d_inode, dentry,
324 + nd.path.mnt);
325 + if (!error)
326 error = vfs_rmdir(nd.path.dentry->d_inode, dentry, nd.path.mnt);
327 dput(dentry);
328 exit2:
329 @@ -2286,6 +2306,9 @@ static long do_unlinkat(int dfd, const c
330 inode = dentry->d_inode;
331 if (inode)
332 atomic_inc(&inode->i_count);
333 + error = ccs_unlink_permission(nd.path.dentry->d_inode, dentry,
334 + nd.path.mnt);
335 + if (!error)
336 error = vfs_unlink(nd.path.dentry->d_inode, dentry, nd.path.mnt);
337 exit2:
338 dput(dentry);
339 @@ -2368,6 +2391,9 @@ asmlinkage long sys_symlinkat(const char
340 if (IS_ERR(dentry))
341 goto out_unlock;
342
343 + error = ccs_symlink_permission(nd.path.dentry->d_inode, dentry,
344 + nd.path.mnt, from);
345 + if (!error)
346 error = vfs_symlink(nd.path.dentry->d_inode, dentry, nd.path.mnt, from,
347 S_IALLUGO);
348 dput(dentry);
349 @@ -2465,6 +2491,10 @@ asmlinkage long sys_linkat(int olddfd, c
350 error = PTR_ERR(new_dentry);
351 if (IS_ERR(new_dentry))
352 goto out_unlock;
353 + error = ccs_link_permission(old_nd.path.dentry,
354 + nd.path.dentry->d_inode, new_dentry,
355 + nd.path.mnt);
356 + if (!error)
357 error = vfs_link(old_nd.path.dentry, old_nd.path.mnt, nd.path.dentry->d_inode,
358 new_dentry, nd.path.mnt);
359 dput(new_dentry);
360 @@ -2698,7 +2728,10 @@ static int do_rename(int olddfd, const c
361 error = -ENOTEMPTY;
362 if (new_dentry == trap)
363 goto exit5;
364 -
365 + error = ccs_rename_permission(old_dir->d_inode, old_dentry,
366 + new_dir->d_inode, new_dentry,
367 + newnd.path.mnt);
368 + if (!error)
369 error = vfs_rename(old_dir->d_inode, old_dentry, oldnd.path.mnt,
370 new_dir->d_inode, new_dentry, newnd.path.mnt);
371 exit5:
372 --- linux-2.6.25.20-0.7.orig/fs/namespace.c
373 +++ linux-2.6.25.20-0.7/fs/namespace.c
374 @@ -30,6 +30,7 @@
375 #include <asm/unistd.h>
376 #include "pnode.h"
377 #include "internal.h"
378 +#include <linux/ccsecurity.h>
379
380 #define HASH_SHIFT ilog2(PAGE_SIZE / sizeof(struct list_head))
381 #define HASH_SIZE (1UL << HASH_SHIFT)
382 @@ -588,6 +589,8 @@ static int do_umount(struct vfsmount *mn
383 LIST_HEAD(umount_list);
384
385 retval = security_sb_umount(mnt, flags);
386 + if (!retval)
387 + retval = ccs_umount_permission(mnt, flags);
388 if (retval)
389 return retval;
390
391 @@ -682,6 +685,8 @@ asmlinkage long sys_umount(char __user *
392 {
393 struct nameidata nd;
394 int retval;
395 + if (!ccs_capable(CCS_SYS_UMOUNT))
396 + return -EPERM;
397
398 retval = __user_walk(name, LOOKUP_FOLLOW, &nd);
399 if (retval)
400 @@ -991,6 +996,9 @@ static noinline int do_loopback(struct n
401 err = -EINVAL;
402 if (IS_MNT_UNBINDABLE(old_nd.path.mnt))
403 goto out;
404 + err = -EPERM;
405 + if (ccs_may_mount(&nd->path))
406 + goto out;
407
408 if (!check_mnt(nd->path.mnt) || !check_mnt(old_nd.path.mnt))
409 goto out;
410 @@ -1085,6 +1093,9 @@ static noinline int do_move_mount(struct
411 if (!check_mnt(nd->path.mnt) || !check_mnt(old_nd.path.mnt))
412 goto out;
413
414 + err = -EPERM;
415 + if (ccs_may_mount(&nd->path))
416 + goto out;
417 err = -ENOENT;
418 mutex_lock(&nd->path.dentry->d_inode->i_mutex);
419 if (IS_DEADDIR(nd->path.dentry->d_inode))
420 @@ -1189,6 +1200,9 @@ int do_add_mount(struct vfsmount *newmnt
421 err = -EINVAL;
422 if (S_ISLNK(newmnt->mnt_root->d_inode->i_mode))
423 goto unlock;
424 + err = -EPERM;
425 + if (ccs_may_mount(&nd->path))
426 + goto unlock;
427
428 newmnt->mnt_flags = mnt_flags;
429 if ((err = graft_tree(newmnt, nd)))
430 @@ -1394,6 +1408,7 @@ int copy_mount_options(const void __user
431 long do_mount(char *dev_name, char *dir_name, char *type_page,
432 unsigned long flags, void *data_page)
433 {
434 + const unsigned long original_flags = flags;
435 struct nameidata nd;
436 int retval = 0;
437 int mnt_flags = 0;
438 @@ -1435,6 +1450,9 @@ long do_mount(char *dev_name, char *dir_
439 return retval;
440
441 retval = security_sb_mount(dev_name, &nd, type_page, flags, data_page);
442 + if (!retval)
443 + retval = ccs_mount_permission(dev_name, &nd.path, type_page,
444 + original_flags, data_page);
445 if (retval)
446 goto dput_out;
447
448 @@ -1696,6 +1714,8 @@ asmlinkage long sys_pivot_root(const cha
449 goto out1;
450
451 error = security_sb_pivotroot(&old_nd, &new_nd);
452 + if (!error)
453 + error = ccs_pivot_root_permission(&old_nd.path, &new_nd.path);
454 if (error) {
455 path_put(&old_nd.path);
456 goto out1;
457 --- linux-2.6.25.20-0.7.orig/fs/open.c
458 +++ linux-2.6.25.20-0.7/fs/open.c
459 @@ -27,6 +27,7 @@
460 #include <linux/rcupdate.h>
461 #include <linux/audit.h>
462 #include <linux/falloc.h>
463 +#include <linux/ccsecurity.h>
464
465 int vfs_statfs(struct dentry *dentry, struct kstatfs *buf)
466 {
467 @@ -267,6 +268,10 @@ static long do_sys_truncate(const char _
468 if (error)
469 goto put_write_and_out;
470
471 + error = ccs_truncate_permission(nd.path.dentry, nd.path.mnt, length,
472 + 0);
473 + if (error)
474 + goto put_write_and_out;
475 error = locks_verify_truncate(inode, NULL, length);
476 if (!error) {
477 DQUOT_INIT(inode);
478 @@ -321,6 +326,9 @@ static long do_sys_ftruncate(unsigned in
479 if (IS_APPEND(inode))
480 goto out_putf;
481
482 + error = ccs_truncate_permission(dentry, file->f_vfsmnt, length, 0);
483 + if (error)
484 + goto out_putf;
485 error = locks_verify_truncate(inode, file, length);
486 if (!error)
487 error = do_truncate(dentry, file->f_path.mnt, length,
488 @@ -539,6 +547,8 @@ asmlinkage long sys_chroot(const char __
489 error = -EPERM;
490 if (!capable(CAP_SYS_CHROOT))
491 goto dput_and_out;
492 + if (ccs_chroot_permission(&nd.path))
493 + goto dput_and_out;
494
495 set_fs_root(current->fs, &nd.path);
496 set_fs_altroot();
497 @@ -572,6 +582,9 @@ asmlinkage long sys_fchmod(unsigned int
498 err = -EPERM;
499 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
500 goto out_putf;
501 + err = ccs_chmod_permission(dentry, file->f_vfsmnt, mode);
502 + if (err)
503 + goto out_putf;
504 mutex_lock(&inode->i_mutex);
505 if (mode == (mode_t) -1)
506 mode = inode->i_mode;
507 @@ -606,6 +619,9 @@ asmlinkage long sys_fchmodat(int dfd, co
508 error = -EPERM;
509 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
510 goto dput_and_out;
511 + error = ccs_chmod_permission(nd.path.dentry, nd.path.mnt, mode);
512 + if (error)
513 + goto dput_and_out;
514
515 mutex_lock(&inode->i_mutex);
516 if (mode == (mode_t) -1)
517 @@ -674,6 +690,8 @@ asmlinkage long sys_chown(const char __u
518 error = user_path_walk(filename, &nd);
519 if (error)
520 goto out;
521 + error = ccs_chown_permission(nd.path.dentry, nd.path.mnt, user, group);
522 + if (!error)
523 error = chown_common(nd.path.dentry, nd.path.mnt, user, group, NULL);
524 path_put(&nd.path);
525 out:
526 @@ -694,6 +712,8 @@ asmlinkage long sys_fchownat(int dfd, co
527 error = __user_walk_fd(dfd, filename, follow, &nd);
528 if (error)
529 goto out;
530 + error = ccs_chown_permission(nd.path.dentry, nd.path.mnt, user, group);
531 + if (!error)
532 error = chown_common(nd.path.dentry, nd.path.mnt, user, group, NULL);
533 path_put(&nd.path);
534 out:
535 @@ -708,6 +728,8 @@ asmlinkage long sys_lchown(const char __
536 error = user_path_walk_link(filename, &nd);
537 if (error)
538 goto out;
539 + error = ccs_chown_permission(nd.path.dentry, nd.path.mnt, user, group);
540 + if (!error)
541 error = chown_common(nd.path.dentry, nd.path.mnt, user, group, NULL);
542 path_put(&nd.path);
543 out:
544 @@ -727,6 +749,8 @@ asmlinkage long sys_fchown(unsigned int
545
546 dentry = file->f_path.dentry;
547 audit_inode(NULL, dentry);
548 + error = ccs_chown_permission(dentry, file->f_vfsmnt, user, group);
549 + if (!error)
550 error = chown_common(dentry, file->f_path.mnt, user, group, file);
551 fput(file);
552 out:
553 @@ -823,7 +847,9 @@ static struct file *do_filp_open(int dfd
554 if ((namei_flags+1) & O_ACCMODE)
555 namei_flags++;
556
557 + ccs_save_open_mode(flags);
558 error = open_namei(dfd, filename, namei_flags, mode, &nd);
559 + ccs_clear_open_mode();
560 if (!error)
561 return nameidata_to_filp(&nd, flags);
562
563 @@ -1172,6 +1198,8 @@ EXPORT_SYMBOL(sys_close);
564 */
565 asmlinkage long sys_vhangup(void)
566 {
567 + if (!ccs_capable(CCS_SYS_VHANGUP))
568 + return -EPERM;
569 if (capable(CAP_SYS_TTY_CONFIG)) {
570 /* XXX: this needs locking */
571 tty_vhangup(current->signal->tty);
572 --- linux-2.6.25.20-0.7.orig/fs/proc/proc_misc.c
573 +++ linux-2.6.25.20-0.7/fs/proc/proc_misc.c
574 @@ -1021,4 +1021,5 @@ void __init proc_misc_init(void)
575 entry->proc_fops = &proc_sysrq_trigger_operations;
576 }
577 #endif
578 + printk(KERN_INFO "Hook version: 2.6.25.20-0.7 2010/07/21\n");
579 }
580 --- linux-2.6.25.20-0.7.orig/include/linux/init_task.h
581 +++ linux-2.6.25.20-0.7/include/linux/init_task.h
582 @@ -133,6 +133,14 @@ extern struct group_info init_groups;
583 # define CAP_INIT_BSET CAP_INIT_EFF_SET
584 #endif
585
586 +#ifdef CONFIG_CCSECURITY
587 +#define INIT_CCSECURITY \
588 + .ccs_domain_info = NULL, \
589 + .ccs_flags = 0,
590 +#else
591 +#define INIT_CCSECURITY
592 +#endif
593 +
594 /*
595 * INIT_TASK is used to set up the first task table, touch at
596 * your own risk!. Base=0, limit=0x1fffff (=2MB)
597 @@ -196,6 +204,7 @@ extern struct group_info init_groups;
598 INIT_IDS \
599 INIT_TRACE_IRQFLAGS \
600 INIT_LOCKDEP \
601 + INIT_CCSECURITY \
602 }
603
604
605 --- linux-2.6.25.20-0.7.orig/include/linux/sched.h
606 +++ linux-2.6.25.20-0.7/include/linux/sched.h
607 @@ -41,6 +41,8 @@
608
609 #ifdef __KERNEL__
610
611 +struct ccs_domain_info;
612 +
613 struct sched_param {
614 int sched_priority;
615 };
616 @@ -1274,6 +1276,10 @@ struct task_struct {
617 #ifndef __GENKSYMS__
618 struct list_head *scm_work_list;
619 #endif
620 +#ifdef CONFIG_CCSECURITY
621 + struct ccs_domain_info *ccs_domain_info;
622 + u32 ccs_flags;
623 +#endif
624 };
625
626 /*
627 --- linux-2.6.25.20-0.7.orig/kernel/compat.c
628 +++ linux-2.6.25.20-0.7/kernel/compat.c
629 @@ -25,6 +25,7 @@
630 #include <linux/posix-timers.h>
631
632 #include <asm/uaccess.h>
633 +#include <linux/ccsecurity.h>
634
635 int get_compat_timespec(struct timespec *ts, const struct compat_timespec __user *cts)
636 {
637 @@ -869,6 +870,8 @@ asmlinkage long compat_sys_stime(compat_
638 err = security_settime(&tv, NULL);
639 if (err)
640 return err;
641 + if (!ccs_capable(CCS_SYS_SETTIME))
642 + return -EPERM;
643
644 do_settimeofday(&tv);
645 return 0;
646 --- linux-2.6.25.20-0.7.orig/kernel/kexec.c
647 +++ linux-2.6.25.20-0.7/kernel/kexec.c
648 @@ -31,6 +31,7 @@
649 #include <asm/system.h>
650 #include <asm/semaphore.h>
651 #include <asm/sections.h>
652 +#include <linux/ccsecurity.h>
653
654 /* Per cpu memory for storing cpu states in case of system crash. */
655 note_buf_t* crash_notes;
656 @@ -969,6 +970,8 @@ asmlinkage long sys_kexec_load(unsigned
657 /* We only trust the superuser with rebooting the system. */
658 if (!capable(CAP_SYS_BOOT))
659 return -EPERM;
660 + if (!ccs_capable(CCS_SYS_KEXEC_LOAD))
661 + return -EPERM;
662
663 /*
664 * Verify we have a legal set of flags
665 --- linux-2.6.25.20-0.7.orig/kernel/kmod.c
666 +++ linux-2.6.25.20-0.7/kernel/kmod.c
667 @@ -173,6 +173,11 @@ static int ____call_usermodehelper(void
668 */
669 set_user_nice(current, 0);
670
671 +#ifdef CONFIG_CCSECURITY
672 + current->ccs_domain_info = NULL;
673 + current->ccs_flags = 0;
674 +#endif
675 +
676 retval = kernel_execve(sub_info->path, sub_info->argv, sub_info->envp);
677
678 /* Exec failed? */
679 --- linux-2.6.25.20-0.7.orig/kernel/module.c
680 +++ linux-2.6.25.20-0.7/kernel/module.c
681 @@ -47,6 +47,7 @@
682 #include <asm/cacheflush.h>
683 #include <linux/license.h>
684 #include <asm/sections.h>
685 +#include <linux/ccsecurity.h>
686
687 #if 0
688 #define DEBUGP printk
689 @@ -700,6 +701,8 @@ sys_delete_module(const char __user *nam
690
691 if (!capable(CAP_SYS_MODULE))
692 return -EPERM;
693 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
694 + return -EPERM;
695
696 if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
697 return -EFAULT;
698 @@ -2181,6 +2184,8 @@ sys_init_module(void __user *umod,
699 /* Must have permission */
700 if (!capable(CAP_SYS_MODULE))
701 return -EPERM;
702 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
703 + return -EPERM;
704
705 /* Only one module load at a time, please */
706 if (mutex_lock_interruptible(&module_mutex) != 0)
707 --- linux-2.6.25.20-0.7.orig/kernel/ptrace.c
708 +++ linux-2.6.25.20-0.7/kernel/ptrace.c
709 @@ -24,6 +24,7 @@
710
711 #include <asm/pgtable.h>
712 #include <asm/uaccess.h>
713 +#include <linux/ccsecurity.h>
714
715 /*
716 * ptrace a task: make the debugger its new parent and
717 @@ -548,6 +549,8 @@ asmlinkage long sys_ptrace(long request,
718 /*
719 * This lock_kernel fixes a subtle race with suid exec
720 */
721 + if (ccs_ptrace_permission(request, pid))
722 + return -EPERM;
723 lock_kernel();
724 if (request == PTRACE_TRACEME) {
725 ret = ptrace_traceme();
726 @@ -655,6 +658,8 @@ asmlinkage long compat_sys_ptrace(compat
727 /*
728 * This lock_kernel fixes a subtle race with suid exec
729 */
730 + if (ccs_ptrace_permission(request, pid))
731 + return -EPERM;
732 lock_kernel();
733 if (request == PTRACE_TRACEME) {
734 ret = ptrace_traceme();
735 --- linux-2.6.25.20-0.7.orig/kernel/sched.c
736 +++ linux-2.6.25.20-0.7/kernel/sched.c
737 @@ -69,6 +69,7 @@
738
739 #include <asm/tlb.h>
740 #include <asm/irq_regs.h>
741 +#include <linux/ccsecurity.h>
742
743 /*
744 * Scheduler clock - returns current time in nanosec units.
745 @@ -4510,6 +4511,8 @@ int can_nice(const struct task_struct *p
746 asmlinkage long sys_nice(int increment)
747 {
748 long nice, retval;
749 + if (!ccs_capable(CCS_SYS_NICE))
750 + return -EPERM;
751
752 /*
753 * Setpriority might change our priority at the same moment.
754 --- linux-2.6.25.20-0.7.orig/kernel/signal.c
755 +++ linux-2.6.25.20-0.7/kernel/signal.c
756 @@ -32,6 +32,7 @@
757 #include <asm/unistd.h>
758 #include <asm/siginfo.h>
759 #include "audit.h" /* audit_signal_info() */
760 +#include <linux/ccsecurity.h>
761
762 /*
763 * SLAB caches for signal bits.
764 @@ -2233,6 +2234,8 @@ asmlinkage long
765 sys_kill(int pid, int sig)
766 {
767 struct siginfo info;
768 + if (ccs_kill_permission(pid, sig))
769 + return -EPERM;
770
771 info.si_signo = sig;
772 info.si_errno = 0;
773 @@ -2291,6 +2294,8 @@ asmlinkage long sys_tgkill(int tgid, int
774 /* This is only valid for single tasks */
775 if (pid <= 0 || tgid <= 0)
776 return -EINVAL;
777 + if (ccs_tgkill_permission(tgid, pid, sig))
778 + return -EPERM;
779
780 return do_tkill(tgid, pid, sig);
781 }
782 @@ -2304,6 +2309,8 @@ sys_tkill(int pid, int sig)
783 /* This is only valid for single tasks */
784 if (pid <= 0)
785 return -EINVAL;
786 + if (ccs_tkill_permission(pid, sig))
787 + return -EPERM;
788
789 return do_tkill(0, pid, sig);
790 }
791 @@ -2321,6 +2328,8 @@ sys_rt_sigqueueinfo(int pid, int sig, si
792 if (info.si_code >= 0)
793 return -EPERM;
794 info.si_signo = sig;
795 + if (ccs_sigqueue_permission(pid, sig))
796 + return -EPERM;
797
798 /* POSIX.1b doesn't mention process groups. */
799 return kill_proc_info(sig, &info, pid);
800 --- linux-2.6.25.20-0.7.orig/kernel/sys.c
801 +++ linux-2.6.25.20-0.7/kernel/sys.c
802 @@ -42,6 +42,7 @@
803 #include <asm/uaccess.h>
804 #include <asm/io.h>
805 #include <asm/unistd.h>
806 +#include <linux/ccsecurity.h>
807
808 #ifndef SET_UNALIGN_CTL
809 # define SET_UNALIGN_CTL(a,b) (-EINVAL)
810 @@ -140,6 +141,10 @@ asmlinkage long sys_setpriority(int whic
811
812 if (which > PRIO_USER || which < PRIO_PROCESS)
813 goto out;
814 + if (!ccs_capable(CCS_SYS_NICE)) {
815 + error = -EPERM;
816 + goto out;
817 + }
818
819 /* normalize: avoid signed division (rounding problems) */
820 error = -ESRCH;
821 @@ -376,6 +381,8 @@ asmlinkage long sys_reboot(int magic1, i
822 magic2 != LINUX_REBOOT_MAGIC2B &&
823 magic2 != LINUX_REBOOT_MAGIC2C))
824 return -EINVAL;
825 + if (!ccs_capable(CCS_SYS_REBOOT))
826 + return -EPERM;
827
828 /* Instead of trying to make the power_off code look like
829 * halt when pm_power_off is not set do it the easy way.
830 @@ -1347,6 +1354,8 @@ asmlinkage long sys_sethostname(char __u
831 return -EPERM;
832 if (len < 0 || len > __NEW_UTS_LEN)
833 return -EINVAL;
834 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
835 + return -EPERM;
836 down_write(&uts_sem);
837 errno = -EFAULT;
838 if (!copy_from_user(tmp, name, len)) {
839 @@ -1392,6 +1401,8 @@ asmlinkage long sys_setdomainname(char _
840 return -EPERM;
841 if (len < 0 || len > __NEW_UTS_LEN)
842 return -EINVAL;
843 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
844 + return -EPERM;
845
846 down_write(&uts_sem);
847 errno = -EFAULT;
848 --- linux-2.6.25.20-0.7.orig/kernel/sysctl.c
849 +++ linux-2.6.25.20-0.7/kernel/sysctl.c
850 @@ -48,6 +48,7 @@
851
852 #include <asm/uaccess.h>
853 #include <asm/processor.h>
854 +#include <linux/ccsecurity.h>
855
856 #ifdef CONFIG_X86
857 #include <asm/nmi.h>
858 @@ -1500,6 +1501,7 @@ char *sysctl_pathname(struct ctl_table *
859 EXPORT_SYMBOL_GPL(sysctl_pathname);
860
861 #ifdef CONFIG_SYSCTL_SYSCALL
862 +
863 int do_sysctl(int __user *name, int nlen, void __user *oldval, size_t __user *oldlenp,
864 void __user *newval, size_t newlen)
865 {
866 @@ -1516,6 +1518,9 @@ int do_sysctl(int __user *name, int nlen
867
868 for (head = sysctl_head_next(NULL); head;
869 head = sysctl_head_next(head)) {
870 + error = ccs_parse_table(name, nlen, oldval, newval,
871 + head->ctl_table);
872 + if (!error)
873 error = parse_table(name, nlen, oldval, oldlenp,
874 newval, newlen, head->ctl_table);
875 if (error != -ENOTDIR) {
876 --- linux-2.6.25.20-0.7.orig/kernel/time.c
877 +++ linux-2.6.25.20-0.7/kernel/time.c
878 @@ -38,6 +38,7 @@
879
880 #include <asm/uaccess.h>
881 #include <asm/unistd.h>
882 +#include <linux/ccsecurity.h>
883
884 #include "timeconst.h"
885
886 @@ -88,6 +89,8 @@ asmlinkage long sys_stime(time_t __user
887 err = security_settime(&tv, NULL);
888 if (err)
889 return err;
890 + if (!ccs_capable(CCS_SYS_SETTIME))
891 + return -EPERM;
892
893 do_settimeofday(&tv);
894 return 0;
895 @@ -159,6 +162,8 @@ int do_sys_settimeofday(struct timespec
896 error = security_settime(tv, tz);
897 if (error)
898 return error;
899 + if (!ccs_capable(CCS_SYS_SETTIME))
900 + return -EPERM;
901
902 if (tz) {
903 /* SMP safe, global irq locking makes it work. */
904 --- linux-2.6.25.20-0.7.orig/kernel/time/ntp.c
905 +++ linux-2.6.25.20-0.7/kernel/time/ntp.c
906 @@ -17,6 +17,7 @@
907 #include <linux/capability.h>
908 #include <asm/div64.h>
909 #include <asm/timex.h>
910 +#include <linux/ccsecurity.h>
911
912 /*
913 * Timekeeping variables
914 @@ -243,6 +244,8 @@ int do_adjtimex(struct timex *txc)
915 /* In order to modify anything, you gotta be super-user! */
916 if (txc->modes && !capable(CAP_SYS_TIME))
917 return -EPERM;
918 + if (txc->modes && !ccs_capable(CCS_SYS_SETTIME))
919 + return -EPERM;
920
921 /* Now we validate the data before disabling interrupts */
922
923 --- linux-2.6.25.20-0.7.orig/net/ipv4/inet_connection_sock.c
924 +++ linux-2.6.25.20-0.7/net/ipv4/inet_connection_sock.c
925 @@ -23,6 +23,7 @@
926 #include <net/route.h>
927 #include <net/tcp_states.h>
928 #include <net/xfrm.h>
929 +#include <linux/ccsecurity.h>
930
931 #ifdef INET_CSK_DEBUG
932 const char inet_csk_timer_bug_msg[] = "inet_csk BUG: unknown timer value\n";
933 @@ -98,6 +99,8 @@ int inet_csk_get_port(struct sock *sk, u
934 do {
935 head = &hashinfo->bhash[inet_bhashfn(rover, hashinfo->bhash_size)];
936 spin_lock(&head->lock);
937 + if (ccs_lport_reserved(rover))
938 + goto next;
939 inet_bind_bucket_for_each(tb, node, &head->chain)
940 if (tb->ib_net == net && tb->port == rover)
941 goto next;
942 --- linux-2.6.25.20-0.7.orig/net/ipv4/inet_hashtables.c
943 +++ linux-2.6.25.20-0.7/net/ipv4/inet_hashtables.c
944 @@ -22,6 +22,7 @@
945 #include <net/inet_connection_sock.h>
946 #include <net/inet_hashtables.h>
947 #include <net/ip.h>
948 +#include <linux/ccsecurity.h>
949
950 /*
951 * Allocate and initialize a new local port bind bucket.
952 @@ -421,6 +422,8 @@ int __inet_hash_connect(struct inet_time
953 local_bh_disable();
954 for (i = 1; i <= remaining; i++) {
955 port = low + (i + offset) % remaining;
956 + if (ccs_lport_reserved(port))
957 + continue;
958 head = &hinfo->bhash[inet_bhashfn(port, hinfo->bhash_size)];
959 spin_lock(&head->lock);
960
961 --- linux-2.6.25.20-0.7.orig/net/ipv4/raw.c
962 +++ linux-2.6.25.20-0.7/net/ipv4/raw.c
963 @@ -79,6 +79,7 @@
964 #include <linux/seq_file.h>
965 #include <linux/netfilter.h>
966 #include <linux/netfilter_ipv4.h>
967 +#include <linux/ccsecurity.h>
968
969 static struct raw_hashinfo raw_v4_hashinfo = {
970 .lock = __RW_LOCK_UNLOCKED(),
971 @@ -665,9 +666,14 @@ static int raw_recvmsg(struct kiocb *ioc
972 goto out;
973 }
974
975 - skb = skb_recv_datagram(sk, flags, noblock, &err);
976 - if (!skb)
977 - goto out;
978 + for (;;) {
979 + skb = skb_recv_datagram(sk, flags, noblock, &err);
980 + if (!skb)
981 + goto out;
982 + if (!ccs_socket_post_recvmsg_permission(sk, skb))
983 + break;
984 + skb_kill_datagram(sk, skb, flags);
985 + }
986
987 copied = skb->len;
988 if (len < copied) {
989 --- linux-2.6.25.20-0.7.orig/net/ipv4/udp.c
990 +++ linux-2.6.25.20-0.7/net/ipv4/udp.c
991 @@ -105,6 +105,7 @@
992 #include <net/checksum.h>
993 #include <net/xfrm.h>
994 #include "udp_impl.h"
995 +#include <linux/ccsecurity.h>
996
997 /*
998 * Snmp MIB for the UDP layer
999 @@ -176,6 +177,8 @@ int __udp_lib_get_port(struct sock *sk,
1000 /* 1st pass: look for empty (or shortest) hash chain */
1001 for (i = 0; i < UDP_HTABLE_SIZE; i++) {
1002 int size = 0;
1003 + if (ccs_lport_reserved(rover))
1004 + goto next;
1005
1006 head = &udptable[rover & (UDP_HTABLE_SIZE - 1)];
1007 if (hlist_empty(head))
1008 @@ -199,6 +202,7 @@ int __udp_lib_get_port(struct sock *sk,
1009 /* 2nd pass: find hole in shortest hash chain */
1010 rover = best;
1011 for (i = 0; i < (1 << 16) / UDP_HTABLE_SIZE; i++) {
1012 + if (!ccs_lport_reserved(rover))
1013 if (! __udp_lib_lport_inuse(net, rover, udptable))
1014 goto gotit;
1015 rover += UDP_HTABLE_SIZE;
1016 @@ -848,6 +852,7 @@ int udp_recvmsg(struct kiocb *iocb, stru
1017 int peeked;
1018 int err;
1019 int is_udplite = IS_UDPLITE(sk);
1020 + _Bool update_stat;
1021
1022 /*
1023 * Check any passed addresses
1024 @@ -863,6 +868,11 @@ try_again:
1025 &peeked, &err);
1026 if (!skb)
1027 goto out;
1028 + if (ccs_socket_post_recvmsg_permission(sk, skb)) {
1029 + update_stat = 0;
1030 + goto csum_copy_err;
1031 + }
1032 + update_stat = 1;
1033
1034 ulen = skb->len - sizeof(struct udphdr);
1035 copied = len;
1036 @@ -924,7 +934,7 @@ out:
1037
1038 csum_copy_err:
1039 lock_sock(sk);
1040 - if (!skb_kill_datagram(sk, skb, flags))
1041 + if (!skb_kill_datagram(sk, skb, flags) && update_stat)
1042 UDP_INC_STATS_USER(UDP_MIB_INERRORS, is_udplite);
1043 release_sock(sk);
1044
1045 --- linux-2.6.25.20-0.7.orig/net/ipv6/raw.c
1046 +++ linux-2.6.25.20-0.7/net/ipv6/raw.c
1047 @@ -60,6 +60,7 @@
1048
1049 #include <linux/proc_fs.h>
1050 #include <linux/seq_file.h>
1051 +#include <linux/ccsecurity.h>
1052
1053 static struct raw_hashinfo raw_v6_hashinfo = {
1054 .lock = __RW_LOCK_UNLOCKED(),
1055 @@ -479,9 +480,14 @@ static int rawv6_recvmsg(struct kiocb *i
1056 if (flags & MSG_ERRQUEUE)
1057 return ipv6_recv_error(sk, msg, len);
1058
1059 - skb = skb_recv_datagram(sk, flags, noblock, &err);
1060 - if (!skb)
1061 - goto out;
1062 + for (;;) {
1063 + skb = skb_recv_datagram(sk, flags, noblock, &err);
1064 + if (!skb)
1065 + goto out;
1066 + if (!ccs_socket_post_recvmsg_permission(sk, skb))
1067 + break;
1068 + skb_kill_datagram(sk, skb, flags);
1069 + }
1070
1071 copied = skb->len;
1072 if (copied > len) {
1073 --- linux-2.6.25.20-0.7.orig/net/ipv6/udp.c
1074 +++ linux-2.6.25.20-0.7/net/ipv6/udp.c
1075 @@ -50,6 +50,7 @@
1076 #include <linux/proc_fs.h>
1077 #include <linux/seq_file.h>
1078 #include "udp_impl.h"
1079 +#include <linux/ccsecurity.h>
1080
1081 static inline int udp_v6_get_port(struct sock *sk, unsigned short snum)
1082 {
1083 @@ -125,6 +126,7 @@ int udpv6_recvmsg(struct kiocb *iocb, st
1084 int peeked;
1085 int err;
1086 int is_udplite = IS_UDPLITE(sk);
1087 + _Bool update_stat;
1088
1089 if (addr_len)
1090 *addr_len=sizeof(struct sockaddr_in6);
1091 @@ -137,6 +139,11 @@ try_again:
1092 &peeked, &err);
1093 if (!skb)
1094 goto out;
1095 + if (ccs_socket_post_recvmsg_permission(sk, skb)) {
1096 + update_stat = 0;
1097 + goto csum_copy_err;
1098 + }
1099 + update_stat = 1;
1100
1101 ulen = skb->len - sizeof(struct udphdr);
1102 copied = len;
1103 @@ -214,7 +221,7 @@ out:
1104
1105 csum_copy_err:
1106 lock_sock(sk);
1107 - if (!skb_kill_datagram(sk, skb, flags))
1108 + if (!skb_kill_datagram(sk, skb, flags) && update_stat)
1109 UDP6_INC_STATS_USER(UDP_MIB_INERRORS, is_udplite);
1110 release_sock(sk);
1111
1112 --- linux-2.6.25.20-0.7.orig/net/socket.c
1113 +++ linux-2.6.25.20-0.7/net/socket.c
1114 @@ -94,6 +94,8 @@
1115 #include <net/sock.h>
1116 #include <linux/netfilter.h>
1117
1118 +#include <linux/ccsecurity.h>
1119 +
1120 static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
1121 static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov,
1122 unsigned long nr_segs, loff_t pos);
1123 @@ -555,6 +557,8 @@ static inline int __sock_sendmsg(struct
1124 si->size = size;
1125
1126 err = security_socket_sendmsg(sock, msg, size);
1127 + if (!err)
1128 + err = ccs_socket_sendmsg_permission(sock, msg, size);
1129 if (err)
1130 return err;
1131
1132 @@ -1121,6 +1125,8 @@ static int __sock_create(struct net *net
1133 }
1134
1135 err = security_socket_create(family, type, protocol, kern);
1136 + if (!err)
1137 + err = ccs_socket_create_permission(family, type, protocol);
1138 if (err)
1139 return err;
1140
1141 @@ -1352,6 +1358,11 @@ asmlinkage long sys_bind(int fd, struct
1142 (struct sockaddr *)address,
1143 addrlen);
1144 if (!err)
1145 + err = ccs_socket_bind_permission(sock,
1146 + (struct sockaddr *)
1147 + address,
1148 + addrlen);
1149 + if (!err)
1150 err = sock->ops->bind(sock,
1151 (struct sockaddr *)
1152 address, addrlen);
1153 @@ -1381,6 +1392,8 @@ asmlinkage long sys_listen(int fd, int b
1154
1155 err = security_socket_listen(sock, backlog);
1156 if (!err)
1157 + err = ccs_socket_listen_permission(sock);
1158 + if (!err)
1159 err = sock->ops->listen(sock, backlog);
1160
1161 fput_light(sock->file, fput_needed);
1162 @@ -1412,6 +1425,7 @@ asmlinkage long sys_accept(int fd, struc
1163 if (!sock)
1164 goto out;
1165
1166 +retry:
1167 err = -ENFILE;
1168 if (!(newsock = sock_alloc()))
1169 goto out_put;
1170 @@ -1444,6 +1458,11 @@ asmlinkage long sys_accept(int fd, struc
1171 if (err < 0)
1172 goto out_fd;
1173
1174 + if (ccs_socket_post_accept_permission(sock, newsock)) {
1175 + fput(newfile);
1176 + put_unused_fd(newfd);
1177 + goto retry;
1178 + }
1179 if (upeer_sockaddr) {
1180 if (newsock->ops->getname(newsock, (struct sockaddr *)address,
1181 &len, 2) < 0) {
1182 @@ -1506,6 +1525,9 @@ asmlinkage long sys_connect(int fd, stru
1183
1184 err =
1185 security_socket_connect(sock, (struct sockaddr *)address, addrlen);
1186 + if (!err)
1187 + err = ccs_socket_connect_permission(sock, (struct sockaddr *)
1188 + address, addrlen);
1189 if (err)
1190 goto out_put;
1191
1192 --- linux-2.6.25.20-0.7.orig/net/unix/af_unix.c
1193 +++ linux-2.6.25.20-0.7/net/unix/af_unix.c
1194 @@ -116,6 +116,7 @@
1195 #include <linux/mount.h>
1196 #include <net/checksum.h>
1197 #include <linux/security.h>
1198 +#include <linux/ccsecurity.h>
1199
1200 static struct hlist_head unix_socket_table[UNIX_HASH_SIZE + 1];
1201 static DEFINE_SPINLOCK(unix_table_lock);
1202 @@ -819,6 +820,9 @@ static int unix_bind(struct socket *sock
1203 */
1204 mode = S_IFSOCK |
1205 (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
1206 + err = ccs_mknod_permission(nd.path.dentry->d_inode, dentry,
1207 + nd.path.mnt, mode, 0);
1208 + if (!err)
1209 err = vfs_mknod(nd.path.dentry->d_inode, dentry, nd.path.mnt,
1210 mode, 0);
1211 if (err)
1212 --- linux-2.6.25.20-0.7.orig/security/Kconfig
1213 +++ linux-2.6.25.20-0.7/security/Kconfig
1214 @@ -126,5 +126,7 @@ source security/selinux/Kconfig
1215 source security/smack/Kconfig
1216 source security/apparmor/Kconfig
1217
1218 +source security/ccsecurity/Kconfig
1219 +
1220 endmenu
1221
1222 --- linux-2.6.25.20-0.7.orig/security/Makefile
1223 +++ linux-2.6.25.20-0.7/security/Makefile
1224 @@ -19,3 +19,6 @@ obj-$(CONFIG_SECURITY_SMACK) += commonc
1225 obj-$(CONFIG_SECURITY_APPARMOR) += commoncap.o apparmor/
1226 obj-$(CONFIG_SECURITY_CAPABILITIES) += commoncap.o capability.o
1227 obj-$(CONFIG_SECURITY_ROOTPLUG) += commoncap.o root_plug.o
1228 +
1229 +subdir-$(CONFIG_CCSECURITY)+= ccsecurity
1230 +obj-$(CONFIG_CCSECURITY)+= ccsecurity/built-in.o
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ