(メッセージはありません)
@@ -1,6 +1,6 @@ | ||
1 | -This is TOMOYO Linux patch for kernel 3.10.31. | |
1 | +This is TOMOYO Linux patch for kernel 3.10.33. | |
2 | 2 | |
3 | -Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.10.31.tar.xz | |
3 | +Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.10.33.tar.xz | |
4 | 4 | --- |
5 | 5 | fs/exec.c | 2 |
6 | 6 | fs/open.c | 2 |
@@ -28,8 +28,8 @@ | ||
28 | 28 | security/security.c | 107 ++++++++++++++++++++++++++++++++++++++++------ |
29 | 29 | 24 files changed, 235 insertions(+), 37 deletions(-) |
30 | 30 | |
31 | ---- linux-3.10.31.orig/fs/exec.c | |
32 | -+++ linux-3.10.31/fs/exec.c | |
31 | +--- linux-3.10.33.orig/fs/exec.c | |
32 | ++++ linux-3.10.33/fs/exec.c | |
33 | 33 | @@ -1540,7 +1540,7 @@ static int do_execve_common(const char * |
34 | 34 | if (retval < 0) |
35 | 35 | goto out; |
@@ -39,8 +39,8 @@ | ||
39 | 39 | if (retval < 0) |
40 | 40 | goto out; |
41 | 41 | |
42 | ---- linux-3.10.31.orig/fs/open.c | |
43 | -+++ linux-3.10.31/fs/open.c | |
42 | +--- linux-3.10.33.orig/fs/open.c | |
43 | ++++ linux-3.10.33/fs/open.c | |
44 | 44 | @@ -1035,6 +1035,8 @@ EXPORT_SYMBOL(sys_close); |
45 | 45 | */ |
46 | 46 | SYSCALL_DEFINE0(vhangup) |
@@ -50,8 +50,8 @@ | ||
50 | 50 | if (capable(CAP_SYS_TTY_CONFIG)) { |
51 | 51 | tty_vhangup_self(); |
52 | 52 | return 0; |
53 | ---- linux-3.10.31.orig/fs/proc/version.c | |
54 | -+++ linux-3.10.31/fs/proc/version.c | |
53 | +--- linux-3.10.33.orig/fs/proc/version.c | |
54 | ++++ linux-3.10.33/fs/proc/version.c | |
55 | 55 | @@ -32,3 +32,10 @@ static int __init proc_version_init(void |
56 | 56 | return 0; |
57 | 57 | } |
@@ -59,12 +59,12 @@ | ||
59 | 59 | + |
60 | 60 | +static int __init ccs_show_version(void) |
61 | 61 | +{ |
62 | -+ printk(KERN_INFO "Hook version: 3.10.31 2014/02/22\n"); | |
62 | ++ printk(KERN_INFO "Hook version: 3.10.33 2014/03/10\n"); | |
63 | 63 | + return 0; |
64 | 64 | +} |
65 | 65 | +module_init(ccs_show_version); |
66 | ---- linux-3.10.31.orig/include/linux/init_task.h | |
67 | -+++ linux-3.10.31/include/linux/init_task.h | |
66 | +--- linux-3.10.33.orig/include/linux/init_task.h | |
67 | ++++ linux-3.10.33/include/linux/init_task.h | |
68 | 68 | @@ -154,6 +154,14 @@ extern struct task_group root_task_group |
69 | 69 | |
70 | 70 | #define INIT_TASK_COMM "swapper" |
@@ -88,8 +88,8 @@ | ||
88 | 88 | } |
89 | 89 | |
90 | 90 | |
91 | ---- linux-3.10.31.orig/include/linux/sched.h | |
92 | -+++ linux-3.10.31/include/linux/sched.h | |
91 | +--- linux-3.10.33.orig/include/linux/sched.h | |
92 | ++++ linux-3.10.33/include/linux/sched.h | |
93 | 93 | @@ -4,6 +4,8 @@ |
94 | 94 | #include <uapi/linux/sched.h> |
95 | 95 |
@@ -110,8 +110,8 @@ | ||
110 | 110 | }; |
111 | 111 | |
112 | 112 | /* Future-safe accessor for struct task_struct's cpus_allowed. */ |
113 | ---- linux-3.10.31.orig/include/linux/security.h | |
114 | -+++ linux-3.10.31/include/linux/security.h | |
113 | +--- linux-3.10.33.orig/include/linux/security.h | |
114 | ++++ linux-3.10.33/include/linux/security.h | |
115 | 115 | @@ -52,6 +52,7 @@ struct msg_queue; |
116 | 116 | struct xattr; |
117 | 117 | struct xfrm_sec_ctx; |
@@ -313,8 +313,8 @@ | ||
313 | 313 | } |
314 | 314 | #endif /* CONFIG_SECURITY_PATH */ |
315 | 315 | |
316 | ---- linux-3.10.31.orig/include/net/ip.h | |
317 | -+++ linux-3.10.31/include/net/ip.h | |
316 | +--- linux-3.10.33.orig/include/net/ip.h | |
317 | ++++ linux-3.10.33/include/net/ip.h | |
318 | 318 | @@ -205,6 +205,8 @@ extern void inet_get_local_port_range(in |
319 | 319 | extern unsigned long *sysctl_local_reserved_ports; |
320 | 320 | static inline int inet_is_reserved_local_port(int port) |
@@ -324,8 +324,8 @@ | ||
324 | 324 | return test_bit(port, sysctl_local_reserved_ports); |
325 | 325 | } |
326 | 326 | |
327 | ---- linux-3.10.31.orig/kernel/fork.c | |
328 | -+++ linux-3.10.31/kernel/fork.c | |
327 | +--- linux-3.10.33.orig/kernel/fork.c | |
328 | ++++ linux-3.10.33/kernel/fork.c | |
329 | 329 | @@ -242,6 +242,7 @@ void __put_task_struct(struct task_struc |
330 | 330 | delayacct_tsk_free(tsk); |
331 | 331 | put_signal_struct(tsk->signal); |
@@ -352,8 +352,8 @@ | ||
352 | 352 | bad_fork_cleanup_policy: |
353 | 353 | perf_event_free_task(p); |
354 | 354 | #ifdef CONFIG_NUMA |
355 | ---- linux-3.10.31.orig/kernel/kexec.c | |
356 | -+++ linux-3.10.31/kernel/kexec.c | |
355 | +--- linux-3.10.33.orig/kernel/kexec.c | |
356 | ++++ linux-3.10.33/kernel/kexec.c | |
357 | 357 | @@ -37,6 +37,7 @@ |
358 | 358 | #include <asm/uaccess.h> |
359 | 359 | #include <asm/io.h> |
@@ -371,8 +371,8 @@ | ||
371 | 371 | |
372 | 372 | /* |
373 | 373 | * Verify we have a legal set of flags |
374 | ---- linux-3.10.31.orig/kernel/module.c | |
375 | -+++ linux-3.10.31/kernel/module.c | |
374 | +--- linux-3.10.33.orig/kernel/module.c | |
375 | ++++ linux-3.10.33/kernel/module.c | |
376 | 376 | @@ -63,6 +63,7 @@ |
377 | 377 | #include <linux/fips.h> |
378 | 378 | #include <uapi/linux/module.h> |
@@ -399,8 +399,8 @@ | ||
399 | 399 | |
400 | 400 | return 0; |
401 | 401 | } |
402 | ---- linux-3.10.31.orig/kernel/ptrace.c | |
403 | -+++ linux-3.10.31/kernel/ptrace.c | |
402 | +--- linux-3.10.33.orig/kernel/ptrace.c | |
403 | ++++ linux-3.10.33/kernel/ptrace.c | |
404 | 404 | @@ -998,6 +998,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l |
405 | 405 | { |
406 | 406 | struct task_struct *child; |
@@ -425,8 +425,8 @@ | ||
425 | 425 | |
426 | 426 | if (request == PTRACE_TRACEME) { |
427 | 427 | ret = ptrace_traceme(); |
428 | ---- linux-3.10.31.orig/kernel/sched/core.c | |
429 | -+++ linux-3.10.31/kernel/sched/core.c | |
428 | +--- linux-3.10.33.orig/kernel/sched/core.c | |
429 | ++++ linux-3.10.33/kernel/sched/core.c | |
430 | 430 | @@ -3732,6 +3732,8 @@ int can_nice(const struct task_struct *p |
431 | 431 | SYSCALL_DEFINE1(nice, int, increment) |
432 | 432 | { |
@@ -436,8 +436,8 @@ | ||
436 | 436 | |
437 | 437 | /* |
438 | 438 | * Setpriority might change our priority at the same moment. |
439 | ---- linux-3.10.31.orig/kernel/signal.c | |
440 | -+++ linux-3.10.31/kernel/signal.c | |
439 | +--- linux-3.10.33.orig/kernel/signal.c | |
440 | ++++ linux-3.10.33/kernel/signal.c | |
441 | 441 | @@ -2909,6 +2909,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s |
442 | 442 | SYSCALL_DEFINE2(kill, pid_t, pid, int, sig) |
443 | 443 | { |
@@ -483,8 +483,8 @@ | ||
483 | 483 | |
484 | 484 | return do_send_specific(tgid, pid, sig, info); |
485 | 485 | } |
486 | ---- linux-3.10.31.orig/kernel/sys.c | |
487 | -+++ linux-3.10.31/kernel/sys.c | |
486 | +--- linux-3.10.33.orig/kernel/sys.c | |
487 | ++++ linux-3.10.33/kernel/sys.c | |
488 | 488 | @@ -186,6 +186,10 @@ SYSCALL_DEFINE3(setpriority, int, which, |
489 | 489 | |
490 | 490 | if (which > PRIO_USER || which < PRIO_PROCESS) |
@@ -523,8 +523,8 @@ | ||
523 | 523 | |
524 | 524 | down_write(&uts_sem); |
525 | 525 | errno = -EFAULT; |
526 | ---- linux-3.10.31.orig/kernel/time/ntp.c | |
527 | -+++ linux-3.10.31/kernel/time/ntp.c | |
526 | +--- linux-3.10.33.orig/kernel/time/ntp.c | |
527 | ++++ linux-3.10.33/kernel/time/ntp.c | |
528 | 528 | @@ -16,6 +16,7 @@ |
529 | 529 | #include <linux/mm.h> |
530 | 530 | #include <linux/module.h> |
@@ -558,8 +558,8 @@ | ||
558 | 558 | |
559 | 559 | return 0; |
560 | 560 | } |
561 | ---- linux-3.10.31.orig/net/ipv4/raw.c | |
562 | -+++ linux-3.10.31/net/ipv4/raw.c | |
561 | +--- linux-3.10.33.orig/net/ipv4/raw.c | |
562 | ++++ linux-3.10.33/net/ipv4/raw.c | |
563 | 563 | @@ -700,6 +700,10 @@ static int raw_recvmsg(struct kiocb *ioc |
564 | 564 | skb = skb_recv_datagram(sk, flags, noblock, &err); |
565 | 565 | if (!skb) |
@@ -571,8 +571,8 @@ | ||
571 | 571 | |
572 | 572 | copied = skb->len; |
573 | 573 | if (len < copied) { |
574 | ---- linux-3.10.31.orig/net/ipv4/udp.c | |
575 | -+++ linux-3.10.31/net/ipv4/udp.c | |
574 | +--- linux-3.10.33.orig/net/ipv4/udp.c | |
575 | ++++ linux-3.10.33/net/ipv4/udp.c | |
576 | 576 | @@ -1218,6 +1218,10 @@ try_again: |
577 | 577 | &peeked, &off, &err); |
578 | 578 | if (!skb) |
@@ -584,8 +584,8 @@ | ||
584 | 584 | |
585 | 585 | ulen = skb->len - sizeof(struct udphdr); |
586 | 586 | copied = len; |
587 | ---- linux-3.10.31.orig/net/ipv6/raw.c | |
588 | -+++ linux-3.10.31/net/ipv6/raw.c | |
587 | +--- linux-3.10.33.orig/net/ipv6/raw.c | |
588 | ++++ linux-3.10.33/net/ipv6/raw.c | |
589 | 589 | @@ -468,6 +468,10 @@ static int rawv6_recvmsg(struct kiocb *i |
590 | 590 | skb = skb_recv_datagram(sk, flags, noblock, &err); |
591 | 591 | if (!skb) |
@@ -597,8 +597,8 @@ | ||
597 | 597 | |
598 | 598 | copied = skb->len; |
599 | 599 | if (copied > len) { |
600 | ---- linux-3.10.31.orig/net/ipv6/udp.c | |
601 | -+++ linux-3.10.31/net/ipv6/udp.c | |
600 | +--- linux-3.10.33.orig/net/ipv6/udp.c | |
601 | ++++ linux-3.10.33/net/ipv6/udp.c | |
602 | 602 | @@ -384,6 +384,10 @@ try_again: |
603 | 603 | &peeked, &off, &err); |
604 | 604 | if (!skb) |
@@ -610,8 +610,8 @@ | ||
610 | 610 | |
611 | 611 | ulen = skb->len - sizeof(struct udphdr); |
612 | 612 | copied = len; |
613 | ---- linux-3.10.31.orig/net/socket.c | |
614 | -+++ linux-3.10.31/net/socket.c | |
613 | +--- linux-3.10.33.orig/net/socket.c | |
614 | ++++ linux-3.10.33/net/socket.c | |
615 | 615 | @@ -1611,6 +1611,10 @@ SYSCALL_DEFINE4(accept4, int, fd, struct |
616 | 616 | if (err < 0) |
617 | 617 | goto out_fd; |
@@ -623,8 +623,8 @@ | ||
623 | 623 | if (upeer_sockaddr) { |
624 | 624 | if (newsock->ops->getname(newsock, (struct sockaddr *)&address, |
625 | 625 | &len, 2) < 0) { |
626 | ---- linux-3.10.31.orig/net/unix/af_unix.c | |
627 | -+++ linux-3.10.31/net/unix/af_unix.c | |
626 | +--- linux-3.10.33.orig/net/unix/af_unix.c | |
627 | ++++ linux-3.10.33/net/unix/af_unix.c | |
628 | 628 | @@ -1814,6 +1814,10 @@ static int unix_dgram_recvmsg(struct kio |
629 | 629 | wake_up_interruptible_sync_poll(&u->peer_wait, |
630 | 630 | POLLOUT | POLLWRNORM | POLLWRBAND); |
@@ -636,8 +636,8 @@ | ||
636 | 636 | if (msg->msg_name) |
637 | 637 | unix_copy_addr(msg, skb->sk); |
638 | 638 | |
639 | ---- linux-3.10.31.orig/security/Kconfig | |
640 | -+++ linux-3.10.31/security/Kconfig | |
639 | +--- linux-3.10.33.orig/security/Kconfig | |
640 | ++++ linux-3.10.33/security/Kconfig | |
641 | 641 | @@ -167,5 +167,7 @@ config DEFAULT_SECURITY |
642 | 642 | default "yama" if DEFAULT_SECURITY_YAMA |
643 | 643 | default "" if DEFAULT_SECURITY_DAC |
@@ -646,8 +646,8 @@ | ||
646 | 646 | + |
647 | 647 | endmenu |
648 | 648 | |
649 | ---- linux-3.10.31.orig/security/Makefile | |
650 | -+++ linux-3.10.31/security/Makefile | |
649 | +--- linux-3.10.33.orig/security/Makefile | |
650 | ++++ linux-3.10.33/security/Makefile | |
651 | 651 | @@ -28,3 +28,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_c |
652 | 652 | # Object integrity file lists |
653 | 653 | subdir-$(CONFIG_INTEGRITY) += integrity |
@@ -655,8 +655,8 @@ | ||
655 | 655 | + |
656 | 656 | +subdir-$(CONFIG_CCSECURITY) += ccsecurity |
657 | 657 | +obj-$(CONFIG_CCSECURITY) += ccsecurity/built-in.o |
658 | ---- linux-3.10.31.orig/security/security.c | |
659 | -+++ linux-3.10.31/security/security.c | |
658 | +--- linux-3.10.33.orig/security/security.c | |
659 | ++++ linux-3.10.33/security/security.c | |
660 | 660 | @@ -202,7 +202,10 @@ int security_syslog(int type) |
661 | 661 | |
662 | 662 | int security_settime(const struct timespec *ts, const struct timezone *tz) |
@@ -1,6 +1,6 @@ | ||
1 | -This is TOMOYO Linux patch for kernel 3.12.12. | |
1 | +This is TOMOYO Linux patch for kernel 3.12.13. | |
2 | 2 | |
3 | -Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.12.12.tar.xz | |
3 | +Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.12.13.tar.xz | |
4 | 4 | --- |
5 | 5 | fs/exec.c | 2 |
6 | 6 | fs/open.c | 2 |
@@ -29,8 +29,8 @@ | ||
29 | 29 | security/security.c | 107 ++++++++++++++++++++++++++++++++++++++++------ |
30 | 30 | 25 files changed, 236 insertions(+), 37 deletions(-) |
31 | 31 | |
32 | ---- linux-3.12.12.orig/fs/exec.c | |
33 | -+++ linux-3.12.12/fs/exec.c | |
32 | +--- linux-3.12.13.orig/fs/exec.c | |
33 | ++++ linux-3.12.13/fs/exec.c | |
34 | 34 | @@ -1434,7 +1434,7 @@ static int exec_binprm(struct linux_binp |
35 | 35 | old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent)); |
36 | 36 | rcu_read_unlock(); |
@@ -40,8 +40,8 @@ | ||
40 | 40 | if (ret >= 0) { |
41 | 41 | trace_sched_process_exec(current, old_pid, bprm); |
42 | 42 | ptrace_event(PTRACE_EVENT_EXEC, old_vpid); |
43 | ---- linux-3.12.12.orig/fs/open.c | |
44 | -+++ linux-3.12.12/fs/open.c | |
43 | +--- linux-3.12.13.orig/fs/open.c | |
44 | ++++ linux-3.12.13/fs/open.c | |
45 | 45 | @@ -1062,6 +1062,8 @@ EXPORT_SYMBOL(sys_close); |
46 | 46 | */ |
47 | 47 | SYSCALL_DEFINE0(vhangup) |
@@ -51,8 +51,8 @@ | ||
51 | 51 | if (capable(CAP_SYS_TTY_CONFIG)) { |
52 | 52 | tty_vhangup_self(); |
53 | 53 | return 0; |
54 | ---- linux-3.12.12.orig/fs/proc/version.c | |
55 | -+++ linux-3.12.12/fs/proc/version.c | |
54 | +--- linux-3.12.13.orig/fs/proc/version.c | |
55 | ++++ linux-3.12.13/fs/proc/version.c | |
56 | 56 | @@ -32,3 +32,10 @@ static int __init proc_version_init(void |
57 | 57 | return 0; |
58 | 58 | } |
@@ -60,12 +60,12 @@ | ||
60 | 60 | + |
61 | 61 | +static int __init ccs_show_version(void) |
62 | 62 | +{ |
63 | -+ printk(KERN_INFO "Hook version: 3.12.12 2014/02/22\n"); | |
63 | ++ printk(KERN_INFO "Hook version: 3.12.13 2014/03/10\n"); | |
64 | 64 | + return 0; |
65 | 65 | +} |
66 | 66 | +module_init(ccs_show_version); |
67 | ---- linux-3.12.12.orig/include/linux/init_task.h | |
68 | -+++ linux-3.12.12/include/linux/init_task.h | |
67 | +--- linux-3.12.13.orig/include/linux/init_task.h | |
68 | ++++ linux-3.12.13/include/linux/init_task.h | |
69 | 69 | @@ -154,6 +154,14 @@ extern struct task_group root_task_group |
70 | 70 | |
71 | 71 | #define INIT_TASK_COMM "swapper" |
@@ -89,8 +89,8 @@ | ||
89 | 89 | } |
90 | 90 | |
91 | 91 | |
92 | ---- linux-3.12.12.orig/include/linux/sched.h | |
93 | -+++ linux-3.12.12/include/linux/sched.h | |
92 | +--- linux-3.12.13.orig/include/linux/sched.h | |
93 | ++++ linux-3.12.13/include/linux/sched.h | |
94 | 94 | @@ -4,6 +4,8 @@ |
95 | 95 | #include <uapi/linux/sched.h> |
96 | 96 |
@@ -111,8 +111,8 @@ | ||
111 | 111 | }; |
112 | 112 | |
113 | 113 | /* Future-safe accessor for struct task_struct's cpus_allowed. */ |
114 | ---- linux-3.12.12.orig/include/linux/security.h | |
115 | -+++ linux-3.12.12/include/linux/security.h | |
114 | +--- linux-3.12.13.orig/include/linux/security.h | |
115 | ++++ linux-3.12.13/include/linux/security.h | |
116 | 116 | @@ -53,6 +53,7 @@ struct msg_queue; |
117 | 117 | struct xattr; |
118 | 118 | struct xfrm_sec_ctx; |
@@ -314,8 +314,8 @@ | ||
314 | 314 | } |
315 | 315 | #endif /* CONFIG_SECURITY_PATH */ |
316 | 316 | |
317 | ---- linux-3.12.12.orig/include/net/ip.h | |
318 | -+++ linux-3.12.12/include/net/ip.h | |
317 | +--- linux-3.12.13.orig/include/net/ip.h | |
318 | ++++ linux-3.12.13/include/net/ip.h | |
319 | 319 | @@ -215,6 +215,8 @@ extern void inet_get_local_port_range(in |
320 | 320 | extern unsigned long *sysctl_local_reserved_ports; |
321 | 321 | static inline int inet_is_reserved_local_port(int port) |
@@ -325,8 +325,8 @@ | ||
325 | 325 | return test_bit(port, sysctl_local_reserved_ports); |
326 | 326 | } |
327 | 327 | |
328 | ---- linux-3.12.12.orig/kernel/fork.c | |
329 | -+++ linux-3.12.12/kernel/fork.c | |
328 | +--- linux-3.12.13.orig/kernel/fork.c | |
329 | ++++ linux-3.12.13/kernel/fork.c | |
330 | 330 | @@ -242,6 +242,7 @@ void __put_task_struct(struct task_struc |
331 | 331 | delayacct_tsk_free(tsk); |
332 | 332 | put_signal_struct(tsk->signal); |
@@ -353,8 +353,8 @@ | ||
353 | 353 | bad_fork_cleanup_policy: |
354 | 354 | perf_event_free_task(p); |
355 | 355 | #ifdef CONFIG_NUMA |
356 | ---- linux-3.12.12.orig/kernel/kexec.c | |
357 | -+++ linux-3.12.12/kernel/kexec.c | |
356 | +--- linux-3.12.13.orig/kernel/kexec.c | |
357 | ++++ linux-3.12.13/kernel/kexec.c | |
358 | 358 | @@ -37,6 +37,7 @@ |
359 | 359 | #include <asm/uaccess.h> |
360 | 360 | #include <asm/io.h> |
@@ -372,8 +372,8 @@ | ||
372 | 372 | |
373 | 373 | /* |
374 | 374 | * Verify we have a legal set of flags |
375 | ---- linux-3.12.12.orig/kernel/module.c | |
376 | -+++ linux-3.12.12/kernel/module.c | |
375 | +--- linux-3.12.13.orig/kernel/module.c | |
376 | ++++ linux-3.12.13/kernel/module.c | |
377 | 377 | @@ -63,6 +63,7 @@ |
378 | 378 | #include <linux/fips.h> |
379 | 379 | #include <uapi/linux/module.h> |
@@ -400,8 +400,8 @@ | ||
400 | 400 | |
401 | 401 | return 0; |
402 | 402 | } |
403 | ---- linux-3.12.12.orig/kernel/ptrace.c | |
404 | -+++ linux-3.12.12/kernel/ptrace.c | |
403 | +--- linux-3.12.13.orig/kernel/ptrace.c | |
404 | ++++ linux-3.12.13/kernel/ptrace.c | |
405 | 405 | @@ -1038,6 +1038,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l |
406 | 406 | { |
407 | 407 | struct task_struct *child; |
@@ -426,8 +426,8 @@ | ||
426 | 426 | |
427 | 427 | if (request == PTRACE_TRACEME) { |
428 | 428 | ret = ptrace_traceme(); |
429 | ---- linux-3.12.12.orig/kernel/reboot.c | |
430 | -+++ linux-3.12.12/kernel/reboot.c | |
429 | +--- linux-3.12.13.orig/kernel/reboot.c | |
430 | ++++ linux-3.12.13/kernel/reboot.c | |
431 | 431 | @@ -16,6 +16,7 @@ |
432 | 432 | #include <linux/syscalls.h> |
433 | 433 | #include <linux/syscore_ops.h> |
@@ -445,8 +445,8 @@ | ||
445 | 445 | |
446 | 446 | /* |
447 | 447 | * If pid namespaces are enabled and the current task is in a child |
448 | ---- linux-3.12.12.orig/kernel/sched/core.c | |
449 | -+++ linux-3.12.12/kernel/sched/core.c | |
448 | +--- linux-3.12.13.orig/kernel/sched/core.c | |
449 | ++++ linux-3.12.13/kernel/sched/core.c | |
450 | 450 | @@ -3148,6 +3148,8 @@ int can_nice(const struct task_struct *p |
451 | 451 | SYSCALL_DEFINE1(nice, int, increment) |
452 | 452 | { |
@@ -456,8 +456,8 @@ | ||
456 | 456 | |
457 | 457 | /* |
458 | 458 | * Setpriority might change our priority at the same moment. |
459 | ---- linux-3.12.12.orig/kernel/signal.c | |
460 | -+++ linux-3.12.12/kernel/signal.c | |
459 | +--- linux-3.12.13.orig/kernel/signal.c | |
460 | ++++ linux-3.12.13/kernel/signal.c | |
461 | 461 | @@ -2909,6 +2909,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s |
462 | 462 | SYSCALL_DEFINE2(kill, pid_t, pid, int, sig) |
463 | 463 | { |
@@ -503,8 +503,8 @@ | ||
503 | 503 | |
504 | 504 | return do_send_specific(tgid, pid, sig, info); |
505 | 505 | } |
506 | ---- linux-3.12.12.orig/kernel/sys.c | |
507 | -+++ linux-3.12.12/kernel/sys.c | |
506 | +--- linux-3.12.13.orig/kernel/sys.c | |
507 | ++++ linux-3.12.13/kernel/sys.c | |
508 | 508 | @@ -172,6 +172,10 @@ SYSCALL_DEFINE3(setpriority, int, which, |
509 | 509 | |
510 | 510 | if (which > PRIO_USER || which < PRIO_PROCESS) |
@@ -534,8 +534,8 @@ | ||
534 | 534 | |
535 | 535 | down_write(&uts_sem); |
536 | 536 | errno = -EFAULT; |
537 | ---- linux-3.12.12.orig/kernel/time/ntp.c | |
538 | -+++ linux-3.12.12/kernel/time/ntp.c | |
537 | +--- linux-3.12.13.orig/kernel/time/ntp.c | |
538 | ++++ linux-3.12.13/kernel/time/ntp.c | |
539 | 539 | @@ -16,6 +16,7 @@ |
540 | 540 | #include <linux/mm.h> |
541 | 541 | #include <linux/module.h> |
@@ -569,8 +569,8 @@ | ||
569 | 569 | |
570 | 570 | return 0; |
571 | 571 | } |
572 | ---- linux-3.12.12.orig/net/ipv4/raw.c | |
573 | -+++ linux-3.12.12/net/ipv4/raw.c | |
572 | +--- linux-3.12.13.orig/net/ipv4/raw.c | |
573 | ++++ linux-3.12.13/net/ipv4/raw.c | |
574 | 574 | @@ -702,6 +702,10 @@ static int raw_recvmsg(struct kiocb *ioc |
575 | 575 | skb = skb_recv_datagram(sk, flags, noblock, &err); |
576 | 576 | if (!skb) |
@@ -582,8 +582,8 @@ | ||
582 | 582 | |
583 | 583 | copied = skb->len; |
584 | 584 | if (len < copied) { |
585 | ---- linux-3.12.12.orig/net/ipv4/udp.c | |
586 | -+++ linux-3.12.12/net/ipv4/udp.c | |
585 | +--- linux-3.12.13.orig/net/ipv4/udp.c | |
586 | ++++ linux-3.12.13/net/ipv4/udp.c | |
587 | 587 | @@ -1220,6 +1220,10 @@ try_again: |
588 | 588 | &peeked, &off, &err); |
589 | 589 | if (!skb) |
@@ -595,8 +595,8 @@ | ||
595 | 595 | |
596 | 596 | ulen = skb->len - sizeof(struct udphdr); |
597 | 597 | copied = len; |
598 | ---- linux-3.12.12.orig/net/ipv6/raw.c | |
599 | -+++ linux-3.12.12/net/ipv6/raw.c | |
598 | +--- linux-3.12.13.orig/net/ipv6/raw.c | |
599 | ++++ linux-3.12.13/net/ipv6/raw.c | |
600 | 600 | @@ -475,6 +475,10 @@ static int rawv6_recvmsg(struct kiocb *i |
601 | 601 | skb = skb_recv_datagram(sk, flags, noblock, &err); |
602 | 602 | if (!skb) |
@@ -608,8 +608,8 @@ | ||
608 | 608 | |
609 | 609 | copied = skb->len; |
610 | 610 | if (copied > len) { |
611 | ---- linux-3.12.12.orig/net/ipv6/udp.c | |
612 | -+++ linux-3.12.12/net/ipv6/udp.c | |
611 | +--- linux-3.12.13.orig/net/ipv6/udp.c | |
612 | ++++ linux-3.12.13/net/ipv6/udp.c | |
613 | 613 | @@ -385,6 +385,10 @@ try_again: |
614 | 614 | &peeked, &off, &err); |
615 | 615 | if (!skb) |
@@ -621,8 +621,8 @@ | ||
621 | 621 | |
622 | 622 | ulen = skb->len - sizeof(struct udphdr); |
623 | 623 | copied = len; |
624 | ---- linux-3.12.12.orig/net/socket.c | |
625 | -+++ linux-3.12.12/net/socket.c | |
624 | +--- linux-3.12.13.orig/net/socket.c | |
625 | ++++ linux-3.12.13/net/socket.c | |
626 | 626 | @@ -1619,6 +1619,10 @@ SYSCALL_DEFINE4(accept4, int, fd, struct |
627 | 627 | if (err < 0) |
628 | 628 | goto out_fd; |
@@ -634,8 +634,8 @@ | ||
634 | 634 | if (upeer_sockaddr) { |
635 | 635 | if (newsock->ops->getname(newsock, (struct sockaddr *)&address, |
636 | 636 | &len, 2) < 0) { |
637 | ---- linux-3.12.12.orig/net/unix/af_unix.c | |
638 | -+++ linux-3.12.12/net/unix/af_unix.c | |
637 | +--- linux-3.12.13.orig/net/unix/af_unix.c | |
638 | ++++ linux-3.12.13/net/unix/af_unix.c | |
639 | 639 | @@ -1807,6 +1807,10 @@ static int unix_dgram_recvmsg(struct kio |
640 | 640 | wake_up_interruptible_sync_poll(&u->peer_wait, |
641 | 641 | POLLOUT | POLLWRNORM | POLLWRBAND); |
@@ -647,8 +647,8 @@ | ||
647 | 647 | if (msg->msg_name) |
648 | 648 | unix_copy_addr(msg, skb->sk); |
649 | 649 | |
650 | ---- linux-3.12.12.orig/security/Kconfig | |
651 | -+++ linux-3.12.12/security/Kconfig | |
650 | +--- linux-3.12.13.orig/security/Kconfig | |
651 | ++++ linux-3.12.13/security/Kconfig | |
652 | 652 | @@ -167,5 +167,7 @@ config DEFAULT_SECURITY |
653 | 653 | default "yama" if DEFAULT_SECURITY_YAMA |
654 | 654 | default "" if DEFAULT_SECURITY_DAC |
@@ -657,8 +657,8 @@ | ||
657 | 657 | + |
658 | 658 | endmenu |
659 | 659 | |
660 | ---- linux-3.12.12.orig/security/Makefile | |
661 | -+++ linux-3.12.12/security/Makefile | |
660 | +--- linux-3.12.13.orig/security/Makefile | |
661 | ++++ linux-3.12.13/security/Makefile | |
662 | 662 | @@ -28,3 +28,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_c |
663 | 663 | # Object integrity file lists |
664 | 664 | subdir-$(CONFIG_INTEGRITY) += integrity |
@@ -666,8 +666,8 @@ | ||
666 | 666 | + |
667 | 667 | +subdir-$(CONFIG_CCSECURITY) += ccsecurity |
668 | 668 | +obj-$(CONFIG_CCSECURITY) += ccsecurity/built-in.o |
669 | ---- linux-3.12.12.orig/security/security.c | |
670 | -+++ linux-3.12.12/security/security.c | |
669 | +--- linux-3.12.13.orig/security/security.c | |
670 | ++++ linux-3.12.13/security/security.c | |
671 | 671 | @@ -203,7 +203,10 @@ int security_syslog(int type) |
672 | 672 | |
673 | 673 | int security_settime(const struct timespec *ts, const struct timezone *tz) |
@@ -1,6 +1,6 @@ | ||
1 | -This is TOMOYO Linux patch for kernel 3.14-rc3. | |
1 | +This is TOMOYO Linux patch for kernel 3.14-rc6. | |
2 | 2 | |
3 | -Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/testing/linux-3.14-rc3.tar.xz | |
3 | +Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/testing/linux-3.14-rc6.tar.xz | |
4 | 4 | --- |
5 | 5 | fs/exec.c | 2 |
6 | 6 | fs/open.c | 2 |
@@ -29,8 +29,8 @@ | ||
29 | 29 | security/security.c | 107 ++++++++++++++++++++++++++++++++++++++++------ |
30 | 30 | 25 files changed, 236 insertions(+), 37 deletions(-) |
31 | 31 | |
32 | ---- linux-3.14-rc3.orig/fs/exec.c | |
33 | -+++ linux-3.14-rc3/fs/exec.c | |
32 | +--- linux-3.14-rc6.orig/fs/exec.c | |
33 | ++++ linux-3.14-rc6/fs/exec.c | |
34 | 34 | @@ -1423,7 +1423,7 @@ static int exec_binprm(struct linux_binp |
35 | 35 | old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent)); |
36 | 36 | rcu_read_unlock(); |
@@ -40,8 +40,8 @@ | ||
40 | 40 | if (ret >= 0) { |
41 | 41 | audit_bprm(bprm); |
42 | 42 | trace_sched_process_exec(current, old_pid, bprm); |
43 | ---- linux-3.14-rc3.orig/fs/open.c | |
44 | -+++ linux-3.14-rc3/fs/open.c | |
43 | +--- linux-3.14-rc6.orig/fs/open.c | |
44 | ++++ linux-3.14-rc6/fs/open.c | |
45 | 45 | @@ -1078,6 +1078,8 @@ EXPORT_SYMBOL(sys_close); |
46 | 46 | */ |
47 | 47 | SYSCALL_DEFINE0(vhangup) |
@@ -51,8 +51,8 @@ | ||
51 | 51 | if (capable(CAP_SYS_TTY_CONFIG)) { |
52 | 52 | tty_vhangup_self(); |
53 | 53 | return 0; |
54 | ---- linux-3.14-rc3.orig/fs/proc/version.c | |
55 | -+++ linux-3.14-rc3/fs/proc/version.c | |
54 | +--- linux-3.14-rc6.orig/fs/proc/version.c | |
55 | ++++ linux-3.14-rc6/fs/proc/version.c | |
56 | 56 | @@ -32,3 +32,10 @@ static int __init proc_version_init(void |
57 | 57 | return 0; |
58 | 58 | } |
@@ -60,12 +60,12 @@ | ||
60 | 60 | + |
61 | 61 | +static int __init ccs_show_version(void) |
62 | 62 | +{ |
63 | -+ printk(KERN_INFO "Hook version: 3.14-rc3 2014/02/22\n"); | |
63 | ++ printk(KERN_INFO "Hook version: 3.14-rc6 2014/03/10\n"); | |
64 | 64 | + return 0; |
65 | 65 | +} |
66 | 66 | +fs_initcall(ccs_show_version); |
67 | ---- linux-3.14-rc3.orig/include/linux/init_task.h | |
68 | -+++ linux-3.14-rc3/include/linux/init_task.h | |
67 | +--- linux-3.14-rc6.orig/include/linux/init_task.h | |
68 | ++++ linux-3.14-rc6/include/linux/init_task.h | |
69 | 69 | @@ -164,6 +164,14 @@ extern struct task_group root_task_group |
70 | 70 | # define INIT_RT_MUTEXES(tsk) |
71 | 71 | #endif |
@@ -89,8 +89,8 @@ | ||
89 | 89 | } |
90 | 90 | |
91 | 91 | |
92 | ---- linux-3.14-rc3.orig/include/linux/sched.h | |
93 | -+++ linux-3.14-rc3/include/linux/sched.h | |
92 | +--- linux-3.14-rc6.orig/include/linux/sched.h | |
93 | ++++ linux-3.14-rc6/include/linux/sched.h | |
94 | 94 | @@ -4,6 +4,8 @@ |
95 | 95 | #include <uapi/linux/sched.h> |
96 | 96 |
@@ -111,8 +111,8 @@ | ||
111 | 111 | }; |
112 | 112 | |
113 | 113 | /* Future-safe accessor for struct task_struct's cpus_allowed. */ |
114 | ---- linux-3.14-rc3.orig/include/linux/security.h | |
115 | -+++ linux-3.14-rc3/include/linux/security.h | |
114 | +--- linux-3.14-rc6.orig/include/linux/security.h | |
115 | ++++ linux-3.14-rc6/include/linux/security.h | |
116 | 116 | @@ -53,6 +53,7 @@ struct msg_queue; |
117 | 117 | struct xattr; |
118 | 118 | struct xfrm_sec_ctx; |
@@ -314,8 +314,8 @@ | ||
314 | 314 | } |
315 | 315 | #endif /* CONFIG_SECURITY_PATH */ |
316 | 316 | |
317 | ---- linux-3.14-rc3.orig/include/net/ip.h | |
318 | -+++ linux-3.14-rc3/include/net/ip.h | |
317 | +--- linux-3.14-rc6.orig/include/net/ip.h | |
318 | ++++ linux-3.14-rc6/include/net/ip.h | |
319 | 319 | @@ -217,6 +217,8 @@ void inet_get_local_port_range(struct ne |
320 | 320 | extern unsigned long *sysctl_local_reserved_ports; |
321 | 321 | static inline int inet_is_reserved_local_port(int port) |
@@ -325,8 +325,8 @@ | ||
325 | 325 | return test_bit(port, sysctl_local_reserved_ports); |
326 | 326 | } |
327 | 327 | |
328 | ---- linux-3.14-rc3.orig/kernel/fork.c | |
329 | -+++ linux-3.14-rc3/kernel/fork.c | |
328 | +--- linux-3.14-rc6.orig/kernel/fork.c | |
329 | ++++ linux-3.14-rc6/kernel/fork.c | |
330 | 330 | @@ -242,6 +242,7 @@ void __put_task_struct(struct task_struc |
331 | 331 | delayacct_tsk_free(tsk); |
332 | 332 | put_signal_struct(tsk->signal); |
@@ -353,8 +353,8 @@ | ||
353 | 353 | bad_fork_cleanup_policy: |
354 | 354 | perf_event_free_task(p); |
355 | 355 | #ifdef CONFIG_NUMA |
356 | ---- linux-3.14-rc3.orig/kernel/kexec.c | |
357 | -+++ linux-3.14-rc3/kernel/kexec.c | |
356 | +--- linux-3.14-rc6.orig/kernel/kexec.c | |
357 | ++++ linux-3.14-rc6/kernel/kexec.c | |
358 | 358 | @@ -37,6 +37,7 @@ |
359 | 359 | #include <asm/uaccess.h> |
360 | 360 | #include <asm/io.h> |
@@ -372,8 +372,8 @@ | ||
372 | 372 | |
373 | 373 | /* |
374 | 374 | * Verify we have a legal set of flags |
375 | ---- linux-3.14-rc3.orig/kernel/module.c | |
376 | -+++ linux-3.14-rc3/kernel/module.c | |
375 | +--- linux-3.14-rc6.orig/kernel/module.c | |
376 | ++++ linux-3.14-rc6/kernel/module.c | |
377 | 377 | @@ -63,6 +63,7 @@ |
378 | 378 | #include <linux/fips.h> |
379 | 379 | #include <uapi/linux/module.h> |
@@ -400,8 +400,8 @@ | ||
400 | 400 | |
401 | 401 | return 0; |
402 | 402 | } |
403 | ---- linux-3.14-rc3.orig/kernel/ptrace.c | |
404 | -+++ linux-3.14-rc3/kernel/ptrace.c | |
403 | +--- linux-3.14-rc6.orig/kernel/ptrace.c | |
404 | ++++ linux-3.14-rc6/kernel/ptrace.c | |
405 | 405 | @@ -1038,6 +1038,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l |
406 | 406 | { |
407 | 407 | struct task_struct *child; |
@@ -426,8 +426,8 @@ | ||
426 | 426 | |
427 | 427 | if (request == PTRACE_TRACEME) { |
428 | 428 | ret = ptrace_traceme(); |
429 | ---- linux-3.14-rc3.orig/kernel/reboot.c | |
430 | -+++ linux-3.14-rc3/kernel/reboot.c | |
429 | +--- linux-3.14-rc6.orig/kernel/reboot.c | |
430 | ++++ linux-3.14-rc6/kernel/reboot.c | |
431 | 431 | @@ -16,6 +16,7 @@ |
432 | 432 | #include <linux/syscalls.h> |
433 | 433 | #include <linux/syscore_ops.h> |
@@ -445,8 +445,8 @@ | ||
445 | 445 | |
446 | 446 | /* |
447 | 447 | * If pid namespaces are enabled and the current task is in a child |
448 | ---- linux-3.14-rc3.orig/kernel/sched/core.c | |
449 | -+++ linux-3.14-rc3/kernel/sched/core.c | |
448 | +--- linux-3.14-rc6.orig/kernel/sched/core.c | |
449 | ++++ linux-3.14-rc6/kernel/sched/core.c | |
450 | 450 | @@ -3065,6 +3065,8 @@ int can_nice(const struct task_struct *p |
451 | 451 | SYSCALL_DEFINE1(nice, int, increment) |
452 | 452 | { |
@@ -456,8 +456,8 @@ | ||
456 | 456 | |
457 | 457 | /* |
458 | 458 | * Setpriority might change our priority at the same moment. |
459 | ---- linux-3.14-rc3.orig/kernel/signal.c | |
460 | -+++ linux-3.14-rc3/kernel/signal.c | |
459 | +--- linux-3.14-rc6.orig/kernel/signal.c | |
460 | ++++ linux-3.14-rc6/kernel/signal.c | |
461 | 461 | @@ -2909,6 +2909,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s |
462 | 462 | SYSCALL_DEFINE2(kill, pid_t, pid, int, sig) |
463 | 463 | { |
@@ -503,8 +503,8 @@ | ||
503 | 503 | |
504 | 504 | return do_send_specific(tgid, pid, sig, info); |
505 | 505 | } |
506 | ---- linux-3.14-rc3.orig/kernel/sys.c | |
507 | -+++ linux-3.14-rc3/kernel/sys.c | |
506 | +--- linux-3.14-rc6.orig/kernel/sys.c | |
507 | ++++ linux-3.14-rc6/kernel/sys.c | |
508 | 508 | @@ -171,6 +171,10 @@ SYSCALL_DEFINE3(setpriority, int, which, |
509 | 509 | |
510 | 510 | if (which > PRIO_USER || which < PRIO_PROCESS) |
@@ -534,8 +534,8 @@ | ||
534 | 534 | |
535 | 535 | down_write(&uts_sem); |
536 | 536 | errno = -EFAULT; |
537 | ---- linux-3.14-rc3.orig/kernel/time/ntp.c | |
538 | -+++ linux-3.14-rc3/kernel/time/ntp.c | |
537 | +--- linux-3.14-rc6.orig/kernel/time/ntp.c | |
538 | ++++ linux-3.14-rc6/kernel/time/ntp.c | |
539 | 539 | @@ -16,6 +16,7 @@ |
540 | 540 | #include <linux/mm.h> |
541 | 541 | #include <linux/module.h> |
@@ -569,8 +569,8 @@ | ||
569 | 569 | |
570 | 570 | return 0; |
571 | 571 | } |
572 | ---- linux-3.14-rc3.orig/net/ipv4/raw.c | |
573 | -+++ linux-3.14-rc3/net/ipv4/raw.c | |
572 | +--- linux-3.14-rc6.orig/net/ipv4/raw.c | |
573 | ++++ linux-3.14-rc6/net/ipv4/raw.c | |
574 | 574 | @@ -704,6 +704,10 @@ static int raw_recvmsg(struct kiocb *ioc |
575 | 575 | skb = skb_recv_datagram(sk, flags, noblock, &err); |
576 | 576 | if (!skb) |
@@ -582,8 +582,8 @@ | ||
582 | 582 | |
583 | 583 | copied = skb->len; |
584 | 584 | if (len < copied) { |
585 | ---- linux-3.14-rc3.orig/net/ipv4/udp.c | |
586 | -+++ linux-3.14-rc3/net/ipv4/udp.c | |
585 | +--- linux-3.14-rc6.orig/net/ipv4/udp.c | |
586 | ++++ linux-3.14-rc6/net/ipv4/udp.c | |
587 | 587 | @@ -1242,6 +1242,10 @@ try_again: |
588 | 588 | &peeked, &off, &err); |
589 | 589 | if (!skb) |
@@ -595,8 +595,8 @@ | ||
595 | 595 | |
596 | 596 | ulen = skb->len - sizeof(struct udphdr); |
597 | 597 | copied = len; |
598 | ---- linux-3.14-rc3.orig/net/ipv6/raw.c | |
599 | -+++ linux-3.14-rc3/net/ipv6/raw.c | |
598 | +--- linux-3.14-rc6.orig/net/ipv6/raw.c | |
599 | ++++ linux-3.14-rc6/net/ipv6/raw.c | |
600 | 600 | @@ -478,6 +478,10 @@ static int rawv6_recvmsg(struct kiocb *i |
601 | 601 | skb = skb_recv_datagram(sk, flags, noblock, &err); |
602 | 602 | if (!skb) |
@@ -608,8 +608,8 @@ | ||
608 | 608 | |
609 | 609 | copied = skb->len; |
610 | 610 | if (copied > len) { |
611 | ---- linux-3.14-rc3.orig/net/ipv6/udp.c | |
612 | -+++ linux-3.14-rc3/net/ipv6/udp.c | |
611 | +--- linux-3.14-rc6.orig/net/ipv6/udp.c | |
612 | ++++ linux-3.14-rc6/net/ipv6/udp.c | |
613 | 613 | @@ -403,6 +403,10 @@ try_again: |
614 | 614 | &peeked, &off, &err); |
615 | 615 | if (!skb) |
@@ -621,8 +621,8 @@ | ||
621 | 621 | |
622 | 622 | ulen = skb->len - sizeof(struct udphdr); |
623 | 623 | copied = len; |
624 | ---- linux-3.14-rc3.orig/net/socket.c | |
625 | -+++ linux-3.14-rc3/net/socket.c | |
624 | +--- linux-3.14-rc6.orig/net/socket.c | |
625 | ++++ linux-3.14-rc6/net/socket.c | |
626 | 626 | @@ -1632,6 +1632,10 @@ SYSCALL_DEFINE4(accept4, int, fd, struct |
627 | 627 | if (err < 0) |
628 | 628 | goto out_fd; |
@@ -634,8 +634,8 @@ | ||
634 | 634 | if (upeer_sockaddr) { |
635 | 635 | if (newsock->ops->getname(newsock, (struct sockaddr *)&address, |
636 | 636 | &len, 2) < 0) { |
637 | ---- linux-3.14-rc3.orig/net/unix/af_unix.c | |
638 | -+++ linux-3.14-rc3/net/unix/af_unix.c | |
637 | +--- linux-3.14-rc6.orig/net/unix/af_unix.c | |
638 | ++++ linux-3.14-rc6/net/unix/af_unix.c | |
639 | 639 | @@ -1809,6 +1809,10 @@ static int unix_dgram_recvmsg(struct kio |
640 | 640 | wake_up_interruptible_sync_poll(&u->peer_wait, |
641 | 641 | POLLOUT | POLLWRNORM | POLLWRBAND); |
@@ -647,8 +647,8 @@ | ||
647 | 647 | if (msg->msg_name) |
648 | 648 | unix_copy_addr(msg, skb->sk); |
649 | 649 | |
650 | ---- linux-3.14-rc3.orig/security/Kconfig | |
651 | -+++ linux-3.14-rc3/security/Kconfig | |
650 | +--- linux-3.14-rc6.orig/security/Kconfig | |
651 | ++++ linux-3.14-rc6/security/Kconfig | |
652 | 652 | @@ -167,5 +167,7 @@ config DEFAULT_SECURITY |
653 | 653 | default "yama" if DEFAULT_SECURITY_YAMA |
654 | 654 | default "" if DEFAULT_SECURITY_DAC |
@@ -657,8 +657,8 @@ | ||
657 | 657 | + |
658 | 658 | endmenu |
659 | 659 | |
660 | ---- linux-3.14-rc3.orig/security/Makefile | |
661 | -+++ linux-3.14-rc3/security/Makefile | |
660 | +--- linux-3.14-rc6.orig/security/Makefile | |
661 | ++++ linux-3.14-rc6/security/Makefile | |
662 | 662 | @@ -27,3 +27,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_c |
663 | 663 | # Object integrity file lists |
664 | 664 | subdir-$(CONFIG_INTEGRITY) += integrity |
@@ -666,8 +666,8 @@ | ||
666 | 666 | + |
667 | 667 | +subdir-$(CONFIG_CCSECURITY) += ccsecurity |
668 | 668 | +obj-$(CONFIG_CCSECURITY) += ccsecurity/built-in.o |
669 | ---- linux-3.14-rc3.orig/security/security.c | |
670 | -+++ linux-3.14-rc3/security/security.c | |
669 | +--- linux-3.14-rc6.orig/security/security.c | |
670 | ++++ linux-3.14-rc6/security/security.c | |
671 | 671 | @@ -203,7 +203,10 @@ int security_syslog(int type) |
672 | 672 | |
673 | 673 | int security_settime(const struct timespec *ts, const struct timezone *tz) |
@@ -1,6 +1,6 @@ | ||
1 | -This is TOMOYO Linux patch for kernel 3.4.81. | |
1 | +This is TOMOYO Linux patch for kernel 3.4.82. | |
2 | 2 | |
3 | -Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.4.81.tar.xz | |
3 | +Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.4.82.tar.xz | |
4 | 4 | --- |
5 | 5 | fs/exec.c | 2 |
6 | 6 | fs/open.c | 2 |
@@ -28,8 +28,8 @@ | ||
28 | 28 | security/security.c | 134 +++++++++++++++++++++++++++++++++++++--------- |
29 | 29 | 24 files changed, 250 insertions(+), 49 deletions(-) |
30 | 30 | |
31 | ---- linux-3.4.81.orig/fs/exec.c | |
32 | -+++ linux-3.4.81/fs/exec.c | |
31 | +--- linux-3.4.82.orig/fs/exec.c | |
32 | ++++ linux-3.4.82/fs/exec.c | |
33 | 33 | @@ -1562,7 +1562,7 @@ static int do_execve_common(const char * |
34 | 34 | if (retval < 0) |
35 | 35 | goto out; |
@@ -39,8 +39,8 @@ | ||
39 | 39 | if (retval < 0) |
40 | 40 | goto out; |
41 | 41 | |
42 | ---- linux-3.4.81.orig/fs/open.c | |
43 | -+++ linux-3.4.81/fs/open.c | |
42 | +--- linux-3.4.82.orig/fs/open.c | |
43 | ++++ linux-3.4.82/fs/open.c | |
44 | 44 | @@ -1107,6 +1107,8 @@ EXPORT_SYMBOL(sys_close); |
45 | 45 | */ |
46 | 46 | SYSCALL_DEFINE0(vhangup) |
@@ -50,8 +50,8 @@ | ||
50 | 50 | if (capable(CAP_SYS_TTY_CONFIG)) { |
51 | 51 | tty_vhangup_self(); |
52 | 52 | return 0; |
53 | ---- linux-3.4.81.orig/fs/proc/version.c | |
54 | -+++ linux-3.4.81/fs/proc/version.c | |
53 | +--- linux-3.4.82.orig/fs/proc/version.c | |
54 | ++++ linux-3.4.82/fs/proc/version.c | |
55 | 55 | @@ -32,3 +32,10 @@ static int __init proc_version_init(void |
56 | 56 | return 0; |
57 | 57 | } |
@@ -59,12 +59,12 @@ | ||
59 | 59 | + |
60 | 60 | +static int __init ccs_show_version(void) |
61 | 61 | +{ |
62 | -+ printk(KERN_INFO "Hook version: 3.4.81 2014/02/22\n"); | |
62 | ++ printk(KERN_INFO "Hook version: 3.4.82 2014/03/10\n"); | |
63 | 63 | + return 0; |
64 | 64 | +} |
65 | 65 | +module_init(ccs_show_version); |
66 | ---- linux-3.4.81.orig/include/linux/init_task.h | |
67 | -+++ linux-3.4.81/include/linux/init_task.h | |
66 | +--- linux-3.4.82.orig/include/linux/init_task.h | |
67 | ++++ linux-3.4.82/include/linux/init_task.h | |
68 | 68 | @@ -143,6 +143,14 @@ extern struct task_group root_task_group |
69 | 69 | |
70 | 70 | #define INIT_TASK_COMM "swapper" |
@@ -88,8 +88,8 @@ | ||
88 | 88 | } |
89 | 89 | |
90 | 90 | |
91 | ---- linux-3.4.81.orig/include/linux/sched.h | |
92 | -+++ linux-3.4.81/include/linux/sched.h | |
91 | +--- linux-3.4.82.orig/include/linux/sched.h | |
92 | ++++ linux-3.4.82/include/linux/sched.h | |
93 | 93 | @@ -44,6 +44,8 @@ |
94 | 94 | |
95 | 95 | #ifdef __KERNEL__ |
@@ -110,8 +110,8 @@ | ||
110 | 110 | }; |
111 | 111 | |
112 | 112 | /* Future-safe accessor for struct task_struct's cpus_allowed. */ |
113 | ---- linux-3.4.81.orig/include/linux/security.h | |
114 | -+++ linux-3.4.81/include/linux/security.h | |
113 | +--- linux-3.4.82.orig/include/linux/security.h | |
114 | ++++ linux-3.4.82/include/linux/security.h | |
115 | 115 | @@ -52,6 +52,7 @@ struct msg_queue; |
116 | 116 | struct xattr; |
117 | 117 | struct xfrm_sec_ctx; |
@@ -313,8 +313,8 @@ | ||
313 | 313 | } |
314 | 314 | #endif /* CONFIG_SECURITY_PATH */ |
315 | 315 | |
316 | ---- linux-3.4.81.orig/include/net/ip.h | |
317 | -+++ linux-3.4.81/include/net/ip.h | |
316 | +--- linux-3.4.82.orig/include/net/ip.h | |
317 | ++++ linux-3.4.82/include/net/ip.h | |
318 | 318 | @@ -217,6 +217,8 @@ extern void inet_get_local_port_range(in |
319 | 319 | extern unsigned long *sysctl_local_reserved_ports; |
320 | 320 | static inline int inet_is_reserved_local_port(int port) |
@@ -324,8 +324,8 @@ | ||
324 | 324 | return test_bit(port, sysctl_local_reserved_ports); |
325 | 325 | } |
326 | 326 | |
327 | ---- linux-3.4.81.orig/kernel/fork.c | |
328 | -+++ linux-3.4.81/kernel/fork.c | |
327 | +--- linux-3.4.82.orig/kernel/fork.c | |
328 | ++++ linux-3.4.82/kernel/fork.c | |
329 | 329 | @@ -199,6 +199,7 @@ void __put_task_struct(struct task_struc |
330 | 330 | delayacct_tsk_free(tsk); |
331 | 331 | put_signal_struct(tsk->signal); |
@@ -352,8 +352,8 @@ | ||
352 | 352 | bad_fork_cleanup_policy: |
353 | 353 | perf_event_free_task(p); |
354 | 354 | #ifdef CONFIG_NUMA |
355 | ---- linux-3.4.81.orig/kernel/kexec.c | |
356 | -+++ linux-3.4.81/kernel/kexec.c | |
355 | +--- linux-3.4.82.orig/kernel/kexec.c | |
356 | ++++ linux-3.4.82/kernel/kexec.c | |
357 | 357 | @@ -38,6 +38,7 @@ |
358 | 358 | #include <asm/uaccess.h> |
359 | 359 | #include <asm/io.h> |
@@ -371,8 +371,8 @@ | ||
371 | 371 | |
372 | 372 | /* |
373 | 373 | * Verify we have a legal set of flags |
374 | ---- linux-3.4.81.orig/kernel/module.c | |
375 | -+++ linux-3.4.81/kernel/module.c | |
374 | +--- linux-3.4.82.orig/kernel/module.c | |
375 | ++++ linux-3.4.82/kernel/module.c | |
376 | 376 | @@ -58,6 +58,7 @@ |
377 | 377 | #include <linux/jump_label.h> |
378 | 378 | #include <linux/pfn.h> |
@@ -399,8 +399,8 @@ | ||
399 | 399 | |
400 | 400 | /* Do all the hard work */ |
401 | 401 | mod = load_module(umod, len, uargs); |
402 | ---- linux-3.4.81.orig/kernel/ptrace.c | |
403 | -+++ linux-3.4.81/kernel/ptrace.c | |
402 | +--- linux-3.4.82.orig/kernel/ptrace.c | |
403 | ++++ linux-3.4.82/kernel/ptrace.c | |
404 | 404 | @@ -900,6 +900,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l |
405 | 405 | { |
406 | 406 | struct task_struct *child; |
@@ -425,8 +425,8 @@ | ||
425 | 425 | |
426 | 426 | if (request == PTRACE_TRACEME) { |
427 | 427 | ret = ptrace_traceme(); |
428 | ---- linux-3.4.81.orig/kernel/sched/core.c | |
429 | -+++ linux-3.4.81/kernel/sched/core.c | |
428 | +--- linux-3.4.82.orig/kernel/sched/core.c | |
429 | ++++ linux-3.4.82/kernel/sched/core.c | |
430 | 430 | @@ -4121,6 +4121,8 @@ int can_nice(const struct task_struct *p |
431 | 431 | SYSCALL_DEFINE1(nice, int, increment) |
432 | 432 | { |
@@ -436,8 +436,8 @@ | ||
436 | 436 | |
437 | 437 | /* |
438 | 438 | * Setpriority might change our priority at the same moment. |
439 | ---- linux-3.4.81.orig/kernel/signal.c | |
440 | -+++ linux-3.4.81/kernel/signal.c | |
439 | +--- linux-3.4.82.orig/kernel/signal.c | |
440 | ++++ linux-3.4.82/kernel/signal.c | |
441 | 441 | @@ -2825,6 +2825,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s |
442 | 442 | SYSCALL_DEFINE2(kill, pid_t, pid, int, sig) |
443 | 443 | { |
@@ -483,8 +483,8 @@ | ||
483 | 483 | |
484 | 484 | return do_send_specific(tgid, pid, sig, info); |
485 | 485 | } |
486 | ---- linux-3.4.81.orig/kernel/sys.c | |
487 | -+++ linux-3.4.81/kernel/sys.c | |
486 | +--- linux-3.4.82.orig/kernel/sys.c | |
487 | ++++ linux-3.4.82/kernel/sys.c | |
488 | 488 | @@ -180,6 +180,10 @@ SYSCALL_DEFINE3(setpriority, int, which, |
489 | 489 | |
490 | 490 | if (which > PRIO_USER || which < PRIO_PROCESS) |
@@ -523,8 +523,8 @@ | ||
523 | 523 | |
524 | 524 | down_write(&uts_sem); |
525 | 525 | errno = -EFAULT; |
526 | ---- linux-3.4.81.orig/kernel/time/ntp.c | |
527 | -+++ linux-3.4.81/kernel/time/ntp.c | |
526 | +--- linux-3.4.82.orig/kernel/time/ntp.c | |
527 | ++++ linux-3.4.82/kernel/time/ntp.c | |
528 | 528 | @@ -15,6 +15,7 @@ |
529 | 529 | #include <linux/time.h> |
530 | 530 | #include <linux/mm.h> |
@@ -558,8 +558,8 @@ | ||
558 | 558 | if (!(txc->modes & ADJ_NANO)) |
559 | 559 | delta.tv_nsec *= 1000; |
560 | 560 | result = timekeeping_inject_offset(&delta); |
561 | ---- linux-3.4.81.orig/net/ipv4/raw.c | |
562 | -+++ linux-3.4.81/net/ipv4/raw.c | |
561 | +--- linux-3.4.82.orig/net/ipv4/raw.c | |
562 | ++++ linux-3.4.82/net/ipv4/raw.c | |
563 | 563 | @@ -696,6 +696,10 @@ static int raw_recvmsg(struct kiocb *ioc |
564 | 564 | skb = skb_recv_datagram(sk, flags, noblock, &err); |
565 | 565 | if (!skb) |
@@ -571,8 +571,8 @@ | ||
571 | 571 | |
572 | 572 | copied = skb->len; |
573 | 573 | if (len < copied) { |
574 | ---- linux-3.4.81.orig/net/ipv4/udp.c | |
575 | -+++ linux-3.4.81/net/ipv4/udp.c | |
574 | +--- linux-3.4.82.orig/net/ipv4/udp.c | |
575 | ++++ linux-3.4.82/net/ipv4/udp.c | |
576 | 576 | @@ -1185,6 +1185,10 @@ try_again: |
577 | 577 | &peeked, &off, &err); |
578 | 578 | if (!skb) |
@@ -584,8 +584,8 @@ | ||
584 | 584 | |
585 | 585 | ulen = skb->len - sizeof(struct udphdr); |
586 | 586 | copied = len; |
587 | ---- linux-3.4.81.orig/net/ipv6/raw.c | |
588 | -+++ linux-3.4.81/net/ipv6/raw.c | |
587 | +--- linux-3.4.82.orig/net/ipv6/raw.c | |
588 | ++++ linux-3.4.82/net/ipv6/raw.c | |
589 | 589 | @@ -466,6 +466,10 @@ static int rawv6_recvmsg(struct kiocb *i |
590 | 590 | skb = skb_recv_datagram(sk, flags, noblock, &err); |
591 | 591 | if (!skb) |
@@ -597,8 +597,8 @@ | ||
597 | 597 | |
598 | 598 | copied = skb->len; |
599 | 599 | if (copied > len) { |
600 | ---- linux-3.4.81.orig/net/ipv6/udp.c | |
601 | -+++ linux-3.4.81/net/ipv6/udp.c | |
600 | +--- linux-3.4.82.orig/net/ipv6/udp.c | |
601 | ++++ linux-3.4.82/net/ipv6/udp.c | |
602 | 602 | @@ -359,6 +359,10 @@ try_again: |
603 | 603 | &peeked, &off, &err); |
604 | 604 | if (!skb) |
@@ -610,8 +610,8 @@ | ||
610 | 610 | |
611 | 611 | ulen = skb->len - sizeof(struct udphdr); |
612 | 612 | copied = len; |
613 | ---- linux-3.4.81.orig/net/socket.c | |
614 | -+++ linux-3.4.81/net/socket.c | |
613 | +--- linux-3.4.82.orig/net/socket.c | |
614 | ++++ linux-3.4.82/net/socket.c | |
615 | 615 | @@ -1554,6 +1554,10 @@ SYSCALL_DEFINE4(accept4, int, fd, struct |
616 | 616 | if (err < 0) |
617 | 617 | goto out_fd; |
@@ -623,8 +623,8 @@ | ||
623 | 623 | if (upeer_sockaddr) { |
624 | 624 | if (newsock->ops->getname(newsock, (struct sockaddr *)&address, |
625 | 625 | &len, 2) < 0) { |
626 | ---- linux-3.4.81.orig/net/unix/af_unix.c | |
627 | -+++ linux-3.4.81/net/unix/af_unix.c | |
626 | +--- linux-3.4.82.orig/net/unix/af_unix.c | |
627 | ++++ linux-3.4.82/net/unix/af_unix.c | |
628 | 628 | @@ -1808,6 +1808,10 @@ static int unix_dgram_recvmsg(struct kio |
629 | 629 | wake_up_interruptible_sync_poll(&u->peer_wait, |
630 | 630 | POLLOUT | POLLWRNORM | POLLWRBAND); |
@@ -636,8 +636,8 @@ | ||
636 | 636 | if (msg->msg_name) |
637 | 637 | unix_copy_addr(msg, skb->sk); |
638 | 638 | |
639 | ---- linux-3.4.81.orig/security/Kconfig | |
640 | -+++ linux-3.4.81/security/Kconfig | |
639 | +--- linux-3.4.82.orig/security/Kconfig | |
640 | ++++ linux-3.4.82/security/Kconfig | |
641 | 641 | @@ -233,5 +233,7 @@ config DEFAULT_SECURITY |
642 | 642 | default "yama" if DEFAULT_SECURITY_YAMA |
643 | 643 | default "" if DEFAULT_SECURITY_DAC |
@@ -646,8 +646,8 @@ | ||
646 | 646 | + |
647 | 647 | endmenu |
648 | 648 | |
649 | ---- linux-3.4.81.orig/security/Makefile | |
650 | -+++ linux-3.4.81/security/Makefile | |
649 | +--- linux-3.4.82.orig/security/Makefile | |
650 | ++++ linux-3.4.82/security/Makefile | |
651 | 651 | @@ -28,3 +28,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_c |
652 | 652 | # Object integrity file lists |
653 | 653 | subdir-$(CONFIG_INTEGRITY) += integrity |
@@ -655,8 +655,8 @@ | ||
655 | 655 | + |
656 | 656 | +subdir-$(CONFIG_CCSECURITY) += ccsecurity |
657 | 657 | +obj-$(CONFIG_CCSECURITY) += ccsecurity/built-in.o |
658 | ---- linux-3.4.81.orig/security/security.c | |
659 | -+++ linux-3.4.81/security/security.c | |
658 | +--- linux-3.4.82.orig/security/security.c | |
659 | ++++ linux-3.4.82/security/security.c | |
660 | 660 | @@ -186,7 +186,10 @@ int security_syslog(int type) |
661 | 661 | |
662 | 662 | int security_settime(const struct timespec *ts, const struct timezone *tz) |
@@ -1,6 +1,6 @@ | ||
1 | -This is TOMOYO Linux patch for kernel 3.13.4. | |
1 | +This is TOMOYO Linux patch for kernel 3.13.6. | |
2 | 2 | |
3 | -Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.13.4.tar.xz | |
3 | +Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.13.6.tar.xz | |
4 | 4 | --- |
5 | 5 | fs/exec.c | 2 |
6 | 6 | fs/open.c | 2 |
@@ -29,8 +29,8 @@ | ||
29 | 29 | security/security.c | 107 ++++++++++++++++++++++++++++++++++++++++------ |
30 | 30 | 25 files changed, 236 insertions(+), 37 deletions(-) |
31 | 31 | |
32 | ---- linux-3.13.4.orig/fs/exec.c | |
33 | -+++ linux-3.13.4/fs/exec.c | |
32 | +--- linux-3.13.6.orig/fs/exec.c | |
33 | ++++ linux-3.13.6/fs/exec.c | |
34 | 34 | @@ -1425,7 +1425,7 @@ static int exec_binprm(struct linux_binp |
35 | 35 | old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent)); |
36 | 36 | rcu_read_unlock(); |
@@ -40,8 +40,8 @@ | ||
40 | 40 | if (ret >= 0) { |
41 | 41 | audit_bprm(bprm); |
42 | 42 | trace_sched_process_exec(current, old_pid, bprm); |
43 | ---- linux-3.13.4.orig/fs/open.c | |
44 | -+++ linux-3.13.4/fs/open.c | |
43 | +--- linux-3.13.6.orig/fs/open.c | |
44 | ++++ linux-3.13.6/fs/open.c | |
45 | 45 | @@ -1078,6 +1078,8 @@ EXPORT_SYMBOL(sys_close); |
46 | 46 | */ |
47 | 47 | SYSCALL_DEFINE0(vhangup) |
@@ -51,8 +51,8 @@ | ||
51 | 51 | if (capable(CAP_SYS_TTY_CONFIG)) { |
52 | 52 | tty_vhangup_self(); |
53 | 53 | return 0; |
54 | ---- linux-3.13.4.orig/fs/proc/version.c | |
55 | -+++ linux-3.13.4/fs/proc/version.c | |
54 | +--- linux-3.13.6.orig/fs/proc/version.c | |
55 | ++++ linux-3.13.6/fs/proc/version.c | |
56 | 56 | @@ -32,3 +32,10 @@ static int __init proc_version_init(void |
57 | 57 | return 0; |
58 | 58 | } |
@@ -60,12 +60,12 @@ | ||
60 | 60 | + |
61 | 61 | +static int __init ccs_show_version(void) |
62 | 62 | +{ |
63 | -+ printk(KERN_INFO "Hook version: 3.13.4 2014/02/22\n"); | |
63 | ++ printk(KERN_INFO "Hook version: 3.13.6 2014/03/10\n"); | |
64 | 64 | + return 0; |
65 | 65 | +} |
66 | 66 | +module_init(ccs_show_version); |
67 | ---- linux-3.13.4.orig/include/linux/init_task.h | |
68 | -+++ linux-3.13.4/include/linux/init_task.h | |
67 | +--- linux-3.13.6.orig/include/linux/init_task.h | |
68 | ++++ linux-3.13.6/include/linux/init_task.h | |
69 | 69 | @@ -154,6 +154,14 @@ extern struct task_group root_task_group |
70 | 70 | |
71 | 71 | #define INIT_TASK_COMM "swapper" |
@@ -89,8 +89,8 @@ | ||
89 | 89 | } |
90 | 90 | |
91 | 91 | |
92 | ---- linux-3.13.4.orig/include/linux/sched.h | |
93 | -+++ linux-3.13.4/include/linux/sched.h | |
92 | +--- linux-3.13.6.orig/include/linux/sched.h | |
93 | ++++ linux-3.13.6/include/linux/sched.h | |
94 | 94 | @@ -4,6 +4,8 @@ |
95 | 95 | #include <uapi/linux/sched.h> |
96 | 96 |
@@ -111,8 +111,8 @@ | ||
111 | 111 | }; |
112 | 112 | |
113 | 113 | /* Future-safe accessor for struct task_struct's cpus_allowed. */ |
114 | ---- linux-3.13.4.orig/include/linux/security.h | |
115 | -+++ linux-3.13.4/include/linux/security.h | |
114 | +--- linux-3.13.6.orig/include/linux/security.h | |
115 | ++++ linux-3.13.6/include/linux/security.h | |
116 | 116 | @@ -53,6 +53,7 @@ struct msg_queue; |
117 | 117 | struct xattr; |
118 | 118 | struct xfrm_sec_ctx; |
@@ -314,8 +314,8 @@ | ||
314 | 314 | } |
315 | 315 | #endif /* CONFIG_SECURITY_PATH */ |
316 | 316 | |
317 | ---- linux-3.13.4.orig/include/net/ip.h | |
318 | -+++ linux-3.13.4/include/net/ip.h | |
317 | +--- linux-3.13.6.orig/include/net/ip.h | |
318 | ++++ linux-3.13.6/include/net/ip.h | |
319 | 319 | @@ -222,6 +222,8 @@ void inet_get_local_port_range(struct ne |
320 | 320 | extern unsigned long *sysctl_local_reserved_ports; |
321 | 321 | static inline int inet_is_reserved_local_port(int port) |
@@ -325,8 +325,8 @@ | ||
325 | 325 | return test_bit(port, sysctl_local_reserved_ports); |
326 | 326 | } |
327 | 327 | |
328 | ---- linux-3.13.4.orig/kernel/fork.c | |
329 | -+++ linux-3.13.4/kernel/fork.c | |
328 | +--- linux-3.13.6.orig/kernel/fork.c | |
329 | ++++ linux-3.13.6/kernel/fork.c | |
330 | 330 | @@ -242,6 +242,7 @@ void __put_task_struct(struct task_struc |
331 | 331 | delayacct_tsk_free(tsk); |
332 | 332 | put_signal_struct(tsk->signal); |
@@ -353,8 +353,8 @@ | ||
353 | 353 | bad_fork_cleanup_policy: |
354 | 354 | perf_event_free_task(p); |
355 | 355 | #ifdef CONFIG_NUMA |
356 | ---- linux-3.13.4.orig/kernel/kexec.c | |
357 | -+++ linux-3.13.4/kernel/kexec.c | |
356 | +--- linux-3.13.6.orig/kernel/kexec.c | |
357 | ++++ linux-3.13.6/kernel/kexec.c | |
358 | 358 | @@ -37,6 +37,7 @@ |
359 | 359 | #include <asm/uaccess.h> |
360 | 360 | #include <asm/io.h> |
@@ -372,8 +372,8 @@ | ||
372 | 372 | |
373 | 373 | /* |
374 | 374 | * Verify we have a legal set of flags |
375 | ---- linux-3.13.4.orig/kernel/module.c | |
376 | -+++ linux-3.13.4/kernel/module.c | |
375 | +--- linux-3.13.6.orig/kernel/module.c | |
376 | ++++ linux-3.13.6/kernel/module.c | |
377 | 377 | @@ -63,6 +63,7 @@ |
378 | 378 | #include <linux/fips.h> |
379 | 379 | #include <uapi/linux/module.h> |
@@ -400,8 +400,8 @@ | ||
400 | 400 | |
401 | 401 | return 0; |
402 | 402 | } |
403 | ---- linux-3.13.4.orig/kernel/ptrace.c | |
404 | -+++ linux-3.13.4/kernel/ptrace.c | |
403 | +--- linux-3.13.6.orig/kernel/ptrace.c | |
404 | ++++ linux-3.13.6/kernel/ptrace.c | |
405 | 405 | @@ -1038,6 +1038,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l |
406 | 406 | { |
407 | 407 | struct task_struct *child; |
@@ -426,8 +426,8 @@ | ||
426 | 426 | |
427 | 427 | if (request == PTRACE_TRACEME) { |
428 | 428 | ret = ptrace_traceme(); |
429 | ---- linux-3.13.4.orig/kernel/reboot.c | |
430 | -+++ linux-3.13.4/kernel/reboot.c | |
429 | +--- linux-3.13.6.orig/kernel/reboot.c | |
430 | ++++ linux-3.13.6/kernel/reboot.c | |
431 | 431 | @@ -16,6 +16,7 @@ |
432 | 432 | #include <linux/syscalls.h> |
433 | 433 | #include <linux/syscore_ops.h> |
@@ -445,8 +445,8 @@ | ||
445 | 445 | |
446 | 446 | /* |
447 | 447 | * If pid namespaces are enabled and the current task is in a child |
448 | ---- linux-3.13.4.orig/kernel/sched/core.c | |
449 | -+++ linux-3.13.4/kernel/sched/core.c | |
448 | +--- linux-3.13.6.orig/kernel/sched/core.c | |
449 | ++++ linux-3.13.6/kernel/sched/core.c | |
450 | 450 | @@ -2909,6 +2909,8 @@ int can_nice(const struct task_struct *p |
451 | 451 | SYSCALL_DEFINE1(nice, int, increment) |
452 | 452 | { |
@@ -456,8 +456,8 @@ | ||
456 | 456 | |
457 | 457 | /* |
458 | 458 | * Setpriority might change our priority at the same moment. |
459 | ---- linux-3.13.4.orig/kernel/signal.c | |
460 | -+++ linux-3.13.4/kernel/signal.c | |
459 | +--- linux-3.13.6.orig/kernel/signal.c | |
460 | ++++ linux-3.13.6/kernel/signal.c | |
461 | 461 | @@ -2909,6 +2909,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s |
462 | 462 | SYSCALL_DEFINE2(kill, pid_t, pid, int, sig) |
463 | 463 | { |
@@ -503,8 +503,8 @@ | ||
503 | 503 | |
504 | 504 | return do_send_specific(tgid, pid, sig, info); |
505 | 505 | } |
506 | ---- linux-3.13.4.orig/kernel/sys.c | |
507 | -+++ linux-3.13.4/kernel/sys.c | |
506 | +--- linux-3.13.6.orig/kernel/sys.c | |
507 | ++++ linux-3.13.6/kernel/sys.c | |
508 | 508 | @@ -171,6 +171,10 @@ SYSCALL_DEFINE3(setpriority, int, which, |
509 | 509 | |
510 | 510 | if (which > PRIO_USER || which < PRIO_PROCESS) |
@@ -534,8 +534,8 @@ | ||
534 | 534 | |
535 | 535 | down_write(&uts_sem); |
536 | 536 | errno = -EFAULT; |
537 | ---- linux-3.13.4.orig/kernel/time/ntp.c | |
538 | -+++ linux-3.13.4/kernel/time/ntp.c | |
537 | +--- linux-3.13.6.orig/kernel/time/ntp.c | |
538 | ++++ linux-3.13.6/kernel/time/ntp.c | |
539 | 539 | @@ -16,6 +16,7 @@ |
540 | 540 | #include <linux/mm.h> |
541 | 541 | #include <linux/module.h> |
@@ -569,8 +569,8 @@ | ||
569 | 569 | |
570 | 570 | return 0; |
571 | 571 | } |
572 | ---- linux-3.13.4.orig/net/ipv4/raw.c | |
573 | -+++ linux-3.13.4/net/ipv4/raw.c | |
572 | +--- linux-3.13.6.orig/net/ipv4/raw.c | |
573 | ++++ linux-3.13.6/net/ipv4/raw.c | |
574 | 574 | @@ -704,6 +704,10 @@ static int raw_recvmsg(struct kiocb *ioc |
575 | 575 | skb = skb_recv_datagram(sk, flags, noblock, &err); |
576 | 576 | if (!skb) |
@@ -582,8 +582,8 @@ | ||
582 | 582 | |
583 | 583 | copied = skb->len; |
584 | 584 | if (len < copied) { |
585 | ---- linux-3.13.4.orig/net/ipv4/udp.c | |
586 | -+++ linux-3.13.4/net/ipv4/udp.c | |
585 | +--- linux-3.13.6.orig/net/ipv4/udp.c | |
586 | ++++ linux-3.13.6/net/ipv4/udp.c | |
587 | 587 | @@ -1242,6 +1242,10 @@ try_again: |
588 | 588 | &peeked, &off, &err); |
589 | 589 | if (!skb) |
@@ -595,8 +595,8 @@ | ||
595 | 595 | |
596 | 596 | ulen = skb->len - sizeof(struct udphdr); |
597 | 597 | copied = len; |
598 | ---- linux-3.13.4.orig/net/ipv6/raw.c | |
599 | -+++ linux-3.13.4/net/ipv6/raw.c | |
598 | +--- linux-3.13.6.orig/net/ipv6/raw.c | |
599 | ++++ linux-3.13.6/net/ipv6/raw.c | |
600 | 600 | @@ -474,6 +474,10 @@ static int rawv6_recvmsg(struct kiocb *i |
601 | 601 | skb = skb_recv_datagram(sk, flags, noblock, &err); |
602 | 602 | if (!skb) |
@@ -608,8 +608,8 @@ | ||
608 | 608 | |
609 | 609 | copied = skb->len; |
610 | 610 | if (copied > len) { |
611 | ---- linux-3.13.4.orig/net/ipv6/udp.c | |
612 | -+++ linux-3.13.4/net/ipv6/udp.c | |
611 | +--- linux-3.13.6.orig/net/ipv6/udp.c | |
612 | ++++ linux-3.13.6/net/ipv6/udp.c | |
613 | 613 | @@ -403,6 +403,10 @@ try_again: |
614 | 614 | &peeked, &off, &err); |
615 | 615 | if (!skb) |
@@ -621,8 +621,8 @@ | ||
621 | 621 | |
622 | 622 | ulen = skb->len - sizeof(struct udphdr); |
623 | 623 | copied = len; |
624 | ---- linux-3.13.4.orig/net/socket.c | |
625 | -+++ linux-3.13.4/net/socket.c | |
624 | +--- linux-3.13.6.orig/net/socket.c | |
625 | ++++ linux-3.13.6/net/socket.c | |
626 | 626 | @@ -1619,6 +1619,10 @@ SYSCALL_DEFINE4(accept4, int, fd, struct |
627 | 627 | if (err < 0) |
628 | 628 | goto out_fd; |
@@ -634,8 +634,8 @@ | ||
634 | 634 | if (upeer_sockaddr) { |
635 | 635 | if (newsock->ops->getname(newsock, (struct sockaddr *)&address, |
636 | 636 | &len, 2) < 0) { |
637 | ---- linux-3.13.4.orig/net/unix/af_unix.c | |
638 | -+++ linux-3.13.4/net/unix/af_unix.c | |
637 | +--- linux-3.13.6.orig/net/unix/af_unix.c | |
638 | ++++ linux-3.13.6/net/unix/af_unix.c | |
639 | 639 | @@ -1807,6 +1807,10 @@ static int unix_dgram_recvmsg(struct kio |
640 | 640 | wake_up_interruptible_sync_poll(&u->peer_wait, |
641 | 641 | POLLOUT | POLLWRNORM | POLLWRBAND); |
@@ -647,8 +647,8 @@ | ||
647 | 647 | if (msg->msg_name) |
648 | 648 | unix_copy_addr(msg, skb->sk); |
649 | 649 | |
650 | ---- linux-3.13.4.orig/security/Kconfig | |
651 | -+++ linux-3.13.4/security/Kconfig | |
650 | +--- linux-3.13.6.orig/security/Kconfig | |
651 | ++++ linux-3.13.6/security/Kconfig | |
652 | 652 | @@ -167,5 +167,7 @@ config DEFAULT_SECURITY |
653 | 653 | default "yama" if DEFAULT_SECURITY_YAMA |
654 | 654 | default "" if DEFAULT_SECURITY_DAC |
@@ -657,8 +657,8 @@ | ||
657 | 657 | + |
658 | 658 | endmenu |
659 | 659 | |
660 | ---- linux-3.13.4.orig/security/Makefile | |
661 | -+++ linux-3.13.4/security/Makefile | |
660 | +--- linux-3.13.6.orig/security/Makefile | |
661 | ++++ linux-3.13.6/security/Makefile | |
662 | 662 | @@ -27,3 +27,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_c |
663 | 663 | # Object integrity file lists |
664 | 664 | subdir-$(CONFIG_INTEGRITY) += integrity |
@@ -666,8 +666,8 @@ | ||
666 | 666 | + |
667 | 667 | +subdir-$(CONFIG_CCSECURITY) += ccsecurity |
668 | 668 | +obj-$(CONFIG_CCSECURITY) += ccsecurity/built-in.o |
669 | ---- linux-3.13.4.orig/security/security.c | |
670 | -+++ linux-3.13.4/security/security.c | |
669 | +--- linux-3.13.6.orig/security/security.c | |
670 | ++++ linux-3.13.6/security/security.c | |
671 | 671 | @@ -203,7 +203,10 @@ int security_syslog(int type) |
672 | 672 | |
673 | 673 | int security_settime(const struct timespec *ts, const struct timezone *tz) |