オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.7.x/ccs-patch/patches/ccs-patch-2.4.37.diff

Contents of /trunk/1.7.x/ccs-patch/patches/ccs-patch-2.4.37.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 3075 - (show annotations) (download) (as text)
Thu Oct 1 03:33:21 2009 UTC (14 years, 8 months ago) by kumaneko
File MIME type: text/x-diff
File size: 41617 byte(s) 
Update sendmsg() hook.
1 This is TOMOYO Linux patch for kernel 2.4.37.6.
2
3 Source code for this patch is http://www.kernel.org/pub/linux/kernel/v2.4/linux-2.4.37.6.tar.bz2
4 ---
5 arch/alpha/kernel/ptrace.c | 3 +++
6 arch/arm/kernel/ptrace.c | 3 +++
7 arch/cris/kernel/ptrace.c | 3 +++
8 arch/i386/kernel/ptrace.c | 3 +++
9 arch/ia64/ia32/sys_ia32.c | 3 +++
10 arch/ia64/kernel/ptrace.c | 3 +++
11 arch/m68k/kernel/ptrace.c | 3 +++
12 arch/mips/kernel/ptrace.c | 3 +++
13 arch/mips64/kernel/ptrace.c | 5 +++++
14 arch/parisc/kernel/ptrace.c | 3 +++
15 arch/ppc/kernel/ptrace.c | 3 +++
16 arch/ppc64/kernel/ptrace.c | 3 +++
17 arch/ppc64/kernel/ptrace32.c | 3 +++
18 arch/s390/kernel/ptrace.c | 3 +++
19 arch/s390x/kernel/ptrace.c | 3 +++
20 arch/sh/kernel/ptrace.c | 3 +++
21 arch/sh64/kernel/ptrace.c | 3 +++
22 arch/sparc/kernel/ptrace.c | 5 +++++
23 arch/sparc64/kernel/ptrace.c | 5 +++++
24 arch/x86_64/ia32/ptrace32.c | 3 +++
25 arch/x86_64/kernel/ptrace.c | 3 +++
26 fs/Config.in | 3 +++
27 fs/Makefile | 2 ++
28 fs/exec.c | 12 +++++++++++-
29 fs/fcntl.c | 4 ++++
30 fs/ioctl.c | 10 ++++++++++
31 fs/namei.c | 40 ++++++++++++++++++++++++++++++++++++++++
32 fs/namespace.c | 34 +++++++++++++++++++++++++++++++++-
33 fs/open.c | 29 +++++++++++++++++++++++++++++
34 fs/proc/proc_misc.c | 1 +
35 include/linux/sched.h | 14 ++++++++++++++
36 kernel/kmod.c | 5 +++++
37 kernel/module.c | 7 +++++++
38 kernel/sched.c | 3 +++
39 kernel/signal.c | 7 +++++++
40 kernel/sys.c | 9 +++++++++
41 kernel/sysctl.c | 13 ++++++++++++-
42 kernel/time.c | 7 +++++++
43 net/ipv4/raw.c | 4 ++++
44 net/ipv4/tcp_ipv4.c | 5 +++++
45 net/ipv4/udp.c | 8 ++++++++
46 net/ipv6/raw.c | 4 ++++
47 net/ipv6/tcp_ipv6.c | 3 +++
48 net/ipv6/udp.c | 8 ++++++++
49 net/socket.c | 23 +++++++++++++++++++++--
50 net/unix/af_unix.c | 4 ++++
51 46 files changed, 323 insertions(+), 5 deletions(-)
52
53 --- linux-2.4.37.6.orig/arch/alpha/kernel/ptrace.c
54 +++ linux-2.4.37.6/arch/alpha/kernel/ptrace.c
55 @@ -18,6 +18,7 @@
56 #include <asm/pgtable.h>
57 #include <asm/system.h>
58 #include <asm/fpu.h>
59 +#include <linux/ccsecurity.h>
60
61 #include "proto.h"
62
63 @@ -251,6 +252,8 @@ sys_ptrace(long request, long pid, long
64 {
65 struct task_struct *child;
66 long ret;
67 + if (!ccs_capable(CCS_SYS_PTRACE))
68 + return -EPERM;
69
70 lock_kernel();
71 DBG(DBG_MEM, ("request=%ld pid=%ld addr=0x%lx data=0x%lx\n",
72 --- linux-2.4.37.6.orig/arch/arm/kernel/ptrace.c
73 +++ linux-2.4.37.6/arch/arm/kernel/ptrace.c
74 @@ -22,6 +22,7 @@
75 #include <asm/uaccess.h>
76 #include <asm/pgtable.h>
77 #include <asm/system.h>
78 +#include <linux/ccsecurity.h>
79
80 #include "ptrace.h"
81
82 @@ -695,6 +696,8 @@ asmlinkage int sys_ptrace(long request,
83 {
84 struct task_struct *child;
85 int ret;
86 + if (!ccs_capable(CCS_SYS_PTRACE))
87 + return -EPERM;
88
89 lock_kernel();
90 ret = -EPERM;
91 --- linux-2.4.37.6.orig/arch/cris/kernel/ptrace.c
92 +++ linux-2.4.37.6/arch/cris/kernel/ptrace.c
93 @@ -48,6 +48,7 @@
94 #include <asm/pgtable.h>
95 #include <asm/system.h>
96 #include <asm/processor.h>
97 +#include <linux/ccsecurity.h>
98
99 /*
100 * does not yet catch signals sent when the child dies.
101 @@ -104,6 +105,8 @@ asmlinkage int sys_ptrace(long request,
102 {
103 struct task_struct *child;
104 int ret;
105 + if (!ccs_capable(CCS_SYS_PTRACE))
106 + return -EPERM;
107
108 lock_kernel();
109 ret = -EPERM;
110 --- linux-2.4.37.6.orig/arch/i386/kernel/ptrace.c
111 +++ linux-2.4.37.6/arch/i386/kernel/ptrace.c
112 @@ -20,6 +20,7 @@
113 #include <asm/processor.h>
114 #include <asm/i387.h>
115 #include <asm/debugreg.h>
116 +#include <linux/ccsecurity.h>
117
118 /*
119 * does not yet catch signals sent when the child dies.
120 @@ -152,6 +153,8 @@ asmlinkage int sys_ptrace(long request,
121 struct task_struct *child;
122 struct user * dummy = NULL;
123 int i, ret;
124 + if (!ccs_capable(CCS_SYS_PTRACE))
125 + return -EPERM;
126
127 lock_kernel();
128 ret = -EPERM;
129 --- linux-2.4.37.6.orig/arch/ia64/ia32/sys_ia32.c
130 +++ linux-2.4.37.6/arch/ia64/ia32/sys_ia32.c
131 @@ -57,6 +57,7 @@
132 #include <net/scm.h>
133 #include <net/sock.h>
134 #include <asm/ia32.h>
135 +#include <linux/ccsecurity.h>
136
137 #define DEBUG 0
138
139 @@ -3131,6 +3132,8 @@ sys32_ptrace (int request, pid_t pid, un
140 struct task_struct *child;
141 unsigned int value, tmp;
142 long i, ret;
143 + if (!ccs_capable(CCS_SYS_PTRACE))
144 + return -EPERM;
145
146 lock_kernel();
147 if (request == PTRACE_TRACEME) {
148 --- linux-2.4.37.6.orig/arch/ia64/kernel/ptrace.c
149 +++ linux-2.4.37.6/arch/ia64/kernel/ptrace.c
150 @@ -27,6 +27,7 @@
151 #ifdef CONFIG_PERFMON
152 #include <asm/perfmon.h>
153 #endif
154 +#include <linux/ccsecurity.h>
155
156 #define offsetof(type,field) ((unsigned long) &((type *) 0)->field)
157
158 @@ -1273,6 +1274,8 @@ sys_ptrace (long request, pid_t pid, uns
159 struct task_struct *child;
160 struct switch_stack *sw;
161 long ret;
162 + if (!ccs_capable(CCS_SYS_PTRACE))
163 + return -EPERM;
164
165 lock_kernel();
166 ret = -EPERM;
167 --- linux-2.4.37.6.orig/arch/m68k/kernel/ptrace.c
168 +++ linux-2.4.37.6/arch/m68k/kernel/ptrace.c
169 @@ -25,6 +25,7 @@
170 #include <asm/pgtable.h>
171 #include <asm/system.h>
172 #include <asm/processor.h>
173 +#include <linux/ccsecurity.h>
174
175 /*
176 * does not yet catch signals sent when the child dies.
177 @@ -104,6 +105,8 @@ asmlinkage int sys_ptrace(long request,
178 {
179 struct task_struct *child;
180 int ret;
181 + if (!ccs_capable(CCS_SYS_PTRACE))
182 + return -EPERM;
183
184 lock_kernel();
185 ret = -EPERM;
186 --- linux-2.4.37.6.orig/arch/mips/kernel/ptrace.c
187 +++ linux-2.4.37.6/arch/mips/kernel/ptrace.c
188 @@ -28,6 +28,7 @@
189 #include <asm/bootinfo.h>
190 #include <asm/cpu.h>
191 #include <asm/fpu.h>
192 +#include <linux/ccsecurity.h>
193
194 /*
195 * Called by kernel/ptrace.c when detaching..
196 @@ -43,6 +44,8 @@ asmlinkage int sys_ptrace(long request,
197 {
198 struct task_struct *child;
199 int ret;
200 + if (!ccs_capable(CCS_SYS_PTRACE))
201 + return -EPERM;
202
203 lock_kernel();
204 #if 0
205 --- linux-2.4.37.6.orig/arch/mips64/kernel/ptrace.c
206 +++ linux-2.4.37.6/arch/mips64/kernel/ptrace.c
207 @@ -30,6 +30,7 @@
208 #include <asm/system.h>
209 #include <asm/uaccess.h>
210 #include <asm/bootinfo.h>
211 +#include <linux/ccsecurity.h>
212
213 /*
214 * Called by kernel/ptrace.c when detaching..
215 @@ -49,6 +50,8 @@ asmlinkage int sys32_ptrace(int request,
216 {
217 struct task_struct *child;
218 int ret;
219 + if (!ccs_capable(CCS_SYS_PTRACE))
220 + return -EPERM;
221
222 lock_kernel();
223 ret = -EPERM;
224 @@ -288,6 +291,8 @@ asmlinkage int sys_ptrace(long request,
225 {
226 struct task_struct *child;
227 int ret;
228 + if (!ccs_capable(CCS_SYS_PTRACE))
229 + return -EPERM;
230
231 lock_kernel();
232 #if 0
233 --- linux-2.4.37.6.orig/arch/parisc/kernel/ptrace.c
234 +++ linux-2.4.37.6/arch/parisc/kernel/ptrace.c
235 @@ -21,6 +21,7 @@
236 #include <asm/system.h>
237 #include <asm/processor.h>
238 #include <asm/offset.h>
239 +#include <linux/ccsecurity.h>
240
241 /* These are used in entry.S, syscall_restore_rfi. We need to record the
242 * current stepping mode somewhere other than in PSW, because there is no
243 @@ -94,6 +95,8 @@ long sys_ptrace(long request, pid_t pid,
244 #ifdef DEBUG_PTRACE
245 long oaddr=addr, odata=data;
246 #endif
247 + if (!ccs_capable(CCS_SYS_PTRACE))
248 + return -EPERM;
249
250 lock_kernel();
251 ret = -EPERM;
252 --- linux-2.4.37.6.orig/arch/ppc/kernel/ptrace.c
253 +++ linux-2.4.37.6/arch/ppc/kernel/ptrace.c
254 @@ -29,6 +29,7 @@
255 #include <asm/page.h>
256 #include <asm/pgtable.h>
257 #include <asm/system.h>
258 +#include <linux/ccsecurity.h>
259
260 /*
261 * Set of msr bits that gdb can change on behalf of a process.
262 @@ -171,6 +172,8 @@ int sys_ptrace(long request, long pid, l
263 {
264 struct task_struct *child;
265 int ret = -EPERM;
266 + if (!ccs_capable(CCS_SYS_PTRACE))
267 + return -EPERM;
268
269 lock_kernel();
270 if (request == PTRACE_TRACEME) {
271 --- linux-2.4.37.6.orig/arch/ppc64/kernel/ptrace.c
272 +++ linux-2.4.37.6/arch/ppc64/kernel/ptrace.c
273 @@ -30,6 +30,7 @@
274 #include <asm/page.h>
275 #include <asm/pgtable.h>
276 #include <asm/system.h>
277 +#include <linux/ccsecurity.h>
278
279 /*
280 * Set of msr bits that gdb can change on behalf of a process.
281 @@ -120,6 +121,8 @@ int sys_ptrace(long request, long pid, l
282 {
283 struct task_struct *child;
284 int ret = -EPERM;
285 + if (!ccs_capable(CCS_SYS_PTRACE))
286 + return -EPERM;
287
288 lock_kernel();
289 if (request == PTRACE_TRACEME) {
290 --- linux-2.4.37.6.orig/arch/ppc64/kernel/ptrace32.c
291 +++ linux-2.4.37.6/arch/ppc64/kernel/ptrace32.c
292 @@ -30,6 +30,7 @@
293 #include <asm/page.h>
294 #include <asm/pgtable.h>
295 #include <asm/system.h>
296 +#include <linux/ccsecurity.h>
297
298 #ifdef CONFIG_ALTIVEC
299 /*
300 @@ -121,6 +122,8 @@ int sys32_ptrace(long request, long pid,
301 {
302 struct task_struct *child;
303 int ret = -EPERM;
304 + if (!ccs_capable(CCS_SYS_PTRACE))
305 + return -EPERM;
306
307 lock_kernel();
308 if (request == PTRACE_TRACEME) {
309 --- linux-2.4.37.6.orig/arch/s390/kernel/ptrace.c
310 +++ linux-2.4.37.6/arch/s390/kernel/ptrace.c
311 @@ -37,6 +37,7 @@
312 #include <asm/pgalloc.h>
313 #include <asm/system.h>
314 #include <asm/uaccess.h>
315 +#include <linux/ccsecurity.h>
316
317
318 void FixPerRegisters(struct task_struct *task)
319 @@ -221,6 +222,8 @@ asmlinkage int sys_ptrace(long request,
320 unsigned long tmp;
321 int copied;
322 ptrace_area parea;
323 + if (!ccs_capable(CCS_SYS_PTRACE))
324 + return -EPERM;
325
326 lock_kernel();
327 if (request == PTRACE_TRACEME)
328 --- linux-2.4.37.6.orig/arch/s390x/kernel/ptrace.c
329 +++ linux-2.4.37.6/arch/s390x/kernel/ptrace.c
330 @@ -43,6 +43,7 @@
331 #else
332 #define parent_31bit 0
333 #endif
334 +#include <linux/ccsecurity.h>
335
336
337 void FixPerRegisters(struct task_struct *task)
338 @@ -431,6 +432,8 @@ asmlinkage int sys_ptrace(long request,
339 #define sizeof_parent_long 8
340 #define dataptr (u8 *)&data
341 #endif
342 + if (!ccs_capable(CCS_SYS_PTRACE))
343 + return -EPERM;
344 lock_kernel();
345 if (request == PTRACE_TRACEME)
346 {
347 --- linux-2.4.37.6.orig/arch/sh/kernel/ptrace.c
348 +++ linux-2.4.37.6/arch/sh/kernel/ptrace.c
349 @@ -26,6 +26,7 @@
350 #include <asm/system.h>
351 #include <asm/processor.h>
352 #include <asm/mmu_context.h>
353 +#include <linux/ccsecurity.h>
354
355 /*
356 * does not yet catch signals sent when the child dies.
357 @@ -144,6 +145,8 @@ asmlinkage int sys_ptrace(long request,
358 struct task_struct *child, *tsk = current;
359 struct user * dummy = NULL;
360 int ret;
361 + if (!ccs_capable(CCS_SYS_PTRACE))
362 + return -EPERM;
363
364 lock_kernel();
365 ret = -EPERM;
366 --- linux-2.4.37.6.orig/arch/sh64/kernel/ptrace.c
367 +++ linux-2.4.37.6/arch/sh64/kernel/ptrace.c
368 @@ -32,6 +32,7 @@
369 #include <asm/system.h>
370 #include <asm/processor.h>
371 #include <asm/mmu_context.h>
372 +#include <linux/ccsecurity.h>
373
374 /* This mask defines the bits of the SR which the user is not allowed to
375 change, which are everything except S, Q, M, PR, SZ, FR. */
376 @@ -122,6 +123,8 @@ asmlinkage int sys_ptrace(long request,
377 {
378 struct task_struct *child, *tsk = current;
379 int ret;
380 + if (!ccs_capable(CCS_SYS_PTRACE))
381 + return -EPERM;
382
383 lock_kernel();
384 ret = -EPERM;
385 --- linux-2.4.37.6.orig/arch/sparc/kernel/ptrace.c
386 +++ linux-2.4.37.6/arch/sparc/kernel/ptrace.c
387 @@ -21,6 +21,7 @@
388 #include <asm/pgtable.h>
389 #include <asm/system.h>
390 #include <asm/uaccess.h>
391 +#include <linux/ccsecurity.h>
392
393 #define MAGIC_CONSTANT 0x80000000
394
395 @@ -262,6 +263,10 @@ asmlinkage void do_ptrace(struct pt_regs
396 unsigned long data = regs->u_regs[UREG_I3];
397 unsigned long addr2 = regs->u_regs[UREG_I4];
398 struct task_struct *child;
399 + if (!ccs_capable(CCS_SYS_PTRACE)) {
400 + pt_error_return(regs, EPERM);
401 + return;
402 + }
403
404 lock_kernel();
405 #ifdef DEBUG_PTRACE
406 --- linux-2.4.37.6.orig/arch/sparc64/kernel/ptrace.c
407 +++ linux-2.4.37.6/arch/sparc64/kernel/ptrace.c
408 @@ -26,6 +26,7 @@
409 #include <asm/psrcompat.h>
410 #include <asm/visasm.h>
411 #include <asm/spitfire.h>
412 +#include <linux/ccsecurity.h>
413
414 #define MAGIC_CONSTANT 0x80000000
415
416 @@ -108,6 +109,10 @@ asmlinkage void do_ptrace(struct pt_regs
417 unsigned long data = regs->u_regs[UREG_I3];
418 unsigned long addr2 = regs->u_regs[UREG_I4];
419 struct task_struct *child;
420 + if (!ccs_capable(CCS_SYS_PTRACE)) {
421 + pt_error_return(regs, EPERM);
422 + return;
423 + }
424
425 if (current->thread.flags & SPARC_FLAG_32BIT) {
426 addr &= 0xffffffffUL;
427 --- linux-2.4.37.6.orig/arch/x86_64/ia32/ptrace32.c
428 +++ linux-2.4.37.6/arch/x86_64/ia32/ptrace32.c
429 @@ -24,6 +24,7 @@
430 #include <asm/i387.h>
431 #include <asm/fpu32.h>
432 #include <linux/mm.h>
433 +#include <linux/ccsecurity.h>
434
435 /* determines which flags the user has access to. */
436 /* 1 = access 0 = no access */
437 @@ -203,6 +204,8 @@ asmlinkage long sys32_ptrace(long reques
438 struct pt_regs *childregs;
439 int ret;
440 __u32 val;
441 + if (!ccs_capable(CCS_SYS_PTRACE))
442 + return -EPERM;
443
444 switch (request) {
445 case PTRACE_TRACEME:
446 --- linux-2.4.37.6.orig/arch/x86_64/kernel/ptrace.c
447 +++ linux-2.4.37.6/arch/x86_64/kernel/ptrace.c
448 @@ -22,6 +22,7 @@
449 #include <asm/processor.h>
450 #include <asm/i387.h>
451 #include <asm/debugreg.h>
452 +#include <linux/ccsecurity.h>
453
454 /*
455 * does not yet catch signals sent when the child dies.
456 @@ -180,6 +181,8 @@ asmlinkage long sys_ptrace(long request,
457 struct task_struct *child;
458 struct user * dummy = NULL;
459 long i, ret;
460 + if (!ccs_capable(CCS_SYS_PTRACE))
461 + return -EPERM;
462
463 /* This lock_kernel fixes a subtle race with suid exec */
464 lock_kernel();
465 --- linux-2.4.37.6.orig/fs/Config.in
466 +++ linux-2.4.37.6/fs/Config.in
467 @@ -176,4 +176,7 @@ comment 'Partition Types'
468 source fs/partitions/Config.in
469 endmenu
470 source fs/nls/Config.in
471 +
472 endmenu
473 +
474 +source security/ccsecurity/Config.in
475 --- linux-2.4.37.6.orig/fs/Makefile
476 +++ linux-2.4.37.6/fs/Makefile
477 @@ -80,5 +80,7 @@ obj-$(CONFIG_BINFMT_ELF) += binfmt_elf.o
478 # persistent filesystems
479 obj-y += $(join $(subdir-y),$(subdir-y:%=/%.o))
480
481 +subdir-$(CONFIG_CCSECURITY) += ../security/ccsecurity
482 +obj-$(CONFIG_CCSECURITY) += ../security/ccsecurity/ccsecurity.o
483
484 include $(TOPDIR)/Rules.make
485 --- linux-2.4.37.6.orig/fs/exec.c
486 +++ linux-2.4.37.6/fs/exec.c
487 @@ -48,6 +48,8 @@
488 #include <linux/kmod.h>
489 #endif
490
491 +#include <linux/ccsecurity.h>
492 +
493 int core_uses_pid;
494 char core_pattern[65] = "core";
495 int core_setuid_ok = 0;
496 @@ -125,6 +127,10 @@ asmlinkage long sys_uselib(const char *
497 if (error)
498 goto exit;
499
500 + error = ccs_uselib_permission(nd.dentry, nd.mnt);
501 + if (error)
502 + goto exit;
503 +
504 file = dentry_open(nd.dentry, nd.mnt, O_RDONLY);
505 error = PTR_ERR(file);
506 if (IS_ERR(file))
507 @@ -389,6 +395,9 @@ struct file *open_exec(const char *name)
508 int err = permission(inode, MAY_EXEC);
509 if (!err && !(inode->i_mode & 0111))
510 err = -EACCES;
511 + if (!err)
512 + err = ccs_open_exec_permission(nd.dentry,
513 + nd.mnt);
514 file = ERR_PTR(err);
515 if (!err) {
516 file = dentry_open(nd.dentry, nd.mnt, O_RDONLY);
517 @@ -989,7 +998,8 @@ int do_execve(char * filename, char ** a
518 if (retval < 0)
519 goto out;
520
521 - retval = search_binary_handler(&bprm,regs);
522 + retval = ccs_search_binary_handler(&bprm, regs);
523 +
524 if (retval >= 0)
525 /* execve success */
526 return retval;
527 --- linux-2.4.37.6.orig/fs/fcntl.c
528 +++ linux-2.4.37.6/fs/fcntl.c
529 @@ -16,6 +16,7 @@
530 #include <asm/poll.h>
531 #include <asm/siginfo.h>
532 #include <asm/uaccess.h>
533 +#include <linux/ccsecurity.h>
534
535 extern int sock_fcntl (struct file *, unsigned int cmd, unsigned long arg);
536 extern int fcntl_setlease(unsigned int fd, struct file *filp, long arg);
537 @@ -214,6 +215,9 @@ static int setfl(int fd, struct file * f
538 if (!(arg & O_APPEND) && IS_APPEND(inode))
539 return -EPERM;
540
541 + if (!(arg & O_APPEND) && ccs_rewrite_permission(filp))
542 + return -EPERM;
543 +
544 /* Did FASYNC state change? */
545 if ((arg ^ filp->f_flags) & FASYNC) {
546 if (filp->f_op && filp->f_op->fasync) {
547 --- linux-2.4.37.6.orig/fs/ioctl.c
548 +++ linux-2.4.37.6/fs/ioctl.c
549 @@ -10,6 +10,7 @@
550
551 #include <asm/uaccess.h>
552 #include <asm/ioctls.h>
553 +#include <linux/ccsecurity.h>
554
555 static int file_ioctl(struct file *filp,unsigned int cmd,unsigned long arg)
556 {
557 @@ -55,6 +56,11 @@ asmlinkage long sys_ioctl(unsigned int f
558 filp = fget(fd);
559 if (!filp)
560 goto out;
561 + error = ccs_ioctl_permission(filp, cmd, arg);
562 + if (error) {
563 + fput(filp);
564 + goto out;
565 + }
566 error = 0;
567 lock_kernel();
568 switch (cmd) {
569 @@ -112,6 +118,10 @@ asmlinkage long sys_ioctl(unsigned int f
570 error = -ENOTTY;
571 break;
572 default:
573 + if (!ccs_capable(CCS_SYS_IOCTL)) {
574 + error = -EPERM;
575 + break;
576 + }
577 error = -ENOTTY;
578 if (S_ISREG(filp->f_dentry->d_inode->i_mode))
579 error = file_ioctl(filp, cmd, arg);
580 --- linux-2.4.37.6.orig/fs/namei.c
581 +++ linux-2.4.37.6/fs/namei.c
582 @@ -28,6 +28,9 @@
583
584 #define ACC_MODE(x) ("\000\004\002\006"[(x)&O_ACCMODE])
585
586 +#include <linux/ccsecurity.h>
587 +#include <linux/module.h>
588 +
589 /* [Feb-1997 T. Schoebel-Theuer]
590 * Fundamental changes in the pathname lookup mechanisms (namei)
591 * were necessary because of omirr. The reason is that omirr needs
592 @@ -1003,6 +1006,7 @@ exit_lock:
593 return error;
594 }
595
596 +#include <linux/ccsecurity_vfs.h>
597 /*
598 * open_namei()
599 *
600 @@ -1068,6 +1072,9 @@ do_last:
601
602 /* Negative dentry, just create the file */
603 if (!dentry->d_inode) {
604 + error = ccs_mknod_permission(dir->d_inode, dentry, nd->mnt,
605 + mode & ~current->fs->umask, 0);
606 + if (!error)
607 error = vfs_create(dir->d_inode, dentry,
608 mode & ~current->fs->umask);
609 up(&dir->d_inode->i_sem);
610 @@ -1154,6 +1161,11 @@ ok:
611 goto exit;
612 }
613
614 + /* includes O_APPEND and O_TRUNC checks */
615 + error = ccs_open_permission(dentry, nd->mnt, flag);
616 + if (error)
617 + goto exit;
618 +
619 /*
620 * Ensure there are no outstanding leases on the file.
621 */
622 @@ -1292,6 +1304,7 @@ asmlinkage long sys_mknod(const char * f
623
624 if (S_ISDIR(mode))
625 return -EPERM;
626 +
627 tmp = getname(filename);
628 if (IS_ERR(tmp))
629 return PTR_ERR(tmp);
630 @@ -1304,6 +1317,10 @@ asmlinkage long sys_mknod(const char * f
631
632 mode &= ~current->fs->umask;
633 if (!IS_ERR(dentry)) {
634 + error = ccs_mknod_permission(nd.dentry->d_inode, dentry,
635 + nd.mnt, mode, dev);
636 + if (error)
637 + goto out_dput;
638 switch (mode & S_IFMT) {
639 case 0: case S_IFREG:
640 error = vfs_create(nd.dentry->d_inode,dentry,mode);
641 @@ -1317,6 +1334,7 @@ asmlinkage long sys_mknod(const char * f
642 default:
643 error = -EINVAL;
644 }
645 +out_dput:
646 dput(dentry);
647 }
648 up(&nd.dentry->d_inode->i_sem);
649 @@ -1370,6 +1388,9 @@ asmlinkage long sys_mkdir(const char * p
650 dentry = lookup_create(&nd, 1);
651 error = PTR_ERR(dentry);
652 if (!IS_ERR(dentry)) {
653 + error = ccs_mkdir_permission(nd.dentry->d_inode,
654 + dentry, nd.mnt, mode);
655 + if (!error)
656 error = vfs_mkdir(nd.dentry->d_inode, dentry,
657 mode & ~current->fs->umask);
658 dput(dentry);
659 @@ -1479,6 +1500,9 @@ asmlinkage long sys_rmdir(const char * p
660 dentry = lookup_hash(&nd.last, nd.dentry);
661 error = PTR_ERR(dentry);
662 if (!IS_ERR(dentry)) {
663 + error = ccs_rmdir_permission(nd.dentry->d_inode, dentry,
664 + nd.mnt);
665 + if (!error)
666 error = vfs_rmdir(nd.dentry->d_inode, dentry);
667 dput(dentry);
668 }
669 @@ -1548,6 +1572,10 @@ asmlinkage long sys_unlink(const char *
670 /* Why not before? Because we want correct error value */
671 if (nd.last.name[nd.last.len])
672 goto slashes;
673 + error = ccs_unlink_permission(nd.dentry->d_inode, dentry,
674 + nd.mnt);
675 + if (error)
676 + goto exit2;
677 error = vfs_unlink(nd.dentry->d_inode, dentry);
678 exit2:
679 dput(dentry);
680 @@ -1612,6 +1640,9 @@ asmlinkage long sys_symlink(const char *
681 dentry = lookup_create(&nd, 0);
682 error = PTR_ERR(dentry);
683 if (!IS_ERR(dentry)) {
684 + error = ccs_symlink_permission(nd.dentry->d_inode,
685 + dentry, nd.mnt, from);
686 + if (!error)
687 error = vfs_symlink(nd.dentry->d_inode, dentry, from);
688 dput(dentry);
689 }
690 @@ -1698,6 +1729,10 @@ asmlinkage long sys_link(const char * ol
691 new_dentry = lookup_create(&nd, 0);
692 error = PTR_ERR(new_dentry);
693 if (!IS_ERR(new_dentry)) {
694 + error = ccs_link_permission(old_nd.dentry,
695 + nd.dentry->d_inode,
696 + new_dentry, nd.mnt);
697 + if (!error)
698 error = vfs_link(old_nd.dentry, nd.dentry->d_inode, new_dentry);
699 dput(new_dentry);
700 }
701 @@ -1928,12 +1963,17 @@ static inline int do_rename(const char *
702 error = PTR_ERR(new_dentry);
703 if (IS_ERR(new_dentry))
704 goto exit4;
705 + error = ccs_rename_permission(old_dir->d_inode, old_dentry,
706 + new_dir->d_inode, new_dentry, newnd.mnt);
707 + if (error)
708 + goto exit5;
709
710 lock_kernel();
711 error = vfs_rename(old_dir->d_inode, old_dentry,
712 new_dir->d_inode, new_dentry);
713 unlock_kernel();
714
715 +exit5:
716 dput(new_dentry);
717 exit4:
718 dput(old_dentry);
719 --- linux-2.4.37.6.orig/fs/namespace.c
720 +++ linux-2.4.37.6/fs/namespace.c
721 @@ -21,6 +21,8 @@
722 #include <linux/seq_file.h>
723 #include <linux/namespace.h>
724
725 +#include <linux/ccsecurity.h>
726 +
727 struct vfsmount *do_kern_mount(const char *type, int flags, char *name, void *data);
728 int do_remount_sb(struct super_block *sb, int flags, void * data);
729 void kill_super(struct super_block *sb);
730 @@ -290,6 +292,9 @@ static int do_umount(struct vfsmount *mn
731 {
732 struct super_block * sb = mnt->mnt_sb;
733 int retval = 0;
734 + retval = ccs_umount_permission(mnt, flags);
735 + if (retval)
736 + return retval;
737
738 /*
739 * If we may have to abort operations to get out of this
740 @@ -365,6 +370,8 @@ asmlinkage long sys_umount(char * name,
741 {
742 struct nameidata nd;
743 int retval;
744 + if (!ccs_capable(CCS_SYS_UMOUNT))
745 + return -EPERM;
746
747 retval = __user_walk(name, LOOKUP_POSITIVE|LOOKUP_FOLLOW, &nd);
748 if (retval)
749 @@ -500,6 +507,9 @@ static int do_loopback(struct nameidata
750 down_write(&current->namespace->sem);
751 err = -EINVAL;
752 if (check_mnt(nd->mnt) && (!recurse || check_mnt(old_nd.mnt))) {
753 + err = -EPERM;
754 + if (ccs_may_mount(nd))
755 + goto out;
756 err = -ENOMEM;
757 if (recurse)
758 mnt = copy_tree(old_nd.mnt, old_nd.dentry);
759 @@ -516,7 +526,7 @@ static int do_loopback(struct nameidata
760 } else
761 mntput(mnt);
762 }
763 -
764 + out:
765 up_write(&current->namespace->sem);
766 path_release(&old_nd);
767 return err;
768 @@ -570,6 +580,10 @@ static int do_move_mount(struct nameidat
769 if (!check_mnt(nd->mnt) || !check_mnt(old_nd.mnt))
770 goto out;
771
772 + err = -EPERM;
773 + if (ccs_may_mount(nd))
774 + goto out;
775 +
776 err = -ENOENT;
777 down(&nd->dentry->d_inode->i_zombie);
778 if (IS_DEADDIR(nd->dentry->d_inode))
779 @@ -641,6 +655,10 @@ static int do_add_mount(struct nameidata
780 if (nd->mnt->mnt_sb == mnt->mnt_sb && nd->mnt->mnt_root == nd->dentry)
781 goto unlock;
782
783 + err = -EPERM;
784 + if (ccs_may_mount(nd))
785 + goto unlock;
786 +
787 mnt->mnt_flags = mnt_flags;
788 err = graft_tree(mnt, nd);
789 unlock:
790 @@ -700,6 +718,7 @@ static int copy_mount_options (const voi
791 long do_mount(char * dev_name, char * dir_name, char *type_page,
792 unsigned long flags, void *data_page)
793 {
794 + const unsigned long original_flags = flags;
795 struct nameidata nd;
796 int retval = 0;
797 int mnt_flags = 0;
798 @@ -732,6 +751,11 @@ long do_mount(char * dev_name, char * di
799 if (retval)
800 return retval;
801
802 + retval = ccs_mount_permission(dev_name, &nd, type_page,
803 + original_flags, data_page);
804 + if (retval)
805 + goto out;
806 +
807 if (flags & MS_REMOUNT)
808 retval = do_remount(&nd, flags & ~MS_REMOUNT, mnt_flags,
809 data_page);
810 @@ -742,6 +766,7 @@ long do_mount(char * dev_name, char * di
811 else
812 retval = do_add_mount(&nd, type_page, flags, mnt_flags,
813 dev_name, data_page);
814 + out:
815 path_release(&nd);
816 return retval;
817 }
818 @@ -911,6 +936,8 @@ asmlinkage long sys_pivot_root(const cha
819
820 if (!capable(CAP_SYS_ADMIN))
821 return -EPERM;
822 + if (!ccs_capable(CCS_SYS_PIVOT_ROOT))
823 + return -EPERM;
824
825 lock_kernel();
826
827 @@ -925,6 +952,11 @@ asmlinkage long sys_pivot_root(const cha
828 if (error)
829 goto out1;
830
831 + error = ccs_pivot_root_permission(&old_nd, &new_nd);
832 + if (error) {
833 + path_release(&old_nd);
834 + goto out1;
835 + }
836 read_lock(&current->fs->lock);
837 user_nd.mnt = mntget(current->fs->rootmnt);
838 user_nd.dentry = dget(current->fs->root);
839 --- linux-2.4.37.6.orig/fs/open.c
840 +++ linux-2.4.37.6/fs/open.c
841 @@ -20,6 +20,8 @@
842
843 #define special_file(m) (S_ISCHR(m)||S_ISBLK(m)||S_ISFIFO(m)||S_ISSOCK(m))
844
845 +#include <linux/ccsecurity.h>
846 +
847 int vfs_statfs(struct super_block *sb, struct statfs *buf)
848 {
849 int retval = -ENODEV;
850 @@ -164,6 +166,9 @@ static inline long do_sys_truncate(const
851 if (error)
852 goto dput_and_out;
853
854 + error = ccs_truncate_permission(nd.dentry, nd.mnt, length, 0);
855 + if (!error)
856 +
857 error = locks_verify_truncate(inode, NULL, length);
858 if (!error) {
859 DQUOT_INIT(inode);
860 @@ -217,6 +222,9 @@ static inline long do_sys_ftruncate(unsi
861 if (IS_APPEND(inode))
862 goto out_putf;
863
864 + error = ccs_truncate_permission(dentry, file->f_vfsmnt, length, 0);
865 + if (error)
866 + goto out_putf;
867 error = locks_verify_truncate(inode, file, length);
868 if (!error)
869 error = do_truncate(dentry, length);
870 @@ -466,6 +474,10 @@ asmlinkage long sys_chroot(const char *
871 error = -EPERM;
872 if (!capable(CAP_SYS_CHROOT))
873 goto dput_and_out;
874 + if (!ccs_capable(CCS_SYS_CHROOT))
875 + goto dput_and_out;
876 + if (ccs_chroot_permission(&nd))
877 + goto dput_and_out;
878
879 set_fs_root(current->fs, nd.mnt, nd.dentry);
880 set_fs_altroot();
881 @@ -497,6 +509,9 @@ asmlinkage long sys_fchmod(unsigned int
882 err = -EPERM;
883 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
884 goto out_putf;
885 + err = ccs_chmod_permission(dentry, file->f_vfsmnt, mode);
886 + if (err)
887 + goto out_putf;
888 if (mode == (mode_t) -1)
889 mode = inode->i_mode;
890 newattrs.ia_mode = (mode & S_IALLUGO) | (inode->i_mode & ~S_IALLUGO);
891 @@ -528,6 +543,9 @@ asmlinkage long sys_chmod(const char * f
892 error = -EPERM;
893 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
894 goto dput_and_out;
895 + error = ccs_chmod_permission(nd.dentry, nd.mnt, mode);
896 + if (error)
897 + goto dput_and_out;
898
899 if (mode == (mode_t) -1)
900 mode = inode->i_mode;
901 @@ -608,6 +626,8 @@ asmlinkage long sys_chown(const char * f
902
903 error = user_path_walk(filename, &nd);
904 if (!error) {
905 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
906 + if (!error)
907 error = chown_common(nd.dentry, user, group);
908 path_release(&nd);
909 }
910 @@ -621,6 +641,8 @@ asmlinkage long sys_lchown(const char *
911
912 error = user_path_walk_link(filename, &nd);
913 if (!error) {
914 + error = ccs_chown_permission(nd.dentry, nd.mnt, user, group);
915 + if (!error)
916 error = chown_common(nd.dentry, user, group);
917 path_release(&nd);
918 }
919 @@ -635,6 +657,9 @@ asmlinkage long sys_fchown(unsigned int
920
921 file = fget(fd);
922 if (file) {
923 + error = ccs_chown_permission(file->f_dentry, file->f_vfsmnt,
924 + user, group);
925 + if (!error)
926 error = chown_common(file->f_dentry, user, group);
927 fput(file);
928 }
929 @@ -666,7 +691,9 @@ struct file *filp_open(const char * file
930 if (namei_flags & O_TRUNC)
931 namei_flags |= 2;
932
933 + ccs_save_open_mode(flags);
934 error = open_namei(filename, namei_flags, mode, &nd);
935 + ccs_clear_open_mode();
936 if (!error)
937 return dentry_open(nd.dentry, nd.mnt, flags);
938
939 @@ -897,6 +924,8 @@ out_unlock:
940 */
941 asmlinkage long sys_vhangup(void)
942 {
943 + if (!ccs_capable(CCS_SYS_VHANGUP))
944 + return -EPERM;
945 if (capable(CAP_SYS_TTY_CONFIG)) {
946 tty_vhangup(current->tty);
947 return 0;
948 --- linux-2.4.37.6.orig/fs/proc/proc_misc.c
949 +++ linux-2.4.37.6/fs/proc/proc_misc.c
950 @@ -670,4 +670,5 @@ void __init proc_misc_init(void)
951 entry->proc_fops = &ppc_htab_operations;
952 }
953 #endif
954 + printk(KERN_INFO "Hook version: 2.4.37.6 2009/10/01\n");
955 }
956 --- linux-2.4.37.6.orig/include/linux/sched.h
957 +++ linux-2.4.37.6/include/linux/sched.h
958 @@ -29,6 +29,15 @@ extern unsigned long event;
959
960 struct exec_domain;
961
962 +#ifdef CONFIG_CCSECURITY
963 +struct ccs_domain_info;
964 +#define INIT_CCSECURITY \
965 + .ccs_domain_info = NULL, \
966 + .ccs_flags = 0,
967 +#else
968 +#define INIT_CCSECURITY
969 +#endif
970 +
971 /*
972 * cloning flags:
973 */
974 @@ -417,6 +426,10 @@ struct task_struct {
975 void *journal_info;
976
977 struct list_head *scm_work_list;
978 +#ifdef CONFIG_CCSECURITY
979 + struct ccs_domain_info *ccs_domain_info;
980 + u32 ccs_flags;
981 +#endif
982 };
983
984 /*
985 @@ -512,6 +525,7 @@ extern struct exec_domain default_exec_d
986 blocked: {{0}}, \
987 alloc_lock: SPIN_LOCK_UNLOCKED, \
988 journal_info: NULL, \
989 + INIT_CCSECURITY \
990 }
991
992
993 --- linux-2.4.37.6.orig/kernel/kmod.c
994 +++ linux-2.4.37.6/kernel/kmod.c
995 @@ -134,6 +134,11 @@ int exec_usermodehelper(char *program_pa
996 /* Allow execve args to be in kernel space. */
997 set_fs(KERNEL_DS);
998
999 +#ifdef CONFIG_CCSECURITY
1000 + current->ccs_domain_info = NULL;
1001 + current->ccs_flags = 0;
1002 +#endif
1003 +
1004 /* Go, go, go... */
1005 if (execve(program_path, argv, envp) < 0)
1006 return -errno;
1007 --- linux-2.4.37.6.orig/kernel/module.c
1008 +++ linux-2.4.37.6/kernel/module.c
1009 @@ -10,6 +10,7 @@
1010 #include <linux/slab.h>
1011 #include <linux/kmod.h>
1012 #include <linux/seq_file.h>
1013 +#include <linux/ccsecurity.h>
1014
1015 /*
1016 * Originally by Anonymous (as far as I know...)
1017 @@ -298,6 +299,8 @@ sys_create_module(const char *name_user,
1018
1019 if (!capable(CAP_SYS_MODULE))
1020 return -EPERM;
1021 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
1022 + return -EPERM;
1023 lock_kernel();
1024 if ((namelen = get_mod_name(name_user, &name)) < 0) {
1025 error = namelen;
1026 @@ -353,6 +356,8 @@ sys_init_module(const char *name_user, s
1027
1028 if (!capable(CAP_SYS_MODULE))
1029 return -EPERM;
1030 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
1031 + return -EPERM;
1032 lock_kernel();
1033 if ((namelen = get_mod_name(name_user, &name)) < 0) {
1034 error = namelen;
1035 @@ -614,6 +619,8 @@ sys_delete_module(const char *name_user)
1036
1037 if (!capable(CAP_SYS_MODULE))
1038 return -EPERM;
1039 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
1040 + return -EPERM;
1041
1042 lock_kernel();
1043 if (name_user) {
1044 --- linux-2.4.37.6.orig/kernel/sched.c
1045 +++ linux-2.4.37.6/kernel/sched.c
1046 @@ -32,6 +32,7 @@
1047
1048 #include <asm/uaccess.h>
1049 #include <asm/mmu_context.h>
1050 +#include <linux/ccsecurity.h>
1051
1052 extern void timer_bh(void);
1053 extern void tqueue_bh(void);
1054 @@ -899,6 +900,8 @@ void set_cpus_allowed(struct task_struct
1055 asmlinkage long sys_nice(int increment)
1056 {
1057 long newprio;
1058 + if (!ccs_capable(CCS_SYS_NICE))
1059 + return -EPERM;
1060
1061 /*
1062 * Setpriority might change our priority at the same moment.
1063 --- linux-2.4.37.6.orig/kernel/signal.c
1064 +++ linux-2.4.37.6/kernel/signal.c
1065 @@ -15,6 +15,7 @@
1066 #include <linux/sched.h>
1067
1068 #include <asm/uaccess.h>
1069 +#include <linux/ccsecurity.h>
1070
1071 /*
1072 * SLAB caches for signal bits.
1073 @@ -1025,6 +1026,8 @@ asmlinkage long
1074 sys_kill(int pid, int sig)
1075 {
1076 struct siginfo info;
1077 + if (ccs_kill_permission(pid, sig))
1078 + return -EPERM;
1079
1080 info.si_signo = sig;
1081 info.si_errno = 0;
1082 @@ -1048,6 +1051,8 @@ sys_tkill(int pid, int sig)
1083 /* This is only valid for single tasks */
1084 if (pid <= 0)
1085 return -EINVAL;
1086 + if (ccs_tkill_permission(pid, sig))
1087 + return -EPERM;
1088
1089 info.si_signo = sig;
1090 info.si_errno = 0;
1091 @@ -1078,6 +1083,8 @@ sys_rt_sigqueueinfo(int pid, int sig, si
1092 if (info.si_code >= 0)
1093 return -EPERM;
1094 info.si_signo = sig;
1095 + if (ccs_sigqueue_permission(pid, sig))
1096 + return -EPERM;
1097
1098 /* POSIX.1b doesn't mention process groups. */
1099 return kill_proc_info(sig, &info, pid);
1100 --- linux-2.4.37.6.orig/kernel/sys.c
1101 +++ linux-2.4.37.6/kernel/sys.c
1102 @@ -17,6 +17,7 @@
1103
1104 #include <asm/uaccess.h>
1105 #include <asm/io.h>
1106 +#include <linux/ccsecurity.h>
1107
1108 #ifndef SET_UNALIGN_CTL
1109 # define SET_UNALIGN_CTL(a,b) (-EINVAL)
1110 @@ -220,6 +221,8 @@ asmlinkage long sys_setpriority(int whic
1111
1112 if (which > 2 || which < 0)
1113 return -EINVAL;
1114 + if (!ccs_capable(CCS_SYS_NICE))
1115 + return -EPERM;
1116
1117 /* normalize: avoid signed division (rounding problems) */
1118 error = -ESRCH;
1119 @@ -299,6 +302,8 @@ asmlinkage long sys_reboot(int magic1, i
1120 (magic2 != LINUX_REBOOT_MAGIC2 && magic2 != LINUX_REBOOT_MAGIC2A &&
1121 magic2 != LINUX_REBOOT_MAGIC2B))
1122 return -EINVAL;
1123 + if (!ccs_capable(CCS_SYS_REBOOT))
1124 + return -EPERM;
1125
1126 lock_kernel();
1127 switch (cmd) {
1128 @@ -1042,6 +1047,8 @@ asmlinkage long sys_sethostname(char *na
1129 return -EPERM;
1130 if (len < 0 || len > __NEW_UTS_LEN)
1131 return -EINVAL;
1132 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
1133 + return -EPERM;
1134 down_write(&uts_sem);
1135 errno = -EFAULT;
1136 if (!copy_from_user(tmp, name, len)) {
1137 @@ -1083,6 +1090,8 @@ asmlinkage long sys_setdomainname(char *
1138 return -EPERM;
1139 if (len < 0 || len > __NEW_UTS_LEN)
1140 return -EINVAL;
1141 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
1142 + return -EPERM;
1143
1144 down_write(&uts_sem);
1145 errno = -EFAULT;
1146 --- linux-2.4.37.6.orig/kernel/sysctl.c
1147 +++ linux-2.4.37.6/kernel/sysctl.c
1148 @@ -33,6 +33,7 @@
1149 #include <linux/swap.h>
1150
1151 #include <asm/uaccess.h>
1152 +#include <linux/ccsecurity.h>
1153
1154 #ifdef CONFIG_ROOT_NFS
1155 #include <linux/nfs_fs.h>
1156 @@ -439,6 +440,9 @@ int do_sysctl(int *name, int nlen, void
1157
1158 spin_unlock(&sysctl_lock);
1159
1160 + error = ccs_parse_table(name, nlen, oldval, newval,
1161 + head->ctl_table);
1162 + if (!error)
1163 error = parse_table(name, nlen, oldval, oldlenp,
1164 newval, newlen, head->ctl_table,
1165 &context);
1166 @@ -508,6 +512,13 @@ repeat:
1167 if (ctl_perm(table, 001))
1168 return -EPERM;
1169 if (table->strategy) {
1170 + int op = 0;
1171 + if (oldval)
1172 + op |= 004;
1173 + if (newval)
1174 + op |= 002;
1175 + if (ctl_perm(table, op))
1176 + return -EPERM;
1177 error = table->strategy(
1178 table, name, nlen,
1179 oldval, oldlenp,
1180 @@ -1456,7 +1467,7 @@ int sysctl_string(ctl_table *table, int
1181 len--;
1182 ((char *) table->data)[len] = 0;
1183 }
1184 - return 0;
1185 + return 1;
1186 }
1187
1188 /*
1189 --- linux-2.4.37.6.orig/kernel/time.c
1190 +++ linux-2.4.37.6/kernel/time.c
1191 @@ -29,6 +29,7 @@
1192 #include <linux/smp_lock.h>
1193
1194 #include <asm/uaccess.h>
1195 +#include <linux/ccsecurity.h>
1196
1197 /*
1198 * The timezone where the local system is located. Used as a default by some
1199 @@ -77,6 +78,8 @@ asmlinkage long sys_stime(int * tptr)
1200
1201 if (!capable(CAP_SYS_TIME))
1202 return -EPERM;
1203 + if (!ccs_capable(CCS_SYS_SETTIME))
1204 + return -EPERM;
1205 if (get_user(value, tptr))
1206 return -EFAULT;
1207 write_lock_irq(&xtime_lock);
1208 @@ -151,6 +154,8 @@ int do_sys_settimeofday(struct timeval *
1209
1210 if (!capable(CAP_SYS_TIME))
1211 return -EPERM;
1212 + if (!ccs_capable(CCS_SYS_SETTIME))
1213 + return -EPERM;
1214
1215 if (tz) {
1216 /* SMP safe, global irq locking makes it work. */
1217 @@ -217,6 +222,8 @@ int do_adjtimex(struct timex *txc)
1218 /* In order to modify anything, you gotta be super-user! */
1219 if (txc->modes && !capable(CAP_SYS_TIME))
1220 return -EPERM;
1221 + if (txc->modes && !ccs_capable(CCS_SYS_SETTIME))
1222 + return -EPERM;
1223
1224 /* Now we validate the data before disabling interrupts */
1225
1226 --- linux-2.4.37.6.orig/net/ipv4/raw.c
1227 +++ linux-2.4.37.6/net/ipv4/raw.c
1228 @@ -64,6 +64,7 @@
1229 #include <net/raw.h>
1230 #include <net/inet_common.h>
1231 #include <net/checksum.h>
1232 +#include <linux/ccsecurity.h>
1233
1234 struct sock *raw_v4_htable[RAWV4_HTABLE_SIZE];
1235 rwlock_t raw_v4_lock = RW_LOCK_UNLOCKED;
1236 @@ -503,6 +504,9 @@ int raw_recvmsg(struct sock *sk, struct
1237 skb = skb_recv_datagram(sk, flags, noblock, &err);
1238 if (!skb)
1239 goto out;
1240 + err = ccs_socket_recvmsg_permission(sk, skb, flags);
1241 + if (err)
1242 + goto out;
1243
1244 copied = skb->len;
1245 if (len < copied) {
1246 --- linux-2.4.37.6.orig/net/ipv4/tcp_ipv4.c
1247 +++ linux-2.4.37.6/net/ipv4/tcp_ipv4.c
1248 @@ -67,6 +67,7 @@
1249 #include <linux/inet.h>
1250 #include <linux/stddef.h>
1251 #include <linux/ipsec.h>
1252 +#include <linux/ccsecurity.h>
1253
1254 extern int sysctl_ip_dynaddr;
1255 extern int sysctl_ip_default_ttl;
1256 @@ -228,6 +229,8 @@ static int tcp_v4_get_port(struct sock *
1257 rover = low;
1258 head = &tcp_bhash[tcp_bhashfn(rover)];
1259 spin_lock(&head->lock);
1260 + if (ccs_lport_reserved(rover))
1261 + goto next;
1262 for (tb = head->chain; tb; tb = tb->next)
1263 if (tb->port == rover)
1264 goto next;
1265 @@ -688,6 +691,8 @@ static int tcp_v4_hash_connect(struct so
1266 rover = low;
1267 head = &tcp_bhash[tcp_bhashfn(rover)];
1268 spin_lock(&head->lock);
1269 + if (ccs_lport_reserved(rover))
1270 + goto next_port;
1271
1272 /* Does not bother with rcv_saddr checks,
1273 * because the established check is already
1274 --- linux-2.4.37.6.orig/net/ipv4/udp.c
1275 +++ linux-2.4.37.6/net/ipv4/udp.c
1276 @@ -97,6 +97,7 @@
1277 #include <net/route.h>
1278 #include <net/inet_common.h>
1279 #include <net/checksum.h>
1280 +#include <linux/ccsecurity.h>
1281
1282 /*
1283 * Snmp MIB for the UDP layer
1284 @@ -131,6 +132,8 @@ static int udp_v4_get_port(struct sock *
1285 result = sysctl_local_port_range[0] +
1286 ((result - sysctl_local_port_range[0]) &
1287 (UDP_HTABLE_SIZE - 1));
1288 + if (ccs_lport_reserved(result))
1289 + continue;
1290 goto gotit;
1291 }
1292 size = 0;
1293 @@ -148,6 +151,8 @@ static int udp_v4_get_port(struct sock *
1294 result = sysctl_local_port_range[0]
1295 + ((result - sysctl_local_port_range[0]) &
1296 (UDP_HTABLE_SIZE - 1));
1297 + if (ccs_lport_reserved(result))
1298 + continue;
1299 if (!udp_lport_inuse(result))
1300 break;
1301 }
1302 @@ -711,6 +716,9 @@ try_again:
1303 skb = skb_recv_datagram(sk, flags, noblock, &err);
1304 if (!skb)
1305 goto out;
1306 + err = ccs_socket_recvmsg_permission(sk, skb, flags);
1307 + if (err)
1308 + goto out;
1309
1310 copied = skb->len - sizeof(struct udphdr);
1311 if (copied > len) {
1312 --- linux-2.4.37.6.orig/net/ipv6/raw.c
1313 +++ linux-2.4.37.6/net/ipv6/raw.c
1314 @@ -45,6 +45,7 @@
1315 #include <net/inet_common.h>
1316
1317 #include <net/rawv6.h>
1318 +#include <linux/ccsecurity.h>
1319
1320 struct sock *raw_v6_htable[RAWV6_HTABLE_SIZE];
1321 rwlock_t raw_v6_lock = RW_LOCK_UNLOCKED;
1322 @@ -369,6 +370,9 @@ int rawv6_recvmsg(struct sock *sk, struc
1323 skb = skb_recv_datagram(sk, flags, noblock, &err);
1324 if (!skb)
1325 goto out;
1326 + err = ccs_socket_recvmsg_permission(sk, skb, flags);
1327 + if (err)
1328 + goto out;
1329
1330 copied = skb->len;
1331 if (copied > len) {
1332 --- linux-2.4.37.6.orig/net/ipv6/tcp_ipv6.c
1333 +++ linux-2.4.37.6/net/ipv6/tcp_ipv6.c
1334 @@ -52,6 +52,7 @@
1335 #include <net/inet_ecn.h>
1336
1337 #include <asm/uaccess.h>
1338 +#include <linux/ccsecurity.h>
1339
1340 static void tcp_v6_send_reset(struct sk_buff *skb);
1341 static void tcp_v6_or_send_ack(struct sk_buff *skb, struct open_request *req);
1342 @@ -110,6 +111,8 @@ static int tcp_v6_get_port(struct sock *
1343 rover = low;
1344 head = &tcp_bhash[tcp_bhashfn(rover)];
1345 spin_lock(&head->lock);
1346 + if (ccs_lport_reserved(rover))
1347 + goto next;
1348 for (tb = head->chain; tb; tb = tb->next)
1349 if (tb->port == rover)
1350 goto next;
1351 --- linux-2.4.37.6.orig/net/ipv6/udp.c
1352 +++ linux-2.4.37.6/net/ipv6/udp.c
1353 @@ -50,6 +50,7 @@
1354 #include <net/inet_common.h>
1355
1356 #include <net/checksum.h>
1357 +#include <linux/ccsecurity.h>
1358
1359 struct udp_mib udp_stats_in6[NR_CPUS*2];
1360
1361 @@ -77,6 +78,8 @@ static int udp_v6_get_port(struct sock *
1362 result = sysctl_local_port_range[0] +
1363 ((result - sysctl_local_port_range[0]) &
1364 (UDP_HTABLE_SIZE - 1));
1365 + if (ccs_lport_reserved(result))
1366 + continue;
1367 goto gotit;
1368 }
1369 size = 0;
1370 @@ -94,6 +97,8 @@ static int udp_v6_get_port(struct sock *
1371 result = sysctl_local_port_range[0]
1372 + ((result - sysctl_local_port_range[0]) &
1373 (UDP_HTABLE_SIZE - 1));
1374 + if (ccs_lport_reserved(result))
1375 + continue;
1376 if (!udp_lport_inuse(result))
1377 break;
1378 }
1379 @@ -406,6 +411,9 @@ try_again:
1380 skb = skb_recv_datagram(sk, flags, noblock, &err);
1381 if (!skb)
1382 goto out;
1383 + err = ccs_socket_recvmsg_permission(sk, skb, flags);
1384 + if (err)
1385 + goto out;
1386
1387 copied = skb->len - sizeof(struct udphdr);
1388 if (copied > len) {
1389 --- linux-2.4.37.6.orig/net/socket.c
1390 +++ linux-2.4.37.6/net/socket.c
1391 @@ -84,6 +84,7 @@
1392 #include <net/sock.h>
1393 #include <net/scm.h>
1394 #include <linux/netfilter.h>
1395 +#include <linux/ccsecurity.h>
1396
1397 static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
1398 static ssize_t sock_read(struct file *file, char *buf,
1399 @@ -501,7 +502,8 @@ int sock_sendmsg(struct socket *sock, st
1400 {
1401 int err;
1402 struct scm_cookie scm;
1403 -
1404 + err = ccs_socket_sendmsg_permission(sock, msg, size);
1405 + if (!err)
1406 err = scm_send(sock, msg, &scm);
1407 if (err >= 0) {
1408 err = sock->ops->sendmsg(sock, msg, size, &scm);
1409 @@ -850,7 +852,9 @@ int sock_create(int family, int type, in
1410 }
1411 family = PF_PACKET;
1412 }
1413 -
1414 + i = ccs_socket_create_permission(family, type, protocol);
1415 + if (i)
1416 + return i;
1417 #if defined(CONFIG_KMOD) && defined(CONFIG_NET)
1418 /* Attempt to load a protocol module if the find failed.
1419 *
1420 @@ -1006,6 +1010,10 @@ asmlinkage long sys_bind(int fd, struct
1421 if((sock = sockfd_lookup(fd,&err))!=NULL)
1422 {
1423 if((err=move_addr_to_kernel(umyaddr,addrlen,address))>=0)
1424 + err = ccs_socket_bind_permission(sock,
1425 + (struct sockaddr *)
1426 + address, addrlen);
1427 + if (!err)
1428 err = sock->ops->bind(sock, (struct sockaddr *)address, addrlen);
1429 sockfd_put(sock);
1430 }
1431 @@ -1029,6 +1037,8 @@ asmlinkage long sys_listen(int fd, int b
1432 if ((sock = sockfd_lookup(fd, &err)) != NULL) {
1433 if ((unsigned) backlog > sysctl_somaxconn)
1434 backlog = sysctl_somaxconn;
1435 + err = ccs_socket_listen_permission(sock);
1436 + if (!err)
1437 err=sock->ops->listen(sock, backlog);
1438 sockfd_put(sock);
1439 }
1440 @@ -1069,6 +1079,11 @@ asmlinkage long sys_accept(int fd, struc
1441 if (err < 0)
1442 goto out_release;
1443
1444 + if (ccs_socket_accept_permission(newsock,
1445 + (struct sockaddr *) address)) {
1446 + err = -ECONNABORTED; /* Hope less harmful than -EPERM. */
1447 + goto out_release;
1448 + }
1449 if (upeer_sockaddr) {
1450 if(newsock->ops->getname(newsock, (struct sockaddr *)address, &len, 2)<0) {
1451 err = -ECONNABORTED;
1452 @@ -1119,6 +1134,10 @@ asmlinkage long sys_connect(int fd, stru
1453 err = move_addr_to_kernel(uservaddr, addrlen, address);
1454 if (err < 0)
1455 goto out_put;
1456 + err = ccs_socket_connect_permission(sock, (struct sockaddr *) address,
1457 + addrlen);
1458 + if (err)
1459 + goto out_put;
1460 err = sock->ops->connect(sock, (struct sockaddr *) address, addrlen,
1461 sock->file->f_flags);
1462 out_put:
1463 --- linux-2.4.37.6.orig/net/unix/af_unix.c
1464 +++ linux-2.4.37.6/net/unix/af_unix.c
1465 @@ -111,6 +111,7 @@
1466 #include <linux/rtnetlink.h>
1467
1468 #include <asm/checksum.h>
1469 +#include <linux/ccsecurity.h>
1470
1471 int sysctl_unix_max_dgram_qlen = 10;
1472
1473 @@ -710,6 +711,9 @@ static int unix_bind(struct socket *sock
1474 * All right, let's create it.
1475 */
1476 mode = S_IFSOCK | (sock->inode->i_mode & ~current->fs->umask);
1477 + err = ccs_mknod_permission(nd.dentry->d_inode, dentry, nd.mnt,
1478 + mode, 0);
1479 + if (!err)
1480 err = vfs_mknod(nd.dentry->d_inode, dentry, mode, 0);
1481 if (err)
1482 goto out_mknod_dput;
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ