41 |
net/ipv6/inet6_hashtables.c | 3 +++ |
net/ipv6/inet6_hashtables.c | 3 +++ |
42 |
net/ipv6/raw.c | 4 ++++ |
net/ipv6/raw.c | 4 ++++ |
43 |
net/ipv6/udp.c | 4 ++++ |
net/ipv6/udp.c | 4 ++++ |
44 |
net/socket.c | 23 +++++++++++++++++++++++ |
net/socket.c | 21 +++++++++++++++++++++ |
45 |
net/unix/af_unix.c | 4 ++++ |
net/unix/af_unix.c | 4 ++++ |
46 |
security/Kconfig | 2 ++ |
security/Kconfig | 2 ++ |
47 |
security/Makefile | 3 +++ |
security/Makefile | 3 +++ |
48 |
43 files changed, 274 insertions(+), 3 deletions(-) |
43 files changed, 272 insertions(+), 3 deletions(-) |
49 |
|
|
50 |
--- linux-2.6.22.19-0.4.orig/arch/alpha/kernel/ptrace.c |
--- linux-2.6.22.19-0.4.orig/arch/alpha/kernel/ptrace.c |
51 |
+++ linux-2.6.22.19-0.4/arch/alpha/kernel/ptrace.c |
+++ linux-2.6.22.19-0.4/arch/alpha/kernel/ptrace.c |
704 |
entry->proc_fops = &proc_sysrq_trigger_operations; |
entry->proc_fops = &proc_sysrq_trigger_operations; |
705 |
} |
} |
706 |
#endif |
#endif |
707 |
+ printk(KERN_INFO "Hook version: 2.6.22.19-0.4 2009/09/24\n"); |
+ printk(KERN_INFO "Hook version: 2.6.22.19-0.4 2009/10/01\n"); |
708 |
} |
} |
709 |
--- linux-2.6.22.19-0.4.orig/include/linux/init_task.h |
--- linux-2.6.22.19-0.4.orig/include/linux/init_task.h |
710 |
+++ linux-2.6.22.19-0.4/include/linux/init_task.h |
+++ linux-2.6.22.19-0.4/include/linux/init_task.h |
1206 |
static int sock_no_open(struct inode *irrelevant, struct file *dontcare); |
static int sock_no_open(struct inode *irrelevant, struct file *dontcare); |
1207 |
static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov, |
static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov, |
1208 |
unsigned long nr_segs, loff_t pos); |
unsigned long nr_segs, loff_t pos); |
1209 |
@@ -551,6 +553,10 @@ static inline int __sock_sendmsg(struct |
@@ -551,6 +553,8 @@ static inline int __sock_sendmsg(struct |
1210 |
si->size = size; |
si->size = size; |
1211 |
|
|
1212 |
err = security_socket_sendmsg(sock, msg, size); |
err = security_socket_sendmsg(sock, msg, size); |
1213 |
+ if (!err) |
+ if (!err) |
1214 |
+ err = ccs_socket_sendmsg_permission(sock, (struct sockaddr *) |
+ err = ccs_socket_sendmsg_permission(sock, msg, size); |
|
+ msg->msg_name, |
|
|
+ msg->msg_namelen); |
|
1215 |
if (err) |
if (err) |
1216 |
return err; |
return err; |
1217 |
|
|
1218 |
@@ -1103,6 +1109,8 @@ static int __sock_create(int family, int |
@@ -1103,6 +1107,8 @@ static int __sock_create(int family, int |
1219 |
} |
} |
1220 |
|
|
1221 |
err = security_socket_create(family, type, protocol, kern); |
err = security_socket_create(family, type, protocol, kern); |
1224 |
if (err) |
if (err) |
1225 |
return err; |
return err; |
1226 |
|
|
1227 |
@@ -1334,6 +1342,11 @@ asmlinkage long sys_bind(int fd, struct |
@@ -1334,6 +1340,11 @@ asmlinkage long sys_bind(int fd, struct |
1228 |
(struct sockaddr *)address, |
(struct sockaddr *)address, |
1229 |
addrlen); |
addrlen); |
1230 |
if (!err) |
if (!err) |
1236 |
err = sock->ops->bind(sock, |
err = sock->ops->bind(sock, |
1237 |
(struct sockaddr *) |
(struct sockaddr *) |
1238 |
address, addrlen); |
address, addrlen); |
1239 |
@@ -1363,6 +1376,8 @@ asmlinkage long sys_listen(int fd, int b |
@@ -1363,6 +1374,8 @@ asmlinkage long sys_listen(int fd, int b |
1240 |
|
|
1241 |
err = security_socket_listen(sock, backlog); |
err = security_socket_listen(sock, backlog); |
1242 |
if (!err) |
if (!err) |
1245 |
err = sock->ops->listen(sock, backlog); |
err = sock->ops->listen(sock, backlog); |
1246 |
|
|
1247 |
fput_light(sock->file, fput_needed); |
fput_light(sock->file, fput_needed); |
1248 |
@@ -1426,6 +1441,11 @@ asmlinkage long sys_accept(int fd, struc |
@@ -1426,6 +1439,11 @@ asmlinkage long sys_accept(int fd, struc |
1249 |
if (err < 0) |
if (err < 0) |
1250 |
goto out_fd; |
goto out_fd; |
1251 |
|
|
1257 |
if (upeer_sockaddr) { |
if (upeer_sockaddr) { |
1258 |
if (newsock->ops->getname(newsock, (struct sockaddr *)address, |
if (newsock->ops->getname(newsock, (struct sockaddr *)address, |
1259 |
&len, 2) < 0) { |
&len, 2) < 0) { |
1260 |
@@ -1488,6 +1508,9 @@ asmlinkage long sys_connect(int fd, stru |
@@ -1488,6 +1506,9 @@ asmlinkage long sys_connect(int fd, stru |
1261 |
|
|
1262 |
err = |
err = |
1263 |
security_socket_connect(sock, (struct sockaddr *)address, addrlen); |
security_socket_connect(sock, (struct sockaddr *)address, addrlen); |