39 |
net/ipv6/inet6_hashtables.c | 3 +++ |
net/ipv6/inet6_hashtables.c | 3 +++ |
40 |
net/ipv6/raw.c | 4 ++++ |
net/ipv6/raw.c | 4 ++++ |
41 |
net/ipv6/udp.c | 4 ++++ |
net/ipv6/udp.c | 4 ++++ |
42 |
net/socket.c | 23 +++++++++++++++++++++++ |
net/socket.c | 21 +++++++++++++++++++++ |
43 |
net/unix/af_unix.c | 4 ++++ |
net/unix/af_unix.c | 4 ++++ |
44 |
security/Kconfig | 2 ++ |
security/Kconfig | 2 ++ |
45 |
security/Makefile | 3 +++ |
security/Makefile | 3 +++ |
46 |
41 files changed, 269 insertions(+), 3 deletions(-) |
41 files changed, 267 insertions(+), 3 deletions(-) |
47 |
|
|
48 |
--- linux-2.6.24-24.59.orig/arch/ia64/ia32/sys_ia32.c |
--- linux-2.6.24-24.59.orig/arch/ia64/ia32/sys_ia32.c |
49 |
+++ linux-2.6.24-24.59/arch/ia64/ia32/sys_ia32.c |
+++ linux-2.6.24-24.59/arch/ia64/ia32/sys_ia32.c |
666 |
entry->proc_fops = &proc_sysrq_trigger_operations; |
entry->proc_fops = &proc_sysrq_trigger_operations; |
667 |
} |
} |
668 |
#endif |
#endif |
669 |
+ printk(KERN_INFO "Hook version: 2.6.24-24.59 2009/09/24\n"); |
+ printk(KERN_INFO "Hook version: 2.6.24-24.59 2009/10/01\n"); |
670 |
} |
} |
671 |
--- linux-2.6.24-24.59.orig/include/linux/init_task.h |
--- linux-2.6.24-24.59.orig/include/linux/init_task.h |
672 |
+++ linux-2.6.24-24.59/include/linux/init_task.h |
+++ linux-2.6.24-24.59/include/linux/init_task.h |
1167 |
static int sock_no_open(struct inode *irrelevant, struct file *dontcare); |
static int sock_no_open(struct inode *irrelevant, struct file *dontcare); |
1168 |
static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov, |
static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov, |
1169 |
unsigned long nr_segs, loff_t pos); |
unsigned long nr_segs, loff_t pos); |
1170 |
@@ -551,6 +553,10 @@ static inline int __sock_sendmsg(struct |
@@ -551,6 +553,8 @@ static inline int __sock_sendmsg(struct |
1171 |
si->size = size; |
si->size = size; |
1172 |
|
|
1173 |
err = security_socket_sendmsg(sock, msg, size); |
err = security_socket_sendmsg(sock, msg, size); |
1174 |
+ if (!err) |
+ if (!err) |
1175 |
+ err = ccs_socket_sendmsg_permission(sock, (struct sockaddr *) |
+ err = ccs_socket_sendmsg_permission(sock, msg, size); |
|
+ msg->msg_name, |
|
|
+ msg->msg_namelen); |
|
1176 |
if (err) |
if (err) |
1177 |
return err; |
return err; |
1178 |
|
|
1179 |
@@ -1107,6 +1113,8 @@ static int __sock_create(struct net *net |
@@ -1107,6 +1111,8 @@ static int __sock_create(struct net *net |
1180 |
} |
} |
1181 |
|
|
1182 |
err = security_socket_create(family, type, protocol, kern); |
err = security_socket_create(family, type, protocol, kern); |
1185 |
if (err) |
if (err) |
1186 |
return err; |
return err; |
1187 |
|
|
1188 |
@@ -1338,6 +1346,11 @@ asmlinkage long sys_bind(int fd, struct |
@@ -1338,6 +1344,11 @@ asmlinkage long sys_bind(int fd, struct |
1189 |
(struct sockaddr *)address, |
(struct sockaddr *)address, |
1190 |
addrlen); |
addrlen); |
1191 |
if (!err) |
if (!err) |
1197 |
err = sock->ops->bind(sock, |
err = sock->ops->bind(sock, |
1198 |
(struct sockaddr *) |
(struct sockaddr *) |
1199 |
address, addrlen); |
address, addrlen); |
1200 |
@@ -1367,6 +1380,8 @@ asmlinkage long sys_listen(int fd, int b |
@@ -1367,6 +1378,8 @@ asmlinkage long sys_listen(int fd, int b |
1201 |
|
|
1202 |
err = security_socket_listen(sock, backlog); |
err = security_socket_listen(sock, backlog); |
1203 |
if (!err) |
if (!err) |
1206 |
err = sock->ops->listen(sock, backlog); |
err = sock->ops->listen(sock, backlog); |
1207 |
|
|
1208 |
fput_light(sock->file, fput_needed); |
fput_light(sock->file, fput_needed); |
1209 |
@@ -1430,6 +1445,11 @@ asmlinkage long sys_accept(int fd, struc |
@@ -1430,6 +1443,11 @@ asmlinkage long sys_accept(int fd, struc |
1210 |
if (err < 0) |
if (err < 0) |
1211 |
goto out_fd; |
goto out_fd; |
1212 |
|
|
1218 |
if (upeer_sockaddr) { |
if (upeer_sockaddr) { |
1219 |
if (newsock->ops->getname(newsock, (struct sockaddr *)address, |
if (newsock->ops->getname(newsock, (struct sockaddr *)address, |
1220 |
&len, 2) < 0) { |
&len, 2) < 0) { |
1221 |
@@ -1492,6 +1512,9 @@ asmlinkage long sys_connect(int fd, stru |
@@ -1492,6 +1510,9 @@ asmlinkage long sys_connect(int fd, stru |
1222 |
|
|
1223 |
err = |
err = |
1224 |
security_socket_connect(sock, (struct sockaddr *)address, addrlen); |
security_socket_connect(sock, (struct sockaddr *)address, addrlen); |