1 |
This is TOMOYO Linux patch for CentOS 6. |
This is TOMOYO Linux patch for CentOS 6. |
2 |
|
|
3 |
Source code for this patch is http://vault.centos.org/6.6/updates/Source/SPackages/kernel-2.6.32-504.1.3.el6.src.rpm |
Source code for this patch is http://vault.centos.org/6.6/updates/Source/SPackages/kernel-2.6.32-504.3.3.el6.src.rpm |
4 |
--- |
--- |
5 |
fs/compat.c | 2 +- |
fs/compat.c | 2 +- |
6 |
fs/compat_ioctl.c | 3 +++ |
fs/compat_ioctl.c | 3 +++ |
37 |
security/Makefile | 3 +++ |
security/Makefile | 3 +++ |
38 |
33 files changed, 201 insertions(+), 2 deletions(-) |
33 files changed, 201 insertions(+), 2 deletions(-) |
39 |
|
|
40 |
--- linux-2.6.32-504.1.3.el6.orig/fs/compat.c |
--- linux-2.6.32-504.3.3.el6.orig/fs/compat.c |
41 |
+++ linux-2.6.32-504.1.3.el6/fs/compat.c |
+++ linux-2.6.32-504.3.3.el6/fs/compat.c |
42 |
@@ -1523,7 +1523,7 @@ int compat_do_execve(const char * filena |
@@ -1523,7 +1523,7 @@ int compat_do_execve(const char * filena |
43 |
if (retval < 0) |
if (retval < 0) |
44 |
goto out; |
goto out; |
48 |
if (retval < 0) |
if (retval < 0) |
49 |
goto out; |
goto out; |
50 |
|
|
51 |
--- linux-2.6.32-504.1.3.el6.orig/fs/compat_ioctl.c |
--- linux-2.6.32-504.3.3.el6.orig/fs/compat_ioctl.c |
52 |
+++ linux-2.6.32-504.1.3.el6/fs/compat_ioctl.c |
+++ linux-2.6.32-504.3.3.el6/fs/compat_ioctl.c |
53 |
@@ -114,6 +114,7 @@ |
@@ -114,6 +114,7 @@ |
54 |
#ifdef CONFIG_SPARC |
#ifdef CONFIG_SPARC |
55 |
#include <asm/fbio.h> |
#include <asm/fbio.h> |
67 |
if (error) |
if (error) |
68 |
goto out_fput; |
goto out_fput; |
69 |
|
|
70 |
--- linux-2.6.32-504.1.3.el6.orig/fs/exec.c |
--- linux-2.6.32-504.3.3.el6.orig/fs/exec.c |
71 |
+++ linux-2.6.32-504.1.3.el6/fs/exec.c |
+++ linux-2.6.32-504.3.3.el6/fs/exec.c |
72 |
@@ -1461,7 +1461,7 @@ int do_execve(const char * filename, |
@@ -1461,7 +1461,7 @@ int do_execve(const char * filename, |
73 |
goto out; |
goto out; |
74 |
|
|
78 |
if (retval < 0) |
if (retval < 0) |
79 |
goto out; |
goto out; |
80 |
|
|
81 |
--- linux-2.6.32-504.1.3.el6.orig/fs/fcntl.c |
--- linux-2.6.32-504.3.3.el6.orig/fs/fcntl.c |
82 |
+++ linux-2.6.32-504.1.3.el6/fs/fcntl.c |
+++ linux-2.6.32-504.3.3.el6/fs/fcntl.c |
83 |
@@ -428,6 +428,8 @@ SYSCALL_DEFINE3(fcntl, unsigned int, fd, |
@@ -428,6 +428,8 @@ SYSCALL_DEFINE3(fcntl, unsigned int, fd, |
84 |
goto out; |
goto out; |
85 |
|
|
98 |
if (err) { |
if (err) { |
99 |
fput(filp); |
fput(filp); |
100 |
return err; |
return err; |
101 |
--- linux-2.6.32-504.1.3.el6.orig/fs/ioctl.c |
--- linux-2.6.32-504.3.3.el6.orig/fs/ioctl.c |
102 |
+++ linux-2.6.32-504.1.3.el6/fs/ioctl.c |
+++ linux-2.6.32-504.3.3.el6/fs/ioctl.c |
103 |
@@ -639,6 +639,8 @@ SYSCALL_DEFINE3(ioctl, unsigned int, fd, |
@@ -639,6 +639,8 @@ SYSCALL_DEFINE3(ioctl, unsigned int, fd, |
104 |
goto out; |
goto out; |
105 |
|
|
109 |
if (error) |
if (error) |
110 |
goto out_fput; |
goto out_fput; |
111 |
|
|
112 |
--- linux-2.6.32-504.1.3.el6.orig/fs/namei.c |
--- linux-2.6.32-504.3.3.el6.orig/fs/namei.c |
113 |
+++ linux-2.6.32-504.1.3.el6/fs/namei.c |
+++ linux-2.6.32-504.3.3.el6/fs/namei.c |
114 |
@@ -2040,6 +2040,11 @@ int may_open(struct path *path, int acc_ |
@@ -2040,6 +2040,11 @@ int may_open(struct path *path, int acc_ |
115 |
if (flag & O_NOATIME && !is_owner_or_cap(inode)) |
if (flag & O_NOATIME && !is_owner_or_cap(inode)) |
116 |
return -EPERM; |
return -EPERM; |
198 |
if (error) |
if (error) |
199 |
goto exit5; |
goto exit5; |
200 |
error = vfs_rename(old_dir->d_inode, old_dentry, |
error = vfs_rename(old_dir->d_inode, old_dentry, |
201 |
--- linux-2.6.32-504.1.3.el6.orig/fs/namespace.c |
--- linux-2.6.32-504.3.3.el6.orig/fs/namespace.c |
202 |
+++ linux-2.6.32-504.1.3.el6/fs/namespace.c |
+++ linux-2.6.32-504.3.3.el6/fs/namespace.c |
203 |
@@ -1097,6 +1097,8 @@ static int do_umount(struct vfsmount *mn |
@@ -1097,6 +1097,8 @@ static int do_umount(struct vfsmount *mn |
204 |
LIST_HEAD(umount_list); |
LIST_HEAD(umount_list); |
205 |
|
|
236 |
if (error) { |
if (error) { |
237 |
path_put(&old); |
path_put(&old); |
238 |
goto out1; |
goto out1; |
239 |
--- linux-2.6.32-504.1.3.el6.orig/fs/open.c |
--- linux-2.6.32-504.3.3.el6.orig/fs/open.c |
240 |
+++ linux-2.6.32-504.1.3.el6/fs/open.c |
+++ linux-2.6.32-504.3.3.el6/fs/open.c |
241 |
@@ -102,6 +102,8 @@ long vfs_truncate(struct path *path, lof |
@@ -102,6 +102,8 @@ long vfs_truncate(struct path *path, lof |
242 |
error = locks_verify_truncate(inode, NULL, length); |
error = locks_verify_truncate(inode, NULL, length); |
243 |
if (!error) |
if (!error) |
328 |
if (capable(CAP_SYS_TTY_CONFIG)) { |
if (capable(CAP_SYS_TTY_CONFIG)) { |
329 |
tty_vhangup_self(); |
tty_vhangup_self(); |
330 |
return 0; |
return 0; |
331 |
--- linux-2.6.32-504.1.3.el6.orig/fs/proc/version.c |
--- linux-2.6.32-504.3.3.el6.orig/fs/proc/version.c |
332 |
+++ linux-2.6.32-504.1.3.el6/fs/proc/version.c |
+++ linux-2.6.32-504.3.3.el6/fs/proc/version.c |
333 |
@@ -32,3 +32,10 @@ static int __init proc_version_init(void |
@@ -32,3 +32,10 @@ static int __init proc_version_init(void |
334 |
return 0; |
return 0; |
335 |
} |
} |
337 |
+ |
+ |
338 |
+static int __init ccs_show_version(void) |
+static int __init ccs_show_version(void) |
339 |
+{ |
+{ |
340 |
+ printk(KERN_INFO "Hook version: 2.6.32-504.1.3.el6 2014/11/19\n"); |
+ printk(KERN_INFO "Hook version: 2.6.32-504.3.3.el6 2015/01/12\n"); |
341 |
+ return 0; |
+ return 0; |
342 |
+} |
+} |
343 |
+module_init(ccs_show_version); |
+module_init(ccs_show_version); |
344 |
--- linux-2.6.32-504.1.3.el6.orig/fs/stat.c |
--- linux-2.6.32-504.3.3.el6.orig/fs/stat.c |
345 |
+++ linux-2.6.32-504.1.3.el6/fs/stat.c |
+++ linux-2.6.32-504.3.3.el6/fs/stat.c |
346 |
@@ -43,6 +43,8 @@ int vfs_getattr(struct vfsmount *mnt, st |
@@ -43,6 +43,8 @@ int vfs_getattr(struct vfsmount *mnt, st |
347 |
int retval; |
int retval; |
348 |
|
|
352 |
if (retval) |
if (retval) |
353 |
return retval; |
return retval; |
354 |
|
|
355 |
--- linux-2.6.32-504.1.3.el6.orig/include/linux/init_task.h |
--- linux-2.6.32-504.3.3.el6.orig/include/linux/init_task.h |
356 |
+++ linux-2.6.32-504.1.3.el6/include/linux/init_task.h |
+++ linux-2.6.32-504.3.3.el6/include/linux/init_task.h |
357 |
@@ -124,6 +124,14 @@ extern struct cred init_cred; |
@@ -124,6 +124,14 @@ extern struct cred init_cred; |
358 |
# define INIT_PERF_EVENTS(tsk) |
# define INIT_PERF_EVENTS(tsk) |
359 |
#endif |
#endif |
377 |
} |
} |
378 |
|
|
379 |
|
|
380 |
--- linux-2.6.32-504.1.3.el6.orig/include/linux/sched.h |
--- linux-2.6.32-504.3.3.el6.orig/include/linux/sched.h |
381 |
+++ linux-2.6.32-504.1.3.el6/include/linux/sched.h |
+++ linux-2.6.32-504.3.3.el6/include/linux/sched.h |
382 |
@@ -43,6 +43,8 @@ |
@@ -43,6 +43,8 @@ |
383 |
|
|
384 |
#ifdef __KERNEL__ |
#ifdef __KERNEL__ |
399 |
}; |
}; |
400 |
|
|
401 |
/* Future-safe accessor for struct task_struct's cpus_allowed. */ |
/* Future-safe accessor for struct task_struct's cpus_allowed. */ |
402 |
--- linux-2.6.32-504.1.3.el6.orig/include/linux/security.h |
--- linux-2.6.32-504.3.3.el6.orig/include/linux/security.h |
403 |
+++ linux-2.6.32-504.1.3.el6/include/linux/security.h |
+++ linux-2.6.32-504.3.3.el6/include/linux/security.h |
404 |
@@ -35,6 +35,7 @@ |
@@ -35,6 +35,7 @@ |
405 |
#include <linux/xfrm.h> |
#include <linux/xfrm.h> |
406 |
#include <linux/gfp.h> |
#include <linux/gfp.h> |
409 |
|
|
410 |
/* Maximum number of letters for an LSM name string */ |
/* Maximum number of letters for an LSM name string */ |
411 |
#define SECURITY_NAME_MAX 10 |
#define SECURITY_NAME_MAX 10 |
412 |
--- linux-2.6.32-504.1.3.el6.orig/include/net/ip.h |
--- linux-2.6.32-504.3.3.el6.orig/include/net/ip.h |
413 |
+++ linux-2.6.32-504.1.3.el6/include/net/ip.h |
+++ linux-2.6.32-504.3.3.el6/include/net/ip.h |
414 |
@@ -33,6 +33,7 @@ |
@@ -33,6 +33,7 @@ |
415 |
#endif |
#endif |
416 |
#include <net/snmp.h> |
#include <net/snmp.h> |
428 |
return test_bit(port, sysctl_local_reserved_ports); |
return test_bit(port, sysctl_local_reserved_ports); |
429 |
} |
} |
430 |
|
|
431 |
--- linux-2.6.32-504.1.3.el6.orig/kernel/compat.c |
--- linux-2.6.32-504.3.3.el6.orig/kernel/compat.c |
432 |
+++ linux-2.6.32-504.1.3.el6/kernel/compat.c |
+++ linux-2.6.32-504.3.3.el6/kernel/compat.c |
433 |
@@ -1005,6 +1005,8 @@ asmlinkage long compat_sys_stime(compat_ |
@@ -1005,6 +1005,8 @@ asmlinkage long compat_sys_stime(compat_ |
434 |
err = security_settime(&tv, NULL); |
err = security_settime(&tv, NULL); |
435 |
if (err) |
if (err) |
439 |
|
|
440 |
do_settimeofday(&tv); |
do_settimeofday(&tv); |
441 |
return 0; |
return 0; |
442 |
--- linux-2.6.32-504.1.3.el6.orig/kernel/fork.c |
--- linux-2.6.32-504.3.3.el6.orig/kernel/fork.c |
443 |
+++ linux-2.6.32-504.1.3.el6/kernel/fork.c |
+++ linux-2.6.32-504.3.3.el6/kernel/fork.c |
444 |
@@ -176,6 +176,7 @@ void __put_task_struct(struct task_struc |
@@ -176,6 +176,7 @@ void __put_task_struct(struct task_struc |
445 |
exit_creds(tsk); |
exit_creds(tsk); |
446 |
delayacct_tsk_free(tsk); |
delayacct_tsk_free(tsk); |
467 |
bad_fork_cleanup_policy: |
bad_fork_cleanup_policy: |
468 |
perf_event_free_task(p); |
perf_event_free_task(p); |
469 |
#ifdef CONFIG_NUMA |
#ifdef CONFIG_NUMA |
470 |
--- linux-2.6.32-504.1.3.el6.orig/kernel/kexec.c |
--- linux-2.6.32-504.3.3.el6.orig/kernel/kexec.c |
471 |
+++ linux-2.6.32-504.1.3.el6/kernel/kexec.c |
+++ linux-2.6.32-504.3.3.el6/kernel/kexec.c |
472 |
@@ -40,6 +40,7 @@ |
@@ -40,6 +40,7 @@ |
473 |
#include <asm/system.h> |
#include <asm/system.h> |
474 |
#include <asm/sections.h> |
#include <asm/sections.h> |
486 |
|
|
487 |
if (kexec_load_disabled) |
if (kexec_load_disabled) |
488 |
return -EPERM; |
return -EPERM; |
489 |
--- linux-2.6.32-504.1.3.el6.orig/kernel/module.c |
--- linux-2.6.32-504.3.3.el6.orig/kernel/module.c |
490 |
+++ linux-2.6.32-504.1.3.el6/kernel/module.c |
+++ linux-2.6.32-504.3.3.el6/kernel/module.c |
491 |
@@ -56,6 +56,7 @@ |
@@ -56,6 +56,7 @@ |
492 |
#include <linux/percpu.h> |
#include <linux/percpu.h> |
493 |
#include <linux/kmemleak.h> |
#include <linux/kmemleak.h> |
514 |
|
|
515 |
/* Only one module load at a time, please */ |
/* Only one module load at a time, please */ |
516 |
if (mutex_lock_interruptible(&module_mutex) != 0) |
if (mutex_lock_interruptible(&module_mutex) != 0) |
517 |
--- linux-2.6.32-504.1.3.el6.orig/kernel/ptrace.c |
--- linux-2.6.32-504.3.3.el6.orig/kernel/ptrace.c |
518 |
+++ linux-2.6.32-504.1.3.el6/kernel/ptrace.c |
+++ linux-2.6.32-504.3.3.el6/kernel/ptrace.c |
519 |
@@ -195,6 +195,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l |
@@ -195,6 +195,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l |
520 |
{ |
{ |
521 |
struct task_struct *child; |
struct task_struct *child; |
540 |
|
|
541 |
if (request == PTRACE_TRACEME) { |
if (request == PTRACE_TRACEME) { |
542 |
ret = ptrace_traceme(); |
ret = ptrace_traceme(); |
543 |
--- linux-2.6.32-504.1.3.el6.orig/kernel/sched.c |
--- linux-2.6.32-504.3.3.el6.orig/kernel/sched.c |
544 |
+++ linux-2.6.32-504.1.3.el6/kernel/sched.c |
+++ linux-2.6.32-504.3.3.el6/kernel/sched.c |
545 |
@@ -6819,6 +6819,8 @@ int can_nice(const struct task_struct *p |
@@ -6819,6 +6819,8 @@ int can_nice(const struct task_struct *p |
546 |
SYSCALL_DEFINE1(nice, int, increment) |
SYSCALL_DEFINE1(nice, int, increment) |
547 |
{ |
{ |
551 |
|
|
552 |
/* |
/* |
553 |
* Setpriority might change our priority at the same moment. |
* Setpriority might change our priority at the same moment. |
554 |
--- linux-2.6.32-504.1.3.el6.orig/kernel/signal.c |
--- linux-2.6.32-504.3.3.el6.orig/kernel/signal.c |
555 |
+++ linux-2.6.32-504.1.3.el6/kernel/signal.c |
+++ linux-2.6.32-504.3.3.el6/kernel/signal.c |
556 |
@@ -2302,6 +2302,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s |
@@ -2302,6 +2302,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s |
557 |
SYSCALL_DEFINE2(kill, pid_t, pid, int, sig) |
SYSCALL_DEFINE2(kill, pid_t, pid, int, sig) |
558 |
{ |
{ |
598 |
|
|
599 |
return do_send_specific(tgid, pid, sig, info); |
return do_send_specific(tgid, pid, sig, info); |
600 |
} |
} |
601 |
--- linux-2.6.32-504.1.3.el6.orig/kernel/sys.c |
--- linux-2.6.32-504.3.3.el6.orig/kernel/sys.c |
602 |
+++ linux-2.6.32-504.1.3.el6/kernel/sys.c |
+++ linux-2.6.32-504.3.3.el6/kernel/sys.c |
603 |
@@ -157,6 +157,10 @@ SYSCALL_DEFINE3(setpriority, int, which, |
@@ -157,6 +157,10 @@ SYSCALL_DEFINE3(setpriority, int, which, |
604 |
|
|
605 |
if (which > PRIO_USER || which < PRIO_PROCESS) |
if (which > PRIO_USER || which < PRIO_PROCESS) |
638 |
|
|
639 |
down_write(&uts_sem); |
down_write(&uts_sem); |
640 |
errno = -EFAULT; |
errno = -EFAULT; |
641 |
--- linux-2.6.32-504.1.3.el6.orig/kernel/sysctl.c |
--- linux-2.6.32-504.3.3.el6.orig/kernel/sysctl.c |
642 |
+++ linux-2.6.32-504.1.3.el6/kernel/sysctl.c |
+++ linux-2.6.32-504.3.3.el6/kernel/sysctl.c |
643 |
@@ -2073,6 +2073,9 @@ int do_sysctl(int __user *name, int nlen |
@@ -2073,6 +2073,9 @@ int do_sysctl(int __user *name, int nlen |
644 |
|
|
645 |
for (head = sysctl_head_next(NULL); head; |
for (head = sysctl_head_next(NULL); head; |
650 |
error = parse_table(name, nlen, oldval, oldlenp, |
error = parse_table(name, nlen, oldval, oldlenp, |
651 |
newval, newlen, |
newval, newlen, |
652 |
head->root, head->ctl_table); |
head->root, head->ctl_table); |
653 |
--- linux-2.6.32-504.1.3.el6.orig/kernel/time.c |
--- linux-2.6.32-504.3.3.el6.orig/kernel/time.c |
654 |
+++ linux-2.6.32-504.1.3.el6/kernel/time.c |
+++ linux-2.6.32-504.3.3.el6/kernel/time.c |
655 |
@@ -92,6 +92,8 @@ SYSCALL_DEFINE1(stime, time_t __user *, |
@@ -92,6 +92,8 @@ SYSCALL_DEFINE1(stime, time_t __user *, |
656 |
err = security_settime(&tv, NULL); |
err = security_settime(&tv, NULL); |
657 |
if (err) |
if (err) |
670 |
|
|
671 |
if (tz) { |
if (tz) { |
672 |
/* SMP safe, global irq locking makes it work. */ |
/* SMP safe, global irq locking makes it work. */ |
673 |
--- linux-2.6.32-504.1.3.el6.orig/kernel/time/ntp.c |
--- linux-2.6.32-504.3.3.el6.orig/kernel/time/ntp.c |
674 |
+++ linux-2.6.32-504.1.3.el6/kernel/time/ntp.c |
+++ linux-2.6.32-504.3.3.el6/kernel/time/ntp.c |
675 |
@@ -14,6 +14,7 @@ |
@@ -14,6 +14,7 @@ |
676 |
#include <linux/timex.h> |
#include <linux/timex.h> |
677 |
#include <linux/time.h> |
#include <linux/time.h> |
696 |
|
|
697 |
/* |
/* |
698 |
* if the quartz is off by more than 10% then |
* if the quartz is off by more than 10% then |
699 |
--- linux-2.6.32-504.1.3.el6.orig/net/ipv4/raw.c |
--- linux-2.6.32-504.3.3.el6.orig/net/ipv4/raw.c |
700 |
+++ linux-2.6.32-504.1.3.el6/net/ipv4/raw.c |
+++ linux-2.6.32-504.3.3.el6/net/ipv4/raw.c |
701 |
@@ -77,6 +77,7 @@ |
@@ -77,6 +77,7 @@ |
702 |
#include <linux/seq_file.h> |
#include <linux/seq_file.h> |
703 |
#include <linux/netfilter.h> |
#include <linux/netfilter.h> |
717 |
|
|
718 |
copied = skb->len; |
copied = skb->len; |
719 |
if (len < copied) { |
if (len < copied) { |
720 |
--- linux-2.6.32-504.1.3.el6.orig/net/ipv4/udp.c |
--- linux-2.6.32-504.3.3.el6.orig/net/ipv4/udp.c |
721 |
+++ linux-2.6.32-504.1.3.el6/net/ipv4/udp.c |
+++ linux-2.6.32-504.3.3.el6/net/ipv4/udp.c |
722 |
@@ -108,6 +108,7 @@ |
@@ -108,6 +108,7 @@ |
723 |
#include <trace/events/udp.h> |
#include <trace/events/udp.h> |
724 |
#include <net/busy_poll.h> |
#include <net/busy_poll.h> |
738 |
|
|
739 |
ulen = skb->len - sizeof(struct udphdr); |
ulen = skb->len - sizeof(struct udphdr); |
740 |
copied = len; |
copied = len; |
741 |
--- linux-2.6.32-504.1.3.el6.orig/net/ipv6/raw.c |
--- linux-2.6.32-504.3.3.el6.orig/net/ipv6/raw.c |
742 |
+++ linux-2.6.32-504.1.3.el6/net/ipv6/raw.c |
+++ linux-2.6.32-504.3.3.el6/net/ipv6/raw.c |
743 |
@@ -59,6 +59,7 @@ |
@@ -59,6 +59,7 @@ |
744 |
|
|
745 |
#include <linux/proc_fs.h> |
#include <linux/proc_fs.h> |
759 |
|
|
760 |
copied = skb->len; |
copied = skb->len; |
761 |
if (copied > len) { |
if (copied > len) { |
762 |
--- linux-2.6.32-504.1.3.el6.orig/net/ipv6/udp.c |
--- linux-2.6.32-504.3.3.el6.orig/net/ipv6/udp.c |
763 |
+++ linux-2.6.32-504.1.3.el6/net/ipv6/udp.c |
+++ linux-2.6.32-504.3.3.el6/net/ipv6/udp.c |
764 |
@@ -50,6 +50,7 @@ |
@@ -50,6 +50,7 @@ |
765 |
#include <linux/proc_fs.h> |
#include <linux/proc_fs.h> |
766 |
#include <linux/seq_file.h> |
#include <linux/seq_file.h> |
780 |
|
|
781 |
ulen = skb->len - sizeof(struct udphdr); |
ulen = skb->len - sizeof(struct udphdr); |
782 |
copied = len; |
copied = len; |
783 |
--- linux-2.6.32-504.1.3.el6.orig/net/socket.c |
--- linux-2.6.32-504.3.3.el6.orig/net/socket.c |
784 |
+++ linux-2.6.32-504.1.3.el6/net/socket.c |
+++ linux-2.6.32-504.3.3.el6/net/socket.c |
785 |
@@ -578,6 +578,8 @@ static inline int __sock_sendmsg(struct |
@@ -578,6 +578,8 @@ static inline int __sock_sendmsg(struct |
786 |
struct msghdr *msg, size_t size) |
struct msghdr *msg, size_t size) |
787 |
{ |
{ |
842 |
if (err) |
if (err) |
843 |
goto out_put; |
goto out_put; |
844 |
|
|
845 |
--- linux-2.6.32-504.1.3.el6.orig/net/unix/af_unix.c |
--- linux-2.6.32-504.3.3.el6.orig/net/unix/af_unix.c |
846 |
+++ linux-2.6.32-504.1.3.el6/net/unix/af_unix.c |
+++ linux-2.6.32-504.3.3.el6/net/unix/af_unix.c |
847 |
@@ -866,6 +866,9 @@ static int unix_bind(struct socket *sock |
@@ -866,6 +866,9 @@ static int unix_bind(struct socket *sock |
848 |
mode = S_IFSOCK | |
mode = S_IFSOCK | |
849 |
(SOCK_INODE(sock)->i_mode & ~current_umask()); |
(SOCK_INODE(sock)->i_mode & ~current_umask()); |
865 |
if (msg->msg_name) |
if (msg->msg_name) |
866 |
unix_copy_addr(msg, skb->sk); |
unix_copy_addr(msg, skb->sk); |
867 |
|
|
868 |
--- linux-2.6.32-504.1.3.el6.orig/security/Kconfig |
--- linux-2.6.32-504.3.3.el6.orig/security/Kconfig |
869 |
+++ linux-2.6.32-504.1.3.el6/security/Kconfig |
+++ linux-2.6.32-504.3.3.el6/security/Kconfig |
870 |
@@ -177,5 +177,7 @@ source security/tomoyo/Kconfig |
@@ -177,5 +177,7 @@ source security/tomoyo/Kconfig |
871 |
|
|
872 |
source security/integrity/ima/Kconfig |
source security/integrity/ima/Kconfig |
875 |
+ |
+ |
876 |
endmenu |
endmenu |
877 |
|
|
878 |
--- linux-2.6.32-504.1.3.el6.orig/security/Makefile |
--- linux-2.6.32-504.3.3.el6.orig/security/Makefile |
879 |
+++ linux-2.6.32-504.1.3.el6/security/Makefile |
+++ linux-2.6.32-504.3.3.el6/security/Makefile |
880 |
@@ -25,3 +25,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_c |
@@ -25,3 +25,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_c |
881 |
# Object integrity file lists |
# Object integrity file lists |
882 |
subdir-$(CONFIG_IMA) += integrity/ima |
subdir-$(CONFIG_IMA) += integrity/ima |