オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.8.x/ccs-patch/patches/ccs-patch-3.14.diff

Diff of /trunk/1.8.x/ccs-patch/patches/ccs-patch-3.14.diff

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 6371 by kumaneko, Mon Dec 22 12:51:38 2014 UTC revision 6372 by kumaneko, Mon Jan 12 12:25:54 2015 UTC
# Line 1  Line 1 
1  This is TOMOYO Linux patch for kernel 3.14.27.  This is TOMOYO Linux patch for kernel 3.14.28.
2    
3  Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.14.27.tar.xz  Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.14.28.tar.xz
4  ---  ---
5   fs/exec.c                 |    2   fs/exec.c                 |    2
6   fs/open.c                 |    2   fs/open.c                 |    2
# Line 29  Source code for this patch is https://ww Line 29  Source code for this patch is https://ww
29   security/security.c       |  107 ++++++++++++++++++++++++++++++++++++++++------   security/security.c       |  107 ++++++++++++++++++++++++++++++++++++++++------
30   25 files changed, 236 insertions(+), 37 deletions(-)   25 files changed, 236 insertions(+), 37 deletions(-)
31    
32  --- linux-3.14.27.orig/fs/exec.c  --- linux-3.14.28.orig/fs/exec.c
33  +++ linux-3.14.27/fs/exec.c  +++ linux-3.14.28/fs/exec.c
34  @@ -1426,7 +1426,7 @@ static int exec_binprm(struct linux_binp  @@ -1426,7 +1426,7 @@ static int exec_binprm(struct linux_binp
35          old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent));          old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent));
36          rcu_read_unlock();          rcu_read_unlock();
# Line 40  Source code for this patch is https://ww Line 40  Source code for this patch is https://ww
40          if (ret >= 0) {          if (ret >= 0) {
41                  audit_bprm(bprm);                  audit_bprm(bprm);
42                  trace_sched_process_exec(current, old_pid, bprm);                  trace_sched_process_exec(current, old_pid, bprm);
43  --- linux-3.14.27.orig/fs/open.c  --- linux-3.14.28.orig/fs/open.c
44  +++ linux-3.14.27/fs/open.c  +++ linux-3.14.28/fs/open.c
45  @@ -1070,6 +1070,8 @@ EXPORT_SYMBOL(sys_close);  @@ -1070,6 +1070,8 @@ EXPORT_SYMBOL(sys_close);
46    */    */
47   SYSCALL_DEFINE0(vhangup)   SYSCALL_DEFINE0(vhangup)
# Line 51  Source code for this patch is https://ww Line 51  Source code for this patch is https://ww
51          if (capable(CAP_SYS_TTY_CONFIG)) {          if (capable(CAP_SYS_TTY_CONFIG)) {
52                  tty_vhangup_self();                  tty_vhangup_self();
53                  return 0;                  return 0;
54  --- linux-3.14.27.orig/fs/proc/version.c  --- linux-3.14.28.orig/fs/proc/version.c
55  +++ linux-3.14.27/fs/proc/version.c  +++ linux-3.14.28/fs/proc/version.c
56  @@ -32,3 +32,10 @@ static int __init proc_version_init(void  @@ -32,3 +32,10 @@ static int __init proc_version_init(void
57          return 0;          return 0;
58   }   }
# Line 60  Source code for this patch is https://ww Line 60  Source code for this patch is https://ww
60  +  +
61  +static int __init ccs_show_version(void)  +static int __init ccs_show_version(void)
62  +{  +{
63  +       printk(KERN_INFO "Hook version: 3.14.27 2014/12/22\n");  +       printk(KERN_INFO "Hook version: 3.14.28 2015/01/12\n");
64  +       return 0;  +       return 0;
65  +}  +}
66  +fs_initcall(ccs_show_version);  +fs_initcall(ccs_show_version);
67  --- linux-3.14.27.orig/include/linux/init_task.h  --- linux-3.14.28.orig/include/linux/init_task.h
68  +++ linux-3.14.27/include/linux/init_task.h  +++ linux-3.14.28/include/linux/init_task.h
69  @@ -164,6 +164,14 @@ extern struct task_group root_task_group  @@ -164,6 +164,14 @@ extern struct task_group root_task_group
70   # define INIT_RT_MUTEXES(tsk)   # define INIT_RT_MUTEXES(tsk)
71   #endif   #endif
# Line 89  Source code for this patch is https://ww Line 89  Source code for this patch is https://ww
89   }   }
90    
91    
92  --- linux-3.14.27.orig/include/linux/sched.h  --- linux-3.14.28.orig/include/linux/sched.h
93  +++ linux-3.14.27/include/linux/sched.h  +++ linux-3.14.28/include/linux/sched.h
94  @@ -4,6 +4,8 @@  @@ -4,6 +4,8 @@
95   #include <uapi/linux/sched.h>   #include <uapi/linux/sched.h>
96    
# Line 111  Source code for this patch is https://ww Line 111  Source code for this patch is https://ww
111   };   };
112    
113   /* Future-safe accessor for struct task_struct's cpus_allowed. */   /* Future-safe accessor for struct task_struct's cpus_allowed. */
114  --- linux-3.14.27.orig/include/linux/security.h  --- linux-3.14.28.orig/include/linux/security.h
115  +++ linux-3.14.27/include/linux/security.h  +++ linux-3.14.28/include/linux/security.h
116  @@ -53,6 +53,7 @@ struct msg_queue;  @@ -53,6 +53,7 @@ struct msg_queue;
117   struct xattr;   struct xattr;
118   struct xfrm_sec_ctx;   struct xfrm_sec_ctx;
# Line 314  Source code for this patch is https://ww Line 314  Source code for this patch is https://ww
314   }   }
315   #endif /* CONFIG_SECURITY_PATH */   #endif /* CONFIG_SECURITY_PATH */
316    
317  --- linux-3.14.27.orig/include/net/ip.h  --- linux-3.14.28.orig/include/net/ip.h
318  +++ linux-3.14.27/include/net/ip.h  +++ linux-3.14.28/include/net/ip.h
319  @@ -217,6 +217,8 @@ void inet_get_local_port_range(struct ne  @@ -217,6 +217,8 @@ void inet_get_local_port_range(struct ne
320   extern unsigned long *sysctl_local_reserved_ports;   extern unsigned long *sysctl_local_reserved_ports;
321   static inline int inet_is_reserved_local_port(int port)   static inline int inet_is_reserved_local_port(int port)
# Line 325  Source code for this patch is https://ww Line 325  Source code for this patch is https://ww
325          return test_bit(port, sysctl_local_reserved_ports);          return test_bit(port, sysctl_local_reserved_ports);
326   }   }
327    
328  --- linux-3.14.27.orig/kernel/fork.c  --- linux-3.14.28.orig/kernel/fork.c
329  +++ linux-3.14.27/kernel/fork.c  +++ linux-3.14.28/kernel/fork.c
330  @@ -244,6 +244,7 @@ void __put_task_struct(struct task_struc  @@ -244,6 +244,7 @@ void __put_task_struct(struct task_struc
331          delayacct_tsk_free(tsk);          delayacct_tsk_free(tsk);
332          put_signal_struct(tsk->signal);          put_signal_struct(tsk->signal);
# Line 353  Source code for this patch is https://ww Line 353  Source code for this patch is https://ww
353   bad_fork_cleanup_perf:   bad_fork_cleanup_perf:
354          perf_event_free_task(p);          perf_event_free_task(p);
355   bad_fork_cleanup_policy:   bad_fork_cleanup_policy:
356  --- linux-3.14.27.orig/kernel/kexec.c  --- linux-3.14.28.orig/kernel/kexec.c
357  +++ linux-3.14.27/kernel/kexec.c  +++ linux-3.14.28/kernel/kexec.c
358  @@ -37,6 +37,7 @@  @@ -37,6 +37,7 @@
359   #include <asm/uaccess.h>   #include <asm/uaccess.h>
360   #include <asm/io.h>   #include <asm/io.h>
# Line 372  Source code for this patch is https://ww Line 372  Source code for this patch is https://ww
372    
373          /*          /*
374           * Verify we have a legal set of flags           * Verify we have a legal set of flags
375  --- linux-3.14.27.orig/kernel/module.c  --- linux-3.14.28.orig/kernel/module.c
376  +++ linux-3.14.27/kernel/module.c  +++ linux-3.14.28/kernel/module.c
377  @@ -63,6 +63,7 @@  @@ -63,6 +63,7 @@
378   #include <linux/fips.h>   #include <linux/fips.h>
379   #include <uapi/linux/module.h>   #include <uapi/linux/module.h>
# Line 400  Source code for this patch is https://ww Line 400  Source code for this patch is https://ww
400    
401          return 0;          return 0;
402   }   }
403  --- linux-3.14.27.orig/kernel/ptrace.c  --- linux-3.14.28.orig/kernel/ptrace.c
404  +++ linux-3.14.27/kernel/ptrace.c  +++ linux-3.14.28/kernel/ptrace.c
405  @@ -1038,6 +1038,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l  @@ -1038,6 +1038,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l
406   {   {
407          struct task_struct *child;          struct task_struct *child;
# Line 426  Source code for this patch is https://ww Line 426  Source code for this patch is https://ww
426    
427          if (request == PTRACE_TRACEME) {          if (request == PTRACE_TRACEME) {
428                  ret = ptrace_traceme();                  ret = ptrace_traceme();
429  --- linux-3.14.27.orig/kernel/reboot.c  --- linux-3.14.28.orig/kernel/reboot.c
430  +++ linux-3.14.27/kernel/reboot.c  +++ linux-3.14.28/kernel/reboot.c
431  @@ -16,6 +16,7 @@  @@ -16,6 +16,7 @@
432   #include <linux/syscalls.h>   #include <linux/syscalls.h>
433   #include <linux/syscore_ops.h>   #include <linux/syscore_ops.h>
# Line 445  Source code for this patch is https://ww Line 445  Source code for this patch is https://ww
445    
446          /*          /*
447           * If pid namespaces are enabled and the current task is in a child           * If pid namespaces are enabled and the current task is in a child
448  --- linux-3.14.27.orig/kernel/sched/core.c  --- linux-3.14.28.orig/kernel/sched/core.c
449  +++ linux-3.14.27/kernel/sched/core.c  +++ linux-3.14.28/kernel/sched/core.c
450  @@ -3069,6 +3069,8 @@ int can_nice(const struct task_struct *p  @@ -3069,6 +3069,8 @@ int can_nice(const struct task_struct *p
451   SYSCALL_DEFINE1(nice, int, increment)   SYSCALL_DEFINE1(nice, int, increment)
452   {   {
# Line 456  Source code for this patch is https://ww Line 456  Source code for this patch is https://ww
456    
457          /*          /*
458           * Setpriority might change our priority at the same moment.           * Setpriority might change our priority at the same moment.
459  --- linux-3.14.27.orig/kernel/signal.c  --- linux-3.14.28.orig/kernel/signal.c
460  +++ linux-3.14.27/kernel/signal.c  +++ linux-3.14.28/kernel/signal.c
461  @@ -2909,6 +2909,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s  @@ -2909,6 +2909,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s
462   SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)   SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)
463   {   {
# Line 503  Source code for this patch is https://ww Line 503  Source code for this patch is https://ww
503    
504          return do_send_specific(tgid, pid, sig, info);          return do_send_specific(tgid, pid, sig, info);
505   }   }
506  --- linux-3.14.27.orig/kernel/sys.c  --- linux-3.14.28.orig/kernel/sys.c
507  +++ linux-3.14.27/kernel/sys.c  +++ linux-3.14.28/kernel/sys.c
508  @@ -171,6 +171,10 @@ SYSCALL_DEFINE3(setpriority, int, which,  @@ -171,6 +171,10 @@ SYSCALL_DEFINE3(setpriority, int, which,
509    
510          if (which > PRIO_USER || which < PRIO_PROCESS)          if (which > PRIO_USER || which < PRIO_PROCESS)
# Line 534  Source code for this patch is https://ww Line 534  Source code for this patch is https://ww
534    
535          down_write(&uts_sem);          down_write(&uts_sem);
536          errno = -EFAULT;          errno = -EFAULT;
537  --- linux-3.14.27.orig/kernel/time/ntp.c  --- linux-3.14.28.orig/kernel/time/ntp.c
538  +++ linux-3.14.27/kernel/time/ntp.c  +++ linux-3.14.28/kernel/time/ntp.c
539  @@ -16,6 +16,7 @@  @@ -16,6 +16,7 @@
540   #include <linux/mm.h>   #include <linux/mm.h>
541   #include <linux/module.h>   #include <linux/module.h>
# Line 569  Source code for this patch is https://ww Line 569  Source code for this patch is https://ww
569    
570          return 0;          return 0;
571   }   }
572  --- linux-3.14.27.orig/net/ipv4/raw.c  --- linux-3.14.28.orig/net/ipv4/raw.c
573  +++ linux-3.14.27/net/ipv4/raw.c  +++ linux-3.14.28/net/ipv4/raw.c
574  @@ -704,6 +704,10 @@ static int raw_recvmsg(struct kiocb *ioc  @@ -704,6 +704,10 @@ static int raw_recvmsg(struct kiocb *ioc
575          skb = skb_recv_datagram(sk, flags, noblock, &err);          skb = skb_recv_datagram(sk, flags, noblock, &err);
576          if (!skb)          if (!skb)
# Line 582  Source code for this patch is https://ww Line 582  Source code for this patch is https://ww
582    
583          copied = skb->len;          copied = skb->len;
584          if (len < copied) {          if (len < copied) {
585  --- linux-3.14.27.orig/net/ipv4/udp.c  --- linux-3.14.28.orig/net/ipv4/udp.c
586  +++ linux-3.14.27/net/ipv4/udp.c  +++ linux-3.14.28/net/ipv4/udp.c
587  @@ -1242,6 +1242,10 @@ try_again:  @@ -1242,6 +1242,10 @@ try_again:
588                                    &peeked, &off, &err);                                    &peeked, &off, &err);
589          if (!skb)          if (!skb)
# Line 595  Source code for this patch is https://ww Line 595  Source code for this patch is https://ww
595    
596          ulen = skb->len - sizeof(struct udphdr);          ulen = skb->len - sizeof(struct udphdr);
597          copied = len;          copied = len;
598  --- linux-3.14.27.orig/net/ipv6/raw.c  --- linux-3.14.28.orig/net/ipv6/raw.c
599  +++ linux-3.14.27/net/ipv6/raw.c  +++ linux-3.14.28/net/ipv6/raw.c
600  @@ -478,6 +478,10 @@ static int rawv6_recvmsg(struct kiocb *i  @@ -478,6 +478,10 @@ static int rawv6_recvmsg(struct kiocb *i
601          skb = skb_recv_datagram(sk, flags, noblock, &err);          skb = skb_recv_datagram(sk, flags, noblock, &err);
602          if (!skb)          if (!skb)
# Line 608  Source code for this patch is https://ww Line 608  Source code for this patch is https://ww
608    
609          copied = skb->len;          copied = skb->len;
610          if (copied > len) {          if (copied > len) {
611  --- linux-3.14.27.orig/net/ipv6/udp.c  --- linux-3.14.28.orig/net/ipv6/udp.c
612  +++ linux-3.14.27/net/ipv6/udp.c  +++ linux-3.14.28/net/ipv6/udp.c
613  @@ -403,6 +403,10 @@ try_again:  @@ -403,6 +403,10 @@ try_again:
614                                    &peeked, &off, &err);                                    &peeked, &off, &err);
615          if (!skb)          if (!skb)
# Line 621  Source code for this patch is https://ww Line 621  Source code for this patch is https://ww
621    
622          ulen = skb->len - sizeof(struct udphdr);          ulen = skb->len - sizeof(struct udphdr);
623          copied = len;          copied = len;
624  --- linux-3.14.27.orig/net/socket.c  --- linux-3.14.28.orig/net/socket.c
625  +++ linux-3.14.27/net/socket.c  +++ linux-3.14.28/net/socket.c
626  @@ -1633,6 +1633,10 @@ SYSCALL_DEFINE4(accept4, int, fd, struct  @@ -1633,6 +1633,10 @@ SYSCALL_DEFINE4(accept4, int, fd, struct
627          if (err < 0)          if (err < 0)
628                  goto out_fd;                  goto out_fd;
# Line 634  Source code for this patch is https://ww Line 634  Source code for this patch is https://ww
634          if (upeer_sockaddr) {          if (upeer_sockaddr) {
635                  if (newsock->ops->getname(newsock, (struct sockaddr *)&address,                  if (newsock->ops->getname(newsock, (struct sockaddr *)&address,
636                                            &len, 2) < 0) {                                            &len, 2) < 0) {
637  --- linux-3.14.27.orig/net/unix/af_unix.c  --- linux-3.14.28.orig/net/unix/af_unix.c
638  +++ linux-3.14.27/net/unix/af_unix.c  +++ linux-3.14.28/net/unix/af_unix.c
639  @@ -1811,6 +1811,10 @@ static int unix_dgram_recvmsg(struct kio  @@ -1811,6 +1811,10 @@ static int unix_dgram_recvmsg(struct kio
640          wake_up_interruptible_sync_poll(&u->peer_wait,          wake_up_interruptible_sync_poll(&u->peer_wait,
641                                          POLLOUT | POLLWRNORM | POLLWRBAND);                                          POLLOUT | POLLWRNORM | POLLWRBAND);
# Line 647  Source code for this patch is https://ww Line 647  Source code for this patch is https://ww
647          if (msg->msg_name)          if (msg->msg_name)
648                  unix_copy_addr(msg, skb->sk);                  unix_copy_addr(msg, skb->sk);
649    
650  --- linux-3.14.27.orig/security/Kconfig  --- linux-3.14.28.orig/security/Kconfig
651  +++ linux-3.14.27/security/Kconfig  +++ linux-3.14.28/security/Kconfig
652  @@ -167,5 +167,7 @@ config DEFAULT_SECURITY  @@ -167,5 +167,7 @@ config DEFAULT_SECURITY
653          default "yama" if DEFAULT_SECURITY_YAMA          default "yama" if DEFAULT_SECURITY_YAMA
654          default "" if DEFAULT_SECURITY_DAC          default "" if DEFAULT_SECURITY_DAC
# Line 657  Source code for this patch is https://ww Line 657  Source code for this patch is https://ww
657  +  +
658   endmenu   endmenu
659    
660  --- linux-3.14.27.orig/security/Makefile  --- linux-3.14.28.orig/security/Makefile
661  +++ linux-3.14.27/security/Makefile  +++ linux-3.14.28/security/Makefile
662  @@ -27,3 +27,6 @@ obj-$(CONFIG_CGROUP_DEVICE)           += device_c  @@ -27,3 +27,6 @@ obj-$(CONFIG_CGROUP_DEVICE)           += device_c
663   # Object integrity file lists   # Object integrity file lists
664   subdir-$(CONFIG_INTEGRITY)             += integrity   subdir-$(CONFIG_INTEGRITY)             += integrity
# Line 666  Source code for this patch is https://ww Line 666  Source code for this patch is https://ww
666  +  +
667  +subdir-$(CONFIG_CCSECURITY)            += ccsecurity  +subdir-$(CONFIG_CCSECURITY)            += ccsecurity
668  +obj-$(CONFIG_CCSECURITY)               += ccsecurity/built-in.o  +obj-$(CONFIG_CCSECURITY)               += ccsecurity/built-in.o
669  --- linux-3.14.27.orig/security/security.c  --- linux-3.14.28.orig/security/security.c
670  +++ linux-3.14.27/security/security.c  +++ linux-3.14.28/security/security.c
671  @@ -203,7 +203,10 @@ int security_syslog(int type)  @@ -203,7 +203,10 @@ int security_syslog(int type)
672    
673   int security_settime(const struct timespec *ts, const struct timezone *tz)   int security_settime(const struct timespec *ts, const struct timezone *tz)
Legend:
Removed from v.6371  
changed lines
  Added in v.6372
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ