オープンソース・ソフトウェアの開発とダウンロード

TOMOYO

Subversion リポジトリの参照

/[tomoyo]/trunk/1.8.x/ccs-patch/patches/ccs-patch-3.17.diff

Diff of /trunk/1.8.x/ccs-patch/patches/ccs-patch-3.17.diff

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 6371 by kumaneko, Mon Dec 22 12:51:38 2014 UTC revision 6372 by kumaneko, Mon Jan 12 12:25:54 2015 UTC
# Line 1  Line 1 
1  This is TOMOYO Linux patch for kernel 3.17.7.  This is TOMOYO Linux patch for kernel 3.17.8.
2    
3  Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.17.7.tar.xz  Source code for this patch is https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.17.8.tar.xz
4  ---  ---
5   fs/exec.c                 |    2   fs/exec.c                 |    2
6   fs/open.c                 |    2   fs/open.c                 |    2
# Line 29  Source code for this patch is https://ww Line 29  Source code for this patch is https://ww
29   security/security.c       |  111 +++++++++++++++++++++++++++++++++++++++++-----   security/security.c       |  111 +++++++++++++++++++++++++++++++++++++++++-----
30   25 files changed, 252 insertions(+), 37 deletions(-)   25 files changed, 252 insertions(+), 37 deletions(-)
31    
32  --- linux-3.17.7.orig/fs/exec.c  --- linux-3.17.8.orig/fs/exec.c
33  +++ linux-3.17.7/fs/exec.c  +++ linux-3.17.8/fs/exec.c
34  @@ -1408,7 +1408,7 @@ static int exec_binprm(struct linux_binp  @@ -1408,7 +1408,7 @@ static int exec_binprm(struct linux_binp
35          old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent));          old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent));
36          rcu_read_unlock();          rcu_read_unlock();
# Line 40  Source code for this patch is https://ww Line 40  Source code for this patch is https://ww
40          if (ret >= 0) {          if (ret >= 0) {
41                  audit_bprm(bprm);                  audit_bprm(bprm);
42                  trace_sched_process_exec(current, old_pid, bprm);                  trace_sched_process_exec(current, old_pid, bprm);
43  --- linux-3.17.7.orig/fs/open.c  --- linux-3.17.8.orig/fs/open.c
44  +++ linux-3.17.7/fs/open.c  +++ linux-3.17.8/fs/open.c
45  @@ -1071,6 +1071,8 @@ EXPORT_SYMBOL(sys_close);  @@ -1071,6 +1071,8 @@ EXPORT_SYMBOL(sys_close);
46    */    */
47   SYSCALL_DEFINE0(vhangup)   SYSCALL_DEFINE0(vhangup)
# Line 51  Source code for this patch is https://ww Line 51  Source code for this patch is https://ww
51          if (capable(CAP_SYS_TTY_CONFIG)) {          if (capable(CAP_SYS_TTY_CONFIG)) {
52                  tty_vhangup_self();                  tty_vhangup_self();
53                  return 0;                  return 0;
54  --- linux-3.17.7.orig/fs/proc/version.c  --- linux-3.17.8.orig/fs/proc/version.c
55  +++ linux-3.17.7/fs/proc/version.c  +++ linux-3.17.8/fs/proc/version.c
56  @@ -32,3 +32,10 @@ static int __init proc_version_init(void  @@ -32,3 +32,10 @@ static int __init proc_version_init(void
57          return 0;          return 0;
58   }   }
# Line 60  Source code for this patch is https://ww Line 60  Source code for this patch is https://ww
60  +  +
61  +static int __init ccs_show_version(void)  +static int __init ccs_show_version(void)
62  +{  +{
63  +       printk(KERN_INFO "Hook version: 3.17.7 2014/12/22\n");  +       printk(KERN_INFO "Hook version: 3.17.8 2015/01/12\n");
64  +       return 0;  +       return 0;
65  +}  +}
66  +fs_initcall(ccs_show_version);  +fs_initcall(ccs_show_version);
67  --- linux-3.17.7.orig/include/linux/init_task.h  --- linux-3.17.8.orig/include/linux/init_task.h
68  +++ linux-3.17.7/include/linux/init_task.h  +++ linux-3.17.8/include/linux/init_task.h
69  @@ -157,6 +157,14 @@ extern struct task_group root_task_group  @@ -157,6 +157,14 @@ extern struct task_group root_task_group
70   # define INIT_RT_MUTEXES(tsk)   # define INIT_RT_MUTEXES(tsk)
71   #endif   #endif
# Line 89  Source code for this patch is https://ww Line 89  Source code for this patch is https://ww
89   }   }
90    
91    
92  --- linux-3.17.7.orig/include/linux/sched.h  --- linux-3.17.8.orig/include/linux/sched.h
93  +++ linux-3.17.7/include/linux/sched.h  +++ linux-3.17.8/include/linux/sched.h
94  @@ -6,6 +6,8 @@  @@ -6,6 +6,8 @@
95   #include <linux/sched/prio.h>   #include <linux/sched/prio.h>
96    
# Line 111  Source code for this patch is https://ww Line 111  Source code for this patch is https://ww
111   };   };
112    
113   /* Future-safe accessor for struct task_struct's cpus_allowed. */   /* Future-safe accessor for struct task_struct's cpus_allowed. */
114  --- linux-3.17.7.orig/include/linux/security.h  --- linux-3.17.8.orig/include/linux/security.h
115  +++ linux-3.17.7/include/linux/security.h  +++ linux-3.17.8/include/linux/security.h
116  @@ -53,6 +53,7 @@ struct msg_queue;  @@ -53,6 +53,7 @@ struct msg_queue;
117   struct xattr;   struct xattr;
118   struct xfrm_sec_ctx;   struct xfrm_sec_ctx;
# Line 324  Source code for this patch is https://ww Line 324  Source code for this patch is https://ww
324   }   }
325   #endif /* CONFIG_SECURITY_PATH */   #endif /* CONFIG_SECURITY_PATH */
326    
327  --- linux-3.17.7.orig/include/net/ip.h  --- linux-3.17.8.orig/include/net/ip.h
328  +++ linux-3.17.7/include/net/ip.h  +++ linux-3.17.8/include/net/ip.h
329  @@ -212,6 +212,8 @@ void inet_get_local_port_range(struct ne  @@ -212,6 +212,8 @@ void inet_get_local_port_range(struct ne
330   #ifdef CONFIG_SYSCTL   #ifdef CONFIG_SYSCTL
331   static inline int inet_is_local_reserved_port(struct net *net, int port)   static inline int inet_is_local_reserved_port(struct net *net, int port)
# Line 344  Source code for this patch is https://ww Line 344  Source code for this patch is https://ww
344          return 0;          return 0;
345   }   }
346   #endif   #endif
347  --- linux-3.17.7.orig/kernel/fork.c  --- linux-3.17.8.orig/kernel/fork.c
348  +++ linux-3.17.7/kernel/fork.c  +++ linux-3.17.8/kernel/fork.c
349  @@ -246,6 +246,7 @@ void __put_task_struct(struct task_struc  @@ -246,6 +246,7 @@ void __put_task_struct(struct task_struc
350          delayacct_tsk_free(tsk);          delayacct_tsk_free(tsk);
351          put_signal_struct(tsk->signal);          put_signal_struct(tsk->signal);
# Line 372  Source code for this patch is https://ww Line 372  Source code for this patch is https://ww
372   bad_fork_cleanup_perf:   bad_fork_cleanup_perf:
373          perf_event_free_task(p);          perf_event_free_task(p);
374   bad_fork_cleanup_policy:   bad_fork_cleanup_policy:
375  --- linux-3.17.7.orig/kernel/kexec.c  --- linux-3.17.8.orig/kernel/kexec.c
376  +++ linux-3.17.7/kernel/kexec.c  +++ linux-3.17.8/kernel/kexec.c
377  @@ -41,6 +41,7 @@  @@ -41,6 +41,7 @@
378   #include <asm/uaccess.h>   #include <asm/uaccess.h>
379   #include <asm/io.h>   #include <asm/io.h>
# Line 391  Source code for this patch is https://ww Line 391  Source code for this patch is https://ww
391    
392          /*          /*
393           * Verify we have a legal set of flags           * Verify we have a legal set of flags
394  --- linux-3.17.7.orig/kernel/module.c  --- linux-3.17.8.orig/kernel/module.c
395  +++ linux-3.17.7/kernel/module.c  +++ linux-3.17.8/kernel/module.c
396  @@ -62,6 +62,7 @@  @@ -62,6 +62,7 @@
397   #include <linux/bsearch.h>   #include <linux/bsearch.h>
398   #include <uapi/linux/module.h>   #include <uapi/linux/module.h>
# Line 419  Source code for this patch is https://ww Line 419  Source code for this patch is https://ww
419    
420          return 0;          return 0;
421   }   }
422  --- linux-3.17.7.orig/kernel/ptrace.c  --- linux-3.17.8.orig/kernel/ptrace.c
423  +++ linux-3.17.7/kernel/ptrace.c  +++ linux-3.17.8/kernel/ptrace.c
424  @@ -1032,6 +1032,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l  @@ -1032,6 +1032,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l
425   {   {
426          struct task_struct *child;          struct task_struct *child;
# Line 445  Source code for this patch is https://ww Line 445  Source code for this patch is https://ww
445    
446          if (request == PTRACE_TRACEME) {          if (request == PTRACE_TRACEME) {
447                  ret = ptrace_traceme();                  ret = ptrace_traceme();
448  --- linux-3.17.7.orig/kernel/reboot.c  --- linux-3.17.8.orig/kernel/reboot.c
449  +++ linux-3.17.7/kernel/reboot.c  +++ linux-3.17.8/kernel/reboot.c
450  @@ -16,6 +16,7 @@  @@ -16,6 +16,7 @@
451   #include <linux/syscalls.h>   #include <linux/syscalls.h>
452   #include <linux/syscore_ops.h>   #include <linux/syscore_ops.h>
# Line 464  Source code for this patch is https://ww Line 464  Source code for this patch is https://ww
464    
465          /*          /*
466           * If pid namespaces are enabled and the current task is in a child           * If pid namespaces are enabled and the current task is in a child
467  --- linux-3.17.7.orig/kernel/sched/core.c  --- linux-3.17.8.orig/kernel/sched/core.c
468  +++ linux-3.17.7/kernel/sched/core.c  +++ linux-3.17.8/kernel/sched/core.c
469  @@ -3123,6 +3123,8 @@ int can_nice(const struct task_struct *p  @@ -3123,6 +3123,8 @@ int can_nice(const struct task_struct *p
470   SYSCALL_DEFINE1(nice, int, increment)   SYSCALL_DEFINE1(nice, int, increment)
471   {   {
# Line 475  Source code for this patch is https://ww Line 475  Source code for this patch is https://ww
475    
476          /*          /*
477           * Setpriority might change our priority at the same moment.           * Setpriority might change our priority at the same moment.
478  --- linux-3.17.7.orig/kernel/signal.c  --- linux-3.17.8.orig/kernel/signal.c
479  +++ linux-3.17.7/kernel/signal.c  +++ linux-3.17.8/kernel/signal.c
480  @@ -2886,6 +2886,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s  @@ -2886,6 +2886,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s
481   SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)   SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)
482   {   {
# Line 522  Source code for this patch is https://ww Line 522  Source code for this patch is https://ww
522    
523          return do_send_specific(tgid, pid, sig, info);          return do_send_specific(tgid, pid, sig, info);
524   }   }
525  --- linux-3.17.7.orig/kernel/sys.c  --- linux-3.17.8.orig/kernel/sys.c
526  +++ linux-3.17.7/kernel/sys.c  +++ linux-3.17.8/kernel/sys.c
527  @@ -171,6 +171,10 @@ SYSCALL_DEFINE3(setpriority, int, which,  @@ -171,6 +171,10 @@ SYSCALL_DEFINE3(setpriority, int, which,
528    
529          if (which > PRIO_USER || which < PRIO_PROCESS)          if (which > PRIO_USER || which < PRIO_PROCESS)
# Line 553  Source code for this patch is https://ww Line 553  Source code for this patch is https://ww
553    
554          down_write(&uts_sem);          down_write(&uts_sem);
555          errno = -EFAULT;          errno = -EFAULT;
556  --- linux-3.17.7.orig/kernel/time/ntp.c  --- linux-3.17.8.orig/kernel/time/ntp.c
557  +++ linux-3.17.7/kernel/time/ntp.c  +++ linux-3.17.8/kernel/time/ntp.c
558  @@ -16,6 +16,7 @@  @@ -16,6 +16,7 @@
559   #include <linux/mm.h>   #include <linux/mm.h>
560   #include <linux/module.h>   #include <linux/module.h>
# Line 588  Source code for this patch is https://ww Line 588  Source code for this patch is https://ww
588    
589          return 0;          return 0;
590   }   }
591  --- linux-3.17.7.orig/net/ipv4/raw.c  --- linux-3.17.8.orig/net/ipv4/raw.c
592  +++ linux-3.17.7/net/ipv4/raw.c  +++ linux-3.17.8/net/ipv4/raw.c
593  @@ -711,6 +711,10 @@ static int raw_recvmsg(struct kiocb *ioc  @@ -711,6 +711,10 @@ static int raw_recvmsg(struct kiocb *ioc
594          skb = skb_recv_datagram(sk, flags, noblock, &err);          skb = skb_recv_datagram(sk, flags, noblock, &err);
595          if (!skb)          if (!skb)
# Line 601  Source code for this patch is https://ww Line 601  Source code for this patch is https://ww
601    
602          copied = skb->len;          copied = skb->len;
603          if (len < copied) {          if (len < copied) {
604  --- linux-3.17.7.orig/net/ipv4/udp.c  --- linux-3.17.8.orig/net/ipv4/udp.c
605  +++ linux-3.17.7/net/ipv4/udp.c  +++ linux-3.17.8/net/ipv4/udp.c
606  @@ -1260,6 +1260,10 @@ try_again:  @@ -1260,6 +1260,10 @@ try_again:
607                                    &peeked, &off, &err);                                    &peeked, &off, &err);
608          if (!skb)          if (!skb)
# Line 614  Source code for this patch is https://ww Line 614  Source code for this patch is https://ww
614    
615          ulen = skb->len - sizeof(struct udphdr);          ulen = skb->len - sizeof(struct udphdr);
616          copied = len;          copied = len;
617  --- linux-3.17.7.orig/net/ipv6/raw.c  --- linux-3.17.8.orig/net/ipv6/raw.c
618  +++ linux-3.17.7/net/ipv6/raw.c  +++ linux-3.17.8/net/ipv6/raw.c
619  @@ -478,6 +478,10 @@ static int rawv6_recvmsg(struct kiocb *i  @@ -478,6 +478,10 @@ static int rawv6_recvmsg(struct kiocb *i
620          skb = skb_recv_datagram(sk, flags, noblock, &err);          skb = skb_recv_datagram(sk, flags, noblock, &err);
621          if (!skb)          if (!skb)
# Line 627  Source code for this patch is https://ww Line 627  Source code for this patch is https://ww
627    
628          copied = skb->len;          copied = skb->len;
629          if (copied > len) {          if (copied > len) {
630  --- linux-3.17.7.orig/net/ipv6/udp.c  --- linux-3.17.8.orig/net/ipv6/udp.c
631  +++ linux-3.17.7/net/ipv6/udp.c  +++ linux-3.17.8/net/ipv6/udp.c
632  @@ -402,6 +402,10 @@ try_again:  @@ -402,6 +402,10 @@ try_again:
633                                    &peeked, &off, &err);                                    &peeked, &off, &err);
634          if (!skb)          if (!skb)
# Line 640  Source code for this patch is https://ww Line 640  Source code for this patch is https://ww
640    
641          ulen = skb->len - sizeof(struct udphdr);          ulen = skb->len - sizeof(struct udphdr);
642          copied = len;          copied = len;
643  --- linux-3.17.7.orig/net/socket.c  --- linux-3.17.8.orig/net/socket.c
644  +++ linux-3.17.7/net/socket.c  +++ linux-3.17.8/net/socket.c
645  @@ -1642,6 +1642,10 @@ SYSCALL_DEFINE4(accept4, int, fd, struct  @@ -1642,6 +1642,10 @@ SYSCALL_DEFINE4(accept4, int, fd, struct
646          if (err < 0)          if (err < 0)
647                  goto out_fd;                  goto out_fd;
# Line 653  Source code for this patch is https://ww Line 653  Source code for this patch is https://ww
653          if (upeer_sockaddr) {          if (upeer_sockaddr) {
654                  if (newsock->ops->getname(newsock, (struct sockaddr *)&address,                  if (newsock->ops->getname(newsock, (struct sockaddr *)&address,
655                                            &len, 2) < 0) {                                            &len, 2) < 0) {
656  --- linux-3.17.7.orig/net/unix/af_unix.c  --- linux-3.17.8.orig/net/unix/af_unix.c
657  +++ linux-3.17.7/net/unix/af_unix.c  +++ linux-3.17.8/net/unix/af_unix.c
658  @@ -1817,6 +1817,10 @@ static int unix_dgram_recvmsg(struct kio  @@ -1817,6 +1817,10 @@ static int unix_dgram_recvmsg(struct kio
659          wake_up_interruptible_sync_poll(&u->peer_wait,          wake_up_interruptible_sync_poll(&u->peer_wait,
660                                          POLLOUT | POLLWRNORM | POLLWRBAND);                                          POLLOUT | POLLWRNORM | POLLWRBAND);
# Line 666  Source code for this patch is https://ww Line 666  Source code for this patch is https://ww
666          if (msg->msg_name)          if (msg->msg_name)
667                  unix_copy_addr(msg, skb->sk);                  unix_copy_addr(msg, skb->sk);
668    
669  --- linux-3.17.7.orig/security/Kconfig  --- linux-3.17.8.orig/security/Kconfig
670  +++ linux-3.17.7/security/Kconfig  +++ linux-3.17.8/security/Kconfig
671  @@ -167,5 +167,7 @@ config DEFAULT_SECURITY  @@ -167,5 +167,7 @@ config DEFAULT_SECURITY
672          default "yama" if DEFAULT_SECURITY_YAMA          default "yama" if DEFAULT_SECURITY_YAMA
673          default "" if DEFAULT_SECURITY_DAC          default "" if DEFAULT_SECURITY_DAC
# Line 676  Source code for this patch is https://ww Line 676  Source code for this patch is https://ww
676  +  +
677   endmenu   endmenu
678    
679  --- linux-3.17.7.orig/security/Makefile  --- linux-3.17.8.orig/security/Makefile
680  +++ linux-3.17.7/security/Makefile  +++ linux-3.17.8/security/Makefile
681  @@ -27,3 +27,6 @@ obj-$(CONFIG_CGROUP_DEVICE)           += device_c  @@ -27,3 +27,6 @@ obj-$(CONFIG_CGROUP_DEVICE)           += device_c
682   # Object integrity file lists   # Object integrity file lists
683   subdir-$(CONFIG_INTEGRITY)             += integrity   subdir-$(CONFIG_INTEGRITY)             += integrity
# Line 685  Source code for this patch is https://ww Line 685  Source code for this patch is https://ww
685  +  +
686  +subdir-$(CONFIG_CCSECURITY)            += ccsecurity  +subdir-$(CONFIG_CCSECURITY)            += ccsecurity
687  +obj-$(CONFIG_CCSECURITY)               += ccsecurity/  +obj-$(CONFIG_CCSECURITY)               += ccsecurity/
688  --- linux-3.17.7.orig/security/security.c  --- linux-3.17.8.orig/security/security.c
689  +++ linux-3.17.7/security/security.c  +++ linux-3.17.8/security/security.c
690  @@ -203,7 +203,10 @@ int security_syslog(int type)  @@ -203,7 +203,10 @@ int security_syslog(int type)
691    
692   int security_settime(const struct timespec *ts, const struct timezone *tz)   int security_settime(const struct timespec *ts, const struct timezone *tz)
Legend:
Removed from v.6371  
changed lines
  Added in v.6372
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
サイト情報
ソフトウェアを探す
ソフトウェアを作る
コミュニティ
ヘルプ