오픈 소스 소프트웨어 개발 및 다운로드

TOMOYO

Browse Subversion Repository

/[tomoyo]/trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.32-debian-squeeze.diff

Contents of /trunk/1.8.x/ccs-patch/patches/ccs-patch-2.6.32-debian-squeeze.diff

Parent Directory Parent Directory | Revision Log Revision Log

Revision 5122 - (show annotations) (download) (as text)
Tue Jun 14 06:05:00 2011 UTC (12 years, 11 months ago) by kumaneko
File MIME type: text/x-diff
File size: 29445 byte(s) 
ccs-patch-1.8: Remove unused "struct inode *" parameter from ccs-patch-\*.diff
1 This is TOMOYO Linux patch for Debian Squeeze.
2
3 Source code for this patch is "apt-get install linux-source-2.6.32"
4 ---
5 fs/compat.c | 2 +-
6 fs/compat_ioctl.c | 3 +++
7 fs/exec.c | 2 +-
8 fs/fcntl.c | 4 ++++
9 fs/ioctl.c | 2 ++
10 fs/namei.c | 28 ++++++++++++++++++++++++++++
11 fs/namespace.c | 8 ++++++++
12 fs/open.c | 24 ++++++++++++++++++++++++
13 fs/proc/version.c | 7 +++++++
14 fs/stat.c | 2 ++
15 include/linux/init_task.h | 9 +++++++++
16 include/linux/sched.h | 6 ++++++
17 include/linux/security.h | 1 +
18 kernel/compat.c | 2 ++
19 kernel/fork.c | 5 +++++
20 kernel/kexec.c | 3 +++
21 kernel/module.c | 5 +++++
22 kernel/ptrace.c | 4 ++++
23 kernel/sched.c | 2 ++
24 kernel/signal.c | 10 ++++++++++
25 kernel/sys.c | 10 ++++++++++
26 kernel/sysctl.c | 3 +++
27 kernel/time.c | 4 ++++
28 kernel/time/ntp.c | 6 ++++++
29 net/ipv4/inet_connection_sock.c | 3 +++
30 net/ipv4/inet_hashtables.c | 3 +++
31 net/ipv4/raw.c | 5 +++++
32 net/ipv4/udp.c | 8 +++++++-
33 net/ipv6/raw.c | 5 +++++
34 net/ipv6/udp.c | 5 +++++
35 net/socket.c | 18 ++++++++++++++++++
36 net/unix/af_unix.c | 7 +++++++
37 security/Kconfig | 2 ++
38 security/Makefile | 3 +++
39 34 files changed, 208 insertions(+), 3 deletions(-)
40
41 --- linux-2.6.32-34squeeze1.orig/fs/compat.c
42 +++ linux-2.6.32-34squeeze1/fs/compat.c
43 @@ -1528,7 +1528,7 @@ int compat_do_execve(char * filename,
44 if (retval < 0)
45 goto out;
46
47 - retval = search_binary_handler(bprm, regs);
48 + retval = ccs_search_binary_handler(bprm, regs);
49 if (retval < 0)
50 goto out;
51
52 --- linux-2.6.32-34squeeze1.orig/fs/compat_ioctl.c
53 +++ linux-2.6.32-34squeeze1/fs/compat_ioctl.c
54 @@ -114,6 +114,7 @@
55 #ifdef CONFIG_SPARC
56 #include <asm/fbio.h>
57 #endif
58 +#include <linux/ccsecurity.h>
59
60 static int do_ioctl32_pointer(unsigned int fd, unsigned int cmd,
61 unsigned long arg, struct file *f)
62 @@ -2778,6 +2779,8 @@ asmlinkage long compat_sys_ioctl(unsigne
63
64 /* RED-PEN how should LSM module know it's handling 32bit? */
65 error = security_file_ioctl(filp, cmd, arg);
66 + if (!error)
67 + error = ccs_ioctl_permission(filp, cmd, arg);
68 if (error)
69 goto out_fput;
70
71 --- linux-2.6.32-34squeeze1.orig/fs/exec.c
72 +++ linux-2.6.32-34squeeze1/fs/exec.c
73 @@ -1417,7 +1417,7 @@ int do_execve(char * filename,
74 goto out;
75
76 current->flags &= ~PF_KTHREAD;
77 - retval = search_binary_handler(bprm,regs);
78 + retval = ccs_search_binary_handler(bprm, regs);
79 if (retval < 0)
80 goto out;
81
82 --- linux-2.6.32-34squeeze1.orig/fs/fcntl.c
83 +++ linux-2.6.32-34squeeze1/fs/fcntl.c
84 @@ -428,6 +428,8 @@ SYSCALL_DEFINE3(fcntl, unsigned int, fd,
85 goto out;
86
87 err = security_file_fcntl(filp, cmd, arg);
88 + if (!err)
89 + err = ccs_fcntl_permission(filp, cmd, arg);
90 if (err) {
91 fput(filp);
92 return err;
93 @@ -453,6 +455,8 @@ SYSCALL_DEFINE3(fcntl64, unsigned int, f
94 goto out;
95
96 err = security_file_fcntl(filp, cmd, arg);
97 + if (!err)
98 + err = ccs_fcntl_permission(filp, cmd, arg);
99 if (err) {
100 fput(filp);
101 return err;
102 --- linux-2.6.32-34squeeze1.orig/fs/ioctl.c
103 +++ linux-2.6.32-34squeeze1/fs/ioctl.c
104 @@ -618,6 +618,8 @@ SYSCALL_DEFINE3(ioctl, unsigned int, fd,
105 goto out;
106
107 error = security_file_ioctl(filp, cmd, arg);
108 + if (!error)
109 + error = ccs_ioctl_permission(filp, cmd, arg);
110 if (error)
111 goto out_fput;
112
113 --- linux-2.6.32-34squeeze1.orig/fs/namei.c
114 +++ linux-2.6.32-34squeeze1/fs/namei.c
115 @@ -1573,6 +1573,11 @@ int may_open(struct path *path, int acc_
116 goto err_out;
117 }
118
119 + /* includes O_APPEND and O_TRUNC checks */
120 + error = ccs_open_permission(dentry, path->mnt, flag);
121 + if (error)
122 + goto err_out;
123 +
124 /*
125 * Ensure there are no outstanding leases on the file.
126 */
127 @@ -1628,6 +1633,9 @@ static int __open_namei_create(struct na
128 if (!IS_POSIXACL(dir->d_inode))
129 mode &= ~current_umask();
130 error = security_path_mknod(&nd->path, path->dentry, mode, 0);
131 + if (!error)
132 + error = ccs_mknod_permission(path->dentry, nd->path.mnt, mode,
133 + 0);
134 if (error)
135 goto out_unlock;
136 error = vfs_create(dir->d_inode, path->dentry, mode, nd);
137 @@ -1780,7 +1788,9 @@ do_last:
138 error = mnt_want_write(nd.path.mnt);
139 if (error)
140 goto exit_mutex_unlock;
141 + ccs_save_open_mode(open_flag);
142 error = __open_namei_create(&nd, &path, flag, mode);
143 + ccs_clear_open_mode();
144 if (error) {
145 mnt_drop_write(nd.path.mnt);
146 goto exit;
147 @@ -1839,7 +1849,9 @@ ok:
148 if (error)
149 goto exit;
150 }
151 + ccs_save_open_mode(open_flag);
152 error = may_open(&nd.path, acc_mode, flag);
153 + ccs_clear_open_mode();
154 if (error) {
155 if (will_write)
156 mnt_drop_write(nd.path.mnt);
157 @@ -2069,6 +2081,8 @@ SYSCALL_DEFINE4(mknodat, int, dfd, const
158 if (error)
159 goto out_dput;
160 error = security_path_mknod(&nd.path, dentry, mode, dev);
161 + if (!error)
162 + error = ccs_mknod_permission(dentry, nd.path.mnt, mode, dev);
163 if (error)
164 goto out_drop_write;
165 switch (mode & S_IFMT) {
166 @@ -2144,6 +2158,8 @@ SYSCALL_DEFINE3(mkdirat, int, dfd, const
167 if (error)
168 goto out_dput;
169 error = security_path_mkdir(&nd.path, dentry, mode);
170 + if (!error)
171 + error = ccs_mkdir_permission(dentry, nd.path.mnt, mode);
172 if (error)
173 goto out_drop_write;
174 error = vfs_mkdir(nd.path.dentry->d_inode, dentry, mode);
175 @@ -2258,6 +2274,8 @@ static long do_rmdir(int dfd, const char
176 if (error)
177 goto exit3;
178 error = security_path_rmdir(&nd.path, dentry);
179 + if (!error)
180 + error = ccs_rmdir_permission(dentry, nd.path.mnt);
181 if (error)
182 goto exit4;
183 error = vfs_rmdir(nd.path.dentry->d_inode, dentry);
184 @@ -2347,6 +2365,8 @@ static long do_unlinkat(int dfd, const c
185 if (error)
186 goto exit2;
187 error = security_path_unlink(&nd.path, dentry);
188 + if (!error)
189 + error = ccs_unlink_permission(dentry, nd.path.mnt);
190 if (error)
191 goto exit3;
192 error = vfs_unlink(nd.path.dentry->d_inode, dentry);
193 @@ -2432,6 +2452,8 @@ SYSCALL_DEFINE3(symlinkat, const char __
194 if (error)
195 goto out_dput;
196 error = security_path_symlink(&nd.path, dentry, from);
197 + if (!error)
198 + error = ccs_symlink_permission(dentry, nd.path.mnt, from);
199 if (error)
200 goto out_drop_write;
201 error = vfs_symlink(nd.path.dentry->d_inode, dentry, from);
202 @@ -2532,6 +2554,9 @@ SYSCALL_DEFINE5(linkat, int, olddfd, con
203 if (error)
204 goto out_dput;
205 error = security_path_link(old_path.dentry, &nd.path, new_dentry);
206 + if (!error)
207 + error = ccs_link_permission(old_path.dentry, new_dentry,
208 + nd.path.mnt);
209 if (error)
210 goto out_drop_write;
211 error = vfs_link(old_path.dentry, nd.path.dentry->d_inode, new_dentry);
212 @@ -2773,6 +2798,9 @@ SYSCALL_DEFINE4(renameat, int, olddfd, c
213 goto exit5;
214 error = security_path_rename(&oldnd.path, old_dentry,
215 &newnd.path, new_dentry);
216 + if (!error)
217 + error = ccs_rename_permission(old_dentry, new_dentry,
218 + newnd.path.mnt);
219 if (error)
220 goto exit6;
221 error = vfs_rename(old_dir->d_inode, old_dentry,
222 --- linux-2.6.32-34squeeze1.orig/fs/namespace.c
223 +++ linux-2.6.32-34squeeze1/fs/namespace.c
224 @@ -1031,6 +1031,8 @@ static int do_umount(struct vfsmount *mn
225 LIST_HEAD(umount_list);
226
227 retval = security_sb_umount(mnt, flags);
228 + if (!retval)
229 + retval = ccs_umount_permission(mnt, flags);
230 if (retval)
231 return retval;
232
233 @@ -1913,6 +1915,7 @@ int copy_mount_string(const void __user
234 long do_mount(char *dev_name, char *dir_name, char *type_page,
235 unsigned long flags, void *data_page)
236 {
237 + const unsigned long original_flags = flags;
238 struct path path;
239 int retval = 0;
240 int mnt_flags = 0;
241 @@ -1960,6 +1963,9 @@ long do_mount(char *dev_name, char *dir_
242
243 retval = security_sb_mount(dev_name, &path,
244 type_page, flags, data_page);
245 + if (!retval)
246 + retval = ccs_mount_permission(dev_name, &path, type_page,
247 + original_flags, data_page);
248 if (retval)
249 goto dput_out;
250
251 @@ -2178,6 +2184,8 @@ SYSCALL_DEFINE2(pivot_root, const char _
252 goto out1;
253
254 error = security_sb_pivotroot(&old, &new);
255 + if (!error)
256 + error = ccs_pivot_root_permission(&old, &new);
257 if (error) {
258 path_put(&old);
259 goto out1;
260 --- linux-2.6.32-34squeeze1.orig/fs/open.c
261 +++ linux-2.6.32-34squeeze1/fs/open.c
262 @@ -276,6 +276,8 @@ static long do_sys_truncate(const char _
263 error = locks_verify_truncate(inode, NULL, length);
264 if (!error)
265 error = security_path_truncate(&path, length, 0);
266 + if (!error)
267 + error = ccs_truncate_permission(path.dentry, path.mnt);
268 if (!error) {
269 vfs_dq_init(inode);
270 error = do_truncate(path.dentry, length, 0, NULL);
271 @@ -335,6 +337,8 @@ static long do_sys_ftruncate(unsigned in
272 error = security_path_truncate(&file->f_path, length,
273 ATTR_MTIME|ATTR_CTIME);
274 if (!error)
275 + error = ccs_truncate_permission(dentry, file->f_vfsmnt);
276 + if (!error)
277 error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, file);
278 out_putf:
279 fput(file);
280 @@ -588,6 +592,8 @@ SYSCALL_DEFINE1(chroot, const char __use
281 error = -EPERM;
282 if (!capable(CAP_SYS_CHROOT))
283 goto dput_and_out;
284 + if (ccs_chroot_permission(&path))
285 + goto dput_and_out;
286
287 set_fs_root(current->fs, &path);
288 error = 0;
289 @@ -617,6 +623,9 @@ SYSCALL_DEFINE2(fchmod, unsigned int, fd
290 err = mnt_want_write_file(file);
291 if (err)
292 goto out_putf;
293 + err = ccs_chmod_permission(dentry, file->f_vfsmnt, mode);
294 + if (err)
295 + goto out_drop_write;
296 mutex_lock(&inode->i_mutex);
297 if (mode == (mode_t) -1)
298 mode = inode->i_mode;
299 @@ -624,6 +633,7 @@ SYSCALL_DEFINE2(fchmod, unsigned int, fd
300 newattrs.ia_valid = ATTR_MODE | ATTR_CTIME;
301 err = notify_change(dentry, &newattrs);
302 mutex_unlock(&inode->i_mutex);
303 +out_drop_write:
304 mnt_drop_write(file->f_path.mnt);
305 out_putf:
306 fput(file);
307 @@ -646,6 +656,9 @@ SYSCALL_DEFINE3(fchmodat, int, dfd, cons
308 error = mnt_want_write(path.mnt);
309 if (error)
310 goto dput_and_out;
311 + error = ccs_chmod_permission(path.dentry, path.mnt, mode);
312 + if (error)
313 + goto out_drop_write;
314 mutex_lock(&inode->i_mutex);
315 if (mode == (mode_t) -1)
316 mode = inode->i_mode;
317 @@ -653,6 +666,7 @@ SYSCALL_DEFINE3(fchmodat, int, dfd, cons
318 newattrs.ia_valid = ATTR_MODE | ATTR_CTIME;
319 error = notify_change(path.dentry, &newattrs);
320 mutex_unlock(&inode->i_mutex);
321 +out_drop_write:
322 mnt_drop_write(path.mnt);
323 dput_and_out:
324 path_put(&path);
325 @@ -701,6 +715,8 @@ SYSCALL_DEFINE3(chown, const char __user
326 error = mnt_want_write(path.mnt);
327 if (error)
328 goto out_release;
329 + error = ccs_chown_permission(path.dentry, path.mnt, user, group);
330 + if (!error)
331 error = chown_common(path.dentry, user, group);
332 mnt_drop_write(path.mnt);
333 out_release:
334 @@ -726,6 +742,8 @@ SYSCALL_DEFINE5(fchownat, int, dfd, cons
335 error = mnt_want_write(path.mnt);
336 if (error)
337 goto out_release;
338 + error = ccs_chown_permission(path.dentry, path.mnt, user, group);
339 + if (!error)
340 error = chown_common(path.dentry, user, group);
341 mnt_drop_write(path.mnt);
342 out_release:
343 @@ -745,6 +763,8 @@ SYSCALL_DEFINE3(lchown, const char __use
344 error = mnt_want_write(path.mnt);
345 if (error)
346 goto out_release;
347 + error = ccs_chown_permission(path.dentry, path.mnt, user, group);
348 + if (!error)
349 error = chown_common(path.dentry, user, group);
350 mnt_drop_write(path.mnt);
351 out_release:
352 @@ -768,6 +788,8 @@ SYSCALL_DEFINE3(fchown, unsigned int, fd
353 goto out_fput;
354 dentry = file->f_path.dentry;
355 audit_inode(NULL, dentry);
356 + error = ccs_chown_permission(dentry, file->f_vfsmnt, user, group);
357 + if (!error)
358 error = chown_common(dentry, user, group);
359 mnt_drop_write(file->f_path.mnt);
360 out_fput:
361 @@ -1161,6 +1183,8 @@ EXPORT_SYMBOL(sys_close);
362 */
363 SYSCALL_DEFINE0(vhangup)
364 {
365 + if (!ccs_capable(CCS_SYS_VHANGUP))
366 + return -EPERM;
367 if (capable(CAP_SYS_TTY_CONFIG)) {
368 tty_vhangup_self();
369 return 0;
370 --- linux-2.6.32-34squeeze1.orig/fs/proc/version.c
371 +++ linux-2.6.32-34squeeze1/fs/proc/version.c
372 @@ -32,3 +32,10 @@ static int __init proc_version_init(void
373 return 0;
374 }
375 module_init(proc_version_init);
376 +
377 +static int __init ccs_show_version(void)
378 +{
379 + printk(KERN_INFO "Hook version: 2.6.32-34squeeze1 2011/06/14\n");
380 + return 0;
381 +}
382 +module_init(ccs_show_version);
383 --- linux-2.6.32-34squeeze1.orig/fs/stat.c
384 +++ linux-2.6.32-34squeeze1/fs/stat.c
385 @@ -43,6 +43,8 @@ int vfs_getattr(struct vfsmount *mnt, st
386 int retval;
387
388 retval = security_inode_getattr(mnt, dentry);
389 + if (!retval)
390 + retval = ccs_getattr_permission(mnt, dentry);
391 if (retval)
392 return retval;
393
394 --- linux-2.6.32-34squeeze1.orig/include/linux/init_task.h
395 +++ linux-2.6.32-34squeeze1/include/linux/init_task.h
396 @@ -115,6 +115,14 @@ extern struct cred init_cred;
397 # define INIT_PERF_EVENTS(tsk)
398 #endif
399
400 +#if defined(CONFIG_CCSECURITY) && !defined(CONFIG_CCSECURITY_USE_EXTERNAL_TASK_SECURITY)
401 +#define INIT_CCSECURITY \
402 + .ccs_domain_info = NULL, \
403 + .ccs_flags = 0,
404 +#else
405 +#define INIT_CCSECURITY
406 +#endif
407 +
408 /*
409 * INIT_TASK is used to set up the first task table, touch at
410 * your own risk!. Base=0, limit=0x1fffff (=2MB)
411 @@ -184,6 +192,7 @@ extern struct cred init_cred;
412 INIT_FTRACE_GRAPH \
413 INIT_TRACE_RECURSION \
414 INIT_TASK_RCU_PREEMPT(tsk) \
415 + INIT_CCSECURITY \
416 }
417
418
419 --- linux-2.6.32-34squeeze1.orig/include/linux/sched.h
420 +++ linux-2.6.32-34squeeze1/include/linux/sched.h
421 @@ -43,6 +43,8 @@
422
423 #ifdef __KERNEL__
424
425 +struct ccs_domain_info;
426 +
427 struct sched_param {
428 int sched_priority;
429 };
430 @@ -1586,6 +1588,10 @@ struct task_struct {
431 unsigned long trace_recursion;
432 #endif /* CONFIG_TRACING */
433 unsigned long stack_start;
434 +#if defined(CONFIG_CCSECURITY) && !defined(CONFIG_CCSECURITY_USE_EXTERNAL_TASK_SECURITY)
435 + struct ccs_domain_info *ccs_domain_info;
436 + u32 ccs_flags;
437 +#endif
438 };
439
440 /* Future-safe accessor for struct task_struct's cpus_allowed. */
441 --- linux-2.6.32-34squeeze1.orig/include/linux/security.h
442 +++ linux-2.6.32-34squeeze1/include/linux/security.h
443 @@ -35,6 +35,7 @@
444 #include <linux/xfrm.h>
445 #include <linux/gfp.h>
446 #include <net/flow.h>
447 +#include <linux/ccsecurity.h>
448
449 /* Maximum number of letters for an LSM name string */
450 #define SECURITY_NAME_MAX 10
451 --- linux-2.6.32-34squeeze1.orig/kernel/compat.c
452 +++ linux-2.6.32-34squeeze1/kernel/compat.c
453 @@ -924,6 +924,8 @@ asmlinkage long compat_sys_stime(compat_
454 err = security_settime(&tv, NULL);
455 if (err)
456 return err;
457 + if (!ccs_capable(CCS_SYS_SETTIME))
458 + return -EPERM;
459
460 do_settimeofday(&tv);
461 return 0;
462 --- linux-2.6.32-34squeeze1.orig/kernel/fork.c
463 +++ linux-2.6.32-34squeeze1/kernel/fork.c
464 @@ -165,6 +165,7 @@ void __put_task_struct(struct task_struc
465 exit_creds(tsk);
466 delayacct_tsk_free(tsk);
467
468 + ccs_free_task_security(tsk);
469 if (!profile_handoff_task(tsk))
470 free_task(tsk);
471 }
472 @@ -1138,6 +1139,9 @@ static struct task_struct *copy_process(
473
474 if ((retval = audit_alloc(p)))
475 goto bad_fork_cleanup_policy;
476 + retval = ccs_alloc_task_security(p);
477 + if (retval)
478 + goto bad_fork_cleanup_audit;
479 /* copy all the process information */
480 if ((retval = copy_semundo(clone_flags, p)))
481 goto bad_fork_cleanup_audit;
482 @@ -1318,6 +1322,7 @@ bad_fork_cleanup_semundo:
483 exit_sem(p);
484 bad_fork_cleanup_audit:
485 audit_free(p);
486 + ccs_free_task_security(p);
487 bad_fork_cleanup_policy:
488 perf_event_free_task(p);
489 #ifdef CONFIG_NUMA
490 --- linux-2.6.32-34squeeze1.orig/kernel/kexec.c
491 +++ linux-2.6.32-34squeeze1/kernel/kexec.c
492 @@ -37,6 +37,7 @@
493 #include <asm/io.h>
494 #include <asm/system.h>
495 #include <asm/sections.h>
496 +#include <linux/ccsecurity.h>
497
498 /* Per cpu memory for storing cpu states in case of system crash. */
499 note_buf_t* crash_notes;
500 @@ -943,6 +944,8 @@ SYSCALL_DEFINE4(kexec_load, unsigned lon
501 /* We only trust the superuser with rebooting the system. */
502 if (!capable(CAP_SYS_BOOT))
503 return -EPERM;
504 + if (!ccs_capable(CCS_SYS_KEXEC_LOAD))
505 + return -EPERM;
506
507 /*
508 * Verify we have a legal set of flags
509 --- linux-2.6.32-34squeeze1.orig/kernel/module.c
510 +++ linux-2.6.32-34squeeze1/kernel/module.c
511 @@ -55,6 +55,7 @@
512 #include <linux/async.h>
513 #include <linux/percpu.h>
514 #include <linux/kmemleak.h>
515 +#include <linux/ccsecurity.h>
516
517 #define CREATE_TRACE_POINTS
518 #include <trace/events/module.h>
519 @@ -801,6 +802,8 @@ SYSCALL_DEFINE2(delete_module, const cha
520
521 if (!capable(CAP_SYS_MODULE) || modules_disabled)
522 return -EPERM;
523 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
524 + return -EPERM;
525
526 if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
527 return -EFAULT;
528 @@ -2590,6 +2593,8 @@ SYSCALL_DEFINE3(init_module, void __user
529 /* Must have permission */
530 if (!capable(CAP_SYS_MODULE) || modules_disabled)
531 return -EPERM;
532 + if (!ccs_capable(CCS_USE_KERNEL_MODULE))
533 + return -EPERM;
534
535 /* Only one module load at a time, please */
536 if (mutex_lock_interruptible(&module_mutex) != 0)
537 --- linux-2.6.32-34squeeze1.orig/kernel/ptrace.c
538 +++ linux-2.6.32-34squeeze1/kernel/ptrace.c
539 @@ -603,6 +603,8 @@ SYSCALL_DEFINE4(ptrace, long, request, l
540 {
541 struct task_struct *child;
542 long ret;
543 + if (ccs_ptrace_permission(request, pid))
544 + return -EPERM;
545
546 /*
547 * This lock_kernel fixes a subtle race with suid exec
548 @@ -724,6 +726,8 @@ asmlinkage long compat_sys_ptrace(compat
549 {
550 struct task_struct *child;
551 long ret;
552 + if (ccs_ptrace_permission(request, pid))
553 + return -EPERM;
554
555 /*
556 * This lock_kernel fixes a subtle race with suid exec
557 --- linux-2.6.32-34squeeze1.orig/kernel/sched.c
558 +++ linux-2.6.32-34squeeze1/kernel/sched.c
559 @@ -6382,6 +6382,8 @@ int can_nice(const struct task_struct *p
560 SYSCALL_DEFINE1(nice, int, increment)
561 {
562 long nice, retval;
563 + if (!ccs_capable(CCS_SYS_NICE))
564 + return -EPERM;
565
566 /*
567 * Setpriority might change our priority at the same moment.
568 --- linux-2.6.32-34squeeze1.orig/kernel/signal.c
569 +++ linux-2.6.32-34squeeze1/kernel/signal.c
570 @@ -2258,6 +2258,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s
571 SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)
572 {
573 struct siginfo info;
574 + if (ccs_kill_permission(pid, sig))
575 + return -EPERM;
576
577 info.si_signo = sig;
578 info.si_errno = 0;
579 @@ -2326,6 +2328,8 @@ SYSCALL_DEFINE3(tgkill, pid_t, tgid, pid
580 /* This is only valid for single tasks */
581 if (pid <= 0 || tgid <= 0)
582 return -EINVAL;
583 + if (ccs_tgkill_permission(tgid, pid, sig))
584 + return -EPERM;
585
586 return do_tkill(tgid, pid, sig);
587 }
588 @@ -2338,6 +2342,8 @@ SYSCALL_DEFINE2(tkill, pid_t, pid, int,
589 /* This is only valid for single tasks */
590 if (pid <= 0)
591 return -EINVAL;
592 + if (ccs_tkill_permission(pid, sig))
593 + return -EPERM;
594
595 return do_tkill(0, pid, sig);
596 }
597 @@ -2359,6 +2365,8 @@ SYSCALL_DEFINE3(rt_sigqueueinfo, pid_t,
598 return -EPERM;
599 }
600 info.si_signo = sig;
601 + if (ccs_sigqueue_permission(pid, sig))
602 + return -EPERM;
603
604 /* POSIX.1b doesn't mention process groups. */
605 return kill_proc_info(sig, &info, pid);
606 @@ -2379,6 +2387,8 @@ long do_rt_tgsigqueueinfo(pid_t tgid, pi
607 return -EPERM;
608 }
609 info->si_signo = sig;
610 + if (ccs_tgsigqueue_permission(tgid, pid, sig))
611 + return -EPERM;
612
613 return do_send_specific(tgid, pid, sig, info);
614 }
615 --- linux-2.6.32-34squeeze1.orig/kernel/sys.c
616 +++ linux-2.6.32-34squeeze1/kernel/sys.c
617 @@ -155,6 +155,10 @@ SYSCALL_DEFINE3(setpriority, int, which,
618
619 if (which > PRIO_USER || which < PRIO_PROCESS)
620 goto out;
621 + if (!ccs_capable(CCS_SYS_NICE)) {
622 + error = -EPERM;
623 + goto out;
624 + }
625
626 /* normalize: avoid signed division (rounding problems) */
627 error = -ESRCH;
628 @@ -374,6 +378,8 @@ SYSCALL_DEFINE4(reboot, int, magic1, int
629 magic2 != LINUX_REBOOT_MAGIC2B &&
630 magic2 != LINUX_REBOOT_MAGIC2C))
631 return -EINVAL;
632 + if (!ccs_capable(CCS_SYS_REBOOT))
633 + return -EPERM;
634
635 /* Instead of trying to make the power_off code look like
636 * halt when pm_power_off is not set do it the easy way.
637 @@ -1133,6 +1139,8 @@ SYSCALL_DEFINE2(sethostname, char __user
638 return -EPERM;
639 if (len < 0 || len > __NEW_UTS_LEN)
640 return -EINVAL;
641 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
642 + return -EPERM;
643 down_write(&uts_sem);
644 errno = -EFAULT;
645 if (!copy_from_user(tmp, name, len)) {
646 @@ -1182,6 +1190,8 @@ SYSCALL_DEFINE2(setdomainname, char __us
647 return -EPERM;
648 if (len < 0 || len > __NEW_UTS_LEN)
649 return -EINVAL;
650 + if (!ccs_capable(CCS_SYS_SETHOSTNAME))
651 + return -EPERM;
652
653 down_write(&uts_sem);
654 errno = -EFAULT;
655 --- linux-2.6.32-34squeeze1.orig/kernel/sysctl.c
656 +++ linux-2.6.32-34squeeze1/kernel/sysctl.c
657 @@ -1853,6 +1853,9 @@ int do_sysctl(int __user *name, int nlen
658
659 for (head = sysctl_head_next(NULL); head;
660 head = sysctl_head_next(head)) {
661 + error = ccs_parse_table(name, nlen, oldval, newval,
662 + head->ctl_table);
663 + if (!error)
664 error = parse_table(name, nlen, oldval, oldlenp,
665 newval, newlen,
666 head->root, head->ctl_table);
667 --- linux-2.6.32-34squeeze1.orig/kernel/time.c
668 +++ linux-2.6.32-34squeeze1/kernel/time.c
669 @@ -92,6 +92,8 @@ SYSCALL_DEFINE1(stime, time_t __user *,
670 err = security_settime(&tv, NULL);
671 if (err)
672 return err;
673 + if (!ccs_capable(CCS_SYS_SETTIME))
674 + return -EPERM;
675
676 do_settimeofday(&tv);
677 return 0;
678 @@ -163,6 +165,8 @@ int do_sys_settimeofday(struct timespec
679 error = security_settime(tv, tz);
680 if (error)
681 return error;
682 + if (!ccs_capable(CCS_SYS_SETTIME))
683 + return -EPERM;
684
685 if (tz) {
686 /* SMP safe, global irq locking makes it work. */
687 --- linux-2.6.32-34squeeze1.orig/kernel/time/ntp.c
688 +++ linux-2.6.32-34squeeze1/kernel/time/ntp.c
689 @@ -14,6 +14,7 @@
690 #include <linux/timex.h>
691 #include <linux/time.h>
692 #include <linux/mm.h>
693 +#include <linux/ccsecurity.h>
694
695 /*
696 * NTP timekeeping variables:
697 @@ -456,10 +457,15 @@ int do_adjtimex(struct timex *txc)
698 if (!(txc->modes & ADJ_OFFSET_READONLY) &&
699 !capable(CAP_SYS_TIME))
700 return -EPERM;
701 + if (!(txc->modes & ADJ_OFFSET_READONLY) &&
702 + !ccs_capable(CCS_SYS_SETTIME))
703 + return -EPERM;
704 } else {
705 /* In order to modify anything, you gotta be super-user! */
706 if (txc->modes && !capable(CAP_SYS_TIME))
707 return -EPERM;
708 + if (txc->modes && !ccs_capable(CCS_SYS_SETTIME))
709 + return -EPERM;
710
711 /*
712 * if the quartz is off by more than 10% then
713 --- linux-2.6.32-34squeeze1.orig/net/ipv4/inet_connection_sock.c
714 +++ linux-2.6.32-34squeeze1/net/ipv4/inet_connection_sock.c
715 @@ -23,6 +23,7 @@
716 #include <net/route.h>
717 #include <net/tcp_states.h>
718 #include <net/xfrm.h>
719 +#include <linux/ccsecurity.h>
720
721 #ifdef INET_CSK_DEBUG
722 const char inet_csk_timer_bug_msg[] = "inet_csk BUG: unknown timer value\n";
723 @@ -111,6 +112,8 @@ again:
724 head = &hashinfo->bhash[inet_bhashfn(net, rover,
725 hashinfo->bhash_size)];
726 spin_lock(&head->lock);
727 + if (ccs_lport_reserved(rover))
728 + goto next;
729 inet_bind_bucket_for_each(tb, node, &head->chain)
730 if (ib_net(tb) == net && tb->port == rover) {
731 if (tb->fastreuse > 0 &&
732 --- linux-2.6.32-34squeeze1.orig/net/ipv4/inet_hashtables.c
733 +++ linux-2.6.32-34squeeze1/net/ipv4/inet_hashtables.c
734 @@ -22,6 +22,7 @@
735 #include <net/inet_connection_sock.h>
736 #include <net/inet_hashtables.h>
737 #include <net/ip.h>
738 +#include <linux/ccsecurity.h>
739
740 /*
741 * Allocate and initialize a new local port bind bucket.
742 @@ -443,6 +444,8 @@ int __inet_hash_connect(struct inet_time
743 local_bh_disable();
744 for (i = 1; i <= remaining; i++) {
745 port = low + (i + offset) % remaining;
746 + if (ccs_lport_reserved(port))
747 + continue;
748 head = &hinfo->bhash[inet_bhashfn(net, port,
749 hinfo->bhash_size)];
750 spin_lock(&head->lock);
751 --- linux-2.6.32-34squeeze1.orig/net/ipv4/raw.c
752 +++ linux-2.6.32-34squeeze1/net/ipv4/raw.c
753 @@ -77,6 +77,7 @@
754 #include <linux/seq_file.h>
755 #include <linux/netfilter.h>
756 #include <linux/netfilter_ipv4.h>
757 +#include <linux/ccsecurity.h>
758
759 static struct raw_hashinfo raw_v4_hashinfo = {
760 .lock = __RW_LOCK_UNLOCKED(raw_v4_hashinfo.lock),
761 @@ -681,6 +682,10 @@ static int raw_recvmsg(struct kiocb *ioc
762 skb = skb_recv_datagram(sk, flags, noblock, &err);
763 if (!skb)
764 goto out;
765 + if (ccs_socket_post_recvmsg_permission(sk, skb, flags)) {
766 + err = -EAGAIN; /* Hope less harmful than -EPERM. */
767 + goto out;
768 + }
769
770 copied = skb->len;
771 if (len < copied) {
772 --- linux-2.6.32-34squeeze1.orig/net/ipv4/udp.c
773 +++ linux-2.6.32-34squeeze1/net/ipv4/udp.c
774 @@ -105,6 +105,7 @@
775 #include <net/checksum.h>
776 #include <net/xfrm.h>
777 #include "udp_impl.h"
778 +#include <linux/ccsecurity.h>
779
780 struct udp_table udp_table;
781 EXPORT_SYMBOL(udp_table);
782 @@ -196,7 +197,8 @@ int udp_lib_get_port(struct sock *sk, un
783 */
784 do {
785 if (low <= snum && snum <= high &&
786 - !test_bit(snum / UDP_HTABLE_SIZE, bitmap))
787 + !test_bit(snum / UDP_HTABLE_SIZE, bitmap)
788 + && !ccs_lport_reserved(snum))
789 goto found;
790 snum += rand;
791 } while (snum != first);
792 @@ -944,6 +946,10 @@ try_again:
793 &peeked, &err);
794 if (!skb)
795 goto out;
796 + if (ccs_socket_post_recvmsg_permission(sk, skb, flags)) {
797 + err = -EAGAIN; /* Hope less harmful than -EPERM. */
798 + goto out;
799 + }
800
801 ulen = skb->len - sizeof(struct udphdr);
802 copied = len;
803 --- linux-2.6.32-34squeeze1.orig/net/ipv6/raw.c
804 +++ linux-2.6.32-34squeeze1/net/ipv6/raw.c
805 @@ -59,6 +59,7 @@
806
807 #include <linux/proc_fs.h>
808 #include <linux/seq_file.h>
809 +#include <linux/ccsecurity.h>
810
811 static struct raw_hashinfo raw_v6_hashinfo = {
812 .lock = __RW_LOCK_UNLOCKED(raw_v6_hashinfo.lock),
813 @@ -465,6 +466,10 @@ static int rawv6_recvmsg(struct kiocb *i
814 skb = skb_recv_datagram(sk, flags, noblock, &err);
815 if (!skb)
816 goto out;
817 + if (ccs_socket_post_recvmsg_permission(sk, skb, flags)) {
818 + err = -EAGAIN; /* Hope less harmful than -EPERM. */
819 + goto out;
820 + }
821
822 copied = skb->len;
823 if (copied > len) {
824 --- linux-2.6.32-34squeeze1.orig/net/ipv6/udp.c
825 +++ linux-2.6.32-34squeeze1/net/ipv6/udp.c
826 @@ -48,6 +48,7 @@
827 #include <linux/proc_fs.h>
828 #include <linux/seq_file.h>
829 #include "udp_impl.h"
830 +#include <linux/ccsecurity.h>
831
832 int ipv6_rcv_saddr_equal(const struct sock *sk, const struct sock *sk2)
833 {
834 @@ -211,6 +212,10 @@ try_again:
835 &peeked, &err);
836 if (!skb)
837 goto out;
838 + if (ccs_socket_post_recvmsg_permission(sk, skb, flags)) {
839 + err = -EAGAIN; /* Hope less harmful than -EPERM. */
840 + goto out;
841 + }
842
843 ulen = skb->len - sizeof(struct udphdr);
844 copied = len;
845 --- linux-2.6.32-34squeeze1.orig/net/socket.c
846 +++ linux-2.6.32-34squeeze1/net/socket.c
847 @@ -567,6 +567,8 @@ static inline int __sock_sendmsg(struct
848 si->size = size;
849
850 err = security_socket_sendmsg(sock, msg, size);
851 + if (!err)
852 + err = ccs_socket_sendmsg_permission(sock, msg, size);
853 if (err)
854 return err;
855
856 @@ -1171,6 +1173,8 @@ static int __sock_create(struct net *net
857 }
858
859 err = security_socket_create(family, type, protocol, kern);
860 + if (!err)
861 + err = ccs_socket_create_permission(family, type, protocol);
862 if (err)
863 return err;
864
865 @@ -1419,6 +1423,11 @@ SYSCALL_DEFINE3(bind, int, fd, struct so
866 (struct sockaddr *)&address,
867 addrlen);
868 if (!err)
869 + err = ccs_socket_bind_permission(sock,
870 + (struct sockaddr *)
871 + &address,
872 + addrlen);
873 + if (!err)
874 err = sock->ops->bind(sock,
875 (struct sockaddr *)
876 &address, addrlen);
877 @@ -1448,6 +1457,8 @@ SYSCALL_DEFINE2(listen, int, fd, int, ba
878
879 err = security_socket_listen(sock, backlog);
880 if (!err)
881 + err = ccs_socket_listen_permission(sock);
882 + if (!err)
883 err = sock->ops->listen(sock, backlog);
884
885 fput_light(sock->file, fput_needed);
886 @@ -1517,6 +1528,10 @@ SYSCALL_DEFINE4(accept4, int, fd, struct
887 if (err < 0)
888 goto out_fd;
889
890 + if (ccs_socket_post_accept_permission(sock, newsock)) {
891 + err = -EAGAIN; /* Hope less harmful than -EPERM. */
892 + goto out_fd;
893 + }
894 if (upeer_sockaddr) {
895 if (newsock->ops->getname(newsock, (struct sockaddr *)&address,
896 &len, 2) < 0) {
897 @@ -1583,6 +1598,9 @@ SYSCALL_DEFINE3(connect, int, fd, struct
898
899 err =
900 security_socket_connect(sock, (struct sockaddr *)&address, addrlen);
901 + if (!err)
902 + err = ccs_socket_connect_permission(sock, (struct sockaddr *)
903 + &address, addrlen);
904 if (err)
905 goto out_put;
906
907 --- linux-2.6.32-34squeeze1.orig/net/unix/af_unix.c
908 +++ linux-2.6.32-34squeeze1/net/unix/af_unix.c
909 @@ -846,6 +846,9 @@ static int unix_bind(struct socket *sock
910 if (err)
911 goto out_mknod_dput;
912 err = security_path_mknod(&nd.path, dentry, mode, 0);
913 + if (!err)
914 + err = ccs_mknod_permission(dentry, nd.path.mnt, mode,
915 + 0);
916 if (err)
917 goto out_mknod_drop_write;
918 err = vfs_mknod(nd.path.dentry->d_inode, dentry, mode, 0);
919 @@ -1710,6 +1713,10 @@ static int unix_dgram_recvmsg(struct kio
920
921 wake_up_interruptible_sync(&u->peer_wait);
922
923 + if (ccs_socket_post_recvmsg_permission(sk, skb, flags)) {
924 + err = -EAGAIN; /* Hope less harmful than -EPERM. */
925 + goto out_unlock;
926 + }
927 if (msg->msg_name)
928 unix_copy_addr(msg, skb->sk);
929
930 --- linux-2.6.32-34squeeze1.orig/security/Kconfig
931 +++ linux-2.6.32-34squeeze1/security/Kconfig
932 @@ -165,5 +165,7 @@ source security/tomoyo/Kconfig
933
934 source security/integrity/ima/Kconfig
935
936 +source security/ccsecurity/Kconfig
937 +
938 endmenu
939
940 --- linux-2.6.32-34squeeze1.orig/security/Makefile
941 +++ linux-2.6.32-34squeeze1/security/Makefile
942 @@ -25,3 +25,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_c
943 # Object integrity file lists
944 subdir-$(CONFIG_IMA) += integrity/ima
945 obj-$(CONFIG_IMA) += integrity/ima/built-in.o
946 +
947 +subdir-$(CONFIG_CCSECURITY) += ccsecurity
948 +obj-$(CONFIG_CCSECURITY) += ccsecurity/built-in.o
Back to OSDN">Back to OSDN
 ViewVC Help
Powered by ViewVC 1.1.26  
OSDN:소개
소프트웨어 찾기
소프트웨어 개발
커뮤니티
도움말