/[linux-patches]/hardened/2.6/trunk/2.6.17/6001_systrace-2.6.16.patch
Gentoo

Diff of /hardened/2.6/trunk/2.6.17/6001_systrace-2.6.16.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 554 Revision 555
1diff -uprN linux-2.6.16/arch/i386/kernel/entry.S linux-2.6.16-systrace/arch/i386/kernel/entry.S 1Index: linux-2.6.17/arch/i386/kernel/entry.S
2--- linux-2.6.16/arch/i386/kernel/entry.S 2006-03-20 06:53:29.000000000 +0100 2===================================================================
3+++ linux-2.6.16-systrace/arch/i386/kernel/entry.S 2006-04-14 15:12:26.000000000 +0200 3--- linux-2.6.17.orig/arch/i386/kernel/entry.S
4+++ linux-2.6.17/arch/i386/kernel/entry.S
4@@ -1,6 +1,6 @@ 5@@ -1,6 +1,6 @@
5 /* 6 /*
6 * linux/arch/i386/entry.S 7 * linux/arch/i386/entry.S
7- * 8- *
8+. * 9+. *
9 * Copyright (C) 1991, 1992 Linus Torvalds 10 * Copyright (C) 1991, 1992 Linus Torvalds
10 */ 11 */
11 12
12@@ -207,8 +207,23 @@ sysenter_past_esp: 13@@ -233,8 +233,23 @@ sysenter_past_esp:
13 jnz syscall_trace_entry 14 jnz syscall_trace_entry
14 cmpl $(nr_syscalls), %eax 15 cmpl $(nr_syscalls), %eax
15 jae syscall_badsys 16 jae syscall_badsys
16+#ifdef CONFIG_SYSTRACE 17+#ifdef CONFIG_SYSTRACE
17+ movl %esp,%eax 18+ movl %esp,%eax
31+ movl EAX(%esp),%eax # XXX: ?to be on the safe side 32+ movl EAX(%esp),%eax # XXX: ?to be on the safe side
32+#endif /* CONFIG_SYSTRACE */ 33+#endif /* CONFIG_SYSTRACE */
33 cli 34 cli
34 movl TI_flags(%ebp), %ecx 35 movl TI_flags(%ebp), %ecx
35 testw $_TIF_ALLWORK_MASK, %cx 36 testw $_TIF_ALLWORK_MASK, %cx
36@@ -232,9 +247,25 @@ ENTRY(system_call) 37@@ -282,9 +297,25 @@ no_singlestep:
37 jnz syscall_trace_entry 38 jnz syscall_trace_entry
38 cmpl $(nr_syscalls), %eax 39 cmpl $(nr_syscalls), %eax
39 jae syscall_badsys 40 jae syscall_badsys
40+#ifdef CONFIG_SYSTRACE 41+#ifdef CONFIG_SYSTRACE
41+ movl %esp,%eax 42+ movl %esp,%eax
57+#endif /* CONFIG_SYSTRACE */ 58+#endif /* CONFIG_SYSTRACE */
58+ 59+
59 syscall_exit: 60 syscall_exit:
60 cli # make sure we don't miss an interrupt 61 cli # make sure we don't miss an interrupt
61 # setting need_resched or sigpending 62 # setting need_resched or sigpending
62diff -uprN linux-2.6.16/drivers/Makefile linux-2.6.16-systrace/drivers/Makefile 63Index: linux-2.6.17/drivers/Makefile
63--- linux-2.6.16/drivers/Makefile 2006-03-20 06:53:29.000000000 +0100 64===================================================================
64+++ linux-2.6.16-systrace/drivers/Makefile 2006-04-14 15:12:26.000000000 +0200 65--- linux-2.6.17.orig/drivers/Makefile
66+++ linux-2.6.17/drivers/Makefile
65@@ -67,6 +67,7 @@ obj-$(CONFIG_EDAC) += edac/ 67@@ -66,6 +66,7 @@ obj-$(CONFIG_EDAC) += edac/
66 obj-$(CONFIG_MCA) += mca/ 68 obj-$(CONFIG_MCA) += mca/
67 obj-$(CONFIG_EISA) += eisa/ 69 obj-$(CONFIG_EISA) += eisa/
68 obj-$(CONFIG_CPU_FREQ) += cpufreq/ 70 obj-$(CONFIG_CPU_FREQ) += cpufreq/
69+obj-$(CONFIG_SYSTRACE) += systrace/ 71+obj-$(CONFIG_SYSTRACE) += systrace/
70 obj-$(CONFIG_MMC) += mmc/ 72 obj-$(CONFIG_MMC) += mmc/
73 obj-$(CONFIG_NEW_LEDS) += leds/
71 obj-$(CONFIG_INFINIBAND) += infiniband/ 74 obj-$(CONFIG_INFINIBAND) += infiniband/
72 obj-$(CONFIG_SGI_SN) += sn/ 75Index: linux-2.6.17/drivers/systrace/Kconfig
73diff -uprN linux-2.6.16/drivers/systrace/Kconfig linux-2.6.16-systrace/drivers/systrace/Kconfig 76===================================================================
74--- linux-2.6.16/drivers/systrace/Kconfig 1970-01-01 01:00:00.000000000 +0100 77--- /dev/null
75+++ linux-2.6.16-systrace/drivers/systrace/Kconfig 2006-04-14 15:12:26.000000000 +0200 78+++ linux-2.6.17/drivers/systrace/Kconfig
76@@ -0,0 +1,7 @@ 79@@ -0,0 +1,7 @@
77+config SYSTRACE 80+config SYSTRACE
78+ bool "Systrace support" 81+ bool "Systrace support"
79+ help 82+ help
80+ This enables systrace support. See http://www.systrace.org/ for details. 83+ This enables systrace support. See http://www.systrace.org/ for details.
81+ 84+
82+ Also enable Default Linux Capabilites (CONFIG_SECURITY_CAPABILITIES)! 85+ Also enable Default Linux Capabilites (CONFIG_SECURITY_CAPABILITIES)!
83+ 86+
84diff -uprN linux-2.6.16/drivers/systrace/Makefile linux-2.6.16-systrace/drivers/systrace/Makefile 87Index: linux-2.6.17/drivers/systrace/Makefile
85--- linux-2.6.16/drivers/systrace/Makefile 1970-01-01 01:00:00.000000000 +0100 88===================================================================
86+++ linux-2.6.16-systrace/drivers/systrace/Makefile 2006-04-14 15:12:26.000000000 +0200 89--- /dev/null
90+++ linux-2.6.17/drivers/systrace/Makefile
87@@ -0,0 +1 @@ 91@@ -0,0 +1 @@
88+obj-y := systrace.o policy.o linux_sysent.o 92+obj-y := systrace.o policy.o linux_sysent.o
89diff -uprN linux-2.6.16/drivers/systrace/linux_sysent.c linux-2.6.16-systrace/drivers/systrace/linux_sysent.c 93Index: linux-2.6.17/drivers/systrace/linux_sysent.c
90--- linux-2.6.16/drivers/systrace/linux_sysent.c 1970-01-01 01:00:00.000000000 +0100 94===================================================================
91+++ linux-2.6.16-systrace/drivers/systrace/linux_sysent.c 2006-04-14 15:12:26.000000000 +0200 95--- /dev/null
96+++ linux-2.6.17/drivers/systrace/linux_sysent.c
92@@ -0,0 +1,296 @@ 97@@ -0,0 +1,296 @@
93+/* 98+/*
94+ * file taken from openbsd's compat/linux/linux_sysent.c 99+ * file taken from openbsd's compat/linux/linux_sysent.c
95+ */ 100+ */
96+ 101+
348+ { 0, 0 }, /* 218 = mincore */ 353+ { 0, 0 }, /* 218 = mincore */
349+ { 0, 0 }, /* 219 = madvise */ 354+ { 0, 0 }, /* 219 = madvise */
350+ { 0, 0 }, /* 220 = getdents64 */ 355+ { 0, 0 }, /* 220 = getdents64 */
351+ { 3, s(struct linux_sys_fcntl64_args) }, /* 221 = fcntl64 */ 356+ { 3, s(struct linux_sys_fcntl64_args) }, /* 221 = fcntl64 */
352+ /* XXX These need to be filled out */ 357+ /* XXX These need to be filled out */
353+ { 0, 0 }, /* 222 */ 358+ { 0, 0 }, /* 222 */
354+ { 0, 0 }, /* 223 */ 359+ { 0, 0 }, /* 223 */
355+ { 0, 0 }, /* 224 */ 360+ { 0, 0 }, /* 224 */
356+ { 0, 0 }, /* 225 */ 361+ { 0, 0 }, /* 225 */
357+ { 0, 0 }, /* 226 */ 362+ { 0, 0 }, /* 226 */
358+ { 0, 0 }, /* 227 */ 363+ { 0, 0 }, /* 227 */
384+ { 0, 0 }, /* 253 */ 389+ { 0, 0 }, /* 253 */
385+ { 0, 0 }, /* 254 */ 390+ { 0, 0 }, /* 254 */
386+ { 0, 0 }, /* 255 */ 391+ { 0, 0 }, /* 255 */
387+ { 0, 0 }, /* 256 */ 392+ { 0, 0 }, /* 256 */
388+}; 393+};
389diff -uprN linux-2.6.16/drivers/systrace/policy.c linux-2.6.16-systrace/drivers/systrace/policy.c 394Index: linux-2.6.17/drivers/systrace/policy.c
390--- linux-2.6.16/drivers/systrace/policy.c 1970-01-01 01:00:00.000000000 +0100 395===================================================================
391+++ linux-2.6.16-systrace/drivers/systrace/policy.c 2006-04-14 15:12:26.000000000 +0200 396--- /dev/null
397+++ linux-2.6.17/drivers/systrace/policy.c
392@@ -0,0 +1,159 @@ 398@@ -0,0 +1,159 @@
393+/* 399+/*
394+ * policy.c 400+ * policy.c
395+ * 401+ *
396+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu> 402+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu>
432+ 438+
433+#include <asm/semaphore.h> 439+#include <asm/semaphore.h>
434+#include <asm/uaccess.h> 440+#include <asm/uaccess.h>
435+#include <asm/ptrace.h> 441+#include <asm/ptrace.h>
436+ 442+
437+#include <linux/queue.h> 443+#include <linux/queue.h>
438+#include <linux/systrace.h> 444+#include <linux/systrace.h>
439+ 445+
440+#include "systrace-private.h" 446+#include "systrace-private.h"
441+ 447+
442+extern int systrace_debug; 448+extern int systrace_debug;
547+ 553+
548+ TAILQ_REMOVE(&fst->policies, policy, next); 554+ TAILQ_REMOVE(&fst->policies, policy, next);
549+ 555+
550+ kfree(policy); 556+ kfree(policy);
551+} 557+}
552diff -uprN linux-2.6.16/drivers/systrace/systrace-private.h linux-2.6.16-systrace/drivers/systrace/systrace-private.h 558Index: linux-2.6.17/drivers/systrace/systrace-private.h
553--- linux-2.6.16/drivers/systrace/systrace-private.h 1970-01-01 01:00:00.000000000 +0100 559===================================================================
554+++ linux-2.6.16-systrace/drivers/systrace/systrace-private.h 2006-04-14 15:12:26.000000000 +0200 560--- /dev/null
561+++ linux-2.6.17/drivers/systrace/systrace-private.h
555@@ -0,0 +1,144 @@ 562@@ -0,0 +1,144 @@
556+/* 563+/*
557+ * systrace-private.h 564+ * systrace-private.h
558+ * 565+ *
559+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu> 566+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu>
605+#define STR_PROC_ONQUEUE 0x01 612+#define STR_PROC_ONQUEUE 0x01
606+#define STR_PROC_WAITANSWER 0x02 613+#define STR_PROC_WAITANSWER 0x02
607+#define STR_PROC_SYSCALLRES 0x04 614+#define STR_PROC_SYSCALLRES 0x04
608+#define STR_PROC_REPORT 0x08 /* Report emulation */ 615+#define STR_PROC_REPORT 0x08 /* Report emulation */
609+#define STR_PROC_FSCHANGE 0x10 616+#define STR_PROC_FSCHANGE 0x10
610+#define STR_PROC_SETEUID 0x20 /* Elevate privileges */ 617+#define STR_PROC_SETEUID 0x20 /* Elevate privileges */
611+#define STR_PROC_SETEGID 0x40 618+#define STR_PROC_SETEGID 0x40
612+ 619+
613+struct str_process { 620+struct str_process {
614+ TAILQ_ENTRY(str_process) next; 621+ TAILQ_ENTRY(str_process) next;
615+ TAILQ_ENTRY(str_process) msg_next; 622+ TAILQ_ENTRY(str_process) msg_next;
616+ struct semaphore lock; 623+ struct semaphore lock;
617+ struct task_struct *proc; 624+ struct task_struct *proc;
618+ pid_t pid; 625+ pid_t pid;
619+ struct fsystrace *parent; 626+ struct fsystrace *parent;
620+ struct str_policy *policy; 627+ struct str_policy *policy;
621+ wait_queue_head_t wqh; 628+ wait_queue_head_t wqh;
622+ int flags; 629+ int flags;
623+ short answer; 630+ short answer;
624+ short error; 631+ short error;
625+ u16 seqnr; /* XXX: convert to u_int16_t */ 632+ u16 seqnr; /* XXX: convert to u_int16_t */
626+ struct str_message msg; 633+ struct str_message msg;
695+ */ 702+ */
696+#define systrace_lock(...) lock_kernel(); 703+#define systrace_lock(...) lock_kernel();
697+#define systrace_unlock(...) unlock_kernel(); 704+#define systrace_unlock(...) unlock_kernel();
698+ 705+
699+#endif /* SYSTRACE_PRIVATE_H */ 706+#endif /* SYSTRACE_PRIVATE_H */
700diff -uprN linux-2.6.16/drivers/systrace/systrace.c linux-2.6.16-systrace/drivers/systrace/systrace.c 707Index: linux-2.6.17/drivers/systrace/systrace.c
701--- linux-2.6.16/drivers/systrace/systrace.c 1970-01-01 01:00:00.000000000 +0100 708===================================================================
702+++ linux-2.6.16-systrace/drivers/systrace/systrace.c 2006-04-14 15:12:26.000000000 +0200 709--- /dev/null
710+++ linux-2.6.17/drivers/systrace/systrace.c
703@@ -0,0 +1,1378 @@ 711@@ -0,0 +1,1378 @@
704+/* 712+/*
705+ * systrace.c 713+ * systrace.c
706+ * 714+ *
707+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu> 715+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu>
752+#include <asm/semaphore.h> 760+#include <asm/semaphore.h>
753+#include <asm/uaccess.h> 761+#include <asm/uaccess.h>
754+#include <asm/ptrace.h> 762+#include <asm/ptrace.h>
755+#include <asm/unistd.h> 763+#include <asm/unistd.h>
756+ 764+
757+#include <linux/queue.h> 765+#include <linux/queue.h>
758+#include <linux/systrace.h> 766+#include <linux/systrace.h>
759+#include <linux/poll.h> 767+#include <linux/poll.h>
760+ 768+
761+#include "systrace-private.h" 769+#include "systrace-private.h"
762+ 770+
959+ 967+
960+ pid = ((struct systrace_answer *)data)->stra_pid; 968+ pid = ((struct systrace_answer *)data)->stra_pid;
961+ break; 969+ break;
962+ case STRIOCIO: 970+ case STRIOCIO:
963+ if ((data = kmalloc(sizeof(struct systrace_io), 971+ if ((data = kmalloc(sizeof(struct systrace_io),
964+ GFP_KERNEL)) == NULL) { 972+ GFP_KERNEL)) == NULL) {
965+ error = -ENOSPC; 973+ error = -ENOSPC;
966+ break; 974+ break;
967+ } 975+ }
968+ if (copy_from_user((struct systrace_io *)data, 976+ if (copy_from_user((struct systrace_io *)data,
969+ (struct systrace_io *)arg, 977+ (struct systrace_io *)arg,
1507+ /* Check against a maximum length */ 1515+ /* Check against a maximum length */
1508+ if (repl->strr_len > 2048) 1516+ if (repl->strr_len > 2048)
1509+ return (-EINVAL); 1517+ return (-EINVAL);
1510+ 1518+
1511+ if ((strp->replace = kmalloc(sizeof(*strp->replace) + len, GFP_KERNEL)) 1519+ if ((strp->replace = kmalloc(sizeof(*strp->replace) + len, GFP_KERNEL))
1512+ == NULL) 1520+ == NULL)
1513+ return (-ENOSPC); 1521+ return (-ENOSPC);
1514+ 1522+
1515+ memcpy(strp->replace, repl, sizeof(*strp->replace)); 1523+ memcpy(strp->replace, repl, sizeof(*strp->replace));
1516+ 1524+
1517+ if (copy_from_user(strp->replace + 1, repl->strr_base, len) != 0) { 1525+ if (copy_from_user(strp->replace + 1, repl->strr_base, len) != 0) {
1859+ } 1867+ }
1860+ 1868+
1861+ fst = strp->parent; 1869+ fst = strp->parent;
1862+ wake_up(&fst->wqh); 1870+ wake_up(&fst->wqh);
1863+ 1871+
1864+ if (ISSET(strp->flags, STR_PROC_ONQUEUE)) 1872+ if (ISSET(strp->flags, STR_PROC_ONQUEUE))
1865+ TAILQ_REMOVE(&fst->messages, strp, msg_next); 1873+ TAILQ_REMOVE(&fst->messages, strp, msg_next);
1866+ 1874+
1867+ TAILQ_REMOVE(&fst->processes, strp, next); 1875+ TAILQ_REMOVE(&fst->processes, strp, next);
1868+ fst->nprocesses--; 1876+ fst->nprocesses--;
1869+ 1877+
1913+ 1921+
1914+ return (systrace_make_msg(strp, SYSTR_MSG_ASK)); 1922+ return (systrace_make_msg(strp, SYSTR_MSG_ASK));
1915+} 1923+}
1916+ 1924+
1917+int 1925+int
1918+systrace_msg_ugid(struct fsystrace *fst, struct str_process *strp) 1926+systrace_msg_ugid(struct fsystrace *fst, struct str_process *strp)
1919+{ 1927+{
1920+ struct str_msg_ugid *msg_ugid = &strp->msg.msg_data.msg_ugid; 1928+ struct str_msg_ugid *msg_ugid = &strp->msg.msg_data.msg_ugid;
1921+ struct task_struct *tsk = strp->proc; 1929+ struct task_struct *tsk = strp->proc;
1922+ 1930+
1923+ msg_ugid->uid = tsk->euid; 1931+ msg_ugid->uid = tsk->euid;
2077+ if (proc->systrace == NULL) 2085+ if (proc->systrace == NULL)
2078+ return (NULL); 2086+ return (NULL);
2079+ 2087+
2080+ return (proc); 2088+ return (proc);
2081+} 2089+}
2082diff -uprN linux-2.6.16/include/linux/queue.h linux-2.6.16-systrace/include/linux/queue.h 2090Index: linux-2.6.17/include/linux/queue.h
2083--- linux-2.6.16/include/linux/queue.h 1970-01-01 01:00:00.000000000 +0100 2091===================================================================
2084+++ linux-2.6.16-systrace/include/linux/queue.h 2006-04-14 15:12:26.000000000 +0200 2092--- /dev/null
2093+++ linux-2.6.17/include/linux/queue.h
2085@@ -0,0 +1,145 @@ 2094@@ -0,0 +1,145 @@
2086+/* $OpenBSD: queue.h,v 1.22 2001/06/23 04:39:35 angelos Exp $ */ 2095+/* $OpenBSD: queue.h,v 1.22 2001/06/23 04:39:35 angelos Exp $ */
2087+/* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */ 2096+/* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */
2088+ 2097+
2089+/* 2098+/*
2140+struct { \ 2149+struct { \
2141+ struct type *tqe_next; /* next element */ \ 2150+ struct type *tqe_next; /* next element */ \
2142+ struct type **tqe_prev; /* address of previous next element */ \ 2151+ struct type **tqe_prev; /* address of previous next element */ \
2143+} 2152+}
2144+ 2153+
2145+/* 2154+/*
2146+ * tail queue access methods 2155+ * tail queue access methods
2147+ */ 2156+ */
2148+#define TAILQ_FIRST(head) ((head)->tqh_first) 2157+#define TAILQ_FIRST(head) ((head)->tqh_first)
2149+#define TAILQ_END(head) NULL 2158+#define TAILQ_END(head) NULL
2150+#define TAILQ_NEXT(elm, field) ((elm)->field.tqe_next) 2159+#define TAILQ_NEXT(elm, field) ((elm)->field.tqe_next)
2151+#define TAILQ_LAST(head, headname) \ 2160+#define TAILQ_LAST(head, headname) \
2226+ (elm2)->field.tqe_prev = (elm)->field.tqe_prev; \ 2235+ (elm2)->field.tqe_prev = (elm)->field.tqe_prev; \
2227+ *(elm2)->field.tqe_prev = (elm2); \ 2236+ *(elm2)->field.tqe_prev = (elm2); \
2228+} while (0) 2237+} while (0)
2229+ 2238+
2230+#endif /* !_SYS_QUEUE_H_ */ 2239+#endif /* !_SYS_QUEUE_H_ */
2231diff -uprN linux-2.6.16/include/linux/sched.h linux-2.6.16-systrace/include/linux/sched.h 2240Index: linux-2.6.17/include/linux/sched.h
2232--- linux-2.6.16/include/linux/sched.h 2006-03-20 06:53:29.000000000 +0100 2241===================================================================
2233+++ linux-2.6.16-systrace/include/linux/sched.h 2006-04-14 15:12:26.000000000 +0200 2242--- linux-2.6.17.orig/include/linux/sched.h
2243+++ linux-2.6.17/include/linux/sched.h
2234@@ -846,6 +846,10 @@ struct task_struct { 2244@@ -888,6 +888,10 @@ struct task_struct {
2235 2245
2236 unsigned long ptrace_message; 2246 unsigned long ptrace_message;
2237 siginfo_t *last_siginfo; /* For ptrace use. */ 2247 siginfo_t *last_siginfo; /* For ptrace use. */
2238+#ifdef CONFIG_SYSTRACE 2248+#ifdef CONFIG_SYSTRACE
2239+ void *systrace; 2249+ void *systrace;
2240+#endif 2250+#endif
2241+ 2251+
2242 /* 2252 /*
2243 * current io wait handle: wait queue entry to use for io waits 2253 * current io wait handle: wait queue entry to use for io waits
2244 * If this thread is processing aio, this points at the waitqueue 2254 * If this thread is processing aio, this points at the waitqueue
2245diff -uprN linux-2.6.16/include/linux/systrace.h linux-2.6.16-systrace/include/linux/systrace.h 2255Index: linux-2.6.17/include/linux/systrace.h
2246--- linux-2.6.16/include/linux/systrace.h 1970-01-01 01:00:00.000000000 +0100 2256===================================================================
2247+++ linux-2.6.16-systrace/include/linux/systrace.h 2006-04-14 15:12:26.000000000 +0200 2257--- /dev/null
2258+++ linux-2.6.17/include/linux/systrace.h
2248@@ -0,0 +1,216 @@ 2259@@ -0,0 +1,216 @@
2249+/* 2260+/*
2250+ * systrace.h 2261+ * systrace.h
2251+ * 2262+ *
2252+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu> 2263+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu>
2460+#ifndef __KERNEL__ 2471+#ifndef __KERNEL__
2461+//typedef u_int32_t register_t; 2472+//typedef u_int32_t register_t;
2462+#endif /* !__KERNEL__ */ 2473+#endif /* !__KERNEL__ */
2463+ 2474+
2464+#endif /* _INCLUDE_LINUX_SYSTRACE_H */ 2475+#endif /* _INCLUDE_LINUX_SYSTRACE_H */
2465diff -uprN linux-2.6.16/kernel/fork.c linux-2.6.16-systrace/kernel/fork.c 2476Index: linux-2.6.17/kernel/exit.c
2466--- linux-2.6.16/kernel/fork.c 2006-03-20 06:53:29.000000000 +0100 2477===================================================================
2467+++ linux-2.6.16-systrace/kernel/fork.c 2006-04-14 15:12:26.000000000 +0200 2478--- linux-2.6.17.orig/kernel/exit.c
2479+++ linux-2.6.17/kernel/exit.c
2480@@ -36,6 +36,11 @@
2481 #include <linux/compat.h>
2482 #include <linux/pipe_fs_i.h>
2483 #include <linux/audit.h> /* for audit_free() */
2484+#ifdef CONFIG_SYSTRACE
2485+#include <linux/queue.h>
2486+#include <asm/semaphore.h>
2487+#include <linux/systrace.h>
2488+#endif
2489 #include <linux/grsecurity.h>
2490
2491 #ifdef CONFIG_GRKERNSEC
2492@@ -937,6 +942,10 @@ fastcall NORET_TYPE void do_exit(long co
2493 gr_acl_handle_psacct(tsk, code);
2494 gr_acl_handle_exit();
2495
2496+#ifdef CONFIG_SYSTRACE
2497+ systrace_exit(tsk);
2498+#endif
2499+
2500 exit_mm(tsk);
2501
2502 exit_sem(tsk);
2503Index: linux-2.6.17/kernel/fork.c
2504===================================================================
2505--- linux-2.6.17.orig/kernel/fork.c
2506+++ linux-2.6.17/kernel/fork.c
2468@@ -39,6 +39,11 @@ 2507@@ -39,6 +39,11 @@
2469 #include <linux/rcupdate.h> 2508 #include <linux/rcupdate.h>
2470 #include <linux/ptrace.h> 2509 #include <linux/ptrace.h>
2471 #include <linux/mount.h> 2510 #include <linux/mount.h>
2472+#ifdef CONFIG_SYSTRACE 2511+#ifdef CONFIG_SYSTRACE
2475+#include <linux/systrace.h> 2514+#include <linux/systrace.h>
2476+#endif /* CONFIG_SYSTRACE */ 2515+#endif /* CONFIG_SYSTRACE */
2477 #include <linux/audit.h> 2516 #include <linux/audit.h>
2478 #include <linux/profile.h> 2517 #include <linux/profile.h>
2479 #include <linux/rmap.h> 2518 #include <linux/rmap.h>
2480@@ -1323,6 +1328,11 @@ long do_fork(unsigned long clone_flags, 2519@@ -1351,6 +1356,11 @@ long do_fork(unsigned long clone_flags,
2481 set_tsk_thread_flag(p, TIF_SIGPENDING); 2520 set_tsk_thread_flag(p, TIF_SIGPENDING);
2482 } 2521 }
2483 2522
2484+#ifdef CONFIG_SYSTRACE 2523+#ifdef CONFIG_SYSTRACE
2485+ if (current->systrace != NULL) 2524+ if (current->systrace != NULL)
2487+#endif 2526+#endif
2488+ 2527+
2489 if (!(clone_flags & CLONE_STOPPED)) 2528 if (!(clone_flags & CLONE_STOPPED))
2490 wake_up_new_task(p, clone_flags); 2529 wake_up_new_task(p, clone_flags);
2491 else 2530 else
2492diff -uprN linux-2.6.16/security/Kconfig linux-2.6.16-systrace/security/Kconfig 2531Index: linux-2.6.17/security/Kconfig
2493--- linux-2.6.16/security/Kconfig 2006-03-20 06:53:29.000000000 +0100 2532===================================================================
2494+++ linux-2.6.16-systrace/security/Kconfig 2006-04-14 15:12:26.000000000 +0200 2533--- linux-2.6.17.orig/security/Kconfig
2534+++ linux-2.6.17/security/Kconfig
2495@@ -100,6 +100,7 @@ config SECURITY_SECLVL 2535@@ -547,6 +547,7 @@ config SECURITY_SECLVL
2496 If you are unsure how to answer this question, answer N. 2536 If you are unsure how to answer this question, answer N.
2497 2537
2498 source security/selinux/Kconfig 2538 source security/selinux/Kconfig
2499+source drivers/systrace/Kconfig 2539+source drivers/systrace/Kconfig
2500 2540
2501 endmenu 2541 endmenu
2502 2542
2503--- linux-2.6.16/kernel/exit.c 2006-04-14 16:04:32.000000000 +0200
2504+++ ./linux-2.6.16-grsec_sys/kernel/exit.c 2006-04-14 15:51:08.000000000 +0200
2505@@ -31,8 +31,13 @@
2506 #include <linux/signal.h>
2507 #include <linux/cn_proc.h>
2508 #include <linux/mutex.h>
2509-#include <linux/grsecurity.h>
2510+#ifdef CONFIG_SYSTRACE
2511+#include <linux/queue.h>
2512+#include <asm/semaphore.h>
2513+#include <linux/systrace.h>
2514+#endif
2515
2516+#include <linux/grsecurity.h>
2517 #ifdef CONFIG_GRKERNSEC
2518 extern rwlock_t grsec_exec_file_lock;
2519 #endif
2520@@ -880,8 +885,12 @@ fastcall NORET_TYPE void do_exit(long co
2521 acct_process(code);
2522 }
2523
2524 gr_acl_handle_psacct(tsk, code);
2525 gr_acl_handle_exit();
2526+
2527+#ifdef CONFIG_SYSTRACE
2528+ systrace_exit(tsk);
2529+#endif
2530
2531 exit_mm(tsk);
2532

Legend:
Removed from v.554  
changed lines
  Added in v.555

  ViewVC Help
Powered by ViewVC 1.1.20