• R/O
  • SSH
  • HTTPS

tomoyo: コミット


コミットメタ情報

リビジョン6622 (tree)
日時2018-01-08 14:58:58
作者kumaneko

ログメッセージ

(メッセージはありません)

変更サマリ

差分

--- trunk/1.8.x/ccs-patch/patches/ccs-patch-3.2-debian-wheezy.diff (revision 6621)
+++ trunk/1.8.x/ccs-patch/patches/ccs-patch-3.2-debian-wheezy.diff (revision 6622)
@@ -28,8 +28,8 @@
2828 security/security.c | 134 +++++++++++++++++++++++++++++++++++++---------
2929 24 files changed, 247 insertions(+), 49 deletions(-)
3030
31---- linux-3.2.93-1.orig/fs/exec.c
32-+++ linux-3.2.93-1/fs/exec.c
31+--- linux-3.2.96-3.orig/fs/exec.c
32++++ linux-3.2.96-3/fs/exec.c
3333 @@ -1592,7 +1592,7 @@ static int do_execve_common(const char *
3434 if (retval < 0)
3535 goto out;
@@ -39,8 +39,8 @@
3939 if (retval < 0)
4040 goto out;
4141
42---- linux-3.2.93-1.orig/fs/open.c
43-+++ linux-3.2.93-1/fs/open.c
42+--- linux-3.2.96-3.orig/fs/open.c
43++++ linux-3.2.96-3/fs/open.c
4444 @@ -1106,6 +1106,8 @@ EXPORT_SYMBOL(sys_close);
4545 */
4646 SYSCALL_DEFINE0(vhangup)
@@ -50,8 +50,8 @@
5050 if (capable(CAP_SYS_TTY_CONFIG)) {
5151 tty_vhangup_self();
5252 return 0;
53---- linux-3.2.93-1.orig/fs/proc/version.c
54-+++ linux-3.2.93-1/fs/proc/version.c
53+--- linux-3.2.96-3.orig/fs/proc/version.c
54++++ linux-3.2.96-3/fs/proc/version.c
5555 @@ -32,3 +32,10 @@ static int __init proc_version_init(void
5656 return 0;
5757 }
@@ -59,12 +59,12 @@
5959 +
6060 +static int __init ccs_show_version(void)
6161 +{
62-+ printk(KERN_INFO "Hook version: 3.2.93-1 2017/09/25\n");
62++ printk(KERN_INFO "Hook version: 3.2.96-3 2018/01/08\n");
6363 + return 0;
6464 +}
6565 +module_init(ccs_show_version);
66---- linux-3.2.93-1.orig/include/linux/init_task.h
67-+++ linux-3.2.93-1/include/linux/init_task.h
66+--- linux-3.2.96-3.orig/include/linux/init_task.h
67++++ linux-3.2.96-3/include/linux/init_task.h
6868 @@ -144,6 +144,14 @@ extern struct task_group root_task_group
6969
7070 #define INIT_TASK_COMM "swapper"
@@ -88,8 +88,8 @@
8888 }
8989
9090
91---- linux-3.2.93-1.orig/include/linux/sched.h
92-+++ linux-3.2.93-1/include/linux/sched.h
91+--- linux-3.2.96-3.orig/include/linux/sched.h
92++++ linux-3.2.96-3/include/linux/sched.h
9393 @@ -44,6 +44,8 @@
9494
9595 #ifdef __KERNEL__
@@ -99,9 +99,9 @@
9999 struct sched_param {
100100 int sched_priority;
101101 };
102-@@ -1588,6 +1590,10 @@ struct task_struct {
103- #ifndef __GENKSYMS__
104- unsigned long rt_watchdog_stamp;
102+@@ -1585,6 +1587,10 @@ struct task_struct {
103+ #ifdef CONFIG_HAVE_HW_BREAKPOINT
104+ atomic_t ptrace_bp_refcnt;
105105 #endif
106106 +#if defined(CONFIG_CCSECURITY) && !defined(CONFIG_CCSECURITY_USE_EXTERNAL_TASK_SECURITY)
107107 + struct ccs_domain_info *ccs_domain_info;
@@ -110,8 +110,8 @@
110110 };
111111
112112 /* Future-safe accessor for struct task_struct's cpus_allowed. */
113---- linux-3.2.93-1.orig/include/linux/security.h
114-+++ linux-3.2.93-1/include/linux/security.h
113+--- linux-3.2.96-3.orig/include/linux/security.h
114++++ linux-3.2.96-3/include/linux/security.h
115115 @@ -38,6 +38,7 @@
116116 #include <linux/slab.h>
117117 #include <linux/xattr.h>
@@ -310,8 +310,8 @@
310310 }
311311 #endif /* CONFIG_SECURITY_PATH */
312312
313---- linux-3.2.93-1.orig/include/net/ip.h
314-+++ linux-3.2.93-1/include/net/ip.h
313+--- linux-3.2.96-3.orig/include/net/ip.h
314++++ linux-3.2.96-3/include/net/ip.h
315315 @@ -218,6 +218,8 @@ extern void inet_get_local_port_range(in
316316 extern unsigned long *sysctl_local_reserved_ports;
317317 static inline int inet_is_reserved_local_port(int port)
@@ -321,9 +321,9 @@
321321 return test_bit(port, sysctl_local_reserved_ports);
322322 }
323323
324---- linux-3.2.93-1.orig/kernel/fork.c
325-+++ linux-3.2.93-1/kernel/fork.c
326-@@ -195,6 +195,7 @@ void __put_task_struct(struct task_struc
324+--- linux-3.2.96-3.orig/kernel/fork.c
325++++ linux-3.2.96-3/kernel/fork.c
326+@@ -197,6 +197,7 @@ void __put_task_struct(struct task_struc
327327 delayacct_tsk_free(tsk);
328328 put_signal_struct(tsk->signal);
329329
@@ -331,7 +331,7 @@
331331 if (!profile_handoff_task(tsk))
332332 free_task(tsk);
333333 }
334-@@ -1222,6 +1223,9 @@ static struct task_struct *copy_process(
334+@@ -1228,6 +1229,9 @@ static struct task_struct *copy_process(
335335 retval = audit_alloc(p);
336336 if (retval)
337337 goto bad_fork_cleanup_perf;
@@ -341,7 +341,7 @@
341341 /* copy all the process information */
342342 retval = copy_semundo(clone_flags, p);
343343 if (retval)
344-@@ -1406,6 +1410,7 @@ bad_fork_cleanup_semundo:
344+@@ -1412,6 +1416,7 @@ bad_fork_cleanup_semundo:
345345 exit_sem(p);
346346 bad_fork_cleanup_audit:
347347 audit_free(p);
@@ -349,8 +349,8 @@
349349 bad_fork_cleanup_perf:
350350 perf_event_free_task(p);
351351 bad_fork_cleanup_policy:
352---- linux-3.2.93-1.orig/kernel/kexec.c
353-+++ linux-3.2.93-1/kernel/kexec.c
352+--- linux-3.2.96-3.orig/kernel/kexec.c
353++++ linux-3.2.96-3/kernel/kexec.c
354354 @@ -39,6 +39,7 @@
355355 #include <asm/io.h>
356356 #include <asm/system.h>
@@ -368,8 +368,8 @@
368368
369369 /*
370370 * Verify we have a legal set of flags
371---- linux-3.2.93-1.orig/kernel/module.c
372-+++ linux-3.2.93-1/kernel/module.c
371+--- linux-3.2.96-3.orig/kernel/module.c
372++++ linux-3.2.96-3/kernel/module.c
373373 @@ -58,6 +58,7 @@
374374 #include <linux/jump_label.h>
375375 #include <linux/pfn.h>
@@ -396,9 +396,9 @@
396396
397397 /* Do all the hard work */
398398 mod = load_module(umod, len, uargs);
399---- linux-3.2.93-1.orig/kernel/ptrace.c
400-+++ linux-3.2.93-1/kernel/ptrace.c
401-@@ -961,6 +961,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l
399+--- linux-3.2.96-3.orig/kernel/ptrace.c
400++++ linux-3.2.96-3/kernel/ptrace.c
401+@@ -957,6 +957,11 @@ SYSCALL_DEFINE4(ptrace, long, request, l
402402 {
403403 struct task_struct *child;
404404 long ret;
@@ -410,7 +410,7 @@
410410
411411 if (request == PTRACE_TRACEME) {
412412 ret = ptrace_traceme();
413-@@ -1108,6 +1113,11 @@ asmlinkage long compat_sys_ptrace(compat
413+@@ -1104,6 +1109,11 @@ asmlinkage long compat_sys_ptrace(compat
414414 {
415415 struct task_struct *child;
416416 long ret;
@@ -422,8 +422,8 @@
422422
423423 if (request == PTRACE_TRACEME) {
424424 ret = ptrace_traceme();
425---- linux-3.2.93-1.orig/kernel/sched.c
426-+++ linux-3.2.93-1/kernel/sched.c
425+--- linux-3.2.96-3.orig/kernel/sched.c
426++++ linux-3.2.96-3/kernel/sched.c
427427 @@ -5342,6 +5342,8 @@ int can_nice(const struct task_struct *p
428428 SYSCALL_DEFINE1(nice, int, increment)
429429 {
@@ -433,8 +433,8 @@
433433
434434 /*
435435 * Setpriority might change our priority at the same moment.
436---- linux-3.2.93-1.orig/kernel/signal.c
437-+++ linux-3.2.93-1/kernel/signal.c
436+--- linux-3.2.96-3.orig/kernel/signal.c
437++++ linux-3.2.96-3/kernel/signal.c
438438 @@ -2756,6 +2756,8 @@ SYSCALL_DEFINE4(rt_sigtimedwait, const s
439439 SYSCALL_DEFINE2(kill, pid_t, pid, int, sig)
440440 {
@@ -480,8 +480,8 @@
480480
481481 return do_send_specific(tgid, pid, sig, info);
482482 }
483---- linux-3.2.93-1.orig/kernel/sys.c
484-+++ linux-3.2.93-1/kernel/sys.c
483+--- linux-3.2.96-3.orig/kernel/sys.c
484++++ linux-3.2.96-3/kernel/sys.c
485485 @@ -180,6 +180,10 @@ SYSCALL_DEFINE3(setpriority, int, which,
486486
487487 if (which > PRIO_USER || which < PRIO_PROCESS)
@@ -520,8 +520,8 @@
520520
521521 down_write(&uts_sem);
522522 errno = -EFAULT;
523---- linux-3.2.93-1.orig/kernel/time/ntp.c
524-+++ linux-3.2.93-1/kernel/time/ntp.c
523+--- linux-3.2.96-3.orig/kernel/time/ntp.c
524++++ linux-3.2.96-3/kernel/time/ntp.c
525525 @@ -15,6 +15,7 @@
526526 #include <linux/time.h>
527527 #include <linux/mm.h>
@@ -555,8 +555,8 @@
555555 if (!(txc->modes & ADJ_NANO))
556556 delta.tv_nsec *= 1000;
557557 result = timekeeping_inject_offset(&delta);
558---- linux-3.2.93-1.orig/net/ipv4/raw.c
559-+++ linux-3.2.93-1/net/ipv4/raw.c
558+--- linux-3.2.96-3.orig/net/ipv4/raw.c
559++++ linux-3.2.96-3/net/ipv4/raw.c
560560 @@ -699,6 +699,10 @@ static int raw_recvmsg(struct kiocb *ioc
561561 skb = skb_recv_datagram(sk, flags, noblock, &err);
562562 if (!skb)
@@ -568,8 +568,8 @@
568568
569569 copied = skb->len;
570570 if (len < copied) {
571---- linux-3.2.93-1.orig/net/ipv4/udp.c
572-+++ linux-3.2.93-1/net/ipv4/udp.c
571+--- linux-3.2.96-3.orig/net/ipv4/udp.c
572++++ linux-3.2.96-3/net/ipv4/udp.c
573573 @@ -1185,6 +1185,10 @@ try_again:
574574 &peeked, &err);
575575 if (!skb)
@@ -581,8 +581,8 @@
581581
582582 ulen = skb->len - sizeof(struct udphdr);
583583 copied = len;
584---- linux-3.2.93-1.orig/net/ipv6/raw.c
585-+++ linux-3.2.93-1/net/ipv6/raw.c
584+--- linux-3.2.96-3.orig/net/ipv6/raw.c
585++++ linux-3.2.96-3/net/ipv6/raw.c
586586 @@ -465,6 +465,10 @@ static int rawv6_recvmsg(struct kiocb *i
587587 skb = skb_recv_datagram(sk, flags, noblock, &err);
588588 if (!skb)
@@ -594,8 +594,8 @@
594594
595595 copied = skb->len;
596596 if (copied > len) {
597---- linux-3.2.93-1.orig/net/ipv6/udp.c
598-+++ linux-3.2.93-1/net/ipv6/udp.c
597+--- linux-3.2.96-3.orig/net/ipv6/udp.c
598++++ linux-3.2.96-3/net/ipv6/udp.c
599599 @@ -359,6 +359,10 @@ try_again:
600600 &peeked, &err);
601601 if (!skb)
@@ -607,8 +607,8 @@
607607
608608 ulen = skb->len - sizeof(struct udphdr);
609609 copied = len;
610---- linux-3.2.93-1.orig/net/socket.c
611-+++ linux-3.2.93-1/net/socket.c
610+--- linux-3.2.96-3.orig/net/socket.c
611++++ linux-3.2.96-3/net/socket.c
612612 @@ -1531,6 +1531,10 @@ SYSCALL_DEFINE4(accept4, int, fd, struct
613613 if (err < 0)
614614 goto out_fd;
@@ -620,8 +620,8 @@
620620 if (upeer_sockaddr) {
621621 if (newsock->ops->getname(newsock, (struct sockaddr *)&address,
622622 &len, 2) < 0) {
623---- linux-3.2.93-1.orig/net/unix/af_unix.c
624-+++ linux-3.2.93-1/net/unix/af_unix.c
623+--- linux-3.2.96-3.orig/net/unix/af_unix.c
624++++ linux-3.2.96-3/net/unix/af_unix.c
625625 @@ -1957,6 +1957,10 @@ static int unix_dgram_recvmsg(struct kio
626626 wake_up_interruptible_sync_poll(&u->peer_wait,
627627 POLLOUT | POLLWRNORM | POLLWRBAND);
@@ -633,9 +633,9 @@
633633 if (msg->msg_name)
634634 unix_copy_addr(msg, skb->sk);
635635
636---- linux-3.2.93-1.orig/security/Kconfig
637-+++ linux-3.2.93-1/security/Kconfig
638-@@ -236,5 +236,7 @@ config DEFAULT_SECURITY
636+--- linux-3.2.96-3.orig/security/Kconfig
637++++ linux-3.2.96-3/security/Kconfig
638+@@ -246,5 +246,7 @@ config DEFAULT_SECURITY
639639 default "apparmor" if DEFAULT_SECURITY_APPARMOR
640640 default "" if DEFAULT_SECURITY_DAC
641641
@@ -643,8 +643,8 @@
643643 +
644644 endmenu
645645
646---- linux-3.2.93-1.orig/security/Makefile
647-+++ linux-3.2.93-1/security/Makefile
646+--- linux-3.2.96-3.orig/security/Makefile
647++++ linux-3.2.96-3/security/Makefile
648648 @@ -26,3 +26,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_c
649649 # Object integrity file lists
650650 subdir-$(CONFIG_INTEGRITY) += integrity
@@ -652,8 +652,8 @@
652652 +
653653 +subdir-$(CONFIG_CCSECURITY) += ccsecurity
654654 +obj-$(CONFIG_CCSECURITY) += ccsecurity/built-in.o
655---- linux-3.2.93-1.orig/security/security.c
656-+++ linux-3.2.93-1/security/security.c
655+--- linux-3.2.96-3.orig/security/security.c
656++++ linux-3.2.96-3/security/security.c
657657 @@ -203,7 +203,10 @@ int security_syslog(int type)
658658
659659 int security_settime(const struct timespec *ts, const struct timezone *tz)
--- tags/htdocs/repos-1.8/CentOS6/repodata/repomd.xml (revision 6621)
+++ tags/htdocs/repos-1.8/CentOS6/repodata/repomd.xml (revision 6622)
@@ -1,28 +1,28 @@
11 <?xml version="1.0" encoding="UTF-8"?>
22 <repomd xmlns="http://linux.duke.edu/metadata/repo" xmlns:rpm="http://linux.duke.edu/metadata/rpm">
3- <revision>1507427262</revision>
3+ <revision>1515390708</revision>
44 <data type="filelists">
5- <checksum type="sha256">012cdb491d2eb69b068c90d9511b2479faf7dc1cfb23e34d459fb2228b57e2b3</checksum>
6- <open-checksum type="sha256">cb5ba7ee9fe07eb4a9a1b4bb95c860c094d7e648586ea6b396aa471a5ad1518e</open-checksum>
5+ <checksum type="sha256">40f09ad0de7f6c2ccdce3fe98c4cf9756e50422371007c205fff890ada529b44</checksum>
6+ <open-checksum type="sha256">a4fccddf29131ca37cb38c09d9f3e5c7fc137f7250084a40a5d08f05f02cef67</open-checksum>
77 <location href="repodata/filelists.xml.gz"/>
8- <timestamp>1507427263</timestamp>
9- <size>79181</size>
10- <open-size>1447816</open-size>
8+ <timestamp>1515390709</timestamp>
9+ <size>79203</size>
10+ <open-size>1448118</open-size>
1111 </data>
1212 <data type="other">
13- <checksum type="sha256">6dc54a4e371a6b5cadd028d19c84a1479dcc005ae2477871166496a5705932de</checksum>
14- <open-checksum type="sha256">d8e0d341ebc0571a8087b0c2a0329322078e2e9f4a7ec338bf1dc5f704fc7152</open-checksum>
13+ <checksum type="sha256">e0e07a1b90258ea2803c6869baeed97b47ae22912f648842a80c98d065d01377</checksum>
14+ <open-checksum type="sha256">14ba150f5b9f1f67526bd7aea2cbb52f3ac4b39813b392695a3e0de4f6582b52</open-checksum>
1515 <location href="repodata/other.xml.gz"/>
16- <timestamp>1507427263</timestamp>
17- <size>2912</size>
18- <open-size>16097</open-size>
16+ <timestamp>1515390709</timestamp>
17+ <size>7109</size>
18+ <open-size>69890</open-size>
1919 </data>
2020 <data type="primary">
21- <checksum type="sha256">94436218e2234f5d1526e8a9a121c880d13b10648f87072600625bf168e76737</checksum>
22- <open-checksum type="sha256">1b1d44980b38e421936adbebe47ff8f6de90804b5d17ca231988e178b92db6b1</open-checksum>
21+ <checksum type="sha256">84ed0fb3ff74d49fb863e76df612d5cc697e1140eab4622ec19f1ed975fa6f1d</checksum>
22+ <open-checksum type="sha256">be2ea3f9323fcc1b5bfd0812981a1dd7ff2142bcaf8198a8c9c86ae6878c5920</open-checksum>
2323 <location href="repodata/primary.xml.gz"/>
24- <timestamp>1507427263</timestamp>
25- <size>160257</size>
26- <open-size>1109172</open-size>
24+ <timestamp>1515390709</timestamp>
25+ <size>160289</size>
26+ <open-size>1109356</open-size>
2727 </data>
2828 </repomd>
旧リポジトリブラウザで表示