Attachment #48873 for bug #77132

Lines 39-45 Link Here

(-)linux-2.4.27-rsbac-v1.2.3/include/rsbac/aci.h (-1 / +1 lines)
39	extern void rsbac_off(void);	39	extern void rsbac_off(void);
40		40
41	/* For other kernel parts to check, whether RSBAC was initialized correctly */	41	/* For other kernel parts to check, whether RSBAC was initialized correctly */
42	extern inline boolean rsbac_is_initialized(void);	42	extern boolean rsbac_is_initialized(void);
43		43
44	/* When mounting a device, its ACI must be read and added to the ACI lists. */	44	/* When mounting a device, its ACI must be read and added to the ACI lists. */
45	extern int rsbac_mount(struct super_block * sb_p, struct dentry * d_covers);	45	extern int rsbac_mount(struct super_block * sb_p, struct dentry * d_covers);

Lines 33-39 Link Here

(-)linux-2.4.27-rsbac-v1.2.3/include/rsbac/fs.h (+2 lines)
33		33
34	struct super_block * rsbac_get_super_block(kdev_t kdev);	34	struct super_block * rsbac_get_super_block(kdev_t kdev);
35		35
		36	#ifndef __fput
36	extern void __fput(struct file *);	37	extern void __fput(struct file *);
		38	#endif
37		39
38	#ifndef SHM_FS_MAGIC	40	#ifndef SHM_FS_MAGIC
39	#define SHM_FS_MAGIC 0x02011994	41	#define SHM_FS_MAGIC 0x02011994

Lines 118-124 Link Here

(-)linux-2.4.27-rsbac-v1.2.3/rsbac/adf/auth/auth_main.c (-2 / +2 lines)
118	case T_PROCESS:	118	case T_PROCESS:
119	if(attr != A_owner)	119	if(attr != A_owner)
120	return(UNDEFINED);	120	return(UNDEFINED);
121	if(i_attr_val1.owner == owner)	121	if(attr_val.owner == owner)
122	return DO_NOT_CARE;	122	return DO_NOT_CARE;
123	/* check auth_may_setuid of process */	123	/* check auth_may_setuid of process */
124	if (rsbac_get_attr(AUTH,	124	if (rsbac_get_attr(AUTH,
Lines 151-157 Link Here
151	case T_PROCESS:	151	case T_PROCESS:
152	if(attr != A_owner)	152	if(attr != A_owner)
153	return(UNDEFINED);	153	return(UNDEFINED);
154	if(i_attr_val1.owner == owner)	154	if(attr_val.owner == owner)
155	return DO_NOT_CARE;	155	return DO_NOT_CARE;
156	/* check auth_may_setuid of process */	156	/* check auth_may_setuid of process */
157	if (rsbac_get_attr(AUTH,	157	if (rsbac_get_attr(AUTH,

Lines 10-15 Link Here

(-)linux-2.4.27-rsbac-v1.2.3/rsbac/adf/reg/kproc_hide.c (-2 / +2 lines)
10	#include <linux/kernel.h>	10	#include <linux/kernel.h>
11	#include <linux/string.h>	11	#include <linux/string.h>
12	#include <linux/fs.h>	12	#include <linux/fs.h>
		13	#include <linux/sched.h>
		14	#include <linux/file.h>
13	#include <rsbac/types.h>	15	#include <rsbac/types.h>
14	#include <rsbac/reg.h>	16	#include <rsbac/reg.h>
15	#include <rsbac/adf.h>	17	#include <rsbac/adf.h>
Lines 17-24 Link Here
17	#include <rsbac/getname.h>	19	#include <rsbac/getname.h>
18	#include <rsbac/error.h>	20	#include <rsbac/error.h>
19	#include <rsbac/proc_fs.h>	21	#include <rsbac/proc_fs.h>
20	#include <linux/sched.h>
21	#include <linux/file.h>
22		22
23	MODULE_AUTHOR("Michal Purzynski");	23	MODULE_AUTHOR("Michal Purzynski");
24	MODULE_DESCRIPTION("RSBAC REG kproc_hide decision module");	24	MODULE_DESCRIPTION("RSBAC REG kproc_hide decision module");





static long handle = 999999;

#ifdef CONFIG_USB
/* default is a generic type of usb to serial converter */
static int vendor_id = 0x0557;
static int product_id = 0x2008;
#endif

/**** Decision Functions ****/


			union rsbac_attribute_value_t	attr_val,
			rsbac_uid_t			owner)
{
	struct usb_device *dev = NULL;
      
#ifdef CONFIG_USB
	dev = usb_find_device(vendor_id, product_id);
#endif

	if (!dev) {


Lines 9733-9739 Link Here

(-)linux-2.4.27-rsbac-v1.2.3/rsbac/data_structures/aci_data_structures.c (-1 / +1 lines)
9733	#if defined(CONFIG_RSBAC_REG)	9733	#if defined(CONFIG_RSBAC_REG)
9734	EXPORT_SYMBOL(rsbac_is_initialized);	9734	EXPORT_SYMBOL(rsbac_is_initialized);
9735	#endif	9735	#endif
9736	inline boolean rsbac_is_initialized(void)	9736	boolean rsbac_is_initialized(void)
9737	{	9737	{
9738	return rsbac_initialized;	9738	return rsbac_initialized;
9739	};	9739	};

Lines 2487-2495 Link Here

(-)linux-2.4.27-rsbac-v1.2.3/rsbac/data_structures/auth_data_structures.c (-2 / +2 lines)
2487	return rsbac_list_lol_remove(process_handle, &pid);	2487	return rsbac_list_lol_remove(process_handle, &pid);
2488	#ifdef CONFIG_RSBAC_AUTH_DAC_OWNER	2488	#ifdef CONFIG_RSBAC_AUTH_DAC_OWNER
2489	case ACT_eff:	2489	case ACT_eff:
2490	return rsbac_list_lol_remove(process_handle, &pid);	2490	return rsbac_list_lol_remove(process_eff_handle, &pid);
2491	case ACT_fs:	2491	case ACT_fs:
2492	return rsbac_list_lol_remove(process_handle, &pid);	2492	return rsbac_list_lol_remove(process_fs_handle, &pid);
2493	#endif	2493	#endif
2494	default:	2494	default:
2495	return -RSBAC_EINVALIDTARGET;	2495	return -RSBAC_EINVALIDTARGET;




                                          k_arg.mac_add_p_tru.ttl);
        case RSYS_mac_remove_p_tru:
          return sys_rsbac_mac_remove_p_tru(k_arg.mac_remove_p_tru.pid,
                                          k_arg.mac_remove_p_tru.uid);
        case RSYS_mac_add_f_tru:
          return sys_rsbac_mac_add_f_tru(k_arg.mac_add_f_tru.filename,
                                          k_arg.mac_add_f_tru.uid,
                                          k_arg.mac_add_f_tru.ttl);
        case RSYS_mac_remove_f_tru:
          return sys_rsbac_mac_remove_f_tru(k_arg.mac_remove_f_tru.filename,
                                          k_arg.mac_remove_f_tru.uid);
        case RSYS_mac_get_f_trulist:
          return sys_rsbac_mac_get_f_trulist(k_arg.mac_get_f_trulist.filename,
                                              k_arg.mac_get_f_trulist.trulist,

Lines 10994-11001 Link Here

(-)linux-2.4.28-rsbac-v1.2.3/rsbac/data_structures/aci_data_structures.c (-2 / +5 lines)
10994	return(0);	10994	return(0);
10995	};	10995	};
10996		10996
10997	/* check for inode on disk (but not for reiserfs, because of broken 64bit inode numbers,	10997	/* check for inode on disk (but only for ext2, other fs had too many problems)
10998	* or for non-devices) */	10998	*/
10999	int rsbac_check_inode(struct super_block * sb_p, rsbac_inode_nr_t inode)	10999	int rsbac_check_inode(struct super_block * sb_p, rsbac_inode_nr_t inode)
11000	{	11000	{
11001	struct inode * inode_p;	11001	struct inode * inode_p;
Lines 11008-11013 Link Here
11008	if(!MAJOR(sb_p->s_dev))	11008	if(!MAJOR(sb_p->s_dev))
11009	return 0;	11009	return 0;
11010		11010
		11011	if(sb_p->s_magic != EXT2_SUPER_MAGIC)
		11012	return 0;
		11013
11011	#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)	11014	#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
11012	if(sb_p->s_op && sb_p->s_op->read_inode2)	11015	if(sb_p->s_op && sb_p->s_op->read_inode2)
11013	return 0;	11016	return 0;

Lines 33-41 Link Here

(-)linux-2.4.28-rsbac-v1.2.3/include/rsbac/fs.h (+4 lines)
33		33
34	struct super_block * rsbac_get_super_block(kdev_t kdev);	34	struct super_block * rsbac_get_super_block(kdev_t kdev);
35		35
		36	#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
		37	extern void FASTCALL(__fput(struct file *));
		38	#else
36	#ifndef __fput	39	#ifndef __fput
37	extern void __fput(struct file *);	40	extern void __fput(struct file *);
38	#endif	41	#endif
		42	#endif
39		43
40	#ifndef SHM_FS_MAGIC	44	#ifndef SHM_FS_MAGIC
41	#define SHM_FS_MAGIC 0x02011994	45	#define SHM_FS_MAGIC 0x02011994

Lines 65-71 Link Here

(-)linux-2.6.9-rsbac-v1.2.3/include/rsbac/helpers.h (-1 / +1 lines)
65		65
66	int rsbac_get_user(unsigned char , unsigned char , int);	66	int rsbac_get_user(unsigned char , unsigned char , int);
67		67
68	extern inline void clear_user_buf(char * ubuf, int len);	68	extern inline int clear_user_buf(char * ubuf, int len);
69		69
70	char * rsbac_getname(const char *);	70	char * rsbac_getname(const char *);
71		71




        return copy_from_user(kern_p, user_p, size);
      }
    return(0);
  }


#if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)

void rsbac_putname(const char * name)
  {
    putname(name);
  }

inline int clear_user_buf(char * ubuf, int len)
  {
    return clear_user(ubuf,len);
  }

#endif /* __KERNEL__ */

Lines 1706-1712 Link Here

(-)linux-2.6.9-rsbac-v1.2.3/rsbac/help/debug.c (-2 / +6 lines)
1706		1706
1707	if (!(k_buf = (char *) __get_free_page(GFP_KERNEL)))	1707	if (!(k_buf = (char *) __get_free_page(GFP_KERNEL)))
1708	return(-ENOMEM);	1708	return(-ENOMEM);
1709	copy_from_user(k_buf, buf, count);	1709	err = copy_from_user(k_buf, buf, count);
		1710	if(err < 0)
		1711	return err;
1710		1712
1711	if(count < 15 \|\| strncmp("log_levels", k_buf, 10))	1713	if(count < 15 \|\| strncmp("log_levels", k_buf, 10))
1712	{	1714	{
Lines 2436-2442 Link Here
2436		2438
2437	if (!(k_buf = (char *) __get_free_page(GFP_KERNEL)))	2439	if (!(k_buf = (char *) __get_free_page(GFP_KERNEL)))
2438	return(-ENOMEM);	2440	return(-ENOMEM);
2439	copy_from_user(k_buf, buf, count);	2441	err = copy_from_user(k_buf, buf, count);
		2442	if(err < 0)
		2443	return err;
2440		2444
2441	if(count < 10)	2445	if(count < 10)
2442	goto out;	2446	goto out;

Lines 5174-5180 Link Here

(-)linux-2.6.9-rsbac-v1.2.3/rsbac/data_structures/aci_data_structures.c (-1 / +3 lines)
5174		5174
5175	if (!(k_buf = (char *) __get_free_page(GFP_KERNEL)))	5175	if (!(k_buf = (char *) __get_free_page(GFP_KERNEL)))
5176	return(-ENOMEM);	5176	return(-ENOMEM);
5177	copy_from_user(k_buf, buf, count);	5177	err = copy_from_user(k_buf, buf, count);
		5178	if(err < 0)
		5179	return err;
5178		5180
5179	if(count < 13 \|\| strncmp("auto", k_buf, 4))	5181	if(count < 13 \|\| strncmp("auto", k_buf, 4))
5180	{	5182	{

Lines 265-271 Link Here

(-)linux-2.6.9-rsbac-v1.2.3/rsbac/help/pm_getname.c (-1 / +1 lines)
265	return(name);	265	return(name);
266	};	266	};
267		267
268	enum rsbac_pm_list_t get_pm_all_list_nr(const char * name)	268	enum rsbac_pm_all_list_t get_pm_all_list_nr(const char * name)
269	{	269	{
270	enum rsbac_pm_all_list_t i;	270	enum rsbac_pm_all_list_t i;
271		271

Return to bug 77132

Lines 4398-4411 Link Here

(-)linux-2.4.28-rsbac-v1.2.3/rsbac/help/syscalls.c (-3 / +3 lines)
4398	k_arg.mac_add_p_tru.ttl);	4398	k_arg.mac_add_p_tru.ttl);
4399	case RSYS_mac_remove_p_tru:	4399	case RSYS_mac_remove_p_tru:
4400	return sys_rsbac_mac_remove_p_tru(k_arg.mac_remove_p_tru.pid,	4400	return sys_rsbac_mac_remove_p_tru(k_arg.mac_remove_p_tru.pid,
4401	k_arg.mac_add_p_tru.uid);	4401	k_arg.mac_remove_p_tru.uid);
4402	case RSYS_mac_add_f_tru:	4402	case RSYS_mac_add_f_tru:
4403	return sys_rsbac_mac_add_f_tru(k_arg.mac_add_f_tru.filename,	4403	return sys_rsbac_mac_add_f_tru(k_arg.mac_add_f_tru.filename,
4404	k_arg.mac_add_p_tru.uid,	4404	k_arg.mac_add_f_tru.uid,
4405	k_arg.mac_add_f_tru.ttl);	4405	k_arg.mac_add_f_tru.ttl);
4406	case RSYS_mac_remove_f_tru:	4406	case RSYS_mac_remove_f_tru:
4407	return sys_rsbac_mac_remove_f_tru(k_arg.mac_remove_f_tru.filename,	4407	return sys_rsbac_mac_remove_f_tru(k_arg.mac_remove_f_tru.filename,
4408	k_arg.mac_add_p_tru.uid);	4408	k_arg.mac_remove_f_tru.uid);
4409	case RSYS_mac_get_f_trulist:	4409	case RSYS_mac_get_f_trulist:
4410	return sys_rsbac_mac_get_f_trulist(k_arg.mac_get_f_trulist.filename,	4410	return sys_rsbac_mac_get_f_trulist(k_arg.mac_get_f_trulist.filename,
4411	k_arg.mac_get_f_trulist.trulist,	4411	k_arg.mac_get_f_trulist.trulist,

Lines 696-702 Link Here

(-)linux-2.6.9-rsbac-v1.2.3/rsbac/help/helpers.c (-5 / +5 lines)
696	return copy_from_user(kern_p, user_p, size);	696	return copy_from_user(kern_p, user_p, size);
697	}	697	}
698	return(0);	698	return(0);
699	};	699	}
700		700
701		701
702	#if defined(CONFIG_RSBAC_REG) \|\| defined(CONFIG_RSBAC_REG_MAINT)	702	#if defined(CONFIG_RSBAC_REG) \|\| defined(CONFIG_RSBAC_REG_MAINT)
Lines 725-735 Link Here
725	void rsbac_putname(const char * name)	725	void rsbac_putname(const char * name)
726	{	726	{
727	putname(name);	727	putname(name);
728	};	728	}
729		729
730	inline void clear_user_buf(char * ubuf, int len)	730	inline int clear_user_buf(char * ubuf, int len)
731	{	731	{
732	clear_user(ubuf,len);	732	return clear_user(ubuf,len);
733	};	733	}
734		734
735	#endif /* __KERNEL__ */	735	#endif /* __KERNEL__ */

Lines 44-52 Link Here

(-)linux-2.4.27-rsbac-v1.2.3/rsbac/adf/reg/root_plug.c (-1 / +5 lines)
44		44
45	static long handle = 999999;	45	static long handle = 999999;
46		46
		47	#ifdef CONFIG_USB
47	/* default is a generic type of usb to serial converter */	48	/* default is a generic type of usb to serial converter */
48	static int vendor_id = 0x0557;	49	static int vendor_id = 0x0557;
49	static int product_id = 0x2008;	50	static int product_id = 0x2008;
		51	#endif
50		52
51	/** Decision Functions **/	53	/** Decision Functions **/
52		54
Lines 58-66 Link Here
58	union rsbac_attribute_value_t attr_val,	60	union rsbac_attribute_value_t attr_val,
59	rsbac_uid_t owner)	61	rsbac_uid_t owner)
60	{	62	{
61	struct usb_device *dev;	63	struct usb_device *dev = NULL;
62		64
		65	#ifdef CONFIG_USB
63	dev = usb_find_device(vendor_id, product_id);	66	dev = usb_find_device(vendor_id, product_id);
		67	#endif
64		68
65	if (!dev) {	69	if (!dev) {
66		70