Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 10155 Details for
Bug 18690
merged the latest systrace for Linux patch with gentoo-2.4.20-r1
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
patch for gentoo-sources-2.4.20-r1
systrace-linux-2.4.20-gentoo-r1-v1.2.diff (text/plain), 125.01 KB, created by
klavs klavsen
on 2003-04-03 08:51:13 UTC
(
hide
)
Description:
patch for gentoo-sources-2.4.20-r1
Filename:
MIME Type:
Creator:
klavs klavsen
Created:
2003-04-03 08:51:13 UTC
Size:
125.01 KB
patch
obsolete
>diff -uNr linux-2.4.20-gentoo-r1/Makefile linux-2.4.20-gentoo-r1-systrace/Makefile >--- linux-2.4.20-gentoo-r1/Makefile 2003-04-03 14:47:12.000000000 +0200 >+++ linux-2.4.20-gentoo-r1-systrace/Makefile 2003-04-03 15:46:53.000000000 +0200 >@@ -156,6 +156,7 @@ > DRIVERS-$(CONFIG_SCSI) += drivers/scsi/scsidrv.o > DRIVERS-$(CONFIG_FUSION_BOOT) += drivers/message/fusion/fusion.o > DRIVERS-$(CONFIG_IEEE1394) += drivers/ieee1394/ieee1394drv.o >+DRIVERS-$(CONFIG_SYSTRACE) += drivers/systrace/str.o > > ifneq ($(CONFIG_CD_NO_IDESCSI)$(CONFIG_BLK_DEV_IDECD)$(CONFIG_BLK_DEV_SR)$(CONFIG_PARIDE_PCD),) > DRIVERS-y += drivers/cdrom/driver.o >diff -uNr linux-2.4.20-gentoo-r1/Makefile~ linux-2.4.20-gentoo-r1-systrace/Makefile~ >--- linux-2.4.20-gentoo-r1/Makefile~ 1970-01-01 01:00:00.000000000 +0100 >+++ linux-2.4.20-gentoo-r1-systrace/Makefile~ 2003-04-03 15:37:04.000000000 +0200 >@@ -0,0 +1,587 @@ >+VERSION = 2 >+PATCHLEVEL = 4 >+SUBLEVEL = 20 >+EXTRAVERSION = -gentoo-r1 >+ >+KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION) >+ >+ARCH := $(shell uname -m | sed -e s/i.86/i386/ -e s/sun4u/sparc64/ -e s/arm.*/arm/ -e s/sa110/arm/) >+KERNELPATH=kernel-$(shell echo $(KERNELRELEASE) | sed -e "s/-//g") >+ >+CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ >+ else if [ -x /bin/bash ]; then echo /bin/bash; \ >+ else echo sh; fi ; fi) >+TOPDIR := $(shell /bin/pwd) >+ >+HPATH = $(TOPDIR)/include >+FINDHPATH = $(HPATH)/asm $(HPATH)/linux $(HPATH)/scsi $(HPATH)/net $(HPATH)/math-emu >+ >+HOSTCC = gcc >+HOSTCFLAGS = -Wall -Wstrict-prototypes -O3 -fomit-frame-pointer -pipe >+ >+CROSS_COMPILE = >+ >+# >+# Include the make variables (CC, etc...) >+# >+ >+AS = $(CROSS_COMPILE)as >+LD = $(CROSS_COMPILE)ld >+CC = $(CROSS_COMPILE)gcc >+CPP = $(CC) -E >+AR = $(CROSS_COMPILE)ar >+NM = $(CROSS_COMPILE)nm >+STRIP = $(CROSS_COMPILE)strip >+OBJCOPY = $(CROSS_COMPILE)objcopy >+OBJDUMP = $(CROSS_COMPILE)objdump >+MAKEFILES = $(TOPDIR)/.config >+GENKSYMS = /sbin/genksyms >+DEPMOD = /sbin/depmod >+MODFLAGS = -DMODULE >+CFLAGS_KERNEL = >+PERL = perl >+ >+export VERSION PATCHLEVEL SUBLEVEL EXTRAVERSION KERNELRELEASE ARCH \ >+ CONFIG_SHELL TOPDIR HPATH HOSTCC HOSTCFLAGS CROSS_COMPILE AS LD CC \ >+ CPP AR NM STRIP OBJCOPY OBJDUMP MAKE MAKEFILES GENKSYMS MODFLAGS PERL >+ >+all: do-it-all >+ >+# >+# Make "config" the default target if there is no configuration file or >+# "depend" the target if there is no top-level dependency information. >+# >+ >+ifeq (.config,$(wildcard .config)) >+include .config >+ifeq (.depend,$(wildcard .depend)) >+include .depend >+do-it-all: Version vmlinux >+else >+CONFIGURATION = depend >+do-it-all: depend >+endif >+else >+CONFIGURATION = config >+do-it-all: config >+endif >+ >+# >+# INSTALL_PATH specifies where to place the updated kernel and system map >+# images. Uncomment if you want to place them anywhere other than root. >+# >+ >+export INSTALL_PATH=/boot >+ >+# >+# INSTALL_MOD_PATH specifies a prefix to MODLIB for module directory >+# relocations required by build roots. This is not defined in the >+# makefile but the arguement can be passed to make if needed. >+# >+ >+MODLIB := $(INSTALL_MOD_PATH)/lib/modules/$(KERNELRELEASE) >+export MODLIB >+ >+# >+# standard CFLAGS >+# >+ >+CPPFLAGS := -D__KERNEL__ -I$(HPATH) >+ >+CFLAGS := $(CPPFLAGS) -Wall -Wstrict-prototypes -Wno-trigraphs -O3 \ >+ -fno-strict-aliasing -fno-common >+ifndef CONFIG_FRAME_POINTER >+CFLAGS += -fomit-frame-pointer >+endif >+AFLAGS := -D__ASSEMBLY__ $(CPPFLAGS) >+ >+# >+# ROOT_DEV specifies the default root-device when making the image. >+# This can be either FLOPPY, CURRENT, /dev/xxxx or empty, in which case >+# the default of FLOPPY is used by 'build'. >+# This is i386 specific. >+# >+ >+export ROOT_DEV = CURRENT >+ >+# >+# If you want to preset the SVGA mode, uncomment the next line and >+# set SVGA_MODE to whatever number you want. >+# Set it to -DSVGA_MODE=NORMAL_VGA if you just want the EGA/VGA mode. >+# The number is the same as you would ordinarily press at bootup. >+# This is i386 specific. >+# >+ >+export SVGA_MODE = -DSVGA_MODE=NORMAL_VGA >+ >+# >+# If you want the RAM disk device, define this to be the size in blocks. >+# This is i386 specific. >+# >+ >+#export RAMDISK = -DRAMDISK=512 >+ >+CORE_FILES =kernel/kernel.o mm/mm.o fs/fs.o ipc/ipc.o >+NETWORKS =net/network.o >+GRSECURITY =grsecurity/grsec.o >+CRYPTO =crypto/crypto.o >+ >+LIBS =$(TOPDIR)/lib/lib.a >+SUBDIRS =kernel drivers mm fs net ipc lib grsecurity crypto >+ >+DRIVERS-n := >+DRIVERS-y := >+DRIVERS-m := >+DRIVERS- := >+ >+DRIVERS-$(CONFIG_ACPI) += drivers/acpi/acpi.o >+DRIVERS-$(CONFIG_PARPORT) += drivers/parport/driver.o >+DRIVERS-y += drivers/char/char.o \ >+ drivers/block/block.o \ >+ drivers/misc/misc.o \ >+ drivers/net/net.o \ >+ drivers/media/media.o >+DRIVERS-$(CONFIG_AGP) += drivers/char/agp/agp.o >+DRIVERS-$(CONFIG_DRM_NEW) += drivers/char/drm/drm.o >+DRIVERS-$(CONFIG_DRM_OLD) += drivers/char/drm-4.0/drm.o >+DRIVERS-$(CONFIG_NUBUS) += drivers/nubus/nubus.a >+DRIVERS-$(CONFIG_NET_FC) += drivers/net/fc/fc.o >+DRIVERS-$(CONFIG_DEV_APPLETALK) += drivers/net/appletalk/appletalk.o >+DRIVERS-$(CONFIG_TR) += drivers/net/tokenring/tr.o >+DRIVERS-$(CONFIG_WAN) += drivers/net/wan/wan.o >+DRIVERS-$(CONFIG_ARCNET) += drivers/net/arcnet/arcnetdrv.o >+DRIVERS-$(CONFIG_ATM) += drivers/atm/atm.o >+DRIVERS-$(CONFIG_IDE) += drivers/ide/idedriver.o >+DRIVERS-$(CONFIG_FC4) += drivers/fc4/fc4.a >+DRIVERS-$(CONFIG_SCSI) += drivers/scsi/scsidrv.o >+DRIVERS-$(CONFIG_FUSION_BOOT) += drivers/message/fusion/fusion.o >+DRIVERS-$(CONFIG_IEEE1394) += drivers/ieee1394/ieee1394drv.o >+ >+ifneq ($(CONFIG_CD_NO_IDESCSI)$(CONFIG_BLK_DEV_IDECD)$(CONFIG_BLK_DEV_SR)$(CONFIG_PARIDE_PCD),) >+DRIVERS-y += drivers/cdrom/driver.o >+endif >+ >+DRIVERS-$(CONFIG_SOUND) += drivers/sound/sounddrivers.o >+DRIVERS-$(CONFIG_PCI) += drivers/pci/driver.o >+DRIVERS-$(CONFIG_MTD) += drivers/mtd/mtdlink.o >+DRIVERS-$(CONFIG_PCMCIA) += drivers/pcmcia/pcmcia.o >+DRIVERS-$(CONFIG_NET_PCMCIA) += drivers/net/pcmcia/pcmcia_net.o >+DRIVERS-$(CONFIG_NET_WIRELESS) += drivers/net/wireless/wireless_net.o >+DRIVERS-$(CONFIG_PCMCIA_CHRDEV) += drivers/char/pcmcia/pcmcia_char.o >+DRIVERS-$(CONFIG_DIO) += drivers/dio/dio.a >+DRIVERS-$(CONFIG_SBUS) += drivers/sbus/sbus_all.o >+DRIVERS-$(CONFIG_ZORRO) += drivers/zorro/driver.o >+DRIVERS-$(CONFIG_FC4) += drivers/fc4/fc4.a >+DRIVERS-$(CONFIG_PPC32) += drivers/macintosh/macintosh.o >+DRIVERS-$(CONFIG_MAC) += drivers/macintosh/macintosh.o >+DRIVERS-$(CONFIG_ISAPNP) += drivers/pnp/pnp.o >+DRIVERS-$(CONFIG_SGI_IP22) += drivers/sgi/sgi.a >+DRIVERS-$(CONFIG_VT) += drivers/video/video.o >+DRIVERS-$(CONFIG_PARIDE) += drivers/block/paride/paride.a >+DRIVERS-$(CONFIG_HAMRADIO) += drivers/net/hamradio/hamradio.o >+DRIVERS-$(CONFIG_TC) += drivers/tc/tc.a >+DRIVERS-$(CONFIG_USB) += drivers/usb/usbdrv.o >+DRIVERS-$(CONFIG_INPUT) += drivers/input/inputdrv.o >+DRIVERS-$(CONFIG_HIL) += drivers/hil/hil.o >+DRIVERS-$(CONFIG_I2O) += drivers/message/i2o/i2o.o >+DRIVERS-$(CONFIG_IRDA) += drivers/net/irda/irda.o >+DRIVERS-$(CONFIG_I2C) += drivers/i2c/i2c.o >+DRIVERS-$(CONFIG_PHONE) += drivers/telephony/telephony.o >+DRIVERS-$(CONFIG_MD) += drivers/md/mddev.o >+DRIVERS-$(CONFIG_GSC) += drivers/gsc/gscbus.o >+DRIVERS-$(CONFIG_BLUEZ) += drivers/bluetooth/bluetooth.o >+DRIVERS-$(CONFIG_HOTPLUG_PCI) += drivers/hotplug/vmlinux-obj.o >+DRIVERS-$(CONFIG_ISDN_BOOL) += drivers/isdn/vmlinux-obj.o >+DRIVERS-$(CONFIG_EVMS) += drivers/evms/evmsdrvr.o >+ >+DRIVERS := $(DRIVERS-y) >+ >+ >+# files removed with 'make clean' >+CLEAN_FILES = \ >+ kernel/ksyms.lst include/linux/compile.h \ >+ vmlinux System.map \ >+ .tmp* \ >+ drivers/char/consolemap_deftbl.c drivers/video/promcon_tbl.c \ >+ drivers/char/conmakehash \ >+ drivers/char/drm/*-mod.c \ >+ drivers/pci/devlist.h drivers/pci/classlist.h drivers/pci/gen-devlist \ >+ drivers/zorro/devlist.h drivers/zorro/gen-devlist \ >+ drivers/sound/bin2hex drivers/sound/hex2hex \ >+ drivers/atm/fore200e_mkfirm drivers/atm/{pca,sba}*{.bin,.bin1,.bin2} \ >+ drivers/scsi/aic7xxx/aicasm/aicasm \ >+ drivers/scsi/aic7xxx/aicasm/aicasm_gram.c \ >+ drivers/scsi/aic7xxx/aicasm/aicasm_gram.h \ >+ drivers/scsi/aic7xxx/aicasm/aicasm_macro_gram.c \ >+ drivers/scsi/aic7xxx/aicasm/aicasm_macro_gram.h \ >+ drivers/scsi/aic7xxx/aicasm/aicasm_macro_scan.c \ >+ drivers/scsi/aic7xxx/aicasm/aicasm_scan.c \ >+ drivers/scsi/aic7xxx/aicasm/aicdb.h \ >+ drivers/scsi/aic7xxx/aicasm/y.tab.h \ >+ drivers/scsi/53c700_d.h \ >+ net/khttpd/make_times_h \ >+ net/khttpd/times.h \ >+ submenu* >+# directories removed with 'make clean' >+CLEAN_DIRS = \ >+ modules >+ >+# files removed with 'make mrproper' >+MRPROPER_FILES = \ >+ include/linux/autoconf.h include/linux/version.h \ >+ drivers/net/hamradio/soundmodem/sm_tbl_{afsk1200,afsk2666,fsk9600}.h \ >+ drivers/net/hamradio/soundmodem/sm_tbl_{hapn4800,psk4800}.h \ >+ drivers/net/hamradio/soundmodem/sm_tbl_{afsk2400_7,afsk2400_8}.h \ >+ drivers/net/hamradio/soundmodem/gentbl \ >+ drivers/sound/*_boot.h drivers/sound/.*.boot \ >+ drivers/sound/msndinit.c \ >+ drivers/sound/msndperm.c \ >+ drivers/sound/pndsperm.c \ >+ drivers/sound/pndspini.c \ >+ drivers/atm/fore200e_*_fw.c drivers/atm/.fore200e_*.fw \ >+ .version .config* config.in config.old \ >+ scripts/tkparse scripts/kconfig.tk scripts/kconfig.tmp \ >+ scripts/lxdialog/*.o scripts/lxdialog/lxdialog \ >+ .menuconfig.log \ >+ include/asm \ >+ .hdepend scripts/mkdep scripts/split-include scripts/docproc \ >+ $(TOPDIR)/include/linux/modversions.h \ >+ kernel.spec >+ >+# directories removed with 'make mrproper' >+MRPROPER_DIRS = \ >+ include/config \ >+ $(TOPDIR)/include/linux/modules >+ >+ >+include arch/$(ARCH)/Makefile >+ >+# Extra cflags for kbuild 2.4. The default is to forbid includes by kernel code >+# from user space headers. Some UML code requires user space headers, in the >+# UML Makefiles add 'kbuild_2_4_nostdinc :=' before include Rules.make. No >+# other kernel code should include user space headers, if you need >+# 'kbuild_2_4_nostdinc :=' or -I/usr/include for kernel code and you are not UML >+# then your code is broken! KAO. >+ >+kbuild_2_4_nostdinc := -nostdinc -iwithprefix include >+export kbuild_2_4_nostdinc >+ >+export CPPFLAGS CFLAGS CFLAGS_KERNEL AFLAGS AFLAGS_KERNEL >+ >+export NETWORKS CRYPTO DRIVERS LIBS HEAD LDFLAGS LINKFLAGS MAKEBOOT ASFLAGS GRSECURITY >+ >+.S.s: >+ $(CPP) $(AFLAGS) $(AFLAGS_KERNEL) -traditional -o $*.s $< >+.S.o: >+ $(CC) $(AFLAGS) $(AFLAGS_KERNEL) -traditional -c -o $*.o $< >+ >+Version: dummy >+ @rm -f include/linux/compile.h >+ >+boot: vmlinux >+ @$(MAKE) CFLAGS="$(CFLAGS) $(CFLAGS_KERNEL)" -C arch/$(ARCH)/boot >+ >+vmlinux: include/linux/version.h $(CONFIGURATION) init/main.o init/version.o init/do_mounts.o linuxsubdirs >+ $(LD) $(LINKFLAGS) $(HEAD) init/main.o init/version.o init/do_mounts.o \ >+ --start-group \ >+ $(CORE_FILES) \ >+ $(DRIVERS) \ >+ $(NETWORKS) \ >+ $(CRYPTO) \ >+ $(GRSECURITY) \ >+ $(LIBS) \ >+ --end-group \ >+ -o vmlinux >+ $(NM) vmlinux | grep -v '\(compiled\)\|\(\.o$$\)\|\( [aUw] \)\|\(\.\.ng$$\)\|\(LASH[RL]DI\)' | sort > System.map >+ >+symlinks: >+ rm -f include/asm >+ ( cd include ; ln -sf asm-$(ARCH) asm) >+ @if [ ! -d include/linux/modules ]; then \ >+ mkdir include/linux/modules; \ >+ fi >+ >+oldconfig: symlinks >+ $(CONFIG_SHELL) scripts/Configure -d arch/$(ARCH)/config.in >+ >+xconfig: symlinks >+ $(MAKE) -C scripts kconfig.tk >+ wish -f scripts/kconfig.tk >+ >+menuconfig: include/linux/version.h symlinks >+ $(MAKE) -C scripts/lxdialog all >+ $(CONFIG_SHELL) scripts/Menuconfig arch/$(ARCH)/config.in >+ >+config: symlinks >+ $(CONFIG_SHELL) scripts/Configure arch/$(ARCH)/config.in >+ >+include/config/MARKER: scripts/split-include include/linux/autoconf.h >+ scripts/split-include include/linux/autoconf.h include/config >+ @ touch include/config/MARKER >+ >+linuxsubdirs: $(patsubst %, _dir_%, $(SUBDIRS)) >+ >+$(patsubst %, _dir_%, $(SUBDIRS)) : dummy include/linux/version.h include/config/MARKER >+ $(MAKE) CFLAGS="$(CFLAGS) $(CFLAGS_KERNEL)" -C $(patsubst _dir_%, %, $@) >+ >+$(TOPDIR)/include/linux/version.h: include/linux/version.h >+$(TOPDIR)/include/linux/compile.h: include/linux/compile.h >+ >+newversion: >+ . scripts/mkversion > .tmpversion >+ @mv -f .tmpversion .version >+ >+uts_len := 64 >+uts_truncate := sed -e 's/\(.\{1,$(uts_len)\}\).*/\1/' >+ >+include/linux/compile.h: $(CONFIGURATION) include/linux/version.h newversion >+ @echo -n \#`cat .version` > .ver1 >+ @if [ -n "$(CONFIG_SMP)" ] ; then echo -n " SMP" >> .ver1; fi >+ @if [ -f .name ]; then echo -n \-`cat .name` >> .ver1; fi >+ @LANG=C echo ' '`date` >> .ver1 >+ @echo \#define UTS_VERSION \"`cat .ver1 | $(uts_truncate)`\" > .ver >+ @LANG=C echo \#define LINUX_COMPILE_TIME \"`date +%T`\" >> .ver >+ @echo \#define LINUX_COMPILE_BY \"`whoami`\" >> .ver >+ @echo \#define LINUX_COMPILE_HOST \"`hostname | $(uts_truncate)`\" >> .ver >+ @([ -x /bin/dnsdomainname ] && /bin/dnsdomainname > .ver1) || \ >+ ([ -x /bin/domainname ] && /bin/domainname > .ver1) || \ >+ echo > .ver1 >+ @echo \#define LINUX_COMPILE_DOMAIN \"`cat .ver1 | $(uts_truncate)`\" >> .ver >+ @echo \#define LINUX_COMPILER \"`$(CC) $(CFLAGS) -v 2>&1 | tail -1`\" >> .ver >+ @mv -f .ver $@ >+ @rm -f .ver1 >+ >+include/linux/version.h: ./Makefile >+ @expr length "$(KERNELRELEASE)" \<= $(uts_len) > /dev/null || \ >+ (echo KERNELRELEASE \"$(KERNELRELEASE)\" exceeds $(uts_len) characters >&2; false) >+ @echo \#define UTS_RELEASE \"$(KERNELRELEASE)\" > .ver >+ @echo \#define LINUX_VERSION_CODE `expr $(VERSION) \\* 65536 + $(PATCHLEVEL) \\* 256 + $(SUBLEVEL)` >> .ver >+ @echo '#define KERNEL_VERSION(a,b,c) (((a) << 16) + ((b) << 8) + (c))' >>.ver >+ @mv -f .ver $@ >+ >+comma := , >+ >+init/version.o: init/version.c include/linux/compile.h include/config/MARKER >+ $(CC) $(CFLAGS) $(CFLAGS_KERNEL) -DUTS_MACHINE='"$(ARCH)"' -DKBUILD_BASENAME=$(subst $(comma),_,$(subst -,_,$(*F))) -c -o init/version.o init/version.c >+ >+init/main.o: init/main.c include/config/MARKER >+ $(CC) $(CFLAGS) $(CFLAGS_KERNEL) $(PROFILING) -DKBUILD_BASENAME=$(subst $(comma),_,$(subst -,_,$(*F))) -c -o $@ $< >+ >+init/do_mounts.o: init/do_mounts.c include/config/MARKER >+ $(CC) $(CFLAGS) $(CFLAGS_KERNEL) $(PROFILING) -DKBUILD_BASENAME=$(subst $(comma),_,$(subst -,_,$(*F))) -c -o $@ $< >+ >+fs lib mm ipc kernel drivers net: dummy >+ $(MAKE) CFLAGS="$(CFLAGS) $(CFLAGS_KERNEL)" $(subst $@, _dir_$@, $@) >+ >+TAGS: dummy >+ { find include/asm-${ARCH} -name '*.h' -print ; \ >+ find include -type d \( -name "asm-*" -o -name config \) -prune -o -name '*.h' -print ; \ >+ find $(SUBDIRS) init arch/${ARCH} -name '*.[chS]' ; } | grep -v SCCS | grep -v '\.svn' | etags - >+ >+# Exuberant ctags works better with -I >+tags: dummy >+ CTAGSF=`ctags --version | grep -i exuberant >/dev/null && echo "-I __initdata,__exitdata,EXPORT_SYMBOL,EXPORT_SYMBOL_NOVERS"`; \ >+ ctags $$CTAGSF `find include/asm-$(ARCH) -name '*.h'` && \ >+ find include -type d \( -name "asm-*" -o -name config \) -prune -o -name '*.h' -print | xargs ctags $$CTAGSF -a && \ >+ find $(SUBDIRS) init -name '*.[ch]' | xargs ctags $$CTAGSF -a >+ >+ifdef CONFIG_MODULES >+ifdef CONFIG_MODVERSIONS >+MODFLAGS += -DMODVERSIONS -include $(HPATH)/linux/modversions.h >+endif >+ >+.PHONY: modules >+modules: $(patsubst %, _mod_%, $(SUBDIRS)) >+ >+.PHONY: $(patsubst %, _mod_%, $(SUBDIRS)) >+$(patsubst %, _mod_%, $(SUBDIRS)) : include/linux/version.h include/config/MARKER >+ $(MAKE) -C $(patsubst _mod_%, %, $@) CFLAGS="$(CFLAGS) $(MODFLAGS)" MAKING_MODULES=1 modules >+ >+.PHONY: modules_install >+modules_install: _modinst_ $(patsubst %, _modinst_%, $(SUBDIRS)) _modinst_post >+ >+.PHONY: _modinst_ >+_modinst_: >+ @rm -rf $(MODLIB)/kernel >+ @rm -f $(MODLIB)/build >+ @mkdir -p $(MODLIB)/kernel >+ @ln -s $(TOPDIR) $(MODLIB)/build >+ >+# If System.map exists, run depmod. This deliberately does not have a >+# dependency on System.map since that would run the dependency tree on >+# vmlinux. This depmod is only for convenience to give the initial >+# boot a modules.dep even before / is mounted read-write. However the >+# boot script depmod is the master version. >+ifeq "$(strip $(INSTALL_MOD_PATH))" "" >+depmod_opts := >+else >+depmod_opts := -b $(INSTALL_MOD_PATH) -r >+endif >+.PHONY: _modinst_post >+_modinst_post: _modinst_post_pcmcia >+ if [ -r System.map ]; then $(DEPMOD) -ae -F System.map $(depmod_opts) $(KERNELRELEASE); fi >+ >+# Backwards compatibilty symlinks for people still using old versions >+# of pcmcia-cs with hard coded pathnames on insmod. Remove >+# _modinst_post_pcmcia for kernel 2.4.1. >+.PHONY: _modinst_post_pcmcia >+_modinst_post_pcmcia: >+ cd $(MODLIB); \ >+ mkdir -p pcmcia; \ >+ find kernel -path '*/pcmcia/*' -name '*.o' | xargs -i -r ln -sf ../{} pcmcia >+ >+.PHONY: $(patsubst %, _modinst_%, $(SUBDIRS)) >+$(patsubst %, _modinst_%, $(SUBDIRS)) : >+ $(MAKE) -C $(patsubst _modinst_%, %, $@) modules_install >+ >+# modules disabled.... >+ >+else >+modules modules_install: dummy >+ @echo >+ @echo "The present kernel configuration has modules disabled." >+ @echo "Type 'make config' and enable loadable module support." >+ @echo "Then build a kernel with module support enabled." >+ @echo >+ @exit 1 >+endif >+ >+clean: archclean >+ find . \( -name '*.[oas]' -o -name core -o -name '.*.flags' \) -type f -print \ >+ | grep -v lxdialog/ | xargs rm -f >+ rm -f $(CLEAN_FILES) >+ rm -rf $(CLEAN_DIRS) >+ $(MAKE) -C Documentation/DocBook clean >+ >+mrproper: clean archmrproper >+ find . \( -size 0 -o -name .depend \) -type f -print | xargs rm -f >+ rm -f $(MRPROPER_FILES) >+ rm -rf $(MRPROPER_DIRS) >+ $(MAKE) -C Documentation/DocBook mrproper >+ >+distclean: mrproper >+ rm -f core `find . \( -not -type d \) -and \ >+ \( -name '*.orig' -o -name '*.rej' -o -name '*~' \ >+ -o -name '*.bak' -o -name '#*#' -o -name '.*.orig' \ >+ -o -name '.*.rej' -o -name '.SUMS' -o -size 0 \) -type f -print` TAGS tags >+ >+backup: mrproper >+ cd .. && tar cf - linux/ | gzip -9 > backup.gz >+ sync >+ >+sgmldocs: >+ chmod 755 $(TOPDIR)/scripts/docgen >+ chmod 755 $(TOPDIR)/scripts/gen-all-syms >+ chmod 755 $(TOPDIR)/scripts/kernel-doc >+ $(MAKE) -C $(TOPDIR)/Documentation/DocBook books >+ >+psdocs: sgmldocs >+ $(MAKE) -C Documentation/DocBook ps >+ >+pdfdocs: sgmldocs >+ $(MAKE) -C Documentation/DocBook pdf >+ >+htmldocs: sgmldocs >+ $(MAKE) -C Documentation/DocBook html >+ >+mandocs: >+ chmod 755 $(TOPDIR)/scripts/kernel-doc >+ chmod 755 $(TOPDIR)/scripts/split-man >+ $(MAKE) -C Documentation/DocBook man >+ >+sums: >+ find . -type f -print | sort | xargs sum > .SUMS >+ >+dep-files: scripts/mkdep archdep include/linux/version.h scripts/kconfig.tk scripts/makeproconfigdata >+ scripts/mkdep -- init/*.c > .depend >+ scripts/mkdep -- `find $(FINDHPATH) \( -name SCCS -o -name .svn \) -prune -o -follow -name \*.h ! -name modversions.h -print` > .hdepend >+ $(MAKE) $(patsubst %,_sfdep_%,$(SUBDIRS)) _FASTDEP_ALL_SUB_DIRS="$(SUBDIRS)" >+ >+ >+ >+ifdef CONFIG_MODVERSIONS >+ $(MAKE) update-modverfile >+endif >+ >+ifdef CONFIG_MODVERSIONS >+MODVERFILE := $(TOPDIR)/include/linux/modversions.h >+else >+MODVERFILE := >+endif >+export MODVERFILE >+ >+depend dep: dep-files >+ >+checkconfig: >+ find * -name '*.[hcS]' -type f -print | sort | xargs $(PERL) -w scripts/checkconfig.pl >+ >+checkhelp: >+ find * -name [cC]onfig.in -print | sort | xargs $(PERL) -w scripts/checkhelp.pl >+ >+checkincludes: >+ find * -name '*.[hcS]' -type f -print | sort | xargs $(PERL) -w scripts/checkincludes.pl >+ >+ifdef CONFIGURATION >+..$(CONFIGURATION): >+ @echo >+ @echo "You have a bad or nonexistent" .$(CONFIGURATION) ": running 'make" $(CONFIGURATION)"'" >+ @echo >+ $(MAKE) $(CONFIGURATION) >+ @echo >+ @echo "Successful. Try re-making (ignore the error that follows)" >+ @echo >+ exit 1 >+ >+#dummy: ..$(CONFIGURATION) >+dummy: >+ >+else >+ >+dummy: >+ >+endif >+ >+include Rules.make >+ >+# >+# This generates dependencies for the .h files. >+# >+ >+scripts/mkdep: scripts/mkdep.c >+ $(HOSTCC) $(HOSTCFLAGS) -o scripts/mkdep scripts/mkdep.c >+ >+scripts/split-include: scripts/split-include.c >+ $(HOSTCC) $(HOSTCFLAGS) -o scripts/split-include scripts/split-include.c >+ >+scripts/kconfig.tk: >+ $(MAKE) -C scripts kconfig.tk >+ >+scripts/makeproconfigdata: scripts/makeproconfigdata.c >+ $(HOSTCC) $(HOSTCFLAGS) -o $@ $^ >+ >+# >+# RPM target >+# >+# If you do a make spec before packing the tarball you can rpm -ta it >+# >+spec: >+ . scripts/mkspec >kernel.spec >+ >+# >+# Build a tar ball, generate an rpm from it and pack the result >+# There arw two bits of magic here >+# 1) The use of /. to avoid tar packing just the symlink >+# 2) Removing the .dep files as they have source paths in them that >+# will become invalid >+# >+rpm: clean spec >+ find . \( -size 0 -o -name .depend -o -name .hdepend \) -type f -print | xargs rm -f >+ set -e; \ >+ cd $(TOPDIR)/.. ; \ >+ ln -sf $(TOPDIR) $(KERNELPATH) ; \ >+ tar -cvz --exclude CVS -f $(KERNELPATH).tar.gz $(KERNELPATH)/. ; \ >+ rm $(KERNELPATH) ; \ >+ cd $(TOPDIR) ; \ >+ . scripts/mkversion > .version ; \ >+ rpm -ta $(TOPDIR)/../$(KERNELPATH).tar.gz ; \ >+ rm $(TOPDIR)/../$(KERNELPATH).tar.gz >diff -uNr linux-2.4.20-gentoo-r1/arch/i386/config.in linux-2.4.20-gentoo-r1-systrace/arch/i386/config.in >--- linux-2.4.20-gentoo-r1/arch/i386/config.in 2003-04-03 14:47:12.000000000 +0200 >+++ linux-2.4.20-gentoo-r1-systrace/arch/i386/config.in 2003-04-03 15:46:53.000000000 +0200 >@@ -381,6 +381,8 @@ > tristate 'Kernel support for ELF binaries' CONFIG_BINFMT_ELF > tristate 'Kernel support for MISC binaries' CONFIG_BINFMT_MISC > >+bool 'Systrace support' CONFIG_SYSTRACE >+ > bool 'Power Management support' CONFIG_PM > > dep_tristate ' Advanced Power Management BIOS support' CONFIG_APM $CONFIG_PM >diff -uNr linux-2.4.20-gentoo-r1/arch/i386/config.in~ linux-2.4.20-gentoo-r1-systrace/arch/i386/config.in~ >--- linux-2.4.20-gentoo-r1/arch/i386/config.in~ 1970-01-01 01:00:00.000000000 +0100 >+++ linux-2.4.20-gentoo-r1-systrace/arch/i386/config.in~ 2003-04-03 15:38:20.000000000 +0200 >@@ -0,0 +1,550 @@ >+# >+# For a description of the syntax of this configuration file, >+# see Documentation/kbuild/config-language.txt. >+# >+mainmenu_name "Linux Kernel Configuration" >+ >+define_bool CONFIG_X86 y >+define_bool CONFIG_SBUS n >+ >+define_bool CONFIG_UID16 y >+ >+mainmenu_option next_comment >+comment 'Code maturity level options' >+bool 'Prompt for development and/or incomplete code/drivers' CONFIG_EXPERIMENTAL >+endmenu >+ >+mainmenu_option next_comment >+comment 'Loadable module support' >+bool 'Enable loadable module support' CONFIG_MODULES >+if [ "$CONFIG_MODULES" = "y" ]; then >+ bool ' Set version information on all module symbols' CONFIG_MODVERSIONS >+ bool ' Kernel module loader' CONFIG_KMOD >+fi >+endmenu >+ >+mainmenu_option next_comment >+comment 'Processor type and features' >+bool 'Low latency scheduling' CONFIG_LOLAT >+dep_bool 'Control low latency with sysctl' CONFIG_LOLAT_SYSCTL $CONFIG_LOLAT >+ >+choice 'Processor family' \ >+ "386 CONFIG_M386 \ >+ 486 CONFIG_M486 \ >+ 586/K5/5x86/6x86/6x86MX CONFIG_M586 \ >+ Pentium-Classic CONFIG_M586TSC \ >+ Pentium-MMX CONFIG_M586MMX \ >+ Pentium-MMX(gcc>31) CONFIG_M586MMX31 \ >+ Pentium-Pro/Celeron/Pentium-II CONFIG_M686 \ >+ Pentium-Pro/Celeron/Pentium-II(gcc>31) CONFIG_M68631 \ >+ Pentium-III/Celeron(Coppermine) CONFIG_MPENTIUMIII \ >+ Pentium-III/Celeron(Coppermine)(gcc>31) CONFIG_MPENTIUMIII31 \ >+ Pentium-4 CONFIG_MPENTIUM4 \ >+ Pentium-4(gcc>31) CONFIG_MPENTIUM431 \ >+ K6/K6-II/K6-III CONFIG_MK6 \ >+ K6-II/K6-III(gcc>31) CONFIG_MK6231 \ >+ Athlon/Duron/K7 CONFIG_MK7 \ >+ Athlon/Duron/K7(>gcc31) CONFIG_MK731 \ >+ AthlonXP(gcc>31) CONFIG_MXP31 \ >+ AthlonMP(gcc>31) CONFIG_MMP31 \ >+ Elan CONFIG_MELAN \ >+ Crusoe CONFIG_MCRUSOE \ >+ Winchip-C6 CONFIG_MWINCHIPC6 \ >+ Winchip-2 CONFIG_MWINCHIP2 \ >+ Winchip-2A/Winchip-3 CONFIG_MWINCHIP3D \ >+ CyrixIII/VIA-C3/VIA-C5 CONFIG_MCYRIXIII" Pentium-Pro >+# >+# Define implied options from the CPU selection here >+# >+ >+if [ "$CONFIG_M386" = "y" ]; then >+ define_bool CONFIG_X86_CMPXCHG n >+ define_bool CONFIG_X86_XADD n >+ define_int CONFIG_X86_L1_CACHE_SHIFT 4 >+ define_bool CONFIG_RWSEM_GENERIC_SPINLOCK y >+ define_bool CONFIG_RWSEM_XCHGADD_ALGORITHM n >+ define_bool CONFIG_X86_PPRO_FENCE y >+ define_bool CONFIG_X86_F00F_WORKS_OK n >+else >+ define_bool CONFIG_X86_WP_WORKS_OK y >+ define_bool CONFIG_X86_INVLPG y >+ define_bool CONFIG_X86_CMPXCHG y >+ define_bool CONFIG_X86_XADD y >+ define_bool CONFIG_X86_BSWAP y >+ define_bool CONFIG_X86_POPAD_OK y >+ define_bool CONFIG_RWSEM_GENERIC_SPINLOCK n >+ define_bool CONFIG_RWSEM_XCHGADD_ALGORITHM y >+fi >+if [ "$CONFIG_M486" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 4 >+ define_bool CONFIG_X86_USE_STRING_486 y >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_PPRO_FENCE y >+ define_bool CONFIG_X86_F00F_WORKS_OK n >+fi >+if [ "$CONFIG_M586" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_USE_STRING_486 y >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_PPRO_FENCE y >+ define_bool CONFIG_X86_F00F_WORKS_OK n >+fi >+if [ "$CONFIG_M586TSC" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_USE_STRING_486 y >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_PPRO_FENCE y >+ define_bool CONFIG_X86_F00F_WORKS_OK n >+fi >+if [ "$CONFIG_M586MMX" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_USE_STRING_486 y >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_PPRO_FENCE y >+ define_bool CONFIG_X86_F00F_WORKS_OK n >+fi >+if [ "$CONFIG_M586MMX31" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_USE_STRING_486 y >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_PPRO_FENCE y >+fi >+if [ "$CONFIG_M686" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_PGE y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+ define_bool CONFIG_X86_PPRO_FENCE y >+ define_bool CONFIG_X86_F00F_WORKS_OK y >+fi >+if [ "$CONFIG_M68631" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_PGE y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+ define_bool CONFIG_X86_PPRO_FENCE y >+fi >+if [ "$CONFIG_MPENTIUMIII" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_PGE y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+ define_bool CONFIG_X86_F00F_WORKS_OK y >+fi >+if [ "$CONFIG_MPENTIUMIII31" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_PGE y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+fi >+if [ "$CONFIG_MPENTIUM4" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 7 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_PGE y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+ define_bool CONFIG_X86_F00F_WORKS_OK y >+fi >+if [ "$CONFIG_MPENTIUM431" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 7 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_PGE y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+fi >+if [ "$CONFIG_MK6" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+fi >+if [ "$CONFIG_MK6231" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+fi >+if [ "$CONFIG_MK7" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 6 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_USE_3DNOW y >+ define_bool CONFIG_X86_PGE y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+ define_bool CONFIG_X86_F00F_WORKS_OK y >+fi >+if [ "$CONFIG_MK731" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 6 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_USE_3DNOW y >+ define_bool CONFIG_X86_PGE y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+fi >+if [ "$CONFIG_MXP31" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 6 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_USE_3DNOW y >+ define_bool CONFIG_X86_PGE y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+fi >+if [ "$CONFIG_MMP31" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 6 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_GOOD_APIC y >+ define_bool CONFIG_X86_USE_3DNOW y >+ define_bool CONFIG_X86_PGE y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+fi >+if [ "$CONFIG_MELAN" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 4 >+ define_bool CONFIG_X86_USE_STRING_486 y >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_F00F_WORKS_OK y >+fi >+if [ "$CONFIG_MCYRIXIII" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_USE_3DNOW y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+fi >+if [ "$CONFIG_MCRUSOE" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_F00F_WORKS_OK y >+fi >+if [ "$CONFIG_MWINCHIPC6" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+ define_bool CONFIG_X86_OOSTORE y >+ define_bool CONFIG_X86_F00F_WORKS_OK y >+fi >+if [ "$CONFIG_MWINCHIP2" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+ define_bool CONFIG_X86_OOSTORE y >+ define_bool CONFIG_X86_F00F_WORKS_OK y >+fi >+if [ "$CONFIG_MWINCHIP3D" = "y" ]; then >+ define_int CONFIG_X86_L1_CACHE_SHIFT 5 >+ define_bool CONFIG_X86_ALIGNMENT_16 y >+ define_bool CONFIG_X86_HAS_TSC y >+ define_bool CONFIG_X86_USE_PPRO_CHECKSUM y >+ define_bool CONFIG_X86_OOSTORE y >+ define_bool CONFIG_X86_F00F_WORKS_OK y >+fi >+ >+bool 'Machine Check Exception' CONFIG_X86_MCE >+ >+tristate 'Toshiba Laptop support' CONFIG_TOSHIBA >+tristate 'Dell laptop support' CONFIG_I8K >+ >+tristate '/dev/cpu/microcode - Intel IA32 CPU microcode support' CONFIG_MICROCODE >+tristate '/dev/cpu/*/msr - Model-specific register support' CONFIG_X86_MSR >+tristate '/dev/cpu/*/cpuid - CPU information support' CONFIG_X86_CPUID >+ >+choice 'High Memory Support' \ >+ "off CONFIG_NOHIGHMEM \ >+ 4GB CONFIG_HIGHMEM4G \ >+ 64GB CONFIG_HIGHMEM64G" off >+if [ "$CONFIG_HIGHMEM4G" = "y" -o "$CONFIG_HIGHMEM64G" = "y" ]; then >+ define_bool CONFIG_HIGHMEM y >+ define_bool CONFIG_HIGHPTE y >+else >+ define_bool CONFIG_HIGHMEM n >+fi >+if [ "$CONFIG_HIGHMEM64G" = "y" ]; then >+ define_bool CONFIG_X86_PAE y >+ choice 'User address space size' \ >+ "3GB CONFIG_1GB \ >+ 2GB CONFIG_2GB \ >+ 1GB CONFIG_3GB" 3GB >+else >+ choice 'User address space size' \ >+ "3GB CONFIG_1GB \ >+ 2GB CONFIG_2GB \ >+ 1GB CONFIG_3GB \ >+ 3.5GB CONFIG_05GB" 3GB >+fi >+ >+if [ "$CONFIG_HIGHMEM" = "y" ]; then >+ bool 'HIGHMEM I/O support' CONFIG_HIGHIO >+fi >+ >+bool 'Math emulation' CONFIG_MATH_EMULATION >+bool 'MTRR (Memory Type Range Register) support' CONFIG_MTRR >+bool 'Symmetric multi-processing support' CONFIG_SMP >+bool 'Preemptible Kernel' CONFIG_PREEMPT >+if [ "$CONFIG_SMP" != "y" ]; then >+ bool 'Local APIC support on uniprocessors' CONFIG_X86_UP_APIC >+ dep_bool 'IO-APIC support on uniprocessors' CONFIG_X86_UP_IOAPIC $CONFIG_X86_UP_APIC >+ if [ "$CONFIG_X86_UP_APIC" = "y" ]; then >+ define_bool CONFIG_X86_LOCAL_APIC y >+ fi >+ if [ "$CONFIG_X86_UP_IOAPIC" = "y" ]; then >+ define_bool CONFIG_X86_IO_APIC y >+ fi >+else >+ bool 'Multiquad NUMA system' CONFIG_MULTIQUAD >+fi >+ >+bool 'Unsynced TSC support' CONFIG_X86_TSC_DISABLE >+if [ "$CONFIG_X86_TSC_DISABLE" != "y" -a "$CONFIG_X86_HAS_TSC" = "y" ]; then >+ define_bool CONFIG_X86_TSC y >+fi >+ >+if [ "$CONFIG_SMP" = "y" -o "$CONFIG_PREEMPT" = "y" ]; then >+ if [ "$CONFIG_X86_CMPXCHG" = "y" ]; then >+ define_bool CONFIG_HAVE_DEC_LOCK y >+fi >+fi >+ >+endmenu >+ >+mainmenu_option next_comment >+comment 'General setup' >+ >+bool 'Networking support' CONFIG_NET >+ >+# Visual Workstation support is utterly broken. >+# If you want to see it working mail an VW540 to hch@infradead.org 8) >+#bool 'SGI Visual Workstation support' CONFIG_VISWS >+if [ "$CONFIG_VISWS" = "y" ]; then >+ define_bool CONFIG_X86_VISWS_APIC y >+ define_bool CONFIG_X86_LOCAL_APIC y >+ define_bool CONFIG_PCI y >+ define_bool CONFIG_ISA n >+else >+ if [ "$CONFIG_SMP" = "y" ]; then >+ define_bool CONFIG_X86_IO_APIC y >+ define_bool CONFIG_X86_LOCAL_APIC y >+ fi >+ bool 'PCI support' CONFIG_PCI >+ if [ "$CONFIG_PCI" = "y" ]; then >+ choice ' PCI access mode' \ >+ "BIOS CONFIG_PCI_GOBIOS \ >+ Direct CONFIG_PCI_GODIRECT \ >+ Any CONFIG_PCI_GOANY" Any >+ if [ "$CONFIG_PCI_GOBIOS" = "y" -o "$CONFIG_PCI_GOANY" = "y" ]; then >+ define_bool CONFIG_PCI_BIOS y >+ fi >+ if [ "$CONFIG_PCI_GODIRECT" = "y" -o "$CONFIG_PCI_GOANY" = "y" ]; then >+ define_bool CONFIG_PCI_DIRECT y >+ fi >+ fi >+ bool 'ISA bus support' CONFIG_ISA >+fi >+ >+source drivers/pci/Config.in >+ >+bool 'EISA support' CONFIG_EISA >+ >+if [ "$CONFIG_VISWS" != "y" ]; then >+ bool 'MCA support' CONFIG_MCA >+else >+ define_bool CONFIG_MCA n >+fi >+ >+bool 'Support for hot-pluggable devices' CONFIG_HOTPLUG >+ >+if [ "$CONFIG_HOTPLUG" = "y" ] ; then >+ source drivers/pcmcia/Config.in >+ source drivers/hotplug/Config.in >+else >+ define_bool CONFIG_PCMCIA n >+ define_bool CONFIG_HOTPLUG_PCI n >+fi >+ >+bool 'System V IPC' CONFIG_SYSVIPC >+bool 'BSD Process Accounting' CONFIG_BSD_PROCESS_ACCT >+bool 'Sysctl support' CONFIG_SYSCTL >+if [ "$CONFIG_PROC_FS" = "y" ]; then >+ choice 'Kernel core (/proc/kcore) format' \ >+ "ELF CONFIG_KCORE_ELF \ >+ A.OUT CONFIG_KCORE_AOUT" ELF >+fi >+tristate 'Kernel support for a.out binaries' CONFIG_BINFMT_AOUT >+tristate 'Kernel support for ELF binaries' CONFIG_BINFMT_ELF >+tristate 'Kernel support for MISC binaries' CONFIG_BINFMT_MISC >+ >+bool 'Power Management support' CONFIG_PM >+ >+dep_tristate ' Advanced Power Management BIOS support' CONFIG_APM $CONFIG_PM >+if [ "$CONFIG_APM" != "n" ]; then >+ bool ' Ignore USER SUSPEND' CONFIG_APM_IGNORE_USER_SUSPEND >+ bool ' Enable PM at boot time' CONFIG_APM_DO_ENABLE >+ bool ' Make CPU Idle calls when idle' CONFIG_APM_CPU_IDLE >+ bool ' Enable console blanking using APM' CONFIG_APM_DISPLAY_BLANK >+ bool ' RTC stores time in GMT' CONFIG_APM_RTC_IS_GMT >+ bool ' Allow interrupts during APM BIOS calls' CONFIG_APM_ALLOW_INTS >+ bool ' Use real mode APM BIOS call to power off' CONFIG_APM_REAL_MODE_POWER_OFF >+fi >+ >+source drivers/acpi/Config.in >+ >+endmenu >+ >+source drivers/mtd/Config.in >+ >+source drivers/parport/Config.in >+ >+source drivers/pnp/Config.in >+ >+source drivers/block/Config.in >+ >+source drivers/evms/Config.in >+ >+source drivers/md/Config.in >+ >+source crypto/Config.in >+ >+if [ "$CONFIG_NET" = "y" ]; then >+ source net/Config.in >+fi >+ >+source drivers/telephony/Config.in >+ >+mainmenu_option next_comment >+comment 'ATA/IDE/MFM/RLL support' >+ >+tristate 'ATA/IDE/MFM/RLL support' CONFIG_IDE >+ >+if [ "$CONFIG_IDE" != "n" ]; then >+ source drivers/ide/Config.in >+else >+ define_bool CONFIG_BLK_DEV_IDE_MODES n >+ define_bool CONFIG_BLK_DEV_HD n >+fi >+endmenu >+ >+mainmenu_option next_comment >+comment 'SCSI support' >+ >+tristate 'SCSI support' CONFIG_SCSI >+ >+if [ "$CONFIG_SCSI" != "n" ]; then >+ source drivers/scsi/Config.in >+fi >+endmenu >+ >+source drivers/message/fusion/Config.in >+ >+source drivers/ieee1394/Config.in >+ >+source drivers/message/i2o/Config.in >+ >+if [ "$CONFIG_NET" = "y" ]; then >+ mainmenu_option next_comment >+ comment 'Network device support' >+ >+ bool 'Network device support' CONFIG_NETDEVICES >+ if [ "$CONFIG_NETDEVICES" = "y" ]; then >+ source drivers/net/Config.in >+ if [ "$CONFIG_ATM" = "y" ]; then >+ source drivers/atm/Config.in >+ fi >+ fi >+ endmenu >+fi >+ >+source net/ax25/Config.in >+ >+source net/irda/Config.in >+ >+mainmenu_option next_comment >+comment 'ISDN subsystem' >+if [ "$CONFIG_NET" != "n" ]; then >+ tristate 'ISDN support' CONFIG_ISDN >+ if [ "$CONFIG_ISDN" != "n" ]; then >+ source drivers/isdn/Config.in >+ fi >+fi >+endmenu >+ >+if [ "$CONFIG_ISA" = "y" ]; then >+ mainmenu_option next_comment >+ comment 'Old CD-ROM drivers (not SCSI, not IDE)' >+ >+ bool 'Support non-SCSI/IDE/ATAPI CDROM drives' CONFIG_CD_NO_IDESCSI >+ if [ "$CONFIG_CD_NO_IDESCSI" != "n" ]; then >+ source drivers/cdrom/Config.in >+ fi >+ endmenu >+fi >+ >+# >+# input before char - char/joystick depends on it. As does USB. >+# >+source drivers/input/Config.in >+source drivers/char/Config.in >+ >+#source drivers/misc/Config.in >+ >+source drivers/media/Config.in >+ >+source fs/Config.in >+ >+if [ "$CONFIG_VT" = "y" ]; then >+ mainmenu_option next_comment >+ comment 'Console drivers' >+ bool 'VGA text console' CONFIG_VGA_CONSOLE >+ bool 'Video mode selection support' CONFIG_VIDEO_SELECT >+ if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then >+ tristate 'MDA text console (dual-headed) (EXPERIMENTAL)' CONFIG_MDA_CONSOLE >+ source drivers/video/Config.in >+ fi >+ endmenu >+fi >+ >+mainmenu_option next_comment >+comment 'Sound' >+ >+tristate 'Sound card support' CONFIG_SOUND >+if [ "$CONFIG_SOUND" != "n" ]; then >+ source drivers/sound/Config.in >+fi >+endmenu >+ >+source drivers/usb/Config.in >+ >+source net/bluetooth/Config.in >+ >+mainmenu_option next_comment >+comment 'Kernel hacking' >+ >+bool 'Kernel debugging' CONFIG_DEBUG_KERNEL >+if [ "$CONFIG_DEBUG_KERNEL" != "n" ]; then >+ bool ' Check for stack overflows' CONFIG_DEBUG_STACKOVERFLOW >+ bool ' Debug high memory support' CONFIG_DEBUG_HIGHMEM >+ bool ' Debug memory allocations' CONFIG_DEBUG_SLAB >+ bool ' Memory mapped I/O debugging' CONFIG_DEBUG_IOVIRT >+ bool ' Magic SysRq key' CONFIG_MAGIC_SYSRQ >+ bool ' Spinlock debugging' CONFIG_DEBUG_SPINLOCK >+ bool ' Compile the kernel with frame pointers' CONFIG_FRAME_POINTER >+fi >+ >+endmenu >+ >+source lib/Config.in >+ >+mainmenu_option next_comment >+comment 'Grsecurity' >+bool 'Grsecurity' CONFIG_GRKERNSEC >+if [ "$CONFIG_GRKERNSEC" = "y" ]; then >+ source grsecurity/Config.in >+fi >+endmenu >diff -uNr linux-2.4.20-gentoo-r1/arch/i386/kernel/entry.S linux-2.4.20-gentoo-r1-systrace/arch/i386/kernel/entry.S >--- linux-2.4.20-gentoo-r1/arch/i386/kernel/entry.S 2003-04-03 14:47:12.000000000 +0200 >+++ linux-2.4.20-gentoo-r1-systrace/arch/i386/kernel/entry.S 2003-04-03 15:46:53.000000000 +0200 >@@ -230,8 +230,21 @@ > jne tracesys > cmpl $(NR_syscalls),%eax > jae badsys >+#ifdef CONFIG_SYSTRACE >+ movl %esp,%eax >+ call SYMBOL_NAME(systrace_intercept) >+ cmpl $0,%eax >+ jl ret >+ movl ORIG_EAX(%esp),%eax >+#endif /* CONFIG_SYSTRACE */ > call *SYMBOL_NAME(sys_call_table)(,%eax,4) >+ret: > movl %eax,EAX(%esp) # save the return value >+#ifdef CONFIG_SYSTRACE >+ movl %esp,%eax # pass in stack >+ call SYMBOL_NAME(systrace_result) >+ movl EAX(%esp),%eax # XXX: ?to be on the safe side >+#endif /* CONFIG_SYSTRACE */ > > #ifdef CONFIG_GRKERNSEC_PAX_RANDKSTACK > cli # need_resched and signals atomic test >diff -uNr linux-2.4.20-gentoo-r1/drivers/Makefile linux-2.4.20-gentoo-r1-systrace/drivers/Makefile >--- linux-2.4.20-gentoo-r1/drivers/Makefile 2003-04-03 14:47:12.000000000 +0200 >+++ linux-2.4.20-gentoo-r1-systrace/drivers/Makefile 2003-04-03 15:46:53.000000000 +0200 >@@ -41,6 +41,7 @@ > subdir-$(CONFIG_ISDN_BOOL) += isdn > subdir-$(CONFIG_ATM) += atm > subdir-$(CONFIG_FC4) += fc4 >+subdir-$(CONFIG_SYSTRACE) += systrace > > # CONFIG_HAMRADIO can be set without CONFIG_NETDEVICE being set -- ch > subdir-$(CONFIG_HAMRADIO) += net/hamradio >diff -uNr linux-2.4.20-gentoo-r1/drivers/systrace/Makefile linux-2.4.20-gentoo-r1-systrace/drivers/systrace/Makefile >--- linux-2.4.20-gentoo-r1/drivers/systrace/Makefile 1970-01-01 01:00:00.000000000 +0100 >+++ linux-2.4.20-gentoo-r1-systrace/drivers/systrace/Makefile 2003-04-03 15:46:53.000000000 +0200 >@@ -0,0 +1,6 @@ >+O_TARGET := str.o >+ >+obj-y := systrace.o policy.o linux_sysent.o >+ >+include $(TOPDIR)/Rules.make >+ >diff -uNr linux-2.4.20-gentoo-r1/drivers/systrace/linux_sysent.c linux-2.4.20-gentoo-r1-systrace/drivers/systrace/linux_sysent.c >--- linux-2.4.20-gentoo-r1/drivers/systrace/linux_sysent.c 1970-01-01 01:00:00.000000000 +0100 >+++ linux-2.4.20-gentoo-r1-systrace/drivers/systrace/linux_sysent.c 2003-04-03 15:46:53.000000000 +0200 >@@ -0,0 +1,296 @@ >+/* >+ * file taken from openbsd's compat/linux/linux_sysent.c >+ */ >+ >+/* $OpenBSD: linux_sysent.c,v 1.36 2002/06/05 19:43:44 jasoni Exp $ */ >+ >+ >+#include <linux/sched.h> >+#include <linux/smp_lock.h> >+#include <linux/mm.h> >+#include <linux/pagemap.h> >+#include <linux/fs.h> >+#include <linux/wait.h> >+#include <linux/queue.h> >+ >+#include <asm/uaccess.h> >+#include <asm/ptrace.h> >+#include <asm/semaphore.h> >+ >+#include <linux/systrace.h> >+ >+/* #define s(type) sizeof(type) */ >+#define s(type) 0 >+ >+struct sysent linux_sysent[] = { >+ { 0, 0 }, /* 0 = syscall */ >+ { 1, s(struct sys_exit_args) }, /* 1 = exit */ >+ { 0, 0 }, /* 2 = fork */ >+ { 3, s(struct sys_read_args) }, /* 3 = read */ >+ { 3, s(struct sys_write_args) }, /* 4 = write */ >+ { 3, s(struct linux_sys_open_args) }, /* 5 = open */ >+ { 1, s(struct sys_close_args) }, /* 6 = close */ >+ { 3, s(struct linux_sys_waitpid_args) }, /* 7 = waitpid */ >+ { 2, s(struct linux_sys_creat_args) }, /* 8 = creat */ >+ { 2, s(struct sys_link_args) }, /* 9 = link */ >+ { 1, s(struct linux_sys_unlink_args) }, /* 10 = unlink */ >+ { 3, s(struct linux_sys_execve_args) }, /* 11 = execve */ >+ { 1, s(struct linux_sys_chdir_args) }, /* 12 = chdir */ >+ { 1, s(struct linux_sys_time_args) }, /* 13 = time */ >+ { 3, s(struct linux_sys_mknod_args) }, /* 14 = mknod */ >+ { 2, s(struct linux_sys_chmod_args) }, /* 15 = chmod */ >+ { 3, s(struct linux_sys_lchown16_args) }, /* 16 = lchown16 */ >+ { 1, s(struct linux_sys_break_args) }, /* 17 = break */ >+ { 0, 0 }, /* 18 = ostat */ >+ { 3, s(struct compat_43_sys_lseek_args) }, /* 19 = lseek */ >+ { 0, 0 }, /* 20 = getpid */ >+ { 5, s(struct linux_sys_mount_args) }, /* 21 = mount */ >+ { 1, s(struct linux_sys_umount_args) }, /* 22 = umount */ >+ { 1, s(struct sys_setuid_args) }, /* 23 = linux_setuid16 */ >+ { 0, 0 }, /* 24 = linux_getuid16 */ >+ { 1, s(struct linux_sys_stime_args) }, /* 25 = stime */ >+ { 0, 0 }, /* 26 = unimplemented ptrace */ >+ { 1, s(struct linux_sys_alarm_args) }, /* 27 = alarm */ >+ { 0, 0 }, /* 28 = ofstat */ >+ { 0, 0 }, /* 29 = pause */ >+ { 2, s(struct linux_sys_utime_args) }, /* 30 = utime */ >+ { 0, 0 }, /* 31 = stty */ >+ { 0, 0 }, /* 32 = gtty */ >+ { 2, s(struct linux_sys_access_args) }, /* 33 = access */ >+ { 1, s(struct linux_sys_nice_args) }, /* 34 = nice */ >+ { 0, 0 }, /* 35 = ftime */ >+ { 0, 0 }, /* 36 = sync */ >+ { 2, s(struct linux_sys_kill_args) }, /* 37 = kill */ >+ { 2, s(struct linux_sys_rename_args) }, /* 38 = rename */ >+ { 2, s(struct linux_sys_mkdir_args) }, /* 39 = mkdir */ >+ { 1, s(struct linux_sys_rmdir_args) }, /* 40 = rmdir */ >+ { 1, s(struct sys_dup_args) }, /* 41 = dup */ >+ { 1, s(struct linux_sys_pipe_args) }, /* 42 = pipe */ >+ { 1, s(struct linux_sys_times_args) }, /* 43 = times */ >+ { 0, 0 }, /* 44 = prof */ >+ { 1, s(struct linux_sys_brk_args) }, /* 45 = brk */ >+ { 1, s(struct sys_setgid_args) }, /* 46 = linux_setgid16 */ >+ { 0, 0 }, /* 47 = linux_getgid16 */ >+ { 2, s(struct linux_sys_signal_args) }, /* 48 = signal */ >+ { 0, 0 }, /* 49 = linux_geteuid16 */ >+ { 0, 0 }, /* 50 = linux_getegid16 */ >+ { 1, s(struct sys_acct_args) }, /* 51 = acct */ >+ { 0, 0 }, /* 52 = phys */ >+ { 0, 0 }, /* 53 = lock */ >+ { 3, s(struct linux_sys_ioctl_args) }, /* 54 = ioctl */ >+ { 3, s(struct linux_sys_fcntl_args) }, /* 55 = fcntl */ >+ { 0, 0 }, /* 56 = mpx */ >+ { 2, s(struct sys_setpgid_args) }, /* 57 = setpgid */ >+ { 0, 0 }, /* 58 = ulimit */ >+ { 1, s(struct linux_sys_oldolduname_args) }, /* 59 = oldolduname */ >+ { 1, s(struct sys_umask_args) }, /* 60 = umask */ >+ { 1, s(struct sys_chroot_args) }, /* 61 = chroot */ >+ { 0, 0 }, /* 62 = ustat */ >+ { 2, s(struct sys_dup2_args) }, /* 63 = dup2 */ >+ { 0, 0 }, /* 64 = getppid */ >+ { 0, 0 }, /* 65 = getpgrp */ >+ { 0, 0 }, /* 66 = setsid */ >+ { 3, s(struct linux_sys_sigaction_args) }, /* 67 = sigaction */ >+ { 0, 0 }, /* 68 = siggetmask */ >+ { 1, s(struct linux_sys_sigsetmask_args) }, /* 69 = sigsetmask */ >+ { 2, s(struct linux_sys_setreuid16_args) }, /* 70 = setreuid16 */ >+ { 2, s(struct linux_sys_setregid16_args) }, /* 71 = setregid16 */ >+ { 3, s(struct linux_sys_sigsuspend_args) }, /* 72 = sigsuspend */ >+ { 1, s(struct linux_sys_sigpending_args) }, /* 73 = sigpending */ >+ { 2, s(struct compat_43_sys_sethostname_args) }, /* 74 = sethostname */ >+ { 2, s(struct linux_sys_setrlimit_args) }, /* 75 = setrlimit */ >+ { 2, s(struct linux_sys_getrlimit_args) }, /* 76 = getrlimit */ >+ { 2, s(struct sys_getrusage_args) }, /* 77 = getrusage */ >+ { 2, s(struct sys_gettimeofday_args) }, /* 78 = gettimeofday */ >+ { 2, s(struct sys_settimeofday_args) }, /* 79 = settimeofday */ >+ { 2, s(struct sys_getgroups_args) }, /* 80 = linux_getgroups */ >+ { 2, s(struct sys_setgroups_args) }, /* 81 = linux_setgroups */ >+ { 1, s(struct linux_sys_oldselect_args) }, /* 82 = oldselect */ >+ { 2, s(struct linux_sys_symlink_args) }, /* 83 = symlink */ >+ { 2, s(struct compat_43_sys_lstat_args) }, /* 84 = olstat */ >+ { 3, s(struct linux_sys_readlink_args) }, /* 85 = readlink */ >+ { 1, s(struct linux_sys_uselib_args) }, /* 86 = uselib */ >+ { 1, s(struct sys_swapon_args) }, /* 87 = swapon */ >+ { 1, s(struct sys_reboot_args) }, /* 88 = reboot */ >+ { 3, s(struct linux_sys_readdir_args) }, /* 89 = readdir */ >+ { 1, s(struct linux_sys_mmap_args) }, /* 90 = mmap */ >+ { 2, s(struct sys_munmap_args) }, /* 91 = munmap */ >+ { 2, s(struct linux_sys_truncate_args) }, /* 92 = truncate */ >+ { 2, s(struct compat_43_sys_ftruncate_args) }, /* 93 = ftruncate */ >+ { 2, s(struct sys_fchmod_args) }, /* 94 = fchmod */ >+ { 3, s(struct linux_sys_fchown16_args) }, /* 95 = fchown16 */ >+ { 2, s(struct sys_getpriority_args) }, /* 96 = getpriority */ >+ { 3, s(struct sys_setpriority_args) }, /* 97 = setpriority */ >+ { 4, s(struct sys_profil_args) }, /* 98 = profil */ >+ { 2, s(struct linux_sys_statfs_args) }, /* 99 = statfs */ >+ { 2, s(struct linux_sys_fstatfs_args) }, /* 100 = fstatfs */ >+#ifdef __i386__ >+ { 3, s(struct linux_sys_ioperm_args) }, /* 101 = ioperm */ >+#else >+ { 0, 0 }, /* 101 = ioperm */ >+#endif >+ { 2, s(struct linux_sys_socketcall_args) }, /* 102 = socketcall */ >+ { 0, 0 }, /* 103 = klog */ >+ { 3, s(struct sys_setitimer_args) }, /* 104 = setitimer */ >+ { 2, s(struct sys_getitimer_args) }, /* 105 = getitimer */ >+ { 2, s(struct linux_sys_stat_args) }, /* 106 = stat */ >+ { 2, s(struct linux_sys_lstat_args) }, /* 107 = lstat */ >+ { 2, s(struct linux_sys_fstat_args) }, /* 108 = fstat */ >+ { 1, s(struct linux_sys_olduname_args) }, /* 109 = olduname */ >+#ifdef __i386__ >+ { 1, s(struct linux_sys_iopl_args) }, /* 110 = iopl */ >+#else >+ { 0, 0 }, /* 110 = iopl */ >+#endif >+ { 0, 0 }, /* 111 = vhangup */ >+ { 0, 0 }, /* 112 = idle */ >+ { 0, 0 }, /* 113 = vm86old */ >+ { 4, s(struct linux_sys_wait4_args) }, /* 114 = wait4 */ >+ { 0, 0 }, /* 115 = swapoff */ >+ { 0, 0 }, /* 116 = sysinfo */ >+ { 5, s(struct linux_sys_ipc_args) }, /* 117 = ipc */ >+ { 1, s(struct sys_fsync_args) }, /* 118 = fsync */ >+ { 1, s(struct linux_sys_sigreturn_args) }, /* 119 = sigreturn */ >+ { 2, s(struct linux_sys_clone_args) }, /* 120 = clone */ >+ { 2, s(struct compat_09_sys_setdomainname_args) }, /* 121 = setdomainname */ >+ { 1, s(struct linux_sys_uname_args) }, /* 122 = uname */ >+#ifdef __i386__ >+ { 3, s(struct linux_sys_modify_ldt_args) }, /* 123 = modify_ldt */ >+#else >+ { 0, 0 }, /* 123 = modify_ldt */ >+#endif >+ { 0, 0 }, /* 124 = adjtimex */ >+ { 3, s(struct sys_mprotect_args) }, /* 125 = mprotect */ >+ { 3, s(struct linux_sys_sigprocmask_args) }, /* 126 = sigprocmask */ >+ { 0, 0 }, /* 127 = create_module */ >+ { 0, 0 }, /* 128 = init_module */ >+ { 0, 0 }, /* 129 = delete_module */ >+ { 0, 0 }, /* 130 = get_kernel_syms */ >+ { 0, 0 }, /* 131 = quotactl */ >+ { 1, s(struct linux_sys_getpgid_args) }, /* 132 = getpgid */ >+ { 1, s(struct sys_fchdir_args) }, /* 133 = fchdir */ >+ { 0, 0 }, /* 134 = bdflush */ >+ { 0, 0 }, /* 135 = sysfs */ >+ { 1, s(struct linux_sys_personality_args) }, /* 136 = personality */ >+ { 0, 0 }, /* 137 = afs_syscall */ >+ { 1, s(struct linux_sys_setfsuid_args) }, /* 138 = linux_setfsuid16 */ >+ { 0, 0 }, /* 139 = linux_getfsuid16 */ >+ { 5, s(struct linux_sys_llseek_args) }, /* 140 = llseek */ >+ { 3, s(struct linux_sys_getdents_args) }, /* 141 = getdents */ >+ { 5, s(struct linux_sys_select_args) }, /* 142 = select */ >+ { 2, s(struct sys_flock_args) }, /* 143 = flock */ >+ { 3, s(struct sys_msync_args) }, /* 144 = msync */ >+ { 3, s(struct sys_readv_args) }, /* 145 = readv */ >+ { 3, s(struct sys_writev_args) }, /* 146 = writev */ >+ { 1, s(struct linux_sys_getsid_args) }, /* 147 = getsid */ >+ { 1, s(struct linux_sys_fdatasync_args) }, /* 148 = fdatasync */ >+ { 1, s(struct linux_sys___sysctl_args) }, /* 149 = __sysctl */ >+ { 2, s(struct sys_mlock_args) }, /* 150 = mlock */ >+ { 2, s(struct sys_munlock_args) }, /* 151 = munlock */ >+ { 0, 0 }, /* 152 = mlockall */ >+ { 0, 0 }, /* 153 = munlockall */ >+ { 2, s(struct linux_sys_sched_setparam_args) }, /* 154 = sched_setparam */ >+ { 2, s(struct linux_sys_sched_getparam_args) }, /* 155 = sched_getparam */ >+ { 3, s(struct linux_sys_sched_setscheduler_args) }, /* 156 = sched_setscheduler */ >+ { 1, s(struct linux_sys_sched_getscheduler_args) }, /* 157 = sched_getscheduler */ >+ { 0, 0 }, /* 158 = sched_yield */ >+ { 1, s(struct linux_sys_sched_get_priority_max_args) }, /* 159 = sched_get_priority_max */ >+ { 1, s(struct linux_sys_sched_get_priority_min_args) }, /* 160 = sched_get_priority_min */ >+ { 0, 0 }, /* 161 = sched_rr_get_interval */ >+ { 2, s(struct sys_nanosleep_args) }, /* 162 = nanosleep */ >+ { 4, s(struct linux_sys_mremap_args) }, /* 163 = mremap */ >+ { 3, s(struct linux_sys_setresuid16_args) }, /* 164 = setresuid16 */ >+ { 3, s(struct linux_sys_getresuid_args) }, /* 165 = linux_getresuid16 */ >+ { 0, 0 }, /* 166 = vm86 */ >+ { 0, 0 }, /* 167 = query_module */ >+ { 3, s(struct sys_poll_args) }, /* 168 = poll */ >+ { 0, 0 }, /* 169 = nfsservctl */ >+ { 3, s(struct linux_sys_setresgid16_args) }, /* 170 = setresgid16 */ >+ { 3, s(struct linux_sys_getresgid16_args) }, /* 171 = getresgid16 */ >+ { 0, 0 }, /* 172 = prctl */ >+ { 1, s(struct linux_sys_rt_sigreturn_args) }, /* 173 = rt_sigreturn */ >+ { 4, s(struct linux_sys_rt_sigaction_args) }, /* 174 = rt_sigaction */ >+ { 4, s(struct linux_sys_rt_sigprocmask_args) }, /* 175 = rt_sigprocmask */ >+ { 2, s(struct linux_sys_rt_sigpending_args) }, /* 176 = rt_sigpending */ >+ { 0, 0 }, /* 177 = rt_sigtimedwait */ >+ { 0, 0 }, /* 178 = rt_queueinfo */ >+ { 2, s(struct linux_sys_rt_sigsuspend_args) }, /* 179 = rt_sigsuspend */ >+ { 4, s(struct linux_sys_pread_args) }, /* 180 = pread */ >+ { 4, s(struct linux_sys_pwrite_args) }, /* 181 = pwrite */ >+ { 3, s(struct linux_sys_chown16_args) }, /* 182 = chown16 */ >+ { 2, s(struct linux_sys_getcwd_args) }, /* 183 = getcwd */ >+ { 0, 0 }, /* 184 = capget */ >+ { 0, 0 }, /* 185 = capset */ >+ { 2, s(struct linux_sys_sigaltstack_args) }, /* 186 = sigaltstack */ >+ { 0, 0 }, /* 187 = sendfile */ >+ { 0, 0 }, /* 188 = getpmsg */ >+ { 0, 0 }, /* 189 = putpmsg */ >+ { 0, 0 }, /* 190 = vfork */ >+ { 2, s(struct linux_sys_ugetrlimit_args) }, /* 191 = ugetrlimit */ >+ { 0, 0 }, /* 192 = mmap2 */ >+ { 2, s(struct linux_sys_truncate64_args) }, /* 193 = truncate64 */ >+ { 2, s(struct sys_ftruncate_args) }, /* 194 = linux_ftruncate64 */ >+ { 2, s(struct linux_sys_stat64_args) }, /* 195 = stat64 */ >+ { 2, s(struct linux_sys_lstat64_args) }, /* 196 = lstat64 */ >+ { 2, s(struct linux_sys_fstat64_args) }, /* 197 = fstat64 */ >+ { 0, 0 }, /* 198 = lchown */ >+ { 0, 0 }, /* 199 = getuid */ >+ { 0, 0 }, /* 200 = getgid */ >+ { 0, 0 }, /* 201 = geteuid */ >+ { 0, 0 }, /* 202 = getegid */ >+ { 0, 0 }, /* 203 = setreuid */ >+ { 0, 0 }, /* 204 = setregid */ >+ { 2, s(struct sys_getgroups_args) }, /* 205 = getgroups */ >+ { 2, s(struct sys_setgroups_args) }, /* 206 = setgroups */ >+ { 0, 0 }, /* 207 = fchown */ >+ { 0, 0 }, /* 208 = setresuid */ >+ { 3, s(struct linux_sys_getresuid_args) }, /* 209 = getresuid */ >+ { 0, 0 }, /* 210 = setresgid */ >+ { 0, 0 }, /* 211 = getresgid */ >+ { 0, 0 }, /* 212 = chown */ >+ { 1, s(struct sys_setuid_args) }, /* 213 = setuid */ >+ { 1, s(struct sys_setgid_args) }, /* 214 = setgid */ >+ { 1, s(struct linux_sys_setfsuid_args) }, /* 215 = setfsuid */ >+ { 0, 0 }, /* 216 = setfsgid */ >+ { 0, 0 }, /* 217 = pivot_root */ >+ { 0, 0 }, /* 218 = mincore */ >+ { 0, 0 }, /* 219 = madvise */ >+ { 0, 0 }, /* 220 = getdents64 */ >+ { 3, s(struct linux_sys_fcntl64_args) }, /* 221 = fcntl64 */ >+ /* XXX These need to be filled out */ >+ { 0, 0 }, /* 222 */ >+ { 0, 0 }, /* 223 */ >+ { 0, 0 }, /* 224 */ >+ { 0, 0 }, /* 225 */ >+ { 0, 0 }, /* 226 */ >+ { 0, 0 }, /* 227 */ >+ { 0, 0 }, /* 228 */ >+ { 0, 0 }, /* 229 */ >+ { 0, 0 }, /* 230 */ >+ { 0, 0 }, /* 231 */ >+ { 0, 0 }, /* 232 */ >+ { 0, 0 }, /* 233 */ >+ { 0, 0 }, /* 234 */ >+ { 0, 0 }, /* 235 */ >+ { 0, 0 }, /* 236 */ >+ { 0, 0 }, /* 237 */ >+ { 0, 0 }, /* 238 */ >+ { 0, 0 }, /* 239 */ >+ { 0, 0 }, /* 240 */ >+ { 0, 0 }, /* 241 */ >+ { 0, 0 }, /* 242 */ >+ { 0, 0 }, /* 243 */ >+ { 0, 0 }, /* 244 */ >+ { 0, 0 }, /* 245 */ >+ { 0, 0 }, /* 246 */ >+ { 0, 0 }, /* 247 */ >+ { 0, 0 }, /* 248 */ >+ { 0, 0 }, /* 249 */ >+ { 0, 0 }, /* 250 */ >+ { 0, 0 }, /* 251 */ >+ { 0, 0 }, /* 252 */ >+ { 0, 0 }, /* 253 */ >+ { 0, 0 }, /* 254 */ >+ { 0, 0 }, /* 255 */ >+ { 0, 0 }, /* 256 */ >+}; >diff -uNr linux-2.4.20-gentoo-r1/drivers/systrace/policy.c linux-2.4.20-gentoo-r1-systrace/drivers/systrace/policy.c >--- linux-2.4.20-gentoo-r1/drivers/systrace/policy.c 1970-01-01 01:00:00.000000000 +0100 >+++ linux-2.4.20-gentoo-r1-systrace/drivers/systrace/policy.c 2003-04-03 15:46:53.000000000 +0200 >@@ -0,0 +1,159 @@ >+/* >+ * policy.c >+ * >+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu> >+ * Copyright (c) 2002 Niels Provos <provos@citi.umich.edu> >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * 3. The names of the copyright holders may not be used to endorse or >+ * promote products derived from this software without specific >+ * prior written permission. >+ * >+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, >+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY >+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL >+ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, >+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, >+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; >+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, >+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR >+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF >+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#include <linux/sched.h> >+#include <linux/smp_lock.h> >+#include <linux/mm.h> >+#include <linux/pagemap.h> >+#include <linux/fs.h> >+#include <linux/wait.h> >+#include <linux/slab.h> >+#include <linux/queue.h> >+ >+#include <asm/semaphore.h> >+#include <asm/uaccess.h> >+#include <asm/ptrace.h> >+ >+#include <linux/queue.h> >+#include <linux/systrace.h> >+ >+#include "systrace-private.h" >+ >+extern int systrace_debug; >+ >+int >+systrace_policy(struct fsystrace *fst, struct systrace_policy *pol) >+{ >+ struct str_policy *strpol; >+ struct str_process *strp; >+ >+ switch(pol->strp_op) { >+ case SYSTR_POLICY_NEW: >+ DPRINTF(("%s: new, ents %d\n", __func__, pol->strp_maxents)); >+ >+ if (pol->strp_maxents <= 0 || pol->strp_maxents > 1024) >+ return (-EINVAL); >+ strpol = systrace_newpolicy(fst, pol->strp_maxents); >+ if (strpol == NULL) >+ return (-ENOBUFS); >+ pol->strp_num = strpol->nr; >+ break; >+ case SYSTR_POLICY_ASSIGN: >+ DPRINTF(("%s: %d -> pid %d\n", __func__, >+ pol->strp_num, pol->strp_pid)); >+ >+ /* Find right policy by number */ >+ TAILQ_FOREACH(strpol, &fst->policies, next) >+ if (strpol->nr == pol->strp_num) >+ break; >+ if (strpol == NULL) >+ return (-EINVAL); >+ >+ strp = systrace_findpid(fst, pol->strp_pid); >+ if (strp == NULL) >+ return (-EINVAL); >+ >+ if (strp->policy != NULL) >+ systrace_closepolicy(fst, strp->policy); >+ strp->policy = strpol; >+ strpol->refcount++; >+ break; >+ case SYSTR_POLICY_MODIFY: >+ DPRINTF(("%s: %d: code %d -> policy %d\n", __func__, >+ pol->strp_num, pol->strp_code, pol->strp_policy)); >+ >+ if (!POLICY_VALID(pol->strp_policy) && pol->strp_policy >= 0) >+ return (-EINVAL); >+ TAILQ_FOREACH(strpol, &fst->policies, next) >+ if (strpol->nr == pol->strp_num) >+ break; >+ if (strpol == NULL) >+ return (-EINVAL); >+ if (pol->strp_code < 0 || pol->strp_code >= strpol->nsysent) >+ return (-EINVAL); >+ strpol->sysent[pol->strp_code] = pol->strp_policy; >+ break; >+ default: >+ return (-EINVAL); >+ } >+ >+ return (0); >+} >+ >+struct str_policy * >+systrace_newpolicy(struct fsystrace *fst, int maxents) >+{ >+ struct str_policy *pol; >+ int i; >+ >+ if (fst->npolicies > SYSTR_MAX_POLICIES /* && !fst->issuser */) >+ return (NULL); >+ >+ if ((pol = kmalloc(sizeof(*pol), GFP_KERNEL)) == NULL) >+ return (NULL); >+ >+ DPRINTF(("%s: allocating %d -> %lu\n", __func__, >+ maxents, (u_long)maxents * sizeof(int))); >+ >+ memset(pol, 0, sizeof(*pol)); >+ >+ if ((pol->sysent = kmalloc(maxents * sizeof(short), GFP_KERNEL)) == NULL) { >+ kfree(pol); >+ return (NULL); >+ } >+ pol->nsysent = maxents; >+ for (i = 0; i < maxents; i++) >+ pol->sysent[i] = SYSTR_POLICY_ASK; >+ >+ fst->npolicies++; >+ pol->nr = fst->npolicynr++; >+ pol->refcount = 1; >+ >+ TAILQ_INSERT_TAIL(&fst->policies, pol, next); >+ >+ return (pol); >+} >+ >+void >+systrace_closepolicy(struct fsystrace *fst, struct str_policy *policy) >+{ >+ if (--policy->refcount) >+ return; >+ >+ fst->npolicies--; >+ >+ if (policy->nsysent) >+ kfree(policy->sysent); >+ >+ TAILQ_REMOVE(&fst->policies, policy, next); >+ >+ kfree(policy); >+} >diff -uNr linux-2.4.20-gentoo-r1/drivers/systrace/systrace-private.h linux-2.4.20-gentoo-r1-systrace/drivers/systrace/systrace-private.h >--- linux-2.4.20-gentoo-r1/drivers/systrace/systrace-private.h 1970-01-01 01:00:00.000000000 +0100 >+++ linux-2.4.20-gentoo-r1-systrace/drivers/systrace/systrace-private.h 2003-04-03 15:46:53.000000000 +0200 >@@ -0,0 +1,144 @@ >+/* >+ * systrace-private.h >+ * >+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu> >+ * Copyright (c) 2002 Niels Provos <provos@citi.umich.edu> >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * 3. The names of the copyright holders may not be used to endorse or >+ * promote products derived from this software without specific >+ * prior written permission. >+ * >+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, >+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY >+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL >+ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, >+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, >+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; >+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, >+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR >+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF >+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#ifndef SYSTRACE_PRIVATE_H >+#define SYSTRACE_PRIVATE_H >+ >+#define POLICY_VALID(x) ((x) == SYSTR_POLICY_PERMIT || \ >+ (x) == SYSTR_POLICY_ASK || \ >+ (x) == SYSTR_POLICY_NEVER) >+ >+#define DPRINTF(x) if (systrace_debug) printk x >+ >+struct str_policy { >+ int nr; >+ struct emul *emul; /* XXX */ >+ int refcount; >+ int nsysent; >+ short *sysent; >+ TAILQ_ENTRY(str_policy) next; >+}; >+ >+#define STR_PROC_ONQUEUE 0x01 >+#define STR_PROC_WAITANSWER 0x02 >+#define STR_PROC_SYSCALLRES 0x04 >+#define STR_PROC_REPORT 0x08 /* Report emulation */ >+#define STR_PROC_FSCHANGE 0x10 >+#define STR_PROC_SETEUID 0x20 /* Elevate privileges */ >+#define STR_PROC_SETEGID 0x40 >+ >+struct str_process { >+ TAILQ_ENTRY(str_process) next; >+ TAILQ_ENTRY(str_process) msg_next; >+ struct semaphore lock; >+ struct task_struct *proc; >+ pid_t pid; >+ struct fsystrace *parent; >+ struct str_policy *policy; >+ wait_queue_head_t wqh; >+ int flags; >+ short answer; >+ short error; >+ u16 seqnr; /* XXX: convert to u_int16_t */ >+ struct str_message msg; >+ struct systrace_replace *replace; >+ int report; >+ mm_segment_t oldfs; >+ int maycontrol; >+ int code; >+ register_t args[8]; >+ uid_t oldeuid; >+ gid_t oldegid; >+ uid_t savedeuid; >+ uid_t savedegid; >+ uid_t seteuid; >+ uid_t setegid; >+ int issuser; >+}; >+ >+/* VFS interface */ >+int systracef_ioctl(struct inode *, struct file *, unsigned int, >+ unsigned long); >+ssize_t systracef_read(struct file *, char *, size_t, loff_t *); >+ssize_t systracef_write(struct file *, const char *, size_t, loff_t *); >+int systracef_open(struct inode *, struct file *); >+int systracef_release(struct inode *, struct file *); >+unsigned int systracef_poll(struct file *, struct poll_table_struct *); >+ >+/* Policy handling */ >+struct str_policy *systrace_newpolicy(struct fsystrace *, int); >+void systrace_closepolicy(struct fsystrace *, struct str_policy *); >+int systrace_policy(struct fsystrace *, struct systrace_policy *); >+struct str_policy *systrace_newpolicy(struct fsystrace *, int); >+ >+/* Message utility functions */ >+int systrace_msg_child(struct fsystrace *, struct str_process *, pid_t); >+int systrace_msg_result(struct fsystrace *, struct str_process *, int, int, >+ size_t, register_t[]); >+int systrace_msg_ask(struct fsystrace *, struct str_process *, int, size_t, register_t[]); >+int systrace_msg_ugid(struct fsystrace *, struct str_process *); >+int systrace_msg_execve(struct fsystrace *, struct str_process *, register_t); >+int systrace_make_msg(struct str_process *, int); >+int systrace_make_msg(struct str_process *, int); >+ >+int systrace_io(struct str_process *, struct systrace_io *); >+int systrace_getcwd(struct fsystrace *, struct str_process *); >+int systrace_rescwd(struct fsystrace *); >+int systrace_attach(struct fsystrace *, pid_t); >+int systrace_detach(struct str_process *); >+int systrace_answer(struct str_process *, struct systrace_answer *); >+int systrace_insert_process(struct fsystrace *, struct task_struct *); >+int systrace_processready(struct str_process *); >+struct str_process *systrace_findpid(struct fsystrace *, pid_t); >+struct task_struct *systrace_find(struct str_process *); >+ >+int systrace_preprepl(struct str_process *, struct systrace_replace *); >+int systrace_replace(struct str_process *, size_t, register_t[]); >+uid_t systrace_seteuid(struct task_struct *, uid_t); >+gid_t systrace_setegid(struct task_struct *, gid_t); >+ >+#if 0 >+void systrace_lock(void); >+void systrace_unlock(void); >+#endif /* 0 */ >+/* >+ * Currently, disable the fine grained locking and use the big kernel >+ * lock instead. The only thing keeping me from using the fine >+ * grained locking is in systrace_make_msg(); when fst->lock is >+ * relinquished, there is a race condition until we sleep on the strp; >+ * it could have been detached in the mean time, causing nasty things >+ * to happen. When using the kernel lock, it is automatically >+ * relinquished when needed. >+ */ >+#define systrace_lock(...) lock_kernel(); >+#define systrace_unlock(...) unlock_kernel(); >+ >+#endif /* SYSTRACE_PRIVATE_H */ >diff -uNr linux-2.4.20-gentoo-r1/drivers/systrace/systrace.c linux-2.4.20-gentoo-r1-systrace/drivers/systrace/systrace.c >--- linux-2.4.20-gentoo-r1/drivers/systrace/systrace.c 1970-01-01 01:00:00.000000000 +0100 >+++ linux-2.4.20-gentoo-r1-systrace/drivers/systrace/systrace.c 2003-04-03 15:46:53.000000000 +0200 >@@ -0,0 +1,1395 @@ >+/* >+ * systrace.c >+ * >+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu> >+ * Copyright (c) 2002 Niels Provos <provos@citi.umich.edu> >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * 3. The names of the copyright holders may not be used to endorse or >+ * promote products derived from this software without specific >+ * prior written permission. >+ * >+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, >+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY >+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL >+ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, >+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, >+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; >+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, >+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR >+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF >+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+/* >+ * XXX clone()'s with same PID >+ */ >+ >+#include <linux/sched.h> >+#include <linux/smp_lock.h> >+#include <linux/mm.h> >+#include <linux/pagemap.h> >+#include <linux/fs.h> >+#include <linux/wait.h> >+#include <linux/slab.h> >+#include <linux/sys.h> >+#include <linux/miscdevice.h> >+#include <linux/queue.h> >+ >+#include <asm/semaphore.h> >+#include <asm/uaccess.h> >+#include <asm/ptrace.h> >+ >+#include <linux/queue.h> >+#include <linux/systrace.h> >+#include <linux/poll.h> >+ >+#include "systrace-private.h" >+ >+#define FIXARGS(argsize, args, regs) do { \ >+ switch (argsize) { \ >+ case 20: \ >+ args[4] = regs->edi; \ >+ case 16: \ >+ args[3] = regs->esi; \ >+ case 12: \ >+ args[2] = regs->edx; \ >+ case 8: \ >+ args[1] = regs->ecx; \ >+ case 4: \ >+ args[0] = regs->ebx; \ >+ case 0: \ >+ break; \ >+ default: \ >+ printk(KERN_ERR "systrace: (FIXARGS) Illegal argument size %d\n", argsize);\ >+ BUG(); \ >+ } \ >+} while (0) >+ >+#define SAVEARGS(argsize, args, regs) do { \ >+ switch (argsize) { \ >+ case 20: \ >+ regs->edi = args[4]; \ >+ case 16: \ >+ regs->esi = args[3]; \ >+ case 12: \ >+ regs->edx = args[2]; \ >+ case 8: \ >+ regs->ecx = args[1]; \ >+ case 4: \ >+ regs->ebx = args[0]; \ >+ case 0: \ >+ break; \ >+ default: \ >+ printk(KERN_ERR "systrace: Illegal argument size %d\n", argsize);\ >+ BUG(); \ >+ } \ >+} while (0) >+ >+#define PRINTARGS(argsize, regs) do { \ >+ switch (argsize) { \ >+ case 20: \ >+ printk(" edi: %lx\n", regs->edi); \ >+ case 16: \ >+ printk(" esi: %lx\n", regs->esi); \ >+ case 12: \ >+ printk(" edx: %lx\n", regs->edx); \ >+ case 8: \ >+ printk(" ecx: %lx\n", regs->ecx); \ >+ case 4: \ >+ printk(" ebx: %lx\n", regs->ebx); \ >+ case 0: \ >+ break; \ >+ default: \ >+ printk(KERN_ERR "systrace: Illegal argument size %d\n", argsize);\ >+ BUG(); \ >+ } \ >+} while (0) >+ >+#define SYSTRACE_MINOR 223 >+ >+spinlock_t str_lck = SPIN_LOCK_UNLOCKED; >+int systrace_debug = 0; >+ >+/* From kernel/sys.c */ >+static inline void cap_emulate_setxuid(int, int, int); >+static long __getcwd(char *, unsigned long); >+ >+/* >+ * Pass by registers; we need the stack that the system call will see >+ * in order to examine it and possibly modify. >+ */ >+ >+int FASTCALL(systrace_intercept(struct pt_regs *)); >+void FASTCALL(systrace_result(struct pt_regs *)); >+ >+static struct file_operations systrace_fops = { >+ read: &systracef_read, >+ write: &systracef_write, >+ ioctl: &systracef_ioctl, >+ release: &systracef_release, >+ open: &systracef_open, >+ poll: &systracef_poll >+}; >+ >+static struct miscdevice systrace_dev = { >+ SYSTRACE_MINOR, >+ "systrace", >+ &systrace_fops >+}; >+ >+void >+_systrace_lock(void) >+{ >+ spin_lock(&str_lck); >+} >+ >+void >+_systrace_unlock(void) >+{ >+ spin_unlock(&str_lck); >+} >+ >+int >+init_systrace(void) >+{ >+ if (misc_register(&systrace_dev) < 0) { >+ printk(KERN_INFO "systrace: unable to register device\n"); >+ return (-EIO); >+ } >+ >+ printk(KERN_INFO "systrace: systrace initialized\n"); >+ >+ return (0); >+} >+ >+int >+systracef_open(struct inode *inode, struct file *file) >+{ >+ struct fsystrace *fst; >+ int error = 0; >+ >+ if ((fst = kmalloc(sizeof(*fst), GFP_KERNEL)) == NULL) { >+ printk(KERN_ERR "systrace: Failed to allocate kernel memory.\n"); >+ error = 0; >+ goto out; >+ } >+ >+ memset(fst, 0, sizeof(*fst)); >+ >+ TAILQ_INIT(&fst->processes); >+ TAILQ_INIT(&fst->policies); >+ TAILQ_INIT(&fst->messages); >+ >+ init_MUTEX(&fst->lock); >+ init_waitqueue_head(&fst->wqh); >+ >+ fst->euid = current->euid; >+ fst->egid = current->egid; >+ fst->issuser = suser(); >+ fst->pid = current->pid; >+ >+ file->private_data = fst; >+ >+ out: >+ return (error); >+} >+ >+int >+systracef_ioctl(struct inode *inode, struct file *file, unsigned int cmd, >+ unsigned long arg) >+{ >+ struct fsystrace *fst = (struct fsystrace *)file->private_data; >+ pid_t pid = 0; >+ struct str_process *strp = NULL; >+ int error = 0; >+ void *data = NULL; >+ >+ if (fst == NULL) { >+ printk(KERN_ERR "systrace: in impossible state!\n"); >+ BUG(); >+ } >+ >+ /* Argument santizing */ >+ switch (cmd) { >+ case STRIOCATTACH: >+ case STRIOCANSWER: >+ case STRIOCIO: >+ case STRIOCGETCWD: >+ case STRIOCDETACH: >+ case STRIOCPOLICY: >+ case STRIOCREPLACE: >+ if ((void *)arg == NULL) >+ error = -EINVAL; >+ break; >+ case STRIOCRESCWD: >+ default: >+ break; >+ } >+ >+ if (error != 0) >+ goto out; >+ >+ switch (cmd) { >+ case STRIOCANSWER: >+ if ((data = kmalloc(sizeof(struct systrace_answer), >+ GFP_KERNEL)) == NULL) { >+ error = -ENOSPC; >+ break; >+ } >+ if (copy_from_user((struct systrace_answer *)data, >+ (struct systrace_answer *)arg, >+ sizeof(struct systrace_answer)) != 0) { >+ kfree(data); >+ error = -EFAULT; >+ break; >+ } >+ >+ pid = ((struct systrace_answer *)data)->stra_pid; >+ break; >+ case STRIOCIO: >+ if ((data = kmalloc(sizeof(struct systrace_io), >+ GFP_KERNEL)) == NULL) { >+ error = -ENOSPC; >+ break; >+ } >+ if (copy_from_user((struct systrace_io *)data, >+ (struct systrace_io *)arg, >+ sizeof(struct systrace_io)) != 0) { >+ kfree(data); >+ error = -EFAULT; >+ break; >+ } >+ >+ pid = ((struct systrace_io *)data)->strio_pid; >+ break; >+ case STRIOCGETCWD: >+ case STRIOCDETACH: >+ if (get_user(pid, (pid_t *)arg) != 0) >+ error = -EFAULT; >+ >+ if (pid == 0) >+ error = -EINVAL; >+ break; >+ case STRIOCATTACH: >+ case STRIOCRESCWD: >+ break; >+ case STRIOCPOLICY: >+ if ((data = kmalloc(sizeof(struct systrace_policy), >+ GFP_KERNEL)) == NULL) { >+ error = -ENOSPC; >+ break; >+ } >+ if (copy_from_user((struct systrace_policy *)data, >+ (struct systrace_policy *)arg, >+ sizeof(struct systrace_policy)) != 0) { >+ kfree(data); >+ error = -EFAULT; >+ break; >+ } >+ break; >+ case STRIOCREPLACE: >+ if ((data = kmalloc(sizeof(struct systrace_replace), >+ GFP_KERNEL)) == NULL) { >+ error = -ENOSPC; >+ break; >+ } >+ if (copy_from_user((struct systrace_replace *)data, >+ (struct systrace_replace *)arg, >+ sizeof(struct systrace_replace)) != 0) { >+ kfree(data); >+ error = -EFAULT; >+ break; >+ } >+ >+ pid = ((struct systrace_replace *)data)->strr_pid; >+ break; >+ default: >+ error = -EINVAL; >+ } >+ >+ if (error != 0) >+ goto out; >+ >+ systrace_lock(); >+ down(&fst->lock); >+ systrace_unlock(); >+ >+ if (pid != 0) >+ if ((strp = systrace_findpid(fst, pid)) == NULL) { >+ error = -EINVAL; >+ goto unlock; >+ } >+ >+ switch (cmd) { >+ case STRIOCATTACH: >+ if (get_user(pid, (pid_t *)arg) != 0) >+ error = -EFAULT; >+ >+ if (pid == 0) >+ error = -EINVAL; >+ else >+ error = systrace_attach(fst, *(pid_t *)arg); >+ break; >+ case STRIOCDETACH: >+ error = systrace_detach(strp); >+ break; >+ case STRIOCANSWER: >+ error = systrace_answer(strp, (struct systrace_answer *)data); >+ break; >+ case STRIOCIO: >+ error = systrace_io(strp, (struct systrace_io *)data); >+ break; >+ case STRIOCGETCWD: >+ error = systrace_getcwd(fst, strp); >+ break; >+ case STRIOCRESCWD: >+ error = systrace_rescwd(fst); >+ break; >+ case STRIOCPOLICY: >+ error = systrace_policy(fst, (struct systrace_policy *)data); >+ if (copy_to_user((struct systrace_policy *)arg, >+ (struct systrace_policy *)data, >+ sizeof(struct systrace_policy)) != 0) >+ error = -EFAULT; >+ break; >+ case STRIOCREPLACE: >+ error = systrace_preprepl(strp, (struct systrace_replace *)data); >+ break; >+ default: >+ /* XXX */ >+ break; >+ } >+ >+ if (data != NULL) >+ kfree(data); >+ >+ unlock: >+ up(&fst->lock); >+ out: >+ return (error); >+} >+ >+unsigned int >+systracef_poll(struct file *file, struct poll_table_struct *wait) >+{ >+ struct fsystrace *fst = (struct fsystrace *)file->private_data; >+ unsigned int ret = 0; >+ >+ systrace_lock(); >+ down(&fst->lock); >+ systrace_unlock(); >+ >+ poll_wait(file, &fst->wqh, wait); >+ >+ if (TAILQ_FIRST(&fst->messages) != NULL) >+ ret = POLLIN | POLLRDNORM; >+ >+ up(&fst->lock); >+ >+ return (ret); >+} >+ >+ssize_t >+systracef_read(struct file *filp, char *buf, size_t count, loff_t *off) >+{ >+ struct fsystrace *fst = (struct fsystrace *)filp->private_data; >+ struct str_process *strp; >+ int error = 0; >+ >+ if (count != sizeof(struct str_message)) >+ return (-EINVAL); >+ >+ again: >+ systrace_lock(); >+ down(&fst->lock); >+ systrace_unlock(); >+ >+ if ((strp = TAILQ_FIRST(&fst->messages)) != NULL) { >+ error = copy_to_user(buf, &strp->msg, sizeof(struct str_message)); >+ if (error != 0) { >+ error = -EFAULT; >+ } else { >+ error = sizeof(struct str_message); >+ TAILQ_REMOVE(&fst->messages, strp, msg_next); >+ CLR(strp->flags, STR_PROC_ONQUEUE); >+ >+ if (SYSTR_MSG_NOPROCESS(strp)) >+ kfree(strp); >+ } >+ } else if (TAILQ_FIRST(&fst->processes) == NULL) { >+ /* EOF situation */ >+ ; >+ } else { >+ if (filp->f_flags & O_NONBLOCK) { >+ error = -EAGAIN; >+ } else { >+ up(&fst->lock); >+ interruptible_sleep_on(&fst->wqh); >+ >+ if (signal_pending(current)) { >+ error = -ERESTARTSYS; >+ goto out; >+ } >+ goto again; >+ } >+ } >+ >+ up(&fst->lock); >+ out: >+ return (error); >+} >+ >+ssize_t >+systracef_write(struct file *filp, const char *buf, size_t count, loff_t *off) >+{ >+ return (-ENOTSUPP); >+} >+ >+int >+systracef_release(struct inode *inode, struct file *filp) >+{ >+ struct str_process *strp; >+ struct fsystrace *fst = filp->private_data; >+ struct str_policy *strpol; >+ >+ systrace_lock(); >+ down(&fst->lock); >+ systrace_unlock(); >+ >+ /* Kill all traced processes */ >+ while ((strp = TAILQ_FIRST(&fst->processes)) != NULL) { >+ struct task_struct *p = strp->proc; >+ >+ systrace_detach(strp); >+ kill_proc(p->pid, SIGKILL, 1); >+ } >+ >+ /* Clean up fork and exit messages */ >+ while ((strp = TAILQ_FIRST(&fst->messages)) != NULL) { >+ TAILQ_REMOVE(&fst->messages, strp, msg_next); >+ kfree(strp); >+ } >+ >+ /* Clean up policies */ >+ while ((strpol = TAILQ_FIRST(&fst->policies)) != NULL) >+ systrace_closepolicy(fst, strpol); >+ >+ up(&fst->lock); >+ >+ kfree(filp->private_data); >+ filp->private_data = NULL; >+ >+ return (0); >+} >+ >+void >+systrace_fork(struct task_struct *parent, struct task_struct *child) >+{ >+ struct str_process *parentstrp, *strp; >+ struct fsystrace *fst; >+ >+ systrace_lock(); >+ if ((parentstrp = parent->systrace) == NULL) { >+ systrace_unlock(); >+ return; >+ } >+ >+ fst = parentstrp->parent; >+ down(&fst->lock); >+ systrace_unlock(); >+ >+ if (systrace_insert_process(fst, child) != 0) { >+ printk(KERN_ERR "systrace: failed inserting process!\n"); >+ goto out; >+ } >+ >+ /* XXX make sure we have pid by this time in fork() */ >+ if ((strp = systrace_findpid(fst, child->pid)) == NULL) { >+ printk(KERN_ERR "systrace: inconsistency in tracked process!\n"); >+ BUG(); >+ } >+ >+ if ((strp->policy = parentstrp->policy) != NULL) >+ strp->policy->refcount++; >+ >+ /* Fork message */ >+ systrace_msg_child(fst, parentstrp, child->pid); >+ out: >+ up(&fst->lock); >+} >+ >+void >+systrace_exit(struct task_struct *p) >+{ >+ struct str_process *strp; >+ struct fsystrace *fst; >+ >+ systrace_lock(); >+ if ((strp = p->systrace) != NULL) { >+ fst = strp->parent; >+ down(&fst->lock); >+ systrace_unlock(); >+ >+ /* Notify our monitor of our death */ >+ systrace_msg_child(fst, strp, -1); >+ >+ systrace_detach(strp); >+ up(&fst->lock); >+ } else { >+ systrace_unlock(); >+ } >+} >+ >+void >+systrace_result(struct pt_regs *regs) >+{ >+ struct str_process *strp; >+ struct fsystrace *fst; >+ int error, argsize, narg, code, maycontrol = 0; >+ extern struct sysent linux_sysent[]; >+ char *path; >+ >+ systrace_lock(); >+ >+ if ((strp = current->systrace) == NULL) >+ goto out; >+ >+ code = strp->code; >+ narg = linux_sysent[code].sy_narg; >+ argsize = sizeof(register_t) * narg; >+ >+ fst = strp->parent; >+ >+ /* Restore elevated priveliges if appropriate */ >+ if (strp->issuser) { >+ if (ISSET(strp->flags, STR_PROC_SETEUID)) { >+ if (current->euid == strp->seteuid) { >+ systrace_seteuid(current, strp->savedeuid); >+ CLR(strp->flags, STR_PROC_SETEUID); >+ } >+ if (current->egid == strp->setegid) { >+ systrace_setegid(current, strp->savedegid); >+ CLR(strp->flags, STR_PROC_SETEGID); >+ } >+ } >+ } >+ >+ /* Change in UID/GID */ >+ if (strp->oldegid != current->egid || strp->oldeuid != current->euid) { >+ down(&fst->lock); >+ systrace_unlock(); >+ >+ systrace_msg_ugid(fst, strp); >+ systrace_lock(); >+ if ((strp = current->systrace) == NULL) >+ goto out; >+ } >+ >+ if (ISSET(strp->flags, STR_PROC_SYSCALLRES)) { >+ CLR(strp->flags, STR_PROC_SYSCALLRES); >+ >+ down(&fst->lock); >+ systrace_unlock(); >+ >+ error = regs->eax; >+ >+ systrace_msg_result(fst, strp, error, code, argsize, strp->args); >+ systrace_lock(); >+ if ((strp = current->systrace) == NULL) >+ goto out; >+ } >+ >+ if (strp->replace != NULL) { >+ kfree(strp->replace); >+ strp->replace = NULL; >+ } >+ >+ if (ISSET(strp->flags, STR_PROC_FSCHANGE)) >+ set_fs(strp->oldfs); >+ >+ out: >+ systrace_unlock(); >+} >+ >+/* >+ * XXX serialize system calls >+ */ >+int >+systrace_intercept(struct pt_regs *regs) >+{ >+ register_t args[8]; >+ int argsize, narg, code, error = 0, maycontrol = 0, issuser = 0; >+ short policy; >+ struct str_process *strp; >+ struct fsystrace *fst = NULL; >+ extern struct sysent linux_sysent[]; >+ struct str_policy *strpolicy; >+ >+ systrace_lock(); >+ >+ if ((strp = current->systrace) == NULL) { >+ systrace_unlock(); >+ goto out; >+ } >+ >+ fst = strp->parent; >+ >+ down(&fst->lock); >+ systrace_unlock(); >+ >+ CLR(strp->flags, STR_PROC_FSCHANGE); >+ >+ if (regs != NULL) { >+ code = regs->orig_eax; >+ } else { >+ error = -EPERM; >+ goto out; >+ } >+ >+ if (code > NR_syscalls) { >+ printk(KERN_ERR "systrace: in impossible state!\n"); >+ BUG(); >+ } >+ >+ narg = linux_sysent[code].sy_narg; >+ argsize = sizeof(register_t) * narg; >+ >+ /* >+ * Linux passes system call arguments in registers. We want >+ * to be able to pass back an args array; convert >+ * appropriately. >+ */ >+ >+ FIXARGS(argsize, args, regs); >+ >+ if (strp->proc != current) { >+ printk(KERN_ERR "systrace: inconsistency in process states!\n"); >+ BUG(); >+ } >+ >+ if (fst->issuser) { >+ maycontrol = 1; >+ issuser = 1; >+ } else if (cap_isclear(current->cap_effective) && >+ !(current->flags & PF_SUPERPRIV) && >+ current->mm->dumpable) { >+ maycontrol = fst->euid == current->euid && >+ fst->egid == current->egid; >+ } >+ >+ strp->code = code; >+ strp->maycontrol = maycontrol; >+ memcpy(strp->args, args, sizeof(strp->args)); >+ strp->oldeuid = current->euid; >+ strp->oldegid = current->egid; >+ strp->issuser = fst->issuser; >+ >+ if (!maycontrol) { >+ policy = SYSTR_POLICY_PERMIT; >+ } else { >+ /* Find out current policy */ >+ if ((strpolicy = strp->policy) == NULL) { >+ policy = SYSTR_POLICY_ASK; >+ } else { >+ if (code >= strpolicy->nsysent) >+ policy = SYSTR_POLICY_NEVER; >+ else >+ policy = strpolicy->sysent[code]; >+ } >+ } >+ >+ switch (policy) { >+ case SYSTR_POLICY_PERMIT: >+ break; >+ case SYSTR_POLICY_ASK: >+ error = systrace_msg_ask(fst, strp, code, argsize, args); >+ /* systrace_msg_ask releases lock */ >+ fst = NULL; >+ /* We might have detached by now for some reason */ >+ if (error == 0 && (strp = current->systrace) != NULL) { >+ /* XXX - do I need to lock here? */ >+ if (strp->answer == SYSTR_POLICY_NEVER) { >+ error = strp->error; >+ if (strp->replace != NULL) { >+ kfree(strp->replace); >+ strp->replace = NULL; >+ } >+ } else if (strp->replace != NULL) { >+ if ((error = systrace_replace(strp, >+ argsize, args) == 0)) { >+ SAVEARGS(argsize, args, regs); >+ strp->oldfs = get_fs(); >+ set_fs(get_ds()); >+ SET(strp->flags, STR_PROC_FSCHANGE); >+ } >+ } >+ } >+ break; >+ case SYSTR_POLICY_NEVER: >+ error = -EPERM; >+ break; >+ default: >+ if (policy < 0) >+ error = policy; >+ else >+ error = -EPERM; >+ break; >+ } >+ >+ /* XXX */ >+/* >+ if (error != 0) >+ goto out; >+*/ >+ systrace_lock(); >+ if ((strp = current->systrace) != NULL) { >+ if (issuser) { >+ if (ISSET(strp->flags, STR_PROC_SETEUID)) >+ strp->savedeuid = systrace_seteuid(current, strp->seteuid); >+ if (ISSET(strp->flags, STR_PROC_SETEGID)) >+ strp->savedegid = systrace_setegid(current, strp->setegid); >+ } else { >+ CLR(strp->flags, STR_PROC_SETEUID | STR_PROC_SETEGID); >+ } >+ } >+ systrace_unlock(); >+ >+ out: >+ if (fst != NULL) >+ up(&fst->lock); >+ >+ return (error); >+} >+ >+int >+systrace_preprepl(struct str_process *strp, struct systrace_replace *repl) >+{ >+ size_t len; >+ int i, error = 0; >+ >+ if ((error = systrace_processready(strp)) != 0) >+ return (error); >+ >+ if (strp->replace != NULL) { >+ kfree(strp->replace); >+ strp->replace = NULL; >+ } >+ >+ if (repl->strr_nrepl < 0 || repl->strr_nrepl > SYSTR_MAXARGS) >+ return (-EINVAL); >+ >+ for (i = 0, len = 0; i < repl->strr_nrepl; i++) { >+ len += repl->strr_offlen[i]; >+ if (repl->strr_offlen[i] == 0) >+ continue; >+ if (repl->strr_offlen[i] + repl->strr_off[i] > len) >+ return (-EINVAL); >+ } >+ >+ /* Make sure that the length adds up */ >+ if (repl->strr_len != len) >+ return (-EINVAL); >+ >+ /* Check against a maximum length */ >+ if (repl->strr_len > 2048) >+ return (-EINVAL); >+ >+ if ((strp->replace = kmalloc(sizeof(*strp->replace) + len, GFP_KERNEL)) >+ == NULL) >+ return (-ENOSPC); >+ >+ memcpy(strp->replace, repl, sizeof(*strp->replace)); >+ >+ if (copy_from_user(strp->replace + 1, repl->strr_base, len) != 0) { >+ kfree(strp->replace); >+ strp->replace = NULL; >+ return (-EFAULT); >+ } >+ >+ /* Adjust the offset */ >+ repl = strp->replace; >+ repl->strr_base = (void *)(repl + 1); >+ >+ return (0); >+} >+ >+/* >+ * Replace the arguments with arguments from the monitoring process. >+ */ >+int >+systrace_replace(struct str_process *strp, size_t argsize, register_t args[]) >+{ >+ struct systrace_replace *repl = strp->replace; >+ void *kbase; >+ int i, maxarg, ind, ret = 0; >+ >+ maxarg = argsize / sizeof(register_t); >+ >+ kbase = repl->strr_base; >+ for (i = 0; i < maxarg && i < repl->strr_nrepl; i++) { >+ ind = repl->strr_argind[i]; >+ if (ind < 0 || ind >= maxarg) { >+ kfree(repl); >+ strp->replace = NULL; >+ return (-EINVAL); >+ } >+ if (repl->strr_offlen[i] == 0) { >+ args[ind] = repl->strr_off[i]; >+ continue; >+ } >+ >+ /* Replace the argument with the new address */ >+ args[ind] = (register_t)(kbase + repl->strr_off[i]); >+ } >+ >+ return (ret); >+} >+ >+int >+systrace_answer(struct str_process *strp, struct systrace_answer *ans) >+{ >+ int error = 0; >+ >+ if (!POLICY_VALID(ans->stra_policy)) { >+ error = -EINVAL; >+ goto out; >+ } >+ >+ /* Check if answer is in sync with us */ >+ if (ans->stra_seqnr != strp->seqnr) { >+ error = -EINVAL; >+ goto out; >+ } >+ >+ if ((error = systrace_processready(strp)) != 0) >+ goto out; >+ >+ strp->answer = ans->stra_policy; >+ strp->error = ans->stra_error; >+ if (!strp->error) >+ strp->error = -EPERM; >+ if (ISSET(ans->stra_flags, SYSTR_FLAGS_RESULT)) >+ SET(strp->flags, STR_PROC_SYSCALLRES); >+ >+ /* See if we should elevate privileges for this system call */ >+ if (ISSET(ans->stra_flags, SYSTR_FLAGS_SETEUID)) { >+ SET(strp->flags, STR_PROC_SETEUID); >+ strp->seteuid = ans->stra_seteuid; >+ } >+ if (ISSET(ans->stra_flags, SYSTR_FLAGS_SETEGID)) { >+ SET(strp->flags, STR_PROC_SETEGID); >+ strp->setegid = ans->stra_setegid; >+ } >+ >+ /* Clearing the flag indicates to the process that it woke up */ >+ CLR(strp->flags, STR_PROC_WAITANSWER); >+ wake_up(&strp->wqh); >+ out: >+ >+ return (error); >+} >+ >+int >+systrace_io(struct str_process *strp, struct systrace_io *io) >+{ >+ int rw, ret = 0, copied, maycontrol = 0; >+ void *buf; >+ struct fsystrace *fst = strp->parent; >+ struct task_struct *tsk = strp->proc; >+ >+ if (fst->issuser) { >+ maycontrol = 1; >+ } else if (cap_isclear(tsk->cap_effective) && >+ !(tsk->flags & PF_SUPERPRIV) && >+ tsk->mm->dumpable) { >+ maycontrol = current->euid == tsk->euid && >+ current->egid == tsk->egid; >+ } >+ >+ if (!maycontrol) >+ return (-EPERM); >+ >+ if ((buf = kmalloc(io->strio_len, GFP_KERNEL)) == NULL) { >+ printk(KERN_ERR "systrace: failed to allocate kernel memory!\n"); >+ return (-ENOMEM); >+ } >+ >+ switch (io->strio_op) { >+ case SYSTR_READ: >+ rw = 0; >+ break; >+ case SYSTR_WRITE: >+ rw = 1; >+ if (copy_from_user(buf, io->strio_addr, io->strio_len)) { >+ ret = -EFAULT; >+ goto out; >+ } >+ break; >+ default: >+ return (-EINVAL); >+ } >+ >+ copied = access_process_vm(tsk, (unsigned long)io->strio_offs, buf, >+ io->strio_len, rw); >+ >+ if (copied != io->strio_len) { >+ ret = -EFAULT; >+ goto out; >+ } >+ >+ switch (io->strio_op) { >+ case SYSTR_READ: >+ if (copy_to_user(io->strio_addr, buf, io->strio_len)) { >+ ret = -EFAULT; >+ goto out; >+ } >+ break; >+ } >+ >+ out: >+ kfree(buf); >+ >+ return (ret); >+} >+ >+int >+systrace_getcwd(struct fsystrace *fst, struct str_process *strp) >+{ >+ struct fs_struct *fsc, *fsp; >+ int error = 0; >+ >+ if ((error = systrace_processready(strp)) != 0) >+ return (error); >+ >+ task_lock(current); >+ task_lock(strp->proc); >+ fsc = current->fs; >+ fsp = strp->proc->fs; >+ >+ if (fsc == NULL || fsp == NULL) { >+ task_unlock(current); >+ task_unlock(strp->proc); >+ return (-EINVAL); >+ } >+ >+ fst->pwd_pid = strp->pid; >+ >+ /* XXX altroot? */ >+ write_lock(&fsc->lock); >+ >+ fst->pwd_mnt = fsc->pwdmnt; >+ fst->pwd_dentry = fsc->pwd; >+ fst->root_mnt = fsc->rootmnt; >+ fst->root_dentry = fsc->root; >+ >+ read_lock(&fsp->lock); >+ fsc->pwdmnt = mntget(fsp->pwdmnt); >+ fsc->pwd = dget(fsp->pwd); >+ fsc->rootmnt = mntget(fsp->rootmnt); >+ fsc->root = dget(fsp->root); >+ read_unlock(&fsp->lock); >+ >+ write_unlock(&fsc->lock); >+ >+ task_unlock(current); >+ task_unlock(strp->proc); >+ >+ return (0); >+} >+ >+int >+systrace_rescwd(struct fsystrace *fst) >+{ >+ struct fs_struct *fsc; >+ >+ if (fst->pwd_pid == 0) >+ return (-EINVAL); >+ >+ fsc = current->fs; >+ >+ write_lock(&fsc->lock); >+ dput(fsc->pwd); >+ mntput(fsc->pwdmnt); >+ dput(fsc->root); >+ mntput(fsc->rootmnt); >+ >+ fsc->pwd = fst->pwd_dentry; >+ fsc->pwdmnt = fst->pwd_mnt; >+ fsc->root = fst->root_dentry; >+ fsc->rootmnt = fst->root_mnt; >+ write_unlock(&fsc->lock); >+ >+ fst->pwd_pid = 0; >+ >+ return (0); >+} >+ >+int >+systrace_processready(struct str_process *strp) >+{ >+ if (ISSET(strp->flags, STR_PROC_ONQUEUE)) >+ return (-EBUSY); >+ >+ if (!ISSET(strp->flags, STR_PROC_WAITANSWER)) >+ return (-EBUSY); >+ >+ if (ISSET(strp->proc->flags, PF_EXITING)) >+ return (-EBUSY); >+ >+#if 0 >+ if (strp->proc->state != 0) >+ return (-EBUSY); >+#endif /* 0 */ >+ >+ return (0); >+} >+ >+int >+systrace_insert_process(struct fsystrace *fst, struct task_struct *p) >+{ >+ struct str_process *strp; >+ >+ if ((strp = kmalloc(sizeof(*strp), GFP_KERNEL)) == NULL) >+ return (-ENOMEM); >+ >+ memset(strp, 0, sizeof(*strp)); >+ >+ strp->pid = p->pid; >+ strp->proc = p; >+ strp->parent = fst; >+ >+ init_waitqueue_head(&strp->wqh); >+ init_MUTEX(&strp->lock); >+ >+ /* Insert into parent's process list */ >+ TAILQ_INSERT_TAIL(&fst->processes, strp, next); >+ fst->nprocesses++; >+ >+ /* XXX need process flag*/ >+ p->systrace = strp; >+ >+ return (0); >+} >+ >+struct str_process * >+systrace_findpid(struct fsystrace *fst, pid_t pid) >+{ >+ struct str_process *strp; >+ struct task_struct *proc; >+ >+ TAILQ_FOREACH(strp, &fst->processes, next) >+ if (strp->pid == pid) >+ break; >+ >+ if (strp == NULL) >+ return (NULL); >+ >+ proc = systrace_find(strp); >+ >+ return (proc != NULL ? strp : NULL); >+} >+ >+int >+systrace_attach(struct fsystrace *fst, pid_t pid) >+{ >+ struct task_struct *proc; >+ >+ proc = find_task_by_pid(pid); >+ if (proc == NULL) >+ return (-EINVAL); >+ >+ /* (1) Same process */ >+ >+ if (proc->pid == current->pid) >+ return (-EINVAL); >+ >+ /* (2) System process */ >+ /* XXX */ >+ >+ /* (3) Already being systraced */ >+ >+ if (proc->systrace != NULL) >+ return (-EBUSY); >+ >+ /* >+ * (4) We do not own it, it's not set{u,g}id AND we are not >+ * root >+ */ >+ if ((!cap_isclear(proc->cap_permitted) || proc->flags & PF_SUPERPRIV || >+ proc->euid != current->euid || proc->egid != current->egid) && >+ !suser()) >+ return (-EPERM); >+ >+ /* (5) It's init */ >+ if (proc->pid == 1) >+ return (-EPERM); >+ >+ return (systrace_insert_process(fst, proc)); >+} >+ >+int >+systrace_detach(struct str_process *strp) >+{ >+ struct fsystrace *fst = strp->parent; >+ struct task_struct *proc; >+ int error = 0; >+ >+ if ((proc = systrace_find(strp)) != NULL) >+ proc->systrace = NULL; >+ else >+ error = -EINVAL; >+ >+ if (ISSET(strp->flags, STR_PROC_WAITANSWER)) { >+ CLR(strp->flags, STR_PROC_WAITANSWER); >+ wake_up(&strp->wqh); >+ } >+ >+ fst = strp->parent; >+ wake_up(&fst->wqh); >+ >+ if (ISSET(strp->flags, STR_PROC_ONQUEUE)) >+ TAILQ_REMOVE(&fst->messages, strp, msg_next); >+ >+ TAILQ_REMOVE(&fst->processes, strp, next); >+ fst->nprocesses--; >+ >+ if (strp->policy != NULL) >+ systrace_closepolicy(fst, strp->policy); >+ if (strp->replace != NULL) >+ kfree(strp->replace); >+ >+ kfree(strp); >+ >+ return (error); >+} >+ >+int >+systrace_msg_result(struct fsystrace *fst, struct str_process *strp, >+ int error, int code, size_t argsize, register_t args[]) >+{ >+ struct str_msg_ask *msg_ask = &strp->msg.msg_data.msg_ask; >+ int i; >+ >+ msg_ask->code = code; >+ /* XXX argsize */ >+ /* += fixup_socket_argsize ... () */ >+ msg_ask->argsize = argsize; >+ msg_ask->result = error; >+ for (i = 0; i < argsize / sizeof(register_t) && i < SYSTR_MAXARGS; i++) >+ msg_ask->args[i] = args[i]; >+ >+ msg_ask->rval[0] = 0x42; >+ msg_ask->rval[1] = 0x42; >+ >+ return (systrace_make_msg(strp, SYSTR_MSG_RES)); >+} >+ >+int >+systrace_msg_ask(struct fsystrace *fst, struct str_process *strp, int code, >+ size_t argsize, register_t args[]) >+{ >+ struct str_msg_ask *msg_ask = &strp->msg.msg_data.msg_ask; >+ int i; >+ >+ msg_ask->code = code; >+ /* XXX argsize */ >+ msg_ask->argsize = argsize; >+ for (i = 0; i < (argsize / sizeof(register_t)) && i < SYSTR_MAXARGS; i++) >+ msg_ask->args[i] = args[i]; >+ >+ return (systrace_make_msg(strp, SYSTR_MSG_ASK)); >+} >+ >+int >+systrace_msg_ugid(struct fsystrace *fst, struct str_process *strp) >+{ >+ struct str_msg_ugid *msg_ugid = &strp->msg.msg_data.msg_ugid; >+ struct task_struct *tsk = strp->proc; >+ >+ msg_ugid->uid = tsk->euid; >+ msg_ugid->gid = tsk->egid; >+ >+ return (systrace_make_msg(strp, SYSTR_MSG_UGID)); >+} >+ >+int >+systrace_msg_execve(struct fsystrace *fst, struct str_process *strp, register_t patharg) >+{ >+ struct str_msg_execve *msg_execve = &strp->msg.msg_data.msg_execve; >+ >+ msg_execve->patharg = patharg; >+ >+ return (systrace_make_msg(strp, SYSTR_MSG_EXECVE)); >+} >+ >+int >+systrace_msg_child(struct fsystrace *fst, struct str_process *strp, pid_t npid) >+{ >+ struct str_process *nstrp; >+ struct str_message *msg; >+ struct str_msg_child *msg_child; >+ >+ /* XXX - use kmem cache!@; pool_*() like interface to it? */ >+ if ((nstrp = kmalloc(sizeof(*nstrp), GFP_KERNEL)) == NULL) >+ return (-1); >+ >+ memset(nstrp, 0, sizeof(*nstrp)); >+ >+ DPRINTF(("%s: %p: pid %d -> pid %d\n", __func__, nstrp, strp->pid, npid)); >+ >+ msg = &nstrp->msg; >+ msg_child = &msg->msg_data.msg_child; >+ >+ msg->msg_type = SYSTR_MSG_CHILD; >+ msg->msg_pid = strp->pid; >+ if (strp->policy) >+ msg->msg_policy = strp->policy->nr; >+ else >+ msg->msg_policy = -1; >+ msg_child->new_pid = npid; >+ >+ TAILQ_INSERT_TAIL(&fst->messages, nstrp, msg_next); >+ >+ wake_up(&fst->wqh); >+ >+ return (0); >+} >+ >+int >+systrace_make_msg(struct str_process *strp, int type) >+{ >+ struct str_message *msg = &strp->msg; >+ struct fsystrace *fst = strp->parent; >+ int error = 0; >+ >+ msg->msg_seqnr = ++strp->seqnr; >+ msg->msg_type = type; >+ msg->msg_pid = strp->pid; >+ >+ if (strp->policy) >+ msg->msg_policy = strp->policy->nr; >+ else >+ msg->msg_policy = -1; >+ >+ SET(strp->flags, STR_PROC_WAITANSWER); >+ if (ISSET(strp->flags, STR_PROC_ONQUEUE)) >+ goto out; >+ >+ TAILQ_INSERT_TAIL(&fst->messages, strp, msg_next); >+ SET(strp->flags, STR_PROC_ONQUEUE); >+ /* >+ * XXX; need to do schedule trick here; what if we sleep on >+ * up(), then we might have awoken again, without knowing >+ */ >+ out: >+ wake_up(&fst->wqh); >+ lock_kernel(); >+ up(&fst->lock); >+ >+ /* Sleep until we have got a reply */ >+ for (;;) { >+ interruptible_sleep_on(&strp->wqh); >+ >+ if (signal_pending(current)) { >+ error = -EINTR; >+ break; >+ } >+ >+ /* If we detach, then everything is permitted */ >+ if ((strp = current->systrace) == NULL) >+ break; >+ >+ if (!ISSET(strp->flags, STR_PROC_WAITANSWER)) >+ break; >+ } >+ >+ unlock_kernel(); >+ >+ return (0); >+} >+ >+uid_t >+systrace_seteuid(struct task_struct *tsk, uid_t euid) >+{ >+ uid_t oldeuid = tsk->euid; >+ >+ if (euid == oldeuid) >+ return (oldeuid); >+ >+ /* XXX */ >+ tsk->mm->dumpable = 0; >+ wmb(); >+ >+ tsk->euid = euid; >+ tsk->fsuid = euid; >+ >+ if (!issecure(SECURE_NO_SETUID_FIXUP)) >+ cap_emulate_setxuid(tsk->uid, oldeuid, tsk->suid); >+ >+ return (oldeuid); >+} >+ >+gid_t >+systrace_setegid(struct task_struct *tsk, gid_t egid) >+{ >+ uid_t oldegid = tsk->egid; >+ >+ if (egid == oldegid) >+ return (oldegid); >+ >+ /* XXX */ >+ tsk->mm->dumpable = 0; >+ wmb(); >+ >+ tsk->egid = egid; >+ tsk->fsgid = egid; >+ >+ return (oldegid); >+} >+ >+struct task_struct * >+systrace_find(struct str_process *strp) >+{ >+ struct task_struct *proc; >+ >+ if ((proc = find_task_by_pid(strp->pid)) == NULL) >+ return (NULL); >+ >+ if (proc != strp->proc) >+ return (NULL); >+ >+ if (proc->systrace == NULL) >+ return (NULL); >+ >+ return (proc); >+} >+ >+ >+/* >+ * From kernel/sys.c >+ */ >+ >+static inline void cap_emulate_setxuid(int old_ruid, int old_euid, int old_suid) >+{ >+ if ((old_ruid == 0 || old_euid == 0 || old_suid == 0) && >+ (current->uid != 0 && current->euid != 0 && current->suid != 0) && >+ !current->keep_capabilities) { >+ cap_clear(current->cap_permitted); >+ cap_clear(current->cap_effective); >+ } >+ if (old_euid == 0 && current->euid != 0) { >+ cap_clear(current->cap_effective); >+ } >+ if (old_euid != 0 && current->euid == 0) { >+ current->cap_effective = current->cap_permitted; >+ } >+} >diff -uNr linux-2.4.20-gentoo-r1/include/linux/queue.h linux-2.4.20-gentoo-r1-systrace/include/linux/queue.h >--- linux-2.4.20-gentoo-r1/include/linux/queue.h 1970-01-01 01:00:00.000000000 +0100 >+++ linux-2.4.20-gentoo-r1-systrace/include/linux/queue.h 2003-04-03 15:46:53.000000000 +0200 >@@ -0,0 +1,145 @@ >+/* $OpenBSD: queue.h,v 1.22 2001/06/23 04:39:35 angelos Exp $ */ >+/* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */ >+ >+/* >+ * Copyright (c) 1991, 1993 >+ * The Regents of the University of California. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * 3. All advertising materials mentioning features or use of this software >+ * must display the following acknowledgement: >+ * This product includes software developed by the University of >+ * California, Berkeley and its contributors. >+ * 4. Neither the name of the University nor the names of its contributors >+ * may be used to endorse or promote products derived from this software >+ * without specific prior written permission. >+ * >+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND >+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE >+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE >+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE >+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL >+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS >+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) >+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT >+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY >+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF >+ * SUCH DAMAGE. >+ * >+ * @(#)queue.h 8.5 (Berkeley) 8/20/94 >+ */ >+ >+#ifndef _SYS_QUEUE_H_ >+#define _SYS_QUEUE_H_ >+ >+/* >+ * Tail queue definitions. >+ */ >+#define TAILQ_HEAD(name, type) \ >+struct name { \ >+ struct type *tqh_first; /* first element */ \ >+ struct type **tqh_last; /* addr of last next element */ \ >+} >+ >+#define TAILQ_HEAD_INITIALIZER(head) \ >+ { NULL, &(head).tqh_first } >+ >+#define TAILQ_ENTRY(type) \ >+struct { \ >+ struct type *tqe_next; /* next element */ \ >+ struct type **tqe_prev; /* address of previous next element */ \ >+} >+ >+/* >+ * tail queue access methods >+ */ >+#define TAILQ_FIRST(head) ((head)->tqh_first) >+#define TAILQ_END(head) NULL >+#define TAILQ_NEXT(elm, field) ((elm)->field.tqe_next) >+#define TAILQ_LAST(head, headname) \ >+ (*(((struct headname *)((head)->tqh_last))->tqh_last)) >+/* XXX */ >+#define TAILQ_PREV(elm, headname, field) \ >+ (*(((struct headname *)((elm)->field.tqe_prev))->tqh_last)) >+#define TAILQ_EMPTY(head) \ >+ (TAILQ_FIRST(head) == TAILQ_END(head)) >+ >+#define TAILQ_FOREACH(var, head, field) \ >+ for((var) = TAILQ_FIRST(head); \ >+ (var) != TAILQ_END(head); \ >+ (var) = TAILQ_NEXT(var, field)) >+ >+#define TAILQ_FOREACH_REVERSE(var, head, field, headname) \ >+ for((var) = TAILQ_LAST(head, headname); \ >+ (var) != TAILQ_END(head); \ >+ (var) = TAILQ_PREV(var, headname, field)) >+ >+/* >+ * Tail queue functions. >+ */ >+#define TAILQ_INIT(head) do { \ >+ (head)->tqh_first = NULL; \ >+ (head)->tqh_last = &(head)->tqh_first; \ >+} while (0) >+ >+#define TAILQ_INSERT_HEAD(head, elm, field) do { \ >+ if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \ >+ (head)->tqh_first->field.tqe_prev = \ >+ &(elm)->field.tqe_next; \ >+ else \ >+ (head)->tqh_last = &(elm)->field.tqe_next; \ >+ (head)->tqh_first = (elm); \ >+ (elm)->field.tqe_prev = &(head)->tqh_first; \ >+} while (0) >+ >+#define TAILQ_INSERT_TAIL(head, elm, field) do { \ >+ (elm)->field.tqe_next = NULL; \ >+ (elm)->field.tqe_prev = (head)->tqh_last; \ >+ *(head)->tqh_last = (elm); \ >+ (head)->tqh_last = &(elm)->field.tqe_next; \ >+} while (0) >+ >+#define TAILQ_INSERT_AFTER(head, listelm, elm, field) do { \ >+ if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\ >+ (elm)->field.tqe_next->field.tqe_prev = \ >+ &(elm)->field.tqe_next; \ >+ else \ >+ (head)->tqh_last = &(elm)->field.tqe_next; \ >+ (listelm)->field.tqe_next = (elm); \ >+ (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \ >+} while (0) >+ >+#define TAILQ_INSERT_BEFORE(listelm, elm, field) do { \ >+ (elm)->field.tqe_prev = (listelm)->field.tqe_prev; \ >+ (elm)->field.tqe_next = (listelm); \ >+ *(listelm)->field.tqe_prev = (elm); \ >+ (listelm)->field.tqe_prev = &(elm)->field.tqe_next; \ >+} while (0) >+ >+#define TAILQ_REMOVE(head, elm, field) do { \ >+ if (((elm)->field.tqe_next) != NULL) \ >+ (elm)->field.tqe_next->field.tqe_prev = \ >+ (elm)->field.tqe_prev; \ >+ else \ >+ (head)->tqh_last = (elm)->field.tqe_prev; \ >+ *(elm)->field.tqe_prev = (elm)->field.tqe_next; \ >+} while (0) >+ >+#define TAILQ_REPLACE(head, elm, elm2, field) do { \ >+ if (((elm2)->field.tqe_next = (elm)->field.tqe_next) != NULL) \ >+ (elm2)->field.tqe_next->field.tqe_prev = \ >+ &(elm2)->field.tqe_next; \ >+ else \ >+ (head)->tqh_last = &(elm2)->field.tqe_next; \ >+ (elm2)->field.tqe_prev = (elm)->field.tqe_prev; \ >+ *(elm2)->field.tqe_prev = (elm2); \ >+} while (0) >+ >+#endif /* !_SYS_QUEUE_H_ */ >diff -uNr linux-2.4.20-gentoo-r1/include/linux/sched.h linux-2.4.20-gentoo-r1-systrace/include/linux/sched.h >--- linux-2.4.20-gentoo-r1/include/linux/sched.h 2003-04-03 14:47:12.000000000 +0200 >+++ linux-2.4.20-gentoo-r1-systrace/include/linux/sched.h 2003-04-03 15:46:53.000000000 +0200 >@@ -373,6 +373,11 @@ > > struct mm_struct *mm, *active_mm; > >+ >+#ifdef CONFIG_SYSTRACE >+ void *systrace; >+#endif /* CONFIG_SYSTRACE */ >+ > unsigned long flags; > > /* task state */ >diff -uNr linux-2.4.20-gentoo-r1/include/linux/systrace.h linux-2.4.20-gentoo-r1-systrace/include/linux/systrace.h >--- linux-2.4.20-gentoo-r1/include/linux/systrace.h 1970-01-01 01:00:00.000000000 +0100 >+++ linux-2.4.20-gentoo-r1-systrace/include/linux/systrace.h 2003-04-03 15:46:53.000000000 +0200 >@@ -0,0 +1,216 @@ >+/* >+ * systrace.h >+ * >+ * Copyright (c) 2002 Marius Aamodt Eriksen <marius@umich.edu> >+ * >+ * These definitions are muchly replicated from Niels Provos' OpenBSD >+ * implementation. >+ */ >+ >+#ifndef _SYSTRACE_H >+#define _SYSTRACE_H >+ >+/* >+ * XXX this is kind of nasty -- should add manually to everything that >+ * needs it >+ */ >+ >+#define SYSTR_EMULEN 8 /* sync with sys proc */ >+ >+#ifdef __KERNEL__ >+/* XXX ugly. argh... linux... */ >+typedef u32 register_t; >+#endif __KERNEL__ >+ >+struct str_msg_emul { >+ char emul[SYSTR_EMULEN]; >+}; >+ >+#define SYSTR_MAX_POLICIES 64 >+#define SYSTR_MAXARGS 64 >+ >+/* XXX change register_t (args, rval) to something portable. */ >+struct str_msg_ask { >+ int code; >+ int argsize; >+ u32 args[SYSTR_MAXARGS]; >+ u32 rval[2]; >+ int result; >+}; >+ >+/* Queued on fork or exit of a process */ >+ >+struct str_msg_child { >+ pid_t new_pid; >+}; >+struct str_msg_ugid { >+ uid_t uid; >+ gid_t gid; >+}; >+ >+struct str_msg_execve { >+ register_t patharg; >+}; >+ >+#define SYSTR_MSG_ASK 1 >+#define SYSTR_MSG_RES 2 >+#define SYSTR_MSG_EMUL 3 >+#define SYSTR_MSG_CHILD 4 >+#define SYSTR_MSG_UGID 5 >+#define SYSTR_MSG_EXECVE 6 >+ >+#define SYSTR_MSG_NOPROCESS(x) \ >+ ((x)->msg.msg_type == SYSTR_MSG_CHILD) >+ >+#define MAXPATHLEN PATH_MAX >+ >+struct str_message { >+ /* XXX - should be u_int16_t */ >+ int msg_seqnr; >+ int msg_type; >+ pid_t msg_pid; >+ short msg_policy; >+ short reserved; >+ union { >+ struct str_msg_emul msg_emul; >+ struct str_msg_ask msg_ask; >+ struct str_msg_child msg_child; >+ struct str_msg_ugid msg_ugid; >+ struct str_msg_execve msg_execve; >+ } msg_data; >+}; >+ >+struct systrace_answer { >+ /* XXX - should be u_int16_t */ >+ int stra_seqnr; >+ pid_t stra_pid; >+ int stra_policy; >+ int stra_error; >+ int stra_flags; >+ uid_t stra_seteuid; /* elevated privileges for system call */ >+ gid_t stra_setegid; >+}; >+ >+#define SYSTR_READ 1 >+#define SYSTR_WRITE 2 >+ >+struct systrace_io { >+ pid_t strio_pid; >+ int strio_op; >+ void *strio_offs; >+ void *strio_addr; >+ size_t strio_len; >+}; >+ >+#define SYSTR_POLICY_NEW 1 >+#define SYSTR_POLICY_ASSIGN 2 >+#define SYSTR_POLICY_MODIFY 3 >+ >+struct systrace_policy { >+ int strp_op; >+ int strp_num; >+ union { >+ struct { >+ short code; >+ short policy; >+ } assign; >+ pid_t pid; >+ int maxents; >+ } strp_data; >+}; >+ >+ >+struct systrace_replace { >+ pid_t strr_pid; >+ int strr_nrepl; >+ void *strr_base; >+ size_t strr_len; >+ int strr_argind[SYSTR_MAXARGS]; >+ size_t strr_off[SYSTR_MAXARGS]; >+ size_t strr_offlen[SYSTR_MAXARGS]; >+}; >+ >+#define strp_pid strp_data.pid >+#define strp_maxents strp_data.maxents >+#define strp_code strp_data.assign.code >+#define strp_policy strp_data.assign.policy >+ >+/* ioctl definitions */ >+#define STR_MAGIC 's' >+ >+#define STRIOCATTACH _IOW(STR_MAGIC, 101, pid_t) >+#define STRIOCDETACH _IOW(STR_MAGIC, 102, pid_t) >+#define STRIOCANSWER _IOW(STR_MAGIC, 103, struct systrace_answer) >+#define STRIOCIO _IOWR(STR_MAGIC, 104, struct systrace_io) >+#define STRIOCPOLICY _IOWR(STR_MAGIC, 105, struct systrace_policy) >+#define STRIOCGETCWD _IOW(STR_MAGIC, 106, pid_t) >+#define STRIOCRESCWD _IO(STR_MAGIC, 107) >+#define STRIOWAKE _IO(STR_MAGIC, 108) >+#define STRIOCLONE _IOW(STR_MAGIC, 109, int *); >+#define STRIOCREPLACE _IOW(STR_MAGIC, 110, struct systrace_replace) >+ >+#define SYSTR_POLICY_ASK 0 >+#define SYSTR_POLICY_PERMIT 1 >+#define SYSTR_POLICY_NEVER 2 >+ >+#define SYSTR_FLAGS_RESULT 0x001 >+#define SYSTR_FLAGS_SETEUID 0x002 >+#define SYSTR_FLAGS_SETEGID 0x004 >+ >+#ifdef __KERNEL__ >+ >+struct str_process; >+struct fsystrace { >+ struct semaphore lock; >+ wait_queue_head_t wqh; >+ TAILQ_HEAD(strprocessq, str_process) processes; >+ TAILQ_HEAD(strpolicyq, str_policy) policies; >+ int nprocesses; >+ struct strprocessq messages; >+ int npolicynr; >+ int npolicies; >+ >+ int issuser; >+ uid_t euid; >+ gid_t egid; >+ >+ pid_t pid; >+ /* cwd magic */ >+ pid_t pwd_pid; >+ struct vfsmount *pwd_mnt; >+ struct dentry *pwd_dentry; >+ struct vfsmount *root_mnt; >+ struct dentry *root_dentry; >+}; >+ >+/* Internal prototypes */ >+ >+/* >+ int systrace_redirect(int, struct proc *, void *, register_t *); >+ void systrace_exit(struct proc *); >+ void systrace_fork(struct proc *, struct proc *); >+*/ >+ >+int init_systrace(void); >+void systrace_fork(struct task_struct *, struct task_struct *); >+void systrace_exit(struct task_struct *); >+ >+/* crud needed to make systrace happy */ >+struct sysent { /* system call table */ >+ short sy_narg; /* number of args */ >+ short sy_argsize; /* total size of arguments */ >+}; >+ >+/* Macros to set/clear/test flags. */ >+#define SET(t, f) ((t) |= (f)) >+#define CLR(t, f) ((t) &= ~(f)) >+#define ISSET(t, f) ((t) & (f)) >+ >+ >+#endif /* __KERNEL__ */ >+ >+#ifndef __KERNEL__ >+//typedef u_int32_t register_t; >+#endif /* !__KERNEL__ */ >+ >+#endif /* _SYSTRACE_H */ >diff -uNr linux-2.4.20-gentoo-r1/init/main.c linux-2.4.20-gentoo-r1-systrace/init/main.c >--- linux-2.4.20-gentoo-r1/init/main.c 2003-04-03 14:47:12.000000000 +0200 >+++ linux-2.4.20-gentoo-r1-systrace/init/main.c 2003-04-03 15:46:53.000000000 +0200 >@@ -70,6 +70,12 @@ > extern int irda_device_init(void); > #endif > >+#ifdef CONFIG_SYSTRACE >+#include <linux/queue.h> >+#include <asm/semaphore.h> >+#include <linux/systrace.h> >+#endif >+ > #ifdef CONFIG_X86_LOCAL_APIC > #include <asm/smp.h> > #endif >@@ -549,6 +555,9 @@ > irda_proto_init(); > irda_device_init(); /* Must be done after protocol initialization */ > #endif >+#ifdef CONFIG_SYSTRACE >+ init_systrace(); >+#endif > #ifdef CONFIG_PCMCIA > init_pcmcia_ds(); /* Do this last */ > #endif >diff -uNr linux-2.4.20-gentoo-r1/init/main.c~ linux-2.4.20-gentoo-r1-systrace/init/main.c~ >--- linux-2.4.20-gentoo-r1/init/main.c~ 1970-01-01 01:00:00.000000000 +0100 >+++ linux-2.4.20-gentoo-r1-systrace/init/main.c~ 2003-04-03 15:37:07.000000000 +0200 >@@ -0,0 +1,595 @@ >+/* >+ * linux/init/main.c >+ * >+ * Copyright (C) 1991, 1992 Linus Torvalds >+ * >+ * GK 2/5/95 - Changed to support mounting root fs via NFS >+ * Added initrd & change_root: Werner Almesberger & Hans Lermen, Feb '96 >+ * Moan early if gcc is old, avoiding bogus kernels - Paul Gortmaker, May '96 >+ * Simplified starting of init: Michael A. Griffith <grif@acm.org> >+ */ >+ >+#define __KERNEL_SYSCALLS__ >+ >+#include <linux/config.h> >+#include <linux/proc_fs.h> >+#include <linux/devfs_fs_kernel.h> >+#include <linux/unistd.h> >+#include <linux/string.h> >+#include <linux/ctype.h> >+#include <linux/delay.h> >+#include <linux/utsname.h> >+#include <linux/ioport.h> >+#include <linux/init.h> >+#include <linux/smp_lock.h> >+#include <linux/blk.h> >+#include <linux/hdreg.h> >+#include <linux/iobuf.h> >+#include <linux/bootmem.h> >+#include <linux/tty.h> >+#include <linux/grsecurity.h> >+ >+#include <asm/io.h> >+#include <asm/bugs.h> >+ >+#if defined(CONFIG_ARCH_S390) >+#include <asm/s390mach.h> >+#include <asm/ccwcache.h> >+#endif >+ >+#ifdef CONFIG_ACPI >+#include <linux/acpi.h> >+#endif >+ >+#ifdef CONFIG_PCI >+#include <linux/pci.h> >+#endif >+ >+#ifdef CONFIG_DIO >+#include <linux/dio.h> >+#endif >+ >+#ifdef CONFIG_ZORRO >+#include <linux/zorro.h> >+#endif >+ >+#ifdef CONFIG_MTRR >+# include <asm/mtrr.h> >+#endif >+ >+#ifdef CONFIG_NUBUS >+#include <linux/nubus.h> >+#endif >+ >+#ifdef CONFIG_ISAPNP >+#include <linux/isapnp.h> >+#endif >+ >+#ifdef CONFIG_IRDA >+extern int irda_proto_init(void); >+extern int irda_device_init(void); >+#endif >+ >+#ifdef CONFIG_X86_LOCAL_APIC >+#include <asm/smp.h> >+#endif >+ >+/* >+ * Versions of gcc older than that listed below may actually compile >+ * and link okay, but the end product can have subtle run time bugs. >+ * To avoid associated bogus bug reports, we flatly refuse to compile >+ * with a gcc that is known to be too old from the very beginning. >+ */ >+#if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 91) >+#error Sorry, your GCC is too old. It builds incorrect kernels. >+#endif >+ >+extern char _stext, _etext; >+extern char *linux_banner; >+ >+static int init(void *); >+ >+extern void init_IRQ(void); >+extern void init_modules(void); >+extern void sock_init(void); >+extern void fork_init(unsigned long); >+extern void mca_init(void); >+extern void sbus_init(void); >+extern void ppc_init(void); >+extern void sysctl_init(void); >+extern void signals_init(void); >+extern int init_pcmcia_ds(void); >+extern void pte_chain_init(void); >+ >+extern void free_initmem(void); >+ >+#ifdef CONFIG_TC >+extern void tc_init(void); >+#endif >+ >+extern void ecard_init(void); >+ >+#if defined(CONFIG_SYSVIPC) >+extern void ipc_init(void); >+#endif >+ >+extern void grsecurity_init(void); >+ >+static __init int gr_setup(char *line); >+ >+/* >+ * Boot command-line arguments >+ */ >+#define MAX_INIT_ARGS 8 >+#define MAX_INIT_ENVS 8 >+ >+extern void time_init(void); >+extern void softirq_init(void); >+ >+int rows, cols; >+ >+char *execute_command; >+ >+static char * argv_init[MAX_INIT_ARGS+2] = { "init", NULL, }; >+char * envp_init[MAX_INIT_ENVS+2] = { "HOME=/", "TERM=linux", NULL, }; >+ >+static int __init profile_setup(char *str) >+{ >+ int par; >+ if (get_option(&str,&par)) prof_shift = par; >+ return 1; >+} >+ >+__setup("profile=", profile_setup); >+ >+static int __init gr_setup(char *str) >+{ >+ if( *str == '0' || ( !(strcmp(str,"off")) ) ) >+ gr_disable = 1; >+ return 1; >+} >+__setup("gracl",gr_setup); >+ >+static int __init checksetup(char *line) >+{ >+ struct kernel_param *p; >+ >+ p = &__setup_start; >+ do { >+ int n = strlen(p->str); >+ if (!strncmp(line,p->str,n)) { >+ if (p->setup_func(line+n)) >+ return 1; >+ } >+ p++; >+ } while (p < &__setup_end); >+ return 0; >+} >+ >+/* this should be approx 2 Bo*oMips to start (note initial shift), and will >+ still work even if initially too large, it will just take slightly longer */ >+unsigned long loops_per_jiffy = (1<<12); >+ >+/* This is the number of bits of precision for the loops_per_jiffy. Each >+ bit takes on average 1.5/HZ seconds. This (like the original) is a little >+ better than 1% */ >+#define LPS_PREC 8 >+ >+void __init calibrate_delay(void) >+{ >+ unsigned long ticks, loopbit; >+ int lps_precision = LPS_PREC; >+ >+ loops_per_jiffy = (1<<12); >+ >+ printk("Calibrating delay loop... "); >+ while (loops_per_jiffy <<= 1) { >+ /* wait for "start of" clock tick */ >+ ticks = jiffies; >+ while (ticks == jiffies) >+ /* nothing */; >+ /* Go .. */ >+ ticks = jiffies; >+ __delay(loops_per_jiffy); >+ ticks = jiffies - ticks; >+ if (ticks) >+ break; >+ } >+ >+/* Do a binary approximation to get loops_per_jiffy set to equal one clock >+ (up to lps_precision bits) */ >+ loops_per_jiffy >>= 1; >+ loopbit = loops_per_jiffy; >+ while ( lps_precision-- && (loopbit >>= 1) ) { >+ loops_per_jiffy |= loopbit; >+ ticks = jiffies; >+ while (ticks == jiffies); >+ ticks = jiffies; >+ __delay(loops_per_jiffy); >+ if (jiffies != ticks) /* longer than 1 tick */ >+ loops_per_jiffy &= ~loopbit; >+ } >+ >+/* Round the value and print it */ >+ printk("%lu.%02lu BogoMIPS\n", >+ loops_per_jiffy/(500000/HZ), >+ (loops_per_jiffy/(5000/HZ)) % 100); >+} >+ >+static int __init debug_kernel(char *str) >+{ >+ if (*str) >+ return 0; >+ console_loglevel = 10; >+ return 1; >+} >+ >+static int __init quiet_kernel(char *str) >+{ >+ if (*str) >+ return 0; >+ console_loglevel = 4; >+ return 1; >+} >+ >+__setup("debug", debug_kernel); >+__setup("quiet", quiet_kernel); >+ >+/* >+ * This is a simple kernel command line parsing function: it parses >+ * the command line, and fills in the arguments/environment to init >+ * as appropriate. Any cmd-line option is taken to be an environment >+ * variable if it contains the character '='. >+ * >+ * This routine also checks for options meant for the kernel. >+ * These options are not given to init - they are for internal kernel use only. >+ */ >+static void __init parse_options(char *line) >+{ >+ char *next,*quote; >+ int args, envs; >+ >+ if (!*line) >+ return; >+ args = 0; >+ envs = 1; /* TERM is set to 'linux' by default */ >+ next = line; >+ while ((line = next) != NULL) { >+ quote = strchr(line,'"'); >+ next = strchr(line, ' '); >+ while (next != NULL && quote != NULL && quote < next) { >+ /* we found a left quote before the next blank >+ * now we have to find the matching right quote >+ */ >+ next = strchr(quote+1, '"'); >+ if (next != NULL) { >+ quote = strchr(next+1, '"'); >+ next = strchr(next+1, ' '); >+ } >+ } >+ if (next != NULL) >+ *next++ = 0; >+ if (!strncmp(line,"init=",5)) { >+ line += 5; >+ execute_command = line; >+ /* In case LILO is going to boot us with default command line, >+ * it prepends "auto" before the whole cmdline which makes >+ * the shell think it should execute a script with such name. >+ * So we ignore all arguments entered _before_ init=... [MJ] >+ */ >+ args = 0; >+ continue; >+ } >+ if (checksetup(line)) >+ continue; >+ >+ /* >+ * Then check if it's an environment variable or >+ * an option. >+ */ >+ if (strchr(line,'=')) { >+ if (envs >= MAX_INIT_ENVS) >+ break; >+ envp_init[++envs] = line; >+ } else { >+ if (args >= MAX_INIT_ARGS) >+ break; >+ if (*line) >+ argv_init[++args] = line; >+ } >+ } >+ argv_init[args+1] = NULL; >+ envp_init[envs+1] = NULL; >+} >+ >+ >+extern void setup_arch(char **); >+extern void cpu_idle(void); >+ >+#ifndef CONFIG_SMP >+ >+#ifdef CONFIG_X86_LOCAL_APIC >+static void __init smp_init(void) >+{ >+ APIC_init_uniprocessor(); >+} >+#else >+#define smp_init() do { } while (0) >+#endif >+ >+#else >+ >+/* Called by boot processor to activate the rest. */ >+static void __init smp_init(void) >+{ >+ /* Get other processors into their bootup holding patterns. */ >+ smp_boot_cpus(); >+ >+ smp_threads_ready=1; >+ smp_commence(); >+} >+ >+#endif >+ >+ >+/* >+ * We need to finalize in a non-__init function or else race conditions >+ * between the root thread and the init thread may cause start_kernel to >+ * be reaped by free_initmem before the root thread has proceeded to >+ * cpu_idle. >+ */ >+ >+static void rest_init(void) >+{ >+ kernel_thread(init, NULL, CLONE_FS | CLONE_FILES | CLONE_SIGNAL); >+ unlock_kernel(); >+ cpu_idle(); >+} >+ >+/* >+ * Activate the first processor. >+ */ >+ >+asmlinkage void __init start_kernel(void) >+{ >+ char * command_line; >+ extern char saved_command_line[]; >+/* >+ * Interrupts are still disabled. Do necessary setups, then >+ * enable them >+ */ >+ lock_kernel(); >+ printk(linux_banner); >+ setup_arch(&command_line); >+ printk("Kernel command line: %s\n", saved_command_line); >+ parse_options(command_line); >+ trap_init(); >+ init_IRQ(); >+ sched_init(); >+ softirq_init(); >+ time_init(); >+ >+ /* >+ * HACK ALERT! This is early. We're enabling the console before >+ * we've done PCI setups etc, and console_init() must be aware of >+ * this. But we do want output early, in case something goes wrong. >+ */ >+ console_init(); >+#ifdef CONFIG_MODULES >+ init_modules(); >+#endif >+ if (prof_shift) { >+ unsigned int size; >+ /* only text is profiled */ >+ prof_len = (unsigned long) &_etext - (unsigned long) &_stext; >+ prof_len >>= prof_shift; >+ >+ size = prof_len * sizeof(unsigned int) + PAGE_SIZE-1; >+ prof_buffer = (unsigned int *) alloc_bootmem(size); >+ } >+ >+ kmem_cache_init(); >+ sti(); >+ calibrate_delay(); >+#ifdef CONFIG_BLK_DEV_INITRD >+ if (initrd_start && !initrd_below_start_ok && >+ initrd_start < min_low_pfn << PAGE_SHIFT) { >+ printk(KERN_CRIT "initrd overwritten (0x%08lx < 0x%08lx) - " >+ "disabling it.\n",initrd_start,min_low_pfn << PAGE_SHIFT); >+ initrd_start = 0; >+ } >+#endif >+ mem_init(); >+ kmem_cache_sizes_init(); >+ pgtable_cache_init(); >+ pte_chain_init(); >+ >+ /* >+ * For architectures that have highmem, num_mappedpages represents >+ * the amount of memory the kernel can use. For other architectures >+ * it's the same as the total pages. We need both numbers because >+ * some subsystems need to initialize based on how much memory the >+ * kernel can use. >+ */ >+ if (num_mappedpages == 0) >+ num_mappedpages = num_physpages; >+ >+ fork_init(num_mappedpages); >+ proc_caches_init(); >+ vfs_caches_init(num_physpages); >+ buffer_init(num_physpages); >+ page_cache_init(num_physpages); >+#if defined(CONFIG_ARCH_S390) >+ ccwcache_init(); >+#endif >+ signals_init(); >+#ifdef CONFIG_PROC_FS >+ proc_root_init(); >+#endif >+#if defined(CONFIG_SYSVIPC) >+ ipc_init(); >+#endif >+ check_bugs(); >+ >+ printk("POSIX conformance testing by UNIFIX\n"); >+ >+ init_idle(current, smp_processor_id()); >+ /* >+ * We count on the initial thread going ok >+ * Like idlers init is an unlocked kernel thread, which will >+ * make syscalls (and thus be locked). >+ */ >+ smp_init(); >+ >+ /* Do the rest non-__init'ed, we're now alive */ >+ rest_init(); >+} >+ >+struct task_struct *child_reaper = &init_task; >+ >+static void __init do_initcalls(void) >+{ >+ initcall_t *call; >+ >+ call = &__initcall_start; >+ do { >+ (*call)(); >+ call++; >+ } while (call < &__initcall_end); >+ >+ /* Make sure there is no pending stuff from the initcall sequence */ >+ flush_scheduled_tasks(); >+} >+ >+/* >+ * Ok, the machine is now initialized. None of the devices >+ * have been touched yet, but the CPU subsystem is up and >+ * running, and memory and process management works. >+ * >+ * Now we can finally start doing some real work.. >+ */ >+static void __init do_basic_setup(void) >+{ >+ /* Start the per-CPU migration threads */ >+#if CONFIG_SMP >+ migration_init(); >+#endif >+ >+ /* >+ * Tell the world that we're going to be the grim >+ * reaper of innocent orphaned children. >+ * >+ * We don't want people to have to make incorrect >+ * assumptions about where in the task array this >+ * can be found. >+ */ >+ child_reaper = current; >+ >+#if defined(CONFIG_MTRR) /* Do this after SMP initialization */ >+/* >+ * We should probably create some architecture-dependent "fixup after >+ * everything is up" style function where this would belong better >+ * than in init/main.c.. >+ */ >+ mtrr_init(); >+#endif >+ >+#ifdef CONFIG_SYSCTL >+ sysctl_init(); >+#endif >+ >+ /* >+ * Ok, at this point all CPU's should be initialized, so >+ * we can start looking into devices.. >+ */ >+#if defined(CONFIG_ARCH_S390) >+ s390_init_machine_check(); >+#endif >+#ifdef CONFIG_ACPI_INTERPRETER >+ acpi_init(); >+#endif >+#ifdef CONFIG_PCI >+ pci_init(); >+#endif >+#ifdef CONFIG_SBUS >+ sbus_init(); >+#endif >+#if defined(CONFIG_PPC) >+ ppc_init(); >+#endif >+#ifdef CONFIG_MCA >+ mca_init(); >+#endif >+#ifdef CONFIG_ARCH_ACORN >+ ecard_init(); >+#endif >+#ifdef CONFIG_ZORRO >+ zorro_init(); >+#endif >+#ifdef CONFIG_DIO >+ dio_init(); >+#endif >+#ifdef CONFIG_NUBUS >+ nubus_init(); >+#endif >+#ifdef CONFIG_ISAPNP >+ isapnp_init(); >+#endif >+#ifdef CONFIG_TC >+ tc_init(); >+#endif >+ >+ /* Networking initialization needs a process context */ >+ sock_init(); >+ >+ start_context_thread(); >+ do_initcalls(); >+ >+#ifdef CONFIG_IRDA >+ irda_proto_init(); >+ irda_device_init(); /* Must be done after protocol initialization */ >+#endif >+#ifdef CONFIG_PCMCIA >+ init_pcmcia_ds(); /* Do this last */ >+#endif >+} >+ >+extern void prepare_namespace(void); >+ >+static int init(void * unused) >+{ >+ lock_kernel(); >+ do_basic_setup(); >+ >+ prepare_namespace(); >+ grsecurity_init(); >+ >+ /* >+ * Ok, we have completed the initial bootup, and >+ * we're essentially up and running. Get rid of the >+ * initmem segments and start the user-mode stuff.. >+ */ >+ free_initmem(); >+ unlock_kernel(); >+ >+ if (open("/dev/console", O_RDWR, 0) < 0) >+ printk("Warning: unable to open an initial console.\n"); >+ >+ (void) dup(0); >+ (void) dup(0); >+ >+ /* >+ * We try each of these until one succeeds. >+ * >+ * The Bourne shell can be used instead of init if we are >+ * trying to recover a really broken machine. >+ */ >+ >+ if (execute_command) >+ execve(execute_command,argv_init,envp_init); >+ execve("/sbin/init",argv_init,envp_init); >+ execve("/etc/init",argv_init,envp_init); >+ execve("/bin/init",argv_init,envp_init); >+ execve("/bin/sh",argv_init,envp_init); >+ panic("No init found. Try passing init= option to kernel."); >+} >diff -uNr linux-2.4.20-gentoo-r1/kernel/exit.c linux-2.4.20-gentoo-r1-systrace/kernel/exit.c >--- linux-2.4.20-gentoo-r1/kernel/exit.c 2003-04-03 14:47:12.000000000 +0200 >+++ linux-2.4.20-gentoo-r1-systrace/kernel/exit.c 2003-04-03 15:46:53.000000000 +0200 >@@ -16,6 +16,11 @@ > #ifdef CONFIG_BSD_PROCESS_ACCT > #include <linux/acct.h> > #endif >+#ifdef CONFIG_SYSTRACE >+#include <linux/queue.h> >+#include <asm/semaphore.h> >+#include <linux/systrace.h> >+#endif > #include <linux/grsecurity.h> > #include <linux/imon.h> /* hopefully this can go away when imon is done */ > >@@ -497,6 +502,10 @@ > #ifdef CONFIG_BSD_PROCESS_ACCT > acct_process(code); > #endif >+#ifdef CONFIG_SYSTRACE >+ systrace_exit(tsk); >+#endif >+ > if (unlikely(current->acl_admin && gr_acl_is_enabled())) { > gr_set_acls(1); > security_alert_good(GR_ADMINL_ACL_MSG, GR_ADMINL_ACL_FLD, >diff -uNr linux-2.4.20-gentoo-r1/kernel/fork.c linux-2.4.20-gentoo-r1-systrace/kernel/fork.c >--- linux-2.4.20-gentoo-r1/kernel/fork.c 2003-04-03 14:47:12.000000000 +0200 >+++ linux-2.4.20-gentoo-r1-systrace/kernel/fork.c 2003-04-03 15:46:53.000000000 +0200 >@@ -29,6 +29,12 @@ > #include <asm/uaccess.h> > #include <asm/mmu_context.h> > >+#ifdef CONFIG_SYSTRACE >+#include <linux/queue.h> >+#include <asm/semaphore.h> >+#include <linux/systrace.h> >+#endif /* CONFIG_SYSTRACE */ >+ > /* The idle threads do not count.. */ > int nr_threads; > >@@ -794,6 +800,12 @@ > > if (p->ptrace & PT_PTRACED) > send_sig(SIGSTOP, p, 1); >+ >+#ifdef CONFIG_SYSTRACE >+ if (current->systrace != NULL) >+ systrace_fork(current, p); >+#endif /* CONFIG_SYSTRACE */ >+ > wake_up_forked_process(p); /* do this last */ > ++total_forks; > if (clone_flags & CLONE_VFORK)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=10155">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 18690
: 10155
