[TOMOYO #16 00/25] Starting TOMOYO 2.3

From: Tetsuo Handa
Date: Sun Oct 04 2009 - 08:54:29 EST

Next message: Tetsuo Handa: "[TOMOYO #16 01/25] LSM: Add security_path_chmod() and security_path_chown()."
Previous message: Tetsuo Handa: "[TOMOYO #16 03/25] LSM: Pass original mount flags to security_sb_mount()."
Next in thread: Tetsuo Handa: "[TOMOYO #16 03/25] LSM: Pass original mount flags to security_sb_mount()."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello.

This is the beginning of TOMOYO 2.3. TOMOYO 2.2 (which is in kernel 2.6.30 and
later) is terribly lacking in functionality (e.g. no audit logs, no network).
I hope TOMOYO 2.3 can provide practically sufficient functionality.

This patchset provides almost all functionality in TOMOYO 1.7.0 except
(1) DAC before MAC checks for directory modification operations.
(2) Incoming UDP/RAW packet filtering.
(3) Signal transmission restriction.
(4) Many of non-posix capabilities support.

Since this patchset is not yet accepted, I haven't written documentation for
TOMOYO 2.3. You can see http://tomoyo.sourceforge.jp/1.7/policy-reference.html
instead.

Conventionally, patches should be submitted in the form of diff file.
But this time, I submit in the form of entire file due to amount of changes.

# diff -u security/tomoyo.2.2/realpath.c security/tomoyo/new-realpath.c | diffstat -f0
new-realpath.c | 609 186 + 423 - 0 !
1 file changed, 186 insertions(+), 423 deletions(-)
# wc -l security/tomoyo/new-realpath.c
251 security/tomoyo/new-realpath.c

# diff -u security/tomoyo.2.2/file.c security/tomoyo/new-file.c | diffstat -f0
new-file.c | 2472 1693 + 779 - 0 !
1 file changed, 1693 insertions(+), 779 deletions(-)
# wc -l security/tomoyo/new-file.c
2249 security/tomoyo/new-file.c

# diff -u security/tomoyo.2.2/domain.c security/tomoyo/new-domain.c | diffstat -f0
new-domain.c | 1322 877 + 445 - 0 !
1 file changed, 877 insertions(+), 445 deletions(-)
# wc -l security/tomoyo/new-domain.c
1354 security/tomoyo/new-domain.c

# diff -u security/tomoyo.2.2/tomoyo.c security/tomoyo/lsm.c | diffstat -f0
lsm.c | 492 350 + 142 - 0 !
1 file changed, 350 insertions(+), 142 deletions(-)
# wc -l security/tomoyo/lsm.c
523 security/tomoyo/lsm.c

# diff -Nur security/tomoyo.2.2/ security/tomoyo/ | diffstat -f0
Kconfig | 67 67 + 0 - 0 !
Makefile | 2 1 + 1 - 0 !
address_group.c | 270 270 + 0 - 0 !
audit.c | 561 561 + 0 - 0 !
capability.c | 141 141 + 0 - 0 !
common.c | 2276 0 + 2276 - 0 !
common.h | 461 0 + 461 - 0 !
condition.c | 1332 1332 + 0 - 0 !
domain.c | 922 0 + 922 - 0 !
environ.c | 232 232 + 0 - 0 !
file.c | 1335 0 + 1335 - 0 !
gc.c | 606 606 + 0 - 0 !
internal.h | 1317 1317 + 0 - 0 !
load_policy.c | 97 97 + 0 - 0 !
lsm.c | 523 523 + 0 - 0 !
memory.c | 391 391 + 0 - 0 !
mount.c | 366 366 + 0 - 0 !
network.c | 757 757 + 0 - 0 !
new-domain.c | 1354 1354 + 0 - 0 !
new-file.c | 2249 2249 + 0 - 0 !
new-realpath.c | 251 251 + 0 - 0 !
number_group.c | 212 212 + 0 - 0 !
path_group.c | 210 210 + 0 - 0 !
policy_io.c | 2734 2734 + 0 - 0 !
realpath.c | 488 0 + 488 - 0 !
realpath.h | 66 0 + 66 - 0 !
securityfs_if.c | 148 148 + 0 - 0 !
tomoyo.c | 315 0 + 315 - 0 !
tomoyo.h | 96 0 + 96 - 0 !
util.c | 1144 1144 + 0 - 0 !
30 files changed, 14963 insertions(+), 5960 deletions(-)

Regards.
--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tetsuo Handa: "[TOMOYO #16 01/25] LSM: Add security_path_chmod() and security_path_chown()."
Previous message: Tetsuo Handa: "[TOMOYO #16 03/25] LSM: Pass original mount flags to security_sb_mount()."
Next in thread: Tetsuo Handa: "[TOMOYO #16 03/25] LSM: Pass original mount flags to security_sb_mount()."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]