--- linux-2.6.18.2/fs/namespace.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/namespace.c 2006-09-25 15:40:02 +0200 @@ -652,7 +707,7 @@ asmlinkage long sys_umount(char __user * goto dput_and_out; retval = -EPERM; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) goto dput_and_out; retval = do_umount(nd.mnt, flags); --- linux-2.6.18.2/fs/namespace.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/namespace.c 2006-09-25 15:40:02 +0200 @@ -961,7 +1025,7 @@ ***** int err; struct super_block *sb = nd->mnt->mnt_sb; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_REMOUNT)) return -EPERM; if (!check_mnt(nd->mnt)) --- linux-2.6.18.2/fs/namespace.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/namespace.c 2006-09-25 15:40:02 +0200 @@ -995,7 +1059,7 @@ static int do_move_mount(struct nameidat struct nameidata old_nd, parent_nd; struct vfsmount *p; int err = 0; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) return -EPERM; if (!old_name || !*old_name) return -EINVAL; --- linux-2.6.18.2/fs/namespace.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/namespace.c 2006-09-25 15:40:02 +0200 @@ -1075,7 +1139,7 @@ static int do_new_mount(struct nameidata return -EINVAL; /* we need capabilities... */ - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) return -EPERM; mnt = do_kern_mount(type, flags, name, data); --- linux-2.6.18.2/fs/namespace.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/namespace.c 2006-09-25 15:40:02 +0200 @@ -1528,7 +1607,7 @@ int copy_namespace(int flags, struct tas if (!(flags & CLONE_NEWNS)) return 0; - if (!capable(CAP_SYS_ADMIN)) { + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) { err = -EPERM; goto out; } --- linux-2.6.18.2/fs/proc/array.c 2006-09-20 16:58:35 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/proc/array.c 2006-10-25 03:39:09 +0200 @@ -285,12 +294,15 @@ static inline char * task_sig(struct tas static inline char *task_cap(struct task_struct *p, char *buffer) { - return buffer + sprintf(buffer, "CapInh:\t%016x\n" - "CapPrm:\t%016x\n" - "CapEff:\t%016x\n", - cap_t(p->cap_inheritable), - cap_t(p->cap_permitted), - cap_t(p->cap_effective)); + struct vx_info *vxi = p->vx_info; + + return buffer + sprintf(buffer, + "CapInh:\t%016x\n" + "CapPrm:\t%016x\n" + "CapEff:\t%016x\n", + (unsigned)vx_info_mbcap(vxi, p->cap_inheritable), + (unsigned)vx_info_mbcap(vxi, p->cap_permitted), + (unsigned)vx_info_mbcap(vxi, p->cap_effective)); } int proc_pid_status(struct task_struct *task, char * buffer) --- linux-2.6.18.2/fs/quota.c 2006-06-18 04:54:47 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/quota.c 2006-09-25 15:40:02 +0200 @@ -81,7 +156,7 @@ static int generic_quotactl_valid(struct if (cmd == Q_GETQUOTA) { if (((type == USRQUOTA && current->euid != id) || (type == GRPQUOTA && !in_egroup_p(id))) && - !capable(CAP_SYS_ADMIN)) + !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return -EPERM; } else if (cmd != Q_GETFMT && cmd != Q_SYNC && cmd != Q_GETINFO) --- linux-2.6.18.2/fs/quota.c 2006-06-18 04:54:47 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/quota.c 2006-09-25 15:40:02 +0200 @@ -85,7 +160,7 @@ ***** return -EPERM; } else if (cmd != Q_GETFMT && cmd != Q_SYNC && cmd != Q_GETINFO) - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return -EPERM; return 0; --- linux-2.6.18.2/fs/quota.c 2006-06-18 04:54:47 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/quota.c 2006-09-25 15:40:02 +0200 @@ -132,10 +207,10 @@ static int xqm_quotactl_valid(struct sup if (cmd == Q_XGETQUOTA) { if (((type == XQM_USRQUOTA && current->euid != id) || (type == XQM_GRPQUOTA && !in_egroup_p(id))) && - !capable(CAP_SYS_ADMIN)) + !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return -EPERM; } else if (cmd != Q_XGETQSTAT && cmd != Q_XQUOTASYNC) { - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return -EPERM; } --- linux-2.6.18.2/fs/xfs/quota/xfs_qm_syscalls.c 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/quota/xfs_qm_syscalls.c 2006-09-20 17:01:44 +0200 @@ -382,7 +382,7 @@ xfs_qm_scall_trunc_qfiles( int error; xfs_inode_t *qip; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return XFS_ERROR(EPERM); error = 0; if (!XFS_SB_VERSION_HASQUOTA(&mp->m_sb) || flags == 0) { --- linux-2.6.18.2/fs/xfs/quota/xfs_qm_syscalls.c 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/quota/xfs_qm_syscalls.c 2006-09-20 17:01:44 +0200 @@ -427,7 +427,7 @@ xfs_qm_scall_quotaon( uint accflags; __int64_t sbflags; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return XFS_ERROR(EPERM); flags &= (XFS_ALL_QUOTA_ACCT | XFS_ALL_QUOTA_ENFD); --- linux-2.6.18.2/fs/xfs/quota/xfs_qm_syscalls.c 2006-09-20 16:58:40 +0200 +++ linux-2.6.18.2-vs2.1.1/fs/xfs/quota/xfs_qm_syscalls.c 2006-09-20 17:01:44 +0200 @@ -598,7 +598,7 @@ xfs_qm_scall_setqlim( int error; xfs_qcnt_t hard, soft; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return XFS_ERROR(EPERM); if ((newlim->d_fieldmask & --- linux-2.6.18.2/kernel/capability.c 2006-09-20 16:58:44 +0200 +++ linux-2.6.18.2-vs2.1.1/kernel/capability.c 2006-10-07 04:29:47 +0200 @@ -246,6 +246,9 @@ EXPORT_SYMBOL(__capable); int capable(int cap) { + /* here for now so we don't require task locking */ + if (vx_check_bit(VXC_CAP_MASK, cap) && !vx_mcaps(1L << cap)) + return 0; return __capable(current, cap); } EXPORT_SYMBOL(capable); --- linux-2.6.18.2/kernel/sched.c 2006-11-04 19:43:24 +0100 +++ linux-2.6.18.2-vs2.1.1/kernel/sched.c 2006-10-28 19:04:30 +0200 @@ -3994,7 +4063,7 @@ asmlinkage long sys_nice(int increment) nice = 19; if (increment < 0 && !can_nice(current, nice)) - return -EPERM; + return vx_flags(VXF_IGNEG_NICE, 0) ? 0 : -EPERM; retval = security_task_setnice(current, nice); if (retval) --- linux-2.6.18.2/kernel/sys.c 2006-09-20 16:58:44 +0200 +++ linux-2.6.18.2-vs2.1.1/kernel/sys.c 2006-09-25 15:40:02 +0200 @@ -444,7 +447,10 @@ static int set_one_prio(struct task_stru goto out; } if (niceval < task_nice(p) && !can_nice(p, niceval)) { - error = -EACCES; + if (vx_flags(VXF_IGNEG_NICE, 0)) + error = 0; + else + error = -EACCES; goto out; } no_nice = security_task_setnice(p, niceval); --- linux-2.6.18.2/kernel/sys.c 2006-09-20 16:58:44 +0200 +++ linux-2.6.18.2-vs2.1.1/kernel/sys.c 2006-09-25 15:40:02 +0200 @@ -1686,7 +1703,7 @@ asmlinkage long sys_sethostname(char __u int errno; char tmp[__NEW_UTS_LEN]; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME)) return -EPERM; if (len < 0 || len > __NEW_UTS_LEN) return -EINVAL; --- linux-2.6.18.2/kernel/sys.c 2006-09-20 16:58:44 +0200 +++ linux-2.6.18.2-vs2.1.1/kernel/sys.c 2006-09-25 15:40:02 +0200 @@ -1731,7 +1752,7 @@ asmlinkage long sys_setdomainname(char _ int errno; char tmp[__NEW_UTS_LEN]; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME)) return -EPERM; if (len < 0 || len > __NEW_UTS_LEN) return -EINVAL; --- linux-2.6.18.2/kernel/sys.c 2006-09-20 16:58:44 +0200 +++ linux-2.6.18.2-vs2.1.1/kernel/sys.c 2006-09-25 15:40:02 +0200 @@ -1798,7 +1821,7 @@ asmlinkage long sys_setrlimit(unsigned i return -EINVAL; old_rlim = current->signal->rlim + resource; if ((new_rlim.rlim_max > old_rlim->rlim_max) && - !capable(CAP_SYS_RESOURCE)) + !vx_capable(CAP_SYS_RESOURCE, VXC_SET_RLIMIT)) return -EPERM; if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > NR_OPEN) return -EPERM; --- linux-2.6.18.2/net/ipv4/af_inet.c 2006-09-20 16:58:50 +0200 +++ linux-2.6.18.2-vs2.1.1/net/ipv4/af_inet.c 2006-10-18 04:06:32 +0200 @@ -283,9 +284,11 @@ lookup_protocol: } err = -EPERM; + if ((protocol == IPPROTO_ICMP) && vx_ccaps(VXC_RAW_ICMP)) + goto override; if (answer->capability > 0 && !capable(answer->capability)) goto out_rcu_unlock; - +override: sock->ops = answer->ops; answer_prot = answer->prot; answer_no_check = answer->no_check; --- linux-2.6.18.2/security/commoncap.c 2006-09-20 16:58:54 +0200 +++ linux-2.6.18.2-vs2.1.1/security/commoncap.c 2006-09-25 15:40:02 +0200 @@ -26,7 +26,7 @@ int cap_netlink_send(struct sock *sk, struct sk_buff *skb) { - NETLINK_CB(skb).eff_cap = current->cap_effective; + cap_t(NETLINK_CB(skb).eff_cap) = vx_mbcap(cap_effective); return 0; } --- linux-2.6.18.2/security/commoncap.c 2006-09-20 16:58:54 +0200 +++ linux-2.6.18.2-vs2.1.1/security/commoncap.c 2006-09-25 15:40:02 +0200 @@ -44,7 +44,7 @@ EXPORT_SYMBOL(cap_netlink_recv); int cap_capable (struct task_struct *tsk, int cap) { /* Derived from include/linux/sched.h:capable. */ - if (cap_raised(tsk->cap_effective, cap)) + if (vx_cap_raised(tsk->vx_info, tsk->cap_effective, cap)) return 0; return -EPERM; } --- linux-2.6.18.2/security/commoncap.c 2006-09-20 16:58:54 +0200 +++ linux-2.6.18.2-vs2.1.1/security/commoncap.c 2006-09-25 15:40:02 +0200 @@ -142,7 +142,8 @@ void cap_bprm_apply_creds (struct linux_ /* Derived from fs/exec.c:compute_creds. */ kernel_cap_t new_permitted, working; - new_permitted = cap_intersect (bprm->cap_permitted, cap_bset); + new_permitted = cap_intersect (bprm->cap_permitted, + vx_current_cap_bset()); working = cap_intersect (bprm->cap_inheritable, current->cap_inheritable); new_permitted = cap_combine (new_permitted, working); --- linux-2.6.18.2/security/commoncap.c 2006-09-20 16:58:54 +0200 +++ linux-2.6.18.2-vs2.1.1/security/commoncap.c 2006-09-25 15:40:02 +0200 @@ -311,7 +312,8 @@ void cap_task_reparent_to_init (struct t int cap_syslog (int type) { - if ((type != 3 && type != 10) && !capable(CAP_SYS_ADMIN)) + if ((type != 3 && type != 10) && + !vx_capable(CAP_SYS_ADMIN, VXC_SYSLOG)) return -EPERM; return 0; } --- linux-2.6.18.2/security/dummy.c 2006-09-20 16:58:54 +0200 +++ linux-2.6.18.2-vs2.1.1/security/dummy.c 2006-09-25 15:40:02 +0200 @@ -678,7 +678,7 @@ static int dummy_sem_semop (struct sem_a static int dummy_netlink_send (struct sock *sk, struct sk_buff *skb) { - NETLINK_CB(skb).eff_cap = current->cap_effective; + cap_t(NETLINK_CB(skb).eff_cap) = vx_mbcap(cap_effective); return 0; }