--- olpc-2.6-master.00/fs/namespace.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/namespace.c 2007-03-01 11:52:20.000000000 -0500 @@ -644,7 +702,7 @@ asmlinkage long sys_umount(char __user * goto dput_and_out; retval = -EPERM; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) goto dput_and_out; retval = do_umount(nd.mnt, flags); --- olpc-2.6-master.00/fs/namespace.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/namespace.c 2007-03-01 11:52:20.000000000 -0500 @@ -953,7 +1020,7 @@ ***** int err; struct super_block *sb = nd->mnt->mnt_sb; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_REMOUNT)) return -EPERM; if (!check_mnt(nd->mnt)) --- olpc-2.6-master.00/fs/namespace.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/namespace.c 2007-03-01 11:52:20.000000000 -0500 @@ -987,7 +1054,7 @@ static int do_move_mount(struct nameidat struct nameidata old_nd, parent_nd; struct vfsmount *p; int err = 0; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) return -EPERM; if (!old_name || !*old_name) return -EINVAL; --- olpc-2.6-master.00/fs/namespace.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/namespace.c 2007-03-01 11:52:20.000000000 -0500 @@ -1067,7 +1134,7 @@ static int do_new_mount(struct nameidata return -EINVAL; /* we need capabilities... */ - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) return -EPERM; mnt = do_kern_mount(type, flags, name, data); --- olpc-2.6-master.00/fs/namespace.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/namespace.c 2007-03-01 11:52:20.000000000 -0500 @@ -1523,7 +1606,7 @@ int copy_mnt_ns(int flags, struct task_s if (!(flags & CLONE_NEWNS)) return 0; - if (!capable(CAP_SYS_ADMIN)) { + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) { err = -EPERM; goto out; } --- olpc-2.6-master.00/fs/proc/array.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/proc/array.c 2007-03-01 17:09:59.000000000 -0500 @@ -283,12 +293,15 @@ static inline char * task_sig(struct tas static inline char *task_cap(struct task_struct *p, char *buffer) { - return buffer + sprintf(buffer, "CapInh:\t%016x\n" - "CapPrm:\t%016x\n" - "CapEff:\t%016x\n", - cap_t(p->cap_inheritable), - cap_t(p->cap_permitted), - cap_t(p->cap_effective)); + struct vx_info *vxi = p->vx_info; + + return buffer + sprintf(buffer, + "CapInh:\t%016x\n" + "CapPrm:\t%016x\n" + "CapEff:\t%016x\n", + (unsigned)vx_info_mbcap(vxi, p->cap_inheritable), + (unsigned)vx_info_mbcap(vxi, p->cap_permitted), + (unsigned)vx_info_mbcap(vxi, p->cap_effective)); } int proc_pid_status(struct task_struct *task, char * buffer) --- olpc-2.6-master.00/fs/quota.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/quota.c 2007-03-01 11:52:20.000000000 -0500 @@ -81,7 +82,7 @@ static int generic_quotactl_valid(struct if (cmd == Q_GETQUOTA) { if (((type == USRQUOTA && current->euid != id) || (type == GRPQUOTA && !in_egroup_p(id))) && - !capable(CAP_SYS_ADMIN)) + !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return -EPERM; } else if (cmd != Q_GETFMT && cmd != Q_SYNC && cmd != Q_GETINFO) --- olpc-2.6-master.00/fs/quota.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/quota.c 2007-03-01 11:52:20.000000000 -0500 @@ -85,7 +86,7 @@ ***** return -EPERM; } else if (cmd != Q_GETFMT && cmd != Q_SYNC && cmd != Q_GETINFO) - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return -EPERM; return 0; --- olpc-2.6-master.00/fs/quota.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/quota.c 2007-03-01 11:52:20.000000000 -0500 @@ -132,10 +133,10 @@ static int xqm_quotactl_valid(struct sup if (cmd == Q_XGETQUOTA) { if (((type == XQM_USRQUOTA && current->euid != id) || (type == XQM_GRPQUOTA && !in_egroup_p(id))) && - !capable(CAP_SYS_ADMIN)) + !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return -EPERM; } else if (cmd != Q_XGETQSTAT && cmd != Q_XQUOTASYNC) { - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return -EPERM; } --- olpc-2.6-master.00/fs/xfs/quota/xfs_qm_syscalls.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/xfs/quota/xfs_qm_syscalls.c 2007-03-01 11:52:20.000000000 -0500 @@ -380,7 +381,7 @@ xfs_qm_scall_trunc_qfiles( int error; xfs_inode_t *qip; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return XFS_ERROR(EPERM); error = 0; if (!XFS_SB_VERSION_HASQUOTA(&mp->m_sb) || flags == 0) { --- olpc-2.6-master.00/fs/xfs/quota/xfs_qm_syscalls.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/xfs/quota/xfs_qm_syscalls.c 2007-03-01 11:52:20.000000000 -0500 @@ -425,7 +426,7 @@ xfs_qm_scall_quotaon( uint accflags; __int64_t sbflags; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return XFS_ERROR(EPERM); flags &= (XFS_ALL_QUOTA_ACCT | XFS_ALL_QUOTA_ENFD); --- olpc-2.6-master.00/fs/xfs/quota/xfs_qm_syscalls.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/xfs/quota/xfs_qm_syscalls.c 2007-03-01 11:52:20.000000000 -0500 @@ -596,7 +597,7 @@ xfs_qm_scall_setqlim( int error; xfs_qcnt_t hard, soft; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return XFS_ERROR(EPERM); if ((newlim->d_fieldmask & --- olpc-2.6-master.00/kernel/capability.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/kernel/capability.c 2007-03-01 11:52:20.000000000 -0500 @@ -246,8 +247,12 @@ int __capable(struct task_struct *t, int } EXPORT_SYMBOL(__capable); +#include int capable(int cap) { + /* here for now so we don't require task locking */ + if (vs_check_bit(VXC_CAP_MASK, cap) && !vx_mcaps(1L << cap)) + return 0; return __capable(current, cap); } EXPORT_SYMBOL(capable); --- olpc-2.6-master.00/kernel/sched.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/kernel/sched.c 2007-03-01 11:52:20.000000000 -0500 @@ -4131,7 +4199,7 @@ asmlinkage long sys_nice(int increment) nice = 19; if (increment < 0 && !can_nice(current, nice)) - return -EPERM; + return vx_flags(VXF_IGNEG_NICE, 0) ? 0 : -EPERM; retval = security_task_setnice(current, nice); if (retval) --- olpc-2.6-master.00/kernel/sys.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/kernel/sys.c 2007-03-01 11:52:20.000000000 -0500 @@ -576,7 +578,10 @@ static int set_one_prio(struct task_stru goto out; } if (niceval < task_nice(p) && !can_nice(p, niceval)) { - error = -EACCES; + if (vx_flags(VXF_IGNEG_NICE, 0)) + error = 0; + else + error = -EACCES; goto out; } no_nice = security_task_setnice(p, niceval); --- olpc-2.6-master.00/kernel/sys.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/kernel/sys.c 2007-03-01 11:52:20.000000000 -0500 @@ -1802,7 +1818,7 @@ asmlinkage long sys_sethostname(char __u int errno; char tmp[__NEW_UTS_LEN]; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME)) return -EPERM; if (len < 0 || len > __NEW_UTS_LEN) return -EINVAL; --- olpc-2.6-master.00/kernel/sys.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/kernel/sys.c 2007-03-01 11:52:20.000000000 -0500 @@ -1847,7 +1863,7 @@ asmlinkage long sys_setdomainname(char _ int errno; char tmp[__NEW_UTS_LEN]; - if (!capable(CAP_SYS_ADMIN)) + if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME)) return -EPERM; if (len < 0 || len > __NEW_UTS_LEN) return -EINVAL; --- olpc-2.6-master.00/kernel/sys.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/kernel/sys.c 2007-03-01 11:52:20.000000000 -0500 @@ -1914,7 +1930,7 @@ asmlinkage long sys_setrlimit(unsigned i return -EINVAL; old_rlim = current->signal->rlim + resource; if ((new_rlim.rlim_max > old_rlim->rlim_max) && - !capable(CAP_SYS_RESOURCE)) + !vx_capable(CAP_SYS_RESOURCE, VXC_SET_RLIMIT)) return -EPERM; if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > NR_OPEN) return -EPERM; --- olpc-2.6-master.00/net/ipv4/af_inet.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/net/ipv4/af_inet.c 2007-03-01 11:52:20.000000000 -0500 @@ -283,9 +284,11 @@ lookup_protocol: } err = -EPERM; + if ((protocol == IPPROTO_ICMP) && vx_ccaps(VXC_RAW_ICMP)) + goto override; if (answer->capability > 0 && !capable(answer->capability)) goto out_rcu_unlock; - +override: sock->ops = answer->ops; answer_prot = answer->prot; answer_no_check = answer->no_check; --- olpc-2.6-master.00/security/commoncap.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/security/commoncap.c 2007-03-01 11:52:20.000000000 -0500 @@ -26,7 +27,7 @@ ***** int cap_netlink_send(struct sock *sk, struct sk_buff *skb) { - NETLINK_CB(skb).eff_cap = current->cap_effective; + cap_t(NETLINK_CB(skb).eff_cap) = vx_mbcap(cap_effective); return 0; } --- olpc-2.6-master.00/security/commoncap.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/security/commoncap.c 2007-03-01 11:52:20.000000000 -0500 @@ -44,7 +45,7 @@ EXPORT_SYMBOL(cap_netlink_recv); int cap_capable (struct task_struct *tsk, int cap) { /* Derived from include/linux/sched.h:capable. */ - if (cap_raised(tsk->cap_effective, cap)) + if (vx_cap_raised(tsk->vx_info, tsk->cap_effective, cap)) return 0; return -EPERM; } --- olpc-2.6-master.00/security/commoncap.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/security/commoncap.c 2007-03-01 11:52:20.000000000 -0500 @@ -142,7 +143,8 @@ void cap_bprm_apply_creds (struct linux_ /* Derived from fs/exec.c:compute_creds. */ kernel_cap_t new_permitted, working; - new_permitted = cap_intersect (bprm->cap_permitted, cap_bset); + new_permitted = cap_intersect (bprm->cap_permitted, + vx_current_cap_bset()); working = cap_intersect (bprm->cap_inheritable, current->cap_inheritable); new_permitted = cap_combine (new_permitted, working); --- olpc-2.6-master.00/security/commoncap.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/security/commoncap.c 2007-03-01 11:52:20.000000000 -0500 @@ -311,7 +313,8 @@ void cap_task_reparent_to_init (struct t int cap_syslog (int type) { - if ((type != 3 && type != 10) && !capable(CAP_SYS_ADMIN)) + if ((type != 3 && type != 10) && + !vx_capable(CAP_SYS_ADMIN, VXC_SYSLOG)) return -EPERM; return 0; } --- olpc-2.6-master.00/security/dummy.c 2007-02-28 20:05:29.000000000 -0500 +++ olpc-2.6-master-vs22x.02/security/dummy.c 2007-03-01 11:52:20.000000000 -0500 @@ -678,7 +679,7 @@ static int dummy_sem_semop (struct sem_a static int dummy_netlink_send (struct sock *sk, struct sk_buff *skb) { - NETLINK_CB(skb).eff_cap = current->cap_effective; + cap_t(NETLINK_CB(skb).eff_cap) = vx_mbcap(cap_effective); return 0; } --- olpc-2.6-master.00/fs/xfs/quota/xfs_qm_syscalls.c 2007-02-28 20:05:28.000000000 -0500 +++ olpc-2.6-master-vs22x.02/fs/xfs/quota/xfs_qm_syscalls.c 2007-03-01 11:52:20.000000000 -0500 @@ -211,7 +212,7 @@ xfs_qm_scall_quotaoff( xfs_qoff_logitem_t *qoffstart; int nculprits; - if (!force && !capable(CAP_SYS_ADMIN)) + if (!force && !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) return XFS_ERROR(EPERM); /* * No file system can have quotas enabled on disk but not in core.