)]}' { "log": [ { "commit": "7663dacd926584093dfc350892792054692b6cb3", "tree": "3300005fc836d8a6661d758212289963f850d728", "parents": [ "1557aca7904ed6fadd22cdc3364754070bb3d3c3" ], "author": { "name": "J. Bruce Fields", "email": "bfields@citi.umich.edu", "time": "Fri Dec 04 19:49:00 2009 -0500" }, "committer": { "name": "J. Bruce Fields", "email": "bfields@citi.umich.edu", "time": "Tue Dec 15 15:01:47 2009 -0500" }, "message": "nfsd: remove pointless paths in file headers\n\nThe new .h files have paths at the top that are now out of date. While\nwe\u0027re here, just remove all of those from fs/nfsd; they never served any\npurpose.\n\nSigned-off-by: J. Bruce Fields \u003cbfields@citi.umich.edu\u003e\n" }, { "commit": "9a74af21330c8d46efa977d088a62cc1bfa954e9", "tree": "6f2e4b775738ae93da05ad475b244785bf40461e", "parents": [ "68590c382b875cc9a76b06097f3dff6730d787c1" ], "author": { "name": "Boaz Harrosh", "email": "bharrosh@panasas.com", "time": "Thu Dec 03 20:30:56 2009 +0200" }, "committer": { "name": "J. Bruce Fields", "email": "bfields@citi.umich.edu", "time": "Mon Dec 14 18:12:12 2009 -0500" }, "message": "nfsd: Move private headers to source directory\n\nLots of include/linux/nfsd/* headers are only used by\nnfsd module. Move them to the source directory\n\nSigned-off-by: Boaz Harrosh \u003cbharrosh@panasas.com\u003e\nSigned-off-by: J. Bruce Fields \u003cbfields@citi.umich.edu\u003e\n" }, { "commit": "341eb184469f8e4a6841fc49a57ad4a27e51c335", "tree": "df6b06cc5b15ae421b589865fc008df1219589a4", "parents": [ "72579ac9cd68081108277c31781b127d0f420d61" ], "author": { "name": "Boaz Harrosh", "email": "bharrosh@panasas.com", "time": "Thu Dec 03 20:29:12 2009 +0200" }, "committer": { "name": "J. Bruce Fields", "email": "bfields@citi.umich.edu", "time": "Mon Dec 14 18:12:09 2009 -0500" }, "message": "nfsd: Source files #include cleanups\n\nNow that the headers are fixed and carry their own wait, all fs/nfsd/\nsource files can include a minimal set of headers. and still compile just\nfine.\n\nThis patch should improve the compilation speed of the nfsd module.\n\nSigned-off-by: Boaz Harrosh \u003cbharrosh@panasas.com\u003e\nSigned-off-by: J. Bruce Fields \u003cbfields@citi.umich.edu\u003e\n" }, { "commit": "e0e817392b9acf2c98d3be80c233dddb1b52003d", "tree": "ee680c020039313c9f9c40ab3542bb30a7363381", "parents": [ "ed6d76e4c32de0c2ad5f1d572b948ef49e465176" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Wed Sep 02 09:13:40 2009 +0100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Sep 02 21:29:01 2009 +1000" }, "message": "CRED: Add some configurable debugging [try #6]\n\nAdd a config option (CONFIG_DEBUG_CREDENTIALS) to turn on some debug checking\nfor credential management. The additional code keeps track of the number of\npointers from task_structs to any given cred struct, and checks to see that\nthis number never exceeds the usage count of the cred struct (which includes\nall references, not just those from task_structs).\n\nFurthermore, if SELinux is enabled, the code also checks that the security\npointer in the cred struct is never seen to be invalid.\n\nThis attempts to catch the bug whereby inode_has_perm() faults in an nfsd\nkernel thread on seeing cred-\u003esecurity be a NULL pointer (it appears that the\ncredential struct has been previously released):\n\n\thttp://www.kerneloops.org/oops.php?number\u003d252883\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "b914152a6fbd2cd0441bc293ae8b3f3f1a9407b6", "tree": "52267a4af3d34ebf190d89b279758d7726383412", "parents": [ "bf935a78814cc9b96d09f612912178adc964ce9c" ], "author": { "name": "J. Bruce Fields", "email": "bfields@fieldses.org", "time": "Tue Jan 20 19:34:22 2009 -0500" }, "committer": { "name": "J. Bruce Fields", "email": "bfields@pig.fieldses.org", "time": "Tue Jan 27 17:26:59 2009 -0500" }, "message": "nfsd: fix cred leak on every rpc\n\nSince override_creds() took its own reference on new, we need to release\nour own reference.\n\n(Note the put_cred on the return value puts the *old* value of\ncurrent-\u003ecreds, not the new passed-in value).\n\nSigned-off-by: J. Bruce Fields \u003cbfields@citi.umich.edu\u003e\n" }, { "commit": "bf935a78814cc9b96d09f612912178adc964ce9c", "tree": "2c23a05d1c4433e309f3434ce8bdd6a5a0ed8838", "parents": [ "ce0cf6622c9a6f18c2723ea4bef7616799a1ca39" ], "author": { "name": "J. Bruce Fields", "email": "bfields@fieldses.org", "time": "Tue Jan 20 19:32:59 2009 -0500" }, "committer": { "name": "J. Bruce Fields", "email": "bfields@pig.fieldses.org", "time": "Tue Jan 27 17:26:58 2009 -0500" }, "message": "nfsd: fix null dereference on error path\n\nWe\u0027re forgetting to check the return value from groups_alloc().\n\nSigned-off-by: J. Bruce Fields \u003cbfields@citi.umich.edu\u003e\n" }, { "commit": "f05ef8db1abe68e3f6fc272efee51bc54ce528c5", "tree": "8e74dfecce221e51ec3631c66c0e4f8ce589b566", "parents": [ "0dba7c2a9ed3d4a1e58f5d94fffa9f44dbe012e6" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Mon Jan 05 17:19:37 2009 +0000" }, "committer": { "name": "J. Bruce Fields", "email": "bfields@citi.umich.edu", "time": "Wed Jan 07 15:40:44 2009 -0500" }, "message": "CRED: Fix NFSD regression\n\nFix a regression in NFSD\u0027s permission checking introduced by the credentials\npatches. There are two parts to the problem, both in nfsd_setuser():\n\n (1) The return value of set_groups() is -ve if in error, not 0, and should be\n checked appropriately. 0 indicates success.\n\n (2) The UID to use for fs accesses is in new-\u003efsuid, not new-\u003euid (which is\n 0). This causes CAP_DAC_OVERRIDE to always be set, rather than being\n cleared if the UID is anything other than 0 after squashing.\n\nReported-by: J. Bruce Fields \u003cbfields@fieldses.org\u003e\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: J. Bruce Fields \u003cbfields@citi.umich.edu\u003e\n" }, { "commit": "3b11a1decef07c19443d24ae926982bc8ec9f4c0", "tree": "b6555f0e5b07f4b2badd332a0a900b974920c49d", "parents": [ "98870ab0a5a3f1822aee681d2997017e1c87d026" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Nov 14 10:39:26 2008 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 14 10:39:26 2008 +1100" }, "message": "CRED: Differentiate objective and effective subjective credentials on a task\n\nDifferentiate the objective and real subjective credentials from the effective\nsubjective credentials on a task by introducing a second credentials pointer\ninto the task_struct.\n\ntask_struct::real_cred then refers to the objective and apparent real\nsubjective credentials of a task, as perceived by the other tasks in the\nsystem.\n\ntask_struct::cred then refers to the effective subjective credentials of a\ntask, as used by that task when it\u0027s actually running. These are not visible\nto the other tasks in the system.\n\n__task_cred(task) then refers to the objective/real credentials of the task in\nquestion.\n\ncurrent_cred() refers to the effective subjective credentials of the current\ntask.\n\nprepare_creds() uses the objective creds as a base and commit_creds() changes\nboth pointers in the task_struct (indeed commit_creds() requires them to be the\nsame).\n\noverride_creds() and revert_creds() change the subjective creds pointer only,\nand the former returns the old subjective creds. These are used by NFSD,\nfaccessat() and do_coredump(), and will by used by CacheFiles.\n\nIn SELinux, current_has_perm() is provided as an alternative to\ntask_has_perm(). This uses the effective subjective context of current,\nwhereas task_has_perm() uses the objective/real context of the subject.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "d84f4f992cbd76e8f39c488cf0c5d123843923b1", "tree": "fc4a0349c42995715b93d0f7a3c78e9ea9b3f36e", "parents": [ "745ca2475a6ac596e3d8d37c2759c0fbe2586227" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Nov 14 10:39:23 2008 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 14 10:39:23 2008 +1100" }, "message": "CRED: Inaugurate COW credentials\n\nInaugurate copy-on-write credentials management. This uses RCU to manage the\ncredentials pointer in the task_struct with respect to accesses by other tasks.\nA process may only modify its own credentials, and so does not need locking to\naccess or modify its own credentials.\n\nA mutex (cred_replace_mutex) is added to the task_struct to control the effect\nof PTRACE_ATTACHED on credential calculations, particularly with respect to\nexecve().\n\nWith this patch, the contents of an active credentials struct may not be\nchanged directly; rather a new set of credentials must be prepared, modified\nand committed using something like the following sequence of events:\n\n\tstruct cred *new \u003d prepare_creds();\n\tint ret \u003d blah(new);\n\tif (ret \u003c 0) {\n\t\tabort_creds(new);\n\t\treturn ret;\n\t}\n\treturn commit_creds(new);\n\nThere are some exceptions to this rule: the keyrings pointed to by the active\ncredentials may be instantiated - keyrings violate the COW rule as managing\nCOW keyrings is tricky, given that it is possible for a task to directly alter\nthe keys in a keyring in use by another task.\n\nTo help enforce this, various pointers to sets of credentials, such as those in\nthe task_struct, are declared const. The purpose of this is compile-time\ndiscouragement of altering credentials through those pointers. Once a set of\ncredentials has been made public through one of these pointers, it may not be\nmodified, except under special circumstances:\n\n (1) Its reference count may incremented and decremented.\n\n (2) The keyrings to which it points may be modified, but not replaced.\n\nThe only safe way to modify anything else is to create a replacement and commit\nusing the functions described in Documentation/credentials.txt (which will be\nadded by a later patch).\n\nThis patch and the preceding patches have been tested with the LTP SELinux\ntestsuite.\n\nThis patch makes several logical sets of alteration:\n\n (1) execve().\n\n This now prepares and commits credentials in various places in the\n security code rather than altering the current creds directly.\n\n (2) Temporary credential overrides.\n\n do_coredump() and sys_faccessat() now prepare their own credentials and\n temporarily override the ones currently on the acting thread, whilst\n preventing interference from other threads by holding cred_replace_mutex\n on the thread being dumped.\n\n This will be replaced in a future patch by something that hands down the\n credentials directly to the functions being called, rather than altering\n the task\u0027s objective credentials.\n\n (3) LSM interface.\n\n A number of functions have been changed, added or removed:\n\n (*) security_capset_check(), -\u003ecapset_check()\n (*) security_capset_set(), -\u003ecapset_set()\n\n \t Removed in favour of security_capset().\n\n (*) security_capset(), -\u003ecapset()\n\n \t New. This is passed a pointer to the new creds, a pointer to the old\n \t creds and the proposed capability sets. It should fill in the new\n \t creds or return an error. All pointers, barring the pointer to the\n \t new creds, are now const.\n\n (*) security_bprm_apply_creds(), -\u003ebprm_apply_creds()\n\n \t Changed; now returns a value, which will cause the process to be\n \t killed if it\u0027s an error.\n\n (*) security_task_alloc(), -\u003etask_alloc_security()\n\n \t Removed in favour of security_prepare_creds().\n\n (*) security_cred_free(), -\u003ecred_free()\n\n \t New. Free security data attached to cred-\u003esecurity.\n\n (*) security_prepare_creds(), -\u003ecred_prepare()\n\n \t New. Duplicate any security data attached to cred-\u003esecurity.\n\n (*) security_commit_creds(), -\u003ecred_commit()\n\n \t New. Apply any security effects for the upcoming installation of new\n \t security by commit_creds().\n\n (*) security_task_post_setuid(), -\u003etask_post_setuid()\n\n \t Removed in favour of security_task_fix_setuid().\n\n (*) security_task_fix_setuid(), -\u003etask_fix_setuid()\n\n \t Fix up the proposed new credentials for setuid(). This is used by\n \t cap_set_fix_setuid() to implicitly adjust capabilities in line with\n \t setuid() changes. Changes are made to the new credentials, rather\n \t than the task itself as in security_task_post_setuid().\n\n (*) security_task_reparent_to_init(), -\u003etask_reparent_to_init()\n\n \t Removed. Instead the task being reparented to init is referred\n \t directly to init\u0027s credentials.\n\n\t NOTE! This results in the loss of some state: SELinux\u0027s osid no\n\t longer records the sid of the thread that forked it.\n\n (*) security_key_alloc(), -\u003ekey_alloc()\n (*) security_key_permission(), -\u003ekey_permission()\n\n \t Changed. These now take cred pointers rather than task pointers to\n \t refer to the security context.\n\n (4) sys_capset().\n\n This has been simplified and uses less locking. The LSM functions it\n calls have been merged.\n\n (5) reparent_to_kthreadd().\n\n This gives the current thread the same credentials as init by simply using\n commit_thread() to point that way.\n\n (6) __sigqueue_alloc() and switch_uid()\n\n __sigqueue_alloc() can\u0027t stop the target task from changing its creds\n beneath it, so this function gets a reference to the currently applicable\n user_struct which it then passes into the sigqueue struct it returns if\n successful.\n\n switch_uid() is now called from commit_creds(), and possibly should be\n folded into that. commit_creds() should take care of protecting\n __sigqueue_alloc().\n\n (7) [sg]et[ug]id() and co and [sg]et_current_groups.\n\n The set functions now all use prepare_creds(), commit_creds() and\n abort_creds() to build and check a new set of credentials before applying\n it.\n\n security_task_set[ug]id() is called inside the prepared section. This\n guarantees that nothing else will affect the creds until we\u0027ve finished.\n\n The calling of set_dumpable() has been moved into commit_creds().\n\n Much of the functionality of set_user() has been moved into\n commit_creds().\n\n The get functions all simply access the data directly.\n\n (8) security_task_prctl() and cap_task_prctl().\n\n security_task_prctl() has been modified to return -ENOSYS if it doesn\u0027t\n want to handle a function, or otherwise return the return value directly\n rather than through an argument.\n\n Additionally, cap_task_prctl() now prepares a new set of credentials, even\n if it doesn\u0027t end up using it.\n\n (9) Keyrings.\n\n A number of changes have been made to the keyrings code:\n\n (a) switch_uid_keyring(), copy_keys(), exit_keys() and suid_keys() have\n \t all been dropped and built in to the credentials functions directly.\n \t They may want separating out again later.\n\n (b) key_alloc() and search_process_keyrings() now take a cred pointer\n \t rather than a task pointer to specify the security context.\n\n (c) copy_creds() gives a new thread within the same thread group a new\n \t thread keyring if its parent had one, otherwise it discards the thread\n \t keyring.\n\n (d) The authorisation key now points directly to the credentials to extend\n \t the search into rather pointing to the task that carries them.\n\n (e) Installing thread, process or session keyrings causes a new set of\n \t credentials to be created, even though it\u0027s not strictly necessary for\n \t process or session keyrings (they\u0027re shared).\n\n(10) Usermode helper.\n\n The usermode helper code now carries a cred struct pointer in its\n subprocess_info struct instead of a new session keyring pointer. This set\n of credentials is derived from init_cred and installed on the new process\n after it has been cloned.\n\n call_usermodehelper_setup() allocates the new credentials and\n call_usermodehelper_freeinfo() discards them if they haven\u0027t been used. A\n special cred function (prepare_usermodeinfo_creds()) is provided\n specifically for call_usermodehelper_setup() to call.\n\n call_usermodehelper_setkeys() adjusts the credentials to sport the\n supplied keyring as the new session keyring.\n\n(11) SELinux.\n\n SELinux has a number of changes, in addition to those to support the LSM\n interface changes mentioned above:\n\n (a) selinux_setprocattr() no longer does its check for whether the\n \t current ptracer can access processes with the new SID inside the lock\n \t that covers getting the ptracer\u0027s SID. Whilst this lock ensures that\n \t the check is done with the ptracer pinned, the result is only valid\n \t until the lock is released, so there\u0027s no point doing it inside the\n \t lock.\n\n(12) is_single_threaded().\n\n This function has been extracted from selinux_setprocattr() and put into\n a file of its own in the lib/ directory as join_session_keyring() now\n wants to use it too.\n\n The code in SELinux just checked to see whether a task shared mm_structs\n with other tasks (CLONE_VM), but that isn\u0027t good enough. We really want\n to know if they\u0027re part of the same thread group (CLONE_THREAD).\n\n(13) nfsd.\n\n The NFS server daemon now has to use the COW credentials to set the\n credentials it is going to use. It really needs to pass the credentials\n down to the functions it calls, but it can\u0027t do that until other patches\n in this series have been applied.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "b6dff3ec5e116e3af6f537d4caedcad6b9e5082a", "tree": "9e76f972eb7ce9b84e0146c8e4126a3f86acb428", "parents": [ "15a2460ed0af7538ca8e6c610fe607a2cd9da142" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Nov 14 10:39:16 2008 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 14 10:39:16 2008 +1100" }, "message": "CRED: Separate task security context from task_struct\n\nSeparate the task security context from task_struct. At this point, the\nsecurity data is temporarily embedded in the task_struct with two pointers\npointing to it.\n\nNote that the Alpha arch is altered as it refers to (E)UID and (E)GID in\nentry.S via asm-offsets.\n\nWith comment fixes Signed-off-by: Marc Dionne \u003cmarc.c.dionne@gmail.com\u003e\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a254b246ee238ab90e7b3fae1f76875b608b2213", "tree": "1e4c35e1225b91693694d0384ef6f1e0e8500e4d", "parents": [ "d8421202121ce74daf4625ca9d1d825bbd7ce66a" ], "author": { "name": "Harvey Harrison", "email": "harvey.harrison@gmail.com", "time": "Wed Feb 20 12:49:00 2008 -0800" }, "committer": { "name": "J. Bruce Fields", "email": "bfields@citi.umich.edu", "time": "Wed Apr 23 16:13:39 2008 -0400" }, "message": "nfsd: fix sparse warnings\n\nAdd extern to nfsd/nfsd.h\nfs/nfsd/nfssvc.c:146:5: warning: symbol \u0027nfsd_nrthreads\u0027 was not declared. Should it be static?\nfs/nfsd/nfssvc.c:261:5: warning: symbol \u0027nfsd_nrpools\u0027 was not declared. Should it be static?\nfs/nfsd/nfssvc.c:269:5: warning: symbol \u0027nfsd_get_nrthreads\u0027 was not declared. Should it be static?\nfs/nfsd/nfssvc.c:281:5: warning: symbol \u0027nfsd_set_nrthreads\u0027 was not declared. Should it be static?\nfs/nfsd/export.c:1534:23: warning: symbol \u0027nfs_exports_op\u0027 was not declared. Should it be static?\n\nAdd include of auth.h\nfs/nfsd/auth.c:27:5: warning: symbol \u0027nfsd_setuser\u0027 was not declared. Should it be static?\n\nMake static, move forward declaration closer to where it\u0027s needed.\nfs/nfsd/nfs4state.c:1877:1: warning: symbol \u0027laundromat_main\u0027 was not declared. Should it be static?\n\nMake static, forward declaration was already marked static.\nfs/nfsd/nfs4idmap.c:206:1: warning: symbol \u0027idtoname_parse\u0027 was not declared. Should it be static?\nfs/nfsd/vfs.c:1156:1: warning: symbol \u0027nfsd_create_setattr\u0027 was not declared. Should it be static?\n\nSigned-off-by: Harvey Harrison \u003charvey.harrison@gmail.com\u003e\nSigned-off-by: J. Bruce Fields \u003cbfields@citi.umich.edu\u003e\n" }, { "commit": "e338d263a76af78fe8f38a72131188b58fceb591", "tree": "f3f046fc6fd66de43de7191830f0daf3bc4ec8eb", "parents": [ "8f6936f4d29aa14e54a2470b954a2e1f96322988" ], "author": { "name": "Andrew Morgan", "email": "morgan@kernel.org", "time": "Mon Feb 04 22:29:42 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Feb 05 09:44:20 2008 -0800" }, "message": "Add 64-bit capability support to the kernel\n\nThe patch supports legacy (32-bit) capability userspace, and where possible\ntranslates 32-bit capabilities to/from userspace and the VFS to 64-bit\nkernel space capabilities. If a capability set cannot be compressed into\n32-bits for consumption by user space, the system call fails, with -ERANGE.\n\nFWIW libcap-2.00 supports this change (and earlier capability formats)\n\n http://www.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.6/\n\n[akpm@linux-foundation.org: coding-syle fixes]\n[akpm@linux-foundation.org: use get_task_comm()]\n[ezk@cs.sunysb.edu: build fix]\n[akpm@linux-foundation.org: do not initialise statics to 0 or NULL]\n[akpm@linux-foundation.org: unused var]\n[serue@us.ibm.com: export __cap_ symbols]\nSigned-off-by: Andrew G. Morgan \u003cmorgan@kernel.org\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: Chris Wright \u003cchrisw@sous-sol.org\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\nSigned-off-by: Erez Zadok \u003cezk@cs.sunysb.edu\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "c7d51402d2a64c5b96531f9900bb368020ebbbbb", "tree": "b870f7352ceb21799df933a31662b748edcad1e6", "parents": [ "e22841c637dc8b308b40f59d64a5b6683d458ab7" ], "author": { "name": "J. Bruce Fields", "email": "bfields@citi.umich.edu", "time": "Thu Jul 19 01:49:20 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Thu Jul 19 10:04:52 2007 -0700" }, "message": "knfsd: clean up EX_RDONLY\n\nShare a little common code, reverse the arguments for consistency, drop the\nunnecessary \"inline\", and lowercase the name.\n\nSigned-off-by: \"J. Bruce Fields\" \u003cbfields@citi.umich.edu\u003e\nAcked-by: Neil Brown \u003cneilb@suse.de\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "1269bc69b6649282091bb7007372acf4ab8357fd", "tree": "58cd434f7381332dd8b7331da36f98b40cb69639", "parents": [ "9091224f3cff4721f295df29e8a99705a63bc4c7" ], "author": { "name": "J. Bruce Fields", "email": "bfields@citi.umich.edu", "time": "Tue Jul 17 04:04:52 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Tue Jul 17 10:23:08 2007 -0700" }, "message": "knfsd: nfsd: enforce per-flavor id squashing\n\nAllow root squashing to vary per-pseudoflavor, so that you can (for example)\nallow root access only when sufficiently strong security is in use.\n\nSigned-off-by: \"J. Bruce Fields\" \u003cbfields@citi.umich.edu\u003e\nSigned-off-by: Neil Brown \u003cneilb@suse.de\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "54cceebb679a8d10fa382422aa2035cdc65fe7ce", "tree": "745908146565ba6e936b2faa977c5aa5a4602ed4", "parents": [ "cd15654963cf7e4dd938a403de3ec5bcd09f8350" ], "author": { "name": "NeilBrown", "email": "neilb@suse.de", "time": "Mon Apr 10 22:55:30 2006 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Apr 11 06:18:52 2006 -0700" }, "message": "[PATCH] knfsd: nfsd: nfsd_setuser doesn\u0027t really need to modify rqstp-\u003erq_cred.\n\nIn addition to setting the processes filesystem id\u0027s, nfsd_setuser also\nmodifies the value of the rq_cred which stores the id\u0027s that originally came\nfrom the rpc call, for example to reflect root squashing.\n\nThere\u0027s no real reason to do that--the only case where rqstp-\u003erq_cred is\nactually used later on is in the NFSv4 SETCLIENTID/SETCLIENTID_CONFIRM\noperations, and there the results are the opposite of what we want--those two\noperations don\u0027t deal with the filesystem at all, they only record the\ncredentials used with the rpc call for later reference (so that we may require\nthe same credentials be used on later operations), and the credentials\nshouldn\u0027t vary just because there was or wasn\u0027t a previous operation in the\ncompound that referred to some export\n\nThis fixes a bug which caused mounts from Solaris clients to fail.\n\nSigned-off-by: Andy Adamson \u003candros@citi.umich.edu\u003e\nSigned-off-by: J. Bruce Fields \u003cbfields@citi.umich.edu\u003e\nSigned-off-by: Neil Brown \u003cneilb@suse.de\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "tree": "0bba044c4ce775e45a88a51686b5d9f90697ea9d", "parents": [], "author": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Apr 16 15:20:36 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Apr 16 15:20:36 2005 -0700" }, "message": "Linux-2.6.12-rc2\n\nInitial git repository build. I\u0027m not bothering with the full history,\neven though we have it. We can create a separate \"historical\" git\narchive of that later if we want to, and in the meantime it\u0027s about\n3.2GB when imported into git - space that would just make the early\ngit days unnecessarily complicated, when we don\u0027t have a lot of good\ninfrastructure for it.\n\nLet it rip!\n" } ] }