)]}' { "log": [ { "commit": "d9250dea3f89fe808a525f08888016b495240ed4", "tree": "c4b039ce0b29714e8f4c3bbc6d407adc361cc122", "parents": [ "da31894ed7b654e2e1741e7ac4ef6c15be0dd14b" ], "author": { "name": "KaiGai Kohei", "email": "kaigai@ak.jp.nec.com", "time": "Thu Aug 28 16:35:57 2008 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Aug 29 00:33:33 2008 +1000" }, "message": "SELinux: add boundary support and thread context assignment\n\nThe purpose of this patch is to assign per-thread security context\nunder a constraint. It enables multi-threaded server application\nto kick a request handler with its fair security context, and\nhelps some of userspace object managers to handle user\u0027s request.\n\nWhen we assign a per-thread security context, it must not have wider\npermissions than the original one. Because a multi-threaded process\nshares a single local memory, an arbitary per-thread security context\nalso means another thread can easily refer violated information.\n\nThe constraint on a per-thread security context requires a new domain\nhas to be equal or weaker than its original one, when it tries to assign\na per-thread security context.\n\nBounds relationship between two types is a way to ensure a domain can\nnever have wider permission than its bounds. We can define it in two\nexplicit or implicit ways.\n\nThe first way is using new TYPEBOUNDS statement. It enables to define\na boundary of types explicitly. The other one expand the concept of\nexisting named based hierarchy. If we defines a type with \".\" separated\nname like \"httpd_t.php\", toolchain implicitly set its bounds on \"httpd_t\".\n\nThis feature requires a new policy version.\nThe 24th version (POLICYDB_VERSION_BOUNDARY) enables to ship them into\nkernel space, and the following patch enables to handle it.\n\nSigned-off-by: KaiGai Kohei \u003ckaigai@ak.jp.nec.com\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "b556f8ad58c6e9f8f485c8cef7546e3fc82c382a", "tree": "e7a1c5ce313b6dec9727d69b08b5005dc35709a3", "parents": [ "f09ac9db2aafe36fde9ebd63c8c5d776f6e7bd41" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Fri Apr 18 10:12:59 2008 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Apr 28 06:19:22 2008 -0400" }, "message": "Audit: standardize string audit interfaces\n\nThis patch standardized the string auditing interfaces. No userspace\nchanges will be visible and this is all just cleanup and consistancy\nwork. We have the following string audit interfaces to use:\n\nvoid audit_log_n_hex(struct audit_buffer *ab, const unsigned char *buf, size_t len);\n\nvoid audit_log_n_string(struct audit_buffer *ab, const char *buf, size_t n);\nvoid audit_log_string(struct audit_buffer *ab, const char *buf);\n\nvoid audit_log_n_untrustedstring(struct audit_buffer *ab, const char *string, size_t n);\nvoid audit_log_untrustedstring(struct audit_buffer *ab, const char *string);\n\nThis may be the first step to possibly fixing some of the issues that\npeople have with the string output from the kernel audit system. But we\nstill don\u0027t have an agreed upon solution to that problem.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "618442509128fe4514be94de70ce54075cd9a706", "tree": "9aea814978791abd8c4f9a5c60de879b2811c063", "parents": [ "0f5e64200f20fc8f5b759c4010082f577ab0af3f" ], "author": { "name": "Paul E. McKenney", "email": "paulmck@linux.vnet.ibm.com", "time": "Mon Apr 21 18:12:33 2008 -0700" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Apr 22 15:37:23 2008 +1000" }, "message": "SELinux fixups needed for preemptable RCU from -rt\n\nThe attached patch needs to move from -rt to mainline given preemptable RCU.\nThis patch fixes SELinux code that implicitly assumes that disabling\npreemption prevents an RCU grace period from completing, an assumption that\nis valid for Classic RCU, but not necessarily for preemptable RCU. Explicit\nrcu_read_lock() calls are thus added.\n\nSigned-off-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nAcked-by: Steven Rostedt \u003csrostedt@redhat.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "95fff33b8e306a4331024bbd31c0999d5bf48fcf", "tree": "822da169332912a8149a7947388347118d7921bf", "parents": [ "1872981b51dac9d1f5bcae17803bf368f7fa19cd" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 17 14:42:10 2008 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Apr 21 19:12:02 2008 +1000" }, "message": "SELinux: one little, two little, three little whitespaces, the avc.c saga.\n\navc.c was bad. It had whitespace and syntax issues which are against\nour coding style. I have had a little chat with it and the result of\nthat conversation looked like this patch.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "744ba35e455b0d5cf4f85208a8ca0edcc9976b95", "tree": "1b242324aeba16d07e1a3811df041969c10422a6", "parents": [ "11670889380b144adfa5a91dc184c8f6300c4b28" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 17 11:52:44 2008 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Apr 21 19:09:26 2008 +1000" }, "message": "SELinux: clean up printks\n\nMake sure all printk start with KERN_*\nMake sure all printk end with \\n\nMake sure all printk have the word \u0027selinux\u0027 in them\nChange \"function name\" to \"%s\", __func__ (found 2 wrong)\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "64dbf07474d011540ca479a2e87fe998f570d6e3", "tree": "364ae3f3a29f06246dd2097674586fe508c4445f", "parents": [ "0356357c5158c71d4cbf20196b2f784435dd916c" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Mar 31 12:17:33 2008 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Apr 18 20:26:11 2008 +1000" }, "message": "selinux: introduce permissive types\n\nIntroduce the concept of a permissive type. A new ebitmap is introduced to\nthe policy database which indicates if a given type has the permissive bit\nset or not. This bit is tested for the scontext of any denial. The bit is\nmeaningless on types which only appear as the target of a decision and never\nthe source. A domain running with a permissive type will be allowed to\nperform any action similarly to when the system is globally set permissive.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "eda4f69ca5a532b425db5a6c2c6bc50717b9b5fe", "tree": "09b74e5637218c64588e523d6d264fae0b9cb771", "parents": [ "f0115e6c8980ea9125a17858291c90ecd990bc1c" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Tue Mar 11 14:19:34 2008 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Apr 18 20:26:09 2008 +1000" }, "message": "SELinux: requesting no permissions in avc_has_perm_noaudit is a BUG()\n\nThis patch turns the case where we have a call into avc_has_perm with no\nrequested permissions into a BUG_ON. All callers to this should be in\nthe kernel and thus should be a function we need to fix if we ever hit\nthis. The /selinux/access permission checking it done directly in the\nsecurity server and not through the avc, so those requests which we\ncannot control from userspace should not be able to trigger this BUG_ON.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Stephen D. Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "44707fdf5938ad269ea5d6c5744d82f6a7328746", "tree": "7eb1704418eb41b859ad24bc48f6400135474d87", "parents": [ "a03a8a709a0c34b61b7aea1d54a0473a6b941fdb" ], "author": { "name": "Jan Blunck", "email": "jblunck@suse.de", "time": "Thu Feb 14 19:38:33 2008 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Thu Feb 14 21:17:08 2008 -0800" }, "message": "d_path: Use struct path in struct avc_audit_data\n\naudit_log_d_path() is a d_path() wrapper that is used by the audit code. To\nuse a struct path in audit_log_d_path() I need to embed it into struct\navc_audit_data.\n\n[akpm@linux-foundation.org: coding-style fixes]\nSigned-off-by: Jan Blunck \u003cjblunck@suse.de\u003e\nAcked-by: Christoph Hellwig \u003chch@infradead.org\u003e\nCc: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: \"J. Bruce Fields\" \u003cbfields@fieldses.org\u003e\nCc: Neil Brown \u003cneilb@suse.de\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "da5645a28a15aed2e541a814ecf9f7ffcd4c4673", "tree": "8cedccebd0e12308de30573ad593d703943e3cbb", "parents": [ "e8bfdb9d0dfc1231a6a71e849dfbd4447acdfff6" ], "author": { "name": "Paul Moore", "email": "paul.moore@hp.com", "time": "Tue Jan 29 08:38:10 2008 -0500" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jan 30 08:17:22 2008 +1100" }, "message": "SELinux: Only store the network interface\u0027s ifindex\n\nInstead of storing the packet\u0027s network interface name store the ifindex. This\nallows us to defer the need to lookup the net_device structure until the audit\nrecord is generated meaning that in the majority of cases we never need to\nbother with this at all.\n\nSigned-off-by: Paul Moore \u003cpaul.moore@hp.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "788e7dd4c22e6f41b3a118fd8c291f831f6fddbb", "tree": "cbe2d2a360aaf7dc243bef432e1c50507ae6db7b", "parents": [ "3232c110b56bd01c5f0fdfd16b4d695f2e05b0a9" ], "author": { "name": "Yuichi Nakamura", "email": "ynakam@hitachisoft.jp", "time": "Fri Sep 14 09:27:07 2007 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Oct 17 08:59:31 2007 +1000" }, "message": "SELinux: Improve read/write performance\n\nIt reduces the selinux overhead on read/write by only revalidating\npermissions in selinux_file_permission if the task or inode labels have\nchanged or the policy has changed since the open-time check. A new LSM\nhook, security_dentry_open, is added to capture the necessary state at open\ntime to allow this optimization.\n\n(see http://marc.info/?l\u003dselinux\u0026m\u003d118972995207740\u0026w\u003d2)\n\nSigned-off-by: Yuichi Nakamura\u003cynakam@hitachisoft.jp\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "4259fa01a2d2aa3e589b34ba7624080232d9c1ff", "tree": "3aa83d784c4db22f3b62e4d963757497555c5e5c", "parents": [ "74f2345b6be1410f824cb7dd638d2c10a9709379" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Thu Jun 07 11:13:31 2007 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sun Jul 22 09:57:02 2007 -0400" }, "message": "[PATCH] get rid of AVC_PATH postponed treatment\n\n Selinux folks had been complaining about the lack of AVC_PATH\nrecords when audit is disabled. I must admit my stupidity - I assumed\nthat avc_audit() really couldn\u0027t use audit_log_d_path() because of\ndeadlocks (\u003d\u003d could be called with dcache_lock or vfsmount_lock held).\nShouldn\u0027t have made that assumption - it never gets called that way.\nIt _is_ called under spinlocks, but not those.\n\n Since audit_log_d_path() uses ab-\u003egfp_mask for allocations,\nkmalloc() in there is not a problem. IOW, the simple fix is sufficient:\nlet\u0027s rip AUDIT_AVC_PATH out and simply generate pathname as part of main\nrecord. It\u0027s trivial to do.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "20c2df83d25c6a95affe6157a4c9cac4cf5ffaac", "tree": "415c4453d2b17a50abe7a3e515177e1fa337bd67", "parents": [ "64fb98fc40738ae1a98bcea9ca3145b89fb71524" ], "author": { "name": "Paul Mundt", "email": "lethal@linux-sh.org", "time": "Fri Jul 20 10:11:58 2007 +0900" }, "committer": { "name": "Paul Mundt", "email": "lethal@linux-sh.org", "time": "Fri Jul 20 10:11:58 2007 +0900" }, "message": "mm: Remove slab destructors from kmem_cache_create().\n\nSlab destructors were no longer supported after Christoph\u0027s\nc59def9f222d44bb7e2f0a559f2906191a0862d7 change. They\u0027ve been\nBUGs for both slab and slub, and slob never supported them\neither.\n\nThis rips out support for the dtor pointer from kmem_cache_create()\ncompletely and fixes up every single callsite in the kernel (there were\nabout 224, not including the slab allocator definitions themselves,\nor the documentation references).\n\nSigned-off-by: Paul Mundt \u003clethal@linux-sh.org\u003e\n" }, { "commit": "13bddc2e9d591e31bf20020dc19ea6ca85de420e", "tree": "b813a0a060439c4cfb84c93dc14307179465829b", "parents": [ "2c3c05dbcbc7b9d71549fe0e2b249f10f5a66518" ], "author": { "name": "Tobias Oed", "email": "tobias.oed@octant-fr.com", "time": "Mon Jun 11 08:56:31 2007 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jul 11 22:52:27 2007 -0400" }, "message": "SELinux: Use %lu for inode-\u003ei_no when printing avc\n\nInode numbers are unsigned long and so need to %lu as format string of printf.\n\nSigned-off-by: Tobias Oed \u003ctobias.oed@octant-fr.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2c3c05dbcbc7b9d71549fe0e2b249f10f5a66518", "tree": "bab75df9fafc435f3370a6d773d3284716347249", "parents": [ "9dc9978084ea2a96b9f42752753d9e38a9f9d7b2" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Thu Jun 07 15:34:10 2007 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jul 11 22:52:25 2007 -0400" }, "message": "SELinux: allow preemption between transition permission checks\n\nIn security_get_user_sids, move the transition permission checks\noutside of the section holding the policy rdlock, and use the AVC to\nperform the checks, calling cond_resched after each one. These\nchanges should allow preemption between the individual checks and\nenable caching of the results. It may however increase the overall\ntime spent in the function in some cases, particularly in the cache\nmiss case.\n\nThe long term fix will be to take much of this logic to userspace by\nexporting additional state via selinuxfs, and ultimately deprecating\nand eliminating this interface from the kernel.\n\nTested-by: Ingo Molnar \u003cmingo@elte.hu\u003e\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a764ae4b0781fac75f9657bc737c37ae59888389", "tree": "eaff75fefa79a5db1713bf37d465ecc6dfbb2be4", "parents": [ "4f6a993f96a256e83b9be7612f958c7bc4ca9f00" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Mon Mar 26 13:36:26 2007 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Apr 26 01:35:58 2007 -0400" }, "message": "selinux: remove userland security class and permission definitions\n\nRemove userland security class and permission definitions from the kernel\nas the kernel only needs to use and validate its own class and permission\ndefinitions and userland definitions may change.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c376222960ae91d5ffb9197ee36771aaed1d9f90", "tree": "7f431c42529fec77433d33490bd9f2a8c47ba091", "parents": [ "1b135431abf5ea92e61bf4e91d93726c7b96da5f" ], "author": { "name": "Robert P. J. Day", "email": "rpjday@mindspring.com", "time": "Sat Feb 10 01:45:03 2007 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Sun Feb 11 10:51:27 2007 -0800" }, "message": "[PATCH] Transform kmem_cache_alloc()+memset(0) -\u003e kmem_cache_zalloc().\n\nReplace appropriate pairs of \"kmem_cache_alloc()\" + \"memset(0)\" with the\ncorresponding \"kmem_cache_zalloc()\" call.\n\nSigned-off-by: Robert P. J. Day \u003crpjday@mindspring.com\u003e\nCc: \"Luck, Tony\" \u003ctony.luck@intel.com\u003e\nCc: Andi Kleen \u003cak@muc.de\u003e\nCc: Roland McGrath \u003croland@redhat.com\u003e\nCc: James Bottomley \u003cJames.Bottomley@steeleye.com\u003e\nCc: Greg KH \u003cgreg@kroah.com\u003e\nAcked-by: Joel Becker \u003cJoel.Becker@oracle.com\u003e\nCc: Steven Whitehouse \u003cswhiteho@redhat.com\u003e\nCc: Jan Kara \u003cjack@ucw.cz\u003e\nCc: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: \"David S. Miller\" \u003cdavem@davemloft.net\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Chris Wright \u003cchrisw@sous-sol.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "e18b890bb0881bbab6f4f1a6cd20d9c60d66b003", "tree": "4828be07e1c24781c264b42c5a75bcd968223c3f", "parents": [ "441e143e95f5aa1e04026cb0aa71c801ba53982f" ], "author": { "name": "Christoph Lameter", "email": "clameter@sgi.com", "time": "Wed Dec 06 20:33:20 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.osdl.org", "time": "Thu Dec 07 08:39:25 2006 -0800" }, "message": "[PATCH] slab: remove kmem_cache_t\n\nReplace all uses of kmem_cache_t with struct kmem_cache.\n\nThe patch was generated using the following script:\n\n\t#!/bin/sh\n\t#\n\t# Replace one string by another in all the kernel sources.\n\t#\n\n\tset -e\n\n\tfor file in `find * -name \"*.c\" -o -name \"*.h\"|xargs grep -l $1`; do\n\t\tquilt add $file\n\t\tsed -e \"1,\\$s/$1/$2/g\" $file \u003e/tmp/$$\n\t\tmv /tmp/$$ $file\n\t\tquilt refresh\n\tdone\n\nThe script was run like this\n\n\tsh replace kmem_cache_t \"struct kmem_cache\"\n\nSigned-off-by: Christoph Lameter \u003cclameter@sgi.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "54e6ecb23951b195d02433a741c7f7cb0b796c78", "tree": "c8885c49f37c8d383945b8af69d51597494ed62c", "parents": [ "f7267c0c0721fd02ad3dc37c3d6dd24ccd81d4d6" ], "author": { "name": "Christoph Lameter", "email": "clameter@sgi.com", "time": "Wed Dec 06 20:33:16 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.osdl.org", "time": "Thu Dec 07 08:39:24 2006 -0800" }, "message": "[PATCH] slab: remove SLAB_ATOMIC\n\nSLAB_ATOMIC is an alias of GFP_ATOMIC\n\nSigned-off-by: Christoph Lameter \u003cclameter@sgi.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "87fcd70d983d30eca4b933fff2e97d9a31743d0a", "tree": "2c79943f7691f80123af0145a8909f14011b0761", "parents": [ "91f433cacc9d1ae95ae46ce26d7bcf3a724c72d0" ], "author": { "name": "Al Viro", "email": "viro@hera.kernel.org", "time": "Mon Dec 04 22:00:55 2006 +0000" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.osdl.org", "time": "Mon Dec 04 19:32:44 2006 -0800" }, "message": "[PATCH] selinux endianness annotations\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "5c45899879e8caadb78f04c9c639f4c2025b9f00", "tree": "ee47228ccb816e523ac1051cfe41927059bc5ef9", "parents": [ "5a64d4438ed1e759ccd30d9e90842bf360f19298" ], "author": { "name": "Chad Sellers", "email": "csellers@tresys.com", "time": "Mon Nov 06 12:38:16 2006 -0500" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Nov 28 12:04:36 2006 -0500" }, "message": "SELinux: export object class and permission definitions\n\nMoves the definition of the 3 structs containing object class and\npermission definitions from avc.c to avc_ss.h so that the security\nserver can access them for validation on policy load. This also adds\na new struct type, defined_classes_perms_t, suitable for allowing the\nsecurity server to access these data structures from the avc.\n\nSigned-off-by: Chad Sellers \u003ccsellers@tresys.com\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "376bd9cb357ec945ac893feaeb63af7370a6e70b", "tree": "7e2848792982dfe30e19a600a41fa5cb49ee6e6e", "parents": [ "97e94c453073a2aba4bb5e0825ddc5e923debf11" ], "author": { "name": "Darrel Goeddel", "email": "dgoeddel@trustedcs.com", "time": "Fri Feb 24 15:44:05 2006 -0600" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon May 01 06:06:24 2006 -0400" }, "message": "[PATCH] support for context based audit filtering\n\nThe following patch provides selinux interfaces that will allow the audit\nsystem to perform filtering based on the process context (user, role, type,\nsensitivity, and clearance). These interfaces will allow the selinux\nmodule to perform efficient matches based on lower level selinux constructs,\nrather than relying on context retrievals and string comparisons within\nthe audit module. It also allows for dominance checks on the mls portion\nof the contexts that are impossible with only string comparisons.\n\nSigned-off-by: Darrel Goeddel \u003cdgoeddel@trustedcs.com\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "99f6d61bda82d09b2d94414d413d39f66a0b7da2", "tree": "7e204d1b3ffa642889905aa3a86c84d98e0c0af9", "parents": [ "46cd2f32baf181b74b16cceb123bab6fe1f61f85" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Tue Feb 07 12:58:51 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Feb 07 16:12:33 2006 -0800" }, "message": "[PATCH] selinux: require AUDIT\n\nMake SELinux depend on AUDIT as it requires the basic audit support to log\npermission denials at all. Note that AUDITSYSCALL remains optional for\nSELinux, although it can be useful in providing further information upon\ndenials.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "46b86a2da0fd14bd49765330df63a62279833acb", "tree": "069b4741a970db9b03772a870b4d63398b1f56e0", "parents": [ "23b0ca5bf52cef0ab0f0fe247cb91cbef836e7eb" ], "author": { "name": "Joe Perches", "email": "joe@perches.com", "time": "Fri Jan 13 14:29:07 2006 -0800" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Fri Jan 13 14:29:07 2006 -0800" }, "message": "[NET]: Use NIP6_FMT in kernel.h\n\nThere are errors and inconsistency in the display of NIP6 strings.\n\tie: net/ipv6/ip6_flowlabel.c\n\nThere are errors and inconsistency in the display of NIPQUAD strings too.\n\tie: net/netfilter/nf_conntrack_ftp.c\n\nThis patch:\n\tadds NIP6_FMT to kernel.h\n\tchanges all code to use NIP6_FMT\n\tfixes net/ipv6/ip6_flowlabel.c\n\tadds NIPQUAD_FMT to kernel.h\n\tfixes net/netfilter/nf_conntrack_ftp.c\n\tchanges a few uses of \"%u.%u.%u.%u\" to NIPQUAD_FMT for symmetry to NIP6_FMT\n\nSigned-off-by: Joe Perches \u003cjoe@perches.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "5d54e69c68c05b162a56f9914cae72afd7e6f40a", "tree": "c5933858c4861bc3e358559f64ef459a1f56ab75", "parents": [ "63f3d1df1ad276a30b75339dd682a6e1f9d0c181", "b6ddc518520887a62728b0414efbf802a9dfdd55" ], "author": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Sep 13 09:47:30 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Sep 13 09:47:30 2005 -0700" }, "message": "Merge master.kernel.org:/pub/scm/linux/kernel/git/dwmw2/audit-2.6 \n" }, { "commit": "b5bf6c55edf94e9c7fc01724d5b271f78eaf1d3f", "tree": "0f2be4478fa5886f467fce8b4a8d56b5e8dbed46", "parents": [ "782ebb992ec20b5afdd5786ee8c2f1b58b631f24" ], "author": { "name": "Alexey Dobriyan", "email": "adobriyan@gmail.com", "time": "Sat Sep 03 15:55:17 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@evo.osdl.org", "time": "Mon Sep 05 00:05:51 2005 -0700" }, "message": "[PATCH] selinux: endian notations\n\nThis patch adds endian notations to the SELinux code.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "9ad9ad385be27fcc7c16d290d972c6173e780a61", "tree": "bbca700c2d88ba421a6c9c348de367eaf4de0e2c", "parents": [ "177bbc733a1d9c935bc3d6efd776a6699b29b1ca" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed Jun 22 15:04:33 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed Jun 22 15:04:33 2005 +0100" }, "message": "AUDIT: Wait for backlog to clear when generating messages.\n\nAdd a gfp_mask to audit_log_start() and audit_log(), to reduce the\namount of GFP_ATOMIC allocation -- most of it doesn\u0027t need to be \nGFP_ATOMIC. Also if the mask includes __GFP_WAIT, then wait up to\n60 seconds for the auditd backlog to clear instead of immediately \nabandoning the message. \n\nThe timeout should probably be made configurable, but for now it\u0027ll \nsuffice that it only happens if auditd is actually running.\n\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "37ca5389b863e5ffba6fb7c22331bf57dbf7764a", "tree": "4869477a27fbd8ad91b0ce42f0b2e4b6817e5105", "parents": [ "99e45eeac867d51ff3395dcf3d7aedf5ac2812c8" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Tue May 24 21:28:28 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Tue May 24 21:28:28 2005 +0100" }, "message": "AUDIT: Fix remaining cases of direct logging of untrusted strings by avc_audit\n\nPer Steve Grubb\u0027s observation that there are some remaining cases where\navc_audit() directly logs untrusted strings without escaping them, here\nis a patch that changes avc_audit() to use audit_log_untrustedstring()\nor audit_log_hex() as appropriate. Note that d_name.name is nul-\nterminated by d_alloc(), and that sun_path is nul-terminated by\nunix_mkname(), so it is not necessary for the AVC to create nul-\nterminated copies or to alter audit_log_untrustedstring to take a length\nargument. In the case of an abstract name, we use audit_log_hex() with\nan explicit length.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "7b5d781ce1f19fb7382d3d3fb7af48e429bed12d", "tree": "8ab8eef2e8c3629c46d29ffb9c618d87c5e1a02c", "parents": [ "326e9c8ba6a149f47e020719b23b24a14ba740d6" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Sat May 21 16:52:57 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Sat May 21 16:52:57 2005 +0100" }, "message": "Fix oops due to thinko in avc_audit()\n\nWhen I added the logging of pid\u003d and comm\u003d back to avc_audit() I \nscrewed it up. Put it back how it should be.\n\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "011161051bbc25f7f8b7df059dbd934c534443f0", "tree": "f1ca3727e4130cacad86dfdae65e7533fcb67784", "parents": [ "fb19b4c6aa024837a0071f07baa07dbf49d07151" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Sat May 21 00:15:52 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Sat May 21 00:15:52 2005 +0100" }, "message": "AUDIT: Avoid sleeping function in SElinux AVC audit.\n\nThis patch changes the SELinux AVC to defer logging of paths to the audit\nframework upon syscall exit, by saving a reference to the (dentry,vfsmount)\npair in an auxiliary audit item on the current audit context for processing\nby audit_log_exit.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "cd77b8212d5473b800ac865364981d334ff564ea", "tree": "334f44b05fc02039d67de5f9bfc26765e754b727", "parents": [ "b7d1125817c9a46cc46f57db89d9c195e7af22f8" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Thu May 19 11:18:24 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Thu May 19 11:18:24 2005 +0100" }, "message": "Restore logging of pid\u003d and comm\u003d in AVC audit messages\n\nWe turned this all off because the \u0027exe\u003d\u0027 was causing deadlocks on\ndcache_lock. There\u0027s no need to leave the pid and comm out though. \nThey\u0027ll all be logged correctly if full auditing is enabled, but we\nshould still print them in case auditing _isn\u0027t_ enabled.\n\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "c04049939f88b29e235d2da217bce6e8ead44f32", "tree": "9bf3ab72b9939c529e7c96f8768bc8b7e1d768c9", "parents": [ "9ea74f0655412d0fbd12bf9adb6c14c8fe707a42" ], "author": { "name": "Steve Grubb", "email": "sgrubb@redhat.com", "time": "Fri May 13 18:17:42 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Fri May 13 18:17:42 2005 +0100" }, "message": "AUDIT: Add message types to audit records\n\nThis patch adds more messages types to the audit subsystem so that audit \nanalysis is quicker, intuitive, and more useful.\n\nSigned-off-by: Steve Grubb \u003csgrubb@redhat.com\u003e\n---\nI forgot one type in the big patch. I need to add one for user space \noriginating SE Linux avc messages. This is used by dbus and nscd.\n\n-Steve\n---\nUpdated to 2.6.12-rc4-mm1.\n-dwmw2\n\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "c1b773d87eadc3972d697444127e89a7291769a2", "tree": "edfce2e842c3b6be70f3b90584507aab9fb3de8f", "parents": [ "197c69c6afd2deb7eec44040ff533d90d26c6161" ], "author": { "name": "Chris Wright", "email": "chrisw@osdl.org", "time": "Wed May 11 10:55:10 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed May 11 10:55:10 2005 +0100" }, "message": "Add audit_log_type\n\nAdd audit_log_type to allow callers to specify type and pid when logging.\nConvert audit_log to wrapper around audit_log_type. Could have\nconverted all audit_log callers directly, but common case is default\nof type AUDIT_KERNEL and pid 0. Update audit_log_start to take type\nand pid values when creating a new audit_buffer. Move sequences that\ndid audit_log_start, audit_log_format, audit_set_type, audit_log_end,\nto simply call audit_log_type directly. This obsoletes audit_set_type\nand audit_set_pid, so remove them.\n\nSigned-off-by: Chris Wright \u003cchrisw@osdl.org\u003e\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "219f0817038cabc722968e914490adf6b686499e", "tree": "13b64537abe906645ee22843e146e21958236219", "parents": [ "865108d13801d39ec038bdc82b5bec5e1eaffa9d" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Mon Apr 18 10:47:35 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Mon Apr 18 10:47:35 2005 -0700" }, "message": "[PATCH] SELinux: fix deadlock on dcache lock\n\nThis fixes a deadlock on the dcache lock detected during testing at IBM\nby moving the logging of the current executable information from the\nSELinux avc_audit function to audit_log_exit (via an audit_log_task_info\nhelper) for processing upon syscall exit. \n\nFor consistency, the patch also removes the logging of other\ntask-related information from avc_audit, deferring handling to\naudit_log_exit instead. \n\nThis allows simplification of the avc_audit code, allows the exe\ninformation to be obtained more reliably, always includes the comm\ninformation (useful for scripts), and avoids including bogus task\ninformation for checks performed from irq or softirq. \n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "tree": "0bba044c4ce775e45a88a51686b5d9f90697ea9d", "parents": [], "author": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Apr 16 15:20:36 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Apr 16 15:20:36 2005 -0700" }, "message": "Linux-2.6.12-rc2\n\nInitial git repository build. I\u0027m not bothering with the full history,\neven though we have it. We can create a separate \"historical\" git\narchive of that later if we want to, and in the meantime it\u0027s about\n3.2GB when imported into git - space that would just make the early\ngit days unnecessarily complicated, when we don\u0027t have a lot of good\ninfrastructure for it.\n\nLet it rip!\n" } ] }