)]}' { "log": [ { "commit": "484ca79c653121d3c79fffb86e1deea724f2e20b", "tree": "457aa73e37c9b5e5b4306430f40d1985b59ca226", "parents": [ "4d6ec10bb4461fdc9a9ab94ef32934e13564e873" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jul 29 14:29:55 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:38:38 2010 +1000" }, "message": "TOMOYO: Use pathname specified by policy rather than execve()\n\nCommit c9e69318 \"TOMOYO: Allow wildcard for execute permission.\" changed execute\npermission and domainname to accept wildcards. But tomoyo_find_next_domain()\nwas using pathname passed to execve() rather than pathname specified by the\nexecute permission. As a result, processes were not able to transit to domains\nwhich contain wildcards in their domainnames.\n\nThis patch passes pathname specified by the execute permission back to\ntomoyo_find_next_domain() so that processes can transit to domains which\ncontain wildcards in their domainnames.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0849e3ba53c3ef603dffa9758a73e07ed186a937", "tree": "5aaaa02db9be90287bfcc6e00e48d0b50c18d6cd", "parents": [ "e2bf69077acefee5247bb661faac2552d29ba7ba" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jun 25 12:22:09 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:55 2010 +1000" }, "message": "TOMOYO: Add missing poll() hook.\n\nCommit 1dae08c \"TOMOYO: Add interactive enforcing mode.\" forgot to register\npoll() hook. As a result, /usr/sbin/tomoyo-queryd was doing busy loop.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "e2bf69077acefee5247bb661faac2552d29ba7ba", "tree": "946adb588df8647f2476fb2f66996e6231521687", "parents": [ "8e5686874bcb882f69d5c04e6b38dc92b97facea" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jun 25 11:16:00 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:54 2010 +1000" }, "message": "TOMOYO: Rename symbols.\n\nUse shorter name in order to make it easier to fit 80 columns limit.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "f23571e866309a2048030ef6a5f0725cf139d4c9", "tree": "0116bcef462f367307b2db927b249b7ce21039c2", "parents": [ "5db5a39b6462c8360c9178b28f4b07c320dfca1c" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 24 14:57:16 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:45 2010 +1000" }, "message": "TOMOYO: Copy directly to userspace buffer.\n\nWhen userspace program reads policy from /sys/kernel/security/tomoyo/\ninterface, TOMOYO uses line buffered mode. A line has at least one word.\n\nCommit 006dacc \"TOMOYO: Support longer pathname.\" changed a word\u0027s max length\nfrom 4000 bytes to max kmalloc()able bytes. By that commit, a line\u0027s max length\nchanged from 8192 bytes to more than max kmalloc()able bytes.\n\nMax number of words in a line remains finite. This patch changes the way of\nbuffering so that all words in a line are firstly directly copied to userspace\nbuffer as much as possible and are secondly queued for next read request.\nWords queued are guaranteed to be valid until /sys/kernel/security/tomoyo/\ninterface is close()d.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "063821c8160568b3390044390c8328e36c5696ad", "tree": "68a61753cdc6b0edaf0358eebdea8c20aaa713b1", "parents": [ "475e6fa3d340e75a454ea09191a29e52e2ee6e71" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 24 12:00:25 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:44 2010 +1000" }, "message": "TOMOYO: Allow reading only execute permission.\n\nPolicy editor needs to know allow_execute entries in order to build domain\ntransition tree. Reading all entries is slow. Thus, allow reading only\nallow_execute entries.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "475e6fa3d340e75a454ea09191a29e52e2ee6e71", "tree": "44e8222ec250f8573199fc3132eaeb2f8922f85e", "parents": [ "5448ec4f5062ef75ce74f8d7784d4cea9c46ad00" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 24 11:28:14 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:44 2010 +1000" }, "message": "TOMOYO: Change list iterator.\n\nChange list_for_each_cookie to\n\n(1) start from current position rather than next position\n(2) remove temporary cursor\n(3) check that srcu_read_lock() is held\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5448ec4f5062ef75ce74f8d7784d4cea9c46ad00", "tree": "c4c742b928c799e03328e345e1d4af738f315afb", "parents": [ "0617c7ff34dc9b1d641640c3953274bb2dbe21a6" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon Jun 21 11:14:39 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:43 2010 +1000" }, "message": "TOMOYO: Use common code for domain transition control.\n\nUse common code for \"initialize_domain\"/\"no_initialize_domain\"/\"keep_domain\"/\n\"no_keep_domain\" keywords.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0617c7ff34dc9b1d641640c3953274bb2dbe21a6", "tree": "6be51af32ad65380aff9b7fa385f65ef15b3d53b", "parents": [ "7c2ea22e3c5463627ca98924cd65cb9e480dc29c" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon Jun 21 09:58:53 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:42 2010 +1000" }, "message": "TOMOYO: Remove alias keyword.\n\nSome programs behave differently depending on argv[0] passed to execve().\nTOMOYO has \"alias\" keyword in order to allow administrators to define different\ndomains if requested pathname passed to execve() is a symlink. But \"alias\"\nkeyword is incomplete because this keyword assumes that requested pathname and\nargv[0] are identical. Thus, remove \"alias\" keyword (by this patch) and add\nsyntax for checking argv[0] (by future patches).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7c2ea22e3c5463627ca98924cd65cb9e480dc29c", "tree": "3a105a08cf75c77689bdfe890c64f9ae433748b9", "parents": [ "31845e8c6d3f4f26702e567c667277f9fd1f73a3" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 17 16:55:58 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:42 2010 +1000" }, "message": "TOMOYO: Merge path_group and number_group.\n\nUse common code for \"path_group\" and \"number_group\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "31845e8c6d3f4f26702e567c667277f9fd1f73a3", "tree": "5c457513fcdae4e7e39b19d36e1698ae298ce8d4", "parents": [ "a230f9e7121cbcbfe23bd5a630abf6b53cece555" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 17 16:54:33 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:41 2010 +1000" }, "message": "TOMOYO: Aggregate reader functions.\n\nNow lists are accessible via array index. Aggregate reader functions using index.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a230f9e7121cbcbfe23bd5a630abf6b53cece555", "tree": "a81820f41d57ffd8704aaef4331f696030d7ba77", "parents": [ "a98aa4debe2728abb3353e35fc5d110dcc0d7f0d" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 17 16:53:24 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:40 2010 +1000" }, "message": "TOMOYO: Use array of \"struct list_head\".\n\nAssign list id and make the lists as array of \"struct list_head\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a98aa4debe2728abb3353e35fc5d110dcc0d7f0d", "tree": "0334194761e26961339dd126e997c23e4060ce72", "parents": [ "5fb49870e6d48d81d8ca0e1ef979073dc9a820f7" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 17 16:52:29 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:40 2010 +1000" }, "message": "TOMOYO: Merge tomoyo_path_group and tomoyo_number_group\n\n\"struct tomoyo_path_group\" and \"struct tomoyo_number_group\" are identical.\nRename tomoyo_path_group/tomoyo_number_group to tomoyo_group and\ntomoyo_path_group_member to tomoyo_path_group and\ntomoyo_number_group_member to tomoyo_unmber_group.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "8fbe71f0e0ac28a39e4a93694c34d670c2f31e88", "tree": "95dc6db6aaaa31a8876bc99c1531bfc26d0e838c", "parents": [ "cb917cf517075a357ce43b74e8a5a57f2c69a734" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Jun 16 16:29:59 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:35 2010 +1000" }, "message": "TOMOYO: Make read function to void.\n\nRead functions do not fail. Make them from int to void.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "71c282362d0672235c5205a7db1f3ac3fcf32981", "tree": "b359947179fad844767fc5b54a0761b7353babc1", "parents": [ "d795ef9e751b72c94600c91e31bdaef55987a9f6" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Jun 16 16:26:38 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:34 2010 +1000" }, "message": "TOMOYO: Remove wrapper function for reading keyword.\n\nKeyword strings are read-only. We can directly access them to reduce code size.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "75093152a97ee0ec281895b4f6229ff3c481fd64", "tree": "960bdf1d441f43c2dfa3c4d54c48af5fc524a1a8", "parents": [ "99a852596beb26cc449ca1a79834c107ef4080e1" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Jun 16 16:23:55 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:33 2010 +1000" }, "message": "TOMOYO: Rename symbols.\n\nUse shorter name in order to make it easier to fix 80 columns limit.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "99a852596beb26cc449ca1a79834c107ef4080e1", "tree": "8d593b0af85f6cbbfe73b916f7449148ccf93133", "parents": [ "cf6e9a6468ec82a94cbc707b607452ec4454182c" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Jun 16 16:22:51 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:32 2010 +1000" }, "message": "TOMOYO: Use callback for permission check.\n\nWe can use callback function since parameters are passed via\n\"const struct tomoyo_request_info\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "cf6e9a6468ec82a94cbc707b607452ec4454182c", "tree": "6b289c8575f1915395d3c1348d473ab07fbe34a8", "parents": [ "05336dee9f5a23c042e5938b42f996dd35e31ee6" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Jun 16 16:21:36 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:32 2010 +1000" }, "message": "TOMOYO: Pass parameters via structure.\n\nTo make it possible to use callback function, pass parameters via\n\"struct tomoyo_request_info\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "05336dee9f5a23c042e5938b42f996dd35e31ee6", "tree": "c5dd4abb5bf15e06b399aa1b1e5db56bd848c762", "parents": [ "9ee0c823c18119914283358b35a1c3ebb14c2f90" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Jun 16 16:20:24 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:31 2010 +1000" }, "message": "TOMOYO: Use common code for open and mkdir etc.\n\ntomoyo_file_perm() and tomoyo_path_permission() are similar.\nWe can embed tomoyo_file_perm() into tomoyo_path_permission().\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "36f5e1ffbf2bb951105ae4e261bcc1de3eaf510c", "tree": "80e01278296477b4d30288081267d35ff771d720", "parents": [ "82e0f001a4c1112dcff9cafa9812a33889ad9b8a" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Jun 15 09:23:26 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:29 2010 +1000" }, "message": "TOMOYO: Use callback for updating entries.\n\nUse common code for elements using \"struct list_head\" + \"bool\" structure.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "82e0f001a4c1112dcff9cafa9812a33889ad9b8a", "tree": "55c7e99f8773129b602f837f0c79f8d542021195", "parents": [ "237ab459f12cb98eadd3fe7b85343e183a1076a4" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Jun 15 09:22:42 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:28 2010 +1000" }, "message": "TOMOYO: Use common structure for list element.\n\nUse common \"struct list_head\" + \"bool\" structure.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "237ab459f12cb98eadd3fe7b85343e183a1076a4", "tree": "f2835e2945016beb4e29b6a2ed8f9d372dc1b412", "parents": [ "927942aabbbe506bf9bc70a16dc5460ecc64c148" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sat Jun 12 20:46:22 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:28 2010 +1000" }, "message": "TOMOYO: Use callback for updating entries.\n\nUse common \"struct list_head\" + \"bool\" + \"u8\" structure and\nuse common code for elements using that structure.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "57c2590fb7fd38bd52708ff2716a577d0c2b3c5a", "tree": "19db2e176e1e49d85482995249ba18aebbb8f7eb", "parents": [ "1084307ca097745ed6e40a192329b133a49271ac" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 03 20:38:44 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:43 2010 +1000" }, "message": "TOMOYO: Update profile structure.\n\nThis patch allows users to change access control mode for per-operation basis.\nThis feature comes from non LSM version of TOMOYO which is designed for\npermitting users to use SELinux and TOMOYO at the same time.\n\nSELinux does not care filename in a directory whereas TOMOYO does. Change of\nfilename can change how the file is used. For example, renaming index.txt to\n.htaccess will change how the file is used. Thus, letting SELinux to enforce\nread()/write()/mmap() etc. restriction and letting TOMOYO to enforce rename()\nrestriction is an example usage of this feature.\n\nWhat is unfortunate for me is that currently LSM does not allow users to use\nSELinux and LSM version of TOMOYO at the same time...\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "1084307ca097745ed6e40a192329b133a49271ac", "tree": "f3b2e81705afb4ca3006ebb931aa0aad426ace02", "parents": [ "3f629636320dfa65804779a3fc333f3147f3b064" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 03 20:38:03 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:42 2010 +1000" }, "message": "TOMOYO: Add pathname aggregation support.\n\nThis patch allows users to aggregate programs which provide similar\nfunctionality (e.g. /usr/bin/vi and /usr/bin/emacs ).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "3f629636320dfa65804779a3fc333f3147f3b064", "tree": "e44dc9f63ae8c6cd37d5471d014cd9b0449027e7", "parents": [ "c8c57e842720d8cc92ac8607f2d1c16d92314573" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 03 20:37:26 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:42 2010 +1000" }, "message": "TOMOYO: Allow wildcard for execute permission.\n\nSome applications create and execute programs dynamically. We need to accept\nwildcard for execute permission because such programs contain random suffix\nin their filenames. This patch loosens up regulation of string parameters.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c8c57e842720d8cc92ac8607f2d1c16d92314573", "tree": "dc921366b931ba5817ad530433f3b1ee178bc56a", "parents": [ "9b244373da3eab671da6c5125482121528a9ebf3" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 03 20:36:43 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:41 2010 +1000" }, "message": "TOMOYO: Support longer pathname.\n\nAllow pathnames longer than 4000 bytes.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "9b244373da3eab671da6c5125482121528a9ebf3", "tree": "abbe091de54a260aec57e56ce79c164834354fc8", "parents": [ "ea0d3ab239fba48d6e998b19c28d78f765963007" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 03 20:35:53 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:41 2010 +1000" }, "message": "TOMOYO: Several fixes for TOMOYO\u0027s management programs.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c3ef1500ec833890275172c7d063333404b64d60", "tree": "2453368e521a1f7a00098eef06afbedb8404503d", "parents": [ "17fcfbd9d45b57f38d40e31f9d28db53f4af5c88" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:12:46 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:39 2010 +1000" }, "message": "TOMOYO: Split files into some pieces.\n\nsecurity/tomoyo/common.c became too large to read.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "17fcfbd9d45b57f38d40e31f9d28db53f4af5c88", "tree": "e221937affe4d886706e880f39e1424333490cc0", "parents": [ "2106ccd972dcd9fda7df9b181505fac1741b3508" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:11:36 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:38 2010 +1000" }, "message": "TOMOYO: Add interactive enforcing mode.\n\nSince the behavior of the system is restricted by policy, we may need to update\npolicy when you update packages.\n\nWe need to update policy in the following cases.\n\n * The pathname of files has changed.\n * The dependency of files has changed.\n * The access permissions required has increased.\n\nThe ideal way to update policy is to rebuild from the scratch using learning\nmode. But it is not desirable to change from enforcing mode to other mode if\nthe system has once entered in production state. Suppose MAC could support\nper-application enforcing mode, the MAC becomes useless if an application that\nis not running in enforcing mode was cracked. For example, the whole system\nbecomes vulnerable if only HTTP server application is running in learning mode\nto rebuild policy for the application. So, in TOMOYO Linux, updating policy is\ndone while the system is running in enforcing mode.\n\nThis patch implements \"interactive enforcing mode\" which allows administrators\nto judge whether to accept policy violation in enforcing mode or not.\nA demo movie is available at http://www.youtube.com/watch?v\u003db9q1Jo25LPA .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2106ccd972dcd9fda7df9b181505fac1741b3508", "tree": "4361f9498c303cabc20abc85c1b5ee0afa677b0f", "parents": [ "a1f9bb6a375a8dbf7797ffbd6739c46b338a77f7" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:10:31 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:37 2010 +1000" }, "message": "TOMOYO: Add mount restriction.\n\nmount(2) has three string and one numeric parameters.\nSplit mount restriction code from security/tomoyo/file.c .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a1f9bb6a375a8dbf7797ffbd6739c46b338a77f7", "tree": "44df8f05e6ad6bd7cf9ce398c99efbd7cff24c20", "parents": [ "cb0abe6a5b58499bd4bc1403f4987af9ead0642c" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:09:15 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:37 2010 +1000" }, "message": "TOMOYO: Split file access control functions by type of parameters.\n\nCheck numeric parameters for operations that deal them\n(e.g. chmod/chown/ioctl).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "cb0abe6a5b58499bd4bc1403f4987af9ead0642c", "tree": "3a48c36dcfe0cfe1e4b6f3faf5ca3e7fae4327c7", "parents": [ "4c3e9e2ded48bcf696a45945ea7d25bb15b873fd" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:08:05 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:36 2010 +1000" }, "message": "TOMOYO: Use structure for passing common arguments.\n\nUse \"struct tomoyo_request_info\" instead of passing individual arguments.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "4c3e9e2ded48bcf696a45945ea7d25bb15b873fd", "tree": "0be326f0f90b0279ae83594e9244c3739d348df1", "parents": [ "babcd37821fba57048b30151969d28303f2a8b6b" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:06:58 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:35 2010 +1000" }, "message": "TOMOYO: Add numeric values grouping support.\n\nThis patch adds numeric values grouping support, which is useful for grouping\nnumeric values such as file\u0027s UID, DAC\u0027s mode, ioctl()\u0027s cmd number.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7762fbfffdbce8191f5236d5053b290035d3d749", "tree": "08b6de0c09c5571d3bdb61c429e1ec68e748f796", "parents": [ "ba0c1709f4946a5ca1a678f4318ed72c0d409b3c" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 10 17:30:26 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon May 17 09:25:57 2010 +1000" }, "message": "TOMOYO: Add pathname grouping support.\n\nThis patch adds pathname grouping support, which is useful for grouping\npathnames that cannot be represented using /\\{dir\\}/ pattern.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "9e4b50e93786d00c703f16ed46e6a4029c0dfdd1", "tree": "51bf6072802888592ae98b9a6c8a26fcb2e1988f", "parents": [ "83c36ccfe4d849f482ea0a62402c7624f4e59f0e" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu May 06 12:40:02 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon May 10 17:59:02 2010 +1000" }, "message": "TOMOYO: Use stack memory for pending entry.\n\nUse stack memory for pending entry to reduce kmalloc() which will be kfree()d.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "292823814261e085cdcef06b6b691e6c2563fbd4", "tree": "8c1eaebcf8f698ea13ac2a9291b9769abde1905e", "parents": [ "2b9e4688fad8867b6e918610f396af3ab9246898" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu May 06 00:18:15 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu May 06 13:19:18 2010 +1000" }, "message": "TOMOYO: Use mutex_lock_interruptible.\n\nSome of TOMOYO\u0027s functions may sleep after mutex_lock(). If OOM-killer selected\na process which is waiting at mutex_lock(), the to-be-killed process can\u0027t be\nkilled. Thus, replace mutex_lock() with mutex_lock_interruptible() so that the\nto-be-killed process can immediately return from TOMOYO\u0027s functions.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "170800088666963de1111d62fb503889c8c82eda", "tree": "1c8f1671fd48a7688ec8253508dd2cd460e0aff1", "parents": [ "2da5d31bc72d0a36dc16af7f5d5baa4f86df9c76" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Feb 16 21:14:48 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Feb 17 11:37:58 2010 +1100" }, "message": "TOMOYO: Remove __func__ from tomoyo_is_correct_path/domain\n\n__func__ is used for only debug printk(). We can remove it.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "97d6931ead3e89a764cdaa3ad0924037367f0d34", "tree": "ad69e76208832699a97e897af73b6aa23a655609", "parents": [ "7ef612331fb219620cc1abfc2446bb027d388aa0" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Feb 16 09:46:15 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Feb 16 17:26:36 2010 +1100" }, "message": "TOMOYO: Remove unneeded parameter.\n\ntomoyo_path_perm() tomoyo_path2_perm() and tomoyo_check_rewrite_permission()\nalways receive tomoyo_domain(). We can move it from caller to callee.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7ef612331fb219620cc1abfc2446bb027d388aa0", "tree": "3912acecc7437303e824d26a9ae124b765ce35d3", "parents": [ "084da356f6e55ce42f1d2739178502023908c107" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Feb 16 08:03:30 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Feb 16 11:17:16 2010 +1100" }, "message": "TOMOYO: Use shorter names.\n\nUse shorter name to reduce newlines needed for 80 columns limit.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "084da356f6e55ce42f1d2739178502023908c107", "tree": "bdb021a9e0aa6e48ea0a9a4f1248c87c03e00525", "parents": [ "847b173ea3d6f50936823d07f2245059bf44713b" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon Feb 15 15:10:39 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Feb 16 09:25:13 2010 +1100" }, "message": "TOMOYO: Use enum for index numbers.\n\nUse enum to declare index numbers.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "847b173ea3d6f50936823d07f2245059bf44713b", "tree": "b53c6d0536af73a078bcff0375f9f4d837f79bba", "parents": [ "ec8e6a4e062e2edebef91e930c20572c9f4c0dda" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Feb 11 09:43:54 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Feb 15 09:00:24 2010 +1100" }, "message": "TOMOYO: Add garbage collector.\n\nThis patch adds garbage collector support to TOMOYO.\nElements are protected by \"struct srcu_struct tomoyo_ss\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "ec8e6a4e062e2edebef91e930c20572c9f4c0dda", "tree": "1c48fb2aa2220b3bdc138e0fb33e1ac632d0dffe", "parents": [ "76bb0895d038be7bcdb6ccfcd2dd7deb30371d6b" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Feb 11 09:43:20 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Feb 15 09:00:21 2010 +1100" }, "message": "TOMOYO: Add refcounter on domain structure.\n\nAdd refcounter to \"struct tomoyo_domain_info\" since garbage collector needs to\ndetermine whether this struct is referred by \"struct cred\"-\u003esecurity or not.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "76bb0895d038be7bcdb6ccfcd2dd7deb30371d6b", "tree": "5948c68b08561deb20d155853faed475a15a4235", "parents": [ "bf24fb016c861b7f52be0c36c4cedd3e89afa2e2" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Feb 11 09:42:40 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Feb 15 09:00:18 2010 +1100" }, "message": "TOMOYO: Merge headers.\n\nGather structures and constants scattered around security/tomoyo/ directory.\nThis is for preparation for adding garbage collector since garbage collector\nneeds to know structures and constants which TOMOYO uses.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "ea13ddbad0eb4be9cdc406cd7e0804fa4011f6e4", "tree": "4068bb5baad6f6819242b36a00bf395a6db7f1e1", "parents": [ "f40a70861ace69001524644473cc389543b06c3c" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Feb 03 06:43:06 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Feb 08 14:10:20 2010 +1100" }, "message": "TOMOYO: Extract bitfield\n\nSince list elements are rounded up to kmalloc() size rather than sizeof(int),\nsaving one byte by using bitfields is no longer helpful.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "8e2d39a1665e680c095545993aac2fcac6916eb9", "tree": "41687f7e7f4fb37416b7948b6d2e09d0a383459b", "parents": [ "7d52a155e38d5a165759dbbee656455861bf7801" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Jan 26 20:45:27 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jan 27 08:20:48 2010 +1100" }, "message": "TOMOYO: Remove usage counter for temporary memory.\n\nTOMOYO was using own memory usage counter for detecting memory leak.\nBut as kernel 2.6.31 introduced memory leak detection mechanism\n( CONFIG_DEBUG_KMEMLEAK ), we no longer need to have own counter.\n\nWe remove usage counter for memory used for permission checks, but we keep\nusage counter for memory used for policy so that we can apply quota.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "cd7bec6ad80188394a8ea857ff1aa3512fc2282a", "tree": "598e7d59c29966e0d8fa8abf24eb51bbb2f567a6", "parents": [ "e41035a996356c257183e53a70abfb46fa84908b" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Jan 05 06:39:37 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jan 11 09:27:40 2010 +1100" }, "message": "TOMOYO: Remove memory pool for list elements.\n\nCurrently, TOMOYO allocates memory for list elements from memory pool allocated\nby kmalloc(PAGE_SIZE). But that makes it difficult to kfree() when garbage\ncollector is added. Thus, remove memory pool and use kmalloc(sizeof()).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "f737d95ddfea4df68a36ffc9231db4bf34b06d13", "tree": "28a1bf737c96ba8048abcf87a7acfc8412e92a2e", "parents": [ "fdb8ebb729bbb640e64028a4f579a02ebc405727" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jan 03 21:16:32 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jan 11 07:57:44 2010 +1100" }, "message": "TOMOYO: Replace rw_semaphore by mutex.\n\nSince readers no longer use down_read(), writers no longer\nneed to use rw_semaphore. Replace individual rw_semaphore by\nsingle mutex.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "fdb8ebb729bbb640e64028a4f579a02ebc405727", "tree": "9dfca7422cb858cd05208734affab31d980030fe", "parents": [ "86fc80f16e8a2449d5827bf1a9838b7fd9f70097" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Dec 08 09:34:43 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Dec 15 15:46:31 2009 +1100" }, "message": "TOMOYO: Use RCU primitives for list operation\n\nReplace list operation with RCU primitives and replace\ndown_read()/up_read() with srcu_read_lock()/srcu_read_unlock().\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "937bf6133b21b16965f75223085f4314ae32b8eb", "tree": "4a042bc9298ffddfaf4017a5796cae46e9594d2c", "parents": [ "5d0901a3a0c39c97ca504f73d24030f63cfc9fa2" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Dec 02 21:09:48 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Dec 08 14:58:05 2009 +1100" }, "message": "TOMOYO: Add rest of file operation restrictions.\n\nLSM hooks for chmod()/chown()/chroot() are now ready.\nThis patch utilizes these hooks.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7539cf4b92be4aecc573ea962135f246a7a33401", "tree": "6ed5ada6206e788e937ce1325a70a9d6fb0d3c2f", "parents": [ "b3a222e52e4d4be77cc4520a57af1a4a0d8222d1" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Nov 24 22:00:05 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Nov 25 18:51:16 2009 +1100" }, "message": "TOMOYO: Add recursive directory matching operator support.\n\nTOMOYO 1.7.1 has recursive directory matching operator support.\nI want to add it to TOMOYO for Linux 2.6.33 .\n----------\n[PATCH] TOMOYO: Add recursive directory matching operator support.\n\nThis patch introduces new operator /\\{dir\\}/ which matches\n\u0027/\u0027 + \u0027One or more repetitions of dir/\u0027 (e.g. /dir/ /dir/dir/ /dir/dir/dir/ ).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "ccf135f509abdbf607e9a68f08ddeee2c66dc36e", "tree": "4641f30dc45901b619a86957efc72fd3d8d46228", "parents": [ "d905163c5b23f6d8511971e06081a1b525e8a0bd" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@i-love.sakura.ne.jp", "time": "Fri Jun 19 10:29:34 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Jun 19 11:32:37 2009 +1000" }, "message": "TOMOYO: Move tomoyo_delete_domain().\n\nWe can mark tomoyo_delete_domain() as a \"static\" function\nby moving it from domain.c to common.c .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c3fa109a5894077d1eaf8731ea741a15dd117b3c", "tree": "a3d5f58ea878868b48a1493055e6f2cb6dd3c9de", "parents": [ "5bf1692f65c12a8aa359dc883468284ffc3c4587" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@i-love.sakura.ne.jp", "time": "Mon Jun 08 12:37:39 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Jun 09 09:30:24 2009 +1000" }, "message": "TOMOYO: Add description of lists and structures.\n\nThis patch adds some descriptions of lists and structures.\nThis patch contains no code changes.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5bf1692f65c12a8aa359dc883468284ffc3c4587", "tree": "bab96097b51791985d6361b6bdfaf0280b0fc995", "parents": [ "0b4ec6e4e01d98e55ae325a41304cccd87fa4c0f" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@i-love.sakura.ne.jp", "time": "Fri Jun 05 14:44:58 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Jun 09 09:30:21 2009 +1000" }, "message": "TOMOYO: Remove unused field.\n\nTOMOYO 2.2.0 is not using total_len field of \"struct tomoyo_path_info\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "39826a1e17c1957bd7b5cd7815b83940e5e3a230", "tree": "c1452c0293b7f2f4bce2c36d3b5aea8e4020ff3e", "parents": [ "17a7b7b39056a82c5012539311850f202e6c3cd4" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Apr 08 22:31:28 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Apr 14 09:15:02 2009 +1000" }, "message": "tomoyo: version bump to 2.2.0.\n\nSigned-off-by: Kentaro Takeda \u003ctakedakn@nttdata.co.jp\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: Toshiharu Harada \u003charadats@nttdata.co.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a0558fc3491c0494feb8472cf6c0119e43fd9484", "tree": "e26a2baaa63c07761686f97cde9aa4aaa527f82f", "parents": [ "d508afb437daee7cf07da085b635c44a4ebf9b38" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon Apr 06 20:49:14 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Apr 07 16:08:56 2009 +1000" }, "message": "tomoyo: remove \"undelete domain\" command.\n\nSince TOMOYO\u0027s policy management tools does not use the \"undelete domain\"\ncommand, we decided to remove that command.\n\nSigned-off-by: Kentaro Takeda \u003ctakedakn@nttdata.co.jp\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: Toshiharu Harada \u003charadats@nttdata.co.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a106cbfd1f3703402fc2d95d97e7a054102250f0", "tree": "f386efb92e2c68bbd15900b6f14a56c444c28556", "parents": [ "1987f17d2266e882862528841429b5bf67bc8fe5" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@i-love.sakura.ne.jp", "time": "Fri Mar 27 13:12:16 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Mar 27 19:03:44 2009 +1100" }, "message": "TOMOYO: Fix a typo.\n\nFix a typo.\n\nReported-by: Pavel Machek \u003cpavel@ucw.cz\u003e\nSigned-off-by: Kentaro Takeda \u003ctakedakn@nttdata.co.jp\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: Toshiharu Harada \u003charadats@nttdata.co.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "9590837b89aaa4523209ac91c52db5ea0d9142fd", "tree": "0e7e3febb1f6106be0e45c281309078f6c1cd7e6", "parents": [ "c73bd6d473ceb5d643d3afd7e75b7dc2e6918558" ], "author": { "name": "Kentaro Takeda", "email": "takedakn@nttdata.co.jp", "time": "Thu Feb 05 17:18:13 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Feb 12 15:15:04 2009 +1100" }, "message": "Common functions for TOMOYO Linux.\n\nThis file contains common functions (e.g. policy I/O, pattern matching).\n\n-------------------- About pattern matching --------------------\n\nSince TOMOYO Linux is a name based access control, TOMOYO Linux seriously\nconsiders \"safe\" string representation.\n\nTOMOYO Linux\u0027s string manipulation functions make reviewers feel crazy,\nbut there are reasons why TOMOYO Linux needs its own string manipulation\nfunctions.\n\n----- Part 1 : preconditions -----\n\nPeople definitely want to use wild card.\n\n To support pattern matching, we have to support wild card characters.\n\n In a typical Linux system, filenames are likely consists of only alphabets,\n numbers, and some characters (e.g. + - ~ . / ).\n But theoretically, the Linux kernel accepts all characters but NUL character\n (which is used as a terminator of a string).\n\n Some Linux systems can have filenames which contain * ? ** etc.\n\nTherefore, we have to somehow modify string so that we can distinguish\nwild card characters and normal characters.\n\n It might be possible for some application\u0027s configuration files to restrict\n acceptable characters.\n It is impossible for kernel to restrict acceptable characters.\n\n We can\u0027t accept approaches which will cause troubles for applications.\n\n----- Part 2 : commonly used approaches -----\n\nText formatted strings separated by space character (0x20) and new line\ncharacter (0x0A) is more preferable for users over array of NUL-terminated\nstring.\n\n Thus, people use text formatted configuration files separated by space\n character and new line.\n\nWe sometimes need to handle non-printable characters.\n\n Thus, people use \\ character (0x5C) as escape character and represent\n non-printable characters using octal or hexadecimal format.\n\nAt this point, we remind (at least) 3 approaches.\n\n (1) Shell glob style expression\n (2) POSIX regular expression (UNIX style regular expression)\n (3) Maverick wild card expression\n\nOn the surface, (1) and (2) sound good choices. But they have a big pitfall.\nAll meta-characters in (1) and (2) are legal characters for representing\na pathname, and users easily write incorrect expression. What is worse, users\nunlikely notice incorrect expressions because characters used for regular\npathnames unlikely contain meta-characters. This incorrect use of\nmeta-characters in pathname representation reveals vulnerability\n(e.g. unexpected results) only when irregular pathname is specified.\n\nThe authors of TOMOYO Linux think that approaches which adds some character\nfor interpreting meta-characters as normal characters (i.e. (1) and (2)) are\nnot suitable for security use.\n\nTherefore, the authors of TOMOYO Linux propose (3).\n\n----- Part 3: consideration points -----\n\nWe need to solve encoding problem.\n\n A single character can be represented in several ways using encodings.\n\n For Japanese language, there are \"ShiftJIS\", \"ISO-2022-JP\", \"EUC-JP\",\n \"UTF-8\" and more.\n\n Some languages (e.g. Japanese language) supports multi-byte characters\n (where a single character is represented using several bytes).\n\n Some multi-byte characters may match the escape character.\n\n For Japanese language, some characters in \"ShiftJIS\" encoding match\n \\ character, and bothering Web\u0027s CGI developers.\n\n It is important that the kernel string is not bothered by encoding problem.\n\n Linus said, \"I really would expect that kernel strings don\u0027t have\n an encoding. They\u0027re just C strings: a NUL-terminated stream of bytes.\"\n http://lkml.org/lkml/2007/11/6/142\n\n Yes. The kernel strings are just C strings.\n We are talking about how to store and carry \"kernel strings\" safely.\n\n If we store \"kernel string\" into policy file as-is, the \"kernel string\" will\n be interpreted differently depending on application\u0027s encoding settings.\n One application may interpret \"kernel string\" as \"UTF-8\",\n another application may interpret \"kernel string\" as \"ShiftJIS\".\n\n Therefore, we propose to represent strings using ASCII encoding.\n In this way, we are no longer bothered by encoding problems.\n\nWe need to avoid information loss caused by display.\n\n It is difficult to input and display non-printable characters, but we have to\n be able to handle such characters because the kernel string is a C string.\n\n If we use only ASCII printable characters (from 0x21 to 0x7E) and space\n character (0x20) and new line character (0x0A), it is easy to input from\n keyboard and display on all terminals which is running Linux.\n\n Therefore, we propose to represent strings using only characters which value\n is one of \"from 0x21 to 0x7E\", \"0x20\", \"0x0A\".\n\nWe need to consider ease of splitting strings from a line.\n\n If we use an approach which uses \"\\ \" for representing a space character\n within a string, we have to count the string from the beginning to check\n whether this space character is accompanied with \\ character or not.\n As a result, we cannot monotonically split a line using space character.\n\n If we use an approach which uses \"\\040\" for representing a space character\n within a string, we can monotonically split a line using space character.\n\n If we use an approach which uses NUL character as a delimiter, we cannot\n use string manipulation functions for splitting strings from a line.\n\n Therefore, we propose that we represent space character as \"\\040\".\n\nWe need to avoid wrong designations (incorrect use of special characters).\n\n Not all users can understand and utilize POSIX\u0027s regular expressions\n correctly and perfectly.\n\n If a character acts as a wild card by default, the user will get unexpected\n result if that user didn\u0027t know the meaning of that character.\n\n Therefore, we propose that all characters but \\ character act as\n a normal character and let the user add \\ character to make a character\n act as a wild card.\n\n In this way, users needn\u0027t to know all wild card characters beforehand.\n They can learn when they encountered an unseen wild card character\n for their first time.\n\n----- Part 4: supported wild card expressions -----\n\nAt this point, we have wild card expressions listed below.\n\n +-----------+--------------------------------------------------------------+\n | Wild card | Meaning and example |\n +-----------+--------------------------------------------------------------+\n | \\* | More than or equals to 0 character other than \u0027/\u0027. |\n | | /var/log/samba/\\* |\n +-----------+--------------------------------------------------------------+\n | \\@ | More than or equals to 0 character other than \u0027/\u0027 or \u0027.\u0027. |\n | | /var/www/html/\\@.html |\n +-----------+--------------------------------------------------------------+\n | \\? | 1 byte character other than \u0027/\u0027. |\n | | /tmp/mail.\\?\\?\\?\\?\\?\\? |\n +-----------+--------------------------------------------------------------+\n | \\$ | More than or equals to 1 decimal digit. |\n | | /proc/\\$/cmdline |\n +-----------+--------------------------------------------------------------+\n | \\+ | 1 decimal digit. |\n | | /var/tmp/my_work.\\+ |\n +-----------+--------------------------------------------------------------+\n | \\X | More than or equals to 1 hexadecimal digit. |\n | | /var/tmp/my-work.\\X |\n +-----------+--------------------------------------------------------------+\n | \\x | 1 hexadecimal digit. |\n | | /tmp/my-work.\\x |\n +-----------+--------------------------------------------------------------+\n | \\A | More than or equals to 1 alphabet character. |\n | | /var/log/my-work/\\$-\\A-\\$.log |\n +-----------+--------------------------------------------------------------+\n | \\a | 1 alphabet character. |\n | | /home/users/\\a/\\*/public_html/\\*.html |\n +-----------+--------------------------------------------------------------+\n | \\- | Pathname subtraction operator. |\n | | +---------------------+------------------------------------+ |\n | | | Example | Meaning | |\n | | +---------------------+------------------------------------+ |\n | | | /etc/\\* | All files in /etc/ directory. | |\n | | +---------------------+------------------------------------+ |\n | | | /etc/\\*\\-\\*shadow\\* | /etc/\\* other than /etc/\\*shadow\\* | |\n | | +---------------------+------------------------------------+ |\n | | | /\\*\\-proc\\-sys/ | /\\*/ other than /proc/ /sys/ | |\n | | +---------------------+------------------------------------+ |\n +-----------+--------------------------------------------------------------+\n\n +----------------+---------------------------------------------------------+\n | Representation | Meaning and example |\n +----------------+---------------------------------------------------------+\n | \\\\ | backslash character itself. |\n +----------------+---------------------------------------------------------+\n | \\ooo | 1 byte character. |\n | | ooo is 001 \u003c\u003d ooo \u003c\u003d 040 || 177 \u003c\u003d ooo \u003c\u003d 377. |\n | | |\n | | \\040 for space character. |\n | | \\177 for del character. |\n | | |\n +----------------+---------------------------------------------------------+\n\n----- Part 5: Advantages -----\n\nWe can obtain extensibility.\n\n Since our proposed approach adds \\ to a character to interpret as a wild\n card, we can introduce new wild card in future while maintaining backward\n compatibility.\n\nWe can process monotonically.\n\n Since our proposed approach separates strings using a space character,\n we can split strings using existing string manipulation functions.\n\nWe can reliably analyze access logs.\n\n It is guaranteed that a string doesn\u0027t contain space character (0x20) and\n new line character (0x0A).\n\n It is guaranteed that a string won\u0027t be converted by FTP and won\u0027t be damaged\n by a terminal\u0027s settings.\n\n It is guaranteed that a string won\u0027t be affected by encoding converters\n (except encodings which insert NUL character (e.g. UTF-16)).\n\n----- Part 6: conclusion -----\n\nTOMOYO Linux is using its own encoding with reasons described above.\nThere is a disadvantage that we need to introduce a series of new string\nmanipulation functions. But TOMOYO Linux\u0027s encoding is useful for all users\n(including audit and AppArmor) who want to perform pattern matching and\nsafely exchange string information between the kernel and the userspace.\n\n-------------------- About policy interface --------------------\n\nTOMOYO Linux creates the following files on securityfs (normally\nmounted on /sys/kernel/security) as interfaces between kernel and\nuserspace. These files are for TOMOYO Linux management tools *only*,\nnot for general programs.\n\n * profile\n * exception_policy\n * domain_policy\n * manager\n * meminfo\n * self_domain\n * version\n * .domain_status\n * .process_status\n\n** /sys/kernel/security/tomoyo/profile **\n\nThis file is used to read or write profiles.\n\n\"profile\" means a running mode of process. A profile lists up\nfunctions and their modes in \"$number-$variable\u003d$value\" format. The\n$number is profile number between 0 and 255. Each domain is assigned\none profile. To assign profile to domains, use \"ccs-setprofile\" or\n\"ccs-editpolicy\" or \"ccs-loadpolicy\" commands.\n\n(Example)\n[root@tomoyo]# cat /sys/kernel/security/tomoyo/profile\n0-COMMENT\u003d-----Disabled Mode-----\n0-MAC_FOR_FILE\u003ddisabled\n0-MAX_ACCEPT_ENTRY\u003d2048\n0-TOMOYO_VERBOSE\u003ddisabled\n1-COMMENT\u003d-----Learning Mode-----\n1-MAC_FOR_FILE\u003dlearning\n1-MAX_ACCEPT_ENTRY\u003d2048\n1-TOMOYO_VERBOSE\u003ddisabled\n2-COMMENT\u003d-----Permissive Mode-----\n2-MAC_FOR_FILE\u003dpermissive\n2-MAX_ACCEPT_ENTRY\u003d2048\n2-TOMOYO_VERBOSE\u003denabled\n3-COMMENT\u003d-----Enforcing Mode-----\n3-MAC_FOR_FILE\u003denforcing\n3-MAX_ACCEPT_ENTRY\u003d2048\n3-TOMOYO_VERBOSE\u003denabled\n\n- MAC_FOR_FILE:\nSpecifies access control level regarding file access requests.\n- MAX_ACCEPT_ENTRY:\nLimits the max number of ACL entries that are automatically appended\nduring learning mode. Default is 2048.\n- TOMOYO_VERBOSE:\nSpecifies whether to print domain policy violation messages or not.\n\n** /sys/kernel/security/tomoyo/manager **\n\nThis file is used to read or append the list of programs or domains\nthat can write to /sys/kernel/security/tomoyo interface. By default,\nonly processes with both UID \u003d 0 and EUID \u003d 0 can modify policy via\n/sys/kernel/security/tomoyo interface. You can use keyword\n\"manage_by_non_root\" to allow policy modification by non root user.\n\n(Example)\n[root@tomoyo]# cat /sys/kernel/security/tomoyo/manager\n/usr/lib/ccs/loadpolicy\n/usr/lib/ccs/editpolicy\n/usr/lib/ccs/setlevel\n/usr/lib/ccs/setprofile\n/usr/lib/ccs/ld-watch\n/usr/lib/ccs/ccs-queryd\n\n** /sys/kernel/security/tomoyo/exception_policy **\n\nThis file is used to read and write system global settings. Each line\nhas a directive and operand pair. Directives are listed below.\n\n- initialize_domain:\nTo initialize domain transition when specific program is executed,\nuse initialize_domain directive.\n * initialize_domain \"program\" from \"domain\"\n * initialize_domain \"program\" from \"the last program part of domain\"\n * initialize_domain \"program\"\nIf the part \"from\" and after is not given, the entry is applied to\nall domain. If the \"domain\" doesn\u0027t start with \"\u003ckernel\u003e\", the entry\nis applied to all domain whose domainname ends with \"the last program\npart of domain\".\nThis directive is intended to aggregate domain transitions for daemon\nprogram and program that are invoked by the kernel on demand, by\ntransiting to different domain.\n\n- keep_domain\nTo prevent domain transition when program is executed from specific\ndomain, use keep_domain directive.\n * keep_domain \"program\" from \"domain\"\n * keep_domain \"program\" from \"the last program part of domain\"\n * keep_domain \"domain\"\n * keep_domain \"the last program part of domain\"\nIf the part \"from\" and before is not given, this entry is applied to\nall program. If the \"domain\" doesn\u0027t start with \"\u003ckernel\u003e\", the entry\nis applied to all domain whose domainname ends with \"the last program\npart of domain\".\nThis directive is intended to reduce total number of domains and\nmemory usage by suppressing unneeded domain transitions.\nTo declare domain keepers, use keep_domain directive followed by\ndomain definition.\nAny process that belongs to any domain declared with this directive,\nthe process stays at the same domain unless any program registered\nwith initialize_domain directive is executed.\n\nIn order to control domain transition in detail, you can use\nno_keep_domain/no_initialize_domain keywrods.\n\n- alias:\nTo allow executing programs using the name of symbolic links, use\nalias keyword followed by dereferenced pathname and reference\npathname. For example, /sbin/pidof is a symbolic link to\n/sbin/killall5 . In normal case, if /sbin/pidof is executed, the\ndomain is defined as if /sbin/killall5 is executed. By specifying\n\"alias /sbin/killall5 /sbin/pidof\", you can run /sbin/pidof in the\ndomain for /sbin/pidof .\n(Example)\nalias /sbin/killall5 /sbin/pidof\n\n- allow_read:\nTo grant unconditionally readable permissions, use allow_read keyword\nfollowed by canonicalized file. This keyword is intended to reduce\nsize of domain policy by granting read access to library files such\nas GLIBC and locale files. Exception is, if ignore_global_allow_read\nkeyword is given to a domain, entries specified by this keyword are\nignored.\n(Example)\nallow_read /lib/libc-2.5.so\n\n- file_pattern:\nTo declare pathname pattern, use file_pattern keyword followed by\npathname pattern. The pathname pattern must be a canonicalized\nPathname. This keyword is not applicable to neither granting execute\npermissions nor domain definitions.\nFor example, canonicalized pathname that contains a process ID\n(i.e. /proc/PID/ files) needs to be grouped in order to make access\ncontrol work well.\n(Example)\nfile_pattern /proc/\\$/cmdline\n\n- path_group\nTo declare pathname group, use path_group keyword followed by name of\nthe group and pathname pattern. For example, if you want to group all\nfiles under home directory, you can define\n path_group HOME-DIR-FILE /home/\\*/\\*\n path_group HOME-DIR-FILE /home/\\*/\\*/\\*\n path_group HOME-DIR-FILE /home/\\*/\\*/\\*/\\*\nin the exception policy and use like\n allow_read @HOME-DIR-FILE\nto grant file access permission.\n\n- deny_rewrite:\nTo deny overwriting already written contents of file (such as log\nfiles) by default, use deny_rewrite keyword followed by pathname\npattern. Files whose pathname match the patterns are not permitted to\nopen for writing without append mode or truncate unless the pathnames\nare explicitly granted using allow_rewrite keyword in domain policy.\n(Example)\ndeny_rewrite /var/log/\\*\n\n- aggregator\nTo deal multiple programs as a single program, use aggregator keyword\nfollowed by name of original program and aggregated program. This\nkeyword is intended to aggregate similar programs.\nFor example, /usr/bin/tac and /bin/cat are similar. By specifying\n\"aggregator /usr/bin/tac /bin/cat\", you can run /usr/bin/tac in the\ndomain for /bin/cat .\nFor example, /usr/sbin/logrotate for Fedora Core 3 generates programs\nlike /tmp/logrotate.\\?\\?\\?\\?\\?\\? and run them, but TOMOYO Linux\ndoesn\u0027t allow using patterns for granting execute permission and\ndefining domains. By specifying\n\"aggregator /tmp/logrotate.\\?\\?\\?\\?\\?\\? /tmp/logrotate.tmp\", you can\nrun /tmp/logrotate.\\?\\?\\?\\?\\?\\? as if /tmp/logrotate.tmp is running.\n\n** /sys/kernel/security/tomoyo/domain_policy **\n\nThis file contains definition of all domains and permissions that are\ngranted to each domain.\n\nLines from the next line to a domain definition ( any lines starting\nwith \"\u003ckernel\u003e\") to the previous line to the next domain definitions\nare interpreted as access permissions for that domain.\n\n** /sys/kernel/security/tomoyo/meminfo **\n\nThis file is to show the total RAM used to keep policy in the kernel\nby TOMOYO Linux in bytes.\n(Example)\n[root@tomoyo]# cat /sys/kernel/security/tomoyo/meminfo\nShared: 61440\nPrivate: 69632\nDynamic: 768\nTotal: 131840\n\nYou can set memory quota by writing to this file.\n(Example)\n[root@tomoyo]# echo Shared: 2097152 \u003e /sys/kernel/security/tomoyo/meminfo\n[root@tomoyo]# echo Private: 2097152 \u003e /sys/kernel/security/tomoyo/meminfo\n\n** /sys/kernel/security/tomoyo/self_domain **\n\nThis file is to show the name of domain the caller process belongs to.\n(Example)\n[root@etch]# cat /sys/kernel/security/tomoyo/self_domain\n\u003ckernel\u003e /usr/sbin/sshd /bin/zsh /bin/cat\n\n** /sys/kernel/security/tomoyo/version **\n\nThis file is used for getting TOMOYO Linux\u0027s version.\n(Example)\n[root@etch]# cat /sys/kernel/security/tomoyo/version\n2.2.0-pre\n\n** /sys/kernel/security/tomoyo/.domain_status **\n\nThis is a view (of a DBMS) that contains only profile number and\ndomainnames of domain so that \"ccs-setprofile\" command can do\nline-oriented processing easily.\n\n** /sys/kernel/security/tomoyo/.process_status **\n\nThis file is used by \"ccs-ccstree\" command to show \"list of processes\ncurrently running\" and \"domains which each process belongs to\" and\n\"profile number which the domain is currently assigned\" like \"pstree\"\ncommand. This file is writable by programs that aren\u0027t registered as\npolicy manager.\n\nSigned-off-by: Kentaro Takeda \u003ctakedakn@nttdata.co.jp\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: Toshiharu Harada \u003charadats@nttdata.co.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" } ] }