)]}' { "log": [ { "commit": "d410fa4ef99112386de5f218dd7df7b4fca910b4", "tree": "e29fbc3f6d27b20d73d8feb4ed73f6767f2e18fe", "parents": [ "61c4f2c81c61f73549928dfd9f3e8f26aa36a8cf" ], "author": { "name": "Randy Dunlap", "email": "randy.dunlap@oracle.com", "time": "Thu May 19 15:59:38 2011 -0700" }, "committer": { "name": "Randy Dunlap", "email": "randy.dunlap@oracle.com", "time": "Thu May 19 15:59:38 2011 -0700" }, "message": "Create Documentation/security/,\nmove LSM-, credentials-, and keys-related files from Documentation/\n to Documentation/security/,\nadd Documentation/security/00-INDEX, and\nupdate all occurrences of Documentation/\u003cmoved_file\u003e\n to Documentation/security/\u003cmoved_file\u003e.\n" }, { "commit": "4bc6c2d5d8386800fde23a8e78cd4f04a0ade0ad", "tree": "9ed72f305050b876d846b44ccf13f63fcbab1ff4", "parents": [ "0b24dcb7f2f7a0ce9b762eef0362c21c88f47b32" ], "author": { "name": "Harry Ciao", "email": "qingtao.cao@windriver.com", "time": "Wed Mar 02 13:46:08 2011 +0800" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Mar 03 15:19:43 2011 -0500" }, "message": "SELinux: Auto-generate security_is_socket_class\n\nThe security_is_socket_class() is auto-generated by genheaders based\non classmap.h to reduce maintenance effort when a new class is defined\nin SELinux kernel. The name for any socket class should be suffixed by\n\"socket\" and doesn\u0027t contain more than one substr of \"socket\".\n\nSigned-off-by: Harry Ciao \u003cqingtao.cao@windriver.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\n" }, { "commit": "310de047eef6685274045db1e6b39c9f313df428", "tree": "4f90d2ea0f068cffee5d9c569260098f6d94dd22", "parents": [ "77c160e7798b4141a0705c734397a9236bb0e726" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Mar 16 08:47:36 2010 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Mar 16 08:47:36 2010 +1100" }, "message": "selinux: fix warning in genheaders\n\nFix const warning in the genheaders script as a result of\nchanges to the headers, as noted here:\n\nhttp://linux.derkeiler.com/Mailing-Lists/Kernel/2010-03/msg03977.html\n\nReported-by: Stephen Rothwell \u003csfr@canb.auug.org.au\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "85c3b529f8ad4d65ba86b982ef050212ae7dd976", "tree": "becd5d4d607faf5de3bf5d8470cacf715aef8f7a", "parents": [ "821d35a56044e522e811f6a1e8632cc230360280" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Fri Nov 20 11:00:12 2009 -0500" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Nov 23 09:00:44 2009 +1100" }, "message": "SELinux: header generation may hit infinite loop\n\nIf a permission name is long enough the selinux class definition generation\ntool will go into a infinite loop. This is because it\u0027s macro max() is\nfooled into thinking it is dealing with unsigned numbers. This patch makes\nsure the macro always uses signed number so 1 \u003e -1.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "821d35a56044e522e811f6a1e8632cc230360280", "tree": "d15da5efe90a46262e3fed0489f85d954ff41f8d", "parents": [ "dd8dbf2e6880e30c00b18600c962d0cb5a03c555" ], "author": { "name": "Alan Cox", "email": "alan@linux.intel.com", "time": "Wed Nov 18 14:39:51 2009 +0000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Nov 19 09:08:44 2009 +1100" }, "message": "selinux: Fix warnings\n\nscripts/selinux/genheaders/genheaders.c:20: warning: no previous prototype\nfor ?usage?\nscripts/selinux/genheaders/genheaders.c:26: warning: no previous prototype\nfor ?stoupperx?\n\nSigned-off-by: Alan Cox \u003calan@linux.intel.com\u003e\nAcked-by: WANG Cong \u003cxiyou.wangcong@gmail.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "6e8e16c7bc298d7887584c3d027e05db3e86eed9", "tree": "355403813b5945a5a5fdd24054a76a446d05b206", "parents": [ "3e1c2515acf70448cad1ae3ab835ca80be043d33" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Oct 22 15:38:26 2009 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Sat Oct 24 09:42:27 2009 +0800" }, "message": "SELinux: add .gitignore files for dynamic classes\n\nThe SELinux dynamic class work in c6d3aaa4e35c71a32a86ececacd4eea7ecfc316c\ncreates a number of dynamic header files and scripts. Add .gitignore files\nso git doesn\u0027t complain about these.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Stephen D. Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "8753f6bec352392b52ed9b5e290afb34379f4612", "tree": "b5f381be9f56125309bfbfcaa73d68e08c309747", "parents": [ "c6d3aaa4e35c71a32a86ececacd4eea7ecfc316c" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Wed Sep 30 13:41:02 2009 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Oct 07 21:56:44 2009 +1100" }, "message": "selinux: generate flask headers during kernel build\n\nAdd a simple utility (scripts/selinux/genheaders) and invoke it to\ngenerate the kernel-private class and permission indices in flask.h\nand av_permissions.h automatically during the kernel build from the\nsecurity class mapping definitions in classmap.h. Adding new kernel\nclasses and permissions can then be done just by adding them to classmap.h.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c6d3aaa4e35c71a32a86ececacd4eea7ecfc316c", "tree": "1a5475b4370655a22670fd6eb35e54d8b131b362", "parents": [ "23acb98de5a4109a60b5fe3f0439389218b039d7" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Wed Sep 30 13:37:50 2009 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Oct 07 21:56:42 2009 +1100" }, "message": "selinux: dynamic class/perm discovery\n\nModify SELinux to dynamically discover class and permission values\nupon policy load, based on the dynamic object class/perm discovery\nlogic from libselinux. A mapping is created between kernel-private\nclass and permission indices used outside the security server and the\npolicy values used within the security server.\n\nThe mappings are only applied upon kernel-internal computations;\nsimilar mappings for the private indices of userspace object managers\nis handled on a per-object manager basis by the userspace AVC. The\ninterfaces for compute_av and transition_sid are split for kernel\nvs. userspace; the userspace functions are distinguished by a _user\nsuffix.\n\nThe kernel-private class indices are no longer tied to the policy\nvalues and thus do not need to skip indices for userspace classes;\nthus the kernel class index values are compressed. The flask.h\ndefinitions were regenerated by deleting the userspace classes from\nrefpolicy\u0027s definitions and then regenerating the headers. Going\nforward, we can just maintain the flask.h, av_permissions.h, and\nclassmap.h definitions separately from policy as they are no longer\ntied to the policy values. The next patch introduces a utility to\nautomate generation of flask.h and av_permissions.h from the\nclassmap.h definitions.\n\nThe older kernel class and permission string tables are removed and\nreplaced by a single security class mapping table that is walked at\npolicy load to generate the mapping. The old kernel class validation\nlogic is completely replaced by the mapping logic.\n\nThe handle unknown logic is reworked. reject_unknown\u003d1 is handled\nwhen the mappings are computed at policy load time, similar to the old\nhandling by the class validation logic. allow_unknown\u003d1 is handled\nwhen computing and mapping decisions - if the permission was not able\nto be mapped (i.e. undefined, mapped to zero), then it is\nautomatically added to the allowed vector. If the class was not able\nto be mapped (i.e. undefined, mapped to zero), then all permissions\nare allowed for it if allow_unknown\u003d1.\n\navc_audit leverages the new security class mapping table to lookup the\nclass and permission names from the kernel-private indices.\n\nThe mdp program is updated to use the new table when generating the\nclass definitions and allow rules for a minimal boot policy for the\nkernel. It should be noted that this policy will not include any\nuserspace classes, nor will its policy index values for the kernel\nclasses correspond with the ones in refpolicy (they will instead match\nthe kernel-private indices).\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5c725138437837291db5c25f4a076ee852e806e3", "tree": "ddd05a26b2aa65a7508546b22235dffa2f41f54f", "parents": [ "e898893399335514b10dfbd75598f8308976abe4" ], "author": { "name": "Trevor Keith", "email": "tsrk@tsrk.net", "time": "Tue Sep 22 16:43:38 2009 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Sep 23 07:39:28 2009 -0700" }, "message": "Fix all -Wmissing-prototypes warnings in x86 defconfig\n\nSigned-off-by: Trevor Keith \u003ctsrk@tsrk.net\u003e\nCc: Sam Ravnborg \u003csam@ravnborg.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "b56c8c221d192e4ffa719d00907c3b60fbaa2737", "tree": "bdd84ebc482c9e00dca6536931336e2c614580f8", "parents": [ "d9250dea3f89fe808a525f08888016b495240ed4" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 05 21:43:38 2008 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 05 21:43:38 2008 +1000" }, "message": "SELinux: add gitignore file for mdp script\n\nAdd gitignore file for scripts/selinux/mdp/mdp.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "93c06cbbf9fea5d5be1778febb7fa9ab1a74e5f5", "tree": "de0ba51a2901097b7ab28483a040dc6ee5c9bc7d", "parents": [ "3f23d815c5049c9d7022226cec2242e384dd0b43" ], "author": { "name": "Serge E. Hallyn", "email": "serue@us.ibm.com", "time": "Tue Aug 26 14:47:57 2008 -0500" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Aug 27 08:54:08 2008 +1000" }, "message": "selinux: add support for installing a dummy policy (v2)\n\nIn August 2006 I posted a patch generating a minimal SELinux policy. This\nweek, David P. Quigley posted an updated version of that as a patch against\nthe kernel. It also had nice logic for auto-installing the policy.\n\nFollowing is David\u0027s original patch intro (preserved especially\nbc it has stats on the generated policies):\n\nse interested in the changes there were only two significant\nchanges. The first is that the iteration through the list of classes\nused NULL as a sentinel value. The problem with this is that the\nclass_to_string array actually has NULL entries in its table as place\nholders for the user space object classes.\n\nThe second change was that it would seem at some point the initial sids\ntable was NULL terminated. This is no longer the case so that iteration\nhas to be done on array length instead of looking for NULL.\n\nSome statistics on the policy that it generates:\n\nThe policy consists of 523 lines which contain no blank lines. Of those\n523 lines 453 of them are class, permission, and initial sid\ndefinitions. These lines are usually little to no concern to the policy\ndeveloper since they will not be adding object classes or permissions.\nOf the remaining 70 lines there is one type, one role, and one user\nstatement. The remaining lines are broken into three portions. The first\ngroup are TE allow rules which make up 29 of the remaining lines, the\nsecond is assignment of labels to the initial sids which consist of 27\nlines, and file system labeling statements which are the remaining 11.\n\nIn addition to the policy.conf generated there is a single file_contexts\nfile containing two lines which labels the entire system with base_t.\n\nThis policy generates a policy.23 binary that is 7920 bytes.\n\n(then a few versions later...):\n\nThe new policy is 587 lines (stripped of blank lines) with 476 of those\nlines being the boilerplate that I mentioned last time. The remaining\n111 lines have the 3 lines for type, user, and role, 70 lines for the\nallow rules (one for each object class including user space object\nclasses), 27 lines to assign types to the initial sids, and 11 lines for\nfile system labeling. The policy binary is 9194 bytes.\n\nChangelog:\n\n\tAug 26: Added Documentation/SELinux.txt\n\tAug 26: Incorporated a set of comments by Stephen Smalley:\n\t\t1. auto-setup SELINUXTYPE\u003ddummy\n\t\t2. don\u0027t auto-install if selinux is enabled with\n\t\t\tnon-dummy policy\n\t\t3. don\u0027t re-compute policy version\n\t\t4. /sbin/setfiles not /usr/sbin/setfiles\n\tAug 22: As per JMorris comments, made sure make distclean\n\t\tcleans up the mdp directory.\n\t\tRemoved a check for file_contexts which is now\n\t\tcreated in the same file as the check, making it\n\t\tsuperfluous.\n\nSigned-off-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: David Quigley \u003cdpquigl@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" } ] }