)]}' { "log": [ { "commit": "dd34b5d75a0405814a3de83f02a44ac297e81629", "tree": "f24939a7b7f6b33c44939ee4022d7e95b3f670b6", "parents": [ "6a25b27d602aac24f3c642722377ba5d778417ec" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Mar 05 13:43:35 2009 -0500" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Mar 06 08:50:21 2009 +1100" }, "message": "SELinux: new permission between tty audit and audit socket\n\nNew selinux permission to separate the ability to turn on tty auditing from\nthe ability to set audit rules.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2f99db28af90957271a6448479c3e492ccf7c697", "tree": "00386a75dd8c998621d2204609425b41be420f62", "parents": [ "41d9f9c524a53477467b7e0111ff3d644198f191" ], "author": { "name": "Michal Schmidt", "email": "mschmidt@redhat.com", "time": "Wed Nov 05 13:35:06 2008 +0100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Nov 06 07:08:36 2008 +0800" }, "message": "selinux: recognize netlink messages for \u0027ip addrlabel\u0027\n\nIn enforcing mode \u0027/sbin/ip addrlabel\u0027 results in a SELinux error:\ntype\u003dSELINUX_ERR msg\u003daudit(1225698822.073:42): SELinux: unrecognized\nnetlink message type\u003d74 for sclass\u003d43\n\nThe problem is missing RTM_*ADDRLABEL entries in SELinux\u0027s netlink\nmessage types table.\n\nReported in https://bugzilla.redhat.com/show_bug.cgi?id\u003d469423\n\nSigned-off-by: Michal Schmidt \u003cmschmidt@redhat.com\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "bfff3aa49765eb10053b58ee220949cfcc7a1a80", "tree": "2695e909f58e9b1f683dae9c9a08090bd662e34f", "parents": [ "7b6b239c805ab372145c8a43ffa25529923d2658" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Fri Apr 18 17:38:26 2008 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Apr 21 19:05:07 2008 +1000" }, "message": "SELinux: nlmsgtab.c whitespace, syntax, and static declaraction cleanups\n\nThis patch changes nlmsgtab.c to fix whitespace and syntax issues. Things that\nare fixed may include (does not not have to include)\n\nwhitespace at end of lines\nspaces followed by tabs\nspaces used instead of tabs\nspacing around parenthesis\nlocateion of { around struct and else clauses\nlocation of * in pointer declarations\nremoval of initialization of static data to keep it in the right section\nuseless {} in if statemetns\nuseless checking for NULL before kfree\nfixing of the indentation depth of switch statements\nand any number of other things I forgot to mention\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "522ed7767e800cff6c650ec64b0ee0677303119c", "tree": "f65ecb29f2cf885018d3557f840de3ef4be6ec64", "parents": [ "4f27c00bf80f122513d3a5be16ed851573164534" ], "author": { "name": "Miloslav Trmac", "email": "mitr@redhat.com", "time": "Sun Jul 15 23:40:56 2007 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@woody.linux-foundation.org", "time": "Mon Jul 16 09:05:47 2007 -0700" }, "message": "Audit: add TTY input auditing\n\nAdd TTY input auditing, used to audit system administrator\u0027s actions. This is\nrequired by various security standards such as DCID 6/3 and PCI to provide\nnon-repudiation of administrator\u0027s actions and to allow a review of past\nactions if the administrator seems to overstep their duties or if the system\nbecomes misconfigured for unknown reasons. These requirements do not make it\nnecessary to audit TTY output as well.\n\nCompared to an user-space keylogger, this approach records TTY input using the\naudit subsystem, correlated with other audit events, and it is completely\ntransparent to the user-space application (e.g. the console ioctls still\nwork).\n\nTTY input auditing works on a higher level than auditing all system calls\nwithin the session, which would produce an overwhelming amount of mostly\nuseless audit events.\n\nAdd an \"audit_tty\" attribute, inherited across fork (). Data read from TTYs\nby process with the attribute is sent to the audit subsystem by the kernel.\nThe audit netlink interface is extended to allow modifying the audit_tty\nattribute, and to allow sending explanatory audit events from user-space (for\nexample, a shell might send an event containing the final command, after the\ninteractive command-line editing and history expansion is performed, which\nmight be difficult to decipher from the TTY input alone).\n\nBecause the \"audit_tty\" attribute is inherited across fork (), it would be set\ne.g. for sshd restarted within an audited session. To prevent this, the\naudit_tty attribute is cleared when a process with no open TTY file\ndescriptors (e.g. after daemon startup) opens a TTY.\n\nSee https://www.redhat.com/archives/linux-audit/2007-June/msg00000.html for a\nmore detailed rationale document for an older version of this patch.\n\n[akpm@linux-foundation.org: build fix]\nSigned-off-by: Miloslav Trmac \u003cmitr@redhat.com\u003e\nCc: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: Alan Cox \u003calan@lxorguk.ukuu.org.uk\u003e\nCc: Paul Fulghum \u003cpaulkf@microgate.com\u003e\nCc: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\nCc: Steve Grubb \u003csgrubb@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "6051e2f4fb68fc8e5343db58fa680ece376f405c", "tree": "b061f38f00100e40a3c5b9f33e3acb58c5aa3e7b", "parents": [ "04561c1fe7b067a8250e6caaf168256783580c4c" ], "author": { "name": "Thomas Graf", "email": "tgraf@suug.ch", "time": "Tue Nov 14 19:54:19 2006 -0800" }, "committer": { "name": "David S. Miller", "email": "davem@sunset.davemloft.net", "time": "Sat Dec 02 21:22:45 2006 -0800" }, "message": "[IPv6] prefix: Convert RTM_NEWPREFIX notifications to use the new netlink api\n\nRTM_GETPREFIX is completely unused and is thus removed.\n\nSigned-off-by: Thomas Graf \u003ctgraf@suug.ch\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "1b9a3917366028cc451a98dd22e3bcd537d4e5c1", "tree": "d911058720e0a9aeeaf9f407ccdc6fbf4047f47d", "parents": [ "3661f00e2097676847deb01add1a0918044bd816", "71e1c784b24a026a490b3de01541fc5ee14ebc09" ], "author": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Mar 25 09:24:53 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Mar 25 09:24:53 2006 -0800" }, "message": "Merge branch \u0027audit.b3\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current\n\n* \u0027audit.b3\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (22 commits)\n [PATCH] fix audit_init failure path\n [PATCH] EXPORT_SYMBOL patch for audit_log, audit_log_start, audit_log_end and audit_format\n [PATCH] sem2mutex: audit_netlink_sem\n [PATCH] simplify audit_free() locking\n [PATCH] Fix audit operators\n [PATCH] promiscuous mode\n [PATCH] Add tty to syscall audit records\n [PATCH] add/remove rule update\n [PATCH] audit string fields interface + consumer\n [PATCH] SE Linux audit events\n [PATCH] Minor cosmetic cleanups to the code moved into auditfilter.c\n [PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL\n [PATCH] Fix IA64 success/failure indication in syscall auditing.\n [PATCH] Miscellaneous bug and warning fixes\n [PATCH] Capture selinux subject/object context information.\n [PATCH] Exclude messages by message type\n [PATCH] Collect more inode information during syscall processing.\n [PATCH] Pass dentry, not just name, in fsnotify creation hooks.\n [PATCH] Define new range of userspace messages.\n [PATCH] Filter rule comparators\n ...\n\nFixed trivial conflict in security/selinux/hooks.c\n" }, { "commit": "8c29bfe1cfbe6050c797a6364a0cc0ff57c377fc", "tree": "f5e48a81ea6b12d4a4d20960750ce5c87c241d1f", "parents": [ "6c5c8ca7ff20523e427b955aa84cef407934710f" ], "author": { "name": "Jamal Hadi Salim", "email": "hadi@cyberus.ca", "time": "Mon Mar 20 19:17:39 2006 -0800" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Mon Mar 20 19:17:39 2006 -0800" }, "message": "[IPSEC]: Sync series - update selinux\n\nAdd new netlink messages to selinux framework\n\nSigned-off-by: Jamal Hadi Salim \u003chadi@cyberus.ca\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "93315ed6dd12dacfc941f9eb8ca0293aadf99793", "tree": "4fc070c92a1de21d3befe4ce48c733c65d044bb3", "parents": [ "af601e4623d0303bfafa54ec728b7ae8493a8e1b" ], "author": { "name": "Amy Griffis", "email": "amy.griffis@hp.com", "time": "Tue Feb 07 12:05:27 2006 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Mar 20 14:08:54 2006 -0500" }, "message": "[PATCH] audit string fields interface + consumer\n\nUpdated patch to dynamically allocate audit rule fields in kernel\u0027s\ninternal representation. Added unlikely() calls for testing memory\nallocation result.\n\nAmy Griffis wrote: [Wed Jan 11 2006, 02:02:31PM EST]\n\u003e Modify audit\u0027s kernel-userspace interface to allow the specification\n\u003e of string fields in audit rules.\n\u003e\n\u003e Signed-off-by: Amy Griffis \u003camy.griffis@hp.com\u003e\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n(cherry picked from 5ffc4a863f92351b720fe3e9c5cd647accff9e03 commit)\n" }, { "commit": "90d526c074ae5db484388da56c399acf892b6c17", "tree": "edeb7c47d9144f3995846c5fc25db8e49ef12f5d", "parents": [ "b63862f46547487388e582e8ac9083830d34f058" ], "author": { "name": "Steve Grubb", "email": "sgrubb@redhat.com", "time": "Thu Nov 03 15:48:08 2005 +0000" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Mar 20 14:08:53 2006 -0500" }, "message": "[PATCH] Define new range of userspace messages.\n\nThe attached patch updates various items for the new user space\nmessages. Please apply.\n\nSigned-off-by: Steve Grubb \u003csgrubb@redhat.com\u003e\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "216efaaaa006d2f3ecbb5bbc2b6673423813254e", "tree": "c05cd2d0ec829d18a8f85ff8611c0e1424303f52", "parents": [ "066286071d3542243baa68166acb779187c848b3" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 15 20:34:48 2005 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@sunset.davemloft.net", "time": "Mon Aug 29 16:01:15 2005 -0700" }, "message": "[SELINUX]: Update for tcp_diag rename to inet_diag.\n\nAlso, support dccp sockets.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "c7fb64db001f83ece669c76a02d8ec2fdb1dd307", "tree": "f8b8375b8b619c00db3399a4ef6f67e2636dfac7", "parents": [ "00768244923f66801958a8d2d103f7b65608c9b6" ], "author": { "name": "Thomas Graf", "email": "tgraf@suug.ch", "time": "Sat Jun 18 22:50:55 2005 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Sat Jun 18 22:50:55 2005 -0700" }, "message": "[NETLINK]: Neighbour table configuration and statistics via rtnetlink\n\nTo retrieve the neighbour tables send RTM_GETNEIGHTBL with the\nNLM_F_DUMP flag set. Every neighbour table configuration is\nspread over multiple messages to avoid running into message\nsize limits on systems with many interfaces. The first message\nin the sequence transports all not device specific data such as\nstatistics, configuration, and the default parameter set.\nThis message is followed by 0..n messages carrying device\nspecific parameter sets.\n\nAlthough the ordering should be sufficient, NDTA_NAME can be\nused to identify sequences. The initial message can be identified\nby checking for NDTA_CONFIG. The device specific messages do\nnot contain this TLV but have NDTPA_IFINDEX set to the\ncorresponding interface index.\n\nTo change neighbour table attributes, send RTM_SETNEIGHTBL\nwith NDTA_NAME set. Changeable attribute include NDTA_THRESH[1-3],\nNDTA_GC_INTERVAL, and all TLVs in NDTA_PARMS unless marked\notherwise. Device specific parameter sets can be changed by\nsetting NDTPA_IFINDEX to the interface index of the corresponding\ndevice.\n\nSigned-off-by: Thomas Graf \u003ctgraf@suug.ch\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "209aba03243ee42a22f8df8d08aa9963f62aec64", "tree": "e45ee43e7af31f847377e8bb3a0a61581732b653", "parents": [ "3ec3b2fba526ead2fa3f3d7c91924f39a0733749" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed May 18 10:21:07 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed May 18 10:21:07 2005 +0100" }, "message": "AUDIT: Treat all user messages identically.\n\nIt\u0027s silly to have to add explicit entries for new userspace messages\nas we invent them. Just treat all messages in the user range the same.\n\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "c04049939f88b29e235d2da217bce6e8ead44f32", "tree": "9bf3ab72b9939c529e7c96f8768bc8b7e1d768c9", "parents": [ "9ea74f0655412d0fbd12bf9adb6c14c8fe707a42" ], "author": { "name": "Steve Grubb", "email": "sgrubb@redhat.com", "time": "Fri May 13 18:17:42 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Fri May 13 18:17:42 2005 +0100" }, "message": "AUDIT: Add message types to audit records\n\nThis patch adds more messages types to the audit subsystem so that audit \nanalysis is quicker, intuitive, and more useful.\n\nSigned-off-by: Steve Grubb \u003csgrubb@redhat.com\u003e\n---\nI forgot one type in the big patch. I need to add one for user space \noriginating SE Linux avc messages. This is used by dbus and nscd.\n\n-Steve\n---\nUpdated to 2.6.12-rc4-mm1.\n-dwmw2\n\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "c2f0c7c356dc9ae15419f00c725a2fcc58eeff58", "tree": "2b765b791115e0e85b45bc98800fd2650b23155b", "parents": [ "2512809255d018744fe6c2f5e996c83769846c07" ], "author": { "name": "Steve Grubb", "email": "sgrubb@redhat.com", "time": "Fri May 06 12:38:39 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Fri May 06 12:38:39 2005 +0100" }, "message": "The attached patch addresses the problem with getting the audit daemon \nshutdown credential information. It creates a new message type \nAUDIT_TERM_INFO, which is used by the audit daemon to query who issued the \nshutdown. \n\nIt requires the placement of a hook function that gathers the information. The \nhook is after the DAC \u0026 MAC checks and before the function returns. Racing \nthreads could overwrite the uid \u0026 pid - but they would have to be root and \nhave policy that allows signalling the audit daemon. That should be a \nmanageable risk.\n\nThe userspace component will be released later in audit 0.7.2. When it \nreceives the TERM signal, it queries the kernel for shutdown information. \nWhen it receives it, it writes the message and exits. The message looks \nlike this:\n\ntype\u003dDAEMON msg\u003dauditd(1114551182.000) auditd normal halt, sending pid\u003d2650 \nuid\u003d525, auditd pid\u003d1685\n\nSigned-off-by: Steve Grubb \u003csgrubb@redhat.com\u003e\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "b207a290ea7dc83dba02e40b81cc8a29415a9c60", "tree": "fe76d1c494977ba95ab576e9207dc13c4a66a04a", "parents": [ "6af963f1d6789ef20abca5696cd52a758b396e52" ], "author": { "name": "James Morris", "email": "jmorris@redhat.com", "time": "Sun May 01 08:58:40 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sun May 01 08:58:40 2005 -0700" }, "message": "[PATCH] SELinux: add finer grained permissions to Netlink audit processing\n\nThis patch provides finer grained permissions for the audit family of\nNetlink sockets under SELinux.\n\n1. We need a way to differentiate between privileged and unprivileged\n reads of kernel data maintained by the audit subsystem. The AUDIT_GET\n operation is unprivileged: it returns the current status of the audit\n subsystem (e.g. whether it\u0027s enabled etc.). The AUDIT_LIST operation\n however returns a list of the current audit ruleset, which is considered\n privileged by the audit folk. To deal with this, a new SELinux\n permission has been implemented and applied to the operation:\n nlmsg_readpriv, which can be allocated to appropriately privileged\n domains. Unprivileged domains would only be allocated nlmsg_read.\n\n2. There is a requirement for certain domains to generate audit events\n from userspace. These events need to be collected by the kernel,\n collated and transmitted sequentially back to the audit daemon. An\n example is user level login, an auditable event under CAPP, where\n login-related domains generate AUDIT_USER messages via PAM which are\n relayed back to auditd via the kernel. To prevent handing out\n nlmsg_write permissions to such domains, a new permission has been\n added, nlmsg_relay, which is intended for this type of purpose: data is\n passed via the kernel back to userspace but no privileged information is\n written to the kernel.\n\nAlso, AUDIT_LOGIN messages are now valid only for kernel-\u003euser messaging,\nso this value has been removed from the SELinux nlmsgtab (which is only\nused to check user-\u003ekernel messages).\n\nSigned-off-by: James Morris \u003cjmorris@redhat.com\u003e\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "388c69789a2a2e50965e805e3e641418082b352c", "tree": "6a715440068d1df09fee5bc2e7e9ac0d8af37cae", "parents": [ "1db7fc75a410d9a15cbc58a9b073a688669c6d42" ], "author": { "name": "James Morris", "email": "jmorris@redhat.com", "time": "Sat Apr 16 15:24:03 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Apr 16 15:24:03 2005 -0700" }, "message": "[PATCH] SELinux: fix bug in Netlink message type detection\n\nThis patch fixes a bug in the SELinux Netlink message type detection code,\nwhere the wrong constant was being used in a case statement. The incorrect\nvalue is not valid for this class of object so it would not have been\nreached, and fallen through to a default handler for all Netlink messages.\n\nSigned-off-by: James Morris \u003cjmorris@redhat.com\u003e\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "tree": "0bba044c4ce775e45a88a51686b5d9f90697ea9d", "parents": [], "author": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Apr 16 15:20:36 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Apr 16 15:20:36 2005 -0700" }, "message": "Linux-2.6.12-rc2\n\nInitial git repository build. I\u0027m not bothering with the full history,\neven though we have it. We can create a separate \"historical\" git\narchive of that later if we want to, and in the meantime it\u0027s about\n3.2GB when imported into git - space that would just make the early\ngit days unnecessarily complicated, when we don\u0027t have a lot of good\ninfrastructure for it.\n\nLet it rip!\n" } ] }