)]}'
{
  "log": [
    {
      "commit": "2c7946a7bf45ae86736ab3b43d0085e43947945c",
      "tree": "b956f301033ebaefe8d2701b257edfd947f537f3",
      "parents": [
        "be33690d8fcf40377f16193c463681170eb6b295"
      ],
      "author": {
        "name": "Catherine Zhang",
        "email": "cxzhang@watson.ibm.com",
        "time": "Mon Mar 20 22:41:23 2006 -0800"
      },
      "committer": {
        "name": "David S. Miller",
        "email": "davem@davemloft.net",
        "time": "Mon Mar 20 22:41:23 2006 -0800"
      },
      "message": "[SECURITY]: TCP/UDP getpeersec\n\nThis patch implements an application of the LSM-IPSec networking\ncontrols whereby an application can determine the label of the\nsecurity association its TCP or UDP sockets are currently connected to\nvia getsockopt and the auxiliary data mechanism of recvmsg.\n\nPatch purpose:\n\nThis patch enables a security-aware application to retrieve the\nsecurity context of an IPSec security association a particular TCP or\nUDP socket is using.  The application can then use this security\ncontext to determine the security context for processing on behalf of\nthe peer at the other end of this connection.  In the case of UDP, the\nsecurity context is for each individual packet.  An example\napplication is the inetd daemon, which could be modified to start\ndaemons running at security contexts dependent on the remote client.\n\nPatch design approach:\n\n- Design for TCP\nThe patch enables the SELinux LSM to set the peer security context for\na socket based on the security context of the IPSec security\nassociation.  The application may retrieve this context using\ngetsockopt.  When called, the kernel determines if the socket is a\nconnected (TCP_ESTABLISHED) TCP socket and, if so, uses the dst_entry\ncache on the socket to retrieve the security associations.  If a\nsecurity association has a security context, the context string is\nreturned, as for UNIX domain sockets.\n\n- Design for UDP\nUnlike TCP, UDP is connectionless.  This requires a somewhat different\nAPI to retrieve the peer security context.  With TCP, the peer\nsecurity context stays the same throughout the connection, thus it can\nbe retrieved at any time between when the connection is established\nand when it is torn down.  With UDP, each read/write can have\ndifferent peer and thus the security context might change every time.\nAs a result the security context retrieval must be done TOGETHER with\nthe packet retrieval.\n\nThe solution is to build upon the existing Unix domain socket API for\nretrieving user credentials.  Linux offers the API for obtaining user\ncredentials via ancillary messages (i.e., out of band/control messages\nthat are bundled together with a normal message).\n\nPatch implementation details:\n\n- Implementation for TCP\nThe security context can be retrieved by applications using getsockopt\nwith the existing SO_PEERSEC flag.  As an example (ignoring error\nchecking):\n\ngetsockopt(sockfd, SOL_SOCKET, SO_PEERSEC, optbuf, \u0026optlen);\nprintf(\"Socket peer context is: %s\\n\", optbuf);\n\nThe SELinux function, selinux_socket_getpeersec, is extended to check\nfor labeled security associations for connected (TCP_ESTABLISHED \u003d\u003d\nsk-\u003esk_state) TCP sockets only.  If so, the socket has a dst_cache of\nstruct dst_entry values that may refer to security associations.  If\nthese have security associations with security contexts, the security\ncontext is returned.\n\ngetsockopt returns a buffer that contains a security context string or\nthe buffer is unmodified.\n\n- Implementation for UDP\nTo retrieve the security context, the application first indicates to\nthe kernel such desire by setting the IP_PASSSEC option via\ngetsockopt.  Then the application retrieves the security context using\nthe auxiliary data mechanism.\n\nAn example server application for UDP should look like this:\n\ntoggle \u003d 1;\ntoggle_len \u003d sizeof(toggle);\n\nsetsockopt(sockfd, SOL_IP, IP_PASSSEC, \u0026toggle, \u0026toggle_len);\nrecvmsg(sockfd, \u0026msg_hdr, 0);\nif (msg_hdr.msg_controllen \u003e sizeof(struct cmsghdr)) {\n    cmsg_hdr \u003d CMSG_FIRSTHDR(\u0026msg_hdr);\n    if (cmsg_hdr-\u003ecmsg_len \u003c\u003d CMSG_LEN(sizeof(scontext)) \u0026\u0026\n        cmsg_hdr-\u003ecmsg_level \u003d\u003d SOL_IP \u0026\u0026\n        cmsg_hdr-\u003ecmsg_type \u003d\u003d SCM_SECURITY) {\n        memcpy(\u0026scontext, CMSG_DATA(cmsg_hdr), sizeof(scontext));\n    }\n}\n\nip_setsockopt is enhanced with a new socket option IP_PASSSEC to allow\na server socket to receive security context of the peer.  A new\nancillary message type SCM_SECURITY.\n\nWhen the packet is received we get the security context from the\nsec_path pointer which is contained in the sk_buff, and copy it to the\nancillary message space.  An additional LSM hook,\nselinux_socket_getpeersec_udp, is defined to retrieve the security\ncontext from the SELinux space.  The existing function,\nselinux_socket_getpeersec does not suit our purpose, because the\nsecurity context is copied directly to user space, rather than to\nkernel space.\n\nTesting:\n\nWe have tested the patch by setting up TCP and UDP connections between\napplications on two machines using the IPSec policies that result in\nlabeled security associations being built.  For TCP, we can then\nextract the peer security context using getsockopt on either end.  For\nUDP, the receiving end can retrieve the security context using the\nauxiliary data mechanism of recvmsg.\n\nSigned-off-by: Catherine Zhang \u003ccxzhang@watson.ibm.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nAcked-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n"
    },
    {
      "commit": "b97bf3fd8f6a16966d4f18983b2c40993ff937d4",
      "tree": "59959f8a0f3087455efdcb430846686f303c5991",
      "parents": [
        "58cba4650a7a414eabd2b40cc9d8e45fcdf192d9"
      ],
      "author": {
        "name": "Per Liden",
        "email": "per.liden@nospam.ericsson.com",
        "time": "Mon Jan 02 19:04:38 2006 +0100"
      },
      "committer": {
        "name": "David S. Miller",
        "email": "davem@sunset.davemloft.net",
        "time": "Thu Jan 12 14:06:31 2006 -0800"
      },
      "message": "[TIPC] Initial merge\n\nTIPC (Transparent Inter Process Communication) is a protocol designed for\nintra cluster communication. For more information see\nhttp://tipc.sourceforge.net\n\nSigned-off-by: Per Liden \u003cper.liden@nospam.ericsson.com\u003e\n"
    },
    {
      "commit": "77d76ea310b50a9c8ff15bd290fcb4ed4961adf2",
      "tree": "7d6e8b2426d4b3debe5ddf838ab2a2ef13f1b106",
      "parents": [
        "7708610b1bff4a0ba8a73733d3c7c4bda9f94b21"
      ],
      "author": {
        "name": "Andi Kleen",
        "email": "ak@suse.de",
        "time": "Thu Dec 22 12:43:42 2005 -0800"
      },
      "committer": {
        "name": "David S. Miller",
        "email": "davem@sunset.davemloft.net",
        "time": "Tue Jan 03 13:11:14 2006 -0800"
      },
      "message": "[NET]: Small cleanup to socket initialization\n\nsock_init can be done as a core_initcall instead of calling\nit directly in init/main.c\n\nAlso I removed an out of date #ifdef.\n\nSigned-off-by: Andi Kleen \u003cak@suse.de\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n"
    },
    {
      "commit": "20380731bc2897f2952ae055420972ded4cd786e",
      "tree": "abd31e5ebfadcf4f9024634eec8b11855029e512",
      "parents": [
        "9deff7f2365958c5c5aa8cb5a0dd651c4dd83f8f"
      ],
      "author": {
        "name": "Arnaldo Carvalho de Melo",
        "email": "acme@mandriva.com",
        "time": "Tue Aug 16 02:18:02 2005 -0300"
      },
      "committer": {
        "name": "David S. Miller",
        "email": "davem@sunset.davemloft.net",
        "time": "Mon Aug 29 16:01:32 2005 -0700"
      },
      "message": "[NET]: Fix sparse warnings\n\nOf this type, mostly:\n\nCHECK   net/ipv6/netfilter.c\nnet/ipv6/netfilter.c:96:12: warning: symbol \u0027ipv6_netfilter_init\u0027 was not declared. Should it be static?\nnet/ipv6/netfilter.c:101:6: warning: symbol \u0027ipv6_netfilter_fini\u0027 was not declared. Should it be static?\n\nSigned-off-by: Arnaldo Carvalho de Melo \u003cacme@mandriva.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n"
    },
    {
      "commit": "9a4595bc7e67962f13232ee55a64e063062c3a99",
      "tree": "9691d77701cad7e0d4fb62390acf525f3adb9d60",
      "parents": [
        "f7fa9b10edbb9391bdd4ec8e8b3d621d0664b198"
      ],
      "author": {
        "name": "Patrick McHardy",
        "email": "kaber@trash.net",
        "time": "Mon Aug 15 12:32:15 2005 -0700"
      },
      "committer": {
        "name": "David S. Miller",
        "email": "davem@sunset.davemloft.net",
        "time": "Mon Aug 29 16:01:07 2005 -0700"
      },
      "message": "[NETLINK]: Add set/getsockopt options to support more than 32 groups\n\nNETLINK_ADD_MEMBERSHIP/NETLINK_DROP_MEMBERSHIP are used to join/leave\ngroups, NETLINK_PKTINFO is used to enable nl_pktinfo control messages\nfor received packets to get the extended destination group number.\n\nSigned-off-by: Patrick McHardy \u003ckaber@trash.net\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n"
    },
    {
      "commit": "7c657876b63cb1d8a2ec06f8fc6c37bb8412e66c",
      "tree": "3cb2732870c9cf8f976cb6fa57e0223f1c648e2a",
      "parents": [
        "c4365c9235f80128c3c3d5993074173941b1c1f0"
      ],
      "author": {
        "name": "Arnaldo Carvalho de Melo",
        "email": "acme@ghostprotocols.net",
        "time": "Tue Aug 09 20:14:34 2005 -0700"
      },
      "committer": {
        "name": "David S. Miller",
        "email": "davem@sunset.davemloft.net",
        "time": "Mon Aug 29 15:49:46 2005 -0700"
      },
      "message": "[DCCP]: Initial implementation\n\nDevelopment to this point was done on a subversion repository at:\n\nhttp://oops.ghostprotocols.net:81/cgi-bin/viewcvs.cgi/dccp-2.6/\n\nThis repository will be kept at this site for the foreseable future,\nso that interested parties can see the history of this code,\nattributions, etc.\n\nIf I ever decide to take this offline I\u0027ll provide the full history at\nsome other suitable place.\n\nSigned-off-by: Arnaldo Carvalho de Melo \u003cacme@ghostprotocols.net\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n"
    },
    {
      "commit": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
      "tree": "0bba044c4ce775e45a88a51686b5d9f90697ea9d",
      "parents": [],
      "author": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "message": "Linux-2.6.12-rc2\n\nInitial git repository build. I\u0027m not bothering with the full history,\neven though we have it. We can create a separate \"historical\" git\narchive of that later if we want to, and in the meantime it\u0027s about\n3.2GB when imported into git - space that would just make the early\ngit days unnecessarily complicated, when we don\u0027t have a lot of good\ninfrastructure for it.\n\nLet it rip!\n"
    }
  ]
}