)]}'
{
  "log": [
    {
      "commit": "4e54f08543d05e519e601368571cc3787fefae96",
      "tree": "0cd9d982e5bb25abcb9251d26c36ff11e7dc81a5",
      "parents": [
        "94583779e6625154e8d7fce33d097ae7d089e9de"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Thu Jun 29 02:24:28 2006 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@g5.osdl.org",
        "time": "Thu Jun 29 10:26:20 2006 -0700"
      },
      "message": "[PATCH] Keys: Allow in-kernel key requestor to pass auxiliary data to upcaller\n\nThe proposed NFS key type uses its own method of passing key requests to\nuserspace (upcalling) rather than invoking /sbin/request-key.  This is\nbecause the responsible userspace daemon should already be running and will\nbe contacted through rpc_pipefs.\n\nThis patch permits the NFS filesystem to pass auxiliary data to the upcall\noperation (struct key_type::request_key) so that the upcaller can use a\npre-existing communications channel more easily.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-By: Kevin Coffman \u003ckwc@citi.umich.edu\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    },
    {
      "commit": "b5f545c880a2a47947ba2118b2509644ab7a2969",
      "tree": "8720e02262b0ff6309ae79603f6c63965296d378",
      "parents": [
        "cab8eb594e84b434d20412fc5a3985b0bee3ab9f"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Sun Jan 08 01:02:47 2006 -0800"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@g5.osdl.org",
        "time": "Sun Jan 08 20:13:53 2006 -0800"
      },
      "message": "[PATCH] keys: Permit running process to instantiate keys\n\nMake it possible for a running process (such as gssapid) to be able to\ninstantiate a key, as was requested by Trond Myklebust for NFS4.\n\nThe patch makes the following changes:\n\n (1) A new, optional key type method has been added. This permits a key type\n     to intercept requests at the point /sbin/request-key is about to be\n     spawned and do something else with them - passing them over the\n     rpc_pipefs files or netlink sockets for instance.\n\n     The uninstantiated key, the authorisation key and the intended operation\n     name are passed to the method.\n\n (2) The callout_info is no longer passed as an argument to /sbin/request-key\n     to prevent unauthorised viewing of this data using ps or by looking in\n     /proc/pid/cmdline.\n\n     This means that the old /sbin/request-key program will not work with the\n     patched kernel as it will expect to see an extra argument that is no\n     longer there.\n\n     A revised keyutils package will be made available tomorrow.\n\n (3) The callout_info is now attached to the authorisation key. Reading this\n     key will retrieve the information.\n\n (4) A new field has been added to the task_struct. This holds the\n     authorisation key currently active for a thread. Searches now look here\n     for the caller\u0027s set of keys rather than looking for an auth key in the\n     lowest level of the session keyring.\n\n     This permits a thread to be servicing multiple requests at once and to\n     switch between them. Note that this is per-thread, not per-process, and\n     so is usable in multithreaded programs.\n\n     The setting of this field is inherited across fork and exec.\n\n (5) A new keyctl function (KEYCTL_ASSUME_AUTHORITY) has been added that\n     permits a thread to assume the authority to deal with an uninstantiated\n     key. Assumption is only permitted if the authorisation key associated\n     with the uninstantiated key is somewhere in the thread\u0027s keyrings.\n\n     This function can also clear the assumption.\n\n (6) A new magic key specifier has been added to refer to the currently\n     assumed authorisation key (KEY_SPEC_REQKEY_AUTH_KEY).\n\n (7) Instantiation will only proceed if the appropriate authorisation key is\n     assumed first. The assumed authorisation key is discarded if\n     instantiation is successful.\n\n (8) key_validate() is moved from the file of request_key functions to the\n     file of permissions functions.\n\n (9) The documentation is updated.\n\nFrom: \u003cValdis.Kletnieks@vt.edu\u003e\n\n    Build fix.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nCc: Trond Myklebust \u003ctrond.myklebust@fys.uio.no\u003e\nCc: Alexander Zangerl \u003caz@bond.edu.au\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    },
    {
      "commit": "f1a9badcf6ecad9975240d94514721cb93932151",
      "tree": "dc37fe427d645dd84331b7385523b39efa41ffad",
      "parents": [
        "74fd92c511bd4a0771ac0faaaef38bb1be3a29f6"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Fri Oct 07 15:04:52 2005 +0100"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@g5.osdl.org",
        "time": "Sat Oct 08 14:53:31 2005 -0700"
      },
      "message": "[PATCH] Keys: Add request-key process documentation\n\nThe attached patch adds documentation for the process by which request-key\nworks, including how it permits helper processes to gain access to the\nrequestor\u0027s keyrings.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    }
  ]
}