)]}'
{
  "log": [
    {
      "commit": "29db9190634067c5a328ee5fcc2890251b836b4b",
      "tree": "07ec242789230824f1fa8bcbbe681fd5bf166fa8",
      "parents": [
        "2aa349f6e37ce030060c994d3aebbff4ab703565"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Sun Oct 30 15:02:44 2005 -0800"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@g5.osdl.org",
        "time": "Sun Oct 30 17:37:23 2005 -0800"
      },
      "message": "[PATCH] Keys: Add LSM hooks for key management [try #3]\n\nThe attached patch adds LSM hooks for key management facilities. The notable\nchanges are:\n\n (1) The key struct now supports a security pointer for the use of security\n     modules. This will permit key labelling and restrictions on which\n     programs may access a key.\n\n (2) Security modules get a chance to note (or abort) the allocation of a key.\n\n (3) The key permission checking can now be enhanced by the security modules;\n     the permissions check consults LSM if all other checks bear out.\n\n (4) The key permissions checking functions now return an error code rather\n     than a boolean value.\n\n (5) An extra permission has been added to govern the modification of\n     attributes (UID, GID, permissions).\n\nNote that there isn\u0027t an LSM hook specifically for each keyctl() operation,\nbut rather the permissions hook allows control of individual operations based\non the permission request bits.\n\nKey management access control through LSM is enabled by automatically if both\nCONFIG_KEYS and CONFIG_SECURITY are enabled.\n\nThis should be applied on top of the patch ensubjected:\n\n\t[PATCH] Keys: Possessor permissions should be additive\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Chris Wright \u003cchrisw@osdl.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    },
    {
      "commit": "d381d8a9a08cac9824096213069159be17fd2e2f",
      "tree": "0c19722b8f67c29b7c08c6ab8776a9c146395d03",
      "parents": [
        "89d155ef62e5e0c10e4b37aaa5056f0beafe10e6"
      ],
      "author": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Sun Oct 30 14:59:22 2005 -0800"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@g5.osdl.org",
        "time": "Sun Oct 30 17:37:11 2005 -0800"
      },
      "message": "[PATCH] SELinux: canonicalize getxattr()\n\nThis patch allows SELinux to canonicalize the value returned from\ngetxattr() via the security_inode_getsecurity() hook, which is called after\nthe fs level getxattr() function.\n\nThe purpose of this is to allow the in-core security context for an inode\nto override the on-disk value.  This could happen in cases such as\nupgrading a system to a different labeling form (e.g.  standard SELinux to\nMLS) without needing to do a full relabel of the filesystem.\n\nIn such cases, we want getxattr() to return the canonical security context\nthat the kernel is using rather than what is stored on disk.\n\nThe implementation hooks into the inode_getsecurity(), adding another\nparameter to indicate the result of the preceding fs-level getxattr() call,\nso that SELinux knows whether to compare a value obtained from disk with\nthe kernel value.\n\nWe also now allow getxattr() to work for mountpoint labeled filesystems\n(i.e.  mount with option context\u003dfoo_t), as we are able to return the\nkernel value to the user.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    },
    {
      "commit": "7d877f3bda870ab5f001bd92528654471d5966b3",
      "tree": "1c05b62abead153956c4ca250ffb1891887e77c9",
      "parents": [
        "fd4f2df24bc23e6b8fc069765b425c7dacf52347"
      ],
      "author": {
        "name": "Al Viro",
        "email": "viro@zeniv.linux.org.uk",
        "time": "Fri Oct 21 03:20:43 2005 -0400"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@g5.osdl.org",
        "time": "Fri Oct 28 08:16:47 2005 -0700"
      },
      "message": "[PATCH] gfp_t: net/*\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    },
    {
      "commit": "e31e14ec356f36b131576be5bc31d8fef7e95483",
      "tree": "5597419cf186904d77c4b4ecf117287bcc1db986",
      "parents": [
        "a74574aafea3a63add3251047601611111f44562"
      ],
      "author": {
        "name": "Stephen Smalley",
        "email": "sds@tycho.nsa.gov",
        "time": "Fri Sep 09 13:01:45 2005 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@g5.osdl.org",
        "time": "Fri Sep 09 13:57:28 2005 -0700"
      },
      "message": "[PATCH] remove the inode_post_link and inode_post_rename LSM hooks\n\nThis patch removes the inode_post_link and inode_post_rename LSM hooks as\nthey are unused (and likely useless).\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    },
    {
      "commit": "a74574aafea3a63add3251047601611111f44562",
      "tree": "a8f4a809589513c666c6f5518cbe84f50ee5523e",
      "parents": [
        "570bc1c2e5ccdb408081e77507a385dc7ebed7fa"
      ],
      "author": {
        "name": "Stephen Smalley",
        "email": "sds@tycho.nsa.gov",
        "time": "Fri Sep 09 13:01:44 2005 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@g5.osdl.org",
        "time": "Fri Sep 09 13:57:28 2005 -0700"
      },
      "message": "[PATCH] Remove security_inode_post_create/mkdir/symlink/mknod hooks\n\nThis patch removes the inode_post_create/mkdir/mknod/symlink LSM hooks as\nthey are obsoleted by the new inode_init_security hook that enables atomic\ninode security labeling.\n\nIf anyone sees any reason to retain these hooks, please speak now.  Also,\nis anyone using the post_rename/link hooks; if not, those could also be\nremoved.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    },
    {
      "commit": "5e41ff9e0650f327a6c819841fa412da95d57319",
      "tree": "a525df8bda34c2aa52f30326f94cd15109bb58b3",
      "parents": [
        "f5ee56cc184e0944ebc9ff1691985219959596f6"
      ],
      "author": {
        "name": "Stephen Smalley",
        "email": "sds@tycho.nsa.gov",
        "time": "Fri Sep 09 13:01:35 2005 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@g5.osdl.org",
        "time": "Fri Sep 09 13:57:27 2005 -0700"
      },
      "message": "[PATCH] security: enable atomic inode security labeling\n\nThe following patch set enables atomic security labeling of newly created\ninodes by altering the fs code to invoke a new LSM hook to obtain the security\nattribute to apply to a newly created inode and to set up the incore inode\nsecurity state during the inode creation transaction.  This parallels the\nexisting processing for setting ACLs on newly created inodes.  Otherwise, it\nis possible for new inodes to be accessed by another thread via the dcache\nprior to complete security setup (presently handled by the\npost_create/mkdir/...  LSM hooks in the VFS) and a newly created inode may be\nleft unlabeled on the disk in the event of a crash.  SELinux presently works\naround the issue by ensuring that the incore inode security label is\ninitialized to a special SID that is inaccessible to unprivileged processes\n(in accordance with policy), thereby preventing inappropriate access but\npotentially causing false denials on legitimate accesses.  A simple test\nprogram demonstrates such false denials on SELinux, and the patch solves the\nproblem.  Similar such false denials have been encountered in real\napplications.\n\nThis patch defines a new inode_init_security LSM hook to obtain the security\nattribute to apply to a newly created inode and to set up the incore inode\nsecurity state for it, and adds a corresponding hook function implementation\nto SELinux.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    },
    {
      "commit": "d6e711448137ca3301512cec41a2c2ce852b3d0a",
      "tree": "f0765ebd90fdbdf270c05fcd7f3d32b24ba56681",
      "parents": [
        "8b0914ea7475615c7c8965c1ac8fe4069270f25c"
      ],
      "author": {
        "name": "Alan Cox",
        "email": "alan@lxorguk.ukuu.org.uk",
        "time": "Thu Jun 23 00:09:43 2005 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Thu Jun 23 09:45:26 2005 -0700"
      },
      "message": "[PATCH] setuid core dump\n\nAdd a new `suid_dumpable\u0027 sysctl:\n\nThis value can be used to query and set the core dump mode for setuid\nor otherwise protected/tainted binaries. The modes are\n\n0 - (default) - traditional behaviour.  Any process which has changed\n    privilege levels or is execute only will not be dumped\n\n1 - (debug) - all processes dump core when possible.  The core dump is\n    owned by the current user and no security is applied.  This is intended\n    for system debugging situations only.  Ptrace is unchecked.\n\n2 - (suidsafe) - any binary which normally would not be dumped is dumped\n    readable by root only.  This allows the end user to remove such a dump but\n    not access it directly.  For security reasons core dumps in this mode will\n    not overwrite one another or other files.  This mode is appropriate when\n    adminstrators are attempting to debug problems in a normal environment.\n\n(akpm:\n\n\u003e \u003e +EXPORT_SYMBOL(suid_dumpable);\n\u003e\n\u003e EXPORT_SYMBOL_GPL?\n\nNo problem to me.\n\n\u003e \u003e  \tif (current-\u003eeuid \u003d\u003d current-\u003euid \u0026\u0026 current-\u003eegid \u003d\u003d current-\u003egid)\n\u003e \u003e  \t\tcurrent-\u003emm-\u003edumpable \u003d 1;\n\u003e\n\u003e Should this be SUID_DUMP_USER?\n\nActually the feedback I had from last time was that the SUID_ defines\nshould go because its clearer to follow the numbers. They can go\neverywhere (and there are lots of places where dumpable is tested/used\nas a bool in untouched code)\n\n\u003e Maybe this should be renamed to `dump_policy\u0027 or something.  Doing that\n\u003e would help us catch any code which isn\u0027t using the #defines, too.\n\nFair comment. The patch was designed to be easy to maintain for Red Hat\nrather than for merging. Changing that field would create a gigantic\ndiff because it is used all over the place.\n\n)\n\nSigned-off-by: Alan Cox \u003calan@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    },
    {
      "commit": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
      "tree": "0bba044c4ce775e45a88a51686b5d9f90697ea9d",
      "parents": [],
      "author": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "message": "Linux-2.6.12-rc2\n\nInitial git repository build. I\u0027m not bothering with the full history,\neven though we have it. We can create a separate \"historical\" git\narchive of that later if we want to, and in the meantime it\u0027s about\n3.2GB when imported into git - space that would just make the early\ngit days unnecessarily complicated, when we don\u0027t have a lot of good\ninfrastructure for it.\n\nLet it rip!\n"
    }
  ]
}