)]}'
{
  "log": [
    {
      "commit": "7e70cb4978507cf31d76b90e4cfb4c28cad87f0c",
      "tree": "c5df493eef8d30dcb40d647b0528970eb4a391c6",
      "parents": [
        "d00a1c72f7f4661212299e6cb132dfa58030bcdb"
      ],
      "author": {
        "name": "Mimi Zohar",
        "email": "zohar@linux.vnet.ibm.com",
        "time": "Tue Nov 23 18:55:35 2010 -0500"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Mon Nov 29 08:55:29 2010 +1100"
      },
      "message": "keys: add new key-type encrypted\n\nDefine a new kernel key-type called \u0027encrypted\u0027. Encrypted keys are kernel\ngenerated random numbers, which are encrypted/decrypted with a \u0027trusted\u0027\nsymmetric key. Encrypted keys are created/encrypted/decrypted in the kernel.\nUserspace only ever sees/stores encrypted blobs.\n\nChangelog:\n- bug fix: replaced master-key rcu based locking with semaphore\n  (reported by David Howells)\n- Removed memset of crypto_shash_digest() digest output\n- Replaced verification of \u0027key-type:key-desc\u0027 using strcspn(), with\n  one based on string constants.\n- Moved documentation to Documentation/keys-trusted-encrypted.txt\n- Replace hash with shash (based on comments by David Howells)\n- Make lengths/counts size_t where possible (based on comments by David Howells)\n  Could not convert most lengths, as crypto expects \u0027unsigned int\u0027\n  (size_t: on 32 bit is defined as unsigned int, but on 64 bit is unsigned long)\n- Add \u0027const\u0027 where possible (based on comments by David Howells)\n- allocate derived_buf dynamically to support arbitrary length master key\n  (fixed by Roberto Sassu)\n- wait until late_initcall for crypto libraries to be registered\n- cleanup security/Kconfig\n- Add missing \u0027update\u0027 keyword (reported/fixed by Roberto Sassu)\n- Free epayload on failure to create key (reported/fixed by Roberto Sassu)\n- Increase the data size limit (requested by Roberto Sassu)\n- Crypto return codes are always 0 on success and negative on failure,\n  remove unnecessary tests.\n- Replaced kzalloc() with kmalloc()\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: David Safford \u003csafford@watson.ibm.com\u003e\nReviewed-by: Roberto Sassu \u003croberto.sassu@polito.it\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    },
    {
      "commit": "d00a1c72f7f4661212299e6cb132dfa58030bcdb",
      "tree": "2c873e461f42bbf3aea03b7b2e59cea8f941d841",
      "parents": [
        "c749ba912e87ccebd674ae24b97462176c63732e"
      ],
      "author": {
        "name": "Mimi Zohar",
        "email": "zohar@linux.vnet.ibm.com",
        "time": "Tue Nov 23 17:50:34 2010 -0500"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Mon Nov 29 08:55:25 2010 +1100"
      },
      "message": "keys: add new trusted key-type\n\nDefine a new kernel key-type called \u0027trusted\u0027.  Trusted keys are random\nnumber symmetric keys, generated and RSA-sealed by the TPM.  The TPM\nonly unseals the keys, if the boot PCRs and other criteria match.\nUserspace can only ever see encrypted blobs.\n\nBased on suggestions by Jason Gunthorpe, several new options have been\nadded to support additional usages.\n\nThe new options are:\nmigratable\u003d  designates that the key may/may not ever be updated\n             (resealed under a new key, new pcrinfo or new auth.)\n\npcrlock\u003dn    extends the designated PCR \u0027n\u0027 with a random value,\n             so that a key sealed to that PCR may not be unsealed\n             again until after a reboot.\n\nkeyhandle\u003d   specifies the sealing/unsealing key handle.\n\nkeyauth\u003d     specifies the sealing/unsealing key auth.\n\nblobauth\u003d    specifies the sealed data auth.\n\nImplementation of a kernel reserved locality for trusted keys will be\ninvestigated for a possible future extension.\n\nChangelog:\n- Updated and added examples to Documentation/keys-trusted-encrypted.txt\n- Moved generic TPM constants to include/linux/tpm_command.h\n  (David Howell\u0027s suggestion.)\n- trusted_defined.c: replaced kzalloc with kmalloc, added pcrlock failure\n  error handling, added const qualifiers where appropriate.\n- moved to late_initcall\n- updated from hash to shash (suggestion by David Howells)\n- reduced worst stack usage (tpm_seal) from 530 to 312 bytes\n- moved documentation to Documentation directory (suggestion by David Howells)\n- all the other code cleanups suggested by David Howells\n- Add pcrlock CAP_SYS_ADMIN dependency (based on comment by Jason Gunthorpe)\n- New options: migratable, pcrlock, keyhandle, keyauth, blobauth (based on\n  discussions with Jason Gunthorpe)\n- Free payload on failure to create key(reported/fixed by Roberto Sassu)\n- Updated Kconfig and other descriptions (based on Serge Hallyn\u0027s suggestion)\n- Replaced kzalloc() with kmalloc() (reported by Serge Hallyn)\n\nSigned-off-by: David Safford \u003csafford@watson.ibm.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    },
    {
      "commit": "5d135440faf7db8d566de0c6fab36b16cf9cfc3b",
      "tree": "d9c022e73ed51dfe5729fde9a97150cb64b68196",
      "parents": [
        "f041ae2f99d49adc914153a34a2d0e14e4389d90"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Wed Sep 02 09:14:00 2009 +0100"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Wed Sep 02 21:29:11 2009 +1000"
      },
      "message": "KEYS: Add garbage collection for dead, revoked and expired keys. [try #6]\n\nAdd garbage collection for dead, revoked and expired keys.  This involved\nerasing all links to such keys from keyrings that point to them.  At that\npoint, the key will be deleted in the normal manner.\n\nKeyrings from which garbage collection occurs are shrunk and their quota\nconsumption reduced as appropriate.\n\nDead keys (for which the key type has been removed) will be garbage collected\nimmediately.\n\nRevoked and expired keys will hang around for a number of seconds, as set in\n/proc/sys/kernel/keys/gc_delay before being automatically removed.  The default\nis 5 minutes.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    },
    {
      "commit": "0b77f5bfb45c13e1e5142374f9d6ca75292252a4",
      "tree": "cf62055536d267e9a4abe6518e5d9f683a1ceb75",
      "parents": [
        "69664cf16af4f31cd54d77948a4baf9c7e0ca7b9"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Tue Apr 29 01:01:32 2008 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@linux-foundation.org",
        "time": "Tue Apr 29 08:06:17 2008 -0700"
      },
      "message": "keys: make the keyring quotas controllable through /proc/sys\n\nMake the keyring quotas controllable through /proc/sys files:\n\n (*) /proc/sys/kernel/keys/root_maxkeys\n     /proc/sys/kernel/keys/root_maxbytes\n\n     Maximum number of keys that root may have and the maximum total number of\n     bytes of data that root may have stored in those keys.\n\n (*) /proc/sys/kernel/keys/maxkeys\n     /proc/sys/kernel/keys/maxbytes\n\n     Maximum number of keys that each non-root user may have and the maximum\n     total number of bytes of data that each of those users may have stored in\n     their keys.\n\nAlso increase the quotas as a number of people have been complaining that it\u0027s\nnot big enough.  I\u0027m not sure that it\u0027s big enough now either, but on the\nother hand, it can now be set in /etc/sysctl.conf.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nCc: \u003ckwc@citi.umich.edu\u003e\nCc: \u003carunsr@cse.iitk.ac.in\u003e\nCc: \u003cdwalsh@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n"
    },
    {
      "commit": "468ed2b0c85ec4310b429e60358213b6d077289e",
      "tree": "d1f570c1b89df450753cbec8768b1c1cfac6d9a2",
      "parents": [
        "f1a9badcf6ecad9975240d94514721cb93932151"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Fri Oct 07 15:07:38 2005 +0100"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@g5.osdl.org",
        "time": "Sat Oct 08 14:53:31 2005 -0700"
      },
      "message": "[PATCH] Keys: Split key permissions checking into a .c file\n\nThe attached patch splits key permissions checking out of key-ui.h and\nmoves it into a .c file.  It\u0027s quite large and called quite a lot, and\nit\u0027s about to get bigger with the addition of LSM support for keys...\n\nkey_any_permission() is also discarded as it\u0027s no longer used.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    },
    {
      "commit": "3e30148c3d524a9c1c63ca28261bc24c457eb07a",
      "tree": "a2fcc46cc11fe871ad976c07476d934a07313576",
      "parents": [
        "8589b4e00e352f983259140f25a262d973be6bc5"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Thu Jun 23 22:00:56 2005 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Fri Jun 24 00:05:19 2005 -0700"
      },
      "message": "[PATCH] Keys: Make request-key create an authorisation key\n\nThe attached patch makes the following changes:\n\n (1) There\u0027s a new special key type called \".request_key_auth\".\n\n     This is an authorisation key for when one process requests a key and\n     another process is started to construct it. This type of key cannot be\n     created by the user; nor can it be requested by kernel services.\n\n     Authorisation keys hold two references:\n\n     (a) Each refers to a key being constructed. When the key being\n     \t constructed is instantiated the authorisation key is revoked,\n     \t rendering it of no further use.\n\n     (b) The \"authorising process\". This is either:\n\n     \t (i) the process that called request_key(), or:\n\n     \t (ii) if the process that called request_key() itself had an\n     \t      authorisation key in its session keyring, then the authorising\n     \t      process referred to by that authorisation key will also be\n     \t      referred to by the new authorisation key.\n\n\t This means that the process that initiated a chain of key requests\n\t will authorise the lot of them, and will, by default, wind up with\n\t the keys obtained from them in its keyrings.\n\n (2) request_key() creates an authorisation key which is then passed to\n     /sbin/request-key in as part of a new session keyring.\n\n (3) When request_key() is searching for a key to hand back to the caller, if\n     it comes across an authorisation key in the session keyring of the\n     calling process, it will also search the keyrings of the process\n     specified therein and it will use the specified process\u0027s credentials\n     (fsuid, fsgid, groups) to do that rather than the calling process\u0027s\n     credentials.\n\n     This allows a process started by /sbin/request-key to find keys belonging\n     to the authorising process.\n\n (4) A key can be read, even if the process executing KEYCTL_READ doesn\u0027t have\n     direct read or search permission if that key is contained within the\n     keyrings of a process specified by an authorisation key found within the\n     calling process\u0027s session keyring, and is searchable using the\n     credentials of the authorising process.\n\n     This allows a process started by /sbin/request-key to read keys belonging\n     to the authorising process.\n\n (5) The magic KEY_SPEC_*_KEYRING key IDs when passed to KEYCTL_INSTANTIATE or\n     KEYCTL_NEGATE will specify a keyring of the authorising process, rather\n     than the process doing the instantiation.\n\n (6) One of the process keyrings can be nominated as the default to which\n     request_key() should attach new keys if not otherwise specified. This is\n     done with KEYCTL_SET_REQKEY_KEYRING and one of the KEY_REQKEY_DEFL_*\n     constants. The current setting can also be read using this call.\n\n (7) request_key() is partially interruptible. If it is waiting for another\n     process to finish constructing a key, it can be interrupted. This permits\n     a request-key cycle to be broken without recourse to rebooting.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-Off-By: Benoit Boissinot \u003cbenoit.boissinot@ens-lyon.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n"
    },
    {
      "commit": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
      "tree": "0bba044c4ce775e45a88a51686b5d9f90697ea9d",
      "parents": [],
      "author": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "message": "Linux-2.6.12-rc2\n\nInitial git repository build. I\u0027m not bothering with the full history,\neven though we have it. We can create a separate \"historical\" git\narchive of that later if we want to, and in the meantime it\u0027s about\n3.2GB when imported into git - space that would just make the early\ngit days unnecessarily complicated, when we don\u0027t have a lot of good\ninfrastructure for it.\n\nLet it rip!\n"
    }
  ]
}