)]}' { "log": [ { "commit": "ac22ba23b659e34a5961aec8c945608e471b0d5b", "tree": "6629c15380fe2db238fa078e912f4cf393708161", "parents": [ "b0105eaefa7cce8f4a941d0fc6354b250d30e745" ], "author": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Aug 12 01:06:54 2009 -0500" }, "committer": { "name": "Tyler Hicks", "email": "tyhicks@linux.vnet.ibm.com", "time": "Wed Sep 23 09:10:32 2009 -0500" }, "message": "eCryptfs: Check for O_RDONLY lower inodes when opening lower files\n\nIf the lower inode is read-only, don\u0027t attempt to open the lower file\nread/write and don\u0027t hand off the open request to the privileged\neCryptfs kthread for opening it read/write. Instead, only try an\nunprivileged, read-only open of the file and give up if that fails.\nThis patch fixes an oops when eCryptfs is mounted on top of a read-only\nmount.\n\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: Eric Sandeen \u003cesandeen@redhat.com\u003e\nCc: Dave Kleikamp \u003cshaggy@linux.vnet.ibm.com\u003e\nCc: ecryptfs-devel@lists.launchpad.net\nCc: stable \u003cstable@kernel.org\u003e\nSigned-off-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\n" }, { "commit": "745ca2475a6ac596e3d8d37c2759c0fbe2586227", "tree": "f87c34bdfbc8542477b16a014bbb4e3b415b286a", "parents": [ "88e67f3b8898c5ea81d2916dd5b8bc9c0c35ba13" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Nov 14 10:39:22 2008 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 14 10:39:22 2008 +1100" }, "message": "CRED: Pass credentials through dentry_open()\n\nPass credentials through dentry_open() so that the COW creds patch can have\nSELinux\u0027s flush_unauthorized_files() pass the appropriate creds back to itself\nwhen it opens its null chardev.\n\nThe security_dentry_open() call also now takes a creds pointer, as does the\ndentry_open hook in struct security_operations.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "746f1e558bc52b9693c1a1ecdab60f8392e5ff18", "tree": "a3253428affed93967c3ec67ba27ce8fe7d333c2", "parents": [ "0293902a4d66fab27d0ddcc0766e05dae68f004e" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Wed Jul 23 21:30:02 2008 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Jul 24 10:47:30 2008 -0700" }, "message": "eCryptfs: Privileged kthread for lower file opens\n\neCryptfs would really like to have read-write access to all files in the\nlower filesystem. Right now, the persistent lower file may be opened\nread-only if the attempt to open it read-write fails. One way to keep\nfrom having to do that is to have a privileged kthread that can open the\nlower persistent file on behalf of the user opening the eCryptfs file;\nthis patch implements this functionality.\n\nThis patch will properly allow a less-privileged user to open the eCryptfs\nfile, followed by a more-privileged user opening the eCryptfs file, with\nthe first user only being able to read and the second user being able to\nboth read and write. eCryptfs currently does this wrong; it will wind up\ncalling vfs_write() on a file that was opened read-only. This is fixed in\nthis patch.\n\nSigned-off-by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\nCc: Dave Kleikamp \u003cshaggy@austin.ibm.com\u003e\nCc: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: Eric Sandeen \u003csandeen@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" } ] }