)]}' { "log": [ { "commit": "b78b6af66a5fbaf17d7e6bfc32384df5e34408c8", "tree": "bc5baa898697fcb6b1c0e8c1311ad4091ff98326", "parents": [ "ca1e0484d9fe8a9048ac32b0f9894545f43704e8" ], "author": { "name": "Hugh Dickins", "email": "hugh@veritas.com", "time": "Wed Apr 12 14:34:27 2006 -0700" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@suse.de", "time": "Mon Apr 17 14:24:58 2006 -0700" }, "message": "[PATCH] shmat: stop mprotect from giving write permission to a readonly attachment (CVE-2006-1524)\n\nI found that all of 2.4 and 2.6 have been letting mprotect give write\npermission to a readonly attachment of shared memory, whether or not IPC\nwould give the caller that permission.\n\nSUS says \"The behaviour of this function [mprotect] is unspecified if the\nmapping was not established by a call to mmap\", but I don\u0027t think we can\ninterpret that as allowing it to subvert IPC permissions.\n\nI haven\u0027t tried 2.2, but the 2.2.26 source looks like it gets it right; and\nthe patch below reproduces that behaviour - mprotect cannot be used to add\nwrite permission to a shared memory segment attached readonly.\n\nThis patch is simple, and I\u0027m sure it\u0027s what we should have done in 2.4.0:\nif you want to go on to switch write permission on and off with mprotect,\njust don\u0027t attach the segment readonly in the first place.\n\nHowever, we could have accumulated apps which attach readonly (even though\nthey would be permitted to attach read/write), and which subsequently use\nmprotect to switch write permission on and off: it\u0027s not unreasonable.\n\nI was going to add a second ipcperms check in do_shmat, to check for\nwritable when readonly, and if not writable find_vma and clear VM_MAYWRITE.\n But security_ipc_permission might do auditing, and it seems wrong to\nreport an attempt for write permission when there has been none. Or we\ncould flag the vma as SHM, note the shmid or shp in vm_private_data, and\nthen get mprotect to check.\n\nBut the patch below is a lot simpler: I\u0027d rather stick with it, if we can\nconvince ourselves somehow that it\u0027ll be safe.\n\nSigned-off-by: Hugh Dickins \u003chugh@veritas.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@suse.de\u003e\n" }, { "commit": "9ba025f10885758975fbbc2292a5b9e7cb8026a8", "tree": "2b6b88de37c42db0541ddf929d0a38b60f4a5871", "parents": [ "7ec70738097af9dfd25d5f83e9b27a532f462912" ], "author": { "name": "Eric Sesterhenn", "email": "snakebyte@gmx.de", "time": "Sun Apr 02 13:42:42 2006 +0200" }, "committer": { "name": "Adrian Bunk", "email": "bunk@stusta.de", "time": "Sun Apr 02 13:42:42 2006 +0200" }, "message": "BUG_ON() Conversion in ipc/shm.c\n\nthis changes if() BUG(); constructs to BUG_ON() which is\ncleaner, contains unlikely() and can better optimized away.\n\nSigned-off-by: Eric Sesterhenn \u003csnakebyte@gmx.de\u003e\nSigned-off-by: Adrian Bunk \u003cbunk@stusta.de\u003e\n" }, { "commit": "5f921ae96f1529a55966f25cd5c70fab11d38be7", "tree": "d8b3fecae1b36a99c0dbf544b30933a727bc7178", "parents": [ "14cc3e2b633bb64063698980974df4535368e98f" ], "author": { "name": "Ingo Molnar", "email": "mingo@elte.hu", "time": "Sun Mar 26 01:37:17 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Mar 26 08:56:55 2006 -0800" }, "message": "[PATCH] sem2mutex: ipc, id.sem\n\nSemaphore to mutex conversion.\n\nThe conversion was generated via scripts, and the result was validated\nautomatically via a script as well.\n\nSigned-off-by: Ingo Molnar \u003cmingo@elte.hu\u003e\nCc: Manfred Spraul \u003cmanfred@colorfullife.com\u003e\nSigned-off-by: Lee Schermerhorn \u003clee.schermerhorn@hp.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "1b9a3917366028cc451a98dd22e3bcd537d4e5c1", "tree": "d911058720e0a9aeeaf9f407ccdc6fbf4047f47d", "parents": [ "3661f00e2097676847deb01add1a0918044bd816", "71e1c784b24a026a490b3de01541fc5ee14ebc09" ], "author": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Mar 25 09:24:53 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Mar 25 09:24:53 2006 -0800" }, "message": "Merge branch \u0027audit.b3\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current\n\n* \u0027audit.b3\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (22 commits)\n [PATCH] fix audit_init failure path\n [PATCH] EXPORT_SYMBOL patch for audit_log, audit_log_start, audit_log_end and audit_format\n [PATCH] sem2mutex: audit_netlink_sem\n [PATCH] simplify audit_free() locking\n [PATCH] Fix audit operators\n [PATCH] promiscuous mode\n [PATCH] Add tty to syscall audit records\n [PATCH] add/remove rule update\n [PATCH] audit string fields interface + consumer\n [PATCH] SE Linux audit events\n [PATCH] Minor cosmetic cleanups to the code moved into auditfilter.c\n [PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL\n [PATCH] Fix IA64 success/failure indication in syscall auditing.\n [PATCH] Miscellaneous bug and warning fixes\n [PATCH] Capture selinux subject/object context information.\n [PATCH] Exclude messages by message type\n [PATCH] Collect more inode information during syscall processing.\n [PATCH] Pass dentry, not just name, in fsnotify creation hooks.\n [PATCH] Define new range of userspace messages.\n [PATCH] Filter rule comparators\n ...\n\nFixed trivial conflict in security/selinux/hooks.c\n" }, { "commit": "df1e2fb540368d0f9640045235f81923fa63acb7", "tree": "aae81d11a102030772ab5a1a6bfa55820fbaf0da", "parents": [ "38885bd4c2a4b59ddb22271d3e6c621859c76f02" ], "author": { "name": "Hugh Dickins", "email": "hugh@veritas.com", "time": "Fri Mar 24 03:18:06 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Mar 24 07:33:25 2006 -0800" }, "message": "[PATCH] shmdt: check address alignment\n\nSUSv3 says the shmdt() function shall fail with EINVAL if the value of\nshmaddr is not the data segment start address of a shared memory segment:\nour sys_shmdt needs to reject a shmaddr which is not page-aligned.\n\nDoes it have the potential to break existing apps?\n\nHugh says\n\n \"sys_shmdt() just does the wrong (unexpected) thing with a misaligned\n address: it\u0027ll fail on what you might expect it to succeed on, and only\n succeed on what it should definitely fail on.\n\n \"That is, I think it behaves as if shmaddr gets rounded up, when the only\n understandable behaviour would be if it rounded it down.\n\n \"Which does mean you\u0027d have to be devious to see anything but EINVAL from\n a misaligned shmaddr there, so it\u0027s not terribly important.\"\n\nSigned-off-by: Hugh Dickins \u003chugh@veritas.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "8c8570fb8feef2bc166bee75a85748b25cda22d9", "tree": "ed783d405ea9d5f3d3ccc57fb56c7b7cb2cdfb82", "parents": [ "c8edc80c8b8c397c53f4f659a05b9ea6208029bf" ], "author": { "name": "Dustin Kirkland", "email": "dustin.kirkland@us.ibm.com", "time": "Thu Nov 03 17:15:16 2005 +0000" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Mar 20 14:08:54 2006 -0500" }, "message": "[PATCH] Capture selinux subject/object context information.\n\nThis patch extends existing audit records with subject/object context\ninformation. Audit records associated with filesystem inodes, ipc, and\ntasks now contain SELinux label information in the field \"subj\" if the\nitem is performing the action, or in \"obj\" if the item is the receiver\nof an action.\n\nThese labels are collected via hooks in SELinux and appended to the\nappropriate record in the audit code.\n\nThis additional information is required for Common Criteria Labeled\nSecurity Protection Profile (LSPP).\n\n[AV: fixed kmalloc flags use]\n[folded leak fixes]\n[folded cleanup from akpm (kfree(NULL)]\n[folded audit_inode_context() leak fix]\n[folded akpm\u0027s fix for audit_ipc_perm() definition in case of !CONFIG_AUDIT]\n\nSigned-off-by: Dustin Kirkland \u003cdustin.kirkland@us.ibm.com\u003e\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "8e36709d8cea48a4d341294ce2b46678a2e77159", "tree": "bfb3f096c111e2feaab53e386e199d553df36482", "parents": [ "c22db9412736204b25aeba19d18e5ea922f7d632" ], "author": { "name": "KAMEZAWA Hiroyuki", "email": "kamezawa.hiroyu@jp.fujitsu.com", "time": "Fri Feb 10 01:51:12 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Feb 10 08:13:12 2006 -0800" }, "message": "[PATCH] shmdt cannot detach not-alined shm segment cleanly.\n\nsys_shmdt() can manage shm segments which are covered by multiple vmas. (This\ncan happen when a user uses mprotect() after shmat().)\n\nThis works well if shm is aligned to PAGE_SIZE, but if not, the last\nsegment cannot be detached. It is because a comparison in sys_shmdt()\n\n\t(vma-\u003evm_end - addr) \u003c size\n\t\taddr \u003d\u003d return address of shmat()\n\t\tsize \u003d\u003d shmsize, argments to shmget()\n\nsize should be aligned to PAGE_SIZE before being compared with vma-\u003evm_end,\nwhich is aligned.\n\nSigned-off-by: KAMEZAWA Hiroyuki \u003ckamezawa.hiroyu@jp.fujitsu.com\u003e\nCc: Manfred Spraul \u003cmanfred@colorfullife.com\u003e\nAcked-by: Hugh Dickins \u003chugh@veritas.com\u003e\nCc: \u003cstable@kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "c59ede7b78db329949d9cdcd7064e22d357560ef", "tree": "f9dc9d464fdad5bfd464d983e77c1af031389dda", "parents": [ "e16885c5ad624a6efe1b1bf764e075d75f65a788" ], "author": { "name": "Randy.Dunlap", "email": "rdunlap@xenotime.net", "time": "Wed Jan 11 12:17:46 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Wed Jan 11 18:42:13 2006 -0800" }, "message": "[PATCH] move capable() to capability.h\n\n- Move capable() from sched.h to capability.h;\n\n- Use \u003clinux/capability.h\u003e where capable() is used\n\t(in include/, block/, ipc/, kernel/, a few drivers/,\n\tmm/, security/, \u0026 sound/;\n\tmany more drivers/ to go)\n\nSigned-off-by: Randy Dunlap \u003crdunlap@xenotime.net\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "b33291c0bcecfa44baa905964eec4b8815dcbcdf", "tree": "126c3f84456fd2ee80ef54667615631f7ce31cdc", "parents": [ "b3f3d6141f8636f627bf19fd44eaf59a52637ac8" ], "author": { "name": "Andrew Morton", "email": "akpm@osdl.org", "time": "Sun Jan 08 01:02:21 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Jan 08 20:13:49 2006 -0800" }, "message": "[PATCH] ipc: expand shm_flags\n\nUnobfsucate this struct member\n\nCc: Manfred Spraul \u003cmanfred@colorfullife.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "b0e15190ead07056ab0c3844a499ff35e66d27cc", "tree": "0601a8d68fa051a7ee85d22640e982c0a64f0efc", "parents": [ "642fb4d1f1dd2417aa69189fe5ceb81e4fb72900" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Jan 06 00:11:42 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Jan 06 08:33:32 2006 -0800" }, "message": "[PATCH] NOMMU: Make SYSV IPC SHM use ramfs facilities on NOMMU\n\nThe attached patch makes the SYSV IPC shared memory facilities use the new\nramfs facilities on a no-MMU kernel.\n\nThe following changes are made:\n\n (1) There are now shmem_mmap() and shmem_get_unmapped_area() functions to\n allow the IPC SHM facilities to commune with the tiny-shmem and shmem\n code.\n\n (2) ramfs files now need resizing using do_truncate() rather than by modifying\n the inode size directly (see shmem_file_setup()). This causes ramfs to\n attempt to bind a block of pages of sufficient size to the inode.\n\n (3) CONFIG_SYSVIPC is no longer contingent on CONFIG_MMU.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "bf8f972d3a1daf969cf44f64cc36d53bfd76441f", "tree": "c3f0ac2f789c695d13858171144aa5f4ecdc84c1", "parents": [ "d8ba3b731086bcae5468f9ea509f39a921b3f9a6" ], "author": { "name": "Badari Pulavarty", "email": "pbadari@us.ibm.com", "time": "Mon Nov 07 00:59:27 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Mon Nov 07 07:53:37 2005 -0800" }, "message": "[PATCH] SHM_NORESERVE flags for shmget()\n\nAdd SHM_NORESERVE functionality similar to MAP_NORESERVE for shared memory\nsegments.\n\nThis is mainly to avoid abuse of OVERCOMMIT_ALWAYS and this flag is ignored\nfor OVERCOMMIT_NEVER.\n\nSigned-off-by: Badari Pulavarty \u003cpbadari@us.ibm.com\u003e\nCc: Hugh Dickins \u003chugh@veritas.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "551110a94aa15890d1709b179c4be1e66ff6db53", "tree": "f16ab250dcb50a7839d26b7abc2a165b705c5fb0", "parents": [ "0b1533f67cc1a595457af6d05ab3510294e2ca9c" ], "author": { "name": "Krishnakumar R", "email": "rkrishnakumar@gmail.com", "time": "Sat Oct 29 18:16:45 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Oct 29 21:40:43 2005 -0700" }, "message": "[PATCH] hugetlb: remove repeated code\n\nClean up some repeated code related to HugeTLB. hugetlb_zero_setup would\nhave already allocated the file-\u003ef_op.\n\nSigned-off-by: Krishnakumar. R \u003crkrishnakumar@gmail.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "19b4946ca9d1e35d4c641dcebe27378de34f3ddd", "tree": "add66dd24e7a30441bbe26a4cc35e1124434e5b9", "parents": [ "ae7817745eef3b4ed3c2e36cb403e0c50f17d4e4" ], "author": { "name": "Mike Waychison", "email": "mikew@google.com", "time": "Tue Sep 06 15:17:10 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Wed Sep 07 16:57:26 2005 -0700" }, "message": "[PATCH] ipc: convert /proc/sysvipc/* to generic seq_file interface\n\nChange the /proc/sysvipc/shm|sem|msg files to use the generic seq_file\nimplementation for struct ipc_ids.\n\nSigned-off-by: Mike Waychison \u003cmikew@google.com\u003e\nCc: Manfred Spraul \u003cmanfred@colorfullife.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "6ade43fbbcc3c12f0ddba112351d14d6c82ae476", "tree": "1e5651082607a90345a7f042ed4937c938e11483", "parents": [ "39bbb07d7c0cf3e374831d1474e2246d9cabd931" ], "author": { "name": "Andrew Morton", "email": "akpm@osdl.org", "time": "Mon Aug 01 21:11:45 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Mon Aug 01 21:38:00 2005 -0700" }, "message": "[PATCH] shm: CONFIG_SHMEM\u003dn build fix\n\nFix bug found by Grant Coady \u003clkml@dodo.com.au\u003e\u0027s autobuild setup.\n\nshmem_set_policy() and shmem_get_policy() are macros if !CONFIG_SHMEM, so this\ndoesn\u0027t work.\n\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "7d87e14c236d6c4cab66d87cf0bc1e0f0375d308", "tree": "0c0826cdc102286b541e3e56b59c81752d34c90d", "parents": [ "434498d5323445b59167fd7aa5633b74ebbce901" ], "author": { "name": "Stephen Rothwell", "email": "sfr@canb.auug.org.au", "time": "Sun May 01 08:59:12 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sun May 01 08:59:12 2005 -0700" }, "message": "[PATCH] consolidate sys_shmat\n\nSigned-off-by: Stephen Rothwell \u003csfr@canb.auug.org.au\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "tree": "0bba044c4ce775e45a88a51686b5d9f90697ea9d", "parents": [], "author": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Apr 16 15:20:36 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Apr 16 15:20:36 2005 -0700" }, "message": "Linux-2.6.12-rc2\n\nInitial git repository build. I\u0027m not bothering with the full history,\neven though we have it. We can create a separate \"historical\" git\narchive of that later if we want to, and in the meantime it\u0027s about\n3.2GB when imported into git - space that would just make the early\ngit days unnecessarily complicated, when we don\u0027t have a lot of good\ninfrastructure for it.\n\nLet it rip!\n" } ] }