)]}' { "log": [ { "commit": "4d81897139ffb738ee14b6f84f63f93ecda1136b", "tree": "27bbf6c03ccc9087e6bdc73b7fed31b471eb8048", "parents": [ "322a8b034003c0d46d39af85bf24fee27b902f48" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sat Aug 06 23:38:30 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 08 13:13:45 2011 +1000" }, "message": "TOMOYO: Fix incomplete read of /sys/kernel/security/tomoyo/profile\n\nCommit bd03a3e4 \"TOMOYO: Add policy namespace support.\" forgot to set EOF flag\nand forgot to print namespace at PREFERENCE line.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "82c21bfab41a77bc01affe21bea9727d776774a7", "tree": "b0c5850be07c7f6d747df389f8f15780887da630", "parents": [ "87a0874cf19f1bc9bd25bd7d053a0ea25ccf8373" ], "author": { "name": "Paul Moore", "email": "paul.moore@hp.com", "time": "Mon Aug 01 11:10:33 2011 +0000" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Mon Aug 01 17:58:33 2011 -0700" }, "message": "doc: Update the email address for Paul Moore in various source files\n\nMy @hp.com will no longer be valid starting August 5, 2011 so an update is\nnecessary. My new email address is employer independent so we don\u0027t have\nto worry about doing this again any time soon.\n\nSigned-off-by: Paul Moore \u003cpaul.moore@hp.com\u003e\nSigned-off-by: Paul Moore \u003cpaul@paul-moore.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "95b6886526bb510b8370b625a49bc0ab3b8ff10f", "tree": "2862606224820d200be12d2092dcd26df1654b80", "parents": [ "22712200e175e0df5c7f9edfe6c6bf5c94c23b83", "29412f0f6a19e34336368f13eab848091c343952" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Jul 27 19:26:38 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Jul 27 19:26:38 2011 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (54 commits)\n tpm_nsc: Fix bug when loading multiple TPM drivers\n tpm: Move tpm_tis_reenable_interrupts out of CONFIG_PNP block\n tpm: Fix compilation warning when CONFIG_PNP is not defined\n TOMOYO: Update kernel-doc.\n tpm: Fix a typo\n tpm_tis: Probing function for Intel iTPM bug\n tpm_tis: Fix the probing for interrupts\n tpm_tis: Delay ACPI S3 suspend while the TPM is busy\n tpm_tis: Re-enable interrupts upon (S3) resume\n tpm: Fix display of data in pubek sysfs entry\n tpm_tis: Add timeouts sysfs entry\n tpm: Adjust interface timeouts if they are too small\n tpm: Use interface timeouts returned from the TPM\n tpm_tis: Introduce durations sysfs entry\n tpm: Adjust the durations if they are too small\n tpm: Use durations returned from TPM\n TOMOYO: Enable conditional ACL.\n TOMOYO: Allow using argv[]/envp[] of execve() as conditions.\n TOMOYO: Allow using executable\u0027s realpath and symlink\u0027s target as conditions.\n TOMOYO: Allow using owner/group etc. of file objects as conditions.\n ...\n\nFix up trivial conflict in security/tomoyo/realpath.c\n" }, { "commit": "e371d46ae45488bcb112a99a7de462e9e3aa6764", "tree": "9e2eceb292018e52304053bd8013cdb0a7f31dcc", "parents": [ "b0189cd087aa82bd23277cb5c8960ab030e13e5c", "e57712ebebbb9db7d8dcef216437b3171ddcf115" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jul 26 18:30:20 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jul 26 18:30:20 2011 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:\n merge fchmod() and fchmodat() guts, kill ancient broken kludge\n xfs: fix misspelled S_IS...()\n xfs: get rid of open-coded S_ISREG(), etc.\n vfs: document locking requirements for d_move, __d_move and d_materialise_unique\n omfs: fix (mode \u0026 S_IFDIR) abuse\n btrfs: S_ISREG(mode) is not mode \u0026 S_IFREG...\n ima: fmode_t misspelled as mode_t...\n pci-label.c: size_t misspelled as mode_t\n jffs2: S_ISLNK(mode \u0026 S_IFMT) is pointless\n snd_msnd -\u003emode is fmode_t, not mode_t\n v9fs_iop_get_acl: get rid of unused variable\n vfs: dont chain pipe/anon/socket on superblock s_inodes list\n Documentation: Exporting: update description of d_splice_alias\n fs: add missing unlock in default_llseek()\n" }, { "commit": "60063497a95e716c9a689af3be2687d261f115b4", "tree": "6ce0d68db76982c53df46aee5f29f944ebf2c320", "parents": [ "148817ba092f9f6edd35bad3c6c6b8e8f90fe2ed" ], "author": { "name": "Arun Sharma", "email": "asharma@fb.com", "time": "Tue Jul 26 16:09:06 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jul 26 16:49:47 2011 -0700" }, "message": "atomic: use \u003clinux/atomic.h\u003e\n\nThis allows us to move duplicated code in \u003casm/atomic.h\u003e\n(atomic_inc_not_zero() for now) to \u003clinux/atomic.h\u003e\n\nSigned-off-by: Arun Sharma \u003casharma@fb.com\u003e\nReviewed-by: Eric Dumazet \u003ceric.dumazet@gmail.com\u003e\nCc: Ingo Molnar \u003cmingo@elte.hu\u003e\nCc: David Miller \u003cdavem@davemloft.net\u003e\nCc: Eric Dumazet \u003ceric.dumazet@gmail.com\u003e\nAcked-by: Mike Frysinger \u003cvapier@gentoo.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "4b2a2c67415f1ab128f1d0b340fe6d13363335e5", "tree": "4553a90b12550980ac1dc40288458865e3eb186f", "parents": [ "ed476418394f12d47f27a75424c237a94d244f10" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 26 04:30:35 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 26 13:04:32 2011 -0400" }, "message": "ima: fmode_t misspelled as mode_t...\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "d3ec4844d449cf7af9e749f73ba2052fb7b72fc2", "tree": "c515913e85f7e50878c83da2a88bc5a7269d087c", "parents": [ "0003230e8200699860f0b10af524dc47bf8aecad", "df2e301fee3c2c2a87592151397ad7699bb14c37" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jul 25 13:56:39 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jul 25 13:56:39 2011 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (43 commits)\n fs: Merge split strings\n treewide: fix potentially dangerous trailing \u0027;\u0027 in #defined values/expressions\n uwb: Fix misspelling of neighbourhood in comment\n net, netfilter: Remove redundant goto in ebt_ulog_packet\n trivial: don\u0027t touch files that are removed in the staging tree\n lib/vsprintf: replace link to Draft by final RFC number\n doc: Kconfig: `to be\u0027 -\u003e `be\u0027\n doc: Kconfig: Typo: square -\u003e squared\n doc: Konfig: Documentation/power/{pm \u003d\u003e apm-acpi}.txt\n drivers/net: static should be at beginning of declaration\n drivers/media: static should be at beginning of declaration\n drivers/i2c: static should be at beginning of declaration\n XTENSA: static should be at beginning of declaration\n SH: static should be at beginning of declaration\n MIPS: static should be at beginning of declaration\n ARM: static should be at beginning of declaration\n rcu: treewide: Do not use rcu_read_lock_held when calling rcu_dereference_check\n Update my e-mail address\n PCIe ASPM: forcedly -\u003e forcibly\n gma500: push through device driver tree\n ...\n\nFix up trivial conflicts:\n - arch/arm/mach-ep93xx/dma-m2p.c (deleted)\n - drivers/gpio/gpio-ep93xx.c (renamed and context nearby)\n - drivers/net/r8169.c (just context changes)\n" }, { "commit": "423e0ab086ad8b33626e45fa94ac7613146b7ffa", "tree": "249c9337a02254fe5dbede7436f78dfcc1ec508f", "parents": [ "bbd9d6f7fbb0305c9a592bf05a32e87eb364a4ff" ], "author": { "name": "Tim Chen", "email": "tim.c.chen@linux.intel.com", "time": "Tue Jul 19 09:32:38 2011 -0700" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sun Jul 24 10:08:32 2011 -0400" }, "message": "VFS : mount lock scalability for internal mounts\n\nFor a number of file systems that don\u0027t have a mount point (e.g. sockfs\nand pipefs), they are not marked as long term. Therefore in\nmntput_no_expire, all locks in vfs_mount lock are taken instead of just\nlocal cpu\u0027s lock to aggregate reference counts when we release\nreference to file objects. In fact, only local lock need to have been\ntaken to update ref counts as these file systems are in no danger of\ngoing away until we are ready to unregister them.\n\nThe attached patch marks file systems using kern_mount without\nmount point as long term. The contentions of vfs_mount lock\nis now eliminated. Before un-registering such file system,\nkern_unmount should be called to remove the long term flag and\nmake the mount point ready to be freed.\n\nSigned-off-by: Tim Chen \u003ctim.c.chen@linux.intel.com\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "bbd9d6f7fbb0305c9a592bf05a32e87eb364a4ff", "tree": "12b2bb4202b05f6ae6a43c6ce830a0472043dbe5", "parents": [ "8e204874db000928e37199c2db82b7eb8966cc3c", "5a9a43646cf709312d71eca71cef90ad802f28f9" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 19:02:39 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 19:02:39 2011 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: (107 commits)\n vfs: use ERR_CAST for err-ptr tossing in lookup_instantiate_filp\n isofs: Remove global fs lock\n jffs2: fix IN_DELETE_SELF on overwriting rename() killing a directory\n fix IN_DELETE_SELF on overwriting rename() on ramfs et.al.\n mm/truncate.c: fix build for CONFIG_BLOCK not enabled\n fs:update the NOTE of the file_operations structure\n Remove dead code in dget_parent()\n AFS: Fix silly characters in a comment\n switch d_add_ci() to d_splice_alias() in \"found negative\" case as well\n simplify gfs2_lookup()\n jfs_lookup(): don\u0027t bother with . or ..\n get rid of useless dget_parent() in btrfs rename() and link()\n get rid of useless dget_parent() in fs/btrfs/ioctl.c\n fs: push i_mutex and filemap_write_and_wait down into -\u003efsync() handlers\n drivers: fix up various -\u003ellseek() implementations\n fs: handle SEEK_HOLE/SEEK_DATA properly in all fs\u0027s that define their own llseek\n Ext4: handle SEEK_HOLE/SEEK_DATA generically\n Btrfs: implement our own -\u003ellseek\n fs: add SEEK_HOLE and SEEK_DATA flags\n reiserfs: make reiserfs default to barrier\u003dflush\n ...\n\nFix up trivial conflicts in fs/xfs/linux-2.6/xfs_super.c due to the new\nshrinker callout for the inode cache, that clashed with the xfs code to\nstart the periodic workers later.\n" }, { "commit": "0342cbcfced2ee937d7c8e1c63f3d3082da7c7dc", "tree": "fb98291d321a50de2dfd99f9bcaa33274f0c3952", "parents": [ "391d6276db9fbdedfbc30e1b56390414f0e55988", "7f70893173b056df691b2ee7546bb44fd9abae6a" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 16:44:08 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 16:44:08 2011 -0700" }, "message": "Merge branch \u0027core-rcu-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip\n\n* \u0027core-rcu-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:\n rcu: Fix wrong check in list_splice_init_rcu()\n net,rcu: Convert call_rcu(xt_rateest_free_rcu) to kfree_rcu()\n sysctl,rcu: Convert call_rcu(free_head) to kfree\n vmalloc,rcu: Convert call_rcu(rcu_free_vb) to kfree_rcu()\n vmalloc,rcu: Convert call_rcu(rcu_free_va) to kfree_rcu()\n ipc,rcu: Convert call_rcu(ipc_immediate_free) to kfree_rcu()\n ipc,rcu: Convert call_rcu(free_un) to kfree_rcu()\n security,rcu: Convert call_rcu(sel_netport_free) to kfree_rcu()\n security,rcu: Convert call_rcu(sel_netnode_free) to kfree_rcu()\n ia64,rcu: Convert call_rcu(sn_irq_info_free) to kfree_rcu()\n block,rcu: Convert call_rcu(disk_free_ptbl_rcu_cb) to kfree_rcu()\n scsi,rcu: Convert call_rcu(fc_rport_free_rcu) to kfree_rcu()\n audit_tree,rcu: Convert call_rcu(__put_tree) to kfree_rcu()\n security,rcu: Convert call_rcu(whitelist_item_free) to kfree_rcu()\n md,rcu: Convert call_rcu(free_conf) to kfree_rcu()\n" }, { "commit": "8209f53d79444747782a28520187abaf689761f2", "tree": "726270ea29e037f026d77a99787b9d844531ac42", "parents": [ "22a3b9771117d566def0150ea787fcc95f16e724", "eac1b5e57d7abc836e78fd3fbcf77dbeed01edc9" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 15:06:50 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 15:06:50 2011 -0700" }, "message": "Merge branch \u0027ptrace\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/oleg/misc\n\n* \u0027ptrace\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/oleg/misc: (39 commits)\n ptrace: do_wait(traced_leader_killed_by_mt_exec) can block forever\n ptrace: fix ptrace_signal() \u0026\u0026 STOP_DEQUEUED interaction\n connector: add an event for monitoring process tracers\n ptrace: dont send SIGSTOP on auto-attach if PT_SEIZED\n ptrace: mv send-SIGSTOP from do_fork() to ptrace_init_task()\n ptrace_init_task: initialize child-\u003ejobctl explicitly\n has_stopped_jobs: s/task_is_stopped/SIGNAL_STOP_STOPPED/\n ptrace: make former thread ID available via PTRACE_GETEVENTMSG after PTRACE_EVENT_EXEC stop\n ptrace: wait_consider_task: s/same_thread_group/ptrace_reparented/\n ptrace: kill real_parent_is_ptracer() in in favor of ptrace_reparented()\n ptrace: ptrace_reparented() should check same_thread_group()\n redefine thread_group_leader() as exit_signal \u003e\u003d 0\n do not change dead_task-\u003eexit_signal\n kill task_detached()\n reparent_leader: check EXIT_DEAD instead of task_detached()\n make do_notify_parent() __must_check, update the callers\n __ptrace_detach: avoid task_detached(), check do_notify_parent()\n kill tracehook_notify_death()\n make do_notify_parent() return bool\n ptrace: s/tracehook_tracer_task()/ptrace_parent()/\n ...\n" }, { "commit": "449a68cc656fddeda448e324c57062a19cf451b9", "tree": "d192d6582aa8a93f8e84d3b1784340c03b9d0b0e", "parents": [ "9801c60e99ed76c5730fb290c00bfad12a419972" ], "author": { "name": "Lai Jiangshan", "email": "laijs@cn.fujitsu.com", "time": "Fri Mar 18 12:05:57 2011 +0800" }, "committer": { "name": "Paul E. McKenney", "email": "paulmck@linux.vnet.ibm.com", "time": "Wed Jul 20 14:10:15 2011 -0700" }, "message": "security,rcu: Convert call_rcu(sel_netport_free) to kfree_rcu()\n\nThe rcu callback sel_netport_free() just calls a kfree(),\nso we use kfree_rcu() instead of the call_rcu(sel_netport_free).\n\nSigned-off-by: Lai Jiangshan \u003claijs@cn.fujitsu.com\u003e\nSigned-off-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Eric Paris \u003ceparis@parisplace.org\u003e\nReviewed-by: Josh Triplett \u003cjosh@joshtriplett.org\u003e\n" }, { "commit": "9801c60e99ed76c5730fb290c00bfad12a419972", "tree": "4c010680b33015e237f0761a3a3c79d180f13857", "parents": [ "f218a7ee7a1c37058eef4bb5fefff9bdb0f52766" ], "author": { "name": "Lai Jiangshan", "email": "laijs@cn.fujitsu.com", "time": "Fri Mar 18 12:05:22 2011 +0800" }, "committer": { "name": "Paul E. McKenney", "email": "paulmck@linux.vnet.ibm.com", "time": "Wed Jul 20 14:10:14 2011 -0700" }, "message": "security,rcu: Convert call_rcu(sel_netnode_free) to kfree_rcu()\n\nThe rcu callback sel_netnode_free() just calls a kfree(),\nso we use kfree_rcu() instead of the call_rcu(sel_netnode_free).\n\nSigned-off-by: Lai Jiangshan \u003claijs@cn.fujitsu.com\u003e\nSigned-off-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Eric Paris \u003ceparis@parisplace.org\u003e\nReviewed-by: Josh Triplett \u003cjosh@joshtriplett.org\u003e\n" }, { "commit": "6034f7e603cd2dae8ed9a1d8d2ccfeb6b5c48d73", "tree": "dc18a4d1374dbd4e15414c67cb44bd359aefd62d", "parents": [ "b119cbab3aecd19dbd748a9823c02d200b96b2f8" ], "author": { "name": "Lai Jiangshan", "email": "laijs@cn.fujitsu.com", "time": "Tue Mar 15 18:07:57 2011 +0800" }, "committer": { "name": "Paul E. McKenney", "email": "paulmck@linux.vnet.ibm.com", "time": "Wed Jul 20 11:05:30 2011 -0700" }, "message": "security,rcu: Convert call_rcu(whitelist_item_free) to kfree_rcu()\n\nThe rcu callback whitelist_item_free() just calls a kfree(),\nso we use kfree_rcu() instead of the call_rcu(whitelist_item_free).\n\nSigned-off-by: Lai Jiangshan \u003claijs@cn.fujitsu.com\u003e\nSigned-off-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nReviewed-by: Josh Triplett \u003cjosh@joshtriplett.org\u003e\n" }, { "commit": "fb408e6ccc32404a05783911b6f3fed56bd17b06", "tree": "ad19408c2e4b2f8eaac9e3dc541f432fc85bc2fd", "parents": [ "a4464dbc0ca6a3ab8e9d1206bc05059dae2a559d" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Thu Jul 07 15:12:51 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Jul 20 01:44:19 2011 -0400" }, "message": "get rid of pointless checks for dentry-\u003esb \u003d\u003d NULL\n\nit never is...\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "eecdd358b467405a084d400d5ec571bbdbfe97a3", "tree": "357332873b909a19964e77dbae3c4aed5c100dc6", "parents": [ "cf1dd1dae851ce5765cda5de16aa965eef7c2dbf" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Jun 20 19:48:41 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Jul 20 01:43:29 2011 -0400" }, "message": "-\u003epermission() sanitizing: don\u0027t pass flags to exec_permission()\n\npass mask instead; kill security_inode_exec_permission() since we can use\nsecurity_inode_permission() instead.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "cf1dd1dae851ce5765cda5de16aa965eef7c2dbf", "tree": "5ee564e56eca307701ce155e30a2cbb05b9937e3", "parents": [ "e74f71eb78a4a8b9eaf1bc65f20f761648e85f76" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Jun 20 19:44:08 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Jul 20 01:43:27 2011 -0400" }, "message": "selinux: don\u0027t transliterate MAY_NOT_BLOCK to IPERM_FLAG_RCU\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "e74f71eb78a4a8b9eaf1bc65f20f761648e85f76", "tree": "7bc7fc1344f5ed6e3ce8132b36125ef5cec6407c", "parents": [ "10556cb21a0d0b24d95f00ea6df16f599a3345b2" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Jun 20 19:38:15 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Jul 20 01:43:26 2011 -0400" }, "message": "-\u003epermission() sanitizing: don\u0027t pass flags to -\u003einode_permission()\n\npass that via mask instead.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "0f2a55d5bb2372058275b0b343d90dd5d640d045", "tree": "0faaacea8061e5717efd50d24220d6976e6adba6", "parents": [ "c9206693457a946698e1d67db2b424e1d101493d" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jul 14 14:46:51 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Jul 14 17:50:03 2011 +1000" }, "message": "TOMOYO: Update kernel-doc.\n\nUpdate comments for scripts/kernel-doc and fix some of errors reported by\nscripts/checkpatch.pl .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "b7e9c223be8ce335e30f2cf6ba588e6a4092275c", "tree": "2d1e3b75606abc18df7ad65e51ac3f90cd68b38d", "parents": [ "c172d82500a6cf3c32d1e650722a1055d72ce858", "e3bbfa78bab125f58b831b5f7f45b5a305091d72" ], "author": { "name": "Jiri Kosina", "email": "jkosina@suse.cz", "time": "Mon Jul 11 14:15:48 2011 +0200" }, "committer": { "name": "Jiri Kosina", "email": "jkosina@suse.cz", "time": "Mon Jul 11 14:15:55 2011 +0200" }, "message": "Merge branch \u0027master\u0027 into for-next\n\nSync with Linus\u0027 tree to be able to apply pending patches that\nare based on newer code already present upstream.\n" }, { "commit": "97fb35e413f256ded07b88c73b3d932ec31ea84e", "tree": "d16cb1dcb6d16938aa01c071fdcd1cbbf85b5153", "parents": [ "5b636857fee642694e287e3a181b523b16098c93" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:25:53 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:34 2011 +1000" }, "message": "TOMOYO: Enable conditional ACL.\n\nEnable conditional ACL by passing object\u0027s pointers.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5b636857fee642694e287e3a181b523b16098c93", "tree": "24afcc11fc35350a29f5d6d73d376a551c5569b8", "parents": [ "2ca9bf453bdd478bcb6c01aa2d0bd4c2f4350563" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:24:54 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:33 2011 +1000" }, "message": "TOMOYO: Allow using argv[]/envp[] of execve() as conditions.\n\nThis patch adds support for permission checks using argv[]/envp[] of execve()\nrequest. Hooks are in the last patch of this pathset.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2ca9bf453bdd478bcb6c01aa2d0bd4c2f4350563", "tree": "b9f6051059a2a90547a4501bf296b0cf3c9dbc76", "parents": [ "8761afd49ebff8ae04c1a7888af090177441d07d" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:23:44 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:33 2011 +1000" }, "message": "TOMOYO: Allow using executable\u0027s realpath and symlink\u0027s target as conditions.\n\nThis patch adds support for permission checks using executable file\u0027s realpath\nupon execve() and symlink\u0027s target upon symlink(). Hooks are in the last patch\nof this pathset.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "8761afd49ebff8ae04c1a7888af090177441d07d", "tree": "f43b52e1b8467eeea465762d2f9d0b81a336faa0", "parents": [ "2066a36125fcbf5220990173b9d8e8bc49ad7538" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:22:41 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:32 2011 +1000" }, "message": "TOMOYO: Allow using owner/group etc. of file objects as conditions.\n\nThis patch adds support for permission checks using file object\u0027s DAC\nattributes (e.g. owner/group) when checking file\u0027s pathnames. Hooks for passing\nfile object\u0027s pointers are in the last patch of this pathset.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2066a36125fcbf5220990173b9d8e8bc49ad7538", "tree": "c8ea3a6d92a8b4b68cda986601336e8e8f58553e", "parents": [ "5c4274f13819b40e726f6ee4ef13b4952cff5010" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:21:37 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:32 2011 +1000" }, "message": "TOMOYO: Allow using UID/GID etc. of current thread as conditions.\n\nThis patch adds support for permission checks using current thread\u0027s UID/GID\netc. in addition to pathnames.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "d8bf4ca9ca9576548628344c9725edd3786e90b1", "tree": "df338f50a5af6bc3651bd863b79fa91e6b1e9e20", "parents": [ "eb032b9837a958e21ca000358a5bde5e17192ddb" ], "author": { "name": "Michal Hocko", "email": "mhocko@suse.cz", "time": "Fri Jul 08 14:39:41 2011 +0200" }, "committer": { "name": "Jiri Kosina", "email": "jkosina@suse.cz", "time": "Fri Jul 08 22:21:58 2011 +0200" }, "message": "rcu: treewide: Do not use rcu_read_lock_held when calling rcu_dereference_check\n\nSince ca5ecddf (rcu: define __rcu address space modifier for sparse)\nrcu_dereference_check use rcu_read_lock_held as a part of condition\nautomatically so callers do not have to do that as well.\n\nSigned-off-by: Michal Hocko \u003cmhocko@suse.cz\u003e\nAcked-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nSigned-off-by: Jiri Kosina \u003cjkosina@suse.cz\u003e\n" }, { "commit": "5c4274f13819b40e726f6ee4ef13b4952cff5010", "tree": "c32b5d2932369f24fbfbeb62908b09c505a01186", "parents": [ "ea504819122a76a236f8b95d1556f807a0a41397" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jul 07 21:20:35 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Jul 08 09:25:36 2011 +1000" }, "message": "TOMOYO: Remove /sys/kernel/security/tomoyo/.domain_status interface.\n\n/sys/kernel/security/tomoyo/.domain_status can be easily emulated using\n/sys/kernel/security/tomoyo/domain_policy . We can remove this interface by\nupdating /usr/sbin/tomoyo-setprofile utility.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "e12fe68ce34d60c04bb1ddb1d3cc5c3022388fe4", "tree": "83c0e192ccaa4752c80b6131a7d0aa8272b5d0d0", "parents": [ "7329f0d58de01878d9ce4f0be7a76e136f223eef", "712ae51afd55b20c04c5383d02ba5d10233313b1" ], "author": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Tue Jul 05 23:23:37 2011 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Tue Jul 05 23:23:37 2011 -0700" }, "message": "Merge branch \u0027master\u0027 of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6\n" }, { "commit": "ea504819122a76a236f8b95d1556f807a0a41397", "tree": "d741222691d3ab119a76a3ce816f4fd49ffdf872", "parents": [ "ad599f9cf0187e823bc92bc83f3867a38fa266b9" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 30 17:32:30 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Jul 01 09:25:47 2011 +1000" }, "message": "TOMOYO: Fix wrong domainname in tomoyo_init_log().\n\nCommit eadd99cc \"TOMOYO: Add auditing interface.\" by error replaced\n\"struct tomoyo_request_info\"-\u003edomain with tomoyo_domain().\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "3ddf17f08cf2f0d7ff06858eb07d1cc3db8994de", "tree": "c992dea8b1aaddf5f406826b40d53eb5534d1044", "parents": [ "3a6297abf3b179ae19b849e429841a7646711b70" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Jun 29 14:22:37 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Jun 30 18:49:25 2011 +1000" }, "message": "TOMOYO: Cleanup header file.\n\nSort by alphabetic order.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7986cf28bc5050967a7056d6eadda7f16f84eaab", "tree": "7330d23c10e04c0c8319f37335e87e9fd0f22b4b", "parents": [ "da3f1c7b7d34e66cf571a613525ca0d23f92d42f" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Jun 29 13:07:52 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Jun 30 18:48:37 2011 +1000" }, "message": "TOMOYO: Fix build error with CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER\u003dy .\n\nI forgot to add #ifndef in commit 0e4ae0e0 \"TOMOYO: Make several options\nconfigurable.\", resulting\n\n security/built-in.o: In function `tomoyo_bprm_set_creds\u0027:\n tomoyo.c:(.text+0x4698e): undefined reference to `tomoyo_load_policy\u0027\n\nerror.\n\nReported-by: Stephen Rothwell \u003csfr@canb.auug.org.au\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "da3f1c7b7d34e66cf571a613525ca0d23f92d42f", "tree": "0233826259cbe4cd44755ccc893b77a3e8ac5213", "parents": [ "5b944a71a192977c1c018bbcfa0c52dca48e2368", "25e75dff519bcce2cb35023105e7df51d7b9e691" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Jun 30 18:44:55 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Jun 30 18:44:55 2011 +1000" }, "message": "Merge branch \u0027for-security\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev into next\n" }, { "commit": "5b944a71a192977c1c018bbcfa0c52dca48e2368", "tree": "9f234c4a93bb28890ad086c846d2bf0b35f7f7ae", "parents": [ "0e4ae0e0dec634b2ae53ac57d14141b140467dbe", "c017d0d1351f916c0ced3f358afc491fdcf490b4" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Jun 30 18:43:56 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Jun 30 18:43:56 2011 +1000" }, "message": "Merge branch \u0027linus\u0027 into next\n" }, { "commit": "25e75dff519bcce2cb35023105e7df51d7b9e691", "tree": "14cb61f6510af1440782fc5f3a81e37aad0c4be5", "parents": [ "04fdc099f9c80c7775dbac388fc97e156d4d47e7" ], "author": { "name": "John Johansen", "email": "john.johansen@canonical.com", "time": "Sat Jun 25 16:57:07 2011 +0100" }, "committer": { "name": "John Johansen", "email": "john.johansen@canonical.com", "time": "Wed Jun 29 02:04:44 2011 +0100" }, "message": "AppArmor: Fix masking of capabilities in complain mode\n\nAppArmor is masking the capabilities returned by capget against the\ncapabilities mask in the profile. This is wrong, in complain mode the\nprofile has effectively all capabilities, as the profile restrictions are\nnot being enforced, merely tested against to determine if an access is\nknown by the profile.\n\nThis can result in the wrong behavior of security conscience applications\nlike sshd which examine their capability set, and change their behavior\naccordingly. In this case because of the masked capability set being\nreturned sshd fails due to DAC checks, even when the profile is in complain\nmode.\n\nKernels affected: 2.6.36 - 3.0.\n\nSigned-off-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\n" }, { "commit": "04fdc099f9c80c7775dbac388fc97e156d4d47e7", "tree": "886a4176abfe4a4c4e3ee7b62da520914bf666e0", "parents": [ "b0af8dfdd67699e25083478c63eedef2e72ebd85" ], "author": { "name": "John Johansen", "email": "john.johansen@canonical.com", "time": "Tue Jun 28 15:06:38 2011 +0100" }, "committer": { "name": "John Johansen", "email": "john.johansen@canonical.com", "time": "Wed Jun 29 02:02:03 2011 +0100" }, "message": "AppArmor: Fix reference to rcu protected pointer outside of rcu_read_lock\n\nThe pointer returned from tracehook_tracer_task() is only valid inside\nthe rcu_read_lock. However the tracer pointer obtained is being passed\nto aa_may_ptrace outside of the rcu_read_lock critical section.\n\nMover the aa_may_ptrace test into the rcu_read_lock critical section, to\nfix this.\n\nKernels affected: 2.6.36 - 3.0\n\nReported-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nCc: stable@kernel.org\nSigned-off-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\n" }, { "commit": "0e4ae0e0dec634b2ae53ac57d14141b140467dbe", "tree": "9a3b46dd03ea21422359d3948514771d0cc9d72d", "parents": [ "efe836ab2b514ae7b59528af36d452978b42d266" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:22:59 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:22 2011 +1000" }, "message": "TOMOYO: Make several options configurable.\n\nTo be able to start using enforcing mode from the early stage of boot sequence,\nthis patch adds support for activating access control without calling external\npolicy loader program. This will be useful for systems where operations which\ncan lead to the hijacking of the boot sequence are needed before loading the\npolicy. For example, you can activate immediately after loading the fixed part\nof policy which will allow only operations needed for mounting a partition\nwhich contains the variant part of policy and verifying (e.g. running GPG\ncheck) and loading the variant part of policy. Since you can start using\nenforcing mode from the beginning, you can reduce the possibility of hijacking\nthe boot sequence.\n\nThis patch makes several variables configurable on build time. This patch also\nadds TOMOYO_loader\u003d and TOMOYO_trigger\u003d kernel command line option to boot the\nsame kernel in two different init systems (BSD-style init and systemd).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "efe836ab2b514ae7b59528af36d452978b42d266", "tree": "5e2434b25b0d53c4852fad7c9c07db9e99a38b07", "parents": [ "b22b8b9fd90eecfb7133e56b4e113595f09f4492" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:22:18 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:22 2011 +1000" }, "message": "TOMOYO: Add built-in policy support.\n\nTo be able to start using enforcing mode from the early stage of boot sequence,\nthis patch adds support for built-in policy configuration (and next patch adds\nsupport for activating access control without calling external policy loader\nprogram).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "b22b8b9fd90eecfb7133e56b4e113595f09f4492", "tree": "6e15e497a05aa219c598b8b8690fbdb5ae5f0b0a", "parents": [ "2c47ab9353242b0f061959318f83c55360b88fa4" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:21:50 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:22 2011 +1000" }, "message": "TOMOYO: Rename meminfo to stat and show more statistics.\n\nShow statistics such as last policy update time and last policy violation time\nin addition to memory usage.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2c47ab9353242b0f061959318f83c55360b88fa4", "tree": "03693079bf04572d30ef0ca37f717ae8acc29863", "parents": [ "2e503bbb435ae418aebbe4aeede1c6f2a33d6f74" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:21:19 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:21 2011 +1000" }, "message": "TOMOYO: Cleanup part 4.\n\nGather string constants to one file in order to make the object size smaller.\nUse unsigned type where appropriate.\nread()/write() returns ssize_t.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2e503bbb435ae418aebbe4aeede1c6f2a33d6f74", "tree": "c6b783c245716cf87b337b2a855e742133afb7ac", "parents": [ "5625f2e3266319fd29fe4f1c76ccd3f550c79ac4" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:20:55 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:21 2011 +1000" }, "message": "TOMOYO: Fix lockdep warning.\n\nCurrently TOMOYO holds SRCU lock upon open() and releases it upon close()\nbecause list elements stored in the \"struct tomoyo_io_buffer\" instances are\naccessed until close() is called. However, such SRCU usage causes lockdep to\ncomplain about leaving the kernel with SRCU lock held.\n\nThis patch solves the warning by holding/releasing SRCU upon each\nread()/write(). This patch is doing something similar to calling kfree()\nwithout calling synchronize_srcu(), by selectively deferring kfree() by keeping\ntrack of the \"struct tomoyo_io_buffer\" instances.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5625f2e3266319fd29fe4f1c76ccd3f550c79ac4", "tree": "190e96d956213b22da705872094ebdf5272af972", "parents": [ "bd03a3e4c9a9df0c6b007045fa7fc8889111a478" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:20:23 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:21 2011 +1000" }, "message": "TOMOYO: Change pathname for non-rename()able filesystems.\n\nTOMOYO wants to use /proc/self/ rather than /proc/$PID/ if $PID matches current\nthread\u0027s process ID in order to prevent current thread from accessing other\nprocess\u0027s information unless needed.\n\nBut since procfs can be mounted on various locations (e.g. /proc/ /proc2/ /p/\n/tmp/foo/100/p/ ), TOMOYO cannot tell that whether the numeric part in the\nstring returned by __d_path() represents process ID or not.\n\nTherefore, to be able to convert from $PID to self no matter where procfs is\nmounted, this patch changes pathname representations for filesystems which do\nnot support rename() operation (e.g. proc, sysfs, securityfs).\n\nExamples:\n /proc/self/mounts \u003d\u003e proc:/self/mounts\n /sys/kernel/security/ \u003d\u003e sys:/kernel/security/\n /dev/pts/0 \u003d\u003e devpts:/0\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "bd03a3e4c9a9df0c6b007045fa7fc8889111a478", "tree": "9d78290c878e6466fe3e0bda7ee5989c0dc39e40", "parents": [ "32997144fd9925fc4d506a16990a0c405f766526" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:19:52 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:21 2011 +1000" }, "message": "TOMOYO: Add policy namespace support.\n\nMauras Olivier reported that it is difficult to use TOMOYO in LXC environments,\nfor TOMOYO cannot distinguish between environments outside the container and\nenvironments inside the container since LXC environments are created using\npivot_root(). To address this problem, this patch introduces policy namespace.\n\nEach policy namespace has its own set of domain policy, exception policy and\nprofiles, which are all independent of other namespaces. This independency\nallows users to develop policy without worrying interference among namespaces.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "32997144fd9925fc4d506a16990a0c405f766526", "tree": "52332d25e9317250a1af1b06008d7eae18717c70", "parents": [ "eadd99cc85347b4f9eb10122ac90032eb4971b02" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:19:28 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:20 2011 +1000" }, "message": "TOMOYO: Add ACL group support.\n\nACL group allows administrator to globally grant not only \"file read\"\npermission but also other permissions.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "eadd99cc85347b4f9eb10122ac90032eb4971b02", "tree": "fa6075ad4917422288222ee52bfcb66b7ed30a0e", "parents": [ "d5ca1725ac9ba876c2dd614bb9826d0c4e13d818" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:18:58 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:20 2011 +1000" }, "message": "TOMOYO: Add auditing interface.\n\nAdd /sys/kernel/security/tomoyo/audit interface. This interface generates audit\nlogs in the form of domain policy so that /usr/sbin/tomoyo-auditd can reuse\naudit logs for appending to /sys/kernel/security/tomoyo/domain_policy\ninterface.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "d5ca1725ac9ba876c2dd614bb9826d0c4e13d818", "tree": "fbff7fe1e39597c5bac981f63a2be659f4ec84e7", "parents": [ "0d2171d711cbfca84cc0001121be8a6cc8e4d148" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:18:21 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:20 2011 +1000" }, "message": "TOMOYO: Simplify profile structure.\n\nRemove global preference from profile structure in order to make code simpler.\n\nDue to this structure change, printk() warnings upon policy violation are\ntemporarily disabled. They will be replaced by\n/sys/kernel/security/tomoyo/audit by next patch.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0d2171d711cbfca84cc0001121be8a6cc8e4d148", "tree": "998c6fb0c61e15686a7b70276e17ad9e396741f4", "parents": [ "a238cf5b89ed5285be8de56335665d023972f7d5" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:17:46 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:20 2011 +1000" }, "message": "TOMOYO: Rename directives.\n\nConvert \"allow_...\" style directives to \"file ...\" style directives.\nBy converting to the latter style, we can pack policy like\n\"file read/write/execute /path/to/file\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a238cf5b89ed5285be8de56335665d023972f7d5", "tree": "cd2594f5c80345b5f880a3ccd445d15fb6b7d6cd", "parents": [ "0df7e8b8f1c25c10820bdc679555f2fbfb897ca0" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:17:10 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:20 2011 +1000" }, "message": "TOMOYO: Use struct for passing ACL line.\n\nUse structure for passing ACL line, in preparation for supporting policy\nnamespace and conditional parameters.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0df7e8b8f1c25c10820bdc679555f2fbfb897ca0", "tree": "626a0304fceec0bbee93e43a24bc0f813fe230b7", "parents": [ "b5bc60b4ce313b6dbb42e7d32915dcf0a07c2a68" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:16:36 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:19 2011 +1000" }, "message": "TOMOYO: Cleanup part 3.\n\nUse common structure for ACL with \"struct list_head\" + \"atomic_t\".\nUse array/struct where possible.\nRemove is_group from \"struct tomoyo_name_union\"/\"struct tomoyo_number_union\".\nPass \"struct file\"-\u003eprivate_data rather than \"struct file\".\nUpdate some of comments.\nBring tomoyo_same_acl_head() from common.h to domain.c .\nBring tomoyo_invalid()/tomoyo_valid() from common.h to util.c .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "b5bc60b4ce313b6dbb42e7d32915dcf0a07c2a68", "tree": "4a6a4f4cf1b6d0e5fa22c974fb4cf87d59a88e21", "parents": [ "7c75964f432d14062d8eccfc916aa290f56b5aab" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:16:03 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:19 2011 +1000" }, "message": "TOMOYO: Cleanup part 2.\n\nUpdate (or temporarily remove) comments.\nRemove or replace some of #define lines.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7c75964f432d14062d8eccfc916aa290f56b5aab", "tree": "8aecdb96f9f079dd36735c3acccb79f3d10d6559", "parents": [ "1252cc3b232e582e887623dc5f70979418caaaa2" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:15:31 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:19 2011 +1000" }, "message": "TOMOYO: Cleanup part 1.\n\nIn order to synchronize with TOMOYO 1.8\u0027s syntax,\n\n(1) Remove special handling for allow_read/write permission.\n(2) Replace deny_rewrite/allow_rewrite permission with allow_append permission.\n(3) Remove file_pattern keyword.\n(4) Remove allow_read permission from exception policy.\n(5) Allow creating domains in enforcing mode without calling supervisor.\n(6) Add permission check for opening directory for reading.\n(7) Add permission check for stat() operation.\n(8) Make \"cat \u003c /sys/kernel/security/tomoyo/self_domain\" behave as if\n \"cat /sys/kernel/security/tomoyo/self_domain\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "79a73d188726b473ca3bf483244bc96096831905", "tree": "787ba050c91981cae2524b1e95e415424b067e64", "parents": [ "f8f8527103a264b5e4ab2ce5c1743b28f3219d90" ], "author": { "name": "Roberto Sassu", "email": "roberto.sassu@polito.it", "time": "Mon Jun 27 13:45:44 2011 +0200" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Jun 27 09:11:17 2011 -0400" }, "message": "encrypted-keys: add ecryptfs format support\n\nThe \u0027encrypted\u0027 key type defines its own payload format which contains a\nsymmetric key randomly generated that cannot be used directly to mount\nan eCryptfs filesystem, because it expects an authentication token\nstructure.\n\nThis patch introduces the new format \u0027ecryptfs\u0027 that allows to store an\nauthentication token structure inside the encrypted key payload containing\na randomly generated symmetric key, as the same for the format \u0027default\u0027.\n\nMore details about the usage of encrypted keys with the eCryptfs\nfilesystem can be found in the file \u0027Documentation/keys-ecryptfs.txt\u0027.\n\nSigned-off-by: Roberto Sassu \u003croberto.sassu@polito.it\u003e\nAcked-by: Gianluca Ramunno \u003cramunno@polito.it\u003e\nAcked-by: Tyler Hicks \u003ctyhicks@linux.vnet.ibm.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "4e561d388feff18e4b798cef6a1a84a2cc7f20c2", "tree": "9208588c7d0e5e75766dd2c98e960840fdc8681e", "parents": [ "7103dff0e598cd634767f17a2958302c515700ca" ], "author": { "name": "Roberto Sassu", "email": "roberto.sassu@polito.it", "time": "Mon Jun 27 13:45:42 2011 +0200" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Jun 27 09:10:45 2011 -0400" }, "message": "encrypted-keys: add key format support\n\nThis patch introduces a new parameter, called \u0027format\u0027, that defines the\nformat of data stored by encrypted keys. The \u0027default\u0027 format identifies\nencrypted keys containing only the symmetric key, while other formats can\nbe defined to support additional information. The \u0027format\u0027 parameter is\nwritten in the datablob produced by commands \u0027keyctl print\u0027 or\n\u0027keyctl pipe\u0027 and is integrity protected by the HMAC.\n\nSigned-off-by: Roberto Sassu \u003croberto.sassu@polito.it\u003e\nAcked-by: Gianluca Ramunno \u003cramunno@polito.it\u003e\nAcked-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "7103dff0e598cd634767f17a2958302c515700ca", "tree": "cbbacf38aee2ecd3ad6d004307197186dd35ab73", "parents": [ "08fa2aa54e72ddde8076cc77126bace8d4780e0f" ], "author": { "name": "Roberto Sassu", "email": "roberto.sassu@polito.it", "time": "Mon Jun 27 13:45:41 2011 +0200" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Jun 27 09:10:34 2011 -0400" }, "message": "encrypted-keys: added additional debug messages\n\nSome debug messages have been added in the function datablob_parse() in\norder to better identify errors returned when dealing with \u0027encrypted\u0027\nkeys.\n\nChangelog from version v4:\n- made the debug messages more understandable \n\nSigned-off-by: Roberto Sassu \u003croberto.sassu@polito.it\u003e\nAcked-by: Gianluca Ramunno \u003cramunno@polito.it\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "08fa2aa54e72ddde8076cc77126bace8d4780e0f", "tree": "5ced9b831123e37b6e91367ed5f56e4acd095a0c", "parents": [ "f91c2c5cfa2950a20265b45bcc13e49ed9e49aac" ], "author": { "name": "Roberto Sassu", "email": "roberto.sassu@polito.it", "time": "Mon Jun 27 13:45:40 2011 +0200" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Jun 27 09:08:52 2011 -0400" }, "message": "encrypted-keys: fixed valid_master_desc() function description\n\nValid key type prefixes for the parameter \u0027key-type\u0027 are: \u0027trusted\u0027 and\n\u0027user\u0027.\n\nSigned-off-by: Roberto Sassu \u003croberto.sassu@polito.it\u003e\nAcked-by: Gianluca Ramunno \u003cramunno@polito.it\u003e\nAcked-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "f91c2c5cfa2950a20265b45bcc13e49ed9e49aac", "tree": "f5ed8f02cc44dfe9274440c8cdcd50b4345621e6", "parents": [ "4d67431f80b1b822f0286afc9123ee453eac7334" ], "author": { "name": "Roberto Sassu", "email": "roberto.sassu@polito.it", "time": "Mon Jun 27 13:45:39 2011 +0200" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Jun 27 09:08:39 2011 -0400" }, "message": "encrypted_keys: avoid dumping the master key if the request fails\n\nDo not dump the master key if an error is encountered during the request.\n\nSigned-off-by: Roberto Sassu \u003croberto.sassu@polito.it\u003e\nAcked-by: Gianluca Ramunno \u003cramunno@polito.it\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "06d984737bac0545fe20bb5447ee488b95adb531", "tree": "b8d89d21a53c28a025dd42598bc3406e25db5ba8", "parents": [ "4b9d33e6d83cc05a8005a8f9a8b9677fa0f53626" ], "author": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Fri Jun 17 16:50:40 2011 +0200" }, "committer": { "name": "Oleg Nesterov", "email": "oleg@redhat.com", "time": "Wed Jun 22 19:26:29 2011 +0200" }, "message": "ptrace: s/tracehook_tracer_task()/ptrace_parent()/\n\ntracehook.h is on the way out. Rename tracehook_tracer_task() to\nptrace_parent() and move it from tracehook.h to ptrace.h.\n\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\nCc: Christoph Hellwig \u003chch@infradead.org\u003e\nCc: John Johansen \u003cjohn.johansen@canonical.com\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Oleg Nesterov \u003coleg@redhat.com\u003e\n" }, { "commit": "b7f080cfe223b3b7424872639d153695615a9255", "tree": "605390854789a6ba53e6813ffc69a948a0466530", "parents": [ "4003b65871c101eb5ce8f37a325feac54aa5c681" ], "author": { "name": "Alexey Dobriyan", "email": "adobriyan@gmail.com", "time": "Thu Jun 16 11:01:34 2011 +0000" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Tue Jun 21 19:17:20 2011 -0700" }, "message": "net: remove mm.h inclusion from netdevice.h\n\nRemove linux/mm.h inclusion from netdevice.h -- it\u0027s unused (I\u0027ve checked manually).\n\nTo prevent mm.h inclusion via other channels also extract \"enum dma_data_direction\"\ndefinition into separate header. This tiny piece is what gluing netdevice.h with mm.h\nvia \"netdevice.h \u003d\u003e dmaengine.h \u003d\u003e dma-mapping.h \u003d\u003e scatterlist.h \u003d\u003e mm.h\".\nRemoval of mm.h from scatterlist.h was tried and was found not feasible\non most archs, so the link was cutoff earlier.\n\nHope people are OK with tiny include file.\n\nNote, that mm_types.h is still dragged in, but it is a separate story.\n\nSigned-off-by: Alexey Dobriyan \u003cadobriyan@gmail.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "b1d7dd80aadb9042e83f9778b484a2f92e0b04d4", "tree": "33044314f0a058724e9ee912cca6fe55c2284cf1", "parents": [ "35052cffe0081904f3362c05818db900dd9dc7de" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Tue Jun 21 14:32:05 2011 +0100" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jun 21 18:31:45 2011 -0700" }, "message": "KEYS: Fix error handling in construct_key_and_link()\n\nFix error handling in construct_key_and_link().\n\nIf construct_alloc_key() returns an error, it shouldn\u0027t pass out through\nthe normal path as the key_serial() called by the kleave() statement\nwill oops when it gets an error code in the pointer:\n\n BUG: unable to handle kernel paging request at ffffffffffffff84\n IP: [\u003cffffffff8120b401\u003e] request_key_and_link+0x4d7/0x52f\n ..\n Call Trace:\n [\u003cffffffff8120b52c\u003e] request_key+0x41/0x75\n [\u003cffffffffa00ed6e8\u003e] cifs_get_spnego_key+0x206/0x226 [cifs]\n [\u003cffffffffa00eb0c9\u003e] CIFS_SessSetup+0x511/0x1234 [cifs]\n [\u003cffffffffa00d9799\u003e] cifs_setup_session+0x90/0x1ae [cifs]\n [\u003cffffffffa00d9c02\u003e] cifs_get_smb_ses+0x34b/0x40f [cifs]\n [\u003cffffffffa00d9e05\u003e] cifs_mount+0x13f/0x504 [cifs]\n [\u003cffffffffa00caabb\u003e] cifs_do_mount+0xc4/0x672 [cifs]\n [\u003cffffffff8113ae8c\u003e] mount_fs+0x69/0x155\n [\u003cffffffff8114ff0e\u003e] vfs_kern_mount+0x63/0xa0\n [\u003cffffffff81150be2\u003e] do_kern_mount+0x4d/0xdf\n [\u003cffffffff81152278\u003e] do_mount+0x63c/0x69f\n [\u003cffffffff8115255c\u003e] sys_mount+0x88/0xc2\n [\u003cffffffff814fbdc2\u003e] system_call_fastpath+0x16/0x1b\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: Jeff Layton \u003cjlayton@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "36698206504fca9198b8563f1fc2c9e38e063e11", "tree": "f02b63c9b35a7962786b5dcdb1af15a63f5de1cf", "parents": [ "ef46222e7b56e728e423527d430cb2013c595491", "482e0cd3dbaa70f2a2bead4b5f2c0d203ef654ba" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jun 20 20:09:15 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jun 20 20:09:15 2011 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:\n devcgroup_inode_permission: take \"is it a device node\" checks to inlined wrapper\n fix comment in generic_permission()\n kill obsolete comment for follow_down()\n proc_sys_permission() is OK in RCU mode\n reiserfs_permission() doesn\u0027t need to bail out in RCU mode\n proc_fd_permission() is doesn\u0027t need to bail out in RCU mode\n nilfs2_permission() doesn\u0027t need to bail out in RCU mode\n logfs doesn\u0027t need -\u003epermission() at all\n coda_ioctl_permission() is safe in RCU mode\n cifs_permission() doesn\u0027t need to bail out in RCU mode\n bad_inode_permission() is safe from RCU mode\n ubifs: dereferencing an ERR_PTR in ubifs_mount()\n" }, { "commit": "482e0cd3dbaa70f2a2bead4b5f2c0d203ef654ba", "tree": "68d885682da34a08c29908d012a356344882a487", "parents": [ "8e833fd2e1f0107ee7a4b6bc4de3c9f0e9b0ed41" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sun Jun 19 13:01:04 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Jun 20 10:46:04 2011 -0400" }, "message": "devcgroup_inode_permission: take \"is it a device node\" checks to inlined wrapper\n\ninode_permission() calls devcgroup_inode_permission() and almost all such\ncalls are _not_ for device nodes; let\u0027s at least keep the common path\nstraight...\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "879669961b11e7f40b518784863a259f735a72bf", "tree": "9bff5392e365caf656c9dd9be38f7471c182278c", "parents": [ "eb96c925152fc289311e5d7e956b919e9b60ab53" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Jun 17 11:25:59 2011 +0100" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jun 17 09:40:48 2011 -0700" }, "message": "KEYS/DNS: Fix ____call_usermodehelper() to not lose the session keyring\n\n____call_usermodehelper() now erases any credentials set by the\nsubprocess_inf::init() function. The problem is that commit\n17f60a7da150 (\"capabilites: allow the application of capability limits\nto usermode helpers\") creates and commits new credentials with\nprepare_kernel_cred() after the call to the init() function. This wipes\nall keyrings after umh_keys_init() is called.\n\nThe best way to deal with this is to put the init() call just prior to\nthe commit_creds() call, and pass the cred pointer to init(). That\nmeans that umh_keys_init() and suchlike can modify the credentials\n_before_ they are published and potentially in use by the rest of the\nsystem.\n\nThis prevents request_key() from working as it is prevented from passing\nthe session keyring it set up with the authorisation token to\n/sbin/request-key, and so the latter can\u0027t assume the authority to\ninstantiate the key. This causes the in-kernel DNS resolver to fail\nwith ENOKEY unconditionally.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: Eric Paris \u003ceparis@redhat.com\u003e\nTested-by: Jeff Layton \u003cjlayton@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "82b88bb24e28dd4fb4bec30e75412f41326130f0", "tree": "61b1d0eb6ae6059e879571517a0f36bcffdabf34", "parents": [ "60b8b1de0dd2bf246f0e074d287bb3f0bc42a755", "ded509880f6a0213b09f8ae7bef84acb16eaccbf" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 15 09:41:48 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 15 09:41:48 2011 +1000" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.infradead.org/users/eparis/selinux into for-linus\n" }, { "commit": "ded509880f6a0213b09f8ae7bef84acb16eaccbf", "tree": "ac8819a1b23a13b0f04ca34ab2983040c9d66e99", "parents": [ "0f7e4c33eb2c40b1e9cc24d2eab6de5921bc619c" ], "author": { "name": "Roy.Li", "email": "rongqing.li@windriver.com", "time": "Fri May 20 10:38:06 2011 +0800" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Tue Jun 14 12:58:51 2011 -0400" }, "message": "SELinux: skip file_name_trans_write() when policy downgraded.\n\nWhen policy version is less than POLICYDB_VERSION_FILENAME_TRANS,\nskip file_name_trans_write().\n\nSigned-off-by: Roy.Li \u003crongqing.li@windriver.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "4e78c724d47e2342aa8fde61f6b8536f662f795f", "tree": "9256c52a1e40b593601647bcc1d8d8e588188f77", "parents": [ "2c53b436a30867eb6b47dd7bab23ba638d1fb0d2" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon Jun 13 13:49:11 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Jun 14 15:18:42 2011 +1000" }, "message": "TOMOYO: Fix oops in tomoyo_mount_acl().\n\nIn tomoyo_mount_acl() since 2.6.36, kern_path() was called without checking\ndev_name !\u003d NULL. As a result, an unprivileged user can trigger oops by issuing\nmount(NULL, \"/\", \"ext3\", 0, NULL) request.\nFix this by checking dev_name !\u003d NULL before calling kern_path(dev_name).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nCc: stable@kernel.org\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "4d67431f80b1b822f0286afc9123ee453eac7334", "tree": "47ae7c273186e49a49440f95d0655cc538e2b829", "parents": [ "2ce9738bac1b386f46e8478fd2c263460e7c2b09" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Mon Jun 13 22:33:52 2011 +0100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Jun 14 15:03:29 2011 +1000" }, "message": "KEYS: Don\u0027t return EAGAIN to keyctl_assume_authority()\n\nDon\u0027t return EAGAIN to keyctl_assume_authority() to indicate that a key could\nnot be found (ENOKEY is only returned if a negative key is found). Instead\nreturn ENOKEY in both cases.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "1780f2d3839a0d3eb85ee014a708f9e2c8f8ba0e", "tree": "b114d618a6802623eeeceb5a07857f0a72da3112", "parents": [ "06e86849cf4019945a106913adb9ff0abcc01770" ], "author": { "name": "John Johansen", "email": "john.johansen@canonical.com", "time": "Wed Jun 08 15:07:47 2011 -0700" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Jun 09 11:46:53 2011 +1000" }, "message": "AppArmor: Fix sleep in invalid context from task_setrlimit\n\nAffected kernels 2.6.36 - 3.0\n\nAppArmor may do a GFP_KERNEL memory allocation with task_lock(tsk-\u003egroup_leader);\nheld when called from security_task_setrlimit. This will only occur when the\ntask\u0027s current policy has been replaced, and the task\u0027s creds have not been\nupdated before entering the LSM security_task_setrlimit() hook.\n\nBUG: sleeping function called from invalid context at mm/slub.c:847\n in_atomic(): 1, irqs_disabled(): 0, pid: 1583, name: cupsd\n 2 locks held by cupsd/1583:\n #0: (tasklist_lock){.+.+.+}, at: [\u003cffffffff8104dafa\u003e] do_prlimit+0x61/0x189\n #1: (\u0026(\u0026p-\u003ealloc_lock)-\u003erlock){+.+.+.}, at: [\u003cffffffff8104db2d\u003e]\ndo_prlimit+0x94/0x189\n Pid: 1583, comm: cupsd Not tainted 3.0.0-rc2-git1 #7\n Call Trace:\n [\u003cffffffff8102ebf2\u003e] __might_sleep+0x10d/0x112\n [\u003cffffffff810e6f46\u003e] slab_pre_alloc_hook.isra.49+0x2d/0x33\n [\u003cffffffff810e7bc4\u003e] kmem_cache_alloc+0x22/0x132\n [\u003cffffffff8105b6e6\u003e] prepare_creds+0x35/0xe4\n [\u003cffffffff811c0675\u003e] aa_replace_current_profile+0x35/0xb2\n [\u003cffffffff811c4d2d\u003e] aa_current_profile+0x45/0x4c\n [\u003cffffffff811c4d4d\u003e] apparmor_task_setrlimit+0x19/0x3a\n [\u003cffffffff811beaa5\u003e] security_task_setrlimit+0x11/0x13\n [\u003cffffffff8104db6b\u003e] do_prlimit+0xd2/0x189\n [\u003cffffffff8104dea9\u003e] sys_setrlimit+0x3b/0x48\n [\u003cffffffff814062bb\u003e] system_call_fastpath+0x16/0x1b\n\nSigned-off-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nReported-by: Miles Lane \u003cmiles.lane@gmail.com\u003e\nCc: stable@kernel.org\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "95f4efb2d78661065aaf0be57f5bf00e4d2aea1d", "tree": "e344402e6428194515a0550ef30cf7cb8eeb0fdf", "parents": [ "4c1f683a4a343808536a5617ede85dfc34430472" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Jun 08 15:11:56 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Jun 08 15:11:56 2011 -0700" }, "message": "selinux: simplify and clean up inode_has_perm()\n\nThis is a rather hot function that is called with a potentially NULL\n\"struct common_audit_data\" pointer argument. And in that case it has to\nprovide and initialize its own dummy common_audit_data structure.\n\nHowever, all the _common_ cases already pass it a real audit-data\nstructure, so that uncommon NULL case not only creates a silly run-time\ntest, more importantly it causes that function to have a big stack frame\nfor the dummy variable that isn\u0027t even used in the common case!\n\nSo get rid of that stupid run-time behavior, and make the (few)\nfunctions that currently call with a NULL pointer just call a new helper\nfunction instead (naturally called inode_has_perm_noapd(), since it has\nno adp argument).\n\nThis makes the run-time test be a static code generation issue instead,\nand allows for a much denser stack since none of the common callers need\nthe dummy structure. And a denser stack not only means less stack space\nusage, it means better cache behavior. So we have a win-win-win from\nthis simplification: less code executed, smaller stack footprint, and\nbetter cache behavior.\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "a5b2c5b2ad5853591a6cac6134cd0f599a720865", "tree": "e49bdfe8a1bdcc1a15219d1d940a1776bb79446a", "parents": [ "e12ca23d41bd157354a5d1aadff30211a410c53a" ], "author": { "name": "Kees Cook", "email": "kees.cook@canonical.com", "time": "Tue May 31 11:31:41 2011 -0700" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 01 13:07:03 2011 +1000" }, "message": "AppArmor: fix oops in apparmor_setprocattr\n\nWhen invalid parameters are passed to apparmor_setprocattr a NULL deref\noops occurs when it tries to record an audit message. This is because\nit is passing NULL for the profile parameter for aa_audit. But aa_audit\nnow requires that the profile passed is not NULL.\n\nFix this by passing the current profile on the task that is trying to\nsetprocattr.\n\nSigned-off-by: Kees Cook \u003ckees@ubuntu.com\u003e\nSigned-off-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nCc: stable@kernel.org\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "e52e713ec30a31e9a4663d9aebbaae5ec07466a6", "tree": "68f9680577ae68f3972a5ed73afed5d1c2794310", "parents": [ "bdf7cf1c83872a0586ce4c4da6889103cc36dbd3", "2f3e4af471e38e0658e701973238ae4b5e50fcd6" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 27 10:25:02 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri May 27 10:25:02 2011 -0700" }, "message": "Merge branch \u0027docs-move\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/rdunlap/linux-docs\n\n* \u0027docs-move\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/rdunlap/linux-docs:\n Create Documentation/security/, move LSM-, credentials-, and keys-related files from Documentation/ to Documentation/security/, add Documentation/security/00-INDEX, and update all occurrences of Documentation/\u003cmoved_file\u003e to Documentation/security/\u003cmoved_file\u003e.\n" }, { "commit": "f01e1af445fac107e91d62a2d59dd535f633810b", "tree": "f5da7e4162f0a6f4bb50e4cb41f6a06c672f66b0", "parents": [ "bc9bc72e2f9bb07384c00604d1a40d0b5f62be6c" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue May 24 13:48:51 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 26 18:13:57 2011 -0700" }, "message": "selinux: don\u0027t pass in NULL avd to avc_has_perm_noaudit\n\nRight now security_get_user_sids() will pass in a NULL avd pointer to\navc_has_perm_noaudit(), which then forces that function to have a dummy\nentry for that case and just generally test it.\n\nDon\u0027t do it. The normal callers all pass a real avd pointer, and this\nhelper function is incredibly hot. So don\u0027t make avc_has_perm_noaudit()\ndo conditional stuff that isn\u0027t needed for the common case.\n\nThis also avoids some duplicated stack space.\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "f780bdb7c1c73009cb57adcf99ef50027d80bf3c", "tree": "d15668ffcc40a2aaa31723b87cfda0b166f84d57", "parents": [ "4714d1d32d97239fb5ae3e10521d3f133a899b66" ], "author": { "name": "Ben Blum", "email": "bblum@andrew.cmu.edu", "time": "Thu May 26 16:25:19 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 26 17:12:34 2011 -0700" }, "message": "cgroups: add per-thread subsystem callbacks\n\nAdd cgroup subsystem callbacks for per-thread attachment in atomic contexts\n\nAdd can_attach_task(), pre_attach(), and attach_task() as new callbacks\nfor cgroups\u0027s subsystem interface. Unlike can_attach and attach, these\nare for per-thread operations, to be called potentially many times when\nattaching an entire threadgroup.\n\nAlso, the old \"bool threadgroup\" interface is removed, as replaced by\nthis. All subsystems are modified for the new interface - of note is\ncpuset, which requires from/to nodemasks for attach to be globally scoped\n(though per-cpuset would work too) to persist from its pre_attach to\nattach_task and attach.\n\nThis is a pre-patch for cgroup-procs-writable.patch.\n\nSigned-off-by: Ben Blum \u003cbblum@andrew.cmu.edu\u003e\nCc: \"Eric W. Biederman\" \u003cebiederm@xmission.com\u003e\nCc: Li Zefan \u003clizf@cn.fujitsu.com\u003e\nCc: Matt Helsley \u003cmatthltc@us.ibm.com\u003e\nReviewed-by: Paul Menage \u003cmenage@google.com\u003e\nCc: Oleg Nesterov \u003coleg@redhat.com\u003e\nCc: David Rientjes \u003crientjes@google.com\u003e\nCc: Miao Xie \u003cmiaox@cn.fujitsu.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "0f7e4c33eb2c40b1e9cc24d2eab6de5921bc619c", "tree": "793c5f834751215dfc93b05540fa9ed46c64ee07", "parents": [ "ea77f7a2e8561012cf100c530170f12351c3b53e" ], "author": { "name": "Kohei Kaigai", "email": "Kohei.Kaigai@emea.nec.com", "time": "Thu May 26 14:59:25 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu May 26 17:20:53 2011 -0400" }, "message": "selinux: fix case of names with whitespace/multibytes on /selinux/create\n\nI submit the patch again, according to patch submission convension.\n\nThis patch enables to accept percent-encoded object names as forth\nargument of /selinux/create interface to avoid possible bugs when we\ngive an object name including whitespace or multibutes.\n\nE.g) if and when a userspace object manager tries to create a new object\n named as \"resolve.conf but fake\", it shall give this name as the forth\n argument of the /selinux/create. But sscanf() logic in kernel space\n fetches only the part earlier than the first whitespace.\n In this case, selinux may unexpectedly answer a default security context\n configured to \"resolve.conf\", but it is bug.\n\nAlthough I could not test this patch on named TYPE_TRANSITION rules\nactually, But debug printk() message seems to me the logic works\ncorrectly.\nI assume the libselinux provides an interface to apply this logic\ntransparently, so nothing shall not be changed from the viewpoint of\napplication.\n\nSigned-off-by: KaiGai Kohei \u003ckohei.kaigai@emea.nec.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "ea77f7a2e8561012cf100c530170f12351c3b53e", "tree": "7302ac1064f4e364aadda84020a176804fb86e22", "parents": [ "7a627e3b9a2bd0f06945bbe64bcf403e788ecf6e", "61c4f2c81c61f73549928dfd9f3e8f26aa36a8cf" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu May 26 17:20:14 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu May 26 17:20:14 2011 -0400" }, "message": "Merge commit \u0027v2.6.39\u0027 into 20110526\n\nConflicts:\n\tlib/flex_array.c\n\tsecurity/selinux/avc.c\n\tsecurity/selinux/hooks.c\n\tsecurity/selinux/ss/policydb.c\n\tsecurity/smack/smack_lsm.c\n" }, { "commit": "f7285b5d631fd6096b11c6af0058ed3a2b30ef4e", "tree": "956fff16b2327818eae72cfe47cf2260986e2fd2", "parents": [ "b7c2f036284452627d793af981877817b37d4351" ], "author": { "name": "Serge E. Hallyn", "email": "serge@hallyn.com", "time": "Thu May 26 15:25:05 2011 -0500" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 26 13:49:19 2011 -0700" }, "message": "Set cred-\u003euser_ns in key_replace_session_keyring\n\nSince this cred was not created with copy_creds(), it needs to get\ninitialized. Otherwise use of syscall(__NR_keyctl, KEYCTL_SESSION_TO_PARENT);\ncan lead to a NULL deref. Thanks to Robert for finding this.\n\nBut introduced by commit 47a150edc2a (\"Cache user_ns in struct cred\").\n\nSigned-off-by: Serge E. Hallyn \u003cserge.hallyn@canonical.com\u003e\nReported-by: Robert Święcki \u003crobert@swiecki.net\u003e\nCc: David Howells \u003cdhowells@redhat.com\u003e\nCc: stable@kernel.org (2.6.39)\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "b7b57551bbda1390959207f79f2038aa7adb72ae", "tree": "d591a08e7e45615b51d8b5ee1634a29920f62c3f", "parents": [ "434d42cfd05a7cc452457a81d2029540cba12150", "7a627e3b9a2bd0f06945bbe64bcf403e788ecf6e" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue May 24 23:20:19 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue May 24 23:20:19 2011 +1000" }, "message": "Merge branch \u0027master\u0027 of git://git.infradead.org/users/eparis/selinux into for-linus\n\nConflicts:\n\tlib/flex_array.c\n\tsecurity/selinux/avc.c\n\tsecurity/selinux/hooks.c\n\tsecurity/selinux/ss/policydb.c\n\tsecurity/smack/smack_lsm.c\n\nManually resolve conflicts.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "434d42cfd05a7cc452457a81d2029540cba12150", "tree": "3a6b9b7f9ff2e1b7409dd66c15242b2a75aa4422", "parents": [ "d762f4383100c2a87b1a3f2d678cd3b5425655b4", "12a5a2621b1ee14d32beca35304d7c6076a58815" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue May 24 22:55:24 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue May 24 22:55:24 2011 +1000" }, "message": "Merge branch \u0027next\u0027 into for-linus\n" }, { "commit": "57d19e80f459dd845fb3cfeba8e6df8471bac142", "tree": "8254766715720228db3d50f1ef3c7fe003c06d65", "parents": [ "ee9ec4f82049c678373a611ce20ac67fe9ad836e", "e64851f5a0ad6ec991f74ebb3108c35aa0323d5f" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon May 23 09:12:26 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon May 23 09:12:26 2011 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (39 commits)\n b43: fix comment typo reqest -\u003e request\n Haavard Skinnemoen has left Atmel\n cris: typo in mach-fs Makefile\n Kconfig: fix copy/paste-ism for dell-wmi-aio driver\n doc: timers-howto: fix a typo (\"unsgined\")\n perf: Only include annotate.h once in tools/perf/util/ui/browsers/annotate.c\n md, raid5: Fix spelling error in comment (\u0027Ofcourse\u0027 --\u003e \u0027Of course\u0027).\n treewide: fix a few typos in comments\n regulator: change debug statement be consistent with the style of the rest\n Revert \"arm: mach-u300/gpio: Fix mem_region resource size miscalculations\"\n audit: acquire creds selectively to reduce atomic op overhead\n rtlwifi: don\u0027t touch with treewide double semicolon removal\n treewide: cleanup continuations and remove logging message whitespace\n ath9k_hw: don\u0027t touch with treewide double semicolon removal\n include/linux/leds-regulator.h: fix syntax in example code\n tty: fix typo in descripton of tty_termios_encode_baud_rate\n xtensa: remove obsolete BKL kernel option from defconfig\n m68k: fix comment typo \u0027occcured\u0027\n arch:Kconfig.locks Remove unused config option.\n treewide: remove extra semicolons\n ...\n" }, { "commit": "257313b2a87795e07a0bdf58d0fffbdba8b31051", "tree": "ff5043526b0381cdc1f1f68d3c6f8ed3635e0ddb", "parents": [ "044aea9b83614948c98564000db07d1d32b2d29b" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 21:22:53 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 21:22:53 2011 -0700" }, "message": "selinux: avoid unnecessary avc cache stat hit count\n\nThere is no point in counting hits - we can calculate it from the number\nof lookups and misses.\n\nThis makes the avc statistics a bit smaller, and makes the code\ngeneration better too.\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "044aea9b83614948c98564000db07d1d32b2d29b", "tree": "b1f13ed2f4bb0bd40f7915a89aafaf449b6145cd", "parents": [ "39ab05c8e0b519ff0a04a869f065746e6e8c3d95" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 18:59:47 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 18:59:47 2011 -0700" }, "message": "selinux: de-crapify avc cache stat code generation\n\nYou can turn off the avc cache stats, but distributions seem to not do\nthat (perhaps because several performance tuning how-to\u0027s talk about the\navc cache statistics).\n\nWhich is sad, because the code it generates is truly horrendous, with\nthe statistics update being sandwitched between get_cpu/put_cpu which in\nturn causes preemption disables etc. We\u0027re talking ten+ instructions\njust to increment a per-cpu variable in some pretty hot code.\n\nFix the craziness by just using \u0027this_cpu_inc()\u0027 instead. Suddenly we\nonly need a single \u0027inc\u0027 instruction to increment the statistics. This\nis quite noticeable in the incredibly hot avc_has_perm_noaudit()\nfunction (which triggers all the statistics by virtue of doing an\navc_lookup() call).\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "eb04f2f04ed1227c266b3219c0aaeda525639718", "tree": "7f224483a3cd0e439cd64a8666ec9dc5ed178a3d", "parents": [ "5765040ebfc9a28d9dcfaaaaf3d25840d922de96", "80d02085d99039b3b7f3a73c8896226b0cb1ba07" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 18:14:34 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 18:14:34 2011 -0700" }, "message": "Merge branch \u0027core-rcu-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip\n\n* \u0027core-rcu-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: (78 commits)\n Revert \"rcu: Decrease memory-barrier usage based on semi-formal proof\"\n net,rcu: convert call_rcu(prl_entry_destroy_rcu) to kfree\n batman,rcu: convert call_rcu(softif_neigh_free_rcu) to kfree_rcu\n batman,rcu: convert call_rcu(neigh_node_free_rcu) to kfree()\n batman,rcu: convert call_rcu(gw_node_free_rcu) to kfree_rcu\n net,rcu: convert call_rcu(kfree_tid_tx) to kfree_rcu()\n net,rcu: convert call_rcu(xt_osf_finger_free_rcu) to kfree_rcu()\n net/mac80211,rcu: convert call_rcu(work_free_rcu) to kfree_rcu()\n net,rcu: convert call_rcu(wq_free_rcu) to kfree_rcu()\n net,rcu: convert call_rcu(phonet_device_rcu_free) to kfree_rcu()\n perf,rcu: convert call_rcu(swevent_hlist_release_rcu) to kfree_rcu()\n perf,rcu: convert call_rcu(free_ctx) to kfree_rcu()\n net,rcu: convert call_rcu(__nf_ct_ext_free_rcu) to kfree_rcu()\n net,rcu: convert call_rcu(net_generic_release) to kfree_rcu()\n net,rcu: convert call_rcu(netlbl_unlhsh_free_addr6) to kfree_rcu()\n net,rcu: convert call_rcu(netlbl_unlhsh_free_addr4) to kfree_rcu()\n security,rcu: convert call_rcu(sel_netif_free) to kfree_rcu()\n net,rcu: convert call_rcu(xps_dev_maps_release) to kfree_rcu()\n net,rcu: convert call_rcu(xps_map_release) to kfree_rcu()\n net,rcu: convert call_rcu(rps_map_release) to kfree_rcu()\n ...\n" }, { "commit": "d410fa4ef99112386de5f218dd7df7b4fca910b4", "tree": "e29fbc3f6d27b20d73d8feb4ed73f6767f2e18fe", "parents": [ "61c4f2c81c61f73549928dfd9f3e8f26aa36a8cf" ], "author": { "name": "Randy Dunlap", "email": "randy.dunlap@oracle.com", "time": "Thu May 19 15:59:38 2011 -0700" }, "committer": { "name": "Randy Dunlap", "email": "randy.dunlap@oracle.com", "time": "Thu May 19 15:59:38 2011 -0700" }, "message": "Create Documentation/security/,\nmove LSM-, credentials-, and keys-related files from Documentation/\n to Documentation/security/,\nadd Documentation/security/00-INDEX, and\nupdate all occurrences of Documentation/\u003cmoved_file\u003e\n to Documentation/security/\u003cmoved_file\u003e.\n" }, { "commit": "12a5a2621b1ee14d32beca35304d7c6076a58815", "tree": "213e13f99de690b3c4a510f504393b63ada626bd", "parents": [ "e77dc3460fa59be5759e9327ad882868eee9d61b", "61c4f2c81c61f73549928dfd9f3e8f26aa36a8cf" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu May 19 18:51:57 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu May 19 18:51:57 2011 +1000" }, "message": "Merge branch \u0027master\u0027 into next\n\nConflicts:\n\tinclude/linux/capability.h\n\nManually resolve merge conflict w/ thanks to Stephen Rothwell.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "ca7d12000895ae5dfef8b8ff2648a0d50abd397c", "tree": "259fb1e473ef6129b9fa5faf771c9e811ab572c4", "parents": [ "411f05f123cbd7f8aa1edcae86970755a6e2a9d9", "93826c092c385549c04af184fbebd43f36995c69" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri May 13 09:52:16 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri May 13 09:52:16 2011 +1000" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.infradead.org/users/eparis/selinux into for-linus\n" }, { "commit": "93826c092c385549c04af184fbebd43f36995c69", "tree": "20f77a85a74a24ed3418da8818e12b439f70fc81", "parents": [ "bf69d41d198138e3c601e9a6645f4f1369aff7e0" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 07 14:46:59 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu May 12 16:02:42 2011 -0400" }, "message": "SELinux: delete debugging printks from filename_trans rule processing\n\nThe filename_trans rule processing has some printk(KERN_ERR ) messages\nwhich were intended as debug aids in creating the code but weren\u0027t removed\nbefore it was submitted. Remove them.\n\nReported-by: Paul Bolle \u003cpebolle@tiscali.nl\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "e77dc3460fa59be5759e9327ad882868eee9d61b", "tree": "dc342433cce9dbdaa3ad36f250d21d575d1c8775", "parents": [ "3a852d3bd53e718206a18b015909c4b575952692" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu May 12 06:40:51 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu May 12 11:07:21 2011 +1000" }, "message": "TOMOYO: Fix wrong domainname validation.\n\nIn tomoyo_correct_domain() since 2.6.36, TOMOYO was by error validating\n\"\u003ckernel\u003e\" + \"/foo/\\\" + \"/bar\" when \"\u003ckernel\u003e /foo/\\* /bar\" was given.\nAs a result, legal domainnames like \"\u003ckernel\u003e /foo/\\* /bar\" are rejected.\n\nReported-by: Hayama Yossihiro \u003cyossi@yedo.src.co.jp\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7a627e3b9a2bd0f06945bbe64bcf403e788ecf6e", "tree": "5d79dfee7868debdf428640477adce32be10968f", "parents": [ "2875fa00830be62431f5ac22d8f85d57f9fa3033" ], "author": { "name": "Greg Kroah-Hartman", "email": "gregkh@suse.de", "time": "Tue May 10 15:34:16 2011 -0700" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Wed May 11 12:58:09 2011 -0400" }, "message": "SELINUX: add /sys/fs/selinux mount point to put selinuxfs\n\nIn the interest of keeping userspace from having to create new root\nfilesystems all the time, let\u0027s follow the lead of the other in-kernel\nfilesystems and provide a proper mount point for it in sysfs.\n\nFor selinuxfs, this mount point should be in /sys/fs/selinux/\n\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Eric Paris \u003ceparis@parisplace.org\u003e\nCc: Lennart Poettering \u003cmzerqung@0pointer.de\u003e\nCc: Daniel J Walsh \u003cdwalsh@redhat.com\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@suse.de\u003e\n[include kobject.h - Eric Paris]\n[use selinuxfs_obj throughout - Eric Paris]\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "690273fc70e94a07d70044881e5e52926301bcd3", "tree": "f72c7942fb91d74e9f18ab169c213a21f1b40505", "parents": [ "b55071eb6011413af3b9c434ae77dea8832069c8" ], "author": { "name": "Lai Jiangshan", "email": "laijs@cn.fujitsu.com", "time": "Fri Mar 18 12:03:19 2011 +0800" }, "committer": { "name": "Paul E. McKenney", "email": "paulmck@linux.vnet.ibm.com", "time": "Sat May 07 22:51:05 2011 -0700" }, "message": "security,rcu: convert call_rcu(sel_netif_free) to kfree_rcu()\n\nThe rcu callback sel_netif_free() just calls a kfree(),\nso we use kfree_rcu() instead of the call_rcu(sel_netif_free).\n\nSigned-off-by: Lai Jiangshan \u003claijs@cn.fujitsu.com\u003e\nAcked-by: David S. Miller \u003cdavem@davemloft.net\u003e\nSigned-off-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nReviewed-by: Josh Triplett \u003cjosh@joshtriplett.org\u003e\n" }, { "commit": "3acb458c32293405cf68985b7b3ac5dc0a5e7929", "tree": "2943bc04adaedf25377c954087c7277118a4aae1", "parents": [ "75ef0368d182785c7c5c06ac11081e31257a313e" ], "author": { "name": "Lai Jiangshan", "email": "laijs@cn.fujitsu.com", "time": "Fri Mar 18 12:11:07 2011 +0800" }, "committer": { "name": "Paul E. McKenney", "email": "paulmck@linux.vnet.ibm.com", "time": "Sat May 07 22:50:54 2011 -0700" }, "message": "security,rcu: convert call_rcu(user_update_rcu_disposal) to kfree_rcu()\n\nThe rcu callback user_update_rcu_disposal() just calls a kfree(),\nso we use kfree_rcu() instead of the call_rcu(user_update_rcu_disposal).\n\nSigned-off-by: Lai Jiangshan \u003claijs@cn.fujitsu.com\u003e\nSigned-off-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nAcked-by: David Howells \u003cdhowells@redhat.com\u003e\nReviewed-by: Josh Triplett \u003cjosh@joshtriplett.org\u003e\n" }, { "commit": "6f239284542bae297d27355d06afbb8df23c5db9", "tree": "b0ba42fb54cd05178c61584e0913be38a57f0384", "parents": [ "609cfda586c7fe3e5d1a02c51edb587506294167", "bf69d41d198138e3c601e9a6645f4f1369aff7e0" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed May 04 11:59:34 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed May 04 11:59:34 2011 +1000" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.infradead.org/users/eparis/selinux into for-linus\n" }, { "commit": "5d30b10bd68df007e7ae21e77d1e0ce184b53040", "tree": "61d97a80d0fac7c6dfd97db7040fedd75771adda", "parents": [ "cb1e922fa104bb0bb3aa5fc6ca7f7e070f3b55e9" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:55:52 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 16:12:47 2011 -0400" }, "message": "flex_array: flex_array_prealloc takes a number of elements, not an end\n\nChange flex_array_prealloc to take the number of elements for which space\nshould be allocated instead of the last (inclusive) element. Users\nand documentation are updated accordingly. flex_arrays got introduced before\nthey had users. When folks started using it, they ended up needing a\ndifferent API than was coded up originally. This swaps over to the API that\nfolks apparently need.\n\nBased-on-patch-by: Steffen Klassert \u003csteffen.klassert@secunet.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nTested-by: Chris Richards \u003cgizmo@giz-works.com\u003e\nAcked-by: Dave Hansen \u003cdave@linux.vnet.ibm.com\u003e\nCc: stable@kernel.org [2.6.38+]\n" }, { "commit": "cb1e922fa104bb0bb3aa5fc6ca7f7e070f3b55e9", "tree": "c776ceca8e63dd8de70f242fe6883320004884eb", "parents": [ "fe3fa43039d47ee4e22caf460b79b62a14937f79" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 16:12:41 2011 -0400" }, "message": "SELinux: pass last path component in may_create\n\nNew inodes are created in a two stage process. We first will compute the\nlabel on a new inode in security_inode_create() and check if the\noperation is allowed. We will then actually re-compute that same label and\napply it in security_inode_init_security(). The change to do new label\ncalculations based in part on the last component of the path name only\npassed the path component information all the way down the\nsecurity_inode_init_security hook. Down the security_inode_create hook the\npath information did not make it past may_create. Thus the two calculations\ncame up differently and the permissions check might not actually be against\nthe label that is created. Pass and use the same information in both places\nto harmonize the calculations and checks.\n\nReported-by: Dominick Grift \u003cdomg472@gmail.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "2875fa00830be62431f5ac22d8f85d57f9fa3033", "tree": "541fdb15e39711fb1ad901223d823421c7b77526", "parents": [ "a8d05c81fb238bbb18878ccfae7599ca79448dd3" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 16:04:24 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 16:09:59 2011 -0400" }, "message": "SELinux: introduce path_has_perm\n\nWe currently have inode_has_perm and dentry_has_perm. dentry_has_perm just\ncalls inode_has_perm with additional audit data. But dentry_has_perm can\ntake either a dentry or a path. Split those to make the code obvious and\nto fix the previous problem where I thought dentry_has_perm always had a\nvalid dentry and mnt.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "5a3ea8782c63d3501cb764c176f153c0d9a400e1", "tree": "3ff57105c8c3f3ad696b29511d1cf69f434caeab", "parents": [ "562abf624175e3f8487b7f064e516805e437e597" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:55:52 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:56:06 2011 -0400" }, "message": "flex_array: flex_array_prealloc takes a number of elements, not an end\n\nChange flex_array_prealloc to take the number of elements for which space\nshould be allocated instead of the last (inclusive) element. Users\nand documentation are updated accordingly. flex_arrays got introduced before\nthey had users. When folks started using it, they ended up needing a\ndifferent API than was coded up originally. This swaps over to the API that\nfolks apparently need.\n\nBased-on-patch-by: Steffen Klassert \u003csteffen.klassert@secunet.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nTested-by: Chris Richards \u003cgizmo@giz-works.com\u003e\nAcked-by: Dave Hansen \u003cdave@linux.vnet.ibm.com\u003e\nCc: stable@kernel.org [2.6.38+]\n" }, { "commit": "562abf624175e3f8487b7f064e516805e437e597", "tree": "75e52d8f8f91fc42c28ca2e0b7196b9fd16c25e0", "parents": [ "2463c26d50adc282d19317013ba0ff473823ca47" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:54 2011 -0400" }, "message": "SELinux: pass last path component in may_create\n\nNew inodes are created in a two stage process. We first will compute the\nlabel on a new inode in security_inode_create() and check if the\noperation is allowed. We will then actually re-compute that same label and\napply it in security_inode_init_security(). The change to do new label\ncalculations based in part on the last component of the path name only\npassed the path component information all the way down the\nsecurity_inode_init_security hook. Down the security_inode_create hook the\npath information did not make it past may_create. Thus the two calculations\ncame up differently and the permissions check might not actually be against\nthe label that is created. Pass and use the same information in both places\nto harmonize the calculations and checks.\n\nReported-by: Dominick Grift \u003cdomg472@gmail.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "2463c26d50adc282d19317013ba0ff473823ca47", "tree": "e92438150bb380c0dc0867b00f1ae89f73646b2a", "parents": [ "3f058ef7787e1b48720622346de9a5317aeb749a" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:53 2011 -0400" }, "message": "SELinux: put name based create rules in a hashtable\n\nTo shorten the list we need to run if filename trans rules exist for the type\nof the given parent directory I put them in a hashtable. Given the policy we\nare expecting to use in Fedora this takes the worst case list run from about\n5,000 entries to 17.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "3f058ef7787e1b48720622346de9a5317aeb749a", "tree": "3cfdfa068b6eae4716f3be7d02f44bbd15e64573", "parents": [ "be30b16d43f4781406de0c08c96501dae4cc5a77" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:52 2011 -0400" }, "message": "SELinux: generic hashtab entry counter\n\nInstead of a hashtab entry counter function only useful for range\ntransition rules make a function generic for any hashtable to use.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "be30b16d43f4781406de0c08c96501dae4cc5a77", "tree": "957792a2eae5f16a87b79f4ca8aa434b6fa9c7de", "parents": [ "03a4c0182a156547edd5f2717c1702590fe36bbf" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:52 2011 -0400" }, "message": "SELinux: calculate and print hashtab stats with a generic function\n\nWe have custom debug functions like rangetr_hash_eval and symtab_hash_eval\nwhich do the same thing. Just create a generic function that takes the name\nof the hash table as an argument instead of having custom functions.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "03a4c0182a156547edd5f2717c1702590fe36bbf", "tree": "c4585fab7c37d4eb2cc46e93c925e7c2a5e7b1a2", "parents": [ "2667991f60e67d28c495b8967aaabf84b4ccd560" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:52 2011 -0400" }, "message": "SELinux: skip filename trans rules if ttype does not match parent dir\n\nRight now we walk to filename trans rule list for every inode that is\ncreated. First passes at policy using this facility creates around 5000\nfilename trans rules. Running a list of 5000 entries every time is a bad\nidea. This patch adds a new ebitmap to policy which has a bit set for each\nttype that has at least 1 filename trans rule. Thus when an inode is\ncreated we can quickly determine if any rules exist for this parent\ndirectory type and can skip the list if we know there is definitely no\nrelevant entry.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2667991f60e67d28c495b8967aaabf84b4ccd560", "tree": "893c006121f2be1b44e270fc5b43d8f94435dc81", "parents": [ "4742600cf536c0c115b6f769eda82ee377d199c9" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:20 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:51 2011 -0400" }, "message": "SELinux: rename filename_compute_type argument to *type instead of *con\n\nfilename_compute_type() takes as arguments the numeric value of the type of\nthe subject and target. It does not take a context. Thus the names are\nmisleading. Fix the argument names.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "4742600cf536c0c115b6f769eda82ee377d199c9", "tree": "599922c770c628c3d484ee7460fe1fc361c3c509", "parents": [ "92f4250901476fcadc4f52ace36e453c61f5591d" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:20 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:51 2011 -0400" }, "message": "SELinux: fix comment to state filename_compute_type takes an objname not a qstr\n\nfilename_compute_type used to take a qstr, but it now takes just a name.\nFix the comments to indicate it is an objname, not a qstr.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" } ], "next": "07f9479a40cc778bc1462ada11f95b01360ae4ff" }