)]}' { "log": [ { "commit": "858119e159384308a5dde67776691a2ebf70df0f", "tree": "f360768f999d51edc0863917ce0bf79e88c0ec4c", "parents": [ "b0a9499c3dd50d333e2aedb7e894873c58da3785" ], "author": { "name": "Arjan van de Ven", "email": "arjan@infradead.org", "time": "Sat Jan 14 13:20:43 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Jan 14 18:27:06 2006 -0800" }, "message": "[PATCH] Unlinline a bunch of other functions\n\nRemove the \"inline\" keyword from a bunch of big functions in the kernel with\nthe goal of shrinking it by 30kb to 40kb\n\nSigned-off-by: Arjan van de Ven \u003carjan@infradead.org\u003e\nSigned-off-by: Ingo Molnar \u003cmingo@elte.hu\u003e\nAcked-by: Jeff Garzik \u003cjgarzik@pobox.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "46b86a2da0fd14bd49765330df63a62279833acb", "tree": "069b4741a970db9b03772a870b4d63398b1f56e0", "parents": [ "23b0ca5bf52cef0ab0f0fe247cb91cbef836e7eb" ], "author": { "name": "Joe Perches", "email": "joe@perches.com", "time": "Fri Jan 13 14:29:07 2006 -0800" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Fri Jan 13 14:29:07 2006 -0800" }, "message": "[NET]: Use NIP6_FMT in kernel.h\n\nThere are errors and inconsistency in the display of NIP6 strings.\n\tie: net/ipv6/ip6_flowlabel.c\n\nThere are errors and inconsistency in the display of NIPQUAD strings too.\n\tie: net/netfilter/nf_conntrack_ftp.c\n\nThis patch:\n\tadds NIP6_FMT to kernel.h\n\tchanges all code to use NIP6_FMT\n\tfixes net/ipv6/ip6_flowlabel.c\n\tadds NIPQUAD_FMT to kernel.h\n\tfixes net/netfilter/nf_conntrack_ftp.c\n\tchanges a few uses of \"%u.%u.%u.%u\" to NIPQUAD_FMT for symmetry to NIP6_FMT\n\nSigned-off-by: Joe Perches \u003cjoe@perches.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "c59ede7b78db329949d9cdcd7064e22d357560ef", "tree": "f9dc9d464fdad5bfd464d983e77c1af031389dda", "parents": [ "e16885c5ad624a6efe1b1bf764e075d75f65a788" ], "author": { "name": "Randy.Dunlap", "email": "rdunlap@xenotime.net", "time": "Wed Jan 11 12:17:46 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Wed Jan 11 18:42:13 2006 -0800" }, "message": "[PATCH] move capable() to capability.h\n\n- Move capable() from sched.h to capability.h;\n\n- Use \u003clinux/capability.h\u003e where capable() is used\n\t(in include/, block/, ipc/, kernel/, a few drivers/,\n\tmm/, security/, \u0026 sound/;\n\tmany more drivers/ to go)\n\nSigned-off-by: Randy Dunlap \u003crdunlap@xenotime.net\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "e0795cf46d174d4faab35d13d0a088b5bcb2752a", "tree": "7b186963ba5ecd8f54097095432f82529d6835fb", "parents": [ "792db3af38a55b2079df504b9f5aa57b2dbee48d" ], "author": { "name": "Jesper Juhl", "email": "jesper.juhl@gmail.com", "time": "Mon Jan 09 20:54:46 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Jan 10 08:02:02 2006 -0800" }, "message": "[PATCH] selinux: Remove unneeded k[cm]alloc() return value casts\n\nRemove redundant casts of k*alloc() return values in\nsecurity/selinux/ss/services.c\n\nSigned-off-by: Jesper Juhl \u003cjesper.juhl@gmail.com\u003e\nAcked-by: Stephen Smalley \u003csds@epoch.ncsc.mil\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "1b1dcc1b57a49136f118a0f16367256ff9994a69", "tree": "b0b36d4f41d28c9d6514fb309d33c1a084d6309b", "parents": [ "794ee1baee1c26be40410233e6c20bceb2b03c08" ], "author": { "name": "Jes Sorensen", "email": "jes@sgi.com", "time": "Mon Jan 09 15:59:24 2006 -0800" }, "committer": { "name": "Ingo Molnar", "email": "mingo@hera.kernel.org", "time": "Mon Jan 09 15:59:24 2006 -0800" }, "message": "[PATCH] mutex subsystem, semaphore to mutex: VFS, -\u003ei_sem\n\nThis patch converts the inode semaphore to a mutex. I have tested it on\nXFS and compiled as much as one can consider on an ia64. Anyway your\nluck with it might be different.\n\nModified-by: Ingo Molnar \u003cmingo@elte.hu\u003e\n\n(finished the conversion)\n\nSigned-off-by: Jes Sorensen \u003cjes@sgi.com\u003e\nSigned-off-by: Ingo Molnar \u003cmingo@elte.hu\u003e\n" }, { "commit": "5160ee6fc891a9ca114be0e90fa6655647bb64b2", "tree": "35d3740a777935582af1b78238f20d2c2971ed55", "parents": [ "21b6bf143d05d77c350d9c6764ae090a877b66ea" ], "author": { "name": "Eric Dumazet", "email": "dada1@cosmosbay.com", "time": "Sun Jan 08 01:03:32 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Jan 08 20:13:58 2006 -0800" }, "message": "[PATCH] shrink dentry struct\n\nSome long time ago, dentry struct was carefully tuned so that on 32 bits\nUP, sizeof(struct dentry) was exactly 128, ie a power of 2, and a multiple\nof memory cache lines.\n\nThen RCU was added and dentry struct enlarged by two pointers, with nice\nresults for SMP, but not so good on UP, because breaking the above tuning\n(128 + 8 \u003d 136 bytes)\n\nThis patch reverts this unwanted side effect, by using an union (d_u),\nwhere d_rcu and d_child are placed so that these two fields can share their\nmemory needs.\n\nAt the time d_free() is called (and d_rcu is really used), d_child is known\nto be empty and not touched by the dentry freeing.\n\nLockless lookups only access d_name, d_parent, d_lock, d_op, d_flags (so\nthe previous content of d_child is not needed if said dentry was unhashed\nbut still accessed by a CPU because of RCU constraints)\n\nAs dentry cache easily contains millions of entries, a size reduction is\nworth the extra complexity of the ugly C union.\n\nSigned-off-by: Eric Dumazet \u003cdada1@cosmosbay.com\u003e\nCc: Dipankar Sarma \u003cdipankar@in.ibm.com\u003e\nCc: Maneesh Soni \u003cmaneesh@in.ibm.com\u003e\nCc: Miklos Szeredi \u003cmiklos@szeredi.hu\u003e\nCc: \"Paul E. McKenney\" \u003cpaulmck@us.ibm.com\u003e\nCc: Ian Kent \u003craven@themaw.net\u003e\nCc: Paul Jackson \u003cpj@sgi.com\u003e\nCc: Al Viro \u003cviro@ftp.linux.org.uk\u003e\nCc: Christoph Hellwig \u003chch@lst.de\u003e\nCc: Trond Myklebust \u003ctrond.myklebust@fys.uio.no\u003e\nCc: Neil Brown \u003cneilb@cse.unsw.edu.au\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Stephen Smalley \u003csds@epoch.ncsc.mil\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "b5f545c880a2a47947ba2118b2509644ab7a2969", "tree": "8720e02262b0ff6309ae79603f6c63965296d378", "parents": [ "cab8eb594e84b434d20412fc5a3985b0bee3ab9f" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Sun Jan 08 01:02:47 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Jan 08 20:13:53 2006 -0800" }, "message": "[PATCH] keys: Permit running process to instantiate keys\n\nMake it possible for a running process (such as gssapid) to be able to\ninstantiate a key, as was requested by Trond Myklebust for NFS4.\n\nThe patch makes the following changes:\n\n (1) A new, optional key type method has been added. This permits a key type\n to intercept requests at the point /sbin/request-key is about to be\n spawned and do something else with them - passing them over the\n rpc_pipefs files or netlink sockets for instance.\n\n The uninstantiated key, the authorisation key and the intended operation\n name are passed to the method.\n\n (2) The callout_info is no longer passed as an argument to /sbin/request-key\n to prevent unauthorised viewing of this data using ps or by looking in\n /proc/pid/cmdline.\n\n This means that the old /sbin/request-key program will not work with the\n patched kernel as it will expect to see an extra argument that is no\n longer there.\n\n A revised keyutils package will be made available tomorrow.\n\n (3) The callout_info is now attached to the authorisation key. Reading this\n key will retrieve the information.\n\n (4) A new field has been added to the task_struct. This holds the\n authorisation key currently active for a thread. Searches now look here\n for the caller\u0027s set of keys rather than looking for an auth key in the\n lowest level of the session keyring.\n\n This permits a thread to be servicing multiple requests at once and to\n switch between them. Note that this is per-thread, not per-process, and\n so is usable in multithreaded programs.\n\n The setting of this field is inherited across fork and exec.\n\n (5) A new keyctl function (KEYCTL_ASSUME_AUTHORITY) has been added that\n permits a thread to assume the authority to deal with an uninstantiated\n key. Assumption is only permitted if the authorisation key associated\n with the uninstantiated key is somewhere in the thread\u0027s keyrings.\n\n This function can also clear the assumption.\n\n (6) A new magic key specifier has been added to refer to the currently\n assumed authorisation key (KEY_SPEC_REQKEY_AUTH_KEY).\n\n (7) Instantiation will only proceed if the appropriate authorisation key is\n assumed first. The assumed authorisation key is discarded if\n instantiation is successful.\n\n (8) key_validate() is moved from the file of request_key functions to the\n file of permissions functions.\n\n (9) The documentation is updated.\n\nFrom: \u003cValdis.Kletnieks@vt.edu\u003e\n\n Build fix.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nCc: Trond Myklebust \u003ctrond.myklebust@fys.uio.no\u003e\nCc: Alexander Zangerl \u003caz@bond.edu.au\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "cab8eb594e84b434d20412fc5a3985b0bee3ab9f", "tree": "307dc5bf813effdcabe439a74ad2ae866516adb0", "parents": [ "017679c4d45783158dba1dd6f79e712c22bb3d9a" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Sun Jan 08 01:02:45 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Jan 08 20:13:53 2006 -0800" }, "message": "[PATCH] keys: Discard duplicate keys from a keyring on link\n\nCause any links within a keyring to keys that match a key to be linked into\nthat keyring to be discarded as a link to the new key is added. The match is\ncontingent on the type and description strings being the same.\n\nThis permits requests, adds and searches to displace negative, expired,\nrevoked and dead keys easily. After some discussion it was concluded that\nduplicate valid keys should probably be discarded also as they would otherwise\nhide the new key.\n\nSince request_key() is intended to be the primary method by which keys are\nadded to a keyring, duplicate valid keys wouldn\u0027t be an issue there as that\nfunction would return an existing match in preference to creating a new key.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nCc: Trond Myklebust \u003ctrond.myklebust@fys.uio.no\u003e\nCc: Alexander Zangerl \u003caz@bond.edu.au\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "017679c4d45783158dba1dd6f79e712c22bb3d9a", "tree": "a536f0b581eacd88a64077f5ff15b29d23fc6405", "parents": [ "cd140a5c1f456f50897af4a2e9a23d228a5fe719" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Sun Jan 08 01:02:43 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Jan 08 20:13:53 2006 -0800" }, "message": "[PATCH] keys: Permit key expiry time to be set\n\nAdd a new keyctl function that allows the expiry time to be set on a key or\nremoved from a key, provided the caller has attribute modification access.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nCc: Trond Myklebust \u003ctrond.myklebust@fys.uio.no\u003e\nCc: Alexander Zangerl \u003caz@bond.edu.au\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "095975da26dba21698582e91e96be10f7417333f", "tree": "ce1ffac556d394ef56a18faa97d38f79b07f31e2", "parents": [ "a57004e1afb6ee03c509f1b1ec74a000682ab93b" ], "author": { "name": "Nick Piggin", "email": "nickpiggin@yahoo.com.au", "time": "Sun Jan 08 01:02:19 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Jan 08 20:13:48 2006 -0800" }, "message": "[PATCH] rcu file: use atomic primitives\n\nUse atomic_inc_not_zero for rcu files instead of special case rcuref.\n\nSigned-off-by: Nick Piggin \u003cnpiggin@suse.de\u003e\nCc: \"Paul E. McKenney\" \u003cpaulmck@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "ee2e6841b934d76cb944a3390bbea84da777d4fa", "tree": "839c2a904647d220d5188e942240b22a24403990", "parents": [ "aa0e4e4aea8d9e0a559a884336d728f0263063e0" ], "author": { "name": "Luiz Capitulino", "email": "lcapitulino@mandriva.com.br", "time": "Fri Jan 06 22:59:43 2006 -0800" }, "committer": { "name": "David S. Miller", "email": "davem@sunset.davemloft.net", "time": "Sat Jan 07 12:57:27 2006 -0800" }, "message": "[XFRM]: Fix sparse warning.\n\nsecurity/selinux/xfrm.c:155:10: warning: Using plain integer as NULL pointer\n\nSigned-off-by: Luiz Capitulino \u003clcapitulino@mandriva.com.br\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "d8d8f6a4fd635dcc9e4f946394c1fbde85eeab66", "tree": "0a1bc8ff40c12bb30066467e11ae9153f89514e7", "parents": [ "57d1c91fa6d9146b309b7511f6432dea2a24858b", "a2167dc62e9142b9a4bfb20f7e001c0f0a26fd8c" ], "author": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Jan 06 15:24:28 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Jan 06 15:24:28 2006 -0800" }, "message": "Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6\n" }, { "commit": "57d1c91fa6d9146b309b7511f6432dea2a24858b", "tree": "d7958dd87eb950cc3eeaf8b32fc372c0e7ff6702", "parents": [ "47853e7fa588bef826c9799a87b33904b32bd905", "37193147991a53b2e9f573d0ec47f63a2d4de8dc" ], "author": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Jan 06 15:23:56 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Jan 06 15:23:56 2006 -0800" }, "message": "Merge git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuild\n" }, { "commit": "5f8ac64b15172c7ced7d7990eb28342092bc751b", "tree": "63046817c9a6e8db513379337f01289c045a5d63", "parents": [ "69549ddd2f894c4cead50ee2b60cc02990c389ad" ], "author": { "name": "Trent Jaeger", "email": "tjaeger@cse.psu.edu", "time": "Fri Jan 06 13:22:39 2006 -0800" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Fri Jan 06 13:22:39 2006 -0800" }, "message": "[LSM-IPSec]: Corrections to LSM-IPSec Nethooks\n\nThis patch contains two corrections to the LSM-IPsec Nethooks patches\npreviously applied. \n\n(1) free a security context on a failed insert via xfrm_user \ninterface in xfrm_add_policy. Memory leak.\n\n(2) change the authorization of the allocation of a security context\nin a xfrm_policy or xfrm_state from both relabelfrom and relabelto \nto setcontext.\n\nSigned-off-by: Trent Jaeger \u003ctjaeger@cse.psu.edu\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "367cb704212cd0c9273ba2b1e62523139210563b", "tree": "cda6402ea19e2b706ad8ac9a186f1e391ab3c6ea", "parents": [ "20ede2741551d4a1d24313292beb0da915a55911" ], "author": { "name": "Sam Ravnborg", "email": "sam@mars.ravnborg.org", "time": "Fri Jan 06 21:17:50 2006 +0100" }, "committer": { "name": "Sam Ravnborg", "email": "sam@mars.ravnborg.org", "time": "Fri Jan 06 21:17:50 2006 +0100" }, "message": "kbuild: un-stringnify KBUILD_MODNAME\n\nNow when kbuild passes KBUILD_MODNAME with \"\" do not __stringify it when\nused. Remove __stringnify for all users.\nThis also fixes the output of:\n\n$ ls -l /sys/module/\ndrwxr-xr-x 4 root root 0 2006-01-05 14:24 pcmcia\ndrwxr-xr-x 4 root root 0 2006-01-05 14:24 pcmcia_core\ndrwxr-xr-x 3 root root 0 2006-01-05 14:24 \"processor\"\ndrwxr-xr-x 3 root root 0 2006-01-05 14:24 \"psmouse\"\n\nThe quoting of the module names will be gone again.\nThanks to GregKH + Kay Sievers for reproting this.\n\nSigned-off-by: Sam Ravnborg \u003csam@ravnborg.org\u003e\n" }, { "commit": "1ae8f40767a3afc6244719a2c8fbcf546767d5b0", "tree": "f41d957bbc60ad940132fd28ea13a8fced63a398", "parents": [ "8d9067bda99c68e1a17d93e78cf3a5a3f67e0c35" ], "author": { "name": "Adrian Bunk", "email": "bunk@stusta.de", "time": "Fri Jan 06 00:11:25 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Jan 06 08:33:30 2006 -0800" }, "message": "[PATCH] security/: possible cleanups\n\nmake needlessly global code static\n\nSigned-off-by: Adrian Bunk \u003cbunk@stusta.de\u003e\nCc: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "8d9067bda99c68e1a17d93e78cf3a5a3f67e0c35", "tree": "6f3c7fe665012c456b57840c290eafd4deabbeb2", "parents": [ "32725ad8430b58e42c5d54757ce7871e680d05cb" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Jan 06 00:11:24 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Jan 06 08:33:29 2006 -0800" }, "message": "[PATCH] Keys: Remove key duplication\n\nRemove the key duplication stuff since there\u0027s nothing that uses it, no way\nto get at it and it\u0027s awkward to deal with for LSM purposes.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "32725ad8430b58e42c5d54757ce7871e680d05cb", "tree": "f1e08edf1e154ef3f64b9d1c6cb88e2c6b0b5d22", "parents": [ "6e20a64a3913819133fefeca466211c7eb8adda1" ], "author": { "name": "Tobias Klauser", "email": "tklauser@nuerscht.ch", "time": "Fri Jan 06 00:11:23 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Jan 06 08:33:29 2006 -0800" }, "message": "[PATCH] selinux: more ARRAY_SIZE cleanups\n\nFurther ARRAY_SIZE cleanups under security/selinux.\n\nSigned-off-by: Tobias Klauser \u003ctklauser@nuerscht.ch\u003e\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "6e20a64a3913819133fefeca466211c7eb8adda1", "tree": "65056023c41294514de2bbd032647942a2d188f9", "parents": [ "b09eb1c06a14641209e6b86e9a5b28ea8287f193" ], "author": { "name": "Nicolas Kaiser", "email": "nikai@nikai.net", "time": "Fri Jan 06 00:11:22 2006 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Jan 06 08:33:29 2006 -0800" }, "message": "[PATCH] selinux: ARRAY_SIZE cleanups\n\nUse ARRAY_SIZE macro instead of sizeof(x)/sizeof(x[0]).\n\nSigned-off-by: Nicolas Kaiser \u003cnikai@nikai.net\u003e\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "d28d1e080132f28ab773291f10ad6acca4c8bba2", "tree": "4cc6abef076393bc4c9f0d4e4c9952b78c04d3ee", "parents": [ "df71837d5024e2524cd51c93621e558aa7dd9f3f" ], "author": { "name": "Trent Jaeger", "email": "tjaeger@cse.psu.edu", "time": "Tue Dec 13 23:12:40 2005 -0800" }, "committer": { "name": "David S. Miller", "email": "davem@sunset.davemloft.net", "time": "Tue Jan 03 13:10:25 2006 -0800" }, "message": "[LSM-IPSec]: Per-packet access control.\n\nThis patch series implements per packet access control via the\nextension of the Linux Security Modules (LSM) interface by hooks in\nthe XFRM and pfkey subsystems that leverage IPSec security\nassociations to label packets. Extensions to the SELinux LSM are\nincluded that leverage the patch for this purpose.\n\nThis patch implements the changes necessary to the SELinux LSM to\ncreate, deallocate, and use security contexts for policies\n(xfrm_policy) and security associations (xfrm_state) that enable\ncontrol of a socket\u0027s ability to send and receive packets.\n\nPatch purpose:\n\nThe patch is designed to enable the SELinux LSM to implement access\ncontrol on individual packets based on the strongly authenticated\nIPSec security association. Such access controls augment the existing\nones in SELinux based on network interface and IP address. The former\nare very coarse-grained, and the latter can be spoofed. By using\nIPSec, the SELinux can control access to remote hosts based on\ncryptographic keys generated using the IPSec mechanism. This enables\naccess control on a per-machine basis or per-application if the remote\nmachine is running the same mechanism and trusted to enforce the\naccess control policy.\n\nPatch design approach:\n\nThe patch\u0027s main function is to authorize a socket\u0027s access to a IPSec\npolicy based on their security contexts. Since the communication is\nimplemented by a security association, the patch ensures that the\nsecurity association\u0027s negotiated and used have the same security\ncontext. The patch enables allocation and deallocation of such\nsecurity contexts for policies and security associations. It also\nenables copying of the security context when policies are cloned.\nLastly, the patch ensures that packets that are sent without using a\nIPSec security assocation with a security context are allowed to be\nsent in that manner.\n\nA presentation available at\nwww.selinux-symposium.org/2005/presentations/session2/2-3-jaeger.pdf\nfrom the SELinux symposium describes the overall approach.\n\nPatch implementation details:\n\nThe function which authorizes a socket to perform a requested\noperation (send/receive) on a IPSec policy (xfrm_policy) is\nselinux_xfrm_policy_lookup. The Netfilter and rcv_skb hooks ensure\nthat if a IPSec SA with a securit y association has not been used,\nthen the socket is allowed to send or receive the packet,\nrespectively.\n\nThe patch implements SELinux function for allocating security contexts\nwhen policies (xfrm_policy) are created via the pfkey or xfrm_user\ninterfaces via selinux_xfrm_policy_alloc. When a security association\nis built, SELinux allocates the security context designated by the\nXFRM subsystem which is based on that of the authorized policy via\nselinux_xfrm_state_alloc.\n\nWhen a xfrm_policy is cloned, the security context of that policy, if\nany, is copied to the clone via selinux_xfrm_policy_clone.\n\nWhen a xfrm_policy or xfrm_state is freed, its security context, if\nany is also freed at selinux_xfrm_policy_free or\nselinux_xfrm_state_free.\n\nTesting:\n\nThe SELinux authorization function is tested using ipsec-tools. We\ncreated policies and security associations with particular security\ncontexts and added SELinux access control policy entries to verify the\nauthorization decision. We also made sure that packets for which no\nsecurity context was supplied (which either did or did not use\nsecurity associations) were authorized using an unlabelled context.\n\nSigned-off-by: Trent Jaeger \u003ctjaeger@cse.psu.edu\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "df71837d5024e2524cd51c93621e558aa7dd9f3f", "tree": "58938f1d46f3c6713b63e5a785e82fdbb10121a1", "parents": [ "88026842b0a760145aa71d69e74fbc9ec118ca44" ], "author": { "name": "Trent Jaeger", "email": "tjaeger@cse.psu.edu", "time": "Tue Dec 13 23:12:27 2005 -0800" }, "committer": { "name": "David S. Miller", "email": "davem@sunset.davemloft.net", "time": "Tue Jan 03 13:10:24 2006 -0800" }, "message": "[LSM-IPSec]: Security association restriction.\n\nThis patch series implements per packet access control via the\nextension of the Linux Security Modules (LSM) interface by hooks in\nthe XFRM and pfkey subsystems that leverage IPSec security\nassociations to label packets. Extensions to the SELinux LSM are\nincluded that leverage the patch for this purpose.\n\nThis patch implements the changes necessary to the XFRM subsystem,\npfkey interface, ipv4/ipv6, and xfrm_user interface to restrict a\nsocket to use only authorized security associations (or no security\nassociation) to send/receive network packets.\n\nPatch purpose:\n\nThe patch is designed to enable access control per packets based on\nthe strongly authenticated IPSec security association. Such access\ncontrols augment the existing ones based on network interface and IP\naddress. The former are very coarse-grained, and the latter can be\nspoofed. By using IPSec, the system can control access to remote\nhosts based on cryptographic keys generated using the IPSec mechanism.\nThis enables access control on a per-machine basis or per-application\nif the remote machine is running the same mechanism and trusted to\nenforce the access control policy.\n\nPatch design approach:\n\nThe overall approach is that policy (xfrm_policy) entries set by\nuser-level programs (e.g., setkey for ipsec-tools) are extended with a\nsecurity context that is used at policy selection time in the XFRM\nsubsystem to restrict the sockets that can send/receive packets via\nsecurity associations (xfrm_states) that are built from those\npolicies.\n\nA presentation available at\nwww.selinux-symposium.org/2005/presentations/session2/2-3-jaeger.pdf\nfrom the SELinux symposium describes the overall approach.\n\nPatch implementation details:\n\nOn output, the policy retrieved (via xfrm_policy_lookup or\nxfrm_sk_policy_lookup) must be authorized for the security context of\nthe socket and the same security context is required for resultant\nsecurity association (retrieved or negotiated via racoon in\nipsec-tools). This is enforced in xfrm_state_find.\n\nOn input, the policy retrieved must also be authorized for the socket\n(at __xfrm_policy_check), and the security context of the policy must\nalso match the security association being used.\n\nThe patch has virtually no impact on packets that do not use IPSec.\nThe existing Netfilter (outgoing) and LSM rcv_skb hooks are used as\nbefore.\n\nAlso, if IPSec is used without security contexts, the impact is\nminimal. The LSM must allow such policies to be selected for the\ncombination of socket and remote machine, but subsequent IPSec\nprocessing proceeds as in the original case.\n\nTesting:\n\nThe pfkey interface is tested using the ipsec-tools. ipsec-tools have\nbeen modified (a separate ipsec-tools patch is available for version\n0.5) that supports assignment of xfrm_policy entries and security\nassociations with security contexts via setkey and the negotiation\nusing the security contexts via racoon.\n\nThe xfrm_user interface is tested via ad hoc programs that set\nsecurity contexts. These programs are also available from me, and\ncontain programs for setting, getting, and deleting policy for testing\nthis interface. Testing of sa functions was done by tracing kernel\nbehavior.\n\nSigned-off-by: Trent Jaeger \u003ctjaeger@cse.psu.edu\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "db1d1d57e97700b4131fe80556dc6ef976d534c4", "tree": "abdc78339b1c1bd4e37cb496c68424d9d7d98592", "parents": [ "5c72c343719a8c5dba675cd1b27b63c06bfe23d1" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Dec 01 00:51:18 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Thu Dec 01 15:48:56 2005 -0800" }, "message": "[PATCH] Keys: Fix permissions check for update vs add\n\nPermit add_key() to once again update a matching key rather than adding a\nnew one if a matching key already exists in the target keyring.\n\nThis bug causes add_key() to always add a new key, displacing the old from\nthe target keyring.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "ce9982d048bb498c38ec1fe2ae59a44350882f3f", "tree": "29bee4fd0b59777f6878d25ff13b6fcd33d94d8a", "parents": [ "25a74f3ba8efb394e9a30d6de37566bf03fd3de8" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Tue Nov 08 21:34:33 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Wed Nov 09 07:55:51 2005 -0800" }, "message": "[PATCH] selinux: extend selinuxfs context interface\n\nThis patch extends the selinuxfs context interface to allow return the\ncanonical form of the context to userspace.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "25a74f3ba8efb394e9a30d6de37566bf03fd3de8", "tree": "8fbe98b01a13946c02a56ab7bab2c4ed077aee3f", "parents": [ "e517a0cd859ae0c4d9451107113fc2b076456f8f" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Tue Nov 08 21:34:33 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Wed Nov 09 07:55:51 2005 -0800" }, "message": "[PATCH] selinux: disable setxattr on mountpoint labeled filesystems\n\nThis patch disables the setting of SELinux xattrs on files created in\nfilesystems labeled via mountpoint labeling (mounted with the context\u003d\noption). selinux_inode_setxattr already prevents explicit setxattr from\nuserspace on such filesystems, so this provides consistent behavior for\nfile creation.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "e517a0cd859ae0c4d9451107113fc2b076456f8f", "tree": "cf1c23d7d6715267ff7ee2b3dd5ba1c5ea8c0345", "parents": [ "d34d7ae266b23932809c43f115fda71fc5e5fcb1" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Tue Nov 08 21:34:32 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Wed Nov 09 07:55:51 2005 -0800" }, "message": "[PATCH] selinux: MLS compatibility\n\nThis patch enables files created on a MLS-enabled SELinux system to be\naccessible on a non-MLS SELinux system, by skipping the MLS component of\nthe security context in the non-MLS case.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "a7f988ba304c5f6e78f937a06d120a0097b4d351", "tree": "7a19e078e12ff093fa7daa3ea207a8e442ebf0c7", "parents": [ "b2325fe1b7e5654fac9e9419423aa2c58a3dbd83" ], "author": { "name": "Jesper Juhl", "email": "jesper.juhl@gmail.com", "time": "Mon Nov 07 01:01:35 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Mon Nov 07 07:54:06 2005 -0800" }, "message": "[PATCH] kfree cleanup: security\n\nThis is the security/ part of the big kfree cleanup patch.\n\nRemove pointless checks for NULL prior to calling kfree() in security/.\n\nSigned-off-by: Jesper Juhl \u003cjesper.juhl@gmail.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "0f6ed7c2641fe4cea83cd09c21928ca30c0983ec", "tree": "15662837acd37f24dddeb11eb12980429c8c4ef4", "parents": [ "28ef35845f2c8da8e1bed068277d2fab1e8c8979" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Mon Nov 07 00:59:30 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Mon Nov 07 07:53:37 2005 -0800" }, "message": "[PATCH] Keys: Remove incorrect and obsolete \u0027!\u0027 operators\n\nThe attached patch removes a couple of incorrect and obsolete \u0027!\u0027 operators\nleft over from the conversion of the key permission functions from\ntrue/false returns to zero/error returns.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "621d31219d9a788bda924a0613048053f3f5f211", "tree": "9fb9846fdd999ba04c436aa84c7da0d8233ac545", "parents": [ "b67a1b9e4bf878aa5d4b6b44cb5a251a2f425f0d" ], "author": { "name": "Oleg Nesterov", "email": "oleg@tv-sign.ru", "time": "Sun Oct 30 15:03:45 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Oct 30 17:37:31 2005 -0800" }, "message": "[PATCH] cleanup the usage of SEND_SIG_xxx constants\n\nThis patch simplifies some checks for magic siginfo values. It should not\nchange the behaviour in any way.\n\nSigned-off-by: Oleg Nesterov \u003coleg@tv-sign.ru\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "b67a1b9e4bf878aa5d4b6b44cb5a251a2f425f0d", "tree": "8fa921440476083be42f21ce6d0c4091a3757742", "parents": [ "3e6716e748609a3a899e8d670e42832921bd45bc" ], "author": { "name": "Oleg Nesterov", "email": "oleg@tv-sign.ru", "time": "Sun Oct 30 15:03:44 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Oct 30 17:37:31 2005 -0800" }, "message": "[PATCH] remove hardcoded SEND_SIG_xxx constants\n\nThis patch replaces hardcoded SEND_SIG_xxx constants with\ntheir symbolic names.\n\nNo changes in affected .o files.\n\nSigned-off-by: Oleg Nesterov \u003coleg@tv-sign.ru\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "29db9190634067c5a328ee5fcc2890251b836b4b", "tree": "07ec242789230824f1fa8bcbbe681fd5bf166fa8", "parents": [ "2aa349f6e37ce030060c994d3aebbff4ab703565" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Sun Oct 30 15:02:44 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Oct 30 17:37:23 2005 -0800" }, "message": "[PATCH] Keys: Add LSM hooks for key management [try #3]\n\nThe attached patch adds LSM hooks for key management facilities. The notable\nchanges are:\n\n (1) The key struct now supports a security pointer for the use of security\n modules. This will permit key labelling and restrictions on which\n programs may access a key.\n\n (2) Security modules get a chance to note (or abort) the allocation of a key.\n\n (3) The key permission checking can now be enhanced by the security modules;\n the permissions check consults LSM if all other checks bear out.\n\n (4) The key permissions checking functions now return an error code rather\n than a boolean value.\n\n (5) An extra permission has been added to govern the modification of\n attributes (UID, GID, permissions).\n\nNote that there isn\u0027t an LSM hook specifically for each keyctl() operation,\nbut rather the permissions hook allows control of individual operations based\non the permission request bits.\n\nKey management access control through LSM is enabled by automatically if both\nCONFIG_KEYS and CONFIG_SECURITY are enabled.\n\nThis should be applied on top of the patch ensubjected:\n\n\t[PATCH] Keys: Possessor permissions should be additive\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Chris Wright \u003cchrisw@osdl.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "2aa349f6e37ce030060c994d3aebbff4ab703565", "tree": "7a0937469f0376931b82d9c3392727dba13c9d45", "parents": [ "1426d7a81dea8e9d85f9d69de85ab04ba37018ab" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Sun Oct 30 15:02:42 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Oct 30 17:37:22 2005 -0800" }, "message": "[PATCH] Keys: Export user-defined keyring operations\n\nExport user-defined key operations so that those who wish to define their\nown key type based on the user-defined key operations may do so (as has\nbeen requested).\n\nThe header file created has been placed into include/keys/user-type.h, thus\ncreating a directory where other key types may also be placed. Any\nobjections to doing this?\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-Off-By: Arjan van de Ven \u003carjan@infradead.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "2f51201662b28dbf8c15fb7eb972bc51c6cc3fa5", "tree": "96826df796058560bc5dd1f7d8d476c5a741d7bc", "parents": [ "503af334ecf23b9d65d2ff0cc759f3a0bf338290" ], "author": { "name": "Eric Dumazet", "email": "dada1@cosmosbay.com", "time": "Sun Oct 30 15:02:16 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Oct 30 17:37:19 2005 -0800" }, "message": "[PATCH] reduce sizeof(struct file)\n\nNow that RCU applied on \u0027struct file\u0027 seems stable, we can place f_rcuhead\nin a memory location that is not anymore used at call_rcu(\u0026f-\u003ef_rcuhead,\nfile_free_rcu) time, to reduce the size of this critical kernel object.\n\nThe trick I used is to move f_rcuhead and f_list in an union called f_u\n\nThe callers are changed so that f_rcuhead becomes f_u.fu_rcuhead and f_list\nbecomes f_u.f_list\n\nSigned-off-by: Eric Dumazet \u003cdada1@cosmosbay.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "bfd51626cbf61cb23f787d8ff972ef0d5ddacc0b", "tree": "63e2a8e552b33509130822ed9222d7266cbeb69f", "parents": [ "ce4c2bd1a9dfebaefadc2d34b17c6f12101751be" ], "author": { "name": "Davi Arnaut", "email": "davi.arnaut@gmail.com", "time": "Sun Oct 30 14:59:24 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Oct 30 17:37:11 2005 -0800" }, "message": "[PATCH] SELinux: remove unecessary size_t checks in selinuxfs\n\nThis patch removes a bunch of unecessary checks for (size_t \u003c 0) in\nselinuxfs.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "ce4c2bd1a9dfebaefadc2d34b17c6f12101751be", "tree": "dde9437929d9b15ced25758c8389360ba4073cdb", "parents": [ "d381d8a9a08cac9824096213069159be17fd2e2f" ], "author": { "name": "Andrew Morton", "email": "akpm@osdl.org", "time": "Sun Oct 30 14:59:23 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Oct 30 17:37:11 2005 -0800" }, "message": "[PATCH] selinux-canonicalize-getxattr-fix\n\nsecurity/selinux/hooks.c: In function `selinux_inode_getxattr\u0027:\nsecurity/selinux/hooks.c:2193: warning: unused variable `sbsec\u0027\n\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "d381d8a9a08cac9824096213069159be17fd2e2f", "tree": "0c19722b8f67c29b7c08c6ab8776a9c146395d03", "parents": [ "89d155ef62e5e0c10e4b37aaa5056f0beafe10e6" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Sun Oct 30 14:59:22 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Oct 30 17:37:11 2005 -0800" }, "message": "[PATCH] SELinux: canonicalize getxattr()\n\nThis patch allows SELinux to canonicalize the value returned from\ngetxattr() via the security_inode_getsecurity() hook, which is called after\nthe fs level getxattr() function.\n\nThe purpose of this is to allow the in-core security context for an inode\nto override the on-disk value. This could happen in cases such as\nupgrading a system to a different labeling form (e.g. standard SELinux to\nMLS) without needing to do a full relabel of the filesystem.\n\nIn such cases, we want getxattr() to return the canonical security context\nthat the kernel is using rather than what is stored on disk.\n\nThe implementation hooks into the inode_getsecurity(), adding another\nparameter to indicate the result of the preceding fs-level getxattr() call,\nso that SELinux knows whether to compare a value obtained from disk with\nthe kernel value.\n\nWe also now allow getxattr() to work for mountpoint labeled filesystems\n(i.e. mount with option context\u003dfoo_t), as we are able to return the\nkernel value to the user.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "89d155ef62e5e0c10e4b37aaa5056f0beafe10e6", "tree": "7de1f357efd619000970526ca2688f79b9022417", "parents": [ "0d078f6f96809c95c69b99d6605a502b0ac63d3d" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Sun Oct 30 14:59:21 2005 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Oct 30 17:37:11 2005 -0800" }, "message": "[PATCH] SELinux: convert to kzalloc\n\nThis patch converts SELinux code from kmalloc/memset to the new kazalloc\nunction. On i386, this results in a text saving of over 1K.\n\nBefore:\ntext data bss dec hex filename\n86319 4642 15236 106197 19ed5 security/selinux/built-in.o\n\nAfter:\ntext data bss dec hex filename\n85278 4642 15236 105156 19ac4 security/selinux/built-in.o\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "7d877f3bda870ab5f001bd92528654471d5966b3", "tree": "1c05b62abead153956c4ca250ffb1891887e77c9", "parents": [ "fd4f2df24bc23e6b8fc069765b425c7dacf52347" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Fri Oct 21 03:20:43 2005 -0400" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Oct 28 08:16:47 2005 -0700" }, "message": "[PATCH] gfp_t: net/*\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "20c19e4179884d7e843314071e2dfb1ea7b0afcd", "tree": "1ed0cc19c51b10336c14a1b9c35095ef8ebfd138", "parents": [ "282c1f5eba150d0b156ffa9e6b064f1d92f8315f" ], "author": { "name": "Davi Arnaut", "email": "davi.arnaut@gmail.com", "time": "Sun Oct 23 12:57:16 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Oct 23 16:38:39 2005 -0700" }, "message": "[PATCH] SELinux: handle sel_make_bools() failure in selinuxfs\n\nThis patch fixes error handling in sel_make_bools(), where currently we\u0027d\nget a memory leak via security_get_bools() and try to kfree() the wrong\npointer if called again.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "282c1f5eba150d0b156ffa9e6b064f1d92f8315f", "tree": "1b4446dc0a2651a340be0c0485c8e053cdb27407", "parents": [ "8766ce41018a0cb80fbe0ce7dbf747f357c752da" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Sun Oct 23 12:57:15 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sun Oct 23 16:38:38 2005 -0700" }, "message": "[PATCH] selinux: Fix NULL deref in policydb_destroy\n\nThis patch fixes a possible NULL dereference in policydb_destroy, where\np-\u003etype_attr_map can be NULL if policydb_destroy is called to clean up a\npartially loaded policy upon an error during policy load. Please apply.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "7ab501db8cb6659efdf04034e0de6b44c059a51b", "tree": "cdcf34873ab91219e17b265610a83bea213ec3c4", "parents": [ "468ed2b0c85ec4310b429e60358213b6d077289e" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Oct 07 16:41:24 2005 +0100" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Oct 08 14:54:48 2005 -0700" }, "message": "[PATCH] Keys: Possessor permissions should be additive\n\nThis patch makes the possessor permissions on a key additive with\nuser/group/other permissions on the same key.\n\nThis permits extra rights to be granted to the possessor of a key without\ntaking away any rights conferred by them owning the key or having common group\nmembership.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "468ed2b0c85ec4310b429e60358213b6d077289e", "tree": "d1f570c1b89df450753cbec8768b1c1cfac6d9a2", "parents": [ "f1a9badcf6ecad9975240d94514721cb93932151" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Oct 07 15:07:38 2005 +0100" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Oct 08 14:53:31 2005 -0700" }, "message": "[PATCH] Keys: Split key permissions checking into a .c file\n\nThe attached patch splits key permissions checking out of key-ui.h and\nmoves it into a .c file. It\u0027s quite large and called quite a lot, and\nit\u0027s about to get bigger with the addition of LSM support for keys...\n\nkey_any_permission() is also discarded as it\u0027s no longer used.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "f1a9badcf6ecad9975240d94514721cb93932151", "tree": "dc37fe427d645dd84331b7385523b39efa41ffad", "parents": [ "74fd92c511bd4a0771ac0faaaef38bb1be3a29f6" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Oct 07 15:04:52 2005 +0100" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Oct 08 14:53:31 2005 -0700" }, "message": "[PATCH] Keys: Add request-key process documentation\n\nThe attached patch adds documentation for the process by which request-key\nworks, including how it permits helper processes to gain access to the\nrequestor\u0027s keyrings.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "74fd92c511bd4a0771ac0faaaef38bb1be3a29f6", "tree": "86d0006605f5abe600a2b3a7f6d03cf554c4e761", "parents": [ "c2059b2e0b209a0674c21f78337bb158d3ccb22b" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Fri Oct 07 15:01:09 2005 +0100" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Oct 08 14:53:31 2005 -0700" }, "message": "[PATCH] key: plug request_key_auth memleak\n\nPlug request_key_auth memleak. This can be triggered by unprivileged\nusers, so is local DoS.\n\nSigned-off-by: Chris Wright \u003cchrisw@osdl.org\u003e\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "13402580021a52e49c6d1068ff28ade4d5a175f1", "tree": "5617d1eaa7409d8ac3680cdada5e5ef45d0c8753", "parents": [ "b33fa1f3c3ec05e54e73f06c4578948c55d89ef6" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 30 14:24:34 2005 -0400" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Sep 30 11:36:04 2005 -0700" }, "message": "[PATCH] SELinux - fix SCTP socket bug and general IP protocol handling\n\nThe following patch updates the way SELinux classifies and handles IP\nbased protocols.\n\nCurrently, IP sockets are classified by SELinux as being either TCP, UDP\nor \u0027Raw\u0027, the latter being a default for IP socket that is not TCP or UDP.\n\nThe classification code is out of date and uses only the socket type\nparameter to socket(2) to determine the class of IP socket. So, any\nsocket created with SOCK_STREAM will be classified by SELinux as TCP, and\nSOCK_DGRAM as UDP. Also, other socket types such as SOCK_SEQPACKET and\nSOCK_DCCP are currently ignored by SELinux, which classifies them as\ngeneric sockets, which means they don\u0027t even get basic IP level checking.\n\nThis patch changes the SELinux IP socket classification logic, so that\nonly an IPPROTO_IP protocol value passed to socket(2) classify the socket\nas TCP or UDP. The patch also drops the check for SOCK_RAW and converts\nit into a default, so that socket types like SOCK_DCCP and SOCK_SEQPACKET\nare classified as SECCLASS_RAWIP_SOCKET (instead of generic sockets).\n\nNote that protocol-specific support for SCTP, DCCP etc. is not addressed\nhere, we\u0027re just getting these protocols checked at the IP layer.\n\nThis fixes a reported problem where SCTP sockets were being recognized as\ngeneric SELinux sockets yet still being passed in one case to an IP level\ncheck, which then fails for generic sockets.\n\nIt will also fix bugs where any SOCK_STREAM socket is classified as TCP or\nany SOCK_DGRAM socket is classified as UDP.\n\nThis patch also unifies the way IP sockets classes are determined in\nselinux_socket_bind(), so we use the already calculated value instead of\ntrying to recalculate it.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "664cceb0093b755739e56572b836a99104ee8a75", "tree": "dbaa3ab802803879f29532db4d8a91a54294cf88", "parents": [ "5134fc15b643dc36eb9aa77e4318b886844a9ac5" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Wed Sep 28 17:03:15 2005 +0100" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Wed Sep 28 09:10:47 2005 -0700" }, "message": "[PATCH] Keys: Add possessor permissions to keys [try #3]\n\nThe attached patch adds extra permission grants to keys for the possessor of a\nkey in addition to the owner, group and other permissions bits. This makes\nSUID binaries easier to support without going as far as labelling keys and key\ntargets using the LSM facilities.\n\nThis patch adds a second \"pointer type\" to key structures (struct key_ref *)\nthat can have the bottom bit of the address set to indicate the possession of\na key. This is propagated through searches from the keyring to the discovered\nkey. It has been made a separate type so that the compiler can spot attempts\nto dereference a potentially incorrect pointer.\n\nThe \"possession\" attribute can\u0027t be attached to a key structure directly as\nit\u0027s not an intrinsic property of a key.\n\nPointers to keys have been replaced with struct key_ref *\u0027s wherever\npossession information needs to be passed through.\n\nThis does assume that the bottom bit of the pointer will always be zero on\nreturn from kmem_cache_alloc().\n\nThe key reference type has been made into a typedef so that at least it can be\nlocated in the sources, even though it\u0027s basically a pointer to an undefined\ntype. I\u0027ve also renamed the accessor functions to be more useful, and all\nreference variables should now end in \"_ref\".\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "9afa57b04ca08ff061e54787e3becf5c40283149", "tree": "0289bc53611919aaf87c455633fe0b3a9eff2c87", "parents": [ "d15c5749eb81dee94d40fe12584ca8461858b4cb" ], "author": { "name": "Serge Hallyn", "email": "serue@us.ibm.com", "time": "Fri Sep 16 19:27:57 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Sep 17 11:50:01 2005 -0700" }, "message": "[PATCH] seclvl: use securityfs (fix)\n\nThat should be -EINVAL for both.\n\nSigned-off-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: Greg KH \u003cgreg@kroah.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "d15c5749eb81dee94d40fe12584ca8461858b4cb", "tree": "b265834c83b80c25bf140d918edf0838405dc3d5", "parents": [ "73a0b538ee573a76cba59cdc9f177a71776d4678" ], "author": { "name": "Andrew Morton", "email": "akpm@osdl.org", "time": "Fri Sep 16 19:27:56 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Sat Sep 17 11:50:01 2005 -0700" }, "message": "[PATCH] seclvl-use-securityfs tidy\n\nWe don\u0027t put braces around single statements, thanks.\n\nCc: Serge Hallyn \u003cserue@us.ibm.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Chris Wright \u003cchrisw@osdl.org\u003e\nCc: Greg KH \u003cgreg@kroah.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "ddbf9ef385bfbef897210733abfb73cb9b94ecec", "tree": "64a9e965a71eef13e813a3327f8d74aa7168ee19", "parents": [ "5d54e69c68c05b162a56f9914cae72afd7e6f40a", "2c40579bdc2a94977fcff2521d5b53a97c33e77a" ], "author": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Sep 13 09:48:54 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Sep 13 09:48:54 2005 -0700" }, "message": "Merge master.kernel.org:/pub/scm/linux/kernel/git/chrisw/lsm-2.6 \n" }, { "commit": "5d54e69c68c05b162a56f9914cae72afd7e6f40a", "tree": "c5933858c4861bc3e358559f64ef459a1f56ab75", "parents": [ "63f3d1df1ad276a30b75339dd682a6e1f9d0c181", "b6ddc518520887a62728b0414efbf802a9dfdd55" ], "author": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Sep 13 09:47:30 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Tue Sep 13 09:47:30 2005 -0700" }, "message": "Merge master.kernel.org:/pub/scm/linux/kernel/git/dwmw2/audit-2.6 \n" }, { "commit": "b835996f628eadb55c5fb222ba46fe9395bf73c7", "tree": "d63d80585d197e1ffc299af4a0034049790fb197", "parents": [ "ab2af1f5005069321c5d130f09cce577b03f43ef" ], "author": { "name": "Dipankar Sarma", "email": "dipankar@in.ibm.com", "time": "Fri Sep 09 13:04:14 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Sep 09 13:57:55 2005 -0700" }, "message": "[PATCH] files: lock-free fd look-up\n\nWith the use of RCU in files structure, the look-up of files using fds can now\nbe lock-free. The lookup is protected by rcu_read_lock()/rcu_read_unlock().\nThis patch changes the readers to use lock-free lookup.\n\nSigned-off-by: Maneesh Soni \u003cmaneesh@in.ibm.com\u003e\nSigned-off-by: Ravikiran Thirumalai \u003ckiran_th@gmail.com\u003e\nSigned-off-by: Dipankar Sarma \u003cdipankar@in.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "badf16621c1f9d1ac753be056fce11b43d6e0be5", "tree": "3fdf833fdf2e3d3a439090743539680449ec3428", "parents": [ "c0dfb2905126e9e94edebbce8d3e05001301f52d" ], "author": { "name": "Dipankar Sarma", "email": "dipankar@in.ibm.com", "time": "Fri Sep 09 13:04:10 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Sep 09 13:57:55 2005 -0700" }, "message": "[PATCH] files: break up files struct\n\nIn order for the RCU to work, the file table array, sets and their sizes must\nbe updated atomically. Instead of ensuring this through too many memory\nbarriers, we put the arrays and their sizes in a separate structure. This\npatch takes the first step of putting the file table elements in a separate\nstructure fdtable that is embedded withing files_struct. It also changes all\nthe users to refer to the file table using files_fdtable() macro. Subsequent\napplciation of RCU becomes easier after this.\n\nSigned-off-by: Dipankar Sarma \u003cdipankar@in.ibm.com\u003e\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "e31e14ec356f36b131576be5bc31d8fef7e95483", "tree": "5597419cf186904d77c4b4ecf117287bcc1db986", "parents": [ "a74574aafea3a63add3251047601611111f44562" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Fri Sep 09 13:01:45 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Sep 09 13:57:28 2005 -0700" }, "message": "[PATCH] remove the inode_post_link and inode_post_rename LSM hooks\n\nThis patch removes the inode_post_link and inode_post_rename LSM hooks as\nthey are unused (and likely useless).\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "a74574aafea3a63add3251047601611111f44562", "tree": "a8f4a809589513c666c6f5518cbe84f50ee5523e", "parents": [ "570bc1c2e5ccdb408081e77507a385dc7ebed7fa" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Fri Sep 09 13:01:44 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Sep 09 13:57:28 2005 -0700" }, "message": "[PATCH] Remove security_inode_post_create/mkdir/symlink/mknod hooks\n\nThis patch removes the inode_post_create/mkdir/mknod/symlink LSM hooks as\nthey are obsoleted by the new inode_init_security hook that enables atomic\ninode security labeling.\n\nIf anyone sees any reason to retain these hooks, please speak now. Also,\nis anyone using the post_rename/link hooks; if not, those could also be\nremoved.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "570bc1c2e5ccdb408081e77507a385dc7ebed7fa", "tree": "d00d2df7c93899fa2028128c40961fec46ede471", "parents": [ "ac50960afa31877493add6d941d8402fa879c452" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Fri Sep 09 13:01:43 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Sep 09 13:57:28 2005 -0700" }, "message": "[PATCH] tmpfs: Enable atomic inode security labeling\n\nThis patch modifies tmpfs to call the inode_init_security LSM hook to set\nup the incore inode security state for new inodes before the inode becomes\naccessible via the dcache.\n\nAs there is no underlying storage of security xattrs in this case, it is\nnot necessary for the hook to return the (name, value, len) triple to the\ntmpfs code, so this patch also modifies the SELinux hook function to\ncorrectly handle the case where the (name, value, len) pointers are NULL.\n\nThe hook call is needed in tmpfs in order to support proper security\nlabeling of tmpfs inodes (e.g. for udev with tmpfs /dev in Fedora). With\nthis change in place, we should then be able to remove the\nsecurity_inode_post_create/mkdir/... hooks safely.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: Hugh Dickins \u003chugh@veritas.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "5e41ff9e0650f327a6c819841fa412da95d57319", "tree": "a525df8bda34c2aa52f30326f94cd15109bb58b3", "parents": [ "f5ee56cc184e0944ebc9ff1691985219959596f6" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Fri Sep 09 13:01:35 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Fri Sep 09 13:57:27 2005 -0700" }, "message": "[PATCH] security: enable atomic inode security labeling\n\nThe following patch set enables atomic security labeling of newly created\ninodes by altering the fs code to invoke a new LSM hook to obtain the security\nattribute to apply to a newly created inode and to set up the incore inode\nsecurity state during the inode creation transaction. This parallels the\nexisting processing for setting ACLs on newly created inodes. Otherwise, it\nis possible for new inodes to be accessed by another thread via the dcache\nprior to complete security setup (presently handled by the\npost_create/mkdir/... LSM hooks in the VFS) and a newly created inode may be\nleft unlabeled on the disk in the event of a crash. SELinux presently works\naround the issue by ensuring that the incore inode security label is\ninitialized to a special SID that is inaccessible to unprivileged processes\n(in accordance with policy), thereby preventing inappropriate access but\npotentially causing false denials on legitimate accesses. A simple test\nprogram demonstrates such false denials on SELinux, and the patch solves the\nproblem. Similar such false denials have been encountered in real\napplications.\n\nThis patch defines a new inode_init_security LSM hook to obtain the security\nattribute to apply to a newly created inode and to set up the incore inode\nsecurity state for it, and adds a corresponding hook function implementation\nto SELinux.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "48467641bcc057f7cba3b6cbbe66cb834d64cc81", "tree": "f7c5c5e964c220de30fcdcd06b0f1efdb3e22439", "parents": [ "3863e72414fa2ebf5f3b615d1bf99de32e59980a", "d70063c4634af060a5387337b7632f6334ca3458" ], "author": { "name": "Linus Torvalds", "email": "torvalds@evo.osdl.org", "time": "Mon Sep 05 00:11:50 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@evo.osdl.org", "time": "Mon Sep 05 00:11:50 2005 -0700" }, "message": "Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 \n" }, { "commit": "b5bf6c55edf94e9c7fc01724d5b271f78eaf1d3f", "tree": "0f2be4478fa5886f467fce8b4a8d56b5e8dbed46", "parents": [ "782ebb992ec20b5afdd5786ee8c2f1b58b631f24" ], "author": { "name": "Alexey Dobriyan", "email": "adobriyan@gmail.com", "time": "Sat Sep 03 15:55:17 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@evo.osdl.org", "time": "Mon Sep 05 00:05:51 2005 -0700" }, "message": "[PATCH] selinux: endian notations\n\nThis patch adds endian notations to the SELinux code.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "782ebb992ec20b5afdd5786ee8c2f1b58b631f24", "tree": "adf0af44fa591d803ec6b9ab7541ff3e5745dd93", "parents": [ "720d6c29e146e96cca858057469951e91e0e6850" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Sat Sep 03 15:55:16 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@evo.osdl.org", "time": "Mon Sep 05 00:05:50 2005 -0700" }, "message": "[PATCH] selinux: Reduce memory use by avtab\n\nThis patch improves memory use by SELinux by both reducing the avtab node\nsize and reducing the number of avtab nodes. The memory savings are\nsubstantial, e.g. on a 64-bit system after boot, James Morris reported the\nfollowing data for the targeted and strict policies:\n\n #objs objsize kernmem\nTargeted:\n Before: 237888 40 9.1MB\n After: 19968 24 468KB\n\nStrict:\n Before: 571680 40 21.81MB\n After: 221052 24 5.06MB\n\nThe improvement in memory use comes at a cost in the speed of security\nserver computations of access vectors, but these computations are only\nrequired on AVC cache misses, and performance measurements by James Morris\nusing a number of benchmarks have shown that the change does not cause any\nsignificant degradation.\n\nNote that a rebuilt policy via an updated policy toolchain\n(libsepol/checkpolicy) is required in order to gain the full benefits of\nthis patch, although some memory savings benefits are immediately applied\neven to older policies (in particular, the reduction in avtab node size).\nSources for the updated toolchain are presently available from the\nsourceforge CVS tree (http://sourceforge.net/cvs/?group_id\u003d21266), and\ntarballs are available from http://www.flux.utah.edu/~sds.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "eb6f1160ddb2fdadf50f350da79d0796c37f17e2", "tree": "e7b048b089b4b0ec9f121eea9a7f5864999dbac3", "parents": [ "64baf3cfea974d2b9e671ccfdbc03e030ea5ebc6" ], "author": { "name": "Herbert Xu", "email": "herbert@gondor.apana.org.au", "time": "Thu Sep 01 17:43:25 2005 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Thu Sep 01 17:43:25 2005 -0700" }, "message": "[CRYPTO]: Use CRYPTO_TFM_REQ_MAY_SLEEP where appropriate\n\nThis patch goes through the current users of the crypto layer and sets\nCRYPTO_TFM_REQ_MAY_SLEEP at crypto_alloc_tfm() where all crypto operations\nare performed in process context.\n\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "216efaaaa006d2f3ecbb5bbc2b6673423813254e", "tree": "c05cd2d0ec829d18a8f85ff8611c0e1424303f52", "parents": [ "066286071d3542243baa68166acb779187c848b3" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 15 20:34:48 2005 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@sunset.davemloft.net", "time": "Mon Aug 29 16:01:15 2005 -0700" }, "message": "[SELINUX]: Update for tcp_diag rename to inet_diag.\n\nAlso, support dccp sockets.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "066286071d3542243baa68166acb779187c848b3", "tree": "ef6604f16ceb13842a30311654e6a64aac716c48", "parents": [ "9a4595bc7e67962f13232ee55a64e063062c3a99" ], "author": { "name": "Patrick McHardy", "email": "kaber@trash.net", "time": "Mon Aug 15 12:33:26 2005 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@sunset.davemloft.net", "time": "Mon Aug 29 16:01:11 2005 -0700" }, "message": "[NETLINK]: Add \"groups\" argument to netlink_kernel_create\n\nSigned-off-by: Patrick McHardy \u003ckaber@trash.net\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "ac6d439d2097b72ea0cbc2322ce1263a38bc1fd0", "tree": "19e638a226993dddede5a2da577e2572f7555a95", "parents": [ "d629b836d151d43332492651dd841d32e57ebe3b" ], "author": { "name": "Patrick McHardy", "email": "kaber@trash.net", "time": "Sun Aug 14 19:29:52 2005 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@sunset.davemloft.net", "time": "Mon Aug 29 16:00:54 2005 -0700" }, "message": "[NETLINK]: Convert netlink users to use group numbers instead of bitmasks\n\nSigned-off-by: Patrick McHardy \u003ckaber@trash.net\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "43e943c32b9213b5d25407b281c94aaa474fd9a6", "tree": "7844a1aa95d697ae378bc799085e1b29eb0b8a48", "parents": [ "ad93e266a17c6f606e96304c866eb73665ae34fa" ], "author": { "name": "Patrick McHardy", "email": "kaber@trash.net", "time": "Sun Aug 14 19:25:47 2005 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@sunset.davemloft.net", "time": "Mon Aug 29 16:00:34 2005 -0700" }, "message": "[NETLINK]: Fix missing dst_groups initializations in netlink_broadcast users\n\nnetlink_broadcast users must initialize NETLINK_CB(skb).dst_groups to the\ndestination group mask for netlink_recvmsg.\n\nSigned-off-by: Patrick McHardy \u003ckaber@trash.net\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "4fdb3bb723db469717c6d38fda667d8b0fa86ebd", "tree": "43d82e717922e6319cf8a8f9dc5ee902c651b491", "parents": [ "020b4c12dbe3868d792a01d7c1470cd837abe10f" ], "author": { "name": "Harald Welte", "email": "laforge@netfilter.org", "time": "Tue Aug 09 19:40:55 2005 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@sunset.davemloft.net", "time": "Mon Aug 29 15:35:08 2005 -0700" }, "message": "[NETLINK]: Add properly module refcounting for kernel netlink sockets.\n\n- Remove bogus code for compiling netlink as module\n- Add module refcounting support for modules implementing a netlink\n protocol\n- Add support for autoloading modules that implement a netlink protocol\n as soon as someone opens a socket for that protocol\n\nSigned-off-by: Harald Welte \u003claforge@netfilter.org\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "2c40579bdc2a94977fcff2521d5b53a97c33e77a", "tree": "04da3ba2070d46115e93ddbb148e035666862d84", "parents": [ "5a73c308754e27829c94544e010f133019cbd432" ], "author": { "name": "Adrian Bunk", "email": "bunk@stusta.de", "time": "Mon Aug 22 18:20:50 2005 +0200" }, "committer": { "name": "Chris Wright", "email": "chrisw@osdl.org", "time": "Mon Aug 22 14:10:22 2005 -0700" }, "message": "[PATCH] SECURITY must depend on SYSFS\n\nCONFIG_SECURITY\u003dy and CONFIG_SYSFS\u003dn results in the following compile\nerror:\n\n\u003c-- snip --\u003e\n\n...\n LD vmlinux\nsecurity/built-in.o: In function `securityfs_init\u0027:\ninode.c:(.init.text+0x1c2): undefined reference to `kernel_subsys\u0027\nmake: *** [vmlinux] Error 1\n\n\u003c-- snip --\u003e\n\nSigned-off-by: Adrian Bunk \u003cbunk@stusta.de\u003e\nSigned-off-by: Chris Wright \u003cchrisw@osdl.org\u003e\n" }, { "commit": "c973b112c76c9d8fd042991128f218a738cc8d0a", "tree": "e813b0da5d0a0e19e06de6462d145a29ad683026", "parents": [ "c5fbc3966f48279dbebfde10248c977014aa9988", "00dd1e433967872f3997a45d5adf35056fdf2f56" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Tue Aug 09 16:51:35 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Tue Aug 09 16:51:35 2005 +0100" }, "message": "Merge with /shiny/git/linux-2.6/.git\n" }, { "commit": "94efe72f762e2c147d8146d637d5ece5614c8d94", "tree": "002e4719541ad838342e01a5f8ff63ae0a618b29", "parents": [ "bcf945d36fa0598f41ac4ad46a9dc43135460263" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Aug 04 13:07:07 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Thu Aug 04 13:11:14 2005 -0700" }, "message": "[PATCH] Destruction of failed keyring oopses\n\nThe attached patch makes sure that a keyring that failed to instantiate\nproperly is destroyed without oopsing [CAN-2005-2099].\n\nThe problem occurs in three stages:\n\n (1) The key allocator initialises the type-specific data to all zeroes. In\n the case of a keyring, this will become a link in the keyring name list\n when the keyring is instantiated.\n\n (2) If a user (any user) attempts to add a keyring with anything other than\n an empty payload, the keyring instantiation function will fail with an\n error and won\u0027t add the keyring to the name list.\n\n (3) The keyring\u0027s destructor then sees that the keyring has a description\n (name) and tries to remove the keyring from the name list, which oopses\n because the link pointers are both zero.\n\nThis bug permits any user to take down a box trivially.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "bcf945d36fa0598f41ac4ad46a9dc43135460263", "tree": "7a2aa188442bf863f20055a001baf85143d7a5b9", "parents": [ "6fb0caa42308923d9e4ed7b36ec077b97c107e24" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Aug 04 13:07:06 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Thu Aug 04 13:11:14 2005 -0700" }, "message": "[PATCH] Error during attempt to join key management session can leave semaphore pinned\n\nThe attached patch prevents an error during the key session joining operation\nfrom hanging future joins in the D state [CAN-2005-2098].\n\nThe problem is that the error handling path for the KEYCTL_JOIN_SESSION_KEYRING\noperation has one error path that doesn\u0027t release the session management\nsemaphore. Further attempts to get the semaphore will then sleep for ever in\nthe D state.\n\nThis can happen in four situations, all involving an attempt to allocate a new\nsession keyring:\n\n (1) ENOMEM.\n\n (2) The users key quota being reached.\n\n (3) A keyring name that is an empty string.\n\n (4) A keyring name that is too long.\n\nAny user may attempt this operation, and so any user can cause the problem to\noccur.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "1260f801b4e4ba7be200886b4a53d730de05ca19", "tree": "319a68125252ac50df21b6e84cc1131c96e60d6f", "parents": [ "c36f19e02a96488f550fdb678c92500afca3109b" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Aug 04 11:50:01 2005 +0100" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Thu Aug 04 08:20:47 2005 -0700" }, "message": "[PATCH] Keys: Fix key management syscall interface bugs\n\nThis fixes five bugs in the key management syscall interface:\n\n (1) add_key() returns 0 rather than EINVAL if the key type is \"\".\n\n Checking the key type isn\u0027t \"\" should be left to lookup_user_key().\n\n (2) request_key() returns ENOKEY rather than EPERM if the key type begins\n with a \".\".\n\n lookup_user_key() can\u0027t do this because internal key types begin with a\n \".\".\n\n (3) Key revocation always returns 0, even if it fails.\n\n (4) Key read can return EAGAIN rather than EACCES under some circumstances.\n\n A key is permitted to by read by a process if it doesn\u0027t grant read\n access, but it does grant search access and it is in the process\u0027s\n keyrings. That search returns EAGAIN if it fails, and this needs\n translating to EACCES.\n\n (5) request_key() never adds the new key to the destination keyring if one is\n supplied.\n\n The wrong macro was being used to test for an error condition: PTR_ERR()\n will always return true, whether or not there\u0027s an error; this should\u0027ve\n been IS_ERR().\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-Off-By: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "911656f8a630e36b22c7e2bba3317dec9174209c", "tree": "2257dd4c04f4d234caf770a748b290b4d144fcf5", "parents": [ "f0b9d796002d9d39575cf1beabfb625f68b507fa" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Thu Jul 28 21:16:21 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Thu Jul 28 21:46:05 2005 -0700" }, "message": "[PATCH] selinux: Fix address length checks in connect hook\n\nThis patch fixes the address length checks in the selinux_socket_connect\nhook to be no more restrictive than the underlying ipv4 and ipv6 code;\notherwise, this hook can reject valid connect calls. This patch is in\nresponse to a bug report where an application was calling connect on an\nINET6 socket with an address that didn\u0027t include the optional scope id and\nfailing due to these checks.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "f5c1d5b2aaf9a98f15a6dcdfbba1f494d0aaae52", "tree": "e896d0b6b9f561c9d124fa81efd261518ccbddf4", "parents": [ "e1699f508ab5098de4b258268fa8913db38d9d35" ], "author": { "name": "James Morris", "email": "jmorris@redhat.com", "time": "Thu Jul 28 01:07:37 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Thu Jul 28 08:39:02 2005 -0700" }, "message": "[PATCH] SELinux: default labeling of MLS field\n\nImplement kernel labeling of the MLS (multilevel security) field of\nsecurity contexts for files which have no existing MLS field. This is to\nenable upgrades of a system from non-MLS to MLS without performing a full\nfilesystem relabel including all of the mountpoints, which would be quite\npainful for users.\n\nWith this patch, with MLS enabled, if a file has no MLS field, the kernel\ninternally adds an MLS field to the in-core inode (but not to the on-disk\nfile). This MLS field added is the default for the superblock, allowing\nper-mountpoint control over the values via fixed policy or mount options.\n\nThis patch has been tested by enabling MLS without relabeling its\nfilesystem, and seems to be working correctly.\n\nSigned-off-by: James Morris \u003cjmorris@redhat.com\u003e\nSigned-off-by: Stephen Smalley \u003csds@epoch.ncsc.mil\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "30beab1491f0b96b2f23d3fb68af01fd921a16d8", "tree": "c580bdc0846269fbb10feeda901ecec1a48ee2ef", "parents": [ "21af6c4f2aa5f63138871b4ddd77d7ebf2588c9d", "c32511e2718618f0b53479eb36e07439aa363a74" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed Jul 13 15:25:59 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed Jul 13 15:25:59 2005 +0100" }, "message": "Merge with /shiny/git/linux-2.6/.git\n" }, { "commit": "5a73c308754e27829c94544e010f133019cbd432", "tree": "be66dc5e28c5510f6c3da99a4f8d9d9efe1360d6", "parents": [ "b67dbf9d4c1987c370fd18fdc4cf9d8aaea604c2" ], "author": { "name": "serue@us.ibm.com", "email": "serue@us.ibm.com", "time": "Fri Jul 08 15:44:19 2005 -0500" }, "committer": { "name": "Chris Wright", "email": "chrisw@osdl.org", "time": "Fri Jul 08 18:49:05 2005 -0700" }, "message": "[PATCH] seclvl securityfs\n\nOnce again, the simple_attr in libfs was actually sufficient - I\u0027d\nthought the __attribute__(format(printk(1,2))) was more mysterious than\nit really is.\n\nAt last, here is the full patch to make seclvl use securityfs.\n\nSigned-off-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: Chris Wright \u003cchrisw@osdl.org\u003e\n--\n\n seclvl.c | 228 +++++++++++++++++++--------------------------------------------\n 1 files changed, 70 insertions(+), 158 deletions(-)\n\nIndex: linux-2.6.13-rc1/security/seclvl.c\n\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n" }, { "commit": "b67dbf9d4c1987c370fd18fdc4cf9d8aaea604c2", "tree": "76c8bf2d44a9e8b3fb8df8dedf950bbb78d340ae", "parents": [ "043d051615aa5da09a7e44f1edbb69798458e067" ], "author": { "name": "Greg KH", "email": "greg@kroah.com", "time": "Thu Jul 07 14:37:53 2005 -0700" }, "committer": { "name": "Chris Wright", "email": "chrisw@osdl.org", "time": "Fri Jul 08 18:48:41 2005 -0700" }, "message": "[PATCH] add securityfs for all LSMs to use\n\nHere\u0027s a small patch against 2.6.13-rc2 that adds securityfs, a virtual\nfs that all LSMs can use instead of creating their own. The fs should\nbe mounted at /sys/kernel/security, and the fs creates that mount point.\nThis will make the LSB people happy that we aren\u0027t creating a new\n/my_lsm_fs directory in the root for every different LSM.\n\nIt has changed a bit since the last version, thanks to comments from\nMike Waychison.\n\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@suse.de\u003e\nSigned-off-by: Chris Wright \u003cchrisw@osdl.org\u003e\n" }, { "commit": "a4014d8f61a6a136d22422cf8aa978e6495dbad9", "tree": "bb5d995c2511b99e131ca92020ffc10cafee4447", "parents": [ "682d4fc93105ebf0bdfbb04a4b85047999b17844" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Jul 07 17:57:03 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@g5.osdl.org", "time": "Thu Jul 07 18:23:46 2005 -0700" }, "message": "[PATCH] Keys: Base keyring size on key pointer not key struct\n\nThe attached patch makes the keyring functions calculate the new size of a\nkeyring\u0027s payload based on the size of pointer to the key struct, not the size\nof the key struct itself.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "d2f6409584e2c62ffad81690562330ff3bf4a458", "tree": "3bdfb97d0b51be2f7f414f2107e97603c1206abb", "parents": [ "e1b09eba2686eca94a3a188042b518df6044a3c1", "4a89a04f1ee21a7c1f4413f1ad7dcfac50ff9b63" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Sat Jul 02 13:39:09 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Sat Jul 02 13:39:09 2005 +0100" }, "message": "Merge with master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6.git\n\n" }, { "commit": "6931dfc9f3f81d148b7ed0ab3fd796f8b986a995", "tree": "8c7251413b1243e29dc155fd9590931b423c5e31", "parents": [ "9a936eb928c1a253c2e5d66b947688bdc55094a6" ], "author": { "name": "Eric Paris", "email": "eparis@parisplace.org", "time": "Thu Jun 30 02:58:51 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Thu Jun 30 08:45:09 2005 -0700" }, "message": "[PATCH] selinux_sb_copy_data() should not require a whole page\n\nCurrently selinux_sb_copy_data requires an entire page be allocated to\n*orig when the function is called. This \"requirement\" is based on the fact\nthat we call copy_page(in_save, nosec_save) and in_save \u003d orig when the\ndata is not FS_BINARY_MOUNTDATA. This means that if a caller were to call\ndo_kern_mount with only about 10 bytes of options, they would get passed\nhere and then we would corrupt PAGE_SIZE - 10 bytes of memory (with all\nzeros.)\n\nCurrently it appears all in kernel FS\u0027s use one page of data so this has\nnot been a problem. An out of kernel FS did just what is described above\nand it would almost always panic shortly after they tried to mount. From\nlooking else where in the kernel it is obvious that this string of data\nmust always be null terminated. (See example in do_mount where it always\nzeros the last byte.) Thus I suggest we use strcpy in place of copy_page.\nIn this way we make sure the amount we copy is always less than or equal to\nthe amount we received and since do_mount is zeroing the last byte this\nshould be safe for all.\n\nSigned-off-by: Eric Paris \u003ceparis@parisplace.org\u003e\nCc: Stephen Smalley \u003csds@epoch.ncsc.mil\u003e\nAcked-by: James Morris \u003cjmorris@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "9a5f04bf798254390f89445ecf0b6f4c70ddc1f8", "tree": "ed9aa17d9d980f3f013ccc84e12135c65b51757d", "parents": [ "a2ba192c96d12447472e105890a9cd1b97952747" ], "author": { "name": "Jesper Juhl", "email": "juhl-lkml@dif.dk", "time": "Sat Jun 25 14:58:51 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Jun 25 16:25:00 2005 -0700" }, "message": "[PATCH] selinux: kfree cleanup\n\nkfree(NULL) is legal.\n\nSigned-off-by: Jesper Juhl \u003cjuhl-lkml@dif.dk\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "b2b18660066997420b716c1881a6be8b82700d97", "tree": "7c6eb8e7b8163e3d332bd4a4efe2ae5b5cfabdd2", "parents": [ "ae67cd643e9e64217fd92457324625c67fec6e35" ], "author": { "name": "Paul E. McKenney", "email": "paulmck@us.ibm.com", "time": "Sat Jun 25 14:55:38 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Jun 25 16:24:38 2005 -0700" }, "message": "[PATCH] RCU: clean up a few remaining synchronize_kernel() calls\n\n2.6.12-rc6-mm1 has a few remaining synchronize_kernel()s, some (but not\nall) in comments. This patch changes these synchronize_kernel() calls (and\ncomments) to synchronize_rcu() or synchronize_sched() as follows:\n\n- arch/x86_64/kernel/mce.c mce_read(): change to synchronize_sched() to\n handle races with machine-check exceptions (synchronize_rcu() would not cut\n it given RCU implementations intended for hardcore realtime use.\n\n- drivers/input/serio/i8042.c i8042_stop(): change to synchronize_sched() to\n handle races with i8042_interrupt() interrupt handler. Again,\n synchronize_rcu() would not cut it given RCU implementations intended for\n hardcore realtime use.\n\n- include/*/kdebug.h comments: change to synchronize_sched() to handle races\n with NMIs. As before, synchronize_rcu() would not cut it...\n\n- include/linux/list.h comment: change to synchronize_rcu(), since this\n comment is for list_del_rcu().\n\n- security/keys/key.c unregister_key_type(): change to synchronize_rcu(),\n since this is interacting with RCU read side.\n\n- security/keys/process_keys.c install_session_keyring(): change to\n synchronize_rcu(), since this is interacting with RCU read side.\n\nSigned-off-by: \"Paul E. McKenney\" \u003cpaulmck@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "09ffd94fb15d85fbf9eebb8180f50264b264d6fe", "tree": "688a5b60f9718a56a5d4386ef10596e77fb65b7b", "parents": [ "6b9921976f0861e04828b3aff66696c1f3fd900d" ], "author": { "name": "Lorenzo Hernández García-Hierro", "email": "lorenzo@gnu.org", "time": "Sat Jun 25 14:54:35 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Jun 25 16:24:26 2005 -0700" }, "message": "[PATCH] selinux: add executable heap check\n\nThis patch,based on sample code by Roland McGrath, adds an execheap\npermission check that controls the ability to make the heap executable so\nthat this can be prevented in almost all cases (the X server is presently\nan exception, but this will hopefully be resolved in the future) so that\neven programs with execmem permission will need to have the anonymous\nmemory mapped in order to make it executable.\n\nThe only reason that we use a permission check for such restriction (vs.\nmaking it unconditional) is that the X module loader presently needs it; it\ncould possibly be made unconditional in the future when X is changed.\n\nThe policy patch for the execheap permission is available at:\nhttp://pearls.tuxedo-es.org/patches/selinux/policy-execheap.patch\n\nSigned-off-by: Lorenzo Hernandez Garcia-Hierro \u003clorenzo@gnu.org\u003e\nAcked-by: James Morris \u003cjmorris@redhat.com\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: Ingo Molnar \u003cmingo@elte.hu\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "6b9921976f0861e04828b3aff66696c1f3fd900d", "tree": "be372b9dc81e393c909c7fecf8778e8864ba3a0d", "parents": [ "2d15cab85b85a56cc886037cab43cc292923ff22" ], "author": { "name": "Lorenzo Hernandez García-Hierro", "email": "lorenzo@gnu.org", "time": "Sat Jun 25 14:54:34 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Sat Jun 25 16:24:26 2005 -0700" }, "message": "[PATCH] selinux: add executable stack check\n\nThis patch adds an execstack permission check that controls the ability to\nmake the main process stack executable so that attempts to make the stack\nexecutable can still be prevented even if the process is allowed the\nexisting execmem permission in order to e.g. perform runtime code\ngeneration. Note that this does not yet address thread stacks. Note also\nthat unlike the execmem check, the execstack check is only applied on\nmprotect calls, not mmap calls, as the current security_file_mmap hook is\nnot passed the necessary information presently.\n\nThe original author of the code that makes the distinction of the stack\nregion, is Ingo Molnar, who wrote it within his patch for\n/proc/\u003cpid\u003e/maps markers.\n(http://marc.theaimsgroup.com/?l\u003dlinux-kernel\u0026m\u003d110719881508591\u0026w\u003d2)\n\nThe patches also can be found at:\nhttp://pearls.tuxedo-es.org/patches/selinux/policy-execstack.patch\nhttp://pearls.tuxedo-es.org/patches/selinux/kernel-execstack.patch\n\npolicy-execstack.patch is the patch that needs to be applied to the policy in\norder to support the execstack permission and exclude it\nfrom general_domain_access within macros/core_macros.te.\n\nkernel-execstack.patch adds such permission to the SELinux code within\nthe kernel and adds the proper permission check to the selinux_file_mprotect() hook.\n\nSigned-off-by: Lorenzo Hernandez Garcia-Hierro \u003clorenzo@gnu.org\u003e\nAcked-by: James Morris \u003cjmorris@redhat.com\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: Ingo Molnar \u003cmingo@elte.hu\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "16c29b67fb3bbacfc2a71f9e5f7d85728ef45efa", "tree": "adf06d2e9db51a455038f189790bfceffc1e0218", "parents": [ "3e30148c3d524a9c1c63ca28261bc24c457eb07a" ], "author": { "name": "Michael Halcrow", "email": "mhalcrow@us.ibm.com", "time": "Thu Jun 23 22:00:58 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Fri Jun 24 00:05:19 2005 -0700" }, "message": "[PATCH] eCryptfs: export user key type\n\nExport this symbol to GPL modules for eCryptfs: an out-of-tree GPL\u0027ed\nfilesystem.\n\nSigned off by: Michael Halcrow \u003cmhalcrow@us.ibm.com\u003e\n\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "3e30148c3d524a9c1c63ca28261bc24c457eb07a", "tree": "a2fcc46cc11fe871ad976c07476d934a07313576", "parents": [ "8589b4e00e352f983259140f25a262d973be6bc5" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Jun 23 22:00:56 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Fri Jun 24 00:05:19 2005 -0700" }, "message": "[PATCH] Keys: Make request-key create an authorisation key\n\nThe attached patch makes the following changes:\n\n (1) There\u0027s a new special key type called \".request_key_auth\".\n\n This is an authorisation key for when one process requests a key and\n another process is started to construct it. This type of key cannot be\n created by the user; nor can it be requested by kernel services.\n\n Authorisation keys hold two references:\n\n (a) Each refers to a key being constructed. When the key being\n \t constructed is instantiated the authorisation key is revoked,\n \t rendering it of no further use.\n\n (b) The \"authorising process\". This is either:\n\n \t (i) the process that called request_key(), or:\n\n \t (ii) if the process that called request_key() itself had an\n \t authorisation key in its session keyring, then the authorising\n \t process referred to by that authorisation key will also be\n \t referred to by the new authorisation key.\n\n\t This means that the process that initiated a chain of key requests\n\t will authorise the lot of them, and will, by default, wind up with\n\t the keys obtained from them in its keyrings.\n\n (2) request_key() creates an authorisation key which is then passed to\n /sbin/request-key in as part of a new session keyring.\n\n (3) When request_key() is searching for a key to hand back to the caller, if\n it comes across an authorisation key in the session keyring of the\n calling process, it will also search the keyrings of the process\n specified therein and it will use the specified process\u0027s credentials\n (fsuid, fsgid, groups) to do that rather than the calling process\u0027s\n credentials.\n\n This allows a process started by /sbin/request-key to find keys belonging\n to the authorising process.\n\n (4) A key can be read, even if the process executing KEYCTL_READ doesn\u0027t have\n direct read or search permission if that key is contained within the\n keyrings of a process specified by an authorisation key found within the\n calling process\u0027s session keyring, and is searchable using the\n credentials of the authorising process.\n\n This allows a process started by /sbin/request-key to read keys belonging\n to the authorising process.\n\n (5) The magic KEY_SPEC_*_KEYRING key IDs when passed to KEYCTL_INSTANTIATE or\n KEYCTL_NEGATE will specify a keyring of the authorising process, rather\n than the process doing the instantiation.\n\n (6) One of the process keyrings can be nominated as the default to which\n request_key() should attach new keys if not otherwise specified. This is\n done with KEYCTL_SET_REQKEY_KEYRING and one of the KEY_REQKEY_DEFL_*\n constants. The current setting can also be read using this call.\n\n (7) request_key() is partially interruptible. If it is waiting for another\n process to finish constructing a key, it can be interrupted. This permits\n a request-key cycle to be broken without recourse to rebooting.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-Off-By: Benoit Boissinot \u003cbenoit.boissinot@ens-lyon.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "8589b4e00e352f983259140f25a262d973be6bc5", "tree": "d53c9b43ee0aaa2d7518a023c4b6373422117506", "parents": [ "7888e7ff4ee579442128d7d12a9c9dbf2cf7de6a" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Jun 23 22:00:53 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Fri Jun 24 00:05:18 2005 -0700" }, "message": "[PATCH] Keys: Use RCU to manage session keyring pointer\n\nThe attached patch uses RCU to manage the session keyring pointer in struct\nsignal_struct. This means that searching need not disable interrupts and get\na the sighand spinlock to access this pointer. Furthermore, by judicious use\nof rcu_read_(un)lock(), this patch also avoids the need to take and put\nrefcounts on the session keyring itself, thus saving on even more atomic ops.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "7888e7ff4ee579442128d7d12a9c9dbf2cf7de6a", "tree": "abe428ecb966e1dae07fce17f38e3e0c0ab4f134", "parents": [ "76d8aeabfeb1c42641a81c44280177b9a08670d8" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Jun 23 22:00:51 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Fri Jun 24 00:05:18 2005 -0700" }, "message": "[PATCH] Keys: Pass session keyring to call_usermodehelper()\n\nThe attached patch makes it possible to pass a session keyring through to the\nprocess spawned by call_usermodehelper(). This allows patch 3/3 to pass an\nauthorisation key through to /sbin/request-key, thus permitting better access\ncontrols when doing just-in-time key creation.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "76d8aeabfeb1c42641a81c44280177b9a08670d8", "tree": "0a584439bb44e440717aa77a1398ba9eea24a137", "parents": [ "7286aa9b9ab35f20b1ff16d867f4535701df99b5" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Jun 23 22:00:49 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Fri Jun 24 00:05:18 2005 -0700" }, "message": "[PATCH] keys: Discard key spinlock and use RCU for key payload\n\nThe attached patch changes the key implementation in a number of ways:\n\n (1) It removes the spinlock from the key structure.\n\n (2) The key flags are now accessed using atomic bitops instead of\n write-locking the key spinlock and using C bitwise operators.\n\n The three instantiation flags are dealt with with the construction\n semaphore held during the request_key/instantiate/negate sequence, thus\n rendering the spinlock superfluous.\n\n The key flags are also now bit numbers not bit masks.\n\n (3) The key payload is now accessed using RCU. This permits the recursive\n keyring search algorithm to be simplified greatly since no locks need be\n taken other than the usual RCU preemption disablement. Searching now does\n not require any locks or semaphores to be held; merely that the starting\n keyring be pinned.\n\n (4) The keyring payload now includes an RCU head so that it can be disposed\n of by call_rcu(). This requires that the payload be copied on unlink to\n prevent introducing races in copy-down vs search-up.\n\n (5) The user key payload is now a structure with the data following it. It\n includes an RCU head like the keyring payload and for the same reason. It\n also contains a data length because the data length in the key may be\n changed on another CPU whilst an RCU protected read is in progress on the\n payload. This would then see the supposed RCU payload and the on-key data\n length getting out of sync.\n\n I\u0027m tempted to drop the key\u0027s datalen entirely, except that it\u0027s used in\n conjunction with quota management and so is a little tricky to get rid\n of.\n\n (6) Update the keys documentation.\n\nSigned-Off-By: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "d6e711448137ca3301512cec41a2c2ce852b3d0a", "tree": "f0765ebd90fdbdf270c05fcd7f3d32b24ba56681", "parents": [ "8b0914ea7475615c7c8965c1ac8fe4069270f25c" ], "author": { "name": "Alan Cox", "email": "alan@lxorguk.ukuu.org.uk", "time": "Thu Jun 23 00:09:43 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Thu Jun 23 09:45:26 2005 -0700" }, "message": "[PATCH] setuid core dump\n\nAdd a new `suid_dumpable\u0027 sysctl:\n\nThis value can be used to query and set the core dump mode for setuid\nor otherwise protected/tainted binaries. The modes are\n\n0 - (default) - traditional behaviour. Any process which has changed\n privilege levels or is execute only will not be dumped\n\n1 - (debug) - all processes dump core when possible. The core dump is\n owned by the current user and no security is applied. This is intended\n for system debugging situations only. Ptrace is unchecked.\n\n2 - (suidsafe) - any binary which normally would not be dumped is dumped\n readable by root only. This allows the end user to remove such a dump but\n not access it directly. For security reasons core dumps in this mode will\n not overwrite one another or other files. This mode is appropriate when\n adminstrators are attempting to debug problems in a normal environment.\n\n(akpm:\n\n\u003e \u003e +EXPORT_SYMBOL(suid_dumpable);\n\u003e\n\u003e EXPORT_SYMBOL_GPL?\n\nNo problem to me.\n\n\u003e \u003e \tif (current-\u003eeuid \u003d\u003d current-\u003euid \u0026\u0026 current-\u003eegid \u003d\u003d current-\u003egid)\n\u003e \u003e \t\tcurrent-\u003emm-\u003edumpable \u003d 1;\n\u003e\n\u003e Should this be SUID_DUMP_USER?\n\nActually the feedback I had from last time was that the SUID_ defines\nshould go because its clearer to follow the numbers. They can go\neverywhere (and there are lots of places where dumpable is tested/used\nas a bool in untouched code)\n\n\u003e Maybe this should be renamed to `dump_policy\u0027 or something. Doing that\n\u003e would help us catch any code which isn\u0027t using the #defines, too.\n\nFair comment. The patch was designed to be easy to maintain for Red Hat\nrather than for merging. Changing that field would create a gigantic\ndiff because it is used all over the place.\n\n)\n\nSigned-off-by: Alan Cox \u003calan@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "9ad9ad385be27fcc7c16d290d972c6173e780a61", "tree": "bbca700c2d88ba421a6c9c348de367eaf4de0e2c", "parents": [ "177bbc733a1d9c935bc3d6efd776a6699b29b1ca" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed Jun 22 15:04:33 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed Jun 22 15:04:33 2005 +0100" }, "message": "AUDIT: Wait for backlog to clear when generating messages.\n\nAdd a gfp_mask to audit_log_start() and audit_log(), to reduce the\namount of GFP_ATOMIC allocation -- most of it doesn\u0027t need to be \nGFP_ATOMIC. Also if the mask includes __GFP_WAIT, then wait up to\n60 seconds for the auditd backlog to clear instead of immediately \nabandoning the message. \n\nThe timeout should probably be made configurable, but for now it\u0027ll \nsuffice that it only happens if auditd is actually running.\n\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "da3caa204ca40c32dcb751ebead2a6835b83e8d1", "tree": "0bf36cf3bd9bee84cc4f93de5e99d6a0832329cb", "parents": [ "8680e22f296e75e5497edb660c59c6b4dcfbbd32" ], "author": { "name": "Gerald Schaefer", "email": "geraldsc@de.ibm.com", "time": "Tue Jun 21 17:15:18 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Tue Jun 21 18:46:22 2005 -0700" }, "message": "[PATCH] SELinux: memory leak in selinux_sb_copy_data()\n\nThere is a memory leak during mount when SELinux is active and mount\noptions are specified.\n\nSigned-off-by: Gerald Schaefer \u003cgeraldsc@de.ibm.com\u003e\nAcked-by: Stephen Smalley \u003csds@epoch.ncsc.mil\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "70f2817a43c89b784dc2ec3d06ba5bf3064f8235", "tree": "210bbd16599d4e402051e4ec30c82e70b8b427ef", "parents": [ "6c1852a08e444a2e66367352a99c0e93c8bf3e97" ], "author": { "name": "Dmitry Torokhov", "email": "dtor_core@ameritech.net", "time": "Fri Apr 29 01:27:34 2005 -0500" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@suse.de", "time": "Mon Jun 20 15:15:03 2005 -0700" }, "message": "[PATCH] sysfs: (rest) if show/store is missing return -EIO\n\nsysfs: fix the rest of the kernel so if an attribute doesn\u0027t\n implement show or store method read/write will return\n -EIO instead of 0 or -EINVAL or -EPERM.\n\nSigned-off-by: Dmitry Torokhov \u003cdtor@mail.ru\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@suse.de\u003e\n" }, { "commit": "c7fb64db001f83ece669c76a02d8ec2fdb1dd307", "tree": "f8b8375b8b619c00db3399a4ef6f67e2636dfac7", "parents": [ "00768244923f66801958a8d2d103f7b65608c9b6" ], "author": { "name": "Thomas Graf", "email": "tgraf@suug.ch", "time": "Sat Jun 18 22:50:55 2005 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Sat Jun 18 22:50:55 2005 -0700" }, "message": "[NETLINK]: Neighbour table configuration and statistics via rtnetlink\n\nTo retrieve the neighbour tables send RTM_GETNEIGHTBL with the\nNLM_F_DUMP flag set. Every neighbour table configuration is\nspread over multiple messages to avoid running into message\nsize limits on systems with many interfaces. The first message\nin the sequence transports all not device specific data such as\nstatistics, configuration, and the default parameter set.\nThis message is followed by 0..n messages carrying device\nspecific parameter sets.\n\nAlthough the ordering should be sufficient, NDTA_NAME can be\nused to identify sequences. The initial message can be identified\nby checking for NDTA_CONFIG. The device specific messages do\nnot contain this TLV but have NDTPA_IFINDEX set to the\ncorresponding interface index.\n\nTo change neighbour table attributes, send RTM_SETNEIGHTBL\nwith NDTA_NAME set. Changeable attribute include NDTA_THRESH[1-3],\nNDTA_GC_INTERVAL, and all TLVs in NDTA_PARMS unless marked\notherwise. Device specific parameter sets can be changed by\nsetting NDTPA_IFINDEX to the interface index of the corresponding\ndevice.\n\nSigned-off-by: Thomas Graf \u003ctgraf@suug.ch\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "37ca5389b863e5ffba6fb7c22331bf57dbf7764a", "tree": "4869477a27fbd8ad91b0ce42f0b2e4b6817e5105", "parents": [ "99e45eeac867d51ff3395dcf3d7aedf5ac2812c8" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Tue May 24 21:28:28 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Tue May 24 21:28:28 2005 +0100" }, "message": "AUDIT: Fix remaining cases of direct logging of untrusted strings by avc_audit\n\nPer Steve Grubb\u0027s observation that there are some remaining cases where\navc_audit() directly logs untrusted strings without escaping them, here\nis a patch that changes avc_audit() to use audit_log_untrustedstring()\nor audit_log_hex() as appropriate. Note that d_name.name is nul-\nterminated by d_alloc(), and that sun_path is nul-terminated by\nunix_mkname(), so it is not necessary for the AVC to create nul-\nterminated copies or to alter audit_log_untrustedstring to take a length\nargument. In the case of an abstract name, we use audit_log_hex() with\nan explicit length.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "7b5d781ce1f19fb7382d3d3fb7af48e429bed12d", "tree": "8ab8eef2e8c3629c46d29ffb9c618d87c5e1a02c", "parents": [ "326e9c8ba6a149f47e020719b23b24a14ba740d6" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Sat May 21 16:52:57 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Sat May 21 16:52:57 2005 +0100" }, "message": "Fix oops due to thinko in avc_audit()\n\nWhen I added the logging of pid\u003d and comm\u003d back to avc_audit() I \nscrewed it up. Put it back how it should be.\n\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "011161051bbc25f7f8b7df059dbd934c534443f0", "tree": "f1ca3727e4130cacad86dfdae65e7533fcb67784", "parents": [ "fb19b4c6aa024837a0071f07baa07dbf49d07151" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Sat May 21 00:15:52 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Sat May 21 00:15:52 2005 +0100" }, "message": "AUDIT: Avoid sleeping function in SElinux AVC audit.\n\nThis patch changes the SELinux AVC to defer logging of paths to the audit\nframework upon syscall exit, by saving a reference to the (dentry,vfsmount)\npair in an auxiliary audit item on the current audit context for processing\nby audit_log_exit.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "7063e6c717f6108c4b3fc3135a516c86ef944870", "tree": "ec6eec10b4dc93474100e6e366df028bd3314fda", "parents": [ "7ca0026495dbb644b4e32ede76be44072cb2bc7a", "05d3794aa8bd3b2c9f7920a05003c331cdeb75c5" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Thu May 19 11:54:00 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Thu May 19 11:54:00 2005 +0100" }, "message": "Merge with master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6.git\n\n" }, { "commit": "cd77b8212d5473b800ac865364981d334ff564ea", "tree": "334f44b05fc02039d67de5f9bfc26765e754b727", "parents": [ "b7d1125817c9a46cc46f57db89d9c195e7af22f8" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Thu May 19 11:18:24 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Thu May 19 11:18:24 2005 +0100" }, "message": "Restore logging of pid\u003d and comm\u003d in AVC audit messages\n\nWe turned this all off because the \u0027exe\u003d\u0027 was causing deadlocks on\ndcache_lock. There\u0027s no need to leave the pid and comm out though. \nThey\u0027ll all be logged correctly if full auditing is enabled, but we\nshould still print them in case auditing _isn\u0027t_ enabled.\n\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "209aba03243ee42a22f8df8d08aa9963f62aec64", "tree": "e45ee43e7af31f847377e8bb3a0a61581732b653", "parents": [ "3ec3b2fba526ead2fa3f3d7c91924f39a0733749" ], "author": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed May 18 10:21:07 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed May 18 10:21:07 2005 +0100" }, "message": "AUDIT: Treat all user messages identically.\n\nIt\u0027s silly to have to add explicit entries for new userspace messages\nas we invent them. Just treat all messages in the user range the same.\n\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "4c443d1b558b21520bd8fd6140b85cee0756becd", "tree": "e6d4fea8329bb709efd825ec14c9598a0c08e562", "parents": [ "b81074800b98ac50b64d4c8d34e8abf0fda5e3d1" ], "author": { "name": "Stephen Smalley", "email": "sds@epoch.ncsc.mil", "time": "Mon May 16 21:53:52 2005 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@ppc970.osdl.org", "time": "Tue May 17 07:59:20 2005 -0700" }, "message": "[PATCH] selinux: fix avc_alloc_node() oom with no policy loaded\n\nThis patch should fix the avc_alloc_node() oom condition that Andrew\nreported when no policy is loaded in SELinux.\n\nPrior to this patch, when no policy was loaded, the SELinux \"security\nserver\" (policy engine) was only returning allowed decisions for the\nrequested permissions for each access check. This caused the cache to\nthrash when trying to use SELinux for real work with no policy loaded\n(typically, the no policy loaded state is only for bootstrapping to the\npoint where we can load an initial policy).\n\nThis patch changes the SELinux security server to return the complete\nallowed access vector at once, and then to reset the cache after the\ninitial policy load to flush the initial cache state created during\nbootstrapping.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@osdl.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@osdl.org\u003e\n" }, { "commit": "c04049939f88b29e235d2da217bce6e8ead44f32", "tree": "9bf3ab72b9939c529e7c96f8768bc8b7e1d768c9", "parents": [ "9ea74f0655412d0fbd12bf9adb6c14c8fe707a42" ], "author": { "name": "Steve Grubb", "email": "sgrubb@redhat.com", "time": "Fri May 13 18:17:42 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Fri May 13 18:17:42 2005 +0100" }, "message": "AUDIT: Add message types to audit records\n\nThis patch adds more messages types to the audit subsystem so that audit \nanalysis is quicker, intuitive, and more useful.\n\nSigned-off-by: Steve Grubb \u003csgrubb@redhat.com\u003e\n---\nI forgot one type in the big patch. I need to add one for user space \noriginating SE Linux avc messages. This is used by dbus and nscd.\n\n-Steve\n---\nUpdated to 2.6.12-rc4-mm1.\n-dwmw2\n\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" }, { "commit": "c1b773d87eadc3972d697444127e89a7291769a2", "tree": "edfce2e842c3b6be70f3b90584507aab9fb3de8f", "parents": [ "197c69c6afd2deb7eec44040ff533d90d26c6161" ], "author": { "name": "Chris Wright", "email": "chrisw@osdl.org", "time": "Wed May 11 10:55:10 2005 +0100" }, "committer": { "name": "David Woodhouse", "email": "dwmw2@shinybook.infradead.org", "time": "Wed May 11 10:55:10 2005 +0100" }, "message": "Add audit_log_type\n\nAdd audit_log_type to allow callers to specify type and pid when logging.\nConvert audit_log to wrapper around audit_log_type. Could have\nconverted all audit_log callers directly, but common case is default\nof type AUDIT_KERNEL and pid 0. Update audit_log_start to take type\nand pid values when creating a new audit_buffer. Move sequences that\ndid audit_log_start, audit_log_format, audit_set_type, audit_log_end,\nto simply call audit_log_type directly. This obsoletes audit_set_type\nand audit_set_pid, so remove them.\n\nSigned-off-by: Chris Wright \u003cchrisw@osdl.org\u003e\nSigned-off-by: David Woodhouse \u003cdwmw2@infradead.org\u003e\n" } ], "next": "c2f0c7c356dc9ae15419f00c725a2fcc58eeff58" }