)]}'
{
  "log": [
    {
      "commit": "8753f6bec352392b52ed9b5e290afb34379f4612",
      "tree": "b5f381be9f56125309bfbfcaa73d68e08c309747",
      "parents": [
        "c6d3aaa4e35c71a32a86ececacd4eea7ecfc316c"
      ],
      "author": {
        "name": "Stephen Smalley",
        "email": "sds@tycho.nsa.gov",
        "time": "Wed Sep 30 13:41:02 2009 -0400"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Wed Oct 07 21:56:44 2009 +1100"
      },
      "message": "selinux: generate flask headers during kernel build\n\nAdd a simple utility (scripts/selinux/genheaders) and invoke it to\ngenerate the kernel-private class and permission indices in flask.h\nand av_permissions.h automatically during the kernel build from the\nsecurity class mapping definitions in classmap.h.  Adding new kernel\nclasses and permissions can then be done just by adding them to classmap.h.\n\nSigned-off-by:  Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    },
    {
      "commit": "93c06cbbf9fea5d5be1778febb7fa9ab1a74e5f5",
      "tree": "de0ba51a2901097b7ab28483a040dc6ee5c9bc7d",
      "parents": [
        "3f23d815c5049c9d7022226cec2242e384dd0b43"
      ],
      "author": {
        "name": "Serge E. Hallyn",
        "email": "serue@us.ibm.com",
        "time": "Tue Aug 26 14:47:57 2008 -0500"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Wed Aug 27 08:54:08 2008 +1000"
      },
      "message": "selinux: add support for installing a dummy policy (v2)\n\nIn August 2006 I posted a patch generating a minimal SELinux policy.  This\nweek, David P. Quigley posted an updated version of that as a patch against\nthe kernel.  It also had nice logic for auto-installing the policy.\n\nFollowing is David\u0027s original patch intro (preserved especially\nbc it has stats on the generated policies):\n\nse interested in the changes there were only two significant\nchanges. The first is that the iteration through the list of classes\nused NULL as a sentinel value. The problem with this is that the\nclass_to_string array actually has NULL entries in its table as place\nholders for the user space object classes.\n\nThe second change was that it would seem at some point the initial sids\ntable was NULL terminated. This is no longer the case so that iteration\nhas to be done on array length instead of looking for NULL.\n\nSome statistics on the policy that it generates:\n\nThe policy consists of 523 lines which contain no blank lines. Of those\n523 lines 453 of them are class, permission, and initial sid\ndefinitions. These lines are usually little to no concern to the policy\ndeveloper since they will not be adding object classes or permissions.\nOf the remaining 70 lines there is one type, one role, and one user\nstatement. The remaining lines are broken into three portions. The first\ngroup are TE allow rules which make up 29 of the remaining lines, the\nsecond is assignment of labels to the initial sids which consist of 27\nlines, and file system labeling statements which are the remaining 11.\n\nIn addition to the policy.conf generated there is a single file_contexts\nfile containing two lines which labels the entire system with base_t.\n\nThis policy generates a policy.23 binary that is 7920 bytes.\n\n(then a few versions later...):\n\nThe new policy is 587 lines (stripped of blank lines) with 476 of those\nlines being the boilerplate that I mentioned last time. The remaining\n111 lines have the 3 lines for type, user, and role, 70 lines for the\nallow rules (one for each object class including user space object\nclasses), 27 lines to assign types to the initial sids, and 11 lines for\nfile system labeling. The policy binary is 9194 bytes.\n\nChangelog:\n\n\tAug 26: Added Documentation/SELinux.txt\n\tAug 26: Incorporated a set of comments by Stephen Smalley:\n\t\t1. auto-setup SELINUXTYPE\u003ddummy\n\t\t2. don\u0027t auto-install if selinux is enabled with\n\t\t\tnon-dummy policy\n\t\t3. don\u0027t re-compute policy version\n\t\t4. /sbin/setfiles not /usr/sbin/setfiles\n\tAug 22: As per JMorris comments, made sure make distclean\n\t\tcleans up the mdp directory.\n\t\tRemoved a check for file_contexts which is now\n\t\tcreated in the same file as the check, making it\n\t\tsuperfluous.\n\nSigned-off-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: David Quigley \u003cdpquigl@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    }
  ]
}