)]}' { "log": [ { "commit": "41fdc3054e23e3229edea27053522fe052d02ec2", "tree": "00bb62aef2288df07eae059f344d11d32b004f69", "parents": [ "5afb8a3f96573f7ea018abb768f5b6ebe1a6c1a4" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Sat Jan 07 10:41:04 2012 -0800" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 17 16:17:03 2012 -0500" }, "message": "audit: treat s_id as an untrusted string\n\nThe use of s_id should go through the untrusted string path, just to be\nextra careful.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nAcked-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "e7691a1ce341c80ed9504244a36b31c025217391", "tree": "e9941bb350f64a726130e299c411821da6f41a53", "parents": [ "5cd9599bba428762025db6027764f1c59d0b1e1b", "8fcc99549522fc7a0bbaeb5755855ab0d9a59ce8" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 10 21:51:23 2012 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 10 21:51:23 2012 -0800" }, "message": "Merge branch \u0027for-linus\u0027 of git://selinuxproject.org/~jmorris/linux-security\n\n* \u0027for-linus\u0027 of git://selinuxproject.org/~jmorris/linux-security: (32 commits)\n ima: fix invalid memory reference\n ima: free duplicate measurement memory\n security: update security_file_mmap() docs\n selinux: Casting (void *) value returned by kmalloc is useless\n apparmor: fix module parameter handling\n Security: tomoyo: add .gitignore file\n tomoyo: add missing rcu_dereference()\n apparmor: add missing rcu_dereference()\n evm: prevent racing during tfm allocation\n evm: key must be set once during initialization\n mpi/mpi-mpow: NULL dereference on allocation failure\n digsig: build dependency fix\n KEYS: Give key types their own lockdep class for key-\u003esem\n TPM: fix transmit_cmd error logic\n TPM: NSC and TIS drivers X86 dependency fix\n TPM: Export wait_for_stat for other vendor specific drivers\n TPM: Use vendor specific function for status probe\n tpm_tis: add delay after aborting command\n tpm_tis: Check return code from getting timeouts/durations\n tpm: Introduce function to poll for result of self test\n ...\n\nFix up trivial conflict in lib/Makefile due to addition of CONFIG_MPI\nand SIGSIG next to CONFIG_DQL addition.\n" }, { "commit": "3e25eb9c4bb649acdddb333d10774b640190f727", "tree": "d51009557e95437dd7b7ef6b0f3a51aacccec743", "parents": [ "e4e11180dfa545233e5145919b75b7fac88638df" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 10 10:20:35 2012 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 10 10:20:35 2012 -0500" }, "message": "securityfs: fix object creation races\n\ninode needs to be fully set up before we feed it to d_instantiate().\nsecurityfs_create_file() does *not* do so; it sets -\u003ei_fop and\n-\u003ei_private only after we\u0027d exposed the inode. Unfortunately,\nthat\u0027s done fairly deep in call chain, so the amount of churn\nis considerable. Helper functions killed by substituting into\ntheir solitary call sites, dead code removed. We finally can\nbury default_file_ops, now that the final value of -\u003ei_fop is\navailable (and assigned) at the point where inode is allocated.\n\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "db0c2bf69aa095d4a6de7b1145f29fe9a7c0f6a3", "tree": "8f38957c01b18edddd44d49ecc3beeac08a20b4e", "parents": [ "ac69e0928054ff29a5049902fb477f9c7605c773", "0d19ea866562e46989412a0676412fa0983c9ce7" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jan 09 12:59:24 2012 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jan 09 12:59:24 2012 -0800" }, "message": "Merge branch \u0027for-3.3\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup\n\n* \u0027for-3.3\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup: (21 commits)\n cgroup: fix to allow mounting a hierarchy by name\n cgroup: move assignement out of condition in cgroup_attach_proc()\n cgroup: Remove task_lock() from cgroup_post_fork()\n cgroup: add sparse annotation to cgroup_iter_start() and cgroup_iter_end()\n cgroup: mark cgroup_rmdir_waitq and cgroup_attach_proc() as static\n cgroup: only need to check oldcgrp\u003d\u003dnewgrp once\n cgroup: remove redundant get/put of task struct\n cgroup: remove redundant get/put of old css_set from migrate\n cgroup: Remove unnecessary task_lock before fetching css_set on migration\n cgroup: Drop task_lock(parent) on cgroup_fork()\n cgroups: remove redundant get/put of css_set from css_set_check_fetched()\n resource cgroups: remove bogus cast\n cgroup: kill subsys-\u003ecan_attach_task(), pre_attach() and attach_task()\n cgroup, cpuset: don\u0027t use ss-\u003epre_attach()\n cgroup: don\u0027t use subsys-\u003ecan_attach_task() or -\u003eattach_task()\n cgroup: introduce cgroup_taskset and use it in subsys-\u003ecan_attach(), cancel_attach() and attach()\n cgroup: improve old cgroup handling in cgroup_attach_proc()\n cgroup: always lock threadgroup during migration\n threadgroup: extend threadgroup_lock() to cover exit and exec\n threadgroup: rename signal-\u003ethreadgroup_fork_lock to -\u003egroup_rwsem\n ...\n\nFix up conflict in kernel/cgroup.c due to commit e0197aae59e5: \"cgroups:\nfix a css_set not found bug in cgroup_attach_proc\" that already\nmentioned that the bug is fixed (differently) in Tejun\u0027s cgroup\npatchset. This one, in other words.\n" }, { "commit": "8fcc99549522fc7a0bbaeb5755855ab0d9a59ce8", "tree": "a118eaef15d4ba22247f45ee01537ecc906cd161", "parents": [ "805a6af8dba5dfdd35ec35dc52ec0122400b2610", "7b7e5916aa2f46e57f8bd8cb89c34620ebfda5da" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jan 09 12:16:48 2012 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jan 09 12:16:48 2012 +1100" }, "message": "Merge branch \u0027next\u0027 into for-linus\n\nConflicts:\n\tsecurity/integrity/evm/evm_crypto.c\n\nResolved upstream fix vs. next conflict manually.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "972b2c719990f91eb3b2310d44ef8a2d38955a14", "tree": "b25a250ec5bec4b7b6355d214642d8b57c5cab32", "parents": [ "02550d61f49266930e674286379d3601006b2893", "c3aa077648e147783a7a53b409578234647db853" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Jan 08 12:19:57 2012 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Jan 08 12:19:57 2012 -0800" }, "message": "Merge branch \u0027for-linus2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs\n\n* \u0027for-linus2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (165 commits)\n reiserfs: Properly display mount options in /proc/mounts\n vfs: prevent remount read-only if pending removes\n vfs: count unlinked inodes\n vfs: protect remounting superblock read-only\n vfs: keep list of mounts for each superblock\n vfs: switch -\u003eshow_options() to struct dentry *\n vfs: switch -\u003eshow_path() to struct dentry *\n vfs: switch -\u003eshow_devname() to struct dentry *\n vfs: switch -\u003eshow_stats to struct dentry *\n switch security_path_chmod() to struct path *\n vfs: prefer -\u003edentry-\u003ed_sb to -\u003emnt-\u003emnt_sb\n vfs: trim includes a bit\n switch mnt_namespace -\u003eroot to struct mount\n vfs: take /proc/*/mounts and friends to fs/proc_namespace.c\n vfs: opencode mntget() mnt_set_mountpoint()\n vfs: spread struct mount - remaining argument of next_mnt()\n vfs: move fsnotify junk to struct mount\n vfs: move mnt_devname\n vfs: move mnt_list to struct mount\n vfs: switch pnode.h macros to struct mount *\n ...\n" }, { "commit": "cdcf116d44e78c7216ba9f8be9af1cdfca7af728", "tree": "2417cfd3e06ac5e2468585e8f00d580242cb5571", "parents": [ "d8c9584ea2a92879f471fd3a2be3af6c534fb035" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Thu Dec 08 10:51:53 2011 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Fri Jan 06 23:16:53 2012 -0500" }, "message": "switch security_path_chmod() to struct path *\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "d8c9584ea2a92879f471fd3a2be3af6c534fb035", "tree": "3541b9c6228f820bdc65e4875156eb27b1c91cb1", "parents": [ "ece2ccb668046610189d88d6aaf05aeb09c988a1" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Dec 07 18:16:57 2011 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Fri Jan 06 23:16:53 2012 -0500" }, "message": "vfs: prefer -\u003edentry-\u003ed_sb to -\u003emnt-\u003emnt_sb\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "ece2ccb668046610189d88d6aaf05aeb09c988a1", "tree": "a0349945f7537de2aca420b47ced23b6294f8b65", "parents": [ "d10577a8d86a0c735488d66d32289a6d66bcfa20", "a218d0fdc5f9004164ff151d274487f6799907d0", "ff01bb4832651c6d25ac509a06a10fcbd75c461c" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Fri Jan 06 23:15:54 2012 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Fri Jan 06 23:15:54 2012 -0500" }, "message": "Merge branches \u0027vfsmount-guts\u0027, \u0027umode_t\u0027 and \u0027partitions\u0027 into Z\n" }, { "commit": "117ff42fd43e92d24c6aa6f3e4f0f1e1edada140", "tree": "c08e1c0357fde481a16489b77feb8f6073faf538", "parents": [ "1d5783030a14d1b6ee763f63c8136e581f48b365", "805a6af8dba5dfdd35ec35dc52ec0122400b2610" ], "author": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Wed Jan 04 21:35:43 2012 -0500" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Wed Jan 04 21:35:43 2012 -0500" }, "message": "Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net\n" }, { "commit": "d10577a8d86a0c735488d66d32289a6d66bcfa20", "tree": "a38b3606fb863064eb89166f6a3115f7c5eccfd7", "parents": [ "be08d6d260b6e7eb346162a1081cdf5f94fda569" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Dec 07 13:06:11 2011 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:57:13 2012 -0500" }, "message": "vfs: trim includes a bit\n\n[folded fix for missing magic.h from Tetsuo Handa]\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "04fc66e789a896e684bfdca30208e57eb832dd96", "tree": "37c26bff07e48c8c25d147850b7906d0d1c79a81", "parents": [ "4572befe248fd0d94aedc98775e3f0ddc8a26651" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Nov 21 14:58:38 2011 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:55:19 2012 -0500" }, "message": "switch -\u003epath_mknod() to umode_t\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "4572befe248fd0d94aedc98775e3f0ddc8a26651", "tree": "2f4c4dabaebadb2790c8266a0434c7030c5f7cc0", "parents": [ "d179333f37d33533f4c77118f757b9e7835ccb7c" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Nov 21 14:56:21 2011 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:55:18 2012 -0500" }, "message": "switch -\u003epath_mkdir() to umode_t\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "d179333f37d33533f4c77118f757b9e7835ccb7c", "tree": "479ae66773eab3fd6aa1c843e753a02063c65d40", "parents": [ "84dfa9897ef913771af44484fefbe0de29fdce51" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Fri Aug 26 23:03:17 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:55:18 2012 -0500" }, "message": "tomoyo_mini_stat: switch to umode_t\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "52ef0c042bf06f6aef382fade175075627beebc1", "tree": "a1256aebfd835da4cb29a80f391112fea82bf38e", "parents": [ "910f4ecef3f67714ebff69d0bc34313e48afaed2" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 26 04:30:04 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:55:13 2012 -0500" }, "message": "switch securityfs_create_file() to umode_t\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "910f4ecef3f67714ebff69d0bc34313e48afaed2", "tree": "348fe3b5d8789a4c019a700da5501a4756f988de", "parents": [ "49f0a0767211d3076974e59a26f36b567cbe8621" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 26 04:25:58 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:55:13 2012 -0500" }, "message": "switch security_path_chmod() to umode_t\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "dba19c6064766730dd64757a010ec3aec503ecdb", "tree": "2071835ccfcb169b6219be7d5a4692fcfdcbd2c5", "parents": [ "1b9d5ff7644ddf2723c9205f4726c95ec01bf033" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Jul 25 20:49:29 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:55:12 2012 -0500" }, "message": "get rid of open-coded S_ISREG(), etc.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "1a67aafb5f72a436ca044293309fa7e6351d6a35", "tree": "d9e58600148de9d41b478cf815773b746647d15b", "parents": [ "4acdaf27ebe2034c342f3be57ef49aed1ad885ef" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 26 01:52:52 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:54:54 2012 -0500" }, "message": "switch -\u003emknod() to umode_t\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "4acdaf27ebe2034c342f3be57ef49aed1ad885ef", "tree": "d89a876ee19cd88609a587f8aa6c464a52ee6d98", "parents": [ "18bb1db3e7607e4a997d50991a6f9fa5b0f8722c" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 26 01:42:34 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:54:53 2012 -0500" }, "message": "switch -\u003ecreate() to umode_t\n\nvfs_create() ignores everything outside of 16bit subset of its\nmode argument; switching it to umode_t is obviously equivalent\nand it\u0027s the only caller of the method\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "18bb1db3e7607e4a997d50991a6f9fa5b0f8722c", "tree": "4ee4e584bc9a67f3ec14ce159d2d7d4a27e68d4a", "parents": [ "8208a22bb8bd3c52ef634b4ff194f14892ab1713" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 26 01:41:39 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:54:53 2012 -0500" }, "message": "switch vfs_mkdir() and -\u003emkdir() to umode_t\n\nvfs_mkdir() gets int, but immediately drops everything that might not\nfit into umode_t and that\u0027s the only caller of -\u003emkdir()...\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "4c1d5a64f134b254552b6211f6f79a1da667eab7", "tree": "130b704f727054b93f2a784a8d08252a1ecda3a0", "parents": [ "32dc730860155b235f13e0cd3fe58b263279baf9" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Dec 07 18:21:57 2011 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:52:41 2012 -0500" }, "message": "vfs: for usbfs, etc. internal vfsmounts -\u003emnt_sb-\u003es_root \u003d\u003d -\u003emnt_root\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "e407699ef56ed948739dd57a5578ba8cb5bd81b2", "tree": "830069801b88d2b7957c6bb0baf012e9637ec4fd", "parents": [ "c5dc332eb93881fc8234d652f6e91a2825b06503" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Thu Nov 24 20:14:54 2011 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:52:38 2012 -0500" }, "message": "btrfs, nfs, apparmor: don\u0027t pull mnt_namespace.h for no reason...\n\nit\u0027s not needed anymore; we used to, back when we had to do\nmount_subtree() by hand, complete with put_mnt_ns() in it.\nNo more... Apparmor didn\u0027t need it since the __d_path() fix.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "c5dc332eb93881fc8234d652f6e91a2825b06503", "tree": "40327f76166c51e9109a6a1997566336529f6938", "parents": [ "aa0a4cf0ab4b03db21133a0ba62f558ed1bfcd1d" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Thu Nov 24 20:08:53 2011 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:52:38 2012 -0500" }, "message": "tomoyo: stop including hell knows what\n\ntomoyo/realpath.c needs exactly one include - that of common.h. It pulls\neverything the thing needs, without doing ridiculous garbage such as trying\nto include ../../fs/internal.h. If that alone doesn\u0027t scream \"layering\nviolation\", I don\u0027t know what does; and these days it\u0027s all for nothing,\nsince it fortunately does not use any symbols defined in there...\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "30e053248da178cf6154bb7e950dc8713567e3fa", "tree": "3ef4cb7f85f581fe53361ea0eb2586a8b6e696c2", "parents": [ "4376eee92e5a8332b470040e672ea99cd44c826a" ], "author": { "name": "Jan Kara", "email": "jack@suse.cz", "time": "Tue Jan 03 13:14:29 2012 +0100" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 03 16:12:19 2012 -0800" }, "message": "security: Fix security_old_inode_init_security() when CONFIG_SECURITY is not set\n\nCommit 1e39f384bb01 (\"evm: fix build problems\") makes the stub version\nof security_old_inode_init_security() return 0 when CONFIG_SECURITY is\nnot set.\n\nBut that makes callers such as reiserfs_security_init() assume that\nsecurity_old_inode_init_security() has set name, value, and len\narguments properly - but security_old_inode_init_security() left them\nuninitialized which then results in interesting failures.\n\nRevert security_old_inode_init_security() to the old behavior of\nreturning EOPNOTSUPP since both callers (reiserfs and ocfs2) handle this\njust fine.\n\n[ Also fixed the S_PRIVATE(inode) case of the actual non-stub\n security_old_inode_init_security() function to return EOPNOTSUPP\n for the same reason, as pointed out by Mimi Zohar.\n\n It got incorrectly changed to match the new function in commit\n fb88c2b6cbb1: \"evm: fix security/security_old_init_security return\n code\". - Linus ]\n\nReported-by: Jorge Bastos \u003cmysql.jorge@decimal.pt\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nAcked-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: Jan Kara \u003cjack@suse.cz\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "abb434cb0539fb355c1c921f8fd761efbbac3462", "tree": "24a7d99ec161f8fd4dc9ff03c9c4cc93be883ce6", "parents": [ "2494654d4890316e7340fb8b3458daad0474a1b9", "6350323ad8def2ac00d77cdee3b79c9b9fba75c4" ], "author": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Fri Dec 23 17:13:56 2011 -0500" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Fri Dec 23 17:13:56 2011 -0500" }, "message": "Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net\n\nConflicts:\n\tnet/bluetooth/l2cap_core.c\n\nJust two overlapping changes, one added an initialization of\na local variable, and another change added a new local variable.\n\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "50345f1ea9cda4618d9c26e590a97ecd4bc7ac75", "tree": "57b03dc68f894df468a3ca3c3929e1aff48bd6c2", "parents": [ "428f32817505f67992e8efe62d6a9c7cbb3f2498" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Tue Dec 13 14:49:04 2011 +0000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Dec 21 11:28:56 2011 +1100" }, "message": "SELinux: Fix RCU deref check warning in sel_netport_insert()\n\nFix the following bug in sel_netport_insert() where rcu_dereference() should\nbe rcu_dereference_protected() as sel_netport_lock is held.\n\n\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n[ INFO: suspicious rcu_dereference_check() usage. ]\n---------------------------------------------------\nsecurity/selinux/netport.c:127 invoked rcu_dereference_check() without protection!\n\nother info that might help us debug this:\n\nrcu_scheduler_active \u003d 1, debug_locks \u003d 0\n1 lock held by ossec-rootcheck/3323:\n #0: (sel_netport_lock){+.....}, at: [\u003cffffffff8117d775\u003e] sel_netport_sid+0xbb/0x226\n\nstack backtrace:\nPid: 3323, comm: ossec-rootcheck Not tainted 3.1.0-rc8-fsdevel+ #1095\nCall Trace:\n [\u003cffffffff8105cfb7\u003e] lockdep_rcu_dereference+0xa7/0xb0\n [\u003cffffffff8117d871\u003e] sel_netport_sid+0x1b7/0x226\n [\u003cffffffff8117d6ba\u003e] ? sel_netport_avc_callback+0xbc/0xbc\n [\u003cffffffff8117556c\u003e] selinux_socket_bind+0x115/0x230\n [\u003cffffffff810a5388\u003e] ? might_fault+0x4e/0x9e\n [\u003cffffffff810a53d1\u003e] ? might_fault+0x97/0x9e\n [\u003cffffffff81171cf4\u003e] security_socket_bind+0x11/0x13\n [\u003cffffffff812ba967\u003e] sys_bind+0x56/0x95\n [\u003cffffffff81380dac\u003e] ? sysret_check+0x27/0x62\n [\u003cffffffff8105b767\u003e] ? trace_hardirqs_on_caller+0x11e/0x155\n [\u003cffffffff81076fcd\u003e] ? audit_syscall_entry+0x17b/0x1ae\n [\u003cffffffff811b5eae\u003e] ? trace_hardirqs_on_thunk+0x3a/0x3f\n [\u003cffffffff81380d7b\u003e] system_call_fastpath+0x16/0x1b\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: Paul Moore \u003cpaul@paul-moore.com\u003e\nAcked-by: Eric Dumazet \u003ceric.dumazet@gmail.com\u003e\nCc: stable@kernel.org\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "97426f985729573cea06e82e271cc3929f1f5f8e", "tree": "4aafe725018a95dc5c76ede5199d24aea524b060", "parents": [ "d21b59451886cb82448302f8d6f9ac87c3bd56cf" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Mon Dec 05 13:17:42 2011 +0200" }, "committer": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Tue Dec 20 17:50:08 2011 +0200" }, "message": "evm: prevent racing during tfm allocation\n\nThere is a small chance of racing during tfm allocation.\nThis patch fixes it.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nAcked-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "d21b59451886cb82448302f8d6f9ac87c3bd56cf", "tree": "f2842dca9ee3c2c3febbe2f6984bb2c5e2a34c28", "parents": [ "511585a28e5b5fd1cac61e601e42efc4c5dd64b5" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Mon Dec 05 13:17:41 2011 +0200" }, "committer": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Tue Dec 20 17:45:45 2011 +0200" }, "message": "evm: key must be set once during initialization\n\nOn multi-core systems, setting of the key before every caclculation,\ncauses invalid HMAC calculation for other tfm users, because internal\nstate (ipad, opad) can be invalid before set key call returns.\nIt needs to be set only once during initialization.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nAcked-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7b7e5916aa2f46e57f8bd8cb89c34620ebfda5da", "tree": "af324024e68047b9fff7ddf49c3e8f8e6024792e", "parents": [ "45fae7493970d7c45626ccd96d4a74f5f1eea5a9" ], "author": { "name": "Roberto Sassu", "email": "roberto.sassu@polito.it", "time": "Mon Dec 19 15:57:28 2011 +0100" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Dec 19 22:07:54 2011 -0500" }, "message": "ima: fix invalid memory reference\n\nDon\u0027t free a valid measurement entry on TPM PCR extend failure.\n\nSigned-off-by: Roberto Sassu \u003croberto.sassu@polito.it\u003e\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nCc: stable@vger.kernel.org\n" }, { "commit": "45fae7493970d7c45626ccd96d4a74f5f1eea5a9", "tree": "0c7bdd82bfcb4bd921a64abb441ca5c20c82a3df", "parents": [ "114d6e9c103736487c967060d0a7aec9a7fce967" ], "author": { "name": "Roberto Sassu", "email": "roberto.sassu@polito.it", "time": "Mon Dec 19 15:57:27 2011 +0100" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Dec 19 22:04:32 2011 -0500" }, "message": "ima: free duplicate measurement memory\n\nInfo about new measurements are cached in the iint for performance. When\nthe inode is flushed from cache, the associated iint is flushed as well.\nSubsequent access to the inode will cause the inode to be re-measured and\nwill attempt to add a duplicate entry to the measurement list.\n\nThis patch frees the duplicate measurement memory, fixing a memory leak.\n\nSigned-off-by: Roberto Sassu \u003croberto.sassu@polito.it\u003e\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nCc: stable@vger.kernel.org\n" }, { "commit": "2ff6fa8fafd6fa94029fa0558a6b85956930f1f5", "tree": "b9e12bb9ef1a92c68bb459ae82fa4e76629bcfca", "parents": [ "b8aa09fd880eb4c2881b9f3c8a8d09c0404cd4eb" ], "author": { "name": "Thomas Meyer", "email": "thomas@m3y3r.de", "time": "Thu Nov 17 23:43:40 2011 +0100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Dec 19 11:23:56 2011 +1100" }, "message": "selinux: Casting (void *) value returned by kmalloc is useless\n\nThe semantic patch that makes this change is available\nin scripts/coccinelle/api/alloc/drop_kmalloc_cast.cocci.\n\nSigned-off-by: Thomas Meyer \u003cthomas@m3y3r.de\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "b8aa09fd880eb4c2881b9f3c8a8d09c0404cd4eb", "tree": "7a748b15df00f1338a0fba89455f202a58f53dbf", "parents": [ "735e93c70434614bffac4a914ca1da72e37d43c0" ], "author": { "name": "Rusty Russell", "email": "rusty@rustcorp.com.au", "time": "Thu Dec 15 13:41:32 2011 +1030" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Dec 16 12:45:24 2011 +1100" }, "message": "apparmor: fix module parameter handling\n\nThe \u0027aabool\u0027 wrappers actually pass off to the \u0027bool\u0027 parse functions,\nso you should use the same check function. Similarly for aauint and\nuint.\n\n(Note that \u0027bool\u0027 module parameters also allow \u0027int\u0027, which is why you\ngot away with this, but that\u0027s changing very soon.)\n\nCc: linux-security-module@vger.kernel.org\nSigned-off-by: Rusty Russell \u003crusty@rustcorp.com.au\u003e\nAcked-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2f7ee5691eecb67c8108b92001a85563ea336ac5", "tree": "18cf60ea8a463f4a6cd59c68926ba4357ae8ff4c", "parents": [ "134d33737f9015761c3832f6b268fae6274aac7f" ], "author": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Mon Dec 12 18:12:21 2011 -0800" }, "committer": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Mon Dec 12 18:12:21 2011 -0800" }, "message": "cgroup: introduce cgroup_taskset and use it in subsys-\u003ecan_attach(), cancel_attach() and attach()\n\nCurrently, there\u0027s no way to pass multiple tasks to cgroup_subsys\nmethods necessitating the need for separate per-process and per-task\nmethods. This patch introduces cgroup_taskset which can be used to\npass multiple tasks and their associated cgroups to cgroup_subsys\nmethods.\n\nThree methods - can_attach(), cancel_attach() and attach() - are\nconverted to use cgroup_taskset. This unifies passed parameters so\nthat all methods have access to all information. Conversions in this\npatchset are identical and don\u0027t introduce any behavior change.\n\n-v2: documentation updated as per Paul Menage\u0027s suggestion.\n\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\nReviewed-by: KAMEZAWA Hiroyuki \u003ckamezawa.hiroyu@jp.fujitsu.com\u003e\nReviewed-by: Frederic Weisbecker \u003cfweisbec@gmail.com\u003e\nAcked-by: Paul Menage \u003cpaul@paulmenage.org\u003e\nAcked-by: Li Zefan \u003clizf@cn.fujitsu.com\u003e\nCc: Balbir Singh \u003cbsingharora@gmail.com\u003e\nCc: Daisuke Nishimura \u003cnishimura@mxp.nes.nec.co.jp\u003e\nCc: KAMEZAWA Hiroyuki \u003ckamezawa.hiroyu@jp.fujitsu.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "735e93c70434614bffac4a914ca1da72e37d43c0", "tree": "45f922c538fcfba5fd17c6889e573135250bed12", "parents": [ "bb80d880ad2b11cd4ea5f28f815016b1548224a4" ], "author": { "name": "Greg Kroah-Hartman", "email": "gregkh@suse.de", "time": "Fri Dec 09 11:23:46 2011 -0800" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Dec 12 17:23:18 2011 +1100" }, "message": "Security: tomoyo: add .gitignore file\n\nThis adds the .gitignore file for the autogenerated TOMOYO files to keep\ngit from complaining after building things.\n\nCc: Kentaro Takeda \u003ctakedakn@nttdata.co.jp\u003e\nCc: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@suse.de\u003e\nAcked-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "bb80d880ad2b11cd4ea5f28f815016b1548224a4", "tree": "70ab38ab2d388f39efd9cd4f7f91859f0f3cf5e2", "parents": [ "2053c4727c5a891bf182397e425b6cb87b2ae613" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Thu Dec 08 16:30:42 2011 -0800" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Dec 12 17:21:40 2011 +1100" }, "message": "tomoyo: add missing rcu_dereference()\n\nAdds a missed rcu_dereference() around real_parent.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nAcked-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2053c4727c5a891bf182397e425b6cb87b2ae613", "tree": "531090ac23e90b4aa64416a62c4625ffffec181f", "parents": [ "143b01d33221e4937d3930e6bb2b63d70b7c7a65" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Thu Dec 08 16:25:48 2011 -0800" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Dec 09 12:08:41 2011 +1100" }, "message": "apparmor: add missing rcu_dereference()\n\nAdds a missed rcu_dereference() around real_parent.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nAcked-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "1418a3e5ad4d01b1d4abf2c479c50b0cedd59e3f", "tree": "daec3f125671eeb36a55ca0d00c3473af2c8872c", "parents": [ "34a9d2c39afe74a941b9e88efe2762afc4d82443" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Dec 08 21:24:06 2011 +0900" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Dec 08 13:18:12 2011 -0800" }, "message": "TOMOYO: Fix pathname handling of disconnected paths.\n\nCurrent tomoyo_realpath_from_path() implementation returns strange pathname\nwhen calculating pathname of a file which belongs to lazy unmounted tree.\nUse local pathname rather than strange absolute pathname in that case.\n\nAlso, this patch fixes a regression by commit 02125a82 \"fix apparmor\ndereferencing potentially freed dentry, sanitize __d_path() API\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: stable@vger.kernel.org\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "143b01d33221e4937d3930e6bb2b63d70b7c7a65", "tree": "5cae452fecfd8b1fb6b0ae1f159929ada81d8b1f", "parents": [ "88d7ed35085184f15a2af3d9e88d775059b2f307" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Mon Dec 05 13:17:42 2011 +0200" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Dec 08 10:06:12 2011 +1100" }, "message": "evm: prevent racing during tfm allocation\n\nThere is a small chance of racing during tfm allocation.\nThis patch fixes it.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nAcked-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "88d7ed35085184f15a2af3d9e88d775059b2f307", "tree": "f02d2530e0f665fea4c5b240404f7767d39f47bf", "parents": [ "fe0e94c5a7e5335ba0d200e7d3e26e9f80cda4b1" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Mon Dec 05 13:17:41 2011 +0200" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Dec 08 10:06:09 2011 +1100" }, "message": "evm: key must be set once during initialization\n\nOn multi-core systems, setting of the key before every caclculation,\ncauses invalid HMAC calculation for other tfm users, because internal\nstate (ipad, opad) can be invalid before set key call returns.\nIt needs to be set only once during initialization.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nAcked-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "02125a826459a6ad142f8d91c5b6357562f96615", "tree": "8c9d9860aef93917d9b8cc6d471fe68b58ce7a9d", "parents": [ "5611cc4572e889b62a7b4c72a413536bf6a9c416" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Dec 05 08:43:34 2011 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Dec 06 23:57:18 2011 -0500" }, "message": "fix apparmor dereferencing potentially freed dentry, sanitize __d_path() API\n\n__d_path() API is asking for trouble and in case of apparmor d_namespace_path()\ngetting just that. The root cause is that when __d_path() misses the root\nit had been told to look for, it stores the location of the most remote ancestor\nin *root. Without grabbing references. Sure, at the moment of call it had\nbeen pinned down by what we have in *path. And if we raced with umount -l, we\ncould have very well stopped at vfsmount/dentry that got freed as soon as\nprepend_path() dropped vfsmount_lock.\n\nIt is safe to compare these pointers with pre-existing (and known to be still\nalive) vfsmount and dentry, as long as all we are asking is \"is it the same\naddress?\". Dereferencing is not safe and apparmor ended up stepping into\nthat. d_namespace_path() really wants to examine the place where we stopped,\neven if it\u0027s not connected to our namespace. As the result, it looked\nat -\u003ed_sb-\u003es_magic of a dentry that might\u0027ve been already freed by that point.\nAll other callers had been careful enough to avoid that, but it\u0027s really\na bad interface - it invites that kind of trouble.\n\nThe fix is fairly straightforward, even though it\u0027s bigger than I\u0027d like:\n\t* prepend_path() root argument becomes const.\n\t* __d_path() is never called with NULL/NULL root. It was a kludge\nto start with. Instead, we have an explicit function - d_absolute_root().\nSame as __d_path(), except that it doesn\u0027t get root passed and stops where\nit stops. apparmor and tomoyo are using it.\n\t* __d_path() returns NULL on path outside of root. The main\ncaller is show_mountinfo() and that\u0027s precisely what we pass root for - to\nskip those outside chroot jail. Those who don\u0027t want that can (and do)\nuse d_path().\n\t* __d_path() root argument becomes const. Everyone agrees, I hope.\n\t* apparmor does *NOT* try to use __d_path() or any of its variants\nwhen it sees that path-\u003emnt is an internal vfsmount. In that case it\u0027s\ndefinitely not mounted anywhere and dentry_path() is exactly what we want\nthere. Handling of sysctl()-triggered weirdness is moved to that place.\n\t* if apparmor is asked to do pathname relative to chroot jail\nand __d_path() tells it we it\u0027s not in that jail, the sucker just calls\nd_absolute_path() instead. That\u0027s the other remaining caller of __d_path(),\nBTW.\n * seq_path_root() does _NOT_ return -ENAMETOOLONG (it\u0027s stupid anyway -\nthe normal seq_file logics will take care of growing the buffer and redoing\nthe call of -\u003eshow() just fine). However, if it gets path not reachable\nfrom root, it returns SEQ_SKIP. The only caller adjusted (i.e. stopped\nignoring the return value as it used to do).\n\nReviewed-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nACKed-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: stable@vger.kernel.org\n" }, { "commit": "7f1fb60c4fc9fb29fbb406ac8c4cfb4e59e168d6", "tree": "c099fd6899f382c439e29aed54c912ee95453324", "parents": [ "d5f43c1ea4260807a894150b680fa0a0dd386259" ], "author": { "name": "Pavel Emelyanov", "email": "xemul@parallels.com", "time": "Tue Dec 06 07:56:43 2011 +0000" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Tue Dec 06 13:57:36 2011 -0500" }, "message": "inet_diag: Partly rename inet_ to sock_\n\nThe ultimate goal is to get the sock_diag module, that works in\nfamily+protocol terms. Currently this is suitable to do on the\ninet_diag basis, so rename parts of the code. It will be moved\nto sock_diag.c later.\n\nSigned-off-by: Pavel Emelyanov \u003cxemul@parallels.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "75f2811c6460ccc59d83c66059943ce9c9f81a18", "tree": "49373cf5f5b11358aeb587209ad270496f751609", "parents": [ "396cf9430505cfba529a2f2a037d782719fa5844" ], "author": { "name": "Jesse Gross", "email": "jesse@nicira.com", "time": "Wed Nov 30 17:05:51 2011 -0800" }, "committer": { "name": "Jesse Gross", "email": "jesse@nicira.com", "time": "Sat Dec 03 09:35:10 2011 -0800" }, "message": "ipv6: Add fragment reporting to ipv6_skip_exthdr().\n\nWhile parsing through IPv6 extension headers, fragment headers are\nskipped making them invisible to the caller. This reports the\nfragment offset of the last header in order to make it possible to\ndetermine whether the packet is fragmented and, if so whether it is\na first or last fragment.\n\nSigned-off-by: Jesse Gross \u003cjesse@nicira.com\u003e\n" }, { "commit": "4e3fd7a06dc20b2d8ec6892233ad2012968fe7b6", "tree": "da3fbec7672ac6b967dfa31cec6c88f468a57fa2", "parents": [ "40ba84993d66469d336099c5af74c3da5b73e28d" ], "author": { "name": "Alexey Dobriyan", "email": "adobriyan@gmail.com", "time": "Mon Nov 21 03:39:03 2011 +0000" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Tue Nov 22 16:43:32 2011 -0500" }, "message": "net: remove ipv6_addr_copy()\n\nC assignment can handle struct in6_addr copying.\n\nSigned-off-by: Alexey Dobriyan \u003cadobriyan@gmail.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "de353533753e048b5c4658f0a42365937527ac45", "tree": "376ea9cb73de3691d4f907ad98f13f838742395e", "parents": [ "4e2c5b28f8086cd2f678ade0ea21d8c3cc058c53" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Mon Nov 21 17:31:15 2011 +0200" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Nov 22 10:02:32 2011 +1100" }, "message": "digsig: build dependency fix\n\nFix build errors by adding Kconfig dependency on KEYS.\nCRYPTO dependency removed.\n\n CC security/integrity/digsig.o\nsecurity/integrity/digsig.c: In function ?integrity_digsig_verify?:\nsecurity/integrity/digsig.c:38:4: error: implicit declaration of function ?request_key?\nsecurity/integrity/digsig.c:38:17: error: ?key_type_keyring? undeclared (first use in this function)\nsecurity/integrity/digsig.c:38:17: note: each undeclared identifier is reported only once for each function it appears in\nmake[2]: *** [security/integrity/digsig.o] Error 1\n\nReported-by: Randy Dunlap \u003crdunlap@xenotime.net\u003e\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "4e2c5b28f8086cd2f678ade0ea21d8c3cc058c53", "tree": "789fbdac68279765ade21c576bb22b77a5c112bc", "parents": [ "8077e8b059232f23fe51fdc42868dcd8ba293549", "15647eb3985ef30dfd657038924dc85c03026733" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 18 18:21:31 2011 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 18 18:21:31 2011 +1100" }, "message": "Merge branch \u0027next-evm-digsig\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/kasatkin/linux-digsig into next\n" }, { "commit": "b85c804d5ad48f239871b95afbddd84422e06f25", "tree": "b78af4d780dc7eec0c7b866194385150e6b29500", "parents": [ "fe8a0df46e5076429872887b467c538bc9c0c738", "9c69898783a0121399ec078d40d4ccc00e3cb0df" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 18 11:17:23 2011 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 18 11:17:23 2011 +1100" }, "message": "Merge branch \u0027encrypted-key-fixes\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity into for-linus\n" }, { "commit": "fe8a0df46e5076429872887b467c538bc9c0c738", "tree": "8118ba6e7d052527a14970b081934a2935283174", "parents": [ "6aaf05f472c97ebceff47d9eef464574f1a55727", "40809565ca57a8e94bae20b22da014c44ec233f6" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 18 11:17:06 2011 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Nov 18 11:17:06 2011 +1100" }, "message": "Merge branch \u0027for-1111\u0027 of git://gitorious.org/smack-next/kernel into for-linus\n" }, { "commit": "7845bc3964756240863ae453ffe4f7ee27ddc954", "tree": "3a3b9bf568184a3ae82bc581b63e1576ce99d7c8", "parents": [ "24942c8e5cc8696064ee207ff29d4cf21f70dafc" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Wed Nov 16 11:15:54 2011 +0000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Nov 17 09:35:32 2011 +1100" }, "message": "KEYS: Give key types their own lockdep class for key-\u003esem\n\nGive keys their own lockdep class to differentiate them from each other in case\na key of one type has to refer to a key of another type.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "9c69898783a0121399ec078d40d4ccc00e3cb0df", "tree": "7163913d680c3160918a466f92cacb473c2c91ec", "parents": [ "f4a0d5abef14562c37dee5a1d49180f494106230" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Sun Oct 16 19:17:48 2011 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Nov 16 14:23:14 2011 -0500" }, "message": "encrypted-keys: module build fixes\n\nEncrypted keys are encrypted/decrypted using either a trusted or\nuser-defined key type, which is referred to as the \u0027master\u0027 key.\nThe master key may be of type trusted iff the trusted key is\nbuiltin or both the trusted key and encrypted keys are built as\nmodules. This patch resolves the build dependency problem.\n\n- Use \"masterkey-$(CONFIG_TRUSTED_KEYS)-$(CONFIG_ENCRYPTED_KEYS)\" construct\nto encapsulate the above logic. (Suggested by Dimtry Kasatkin.)\n- Fixing the encrypted-keys Makefile, results in a module name change\nfrom encrypted.ko to encrypted-keys.ko.\n- Add module dependency for request_trusted_key() definition\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "f4a0d5abef14562c37dee5a1d49180f494106230", "tree": "be3b35ecaf9a2372fae08ac83d006b21e1c43021", "parents": [ "ff0ff78068dd8a962358dbbdafa9d6f24540d3e5" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Oct 24 08:17:42 2011 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Nov 16 14:23:13 2011 -0500" }, "message": "encrypted-keys: fix error return code\n\nFix request_master_key() error return code.\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "24942c8e5cc8696064ee207ff29d4cf21f70dafc", "tree": "08a8221eb72ec3da7746d7d76f6f5915ce77cde7", "parents": [ "e163bc8e4a0cd1cdffadb58253f7651201722d56", "ff0ff78068dd8a962358dbbdafa9d6f24540d3e5" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Nov 16 12:39:48 2011 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Nov 16 12:39:48 2011 +1100" }, "message": "Merge branch \u0027master\u0027; commit \u0027v3.2-rc2\u0027 into next\n" }, { "commit": "9f35a33b8d06263a165efe3541d9aa0cdbd70b3b", "tree": "2825d1bf9ea73d22e4cab45bb2cdc021c6e09380", "parents": [ "cfcfc9eca2bcbd26a8e206baeb005b055dbf8e37" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Tue Nov 15 22:09:45 2011 +0000" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Nov 15 22:32:38 2011 -0200" }, "message": "KEYS: Fix a NULL pointer deref in the user-defined key type\n\nFix a NULL pointer deref in the user-defined key type whereby updating a\nnegative key into a fully instantiated key will cause an oops to occur\nwhen the code attempts to free the non-existent old payload.\n\nThis results in an oops that looks something like the following:\n\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000008\n IP: [\u003cffffffff81085fa1\u003e] __call_rcu+0x11/0x13e\n PGD 3391d067 PUD 3894a067 PMD 0\n Oops: 0002 [#1] SMP\n CPU 1\n Pid: 4354, comm: keyctl Not tainted 3.1.0-fsdevel+ #1140 /DG965RY\n RIP: 0010:[\u003cffffffff81085fa1\u003e] [\u003cffffffff81085fa1\u003e] __call_rcu+0x11/0x13e\n RSP: 0018:ffff88003d591df8 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000000006e\n RDX: ffffffff8161d0c0 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffff88003d591e18 R08: 0000000000000000 R09: ffffffff8152fa6c\n R10: 0000000000000000 R11: 0000000000000300 R12: ffff88003b8f9538\n R13: ffffffff8161d0c0 R14: ffff88003b8f9d50 R15: ffff88003c69f908\n FS: 00007f97eb18c720(0000) GS:ffff88003bd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000008 CR3: 000000003d47a000 CR4: 00000000000006e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400\n Process keyctl (pid: 4354, threadinfo ffff88003d590000, task ffff88003c78a040)\n Stack:\n ffff88003e0ffde0 ffff88003b8f9538 0000000000000001 ffff88003b8f9d50\n ffff88003d591e28 ffffffff810860f0 ffff88003d591e68 ffffffff8117bfea\n ffff88003d591e68 ffffffff00000000 ffff88003e0ffde1 ffff88003e0ffde0\n Call Trace:\n [\u003cffffffff810860f0\u003e] call_rcu_sched+0x10/0x12\n [\u003cffffffff8117bfea\u003e] user_update+0x8d/0xa2\n [\u003cffffffff8117723a\u003e] key_create_or_update+0x236/0x270\n [\u003cffffffff811789b1\u003e] sys_add_key+0x123/0x17e\n [\u003cffffffff813b84bb\u003e] system_call_fastpath+0x16/0x1b\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: Jeff Layton \u003cjlayton@redhat.com\u003e\nAcked-by: Neil Horman \u003cnhorman@redhat.com\u003e\nAcked-by: Steve Dickson \u003csteved@redhat.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nCc: stable@kernel.org\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "af7ff2c2c45e6c6d533dd968709732da3d1d48f8", "tree": "5c3809af634ee633d351c04d7201324d7da4ca82", "parents": [ "59df3166ef293288d164ab3362a717743e62d20c" ], "author": { "name": "Andy Shevchenko", "email": "andriy.shevchenko@linux.intel.com", "time": "Tue Nov 15 15:11:41 2011 -0800" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Nov 16 11:30:26 2011 +1100" }, "message": "selinuxfs: remove custom hex_to_bin()\n\nSigned-off-by: Andy Shevchenko \u003candriy.shevchenko@linux.intel.com\u003e\nCc: Eric Paris \u003ceparis@parisplace.org\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "40809565ca57a8e94bae20b22da014c44ec233f6", "tree": "6cad3fa8f6345934cf6c67552235869973524d21", "parents": [ "0e94ae17c857b3835a2b8ea46ce44b5da4e2cc5d" ], "author": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Thu Nov 10 15:02:22 2011 -0800" }, "committer": { "name": "Casey Schaufler", "email": "cschaufler@cschaufler-intel.(none)", "time": "Fri Nov 11 11:07:21 2011 -0800" }, "message": "Smack: smackfs cipso seq read repair\n\nCommit 272cd7a8c67dd40a31ecff76a503bbb84707f757 introduced\na change to the way rule lists are handled and reported in\nthe smackfs filesystem. One of the issues addressed had to\ndo with the termination of read requests on /smack/load.\nThis change introduced a error in /smack/cipso, which shares\nsome of the same list processing code.\n\nThis patch updates all the file access list handling in\nsmackfs to use the code introduced for /smack/load.\n\nSigned-off-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "15647eb3985ef30dfd657038924dc85c03026733", "tree": "5d4629ef3b687ff56a446f42a8ee5aa35ec9322b", "parents": [ "8607c501478432b23654739c7321bc7456053cb6" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Thu Sep 01 14:41:40 2011 +0300" }, "committer": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Wed Nov 09 16:51:14 2011 +0200" }, "message": "evm: digital signature verification support\n\nThis patch adds support for digital signature verification to EVM.\nWith this feature file metadata can be protected using digital\nsignature instead of an HMAC. When building an image,\nwhich has to be flashed to different devices, an HMAC cannot\nbe used to sign file metadata, because the HMAC key should be\ndifferent on every device.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nAcked-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "8607c501478432b23654739c7321bc7456053cb6", "tree": "598ef1649a261954cb1cafc05189ddedb3bd3ff8", "parents": [ "051dbb918c7fb7da8e64a2cd0d804ba73399709f" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Wed Oct 05 11:54:46 2011 +0300" }, "committer": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Wed Nov 09 16:51:09 2011 +0200" }, "message": "integrity: digital signature verification using multiple keyrings\n\nDefine separate keyrings for each of the different use cases - evm, ima,\nand modules. Using different keyrings improves search performance, and also\nallows \"locking\" specific keyring to prevent adding new keys.\nThis is useful for evm and module keyrings, when keys are usually only\nadded from initramfs.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\n" }, { "commit": "32aaeffbd4a7457bf2f7448b33b5946ff2a960eb", "tree": "faf7ad871d87176423ff9ed1d1ba4d9c688fc23f", "parents": [ "208bca0860406d16398145ddd950036a737c3c9d", "67b84999b1a8b1af5625b1eabe92146c5eb42932" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Nov 06 19:44:47 2011 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Nov 06 19:44:47 2011 -0800" }, "message": "Merge branch \u0027modsplit-Oct31_2011\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux\n\n* \u0027modsplit-Oct31_2011\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux: (230 commits)\n Revert \"tracing: Include module.h in define_trace.h\"\n irq: don\u0027t put module.h into irq.h for tracking irqgen modules.\n bluetooth: macroize two small inlines to avoid module.h\n ip_vs.h: fix implicit use of module_get/module_put from module.h\n nf_conntrack.h: fix up fallout from implicit moduleparam.h presence\n include: replace linux/module.h with \"struct module\" wherever possible\n include: convert various register fcns to macros to avoid include chaining\n crypto.h: remove unused crypto_tfm_alg_modname() inline\n uwb.h: fix implicit use of asm/page.h for PAGE_SIZE\n pm_runtime.h: explicitly requires notifier.h\n linux/dmaengine.h: fix implicit use of bitmap.h and asm/page.h\n miscdevice.h: fix up implicit use of lists and types\n stop_machine.h: fix implicit use of smp.h for smp_processor_id\n of: fix implicit use of errno.h in include/linux/of.h\n of_platform.h: delete needless include \u003clinux/module.h\u003e\n acpi: remove module.h include from platform/aclinux.h\n miscdevice.h: delete unnecessary inclusion of module.h\n device_cgroup.h: delete needless include \u003clinux/module.h\u003e\n net: sch_generic remove redundant use of \u003clinux/module.h\u003e\n net: inet_timewait_sock doesnt need \u003clinux/module.h\u003e\n ...\n\nFix up trivial conflicts (other header files, and removal of the ab3550 mfd driver) in\n - drivers/media/dvb/frontends/dibx000_common.c\n - drivers/media/video/{mt9m111.c,ov6650.c}\n - drivers/mfd/ab3550-core.c\n - include/linux/dmaengine.h\n" }, { "commit": "2380078cdb7e6d520e33dcf834e0be979d542e48", "tree": "105a729f483b77453ea7a570f39e9efe76e38aa0", "parents": [ "6681ba7ec480bc839584fd0817991d248b4b9e44", "59df3166ef293288d164ab3362a717743e62d20c" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Nov 02 17:01:01 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Nov 02 17:01:01 2011 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.selinuxproject.org/~jmorris/linux-security\n\n* \u0027for-linus\u0027 of git://git.selinuxproject.org/~jmorris/linux-security:\n TOMOYO: Fix interactive judgment functionality.\n" }, { "commit": "de0a5345a55b8dd5a4695181275df0e691176830", "tree": "17530e824f7f46ce0b1757657179fb5957a6add5", "parents": [ "994c0e992522c123298b4a91b72f5e67ba2d1123", "8535639810e578960233ad39def3ac2157b0c3ec" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Nov 02 09:45:39 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Nov 02 09:45:39 2011 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://github.com/richardweinberger/linux\n\n* \u0027for-linus\u0027 of git://github.com/richardweinberger/linux: (90 commits)\n um: fix ubd cow size\n um: Fix kmalloc argument order in um/vdso/vma.c\n um: switch to use of drivers/Kconfig\n UserModeLinux-HOWTO.txt: fix a typo\n UserModeLinux-HOWTO.txt: remove ^H characters\n um: we need sys/user.h only on i386\n um: merge delay_{32,64}.c\n um: distribute exports to where exported stuff is defined\n um: kill system-um.h\n um: generic ftrace.h will do...\n um: segment.h is x86-only and needed only there\n um: asm/pda.h is not needed anymore\n um: hw_irq.h can go generic as well\n um: switch to generic-y\n um: clean Kconfig up a bit\n um: a couple of missing dependencies...\n um: kill useless argument of free_chan() and free_one_chan()\n um: unify ptrace_user.h\n um: unify KSTK_...\n um: fix gcov build breakage\n ...\n" }, { "commit": "3369465ed1a6a9aa9b885a6d7d8e074ecbd782da", "tree": "ac60be76e1d363caab63156c1390f1ab0c4ee96c", "parents": [ "c039aff672a540f8976770e74599d350de1805cb" ], "author": { "name": "Al Viro", "email": "viro@ftp.linux.org.uk", "time": "Thu Aug 18 20:11:59 2011 +0100" }, "committer": { "name": "Richard Weinberger", "email": "richard@nod.at", "time": "Wed Nov 02 14:15:41 2011 +0100" }, "message": "um: switch to use of drivers/Kconfig\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nSigned-off-by: Richard Weinberger \u003crichard@nod.at\u003e\n" }, { "commit": "02473119bc54b0b239c2501064c7a37314347f87", "tree": "e3f0cdfbe4ee67d089ab731f213b2e0f91a3daa1", "parents": [ "50e1499f468fd74c6db95deb2e1e6bfee578ae70" ], "author": { "name": "Andy Shevchenko", "email": "andriy.shevchenko@linux.intel.com", "time": "Mon Oct 31 17:12:55 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Oct 31 17:30:56 2011 -0700" }, "message": "security: follow rename pack_hex_byte() to hex_byte_pack()\n\nThere is no functional change.\n\nSigned-off-by: Andy Shevchenko \u003candriy.shevchenko@linux.intel.com\u003e\nCc: Mimi Zohar \u003czohar@us.ibm.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "fcf634098c00dd9cd247447368495f0b79be12d1", "tree": "77fc98cd461bd52ba3b14e833d54a115ffbbd7bc", "parents": [ "32ea845d5bafc37b7406bea1aee3005407cb0900" ], "author": { "name": "Christopher Yeoh", "email": "cyeoh@au1.ibm.com", "time": "Mon Oct 31 17:06:39 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Oct 31 17:30:44 2011 -0700" }, "message": "Cross Memory Attach\n\nThe basic idea behind cross memory attach is to allow MPI programs doing\nintra-node communication to do a single copy of the message rather than a\ndouble copy of the message via shared memory.\n\nThe following patch attempts to achieve this by allowing a destination\nprocess, given an address and size from a source process, to copy memory\ndirectly from the source process into its own address space via a system\ncall. There is also a symmetrical ability to copy from the current\nprocess\u0027s address space into a destination process\u0027s address space.\n\n- Use of /proc/pid/mem has been considered, but there are issues with\n using it:\n - Does not allow for specifying iovecs for both src and dest, assuming\n preadv or pwritev was implemented either the area read from or\n written to would need to be contiguous.\n - Currently mem_read allows only processes who are currently\n ptrace\u0027ing the target and are still able to ptrace the target to read\n from the target. This check could possibly be moved to the open call,\n but its not clear exactly what race this restriction is stopping\n (reason appears to have been lost)\n - Having to send the fd of /proc/self/mem via SCM_RIGHTS on unix\n domain socket is a bit ugly from a userspace point of view,\n especially when you may have hundreds if not (eventually) thousands\n of processes that all need to do this with each other\n - Doesn\u0027t allow for some future use of the interface we would like to\n consider adding in the future (see below)\n - Interestingly reading from /proc/pid/mem currently actually\n involves two copies! (But this could be fixed pretty easily)\n\nAs mentioned previously use of vmsplice instead was considered, but has\nproblems. Since you need the reader and writer working co-operatively if\nthe pipe is not drained then you block. Which requires some wrapping to\ndo non blocking on the send side or polling on the receive. In all to all\ncommunication it requires ordering otherwise you can deadlock. And in the\nexample of many MPI tasks writing to one MPI task vmsplice serialises the\ncopying.\n\nThere are some cases of MPI collectives where even a single copy interface\ndoes not get us the performance gain we could. For example in an\nMPI_Reduce rather than copy the data from the source we would like to\ninstead use it directly in a mathops (say the reduce is doing a sum) as\nthis would save us doing a copy. We don\u0027t need to keep a copy of the data\nfrom the source. I haven\u0027t implemented this, but I think this interface\ncould in the future do all this through the use of the flags - eg could\nspecify the math operation and type and the kernel rather than just\ncopying the data would apply the specified operation between the source\nand destination and store it in the destination.\n\nAlthough we don\u0027t have a \"second user\" of the interface (though I\u0027ve had\nsome nibbles from people who may be interested in using it for intra\nprocess messaging which is not MPI). This interface is something which\nhardware vendors are already doing for their custom drivers to implement\nfast local communication. And so in addition to this being useful for\nOpenMPI it would mean the driver maintainers don\u0027t have to fix things up\nwhen the mm changes.\n\nThere was some discussion about how much faster a true zero copy would\ngo. Here\u0027s a link back to the email with some testing I did on that:\n\nhttp://marc.info/?l\u003dlinux-mm\u0026m\u003d130105930902915\u0026w\u003d2\n\nThere is a basic man page for the proposed interface here:\n\nhttp://ozlabs.org/~cyeoh/cma/process_vm_readv.txt\n\nThis has been implemented for x86 and powerpc, other architecture should\nmainly (I think) just need to add syscall numbers for the process_vm_readv\nand process_vm_writev. There are 32 bit compatibility versions for\n64-bit kernels.\n\nFor arch maintainers there are some simple tests to be able to quickly\nverify that the syscalls are working correctly here:\n\nhttp://ozlabs.org/~cyeoh/cma/cma-test-20110718.tgz\n\nSigned-off-by: Chris Yeoh \u003cyeohc@au1.ibm.com\u003e\nCc: Ingo Molnar \u003cmingo@elte.hu\u003e\nCc: \"H. Peter Anvin\" \u003chpa@zytor.com\u003e\nCc: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nCc: Arnd Bergmann \u003carnd@arndb.de\u003e\nCc: Paul Mackerras \u003cpaulus@samba.org\u003e\nCc: Benjamin Herrenschmidt \u003cbenh@kernel.crashing.org\u003e\nCc: David Howells \u003cdhowells@redhat.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: \u003clinux-man@vger.kernel.org\u003e\nCc: \u003clinux-arch@vger.kernel.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "44fc7ea0bfe9143551649a42eb35f1460566c3c5", "tree": "7cfceedba653c69db90912427d140da996ab4f09", "parents": [ "a6ee87790b708dc4cdd3643104417793f0d985ec" ], "author": { "name": "Paul Gortmaker", "email": "paul.gortmaker@windriver.com", "time": "Thu May 26 20:52:10 2011 -0400" }, "committer": { "name": "Paul Gortmaker", "email": "paul.gortmaker@windriver.com", "time": "Mon Oct 31 19:31:32 2011 -0400" }, "message": "selinux: Add export.h to files using EXPORT_SYMBOL/THIS_MODULE\n\nThe pervasive, but implicit presence of \u003clinux/module.h\u003e meant\nthat things like this file would happily compile as-is. But\nwith the desire to phase out the module.h being included everywhere,\npoint this file at export.h which will give it THIS_MODULE and\nthe EXPORT_SYMBOL variants.\n\nSigned-off-by: Paul Gortmaker \u003cpaul.gortmaker@windriver.com\u003e\n" }, { "commit": "59df3166ef293288d164ab3362a717743e62d20c", "tree": "ee10bb9ae940bf59beaf05dd5925d03044eb6559", "parents": [ "c45ed235abf1b0b6666417e3c394f18717976acd" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Oct 20 06:48:57 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Sat Oct 29 08:34:41 2011 +1100" }, "message": "TOMOYO: Fix interactive judgment functionality.\n\nCommit 17fcfbd9 \"TOMOYO: Add interactive enforcing mode.\" introduced ability\nto query access decision using userspace programs. It was using global PID for\nreaching policy configuration of the process. However, use of PID returns stale\npolicy configuration when the process\u0027s subjective credentials and objective\ncredentials differ. Fix this problem by allowing reaching policy configuration\nvia query id.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "36b8d186e6cc8e32cb5227f5645a58e1bc0af190", "tree": "1000ad26e189e6ff2c53fb7eeff605f59c7ad94e", "parents": [ "cd85b557414fe4cd44ea6608825e96612a5fe2b2", "c45ed235abf1b0b6666417e3c394f18717976acd" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 25 09:45:31 2011 +0200" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 25 09:45:31 2011 +0200" }, "message": "Merge branch \u0027next\u0027 of git://selinuxproject.org/~jmorris/linux-security\n\n* \u0027next\u0027 of git://selinuxproject.org/~jmorris/linux-security: (95 commits)\n TOMOYO: Fix incomplete read after seek.\n Smack: allow to access /smack/access as normal user\n TOMOYO: Fix unused kernel config option.\n Smack: fix: invalid length set for the result of /smack/access\n Smack: compilation fix\n Smack: fix for /smack/access output, use string instead of byte\n Smack: domain transition protections (v3)\n Smack: Provide information for UDS getsockopt(SO_PEERCRED)\n Smack: Clean up comments\n Smack: Repair processing of fcntl\n Smack: Rule list lookup performance\n Smack: check permissions from user space (v2)\n TOMOYO: Fix quota and garbage collector.\n TOMOYO: Remove redundant tasklist_lock.\n TOMOYO: Fix domain transition failure warning.\n TOMOYO: Remove tomoyo_policy_memory_lock spinlock.\n TOMOYO: Simplify garbage collector.\n TOMOYO: Fix make namespacecheck warnings.\n target: check hex2bin result\n encrypted-keys: check hex2bin result\n ...\n" }, { "commit": "c45ed235abf1b0b6666417e3c394f18717976acd", "tree": "e41dd99f2c217a8ce160b24d81a4aec1cccbfe02", "parents": [ "e0b057b406a33501a656dc8d67ea945d7bcdad61", "0e94ae17c857b3835a2b8ea46ce44b5da4e2cc5d" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Sat Oct 22 22:23:58 2011 +0200" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Sat Oct 22 22:23:58 2011 +0200" }, "message": "Merge branch \u0027master\u0027 of git://gitorious.org/smack-next/kernel into next\n" }, { "commit": "e0b057b406a33501a656dc8d67ea945d7bcdad61", "tree": "16132a7c59322cb1d406a07b875518a3bbd3db39", "parents": [ "6afcb3b7393f5aa388a0d077c490ed411ab3cd27" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Oct 21 12:37:13 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Sat Oct 22 21:55:26 2011 +0200" }, "message": "TOMOYO: Fix incomplete read after seek.\n\nCommit f23571e8 \"TOMOYO: Copy directly to userspace buffer.\" introduced\ntomoyo_flush() that flushes data to be read as soon as possible.\ntomoyo_select_domain() (which is called by write()) enqueues data which meant\nto be read by next read(), but previous read()\u0027s read buffer\u0027s size was not\ncleared. As a result, since 2.6.36, sequence like\n\n char *cp \u003d \"select global-pid\u003d1\\n\";\n read(fd, buf1, sizeof(buf1));\n write(fd, cp, strlen(cp));\n read(fd, buf2, sizeof(buf2));\n\ncauses enqueued data to be flushed to buf1 rather than buf2.\nFix this bug by clearing read buffer\u0027s size upon write() request.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0e94ae17c857b3835a2b8ea46ce44b5da4e2cc5d", "tree": "eac36ba696cf33bbbe3fcd490589ef453d9c8ef1", "parents": [ "d86b2b61d4dea614d6f319772a90a8f98b55ed67" ], "author": { "name": "Jarkko Sakkinen", "email": "jarkko.j.sakkinen@gmail.com", "time": "Tue Oct 18 21:21:36 2011 +0300" }, "committer": { "name": "Casey Schaufler", "email": "cschaufler@cschaufler-intel.(none)", "time": "Thu Oct 20 16:07:31 2011 -0700" }, "message": "Smack: allow to access /smack/access as normal user\n\nAllow query access as a normal user removing the need\nfor CAP_MAC_ADMIN. Give RW access to /smack/access\nfor UGO. Do not import smack labels in access check.\n\nSigned-off-by: Jarkko Sakkinen \u003cjarkko.j.sakkinen@gmail.com\u003e\nSigned-off-by: Casey Schaufler \u003ccschaufler@cschaufler-intel.(none)\u003e\n" }, { "commit": "6afcb3b7393f5aa388a0d077c490ed411ab3cd27", "tree": "f2d0bca0df7ee7322dee3cfa914e8bb4febf434b", "parents": [ "16014d87509e26d6ed6935adbbf437a571fb5870" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Oct 16 09:43:46 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Oct 19 16:58:59 2011 +0200" }, "message": "TOMOYO: Fix unused kernel config option.\n\nCONFIG_SECURITY_TOMOYO_MAX_{ACCEPT_ENTRY,AUDIT_LOG} introduced by commit\n0e4ae0e0 \"TOMOYO: Make several options configurable.\" were by error not used.\n\nReported-by: Paul Bolle \u003cpebolle@tiscali.nl\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "6230c9b4f8957c8938ee4cf2d03166d3c2dc89de", "tree": "acb6aa03e5b34ab83c4945fdacefee66c5285af2", "parents": [ "835acf5da239b91edb9f7ebe36516999e156e6ee" ], "author": { "name": "Paul Moore", "email": "pmoore@redhat.com", "time": "Fri Oct 07 09:40:59 2011 +0000" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Tue Oct 18 23:36:43 2011 -0400" }, "message": "bluetooth: Properly clone LSM attributes to newly created child connections\n\nThe Bluetooth stack has internal connection handlers for all of the various\nBluetooth protocols, and unfortunately, they are currently lacking the LSM\nhooks found in the core network stack\u0027s connection handlers. I say\nunfortunately, because this can cause problems for users who have have an\nLSM enabled and are using certain Bluetooth devices. See one problem\nreport below:\n\n * http://bugzilla.redhat.com/show_bug.cgi?id\u003d741703\n\nIn order to keep things simple at this point in time, this patch fixes the\nproblem by cloning the parent socket\u0027s LSM attributes to the newly created\nchild socket. If we decide we need a more elaborate LSM marking mechanism\nfor Bluetooth (I somewhat doubt this) we can always revisit this decision\nin the future.\n\nReported-by: James M. Cape \u003cjcape@ignore-your.tv\u003e\nSigned-off-by: Paul Moore \u003cpmoore@redhat.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "d86b2b61d4dea614d6f319772a90a8f98b55ed67", "tree": "8d7647ea8d46630e3a09cd74210b9d4c94b86833", "parents": [ "16014d87509e26d6ed6935adbbf437a571fb5870" ], "author": { "name": "Jarkko Sakkinen", "email": "jarkko.j.sakkinen@gmail.com", "time": "Tue Oct 18 14:34:28 2011 +0300" }, "committer": { "name": "Casey Schaufler", "email": "cschaufler@cschaufler-intel.(none)", "time": "Tue Oct 18 09:02:57 2011 -0700" }, "message": "Smack: fix: invalid length set for the result of /smack/access\n\nForgot to update simple_transaction_set() to take terminator\ncharacter into account.\n\nSigned-off-by: Jarkko Sakkinen \u003cjarkko.j.sakkinen@gmail.com\u003e\nSigned-off-by: Casey Schaufler \u003ccschaufler@cschaufler-intel.(none)\u003e\n" }, { "commit": "16014d87509e26d6ed6935adbbf437a571fb5870", "tree": "bdf8641b1412d5e8cd1abe39eca5bc62caf99ad0", "parents": [ "f8859d98c1d1e73393285fb9dd57007839956247" ], "author": { "name": "Jarkko Sakkinen", "email": "jarkko.j.sakkinen@gmail.com", "time": "Fri Oct 14 13:16:24 2011 +0300" }, "committer": { "name": "Casey Schaufler", "email": "cschaufler@cschaufler-intel.(none)", "time": "Fri Oct 14 08:56:49 2011 -0700" }, "message": "Smack: compilation fix\n\nOn some build configurations PER_CLEAR_ON_SETID symbol was not\nfound when compiling smack_lsm.c. This patch fixes the issue by\nexplicitly doing #include \u003clinux/personality.h\u003e.\n\nSigned-off-by: Jarkko Sakkinen \u003cjarkko.j.sakkinen@gmail.com\u003e\nSigned-off-by: Casey Schaufler \u003ccschaufler@cschaufler-intel.(none)\u003e\n" }, { "commit": "f8859d98c1d1e73393285fb9dd57007839956247", "tree": "a6937380935074702febe48239bb891b4242752d", "parents": [ "84088ba239293abb24260c6c36d86e8775b6707f" ], "author": { "name": "Jarkko Sakkinen", "email": "jarkko.sakkinen@intel.com", "time": "Mon Oct 10 14:29:28 2011 +0300" }, "committer": { "name": "Casey Schaufler", "email": "cschaufler@cschaufler-intel.(none)", "time": "Wed Oct 12 14:30:07 2011 -0700" }, "message": "Smack: fix for /smack/access output, use string instead of byte\n\nSmall fix for the output of access SmackFS file. Use string\nis instead of byte. Makes it easier to extend API if it is\nneeded.\n\nSigned-off-by: Jarkko Sakkinen \u003cjarkko.sakkinen@intel.com\u003e\n" }, { "commit": "84088ba239293abb24260c6c36d86e8775b6707f", "tree": "7a8936d22156d108241725fae705979316fc6350", "parents": [ "975d5e55c2e78b755bd0b92b71db1c241c5a2665" ], "author": { "name": "Jarkko Sakkinen", "email": "jarkko.sakkinen@intel.com", "time": "Fri Oct 07 09:27:53 2011 +0300" }, "committer": { "name": "Casey Schaufler", "email": "cschaufler@cschaufler-intel.(none)", "time": "Wed Oct 12 14:28:15 2011 -0700" }, "message": "Smack: domain transition protections (v3)\n\nProtections for domain transition:\n\n- BPRM unsafe flags\n- Secureexec\n- Clear unsafe personality bits.\n- Clear parent death signal\n\nSigned-off-by: Jarkko Sakkinen \u003cjarkko.sakkinen@intel.com\u003e\n" }, { "commit": "975d5e55c2e78b755bd0b92b71db1c241c5a2665", "tree": "7f39bc6c89720a5abdf617cd1e83c0904d04ec08", "parents": [ "ce8a432197d9892689eb4896f690b9fe6b3de598" ], "author": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Mon Sep 26 14:43:39 2011 -0700" }, "committer": { "name": "Casey Schaufler", "email": "cschaufler@cschaufler-intel.(none)", "time": "Wed Oct 12 14:27:05 2011 -0700" }, "message": "Smack: Provide information for UDS getsockopt(SO_PEERCRED)\n\nThis patch is targeted for the smack-next tree.\n\nThis patch takes advantage of the recent changes for performance\nand points the packet labels on UDS connect at the output label of\nthe far side. This makes getsockopt(...SO_PEERCRED...) function\nproperly. Without this change the getsockopt does not provide any\ninformation.\n\nSigned-off-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "ce8a432197d9892689eb4896f690b9fe6b3de598", "tree": "09dff875df15be3a36f3e0dcb760d0064d4da935", "parents": [ "531f1d453ed8a8acee4015bd64e7bcc2eab939e4" ], "author": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Thu Sep 29 18:21:01 2011 -0700" }, "committer": { "name": "Casey Schaufler", "email": "cschaufler@cschaufler-intel.(none)", "time": "Wed Oct 12 14:26:07 2011 -0700" }, "message": "Smack: Clean up comments\n\nThere are a number of comments in the Smack code that\nare either malformed or include code. This patch cleans\nthem up.\n\nSigned-off-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "531f1d453ed8a8acee4015bd64e7bcc2eab939e4", "tree": "0dd06c1ecc894444c42350c76c5712899d2ddb78", "parents": [ "272cd7a8c67dd40a31ecff76a503bbb84707f757" ], "author": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Mon Sep 19 12:41:42 2011 -0700" }, "committer": { "name": "Casey Schaufler", "email": "cschaufler@cschaufler-intel.(none)", "time": "Wed Oct 12 14:24:28 2011 -0700" }, "message": "Smack: Repair processing of fcntl\n\nAl Viro pointed out that the processing of fcntl done\nby Smack appeared poorly designed. He was right. There\nare three things that required change. Most obviously,\nthe list of commands that really imply writing is limited\nto those involving file locking and signal handling.\nThe initialization if the file security blob was\nincomplete, requiring use of a heretofore unused LSM hook.\nFinally, the audit information coming from a helper\nmasked the identity of the LSM hook. This patch corrects\nall three of these defects.\n\nThis is targeted for the smack-next tree pending comments.\n\nSigned-off-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "272cd7a8c67dd40a31ecff76a503bbb84707f757", "tree": "467f83c94eb14f8f34508efe891c0dcc62a7ac24", "parents": [ "828716c28fe4aa232ea280ea8ed6fb103eefb6ac" ], "author": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Tue Sep 20 12:24:36 2011 -0700" }, "committer": { "name": "Casey Schaufler", "email": "cschaufler@cschaufler-intel.(none)", "time": "Wed Oct 12 14:23:13 2011 -0700" }, "message": "Smack: Rule list lookup performance\n\nThis patch is targeted for the smack-next tree.\n\nSmack access checks suffer from two significant performance\nissues. In cases where there are large numbers of rules the\nsearch of the single list of rules is wasteful. Comparing the\nstring values of the smack labels is less efficient than a\nnumeric comparison would.\n\nThese changes take advantage of the Smack label list, which\nmaintains the mapping of Smack labels to secids and optional\nCIPSO labels. Because the labels are kept perpetually, an\naccess check can be done strictly based on the address of the\nlabel in the list without ever looking at the label itself.\nRather than keeping one global list of rules the rules with\na particular subject label can be based off of that label\nlist entry. The access check need never look at entries that\ndo not use the current subject label.\n\nThis requires that packets coming off the network with\nCIPSO direct Smack labels that have never been seen before\nbe treated carefully. The only case where they could be\ndelivered is where the receiving socket has an IPIN star\nlabel, so that case is explicitly addressed.\n\nOn a system with 39,800 rules (200 labels in all permutations)\na system with this patch runs an access speed test in 5% of\nthe time of the old version. That should be a best case\nimprovement. If all of the rules are associated with the\nsame subject label and all of the accesses are for processes\nwith that label (unlikely) the improvement is about 30%.\n\nSigned-off-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "828716c28fe4aa232ea280ea8ed6fb103eefb6ac", "tree": "f75377cf3e770a9a67feb64fb8bef867735a975b", "parents": [ "545a7260343bbaf11c7f1a4b8c3d9660bb9266e5" ], "author": { "name": "Jarkko Sakkinen", "email": "jarkko.sakkinen@intel.com", "time": "Thu Sep 08 10:12:01 2011 +0300" }, "committer": { "name": "Casey Schaufler", "email": "cschaufler@cschaufler-intel.(none)", "time": "Wed Oct 12 14:21:32 2011 -0700" }, "message": "Smack: check permissions from user space (v2)\n\nAdds a new file into SmackFS called \u0027access\u0027. Wanted\nSmack permission is written into /smack/access.\nAfter that result can be read from the opened file.\nIf access applies result contains 1 and otherwise\n0. File access is protected from race conditions\nby using simple_transaction_get()/set() API.\n\nFixes from the previous version:\n- Removed smack.h changes, refactoring left-over\nfrom previous version.\n- Removed #include \u003clinux/smack.h\u003e, refactoring\nleft-over from previous version.\n\nSigned-off-by: Jarkko Sakkinen \u003cjarkko.sakkinen@intel.com\u003e\nSigned-off-by: Casey Schaufler \u003ccschaufler@cschaufler-intel.(none)\u003e\n" }, { "commit": "545a7260343bbaf11c7f1a4b8c3d9660bb9266e5", "tree": "47f07960ef637b6475061575e7ae2fa7a4732a78", "parents": [ "e2b8b25a6795488eba7bb757706b3ac725c31fac" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Oct 11 14:06:41 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Oct 12 12:15:20 2011 +1100" }, "message": "TOMOYO: Fix quota and garbage collector.\n\nCommit 059d84db \"TOMOYO: Add socket operation restriction support\" and\ncommit 731d37aa \"TOMOYO: Allow domain transition without execve().\" forgot to\nupdate tomoyo_domain_quota_is_ok() and tomoyo_del_acl() which results in\nincorrect quota counting and memory leak.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "e2b8b25a6795488eba7bb757706b3ac725c31fac", "tree": "f77e43a01891938e8c83b56d2c249a725923b9ec", "parents": [ "e00fb3f7af111d1b3252f7d622213d2e22be65f5" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Oct 11 14:05:08 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Oct 12 12:15:18 2011 +1100" }, "message": "TOMOYO: Remove redundant tasklist_lock.\n\nrcu_read_lock() is sufficient for calling find_task_by_pid_ns()/find_task_by_vpid().\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "e00fb3f7af111d1b3252f7d622213d2e22be65f5", "tree": "387b90728d0a1657e94d530c81e69c9b197f1c1c", "parents": [ "c6cb56fc94f4efaec2d4ad74bed2be7883179ccd" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Sep 27 11:48:53 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Sep 28 11:53:15 2011 +1000" }, "message": "TOMOYO: Fix domain transition failure warning.\n\nCommit bd03a3e4 \"TOMOYO: Add policy namespace support.\" introduced policy\nnamespace. But as of /sbin/modprobe is executed from initramfs/initrd, profiles\nfor target domain\u0027s namespace is not defined because /sbin/tomoyo-init is not\nyet called.\n\nReported-by: Jamie Nguyen \u003cjamie@tomoyolinux.co.uk\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c6cb56fc94f4efaec2d4ad74bed2be7883179ccd", "tree": "cc4ebf2231093ab57c2e868fbdf176791de600db", "parents": [ "a427fd14d3edf6396c4b9638dbc8e2972afaa05b", "8c35ad20270de91d0f3bfe521daa3b7983ee8db7" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Sep 27 09:20:46 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Sep 27 09:20:46 2011 +1000" }, "message": "Merge branch \u0027next-hex2bin\u0027 of git://github.com/mzohar/linux-evm into next\n" }, { "commit": "a427fd14d3edf6396c4b9638dbc8e2972afaa05b", "tree": "2f8fdffa989f6e18f57bfb61f5ecfc4fdcf8d729", "parents": [ "f9732ea145886786a6f8b0493bc2239e70cbacdb" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Sep 25 17:51:06 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Sep 26 10:46:22 2011 +1000" }, "message": "TOMOYO: Remove tomoyo_policy_memory_lock spinlock.\n\ntomoyo_policy_lock mutex already protects it.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "f9732ea145886786a6f8b0493bc2239e70cbacdb", "tree": "e29b2441cc916a174d7cd0b03cd18986ae545250", "parents": [ "778c4a4d60d932c1df6d270dcbc88365823c3963" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Sep 25 17:50:23 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Sep 26 10:46:20 2011 +1000" }, "message": "TOMOYO: Simplify garbage collector.\n\nWhen TOMOYO started using garbage collector at commit 847b173e \"TOMOYO: Add\ngarbage collector.\", we waited for close() before kfree(). Thus, elements to be\nkfree()d were queued up using tomoyo_gc_list list.\n\nBut it turned out that tomoyo_element_linked_by_gc() tends to choke garbage\ncollector when certain pattern of entries are queued.\n\nSince garbage collector is no longer waiting for close() since commit 2e503bbb\n\"TOMOYO: Fix lockdep warning.\", we can remove tomoyo_gc_list list and\ntomoyo_element_linked_by_gc() by doing sequential processing.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "778c4a4d60d932c1df6d270dcbc88365823c3963", "tree": "1c042bff1f11cf4e5d7267329091d878aba3d4d7", "parents": [ "6bce98edc3365a8f780ff3944ac7992544c194fe" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Sep 25 17:49:09 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Sep 26 10:46:19 2011 +1000" }, "message": "TOMOYO: Fix make namespacecheck warnings.\n\nCommit efe836ab \"TOMOYO: Add built-in policy support.\" introduced\ntomoyo_load_builtin_policy() but was by error called from nowhere.\n\nCommit b22b8b9f \"TOMOYO: Rename meminfo to stat and show more statistics.\"\nintroduced tomoyo_update_stat() but was by error not called from\ntomoyo_assign_domain().\n\nAlso, mark tomoyo_io_printf() and tomoyo_path_permission() static functions,\nas reported by \"make namespacecheck\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2b3ff6319e2312656fbefe0209bef02d58b6836a", "tree": "43041b8a5e6fe31dadf2ad682d73fa873476b952", "parents": [ "2684bf7f29cfb13ef2c60f3b3a53ee47d0db7022" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Tue Sep 20 11:23:55 2011 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Tue Sep 20 23:26:44 2011 -0400" }, "message": "encrypted-keys: check hex2bin result\n\nFor each hex2bin call in encrypted keys, check that the ascii hex string\nis valid. On failure, return -EINVAL.\n\nChangelog v1:\n- hex2bin now returns an int\n\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\nAcked-by: Andy Shevchenko \u003candy.shevchenko@gmail.com\u003e\n" }, { "commit": "2684bf7f29cfb13ef2c60f3b3a53ee47d0db7022", "tree": "bbdc0709c643e58a22443ab086c6e4aa80329e17", "parents": [ "b78049831ffed65f0b4e61f69df14f3ab17922cb" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Tue Sep 20 11:23:52 2011 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Tue Sep 20 23:26:05 2011 -0400" }, "message": "trusted-keys: check hex2bin result\n\nFor each hex2bin call in trusted keys, check that the ascii hex string is\nvalid. On failure, return -EINVAL.\n\nChangelog v1:\n- hex2bin now returns an int\n\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\nAcked-by: Andy Shevchenko \u003candy.shevchenko@gmail.com\u003e\n" }, { "commit": "6bce98edc3365a8f780ff3944ac7992544c194fe", "tree": "ee10abf2345f651d65d7f10fd385c01e0dc891b3", "parents": [ "cc100551b4d92f47abebfa7c7918b2be71263b4a" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Sep 16 22:54:25 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Sep 19 10:09:59 2011 +1000" }, "message": "TOMOYO: Allow specifying domain transition preference.\n\nI got an opinion that it is difficult to use exception policy\u0027s domain\ntransition control directives because they need to match the pathname specified\nto \"file execute\" directives. For example, if \"file execute /bin/\\*\\-ls\\-cat\"\nis given, corresponding domain transition control directive needs to be like\n\"no_keep_domain /bin/\\*\\-ls\\-cat from any\".\n\nIf we can specify like below, it will become more convenient.\n\n file execute /bin/ls keep exec.realpath\u003d\"/bin/ls\" exec.argv[0]\u003d\"ls\"\n file execute /bin/cat keep exec.realpath\u003d\"/bin/cat\" exec.argv[0]\u003d\"cat\"\n file execute /bin/\\*\\-ls\\-cat child\n file execute /usr/sbin/httpd \u003capache\u003e exec.realpath\u003d\"/usr/sbin/httpd\" exec.argv[0]\u003d\"/usr/sbin/httpd\"\n\nIn above examples, \"keep\" works as if keep_domain is specified, \"child\" works\nas if \"no_reset_domain\" and \"no_initialize_domain\" and \"no_keep_domain\" are\nspecified, \"\u003capache\u003e\" causes domain transition to \u003capache\u003e domain upon\nsuccessful execve() operation.\n\nMoreover, we can also allow transition to different domains based on conditions\nlike below example.\n\n \u003ckernel\u003e /usr/sbin/sshd\n file execute /bin/bash \u003ckernel\u003e /usr/sbin/sshd //batch-session exec.argc\u003d2 exec.argv[1]\u003d\"-c\"\n file execute /bin/bash \u003ckernel\u003e /usr/sbin/sshd //root-session task.uid\u003d0\n file execute /bin/bash \u003ckernel\u003e /usr/sbin/sshd //nonroot-session task.uid!\u003d0\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "cc100551b4d92f47abebfa7c7918b2be71263b4a", "tree": "d603f15ff5ef28efd5f818817aca036045ac8a8b", "parents": [ "8de6ac7f58a22fdab399fbe97763e465ea49c735" ], "author": { "name": "Stephen Rothwell", "email": "sfr@canb.auug.org.au", "time": "Thu Sep 15 17:07:15 2011 +1000" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Thu Sep 15 17:37:24 2011 -0400" }, "message": "encrypted-keys: IS_ERR need include/err.h\n\nFixes this build error:\n\nsecurity/keys/encrypted-keys/masterkey_trusted.c: In function \u0027request_trusted_key\u0027:\nsecurity/keys/encrypted-keys/masterkey_trusted.c:35:2: error: implicit declaration of function \u0027IS_ERR\u0027\n\nSigned-off-by: Stephen Rothwell \u003csfr@canb.auug.org.au\u003e\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "8de6ac7f58a22fdab399fbe97763e465ea49c735", "tree": "46104451c69f5270fcc11137aecff012a2ecf612", "parents": [ "843d183cdd816549b73e6bd3ae07f64adddf714b", "fb788d8b981fa55603873416882f8dcf835e7924" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Sep 15 09:53:38 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Sep 15 09:53:38 2011 +1000" }, "message": "Merge branch \u0027next-evm\u0027 of git://github.com/mzohar/linux-evm into next\n" }, { "commit": "843d183cdd816549b73e6bd3ae07f64adddf714b", "tree": "3421638e9c9d44be37e539a4ffed6216bc1f7f3c", "parents": [ "a8f7640963ada66c412314c3559c11ff6946c1a5" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Sep 14 17:03:19 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Sep 15 08:14:21 2011 +1000" }, "message": "TOMOYO: Bump version.\n\nTell userland tools that this is TOMOYO 2.5.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "fb788d8b981fa55603873416882f8dcf835e7924", "tree": "023d8410571f27e8d10bf6fc0a4a088cb9368df6", "parents": [ "566be59ab86c0e030b980645a580d683a015a483" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Mon Aug 15 15:30:11 2011 +0300" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Sep 14 15:24:52 2011 -0400" }, "message": "evm: clean verification status\n\nWhen allocating from slab, initialization is done the first time in\ninit_once() and subsequently on free. Because evm_status was not\nre-initialized on free, evm_verify_hmac() skipped verifications.\n\nThis patch re-initializes evm_status.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "566be59ab86c0e030b980645a580d683a015a483", "tree": "c5d29c7db2f8ef93e970cb405621f59c57d01b94", "parents": [ "bf6d0f5dcda17df3cc5577e203d0f8ea1c2ad6aa" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Aug 22 09:14:18 2011 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Sep 14 15:24:52 2011 -0400" }, "message": "evm: permit mode bits to be updated\n\nBefore permitting \u0027security.evm\u0027 to be updated, \u0027security.evm\u0027 must\nexist and be valid. In the case that there are no existing EVM protected\nxattrs, it is safe for posix acls to update the mode bits.\n\nTo differentiate between no \u0027security.evm\u0027 xattr and no xattrs used to\ncalculate \u0027security.evm\u0027, this patch defines INTEGRITY_NOXATTR.\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "bf6d0f5dcda17df3cc5577e203d0f8ea1c2ad6aa", "tree": "c6c5f39d43fe0d27bc1d3aedbd2f9b3ba2f8f537", "parents": [ "a924ce0b35875ef9512135b46a32f4150fd700b2" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Thu Aug 18 18:07:44 2011 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Sep 14 15:24:51 2011 -0400" }, "message": "evm: posix acls modify i_mode\n\nThe posix xattr acls are \u0027system\u0027 prefixed, which normally would not\naffect security.evm. An interesting side affect of writing posix xattr\nacls is their modifying of the i_mode, which is included in security.evm.\n\nThis patch updates security.evm when posix xattr acls are written.\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "a924ce0b35875ef9512135b46a32f4150fd700b2", "tree": "0e01ac679790fe96c03b341b2670a2ed9c56a122", "parents": [ "fb88c2b6cbb1265a8bef60694699b37f5cd4ba76" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Thu Aug 11 01:22:30 2011 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Sep 14 15:24:51 2011 -0400" }, "message": "evm: limit verifying current security.evm integrity\n\nevm_protect_xattr unnecessarily validates the current security.evm\nintegrity, before updating non-evm protected extended attributes\nand other file metadata. This patch limits validating the current\nsecurity.evm integrity to evm protected metadata.\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "fb88c2b6cbb1265a8bef60694699b37f5cd4ba76", "tree": "f747bf1f156c5537da77528a92a4e36eb342cb58", "parents": [ "1d714057ef8f6348eba7b28ace6d307513e57cef" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Aug 15 10:13:18 2011 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Sep 14 15:24:50 2011 -0400" }, "message": "evm: fix security/security_old_init_security return code\n\nsecurity_inode_init_security previously returned -EOPNOTSUPP, for S_PRIVATE\ninodes, and relied on the callers to change it to 0. As the callers do not\nchange the return code anymore, return 0, intead of -EOPNOTSUPP.\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "1d714057ef8f6348eba7b28ace6d307513e57cef", "tree": "a848b86df6257b347b6929f9ad09666105996003", "parents": [ "982e617a313b57abee3bcfa53381c356d00fd64a" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Sun Aug 28 08:57:11 2011 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Sep 14 15:24:49 2011 -0400" }, "message": "evm: remove TCG_TPM dependency\n\nAll tristates selected by EVM(boolean) are forced to be builtin, except\nin the TCG_TPM(tristate) dependency case. Arnaud Lacombe summarizes the\nKconfig bug as, \"So it would seem direct dependency state influence the\nstate of reverse dependencies..\" For a detailed explanation, refer to\nArnaud Lacombe\u0027s posting http://lkml.org/lkml/2011/8/23/498.\n\nWith the \"encrypted-keys: remove trusted-keys dependency\" patch, EVM\ncan now be built without a dependency on TCG_TPM. The trusted-keys\ndependency requires trusted-keys to either be builtin or not selected.\nThis dependency will prevent the boolean/tristate mismatch from\noccuring.\n\nReported-by: Stephen Rothwell \u003csfr@canb.auug.org.au\u003e,\n Randy Dunlap \u003crdunlap@xenotimenet\u003e\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "982e617a313b57abee3bcfa53381c356d00fd64a", "tree": "ba23ab206aaff2331bca116cebd11ad4ef580c32", "parents": [ "61cf45d0199041df1a8ba334b6bf4a3a13b7f904" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Sat Aug 27 22:21:26 2011 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Sep 14 15:23:49 2011 -0400" }, "message": "encrypted-keys: remove trusted-keys dependency\n\nEncrypted keys are decrypted/encrypted using either a trusted-key or,\nfor those systems without a TPM, a user-defined key. This patch\nremoves the trusted-keys and TCG_TPM dependencies.\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "61cf45d0199041df1a8ba334b6bf4a3a13b7f904", "tree": "b287399eb3704b766d2ba3d9a36de0bb57f70139", "parents": [ "a8f7640963ada66c412314c3559c11ff6946c1a5" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Sep 14 15:06:00 2011 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Sep 14 15:22:26 2011 -0400" }, "message": "encrypted-keys: create encrypted-keys directory\n\nMove all files associated with encrypted keys to keys/encrypted-keys.\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" } ], "next": "a8f7640963ada66c412314c3559c11ff6946c1a5" }