)]}'
{
  "log": [
    {
      "commit": "c7ce1ae21223fe1f905feba272bc14b87994a57d",
      "tree": "cd527489396fd9def8d19416fd05c2c11f794394",
      "parents": [
        "c5396a31b20991c856facbce18a2a56d1a14e8d0"
      ],
      "author": {
        "name": "Tushar Gohad",
        "email": "tgohad@mvista.com",
        "time": "Sat Jun 17 22:54:03 2006 -0700"
      },
      "committer": {
        "name": "David S. Miller",
        "email": "davem@davemloft.net",
        "time": "Sat Jun 17 22:54:03 2006 -0700"
      },
      "message": "[PFKEYV2]: Fix inconsistent typing in struct sadb_x_kmprivate.\n\nSigned-off-by: Tushar Gohad \u003ctgohad@mvista.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n"
    },
    {
      "commit": "3235798804ee75f09d45aee5003197930de57689",
      "tree": "1f4612f8af6cc638736661c0899e58fb20e650e2",
      "parents": [
        "fad6a94ee6b33ca5e6184e8b08634a6a2319d0cb"
      ],
      "author": {
        "name": "Alexey Dobriyan",
        "email": "adobriyan@gmail.com",
        "time": "Sun Jan 15 02:12:54 2006 +0100"
      },
      "committer": {
        "name": "Adrian Bunk",
        "email": "bunk@r063144.stusta.swh.mhn.de",
        "time": "Sun Jan 15 02:12:54 2006 +0100"
      },
      "message": "Fix \"stuct\", \"strut\", \"struc\" typos\n\nSigned-off-by: Alexey Dobriyan \u003cadobriyan@gmail.com\u003e\nSigned-off-by: Adrian Bunk \u003cbunk@stusta.de\u003e\n"
    },
    {
      "commit": "df71837d5024e2524cd51c93621e558aa7dd9f3f",
      "tree": "58938f1d46f3c6713b63e5a785e82fdbb10121a1",
      "parents": [
        "88026842b0a760145aa71d69e74fbc9ec118ca44"
      ],
      "author": {
        "name": "Trent Jaeger",
        "email": "tjaeger@cse.psu.edu",
        "time": "Tue Dec 13 23:12:27 2005 -0800"
      },
      "committer": {
        "name": "David S. Miller",
        "email": "davem@sunset.davemloft.net",
        "time": "Tue Jan 03 13:10:24 2006 -0800"
      },
      "message": "[LSM-IPSec]: Security association restriction.\n\nThis patch series implements per packet access control via the\nextension of the Linux Security Modules (LSM) interface by hooks in\nthe XFRM and pfkey subsystems that leverage IPSec security\nassociations to label packets.  Extensions to the SELinux LSM are\nincluded that leverage the patch for this purpose.\n\nThis patch implements the changes necessary to the XFRM subsystem,\npfkey interface, ipv4/ipv6, and xfrm_user interface to restrict a\nsocket to use only authorized security associations (or no security\nassociation) to send/receive network packets.\n\nPatch purpose:\n\nThe patch is designed to enable access control per packets based on\nthe strongly authenticated IPSec security association.  Such access\ncontrols augment the existing ones based on network interface and IP\naddress.  The former are very coarse-grained, and the latter can be\nspoofed.  By using IPSec, the system can control access to remote\nhosts based on cryptographic keys generated using the IPSec mechanism.\nThis enables access control on a per-machine basis or per-application\nif the remote machine is running the same mechanism and trusted to\nenforce the access control policy.\n\nPatch design approach:\n\nThe overall approach is that policy (xfrm_policy) entries set by\nuser-level programs (e.g., setkey for ipsec-tools) are extended with a\nsecurity context that is used at policy selection time in the XFRM\nsubsystem to restrict the sockets that can send/receive packets via\nsecurity associations (xfrm_states) that are built from those\npolicies.\n\nA presentation available at\nwww.selinux-symposium.org/2005/presentations/session2/2-3-jaeger.pdf\nfrom the SELinux symposium describes the overall approach.\n\nPatch implementation details:\n\nOn output, the policy retrieved (via xfrm_policy_lookup or\nxfrm_sk_policy_lookup) must be authorized for the security context of\nthe socket and the same security context is required for resultant\nsecurity association (retrieved or negotiated via racoon in\nipsec-tools).  This is enforced in xfrm_state_find.\n\nOn input, the policy retrieved must also be authorized for the socket\n(at __xfrm_policy_check), and the security context of the policy must\nalso match the security association being used.\n\nThe patch has virtually no impact on packets that do not use IPSec.\nThe existing Netfilter (outgoing) and LSM rcv_skb hooks are used as\nbefore.\n\nAlso, if IPSec is used without security contexts, the impact is\nminimal.  The LSM must allow such policies to be selected for the\ncombination of socket and remote machine, but subsequent IPSec\nprocessing proceeds as in the original case.\n\nTesting:\n\nThe pfkey interface is tested using the ipsec-tools.  ipsec-tools have\nbeen modified (a separate ipsec-tools patch is available for version\n0.5) that supports assignment of xfrm_policy entries and security\nassociations with security contexts via setkey and the negotiation\nusing the security contexts via racoon.\n\nThe xfrm_user interface is tested via ad hoc programs that set\nsecurity contexts.  These programs are also available from me, and\ncontain programs for setting, getting, and deleting policy for testing\nthis interface.  Testing of sa functions was done by tracing kernel\nbehavior.\n\nSigned-off-by: Trent Jaeger \u003ctjaeger@cse.psu.edu\u003e\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n"
    },
    {
      "commit": "dd87147eed934eaff92869f3d158697c7239d1d2",
      "tree": "5a5d59c2678767530c2a3299a70ccfc14062b347",
      "parents": [
        "d094cd83c06e06e01d8edb540555f3f64e4081c2"
      ],
      "author": {
        "name": "Herbert Xu",
        "email": "herbert@gondor.apana.org.au",
        "time": "Mon Jun 20 13:21:43 2005 -0700"
      },
      "committer": {
        "name": "David S. Miller",
        "email": "davem@davemloft.net",
        "time": "Mon Jun 20 13:21:43 2005 -0700"
      },
      "message": "[IPSEC]: Add XFRM_STATE_NOPMTUDISC flag\n\nThis patch adds the flag XFRM_STATE_NOPMTUDISC for xfrm states.  It is\nsimilar to the nopmtudisc on IPIP/GRE tunnels.  It only has an effect\non IPv4 tunnel mode states.  For these states, it will ensure that the\nDF flag is always cleared.\n\nThis is primarily useful to work around ICMP blackholes.\n\nIn future this flag could also allow a larger MTU to be set within the\ntunnel just like IPIP/GRE tunnels.  This could be useful for short haul\ntunnels where temporary fragmentation outside the tunnel is desired over\nsmaller fragments inside the tunnel.\n\nSigned-off-by: Herbert Xu \u003cherbert@gondor.apana.org.au\u003e\nAcked-by: James Morris \u003cjmorris@redhat.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n"
    },
    {
      "commit": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
      "tree": "0bba044c4ce775e45a88a51686b5d9f90697ea9d",
      "parents": [],
      "author": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "message": "Linux-2.6.12-rc2\n\nInitial git repository build. I\u0027m not bothering with the full history,\neven though we have it. We can create a separate \"historical\" git\narchive of that later if we want to, and in the meantime it\u0027s about\n3.2GB when imported into git - space that would just make the early\ngit days unnecessarily complicated, when we don\u0027t have a lot of good\ninfrastructure for it.\n\nLet it rip!\n"
    }
  ]
}