)]}' { "log": [ { "commit": "b61c37f57988567c84359645f8202a7c84bc798a", "tree": "a808c891711d060060a751f4119198dc06e2c847", "parents": [ "3f0882c48286e7bdb0bbdec9c4bfa934e0db8e09" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Apr 02 15:48:12 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 03 09:49:59 2012 -0700" }, "message": "lsm_audit: don\u0027t specify the audit pre/post callbacks in \u0027struct common_audit_data\u0027\n\nIt just bloats the audit data structure for no good reason, since the\nonly time those fields are filled are just before calling the\ncommon_lsm_audit() function, which is also the only user of those\nfields.\n\nSo just make them be the arguments to common_lsm_audit(), rather than\nbloating that structure that is passed around everywhere, and is\ninitialized in hot paths.\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "3f0882c48286e7bdb0bbdec9c4bfa934e0db8e09", "tree": "20a7485417c8528d975ef4ff6e90467f63f67ab2", "parents": [ "f8294f1144ad0630075918df4bf94075f5384604" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Tue Apr 03 09:38:00 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 03 09:49:41 2012 -0700" }, "message": "SELinux: do not allocate stack space for AVC data unless needed\n\nInstead of declaring the entire selinux_audit_data on the stack when we\nstart an operation on declare it on the stack if we are going to use it.\nWe know it\u0027s usefulness at the end of the security decision and can declare\nit there.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "f8294f1144ad0630075918df4bf94075f5384604", "tree": "9c794bc9a5cbc688d3b6819d211df16b979a56c9", "parents": [ "7f6a47cf1477ffae9cff1d6ee181e2ce6bfb2f02" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 02 13:15:55 2012 -0400" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 03 09:49:10 2012 -0700" }, "message": "SELinux: remove avd from slow_avc_audit()\n\nWe don\u0027t use the argument, so remove it.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "7f6a47cf1477ffae9cff1d6ee181e2ce6bfb2f02", "tree": "55d2bfda38776aeed69b82cf0bd5b409744b4afd", "parents": [ "48c62af68a403ef1655546bd3e021070c8508573" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 02 13:15:50 2012 -0400" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 03 09:49:10 2012 -0700" }, "message": "SELinux: remove avd from selinux_audit_data\n\nWe do not use it. Remove it.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "48c62af68a403ef1655546bd3e021070c8508573", "tree": "ba938e4fb45d5bdaad2dad44071d0625f8e36945", "parents": [ "3b3b0e4fc15efa507b902d90cea39e496a523c3b" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 02 13:15:44 2012 -0400" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 03 09:49:10 2012 -0700" }, "message": "LSM: shrink the common_audit_data data union\n\nAfter shrinking the common_audit_data stack usage for private LSM data I\u0027m\nnot going to shrink the data union. To do this I\u0027m going to move anything\nlarger than 2 void * ptrs to it\u0027s own structure and require it to be declared\nseparately on the calling stack. Thus hot paths which don\u0027t need more than\na couple pointer don\u0027t have to declare space to hold large unneeded\nstructures. I could get this down to one void * by dealing with the key\nstruct and the struct path. We\u0027ll see if that is helpful after taking care of\nnetworking.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "3b3b0e4fc15efa507b902d90cea39e496a523c3b", "tree": "d7b91c21ad6c6f4ac21dd51297b74eec47c61684", "parents": [ "95694129b43165911dc4e8a972f0d39ad98d86be" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Tue Apr 03 09:37:02 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Apr 03 09:48:40 2012 -0700" }, "message": "LSM: shrink sizeof LSM specific portion of common_audit_data\n\nLinus found that the gigantic size of the common audit data caused a big\nperf hit on something as simple as running stat() in a loop. This patch\nrequires LSMs to declare the LSM specific portion separately rather than\ndoing it in a union. Thus each LSM can be responsible for shrinking their\nportion and don\u0027t have to pay a penalty just because other LSMs have a\nbigger space requirement.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "8bb1f229527dee95644e0f8496980bb767c6f620", "tree": "511551e9772f11f855bd5b759b6d449da47e8820", "parents": [ "f22e08a79f3765fecf060b225a46931c94fb0a92", "c0d0259481cc6ec2a38cad810055e455de35c733" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Mar 31 13:42:57 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Mar 31 13:42:57 2012 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs\n\nPull second try at vfs part d#2 from Al Viro:\n \"Miklos\u0027 first series (with do_lookup() rewrite split into edible\n chunks) + assorted bits and pieces.\n\n The \u0027untangling of do_lookup()\u0027 series is is a splitup of what used to\n be a monolithic patch from Miklos, so this series is basically \"how do\n I convince myself that his patch is correct (or find a hole in it)\".\n No holes found and I like the resulting cleanup, so in it went...\"\n\nChanges from try 1: Fix a boot problem with selinux, and commit messages\nprettied up a bit.\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (24 commits)\n vfs: fix out-of-date dentry_unhash() comment\n vfs: split __lookup_hash\n untangling do_lookup() - take __lookup_hash()-calling case out of line.\n untangling do_lookup() - switch to calling __lookup_hash()\n untangling do_lookup() - merge d_alloc_and_lookup() callers\n untangling do_lookup() - merge failure exits in !dentry case\n untangling do_lookup() - massage !dentry case towards __lookup_hash()\n untangling do_lookup() - get rid of need_reval in !dentry case\n untangling do_lookup() - eliminate a loop.\n untangling do_lookup() - expand the area under -\u003ei_mutex\n untangling do_lookup() - isolate !dentry stuff from the rest of it.\n vfs: move MAY_EXEC check from __lookup_hash()\n vfs: don\u0027t revalidate just looked up dentry\n vfs: fix d_need_lookup/d_revalidate order in do_lookup\n ext3: move headers to fs/ext3/\n migrate ext2_fs.h guts to fs/ext2/ext2.h\n new helper: ext2_image_size()\n get rid of pointless includes of ext2_fs.h\n ext2: No longer export ext2_fs.h to user space\n mtdchar: kill persistently held vfsmount\n ...\n" }, { "commit": "2f99c36986ff27a86f06f27212c5f5fa8c7164a3", "tree": "a90fd7fe865bb1c5a00b0946754b505bcf070b60", "parents": [ "4a165d25f63a989d0aabe9d8eed5b3a5d5da1862" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Fri Mar 23 16:04:05 2012 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sat Mar 31 16:03:15 2012 -0400" }, "message": "get rid of pointless includes of ext2_fs.h\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "a1c2aa1e86a25e7cace2ded47ec52754206a5733", "tree": "6d435240e757e9f83b4f9c42f98c69888f3b3928", "parents": [ "e152c38abaa92352679c9b53c4cce533c03997c6" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sun Mar 18 20:36:59 2012 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sat Mar 31 16:03:15 2012 -0400" }, "message": "selinuxfs: merge dentry allocation into sel_make_dir()\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "cdb0f9a1ad2ee3c11e21bc99f0c2021a02844666", "tree": "e4c2ea0b8c432645d1a28bdb694939b1e2891b30", "parents": [ "a554bea89948dfb6d2f9c4c62ce2b12b2dac18ad" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Mar 31 11:12:57 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Mar 31 11:24:22 2012 -0700" }, "message": "selinux: inline avc_audit() and avc_has_perm_noaudit() into caller\n\nNow that all the slow-path code is gone from these functions, we can\ninline them into the main caller - avc_has_perm_flags().\n\nNow the compiler can see that \u0027avc\u0027 is allocated on the stack for this\ncase, which helps register pressure a bit. It also actually shrinks the\ntotal stack frame, because the stack frame that avc_has_perm_flags()\nalways needed (for that \u0027avc\u0027 allocation) is now sufficient for the\ninlined functions too.\n\nInlining isn\u0027t bad - but mindless inlining of cold code (see the\nprevious commit) is.\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "a554bea89948dfb6d2f9c4c62ce2b12b2dac18ad", "tree": "f84e38fa7a54c1a678a14d7a65e583efac1cafa3", "parents": [ "fa2a4519cb6ad94224eb56a1341fff570fd44ea1" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Mar 31 10:58:08 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Mar 31 11:24:22 2012 -0700" }, "message": "selinux: don\u0027t inline slow-path code into avc_has_perm_noaudit()\n\nThe selinux AVC paths remain some of the hottest (and deepest) codepaths\nat filename lookup time, and we make it worse by having the slow path\ncases take up I$ and stack space even when they don\u0027t trigger. Gcc\ntends to always want to inline functions that are just called once -\nnever mind that this might make for slower and worse code in the caller.\n\nSo this tries to improve on it a bit by making the slow-path cases\nexplicitly separate functions that are marked noinline, causing gcc to\nat least no longer allocate stack space for them unless they are\nactually called. It also seems to help register allocation a tiny bit,\nsince gcc now doesn\u0027t take the slow case code into account.\n\nUninlining the slow path may also allow us to inline the remaining hot\npath into the one caller that actually matters: avc_has_perm_flags().\nI\u0027ll have to look at that separately, but both avc_audit() and\navc_has_perm_noaudit() are now small and lean enough that inlining them\nmay make sense.\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "a591afc01d9e48affbacb365558a31e53c85af45", "tree": "9bb91f4eb94ec69fc4706c4944788ec5f3586063", "parents": [ "820d41cf0cd0e94a5661e093821e2e5c6b36a9d8", "31796ac4e8f0e88f5c10f1ad6dab8f19bebe44a4" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Mar 29 18:12:23 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Mar 29 18:12:23 2012 -0700" }, "message": "Merge branch \u0027x86-x32-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip\n\nPull x32 support for x86-64 from Ingo Molnar:\n \"This tree introduces the X32 binary format and execution mode for x86:\n 32-bit data space binaries using 64-bit instructions and 64-bit kernel\n syscalls.\n\n This allows applications whose working set fits into a 32 bits address\n space to make use of 64-bit instructions while using a 32-bit address\n space with shorter pointers, more compressed data structures, etc.\"\n\nFix up trivial context conflicts in arch/x86/{Kconfig,vdso/vma.c}\n\n* \u0027x86-x32-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: (71 commits)\n x32: Fix alignment fail in struct compat_siginfo\n x32: Fix stupid ia32/x32 inversion in the siginfo format\n x32: Add ptrace for x32\n x32: Switch to a 64-bit clock_t\n x32: Provide separate is_ia32_task() and is_x32_task() predicates\n x86, mtrr: Use explicit sizing and padding for the 64-bit ioctls\n x86/x32: Fix the binutils auto-detect\n x32: Warn and disable rather than error if binutils too old\n x32: Only clear TIF_X32 flag once\n x32: Make sure TS_COMPAT is cleared for x32 tasks\n fs: Remove missed -\u003efds_bits from cessation use of fd_set structs internally\n fs: Fix close_on_exec pointer in alloc_fdtable\n x32: Drop non-__vdso weak symbols from the x32 VDSO\n x32: Fix coding style violations in the x32 VDSO code\n x32: Add x32 VDSO support\n x32: Allow x32 to be configured\n x32: If configured, add x32 system calls to system call tables\n x32: Handle process creation\n x32: Signal-related system calls\n x86: Add #ifdef CONFIG_COMPAT to \u003casm/sys_ia32.h\u003e\n ...\n" }, { "commit": "9ffc93f203c18a70623f21950f1dd473c9ec48cd", "tree": "1eb3536ae183b0bfbf7f5152a6fe4f430ae881c2", "parents": [ "96f951edb1f1bdbbc99b0cd458f9808bb83d58ae" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Wed Mar 28 18:30:03 2012 +0100" }, "committer": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Wed Mar 28 18:30:03 2012 +0100" }, "message": "Remove all #inclusions of asm/system.h\n\nRemove all #inclusions of asm/system.h preparatory to splitting and killing\nit. Performed with the following command:\n\nperl -p -i -e \u0027s!^#\\s*include\\s*\u003casm/system[.]h\u003e.*\\n!!\u0027 `grep -Irl \u0027^#\\s*include\\s*\u003casm/system[.]h\u003e\u0027 *`\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\n" }, { "commit": "778aae84ef694325662447eceba1a5f7d3eebdbb", "tree": "7bf3f7e682e220ce30afe3572332fb424a3761f2", "parents": [ "15e9b9b9ed268fa91e52c44d621f3d0296162d15" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Mon Mar 26 16:38:47 2012 +0100" }, "committer": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Mon Mar 26 16:38:47 2012 +0100" }, "message": "SELinux: selinux/xfrm.h needs net/flow.h\n\nselinux/xfrm.h needs to #include net/flow.h or else suffer:\n\nIn file included from security/selinux/ss/services.c:69:0:\nsecurity/selinux/include/xfrm.h: In function \u0027selinux_xfrm_notify_policyload\u0027:\nsecurity/selinux/include/xfrm.h:53:14: error: \u0027flow_cache_genid\u0027 undeclared (first use in this function)\nsecurity/selinux/include/xfrm.h:53:14: note: each undeclared identifier is reported only once for each function it appears in\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\n" }, { "commit": "48aab2f79dfc1357c48ce22ff5c989b52a590069", "tree": "7f690fe147bccc24b7a017845dbe9a99d7978b5f", "parents": [ "f7493e5d9cc10ac97cf1f1579fdc14117460b40b" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Mar 22 17:01:41 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Mar 22 17:01:41 2012 -0700" }, "message": "security: optimize avc_audit() common path\n\navc_audit() did a lot of jumping around and had a big stack frame, all\nfor the uncommon case.\n\nSplit up the uncommon case (which we really can\u0027t make go fast anyway)\ninto its own slow function, and mark the conditional branches\nappropriately for the common likely case.\n\nThis causes avc_audit() to no longer show up as one of the hottest\nfunctions on the branch profiles (the new \"perf -b\" thing), and makes\nthe cycle profiles look really nice and dense too.\n\nThe whole audit path is still annoyingly very much one of the biggest\ncosts of name lookup, so these things are worth optimizing for. I wish\nwe could just tell people to turn it off, but realistically we do need\nit: we just need to make sure that the overhead of the necessary evil is\nas low as possible.\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "1fd36adcd98c14d2fd97f545293c488775cb2823", "tree": "c13ab1934a15aebe0d81601d910ce5a3c6fa2c6f", "parents": [ "1dce27c5aa6770e9d195f2bb7db1db3d4dde5591" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Feb 16 17:49:54 2012 +0000" }, "committer": { "name": "H. Peter Anvin", "email": "hpa@zytor.com", "time": "Sun Feb 19 10:30:57 2012 -0800" }, "message": "Replace the fd_sets in struct fdtable with an array of unsigned longs\n\nReplace the fd_sets in struct fdtable with an array of unsigned longs and then\nuse the standard non-atomic bit operations rather than the FD_* macros.\n\nThis:\n\n (1) Removes the abuses of struct fd_set:\n\n (a) Since we don\u0027t want to allocate a full fd_set the vast majority of the\n \t time, we actually, in effect, just allocate a just-big-enough array of\n \t unsigned longs and cast it to an fd_set type - so why bother with the\n \t fd_set at all?\n\n (b) Some places outside of the core fdtable handling code (such as\n \t SELinux) want to look inside the array of unsigned longs hidden inside\n \t the fd_set struct for more efficient iteration over the entire set.\n\n (2) Eliminates the use of FD_*() macros in the kernel completely.\n\n (3) Permits the __FD_*() macros to be deleted entirely where not exposed to\n userspace.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nLink: http://lkml.kernel.org/r/20120216174954.23314.48147.stgit@warthog.procyon.org.uk\nSigned-off-by: H. Peter Anvin \u003chpa@zytor.com\u003e\nCc: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "4040153087478993cbf0809f444400a3c808074c", "tree": "2dc7af85b0cf930f1656553bd38410b8c16601a6", "parents": [ "191c542442fdf53cc3c496c00be13367fd9cd42d" ], "author": { "name": "Al Viro", "email": "viro@ftp.linux.org.uk", "time": "Mon Feb 13 03:58:52 2012 +0000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Feb 14 10:45:42 2012 +1100" }, "message": "security: trim security.h\n\nTrim security.h\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c49c41a4134679cecb77362e7f6b59acb6320aa7", "tree": "45e690c036ca5846a48c8be67945d1d841b2d96d", "parents": [ "892d208bcf79e4e1058707786a7b6d486697cd78", "f423e5ba76e7e4a6fcb4836b4f072d1fdebba8b5" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Jan 14 18:36:33 2012 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Jan 14 18:36:33 2012 -0800" }, "message": "Merge branch \u0027for-linus\u0027 of git://selinuxproject.org/~jmorris/linux-security\n\n* \u0027for-linus\u0027 of git://selinuxproject.org/~jmorris/linux-security:\n capabilities: remove __cap_full_set definition\n security: remove the security_netlink_recv hook as it is equivalent to capable()\n ptrace: do not audit capability check when outputing /proc/pid/stat\n capabilities: remove task_ns_* functions\n capabitlies: ns_capable can use the cap helpers rather than lsm call\n capabilities: style only - move capable below ns_capable\n capabilites: introduce new has_ns_capabilities_noaudit\n capabilities: call has_ns_capability from has_capability\n capabilities: remove all _real_ interfaces\n capabilities: introduce security_capable_noaudit\n capabilities: reverse arguments to security_capable\n capabilities: remove the task from capable LSM hook entirely\n selinux: sparse fix: fix several warnings in the security server cod\n selinux: sparse fix: fix warnings in netlink code\n selinux: sparse fix: eliminate warnings for selinuxfs\n selinux: sparse fix: declare selinux_disable() in security.h\n selinux: sparse fix: move selinux_complete_init\n selinux: sparse fix: make selinux_secmark_refcount static\n SELinux: Fix RCU deref check warning in sel_netport_insert()\n\nManually fix up a semantic mis-merge wrt security_netlink_recv():\n\n - the interface was removed in commit fd7784615248 (\"security: remove\n the security_netlink_recv hook as it is equivalent to capable()\")\n\n - a new user of it appeared in commit a38f7907b926 (\"crypto: Add\n userspace configuration API\")\n\ncausing no automatic merge conflict, but Eric Paris pointed out the\nissue.\n" }, { "commit": "e7691a1ce341c80ed9504244a36b31c025217391", "tree": "e9941bb350f64a726130e299c411821da6f41a53", "parents": [ "5cd9599bba428762025db6027764f1c59d0b1e1b", "8fcc99549522fc7a0bbaeb5755855ab0d9a59ce8" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 10 21:51:23 2012 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jan 10 21:51:23 2012 -0800" }, "message": "Merge branch \u0027for-linus\u0027 of git://selinuxproject.org/~jmorris/linux-security\n\n* \u0027for-linus\u0027 of git://selinuxproject.org/~jmorris/linux-security: (32 commits)\n ima: fix invalid memory reference\n ima: free duplicate measurement memory\n security: update security_file_mmap() docs\n selinux: Casting (void *) value returned by kmalloc is useless\n apparmor: fix module parameter handling\n Security: tomoyo: add .gitignore file\n tomoyo: add missing rcu_dereference()\n apparmor: add missing rcu_dereference()\n evm: prevent racing during tfm allocation\n evm: key must be set once during initialization\n mpi/mpi-mpow: NULL dereference on allocation failure\n digsig: build dependency fix\n KEYS: Give key types their own lockdep class for key-\u003esem\n TPM: fix transmit_cmd error logic\n TPM: NSC and TIS drivers X86 dependency fix\n TPM: Export wait_for_stat for other vendor specific drivers\n TPM: Use vendor specific function for status probe\n tpm_tis: add delay after aborting command\n tpm_tis: Check return code from getting timeouts/durations\n tpm: Introduce function to poll for result of self test\n ...\n\nFix up trivial conflict in lib/Makefile due to addition of CONFIG_MPI\nand SIGSIG next to CONFIG_DQL addition.\n" }, { "commit": "8fcc99549522fc7a0bbaeb5755855ab0d9a59ce8", "tree": "a118eaef15d4ba22247f45ee01537ecc906cd161", "parents": [ "805a6af8dba5dfdd35ec35dc52ec0122400b2610", "7b7e5916aa2f46e57f8bd8cb89c34620ebfda5da" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jan 09 12:16:48 2012 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jan 09 12:16:48 2012 +1100" }, "message": "Merge branch \u0027next\u0027 into for-linus\n\nConflicts:\n\tsecurity/integrity/evm/evm_crypto.c\n\nResolved upstream fix vs. next conflict manually.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "972b2c719990f91eb3b2310d44ef8a2d38955a14", "tree": "b25a250ec5bec4b7b6355d214642d8b57c5cab32", "parents": [ "02550d61f49266930e674286379d3601006b2893", "c3aa077648e147783a7a53b409578234647db853" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Jan 08 12:19:57 2012 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Jan 08 12:19:57 2012 -0800" }, "message": "Merge branch \u0027for-linus2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs\n\n* \u0027for-linus2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (165 commits)\n reiserfs: Properly display mount options in /proc/mounts\n vfs: prevent remount read-only if pending removes\n vfs: count unlinked inodes\n vfs: protect remounting superblock read-only\n vfs: keep list of mounts for each superblock\n vfs: switch -\u003eshow_options() to struct dentry *\n vfs: switch -\u003eshow_path() to struct dentry *\n vfs: switch -\u003eshow_devname() to struct dentry *\n vfs: switch -\u003eshow_stats to struct dentry *\n switch security_path_chmod() to struct path *\n vfs: prefer -\u003edentry-\u003ed_sb to -\u003emnt-\u003emnt_sb\n vfs: trim includes a bit\n switch mnt_namespace -\u003eroot to struct mount\n vfs: take /proc/*/mounts and friends to fs/proc_namespace.c\n vfs: opencode mntget() mnt_set_mountpoint()\n vfs: spread struct mount - remaining argument of next_mnt()\n vfs: move fsnotify junk to struct mount\n vfs: move mnt_devname\n vfs: move mnt_list to struct mount\n vfs: switch pnode.h macros to struct mount *\n ...\n" }, { "commit": "d8c9584ea2a92879f471fd3a2be3af6c534fb035", "tree": "3541b9c6228f820bdc65e4875156eb27b1c91cb1", "parents": [ "ece2ccb668046610189d88d6aaf05aeb09c988a1" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Dec 07 18:16:57 2011 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Fri Jan 06 23:16:53 2012 -0500" }, "message": "vfs: prefer -\u003edentry-\u003ed_sb to -\u003emnt-\u003emnt_sb\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "fd778461524849afd035679030ae8e8873c72b81", "tree": "32a5849c1879413fce0307af304e372eaa8225b4", "parents": [ "69f594a38967f4540ce7a29b3fd214e68a8330bd" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Tue Jan 03 12:25:16 2012 -0500" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Jan 05 18:53:01 2012 -0500" }, "message": "security: remove the security_netlink_recv hook as it is equivalent to capable()\n\nOnce upon a time netlink was not sync and we had to get the effective\ncapabilities from the skb that was being received. Today we instead get\nthe capabilities from the current task. This has rendered the entire\npurpose of the hook moot as it is now functionally equivalent to the\ncapable() call.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "69f594a38967f4540ce7a29b3fd214e68a8330bd", "tree": "dff25b5f5ef0736fb63b08729bec4ff57062c13f", "parents": [ "f1c84dae0ecc51aa35c81f19a0ebcd6c0921ddcb" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Tue Jan 03 12:25:15 2012 -0500" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Jan 05 18:53:00 2012 -0500" }, "message": "ptrace: do not audit capability check when outputing /proc/pid/stat\n\nReading /proc/pid/stat of another process checks if one has ptrace permissions\non that process. If one does have permissions it outputs some data about the\nprocess which might have security and attack implications. If the current\ntask does not have ptrace permissions the read still works, but those fields\nare filled with inocuous (0) values. Since this check and a subsequent denial\nis not a violation of the security policy we should not audit such denials.\n\nThis can be quite useful to removing ptrace broadly across a system without\nflooding the logs when ps is run or something which harmlessly walks proc.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Serge E. Hallyn \u003cserge.hallyn@canonical.com\u003e\n" }, { "commit": "6a9de49115d5ff9871d953af1a5c8249e1585731", "tree": "eee3700ccc2ce26c566bfe99129e646fac9f983e", "parents": [ "2653812e14f4e16688ec8247d7fd290bdbbc4747" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Tue Jan 03 12:25:14 2012 -0500" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Jan 05 18:52:53 2012 -0500" }, "message": "capabilities: remove the task from capable LSM hook entirely\n\nThe capabilities framework is based around credentials, not necessarily the\ncurrent task. Yet we still passed the current task down into LSMs from the\nsecurity_capable() LSM hook as if it was a meaningful portion of the security\ndecision. This patch removes the \u0027generic\u0027 passing of current and instead\nforces individual LSMs to use current explicitly if they think it is\nappropriate. In our case those LSMs are SELinux and AppArmor.\n\nI believe the AppArmor use of current is incorrect, but that is wholely\nunrelated to this patch. This patch does not change what AppArmor does, it\njust makes it clear in the AppArmor code that it is doing it.\n\nThe SELinux code still uses current in it\u0027s audit message, which may also be\nwrong and needs further investigation. Again this is NOT a change, it may\nhave always been wrong, this patch just makes it clear what is happening.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "2653812e14f4e16688ec8247d7fd290bdbbc4747", "tree": "dabb2238a76e000b37374c69901afd6f99479631", "parents": [ "02f5daa563456c1ff3c3422aa3ec00e67460f762" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Aug 30 14:19:02 2011 +1000" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Jan 05 18:52:52 2012 -0500" }, "message": "selinux: sparse fix: fix several warnings in the security server cod\n\nFix several sparse warnings in the SELinux security server code.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "02f5daa563456c1ff3c3422aa3ec00e67460f762", "tree": "b2394602c587815aae9f1b07ac272302800d9288", "parents": [ "e8a65a3f67f8a85802c0a0250e48c4c4652d0da0" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Aug 30 14:18:06 2011 +1000" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Jan 05 18:52:51 2012 -0500" }, "message": "selinux: sparse fix: fix warnings in netlink code\n\nFix sparse warnings in SELinux Netlink code.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "e8a65a3f67f8a85802c0a0250e48c4c4652d0da0", "tree": "4f9b55cac61209b6b4f15a1e20396a15a4444b11", "parents": [ "6063c0461b947c26a77674f33a3409eb99e15d2f" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Aug 30 14:17:34 2011 +1000" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Jan 05 18:52:50 2012 -0500" }, "message": "selinux: sparse fix: eliminate warnings for selinuxfs\n\nFixes several sparse warnings for selinuxfs.c\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "6063c0461b947c26a77674f33a3409eb99e15d2f", "tree": "2ac98e4a0a5fa7f6da95e6c5978684da215b4277", "parents": [ "5c884c1d4ac955987e84acf2d36c0f160536aca4" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Aug 30 14:12:13 2011 +1000" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Jan 05 18:52:50 2012 -0500" }, "message": "selinux: sparse fix: declare selinux_disable() in security.h\n\nSparse fix: declare selinux_disable() in security.h\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "5c884c1d4ac955987e84acf2d36c0f160536aca4", "tree": "a4d19da174e193a7844788846c53c25948ed2a54", "parents": [ "b46610caba4bd9263afd07c7ef7a79974550554a" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Aug 30 14:16:24 2011 +1000" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Jan 05 18:52:49 2012 -0500" }, "message": "selinux: sparse fix: move selinux_complete_init\n\nSparse fix: move selinux_complete_init\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "b46610caba4bd9263afd07c7ef7a79974550554a", "tree": "3f1edce9d24e9e7af2661ab4c2eeae744beb183c", "parents": [ "94d4ef0c2b3e6c799f78d223e233254a870c4559" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Aug 30 14:11:24 2011 +1000" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Jan 05 18:52:48 2012 -0500" }, "message": "selinux: sparse fix: make selinux_secmark_refcount static\n\nSparse fix: make selinux_secmark_refcount static.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "dba19c6064766730dd64757a010ec3aec503ecdb", "tree": "2071835ccfcb169b6219be7d5a4692fcfdcbd2c5", "parents": [ "1b9d5ff7644ddf2723c9205f4726c95ec01bf033" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Jul 25 20:49:29 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:55:12 2012 -0500" }, "message": "get rid of open-coded S_ISREG(), etc.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "1a67aafb5f72a436ca044293309fa7e6351d6a35", "tree": "d9e58600148de9d41b478cf815773b746647d15b", "parents": [ "4acdaf27ebe2034c342f3be57ef49aed1ad885ef" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 26 01:52:52 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:54:54 2012 -0500" }, "message": "switch -\u003emknod() to umode_t\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "4acdaf27ebe2034c342f3be57ef49aed1ad885ef", "tree": "d89a876ee19cd88609a587f8aa6c464a52ee6d98", "parents": [ "18bb1db3e7607e4a997d50991a6f9fa5b0f8722c" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 26 01:42:34 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:54:53 2012 -0500" }, "message": "switch -\u003ecreate() to umode_t\n\nvfs_create() ignores everything outside of 16bit subset of its\nmode argument; switching it to umode_t is obviously equivalent\nand it\u0027s the only caller of the method\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "18bb1db3e7607e4a997d50991a6f9fa5b0f8722c", "tree": "4ee4e584bc9a67f3ec14ce159d2d7d4a27e68d4a", "parents": [ "8208a22bb8bd3c52ef634b4ff194f14892ab1713" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jul 26 01:41:39 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jan 03 22:54:53 2012 -0500" }, "message": "switch vfs_mkdir() and -\u003emkdir() to umode_t\n\nvfs_mkdir() gets int, but immediately drops everything that might not\nfit into umode_t and that\u0027s the only caller of -\u003emkdir()...\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "abb434cb0539fb355c1c921f8fd761efbbac3462", "tree": "24a7d99ec161f8fd4dc9ff03c9c4cc93be883ce6", "parents": [ "2494654d4890316e7340fb8b3458daad0474a1b9", "6350323ad8def2ac00d77cdee3b79c9b9fba75c4" ], "author": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Fri Dec 23 17:13:56 2011 -0500" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Fri Dec 23 17:13:56 2011 -0500" }, "message": "Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net\n\nConflicts:\n\tnet/bluetooth/l2cap_core.c\n\nJust two overlapping changes, one added an initialization of\na local variable, and another change added a new local variable.\n\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "50345f1ea9cda4618d9c26e590a97ecd4bc7ac75", "tree": "57b03dc68f894df468a3ca3c3929e1aff48bd6c2", "parents": [ "428f32817505f67992e8efe62d6a9c7cbb3f2498" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Tue Dec 13 14:49:04 2011 +0000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Dec 21 11:28:56 2011 +1100" }, "message": "SELinux: Fix RCU deref check warning in sel_netport_insert()\n\nFix the following bug in sel_netport_insert() where rcu_dereference() should\nbe rcu_dereference_protected() as sel_netport_lock is held.\n\n\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n[ INFO: suspicious rcu_dereference_check() usage. ]\n---------------------------------------------------\nsecurity/selinux/netport.c:127 invoked rcu_dereference_check() without protection!\n\nother info that might help us debug this:\n\nrcu_scheduler_active \u003d 1, debug_locks \u003d 0\n1 lock held by ossec-rootcheck/3323:\n #0: (sel_netport_lock){+.....}, at: [\u003cffffffff8117d775\u003e] sel_netport_sid+0xbb/0x226\n\nstack backtrace:\nPid: 3323, comm: ossec-rootcheck Not tainted 3.1.0-rc8-fsdevel+ #1095\nCall Trace:\n [\u003cffffffff8105cfb7\u003e] lockdep_rcu_dereference+0xa7/0xb0\n [\u003cffffffff8117d871\u003e] sel_netport_sid+0x1b7/0x226\n [\u003cffffffff8117d6ba\u003e] ? sel_netport_avc_callback+0xbc/0xbc\n [\u003cffffffff8117556c\u003e] selinux_socket_bind+0x115/0x230\n [\u003cffffffff810a5388\u003e] ? might_fault+0x4e/0x9e\n [\u003cffffffff810a53d1\u003e] ? might_fault+0x97/0x9e\n [\u003cffffffff81171cf4\u003e] security_socket_bind+0x11/0x13\n [\u003cffffffff812ba967\u003e] sys_bind+0x56/0x95\n [\u003cffffffff81380dac\u003e] ? sysret_check+0x27/0x62\n [\u003cffffffff8105b767\u003e] ? trace_hardirqs_on_caller+0x11e/0x155\n [\u003cffffffff81076fcd\u003e] ? audit_syscall_entry+0x17b/0x1ae\n [\u003cffffffff811b5eae\u003e] ? trace_hardirqs_on_thunk+0x3a/0x3f\n [\u003cffffffff81380d7b\u003e] system_call_fastpath+0x16/0x1b\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: Paul Moore \u003cpaul@paul-moore.com\u003e\nAcked-by: Eric Dumazet \u003ceric.dumazet@gmail.com\u003e\nCc: stable@kernel.org\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "94d4ef0c2b3e6c799f78d223e233254a870c4559", "tree": "ffb88af7d64d99e6adfe8b78b2f3dc751447dc64", "parents": [ "c3b92c8787367a8bb53d57d9789b558f1295cc96" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Wed Oct 05 12:19:19 2011 +0100" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Tue Dec 20 14:38:53 2011 -0500" }, "message": "SELinux: Fix RCU deref check warning in sel_netport_insert()\n\nFix the following bug in sel_netport_insert() where rcu_dereference() should\nbe rcu_dereference_protected() as sel_netport_lock is held.\n\n\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n[ INFO: suspicious rcu_dereference_check() usage. ]\n---------------------------------------------------\nsecurity/selinux/netport.c:127 invoked rcu_dereference_check() without protection!\n\nother info that might help us debug this:\n\nrcu_scheduler_active \u003d 1, debug_locks \u003d 0\n1 lock held by ossec-rootcheck/3323:\n #0: (sel_netport_lock){+.....}, at: [\u003cffffffff8117d775\u003e] sel_netport_sid+0xbb/0x226\n\nstack backtrace:\nPid: 3323, comm: ossec-rootcheck Not tainted 3.1.0-rc8-fsdevel+ #1095\nCall Trace:\n [\u003cffffffff8105cfb7\u003e] lockdep_rcu_dereference+0xa7/0xb0\n [\u003cffffffff8117d871\u003e] sel_netport_sid+0x1b7/0x226\n [\u003cffffffff8117d6ba\u003e] ? sel_netport_avc_callback+0xbc/0xbc\n [\u003cffffffff8117556c\u003e] selinux_socket_bind+0x115/0x230\n [\u003cffffffff810a5388\u003e] ? might_fault+0x4e/0x9e\n [\u003cffffffff810a53d1\u003e] ? might_fault+0x97/0x9e\n [\u003cffffffff81171cf4\u003e] security_socket_bind+0x11/0x13\n [\u003cffffffff812ba967\u003e] sys_bind+0x56/0x95\n [\u003cffffffff81380dac\u003e] ? sysret_check+0x27/0x62\n [\u003cffffffff8105b767\u003e] ? trace_hardirqs_on_caller+0x11e/0x155\n [\u003cffffffff81076fcd\u003e] ? audit_syscall_entry+0x17b/0x1ae\n [\u003cffffffff811b5eae\u003e] ? trace_hardirqs_on_thunk+0x3a/0x3f\n [\u003cffffffff81380d7b\u003e] system_call_fastpath+0x16/0x1b\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: Eric Dumazet \u003ceric.dumazet@gmail.com\u003e\nAcked-by: Paul Moore \u003cpaul@paul-moore.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "2ff6fa8fafd6fa94029fa0558a6b85956930f1f5", "tree": "b9e12bb9ef1a92c68bb459ae82fa4e76629bcfca", "parents": [ "b8aa09fd880eb4c2881b9f3c8a8d09c0404cd4eb" ], "author": { "name": "Thomas Meyer", "email": "thomas@m3y3r.de", "time": "Thu Nov 17 23:43:40 2011 +0100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Dec 19 11:23:56 2011 +1100" }, "message": "selinux: Casting (void *) value returned by kmalloc is useless\n\nThe semantic patch that makes this change is available\nin scripts/coccinelle/api/alloc/drop_kmalloc_cast.cocci.\n\nSigned-off-by: Thomas Meyer \u003cthomas@m3y3r.de\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7f1fb60c4fc9fb29fbb406ac8c4cfb4e59e168d6", "tree": "c099fd6899f382c439e29aed54c912ee95453324", "parents": [ "d5f43c1ea4260807a894150b680fa0a0dd386259" ], "author": { "name": "Pavel Emelyanov", "email": "xemul@parallels.com", "time": "Tue Dec 06 07:56:43 2011 +0000" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Tue Dec 06 13:57:36 2011 -0500" }, "message": "inet_diag: Partly rename inet_ to sock_\n\nThe ultimate goal is to get the sock_diag module, that works in\nfamily+protocol terms. Currently this is suitable to do on the\ninet_diag basis, so rename parts of the code. It will be moved\nto sock_diag.c later.\n\nSigned-off-by: Pavel Emelyanov \u003cxemul@parallels.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "75f2811c6460ccc59d83c66059943ce9c9f81a18", "tree": "49373cf5f5b11358aeb587209ad270496f751609", "parents": [ "396cf9430505cfba529a2f2a037d782719fa5844" ], "author": { "name": "Jesse Gross", "email": "jesse@nicira.com", "time": "Wed Nov 30 17:05:51 2011 -0800" }, "committer": { "name": "Jesse Gross", "email": "jesse@nicira.com", "time": "Sat Dec 03 09:35:10 2011 -0800" }, "message": "ipv6: Add fragment reporting to ipv6_skip_exthdr().\n\nWhile parsing through IPv6 extension headers, fragment headers are\nskipped making them invisible to the caller. This reports the\nfragment offset of the last header in order to make it possible to\ndetermine whether the packet is fragmented and, if so whether it is\na first or last fragment.\n\nSigned-off-by: Jesse Gross \u003cjesse@nicira.com\u003e\n" }, { "commit": "4e3fd7a06dc20b2d8ec6892233ad2012968fe7b6", "tree": "da3fbec7672ac6b967dfa31cec6c88f468a57fa2", "parents": [ "40ba84993d66469d336099c5af74c3da5b73e28d" ], "author": { "name": "Alexey Dobriyan", "email": "adobriyan@gmail.com", "time": "Mon Nov 21 03:39:03 2011 +0000" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Tue Nov 22 16:43:32 2011 -0500" }, "message": "net: remove ipv6_addr_copy()\n\nC assignment can handle struct in6_addr copying.\n\nSigned-off-by: Alexey Dobriyan \u003cadobriyan@gmail.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "24942c8e5cc8696064ee207ff29d4cf21f70dafc", "tree": "08a8221eb72ec3da7746d7d76f6f5915ce77cde7", "parents": [ "e163bc8e4a0cd1cdffadb58253f7651201722d56", "ff0ff78068dd8a962358dbbdafa9d6f24540d3e5" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Nov 16 12:39:48 2011 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Nov 16 12:39:48 2011 +1100" }, "message": "Merge branch \u0027master\u0027; commit \u0027v3.2-rc2\u0027 into next\n" }, { "commit": "af7ff2c2c45e6c6d533dd968709732da3d1d48f8", "tree": "5c3809af634ee633d351c04d7201324d7da4ca82", "parents": [ "59df3166ef293288d164ab3362a717743e62d20c" ], "author": { "name": "Andy Shevchenko", "email": "andriy.shevchenko@linux.intel.com", "time": "Tue Nov 15 15:11:41 2011 -0800" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Nov 16 11:30:26 2011 +1100" }, "message": "selinuxfs: remove custom hex_to_bin()\n\nSigned-off-by: Andy Shevchenko \u003candriy.shevchenko@linux.intel.com\u003e\nCc: Eric Paris \u003ceparis@parisplace.org\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "44fc7ea0bfe9143551649a42eb35f1460566c3c5", "tree": "7cfceedba653c69db90912427d140da996ab4f09", "parents": [ "a6ee87790b708dc4cdd3643104417793f0d985ec" ], "author": { "name": "Paul Gortmaker", "email": "paul.gortmaker@windriver.com", "time": "Thu May 26 20:52:10 2011 -0400" }, "committer": { "name": "Paul Gortmaker", "email": "paul.gortmaker@windriver.com", "time": "Mon Oct 31 19:31:32 2011 -0400" }, "message": "selinux: Add export.h to files using EXPORT_SYMBOL/THIS_MODULE\n\nThe pervasive, but implicit presence of \u003clinux/module.h\u003e meant\nthat things like this file would happily compile as-is. But\nwith the desire to phase out the module.h being included everywhere,\npoint this file at export.h which will give it THIS_MODULE and\nthe EXPORT_SYMBOL variants.\n\nSigned-off-by: Paul Gortmaker \u003cpaul.gortmaker@windriver.com\u003e\n" }, { "commit": "7b98a5857c3fa86cb0a7e5f893643491a8b5b425", "tree": "9e8b83d35a9c70f2c02853de808184871df3aba9", "parents": [ "0ff53f5ddbaebeac1c2735125901275acc1fecc6" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Aug 30 12:52:32 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 09 16:56:32 2011 -0700" }, "message": "selinux: sparse fix: fix several warnings in the security server code\n\nFix several sparse warnings in the SELinux security server code.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0ff53f5ddbaebeac1c2735125901275acc1fecc6", "tree": "7ceff5b004c1ae4e873002dc59be1ae6c4e7de14", "parents": [ "6a3fbe81179c85eb53054a0f4c8423ffec0276a7" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Aug 30 12:36:39 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 09 16:56:32 2011 -0700" }, "message": "selinux: sparse fix: include selinux.h in exports.c\n\nFix warning:\nsecurity/selinux/exports.c:18:6: warning: symbol \u0027selinux_is_enabled\u0027 was not declared. Should it be static?\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "6a3fbe81179c85eb53054a0f4c8423ffec0276a7", "tree": "b281fee66a005236bbdedf5f22eeacc37669ba4a", "parents": [ "ad3fa08c4ff84ed87649d72e8497735c85561a3d" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Aug 30 12:09:15 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 09 16:56:31 2011 -0700" }, "message": "selinux: sparse fix: fix warnings in netlink code\n\nFix sparse warnings in SELinux Netlink code.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "ad3fa08c4ff84ed87649d72e8497735c85561a3d", "tree": "e6f22e6d42cf52c689e983be42b9292180564446", "parents": [ "d5813a571876c72766f125b1c6e63414f6822c28" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Aug 30 10:50:12 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 09 16:56:30 2011 -0700" }, "message": "selinux: sparse fix: eliminate warnings for selinuxfs\n\nFixes several sparse warnings for selinuxfs.c\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "58982b74832917405a483a22beede729e3175376", "tree": "fc6fa24b9cf15490de54501125ac08049abb5ea0", "parents": [ "cc59a582d6081b296e481b8bc9676b5c2faad818" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Aug 17 11:17:14 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 09 16:56:26 2011 -0700" }, "message": "selinux: sparse fix: declare selinux_disable() in security.h\n\nSparse fix: declare selinux_disable() in security.h\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "cc59a582d6081b296e481b8bc9676b5c2faad818", "tree": "5ed00269cea7ffef573c78e854a6369a32842437", "parents": [ "56a4ca996181b94b30e6b46509dc28e4ca3cc3f8" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Aug 17 11:13:31 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 09 16:56:26 2011 -0700" }, "message": "selinux: sparse fix: move selinux_complete_init\n\nSparse fix: move selinux_complete_init\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "56a4ca996181b94b30e6b46509dc28e4ca3cc3f8", "tree": "ff238902759365d93b9ca8739f370fd3ba0f8659", "parents": [ "3417d8d5d4d584bd73e2f6265f7a06b51e4a70a1" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Aug 17 11:08:43 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 09 16:56:25 2011 -0700" }, "message": "selinux: sparse fix: make selinux_secmark_refcount static\n\nSparse fix: make selinux_secmark_refcount static.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "82c21bfab41a77bc01affe21bea9727d776774a7", "tree": "b0c5850be07c7f6d747df389f8f15780887da630", "parents": [ "87a0874cf19f1bc9bd25bd7d053a0ea25ccf8373" ], "author": { "name": "Paul Moore", "email": "paul.moore@hp.com", "time": "Mon Aug 01 11:10:33 2011 +0000" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Mon Aug 01 17:58:33 2011 -0700" }, "message": "doc: Update the email address for Paul Moore in various source files\n\nMy @hp.com will no longer be valid starting August 5, 2011 so an update is\nnecessary. My new email address is employer independent so we don\u0027t have\nto worry about doing this again any time soon.\n\nSigned-off-by: Paul Moore \u003cpaul.moore@hp.com\u003e\nSigned-off-by: Paul Moore \u003cpaul@paul-moore.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "60063497a95e716c9a689af3be2687d261f115b4", "tree": "6ce0d68db76982c53df46aee5f29f944ebf2c320", "parents": [ "148817ba092f9f6edd35bad3c6c6b8e8f90fe2ed" ], "author": { "name": "Arun Sharma", "email": "asharma@fb.com", "time": "Tue Jul 26 16:09:06 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jul 26 16:49:47 2011 -0700" }, "message": "atomic: use \u003clinux/atomic.h\u003e\n\nThis allows us to move duplicated code in \u003casm/atomic.h\u003e\n(atomic_inc_not_zero() for now) to \u003clinux/atomic.h\u003e\n\nSigned-off-by: Arun Sharma \u003casharma@fb.com\u003e\nReviewed-by: Eric Dumazet \u003ceric.dumazet@gmail.com\u003e\nCc: Ingo Molnar \u003cmingo@elte.hu\u003e\nCc: David Miller \u003cdavem@davemloft.net\u003e\nCc: Eric Dumazet \u003ceric.dumazet@gmail.com\u003e\nAcked-by: Mike Frysinger \u003cvapier@gentoo.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "423e0ab086ad8b33626e45fa94ac7613146b7ffa", "tree": "249c9337a02254fe5dbede7436f78dfcc1ec508f", "parents": [ "bbd9d6f7fbb0305c9a592bf05a32e87eb364a4ff" ], "author": { "name": "Tim Chen", "email": "tim.c.chen@linux.intel.com", "time": "Tue Jul 19 09:32:38 2011 -0700" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sun Jul 24 10:08:32 2011 -0400" }, "message": "VFS : mount lock scalability for internal mounts\n\nFor a number of file systems that don\u0027t have a mount point (e.g. sockfs\nand pipefs), they are not marked as long term. Therefore in\nmntput_no_expire, all locks in vfs_mount lock are taken instead of just\nlocal cpu\u0027s lock to aggregate reference counts when we release\nreference to file objects. In fact, only local lock need to have been\ntaken to update ref counts as these file systems are in no danger of\ngoing away until we are ready to unregister them.\n\nThe attached patch marks file systems using kern_mount without\nmount point as long term. The contentions of vfs_mount lock\nis now eliminated. Before un-registering such file system,\nkern_unmount should be called to remove the long term flag and\nmake the mount point ready to be freed.\n\nSigned-off-by: Tim Chen \u003ctim.c.chen@linux.intel.com\u003e\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "bbd9d6f7fbb0305c9a592bf05a32e87eb364a4ff", "tree": "12b2bb4202b05f6ae6a43c6ce830a0472043dbe5", "parents": [ "8e204874db000928e37199c2db82b7eb8966cc3c", "5a9a43646cf709312d71eca71cef90ad802f28f9" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 19:02:39 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 19:02:39 2011 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: (107 commits)\n vfs: use ERR_CAST for err-ptr tossing in lookup_instantiate_filp\n isofs: Remove global fs lock\n jffs2: fix IN_DELETE_SELF on overwriting rename() killing a directory\n fix IN_DELETE_SELF on overwriting rename() on ramfs et.al.\n mm/truncate.c: fix build for CONFIG_BLOCK not enabled\n fs:update the NOTE of the file_operations structure\n Remove dead code in dget_parent()\n AFS: Fix silly characters in a comment\n switch d_add_ci() to d_splice_alias() in \"found negative\" case as well\n simplify gfs2_lookup()\n jfs_lookup(): don\u0027t bother with . or ..\n get rid of useless dget_parent() in btrfs rename() and link()\n get rid of useless dget_parent() in fs/btrfs/ioctl.c\n fs: push i_mutex and filemap_write_and_wait down into -\u003efsync() handlers\n drivers: fix up various -\u003ellseek() implementations\n fs: handle SEEK_HOLE/SEEK_DATA properly in all fs\u0027s that define their own llseek\n Ext4: handle SEEK_HOLE/SEEK_DATA generically\n Btrfs: implement our own -\u003ellseek\n fs: add SEEK_HOLE and SEEK_DATA flags\n reiserfs: make reiserfs default to barrier\u003dflush\n ...\n\nFix up trivial conflicts in fs/xfs/linux-2.6/xfs_super.c due to the new\nshrinker callout for the inode cache, that clashed with the xfs code to\nstart the periodic workers later.\n" }, { "commit": "0342cbcfced2ee937d7c8e1c63f3d3082da7c7dc", "tree": "fb98291d321a50de2dfd99f9bcaa33274f0c3952", "parents": [ "391d6276db9fbdedfbc30e1b56390414f0e55988", "7f70893173b056df691b2ee7546bb44fd9abae6a" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 16:44:08 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 16:44:08 2011 -0700" }, "message": "Merge branch \u0027core-rcu-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip\n\n* \u0027core-rcu-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip:\n rcu: Fix wrong check in list_splice_init_rcu()\n net,rcu: Convert call_rcu(xt_rateest_free_rcu) to kfree_rcu()\n sysctl,rcu: Convert call_rcu(free_head) to kfree\n vmalloc,rcu: Convert call_rcu(rcu_free_vb) to kfree_rcu()\n vmalloc,rcu: Convert call_rcu(rcu_free_va) to kfree_rcu()\n ipc,rcu: Convert call_rcu(ipc_immediate_free) to kfree_rcu()\n ipc,rcu: Convert call_rcu(free_un) to kfree_rcu()\n security,rcu: Convert call_rcu(sel_netport_free) to kfree_rcu()\n security,rcu: Convert call_rcu(sel_netnode_free) to kfree_rcu()\n ia64,rcu: Convert call_rcu(sn_irq_info_free) to kfree_rcu()\n block,rcu: Convert call_rcu(disk_free_ptbl_rcu_cb) to kfree_rcu()\n scsi,rcu: Convert call_rcu(fc_rport_free_rcu) to kfree_rcu()\n audit_tree,rcu: Convert call_rcu(__put_tree) to kfree_rcu()\n security,rcu: Convert call_rcu(whitelist_item_free) to kfree_rcu()\n md,rcu: Convert call_rcu(free_conf) to kfree_rcu()\n" }, { "commit": "8209f53d79444747782a28520187abaf689761f2", "tree": "726270ea29e037f026d77a99787b9d844531ac42", "parents": [ "22a3b9771117d566def0150ea787fcc95f16e724", "eac1b5e57d7abc836e78fd3fbcf77dbeed01edc9" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 15:06:50 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Jul 22 15:06:50 2011 -0700" }, "message": "Merge branch \u0027ptrace\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/oleg/misc\n\n* \u0027ptrace\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/oleg/misc: (39 commits)\n ptrace: do_wait(traced_leader_killed_by_mt_exec) can block forever\n ptrace: fix ptrace_signal() \u0026\u0026 STOP_DEQUEUED interaction\n connector: add an event for monitoring process tracers\n ptrace: dont send SIGSTOP on auto-attach if PT_SEIZED\n ptrace: mv send-SIGSTOP from do_fork() to ptrace_init_task()\n ptrace_init_task: initialize child-\u003ejobctl explicitly\n has_stopped_jobs: s/task_is_stopped/SIGNAL_STOP_STOPPED/\n ptrace: make former thread ID available via PTRACE_GETEVENTMSG after PTRACE_EVENT_EXEC stop\n ptrace: wait_consider_task: s/same_thread_group/ptrace_reparented/\n ptrace: kill real_parent_is_ptracer() in in favor of ptrace_reparented()\n ptrace: ptrace_reparented() should check same_thread_group()\n redefine thread_group_leader() as exit_signal \u003e\u003d 0\n do not change dead_task-\u003eexit_signal\n kill task_detached()\n reparent_leader: check EXIT_DEAD instead of task_detached()\n make do_notify_parent() __must_check, update the callers\n __ptrace_detach: avoid task_detached(), check do_notify_parent()\n kill tracehook_notify_death()\n make do_notify_parent() return bool\n ptrace: s/tracehook_tracer_task()/ptrace_parent()/\n ...\n" }, { "commit": "449a68cc656fddeda448e324c57062a19cf451b9", "tree": "d192d6582aa8a93f8e84d3b1784340c03b9d0b0e", "parents": [ "9801c60e99ed76c5730fb290c00bfad12a419972" ], "author": { "name": "Lai Jiangshan", "email": "laijs@cn.fujitsu.com", "time": "Fri Mar 18 12:05:57 2011 +0800" }, "committer": { "name": "Paul E. McKenney", "email": "paulmck@linux.vnet.ibm.com", "time": "Wed Jul 20 14:10:15 2011 -0700" }, "message": "security,rcu: Convert call_rcu(sel_netport_free) to kfree_rcu()\n\nThe rcu callback sel_netport_free() just calls a kfree(),\nso we use kfree_rcu() instead of the call_rcu(sel_netport_free).\n\nSigned-off-by: Lai Jiangshan \u003claijs@cn.fujitsu.com\u003e\nSigned-off-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Eric Paris \u003ceparis@parisplace.org\u003e\nReviewed-by: Josh Triplett \u003cjosh@joshtriplett.org\u003e\n" }, { "commit": "9801c60e99ed76c5730fb290c00bfad12a419972", "tree": "4c010680b33015e237f0761a3a3c79d180f13857", "parents": [ "f218a7ee7a1c37058eef4bb5fefff9bdb0f52766" ], "author": { "name": "Lai Jiangshan", "email": "laijs@cn.fujitsu.com", "time": "Fri Mar 18 12:05:22 2011 +0800" }, "committer": { "name": "Paul E. McKenney", "email": "paulmck@linux.vnet.ibm.com", "time": "Wed Jul 20 14:10:14 2011 -0700" }, "message": "security,rcu: Convert call_rcu(sel_netnode_free) to kfree_rcu()\n\nThe rcu callback sel_netnode_free() just calls a kfree(),\nso we use kfree_rcu() instead of the call_rcu(sel_netnode_free).\n\nSigned-off-by: Lai Jiangshan \u003claijs@cn.fujitsu.com\u003e\nSigned-off-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Eric Paris \u003ceparis@parisplace.org\u003e\nReviewed-by: Josh Triplett \u003cjosh@joshtriplett.org\u003e\n" }, { "commit": "cf1dd1dae851ce5765cda5de16aa965eef7c2dbf", "tree": "5ee564e56eca307701ce155e30a2cbb05b9937e3", "parents": [ "e74f71eb78a4a8b9eaf1bc65f20f761648e85f76" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Jun 20 19:44:08 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Jul 20 01:43:27 2011 -0400" }, "message": "selinux: don\u0027t transliterate MAY_NOT_BLOCK to IPERM_FLAG_RCU\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "e74f71eb78a4a8b9eaf1bc65f20f761648e85f76", "tree": "7bc7fc1344f5ed6e3ce8132b36125ef5cec6407c", "parents": [ "10556cb21a0d0b24d95f00ea6df16f599a3345b2" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Jun 20 19:38:15 2011 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Jul 20 01:43:26 2011 -0400" }, "message": "-\u003epermission() sanitizing: don\u0027t pass flags to -\u003einode_permission()\n\npass that via mask instead.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "06d984737bac0545fe20bb5447ee488b95adb531", "tree": "b8d89d21a53c28a025dd42598bc3406e25db5ba8", "parents": [ "4b9d33e6d83cc05a8005a8f9a8b9677fa0f53626" ], "author": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Fri Jun 17 16:50:40 2011 +0200" }, "committer": { "name": "Oleg Nesterov", "email": "oleg@redhat.com", "time": "Wed Jun 22 19:26:29 2011 +0200" }, "message": "ptrace: s/tracehook_tracer_task()/ptrace_parent()/\n\ntracehook.h is on the way out. Rename tracehook_tracer_task() to\nptrace_parent() and move it from tracehook.h to ptrace.h.\n\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\nCc: Christoph Hellwig \u003chch@infradead.org\u003e\nCc: John Johansen \u003cjohn.johansen@canonical.com\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Oleg Nesterov \u003coleg@redhat.com\u003e\n" }, { "commit": "82b88bb24e28dd4fb4bec30e75412f41326130f0", "tree": "61b1d0eb6ae6059e879571517a0f36bcffdabf34", "parents": [ "60b8b1de0dd2bf246f0e074d287bb3f0bc42a755", "ded509880f6a0213b09f8ae7bef84acb16eaccbf" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 15 09:41:48 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 15 09:41:48 2011 +1000" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.infradead.org/users/eparis/selinux into for-linus\n" }, { "commit": "ded509880f6a0213b09f8ae7bef84acb16eaccbf", "tree": "ac8819a1b23a13b0f04ca34ab2983040c9d66e99", "parents": [ "0f7e4c33eb2c40b1e9cc24d2eab6de5921bc619c" ], "author": { "name": "Roy.Li", "email": "rongqing.li@windriver.com", "time": "Fri May 20 10:38:06 2011 +0800" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Tue Jun 14 12:58:51 2011 -0400" }, "message": "SELinux: skip file_name_trans_write() when policy downgraded.\n\nWhen policy version is less than POLICYDB_VERSION_FILENAME_TRANS,\nskip file_name_trans_write().\n\nSigned-off-by: Roy.Li \u003crongqing.li@windriver.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "95f4efb2d78661065aaf0be57f5bf00e4d2aea1d", "tree": "e344402e6428194515a0550ef30cf7cb8eeb0fdf", "parents": [ "4c1f683a4a343808536a5617ede85dfc34430472" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Jun 08 15:11:56 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Jun 08 15:11:56 2011 -0700" }, "message": "selinux: simplify and clean up inode_has_perm()\n\nThis is a rather hot function that is called with a potentially NULL\n\"struct common_audit_data\" pointer argument. And in that case it has to\nprovide and initialize its own dummy common_audit_data structure.\n\nHowever, all the _common_ cases already pass it a real audit-data\nstructure, so that uncommon NULL case not only creates a silly run-time\ntest, more importantly it causes that function to have a big stack frame\nfor the dummy variable that isn\u0027t even used in the common case!\n\nSo get rid of that stupid run-time behavior, and make the (few)\nfunctions that currently call with a NULL pointer just call a new helper\nfunction instead (naturally called inode_has_perm_noapd(), since it has\nno adp argument).\n\nThis makes the run-time test be a static code generation issue instead,\nand allows for a much denser stack since none of the common callers need\nthe dummy structure. And a denser stack not only means less stack space\nusage, it means better cache behavior. So we have a win-win-win from\nthis simplification: less code executed, smaller stack footprint, and\nbetter cache behavior.\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "f01e1af445fac107e91d62a2d59dd535f633810b", "tree": "f5da7e4162f0a6f4bb50e4cb41f6a06c672f66b0", "parents": [ "bc9bc72e2f9bb07384c00604d1a40d0b5f62be6c" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue May 24 13:48:51 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 26 18:13:57 2011 -0700" }, "message": "selinux: don\u0027t pass in NULL avd to avc_has_perm_noaudit\n\nRight now security_get_user_sids() will pass in a NULL avd pointer to\navc_has_perm_noaudit(), which then forces that function to have a dummy\nentry for that case and just generally test it.\n\nDon\u0027t do it. The normal callers all pass a real avd pointer, and this\nhelper function is incredibly hot. So don\u0027t make avc_has_perm_noaudit()\ndo conditional stuff that isn\u0027t needed for the common case.\n\nThis also avoids some duplicated stack space.\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "0f7e4c33eb2c40b1e9cc24d2eab6de5921bc619c", "tree": "793c5f834751215dfc93b05540fa9ed46c64ee07", "parents": [ "ea77f7a2e8561012cf100c530170f12351c3b53e" ], "author": { "name": "Kohei Kaigai", "email": "Kohei.Kaigai@emea.nec.com", "time": "Thu May 26 14:59:25 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu May 26 17:20:53 2011 -0400" }, "message": "selinux: fix case of names with whitespace/multibytes on /selinux/create\n\nI submit the patch again, according to patch submission convension.\n\nThis patch enables to accept percent-encoded object names as forth\nargument of /selinux/create interface to avoid possible bugs when we\ngive an object name including whitespace or multibutes.\n\nE.g) if and when a userspace object manager tries to create a new object\n named as \"resolve.conf but fake\", it shall give this name as the forth\n argument of the /selinux/create. But sscanf() logic in kernel space\n fetches only the part earlier than the first whitespace.\n In this case, selinux may unexpectedly answer a default security context\n configured to \"resolve.conf\", but it is bug.\n\nAlthough I could not test this patch on named TYPE_TRANSITION rules\nactually, But debug printk() message seems to me the logic works\ncorrectly.\nI assume the libselinux provides an interface to apply this logic\ntransparently, so nothing shall not be changed from the viewpoint of\napplication.\n\nSigned-off-by: KaiGai Kohei \u003ckohei.kaigai@emea.nec.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "ea77f7a2e8561012cf100c530170f12351c3b53e", "tree": "7302ac1064f4e364aadda84020a176804fb86e22", "parents": [ "7a627e3b9a2bd0f06945bbe64bcf403e788ecf6e", "61c4f2c81c61f73549928dfd9f3e8f26aa36a8cf" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu May 26 17:20:14 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu May 26 17:20:14 2011 -0400" }, "message": "Merge commit \u0027v2.6.39\u0027 into 20110526\n\nConflicts:\n\tlib/flex_array.c\n\tsecurity/selinux/avc.c\n\tsecurity/selinux/hooks.c\n\tsecurity/selinux/ss/policydb.c\n\tsecurity/smack/smack_lsm.c\n" }, { "commit": "b7b57551bbda1390959207f79f2038aa7adb72ae", "tree": "d591a08e7e45615b51d8b5ee1634a29920f62c3f", "parents": [ "434d42cfd05a7cc452457a81d2029540cba12150", "7a627e3b9a2bd0f06945bbe64bcf403e788ecf6e" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue May 24 23:20:19 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue May 24 23:20:19 2011 +1000" }, "message": "Merge branch \u0027master\u0027 of git://git.infradead.org/users/eparis/selinux into for-linus\n\nConflicts:\n\tlib/flex_array.c\n\tsecurity/selinux/avc.c\n\tsecurity/selinux/hooks.c\n\tsecurity/selinux/ss/policydb.c\n\tsecurity/smack/smack_lsm.c\n\nManually resolve conflicts.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "57d19e80f459dd845fb3cfeba8e6df8471bac142", "tree": "8254766715720228db3d50f1ef3c7fe003c06d65", "parents": [ "ee9ec4f82049c678373a611ce20ac67fe9ad836e", "e64851f5a0ad6ec991f74ebb3108c35aa0323d5f" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon May 23 09:12:26 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon May 23 09:12:26 2011 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (39 commits)\n b43: fix comment typo reqest -\u003e request\n Haavard Skinnemoen has left Atmel\n cris: typo in mach-fs Makefile\n Kconfig: fix copy/paste-ism for dell-wmi-aio driver\n doc: timers-howto: fix a typo (\"unsgined\")\n perf: Only include annotate.h once in tools/perf/util/ui/browsers/annotate.c\n md, raid5: Fix spelling error in comment (\u0027Ofcourse\u0027 --\u003e \u0027Of course\u0027).\n treewide: fix a few typos in comments\n regulator: change debug statement be consistent with the style of the rest\n Revert \"arm: mach-u300/gpio: Fix mem_region resource size miscalculations\"\n audit: acquire creds selectively to reduce atomic op overhead\n rtlwifi: don\u0027t touch with treewide double semicolon removal\n treewide: cleanup continuations and remove logging message whitespace\n ath9k_hw: don\u0027t touch with treewide double semicolon removal\n include/linux/leds-regulator.h: fix syntax in example code\n tty: fix typo in descripton of tty_termios_encode_baud_rate\n xtensa: remove obsolete BKL kernel option from defconfig\n m68k: fix comment typo \u0027occcured\u0027\n arch:Kconfig.locks Remove unused config option.\n treewide: remove extra semicolons\n ...\n" }, { "commit": "257313b2a87795e07a0bdf58d0fffbdba8b31051", "tree": "ff5043526b0381cdc1f1f68d3c6f8ed3635e0ddb", "parents": [ "044aea9b83614948c98564000db07d1d32b2d29b" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 21:22:53 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 21:22:53 2011 -0700" }, "message": "selinux: avoid unnecessary avc cache stat hit count\n\nThere is no point in counting hits - we can calculate it from the number\nof lookups and misses.\n\nThis makes the avc statistics a bit smaller, and makes the code\ngeneration better too.\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "044aea9b83614948c98564000db07d1d32b2d29b", "tree": "b1f13ed2f4bb0bd40f7915a89aafaf449b6145cd", "parents": [ "39ab05c8e0b519ff0a04a869f065746e6e8c3d95" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 18:59:47 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 18:59:47 2011 -0700" }, "message": "selinux: de-crapify avc cache stat code generation\n\nYou can turn off the avc cache stats, but distributions seem to not do\nthat (perhaps because several performance tuning how-to\u0027s talk about the\navc cache statistics).\n\nWhich is sad, because the code it generates is truly horrendous, with\nthe statistics update being sandwitched between get_cpu/put_cpu which in\nturn causes preemption disables etc. We\u0027re talking ten+ instructions\njust to increment a per-cpu variable in some pretty hot code.\n\nFix the craziness by just using \u0027this_cpu_inc()\u0027 instead. Suddenly we\nonly need a single \u0027inc\u0027 instruction to increment the statistics. This\nis quite noticeable in the incredibly hot avc_has_perm_noaudit()\nfunction (which triggers all the statistics by virtue of doing an\navc_lookup() call).\n\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "eb04f2f04ed1227c266b3219c0aaeda525639718", "tree": "7f224483a3cd0e439cd64a8666ec9dc5ed178a3d", "parents": [ "5765040ebfc9a28d9dcfaaaaf3d25840d922de96", "80d02085d99039b3b7f3a73c8896226b0cb1ba07" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 18:14:34 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu May 19 18:14:34 2011 -0700" }, "message": "Merge branch \u0027core-rcu-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip\n\n* \u0027core-rcu-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: (78 commits)\n Revert \"rcu: Decrease memory-barrier usage based on semi-formal proof\"\n net,rcu: convert call_rcu(prl_entry_destroy_rcu) to kfree\n batman,rcu: convert call_rcu(softif_neigh_free_rcu) to kfree_rcu\n batman,rcu: convert call_rcu(neigh_node_free_rcu) to kfree()\n batman,rcu: convert call_rcu(gw_node_free_rcu) to kfree_rcu\n net,rcu: convert call_rcu(kfree_tid_tx) to kfree_rcu()\n net,rcu: convert call_rcu(xt_osf_finger_free_rcu) to kfree_rcu()\n net/mac80211,rcu: convert call_rcu(work_free_rcu) to kfree_rcu()\n net,rcu: convert call_rcu(wq_free_rcu) to kfree_rcu()\n net,rcu: convert call_rcu(phonet_device_rcu_free) to kfree_rcu()\n perf,rcu: convert call_rcu(swevent_hlist_release_rcu) to kfree_rcu()\n perf,rcu: convert call_rcu(free_ctx) to kfree_rcu()\n net,rcu: convert call_rcu(__nf_ct_ext_free_rcu) to kfree_rcu()\n net,rcu: convert call_rcu(net_generic_release) to kfree_rcu()\n net,rcu: convert call_rcu(netlbl_unlhsh_free_addr6) to kfree_rcu()\n net,rcu: convert call_rcu(netlbl_unlhsh_free_addr4) to kfree_rcu()\n security,rcu: convert call_rcu(sel_netif_free) to kfree_rcu()\n net,rcu: convert call_rcu(xps_dev_maps_release) to kfree_rcu()\n net,rcu: convert call_rcu(xps_map_release) to kfree_rcu()\n net,rcu: convert call_rcu(rps_map_release) to kfree_rcu()\n ...\n" }, { "commit": "ca7d12000895ae5dfef8b8ff2648a0d50abd397c", "tree": "259fb1e473ef6129b9fa5faf771c9e811ab572c4", "parents": [ "411f05f123cbd7f8aa1edcae86970755a6e2a9d9", "93826c092c385549c04af184fbebd43f36995c69" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri May 13 09:52:16 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri May 13 09:52:16 2011 +1000" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.infradead.org/users/eparis/selinux into for-linus\n" }, { "commit": "93826c092c385549c04af184fbebd43f36995c69", "tree": "20f77a85a74a24ed3418da8818e12b439f70fc81", "parents": [ "bf69d41d198138e3c601e9a6645f4f1369aff7e0" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 07 14:46:59 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu May 12 16:02:42 2011 -0400" }, "message": "SELinux: delete debugging printks from filename_trans rule processing\n\nThe filename_trans rule processing has some printk(KERN_ERR ) messages\nwhich were intended as debug aids in creating the code but weren\u0027t removed\nbefore it was submitted. Remove them.\n\nReported-by: Paul Bolle \u003cpebolle@tiscali.nl\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "7a627e3b9a2bd0f06945bbe64bcf403e788ecf6e", "tree": "5d79dfee7868debdf428640477adce32be10968f", "parents": [ "2875fa00830be62431f5ac22d8f85d57f9fa3033" ], "author": { "name": "Greg Kroah-Hartman", "email": "gregkh@suse.de", "time": "Tue May 10 15:34:16 2011 -0700" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Wed May 11 12:58:09 2011 -0400" }, "message": "SELINUX: add /sys/fs/selinux mount point to put selinuxfs\n\nIn the interest of keeping userspace from having to create new root\nfilesystems all the time, let\u0027s follow the lead of the other in-kernel\nfilesystems and provide a proper mount point for it in sysfs.\n\nFor selinuxfs, this mount point should be in /sys/fs/selinux/\n\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Eric Paris \u003ceparis@parisplace.org\u003e\nCc: Lennart Poettering \u003cmzerqung@0pointer.de\u003e\nCc: Daniel J Walsh \u003cdwalsh@redhat.com\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@suse.de\u003e\n[include kobject.h - Eric Paris]\n[use selinuxfs_obj throughout - Eric Paris]\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "690273fc70e94a07d70044881e5e52926301bcd3", "tree": "f72c7942fb91d74e9f18ab169c213a21f1b40505", "parents": [ "b55071eb6011413af3b9c434ae77dea8832069c8" ], "author": { "name": "Lai Jiangshan", "email": "laijs@cn.fujitsu.com", "time": "Fri Mar 18 12:03:19 2011 +0800" }, "committer": { "name": "Paul E. McKenney", "email": "paulmck@linux.vnet.ibm.com", "time": "Sat May 07 22:51:05 2011 -0700" }, "message": "security,rcu: convert call_rcu(sel_netif_free) to kfree_rcu()\n\nThe rcu callback sel_netif_free() just calls a kfree(),\nso we use kfree_rcu() instead of the call_rcu(sel_netif_free).\n\nSigned-off-by: Lai Jiangshan \u003claijs@cn.fujitsu.com\u003e\nAcked-by: David S. Miller \u003cdavem@davemloft.net\u003e\nSigned-off-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nReviewed-by: Josh Triplett \u003cjosh@joshtriplett.org\u003e\n" }, { "commit": "6f239284542bae297d27355d06afbb8df23c5db9", "tree": "b0ba42fb54cd05178c61584e0913be38a57f0384", "parents": [ "609cfda586c7fe3e5d1a02c51edb587506294167", "bf69d41d198138e3c601e9a6645f4f1369aff7e0" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed May 04 11:59:34 2011 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed May 04 11:59:34 2011 +1000" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.infradead.org/users/eparis/selinux into for-linus\n" }, { "commit": "5d30b10bd68df007e7ae21e77d1e0ce184b53040", "tree": "61d97a80d0fac7c6dfd97db7040fedd75771adda", "parents": [ "cb1e922fa104bb0bb3aa5fc6ca7f7e070f3b55e9" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:55:52 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 16:12:47 2011 -0400" }, "message": "flex_array: flex_array_prealloc takes a number of elements, not an end\n\nChange flex_array_prealloc to take the number of elements for which space\nshould be allocated instead of the last (inclusive) element. Users\nand documentation are updated accordingly. flex_arrays got introduced before\nthey had users. When folks started using it, they ended up needing a\ndifferent API than was coded up originally. This swaps over to the API that\nfolks apparently need.\n\nBased-on-patch-by: Steffen Klassert \u003csteffen.klassert@secunet.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nTested-by: Chris Richards \u003cgizmo@giz-works.com\u003e\nAcked-by: Dave Hansen \u003cdave@linux.vnet.ibm.com\u003e\nCc: stable@kernel.org [2.6.38+]\n" }, { "commit": "cb1e922fa104bb0bb3aa5fc6ca7f7e070f3b55e9", "tree": "c776ceca8e63dd8de70f242fe6883320004884eb", "parents": [ "fe3fa43039d47ee4e22caf460b79b62a14937f79" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 16:12:41 2011 -0400" }, "message": "SELinux: pass last path component in may_create\n\nNew inodes are created in a two stage process. We first will compute the\nlabel on a new inode in security_inode_create() and check if the\noperation is allowed. We will then actually re-compute that same label and\napply it in security_inode_init_security(). The change to do new label\ncalculations based in part on the last component of the path name only\npassed the path component information all the way down the\nsecurity_inode_init_security hook. Down the security_inode_create hook the\npath information did not make it past may_create. Thus the two calculations\ncame up differently and the permissions check might not actually be against\nthe label that is created. Pass and use the same information in both places\nto harmonize the calculations and checks.\n\nReported-by: Dominick Grift \u003cdomg472@gmail.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "2875fa00830be62431f5ac22d8f85d57f9fa3033", "tree": "541fdb15e39711fb1ad901223d823421c7b77526", "parents": [ "a8d05c81fb238bbb18878ccfae7599ca79448dd3" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 16:04:24 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 16:09:59 2011 -0400" }, "message": "SELinux: introduce path_has_perm\n\nWe currently have inode_has_perm and dentry_has_perm. dentry_has_perm just\ncalls inode_has_perm with additional audit data. But dentry_has_perm can\ntake either a dentry or a path. Split those to make the code obvious and\nto fix the previous problem where I thought dentry_has_perm always had a\nvalid dentry and mnt.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "5a3ea8782c63d3501cb764c176f153c0d9a400e1", "tree": "3ff57105c8c3f3ad696b29511d1cf69f434caeab", "parents": [ "562abf624175e3f8487b7f064e516805e437e597" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:55:52 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:56:06 2011 -0400" }, "message": "flex_array: flex_array_prealloc takes a number of elements, not an end\n\nChange flex_array_prealloc to take the number of elements for which space\nshould be allocated instead of the last (inclusive) element. Users\nand documentation are updated accordingly. flex_arrays got introduced before\nthey had users. When folks started using it, they ended up needing a\ndifferent API than was coded up originally. This swaps over to the API that\nfolks apparently need.\n\nBased-on-patch-by: Steffen Klassert \u003csteffen.klassert@secunet.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nTested-by: Chris Richards \u003cgizmo@giz-works.com\u003e\nAcked-by: Dave Hansen \u003cdave@linux.vnet.ibm.com\u003e\nCc: stable@kernel.org [2.6.38+]\n" }, { "commit": "562abf624175e3f8487b7f064e516805e437e597", "tree": "75e52d8f8f91fc42c28ca2e0b7196b9fd16c25e0", "parents": [ "2463c26d50adc282d19317013ba0ff473823ca47" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:54 2011 -0400" }, "message": "SELinux: pass last path component in may_create\n\nNew inodes are created in a two stage process. We first will compute the\nlabel on a new inode in security_inode_create() and check if the\noperation is allowed. We will then actually re-compute that same label and\napply it in security_inode_init_security(). The change to do new label\ncalculations based in part on the last component of the path name only\npassed the path component information all the way down the\nsecurity_inode_init_security hook. Down the security_inode_create hook the\npath information did not make it past may_create. Thus the two calculations\ncame up differently and the permissions check might not actually be against\nthe label that is created. Pass and use the same information in both places\nto harmonize the calculations and checks.\n\nReported-by: Dominick Grift \u003cdomg472@gmail.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "2463c26d50adc282d19317013ba0ff473823ca47", "tree": "e92438150bb380c0dc0867b00f1ae89f73646b2a", "parents": [ "3f058ef7787e1b48720622346de9a5317aeb749a" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:53 2011 -0400" }, "message": "SELinux: put name based create rules in a hashtable\n\nTo shorten the list we need to run if filename trans rules exist for the type\nof the given parent directory I put them in a hashtable. Given the policy we\nare expecting to use in Fedora this takes the worst case list run from about\n5,000 entries to 17.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "3f058ef7787e1b48720622346de9a5317aeb749a", "tree": "3cfdfa068b6eae4716f3be7d02f44bbd15e64573", "parents": [ "be30b16d43f4781406de0c08c96501dae4cc5a77" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:52 2011 -0400" }, "message": "SELinux: generic hashtab entry counter\n\nInstead of a hashtab entry counter function only useful for range\ntransition rules make a function generic for any hashtable to use.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "be30b16d43f4781406de0c08c96501dae4cc5a77", "tree": "957792a2eae5f16a87b79f4ca8aa434b6fa9c7de", "parents": [ "03a4c0182a156547edd5f2717c1702590fe36bbf" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:52 2011 -0400" }, "message": "SELinux: calculate and print hashtab stats with a generic function\n\nWe have custom debug functions like rangetr_hash_eval and symtab_hash_eval\nwhich do the same thing. Just create a generic function that takes the name\nof the hash table as an argument instead of having custom functions.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "03a4c0182a156547edd5f2717c1702590fe36bbf", "tree": "c4585fab7c37d4eb2cc46e93c925e7c2a5e7b1a2", "parents": [ "2667991f60e67d28c495b8967aaabf84b4ccd560" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:21 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:52 2011 -0400" }, "message": "SELinux: skip filename trans rules if ttype does not match parent dir\n\nRight now we walk to filename trans rule list for every inode that is\ncreated. First passes at policy using this facility creates around 5000\nfilename trans rules. Running a list of 5000 entries every time is a bad\nidea. This patch adds a new ebitmap to policy which has a bit set for each\nttype that has at least 1 filename trans rule. Thus when an inode is\ncreated we can quickly determine if any rules exist for this parent\ndirectory type and can skip the list if we know there is definitely no\nrelevant entry.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2667991f60e67d28c495b8967aaabf84b4ccd560", "tree": "893c006121f2be1b44e270fc5b43d8f94435dc81", "parents": [ "4742600cf536c0c115b6f769eda82ee377d199c9" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:20 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:51 2011 -0400" }, "message": "SELinux: rename filename_compute_type argument to *type instead of *con\n\nfilename_compute_type() takes as arguments the numeric value of the type of\nthe subject and target. It does not take a context. Thus the names are\nmisleading. Fix the argument names.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "4742600cf536c0c115b6f769eda82ee377d199c9", "tree": "599922c770c628c3d484ee7460fe1fc361c3c509", "parents": [ "92f4250901476fcadc4f52ace36e453c61f5591d" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:11:20 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 28 15:15:51 2011 -0400" }, "message": "SELinux: fix comment to state filename_compute_type takes an objname not a qstr\n\nfilename_compute_type used to take a qstr, but it now takes just a name.\nFix the comments to indicate it is an objname, not a qstr.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "07f9479a40cc778bc1462ada11f95b01360ae4ff", "tree": "0676cf38df3844004bb3ebfd99dfa67a4a8998f5", "parents": [ "9d5e6bdb3013acfb311ab407eeca0b6a6a3dedbf", "cd2e49e90f1cae7726c9a2c54488d881d7f1cd1c" ], "author": { "name": "Jiri Kosina", "email": "jkosina@suse.cz", "time": "Tue Apr 26 10:22:15 2011 +0200" }, "committer": { "name": "Jiri Kosina", "email": "jkosina@suse.cz", "time": "Tue Apr 26 10:22:59 2011 +0200" }, "message": "Merge branch \u0027master\u0027 into for-next\n\nFast-forwarded to current state of Linus\u0027 tree as there are patches to be\napplied for files that didn\u0027t exist on the old branch.\n" }, { "commit": "9ade0cf440a1e5800dc68eef2e77b8d9d83a6dff", "tree": "17a06970af5a26cd340b785a894f20f262335575", "parents": [ "1879fd6a26571fd4e8e1f4bb3e7537bc936b1fe7" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 25 16:26:29 2011 -0400" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Apr 25 18:16:32 2011 -0700" }, "message": "SELINUX: Make selinux cache VFS RCU walks safe\n\nNow that the security modules can decide whether they support the\ndcache RCU walk or not it\u0027s possible to make selinux a bit more\nRCU friendly. The SELinux AVC and security server access decision\ncode is RCU safe. A specific piece of the LSM audit code may not\nbe RCU safe.\n\nThis patch makes the VFS RCU walk retry if it would hit the non RCU\nsafe chunk of code. It will normally just work under RCU. This is\ndone simply by passing the VFS RCU state as a flag down into the\navc_audit() code and returning ECHILD there if it would have an issue.\n\nBased-on-patch-by: Andi Kleen \u003cak@linux.intel.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "a269434d2fb48a4d66c1d7bf821b7874b59c5b41", "tree": "9c84b5f3e9f3adb3dd4a7e9da2b72dd7fe7eec49", "parents": [ "f48b7399840b453e7282b523f535561fe9638a2d" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 25 13:10:27 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 25 18:14:07 2011 -0400" }, "message": "LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATH\n\nThis patch separates and audit message that only contains a dentry from\none that contains a full path. This allows us to make it harder to\nmisuse the interfaces or for the interfaces to be implemented wrong.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "f48b7399840b453e7282b523f535561fe9638a2d", "tree": "29eed009469d35473367708ea60b9c5b01fc0c5f", "parents": [ "0dc1ba24f7fff659725eecbba2c9ad679a0954cd" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 25 12:54:27 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 25 18:13:15 2011 -0400" }, "message": "LSM: split LSM_AUDIT_DATA_FS into _PATH and _INODE\n\nThe lsm common audit code has wacky contortions making sure which pieces\nof information are set based on if it was given a path, dentry, or\ninode. Split this into path and inode to get rid of some of the code\ncomplexity.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "0dc1ba24f7fff659725eecbba2c9ad679a0954cd", "tree": "ad5831b52b38ca8157dd3ba4e5dfb75768bd372f", "parents": [ "1c9904297451f558191e211a48d8838b4bf792b0" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 21 17:23:20 2011 -0700" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 25 16:24:41 2011 -0400" }, "message": "SELINUX: Make selinux cache VFS RCU walks safe\n\nNow that the security modules can decide whether they support the\ndcache RCU walk or not it\u0027s possible to make selinux a bit more\nRCU friendly. The SELinux AVC and security server access decision\ncode is RCU safe. A specific piece of the LSM audit code may not\nbe RCU safe.\n\nThis patch makes the VFS RCU walk retry if it would hit the non RCU\nsafe chunk of code. It will normally just work under RCU. This is\ndone simply by passing the VFS RCU state as a flag down into the\navc_audit() code and returning ECHILD there if it would have an issue.\n\nBased-on-patch-by: Andi Kleen \u003cak@linux.intel.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "1c9904297451f558191e211a48d8838b4bf792b0", "tree": "9c7cabec6ce3d6604147de73953cfaca672f1c0d", "parents": [ "6b697323a78bed254ee372f71b1a6a2901bb4b7a" ], "author": { "name": "Andi Kleen", "email": "ak@linux.intel.com", "time": "Thu Apr 21 17:23:19 2011 -0700" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 25 10:20:32 2011 -0400" }, "message": "SECURITY: Move exec_permission RCU checks into security modules\n\nRight now all RCU walks fall back to reference walk when CONFIG_SECURITY\nis enabled, even though just the standard capability module is active.\nThis is because security_inode_exec_permission unconditionally fails\nRCU walks.\n\nMove this decision to the low level security module. This requires\npassing the RCU flags down the security hook. This way at least\nthe capability module and a few easy cases in selinux/smack work\nwith RCU walks with CONFIG_SECURITY\u003dy\n\nSigned-off-by: Andi Kleen \u003cak@linux.intel.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" }, { "commit": "6b697323a78bed254ee372f71b1a6a2901bb4b7a", "tree": "ef1282bd99f549074253b33deeb6436809566ad4", "parents": [ "a35c6c8368d88deae6890205e73ed330b6df1db7" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Wed Apr 20 10:21:28 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 25 10:19:02 2011 -0400" }, "message": "SELinux: security_read_policy should take a size_t not ssize_t\n\nThe len should be an size_t but is a ssize_t. Easy enough fix to silence\nbuild warnings. We have no need for signed-ness.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a35c6c8368d88deae6890205e73ed330b6df1db7", "tree": "f61c3da7460bb5ab39353404456d92e005e9000e", "parents": [ "425b473de5372cad6fffc6b98a758ed8e3fc70ce" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Wed Apr 20 10:21:28 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Mon Apr 25 10:18:27 2011 -0400" }, "message": "SELinux: silence build warning when !CONFIG_BUG\n\nIf one builds a kernel without CONFIG_BUG there are a number of \u0027may be\nused uninitialized\u0027 warnings. Silence these by returning after the BUG().\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "8c9e80ed276fc4b9c9fadf29d8bf6b3576112f1a", "tree": "7595dd217545593675d40f85cfb11d69697a8300", "parents": [ "8d082f8f3fb89e8a1fcb5120ad98cd9860c8a3e8" ], "author": { "name": "Andi Kleen", "email": "ak@linux.intel.com", "time": "Thu Apr 21 17:23:19 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Apr 22 16:17:29 2011 -0700" }, "message": "SECURITY: Move exec_permission RCU checks into security modules\n\nRight now all RCU walks fall back to reference walk when CONFIG_SECURITY\nis enabled, even though just the standard capability module is active.\nThis is because security_inode_exec_permission unconditionally fails\nRCU walks.\n\nMove this decision to the low level security module. This requires\npassing the RCU flags down the security hook. This way at least\nthe capability module and a few easy cases in selinux/smack work\nwith RCU walks with CONFIG_SECURITY\u003dy\n\nSigned-off-by: Andi Kleen \u003cak@linux.intel.com\u003e\nAcked-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "425b473de5372cad6fffc6b98a758ed8e3fc70ce", "tree": "532811d99d68d2ba58bc111b33a959ddb8a1a1e2", "parents": [ "1214eac73f798bccabc6adb55e7b2d787527c13c" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Apr 07 14:46:59 2011 -0400" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Wed Apr 20 11:45:14 2011 -0400" }, "message": "SELinux: delete debugging printks from filename_trans rule processing\n\nThe filename_trans rule processing has some printk(KERN_ERR ) messages\nwhich were intended as debug aids in creating the code but weren\u0027t removed\nbefore it was submitted. Remove them.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\n" } ], "next": "6eab04a87677a37cf15b52e2b4b4fd57917102ad" }