)]}' { "log": [ { "commit": "7d7473dbdb9121dd1b5939566660d51130ecda3a", "tree": "057bf591dd896c01a2b35b31dc41996d3d9e51b8", "parents": [ "b01d3fb921df9baef1ecd13704f4b1e269b58b6b" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sat Mar 17 20:33:38 2012 +0900" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Tue Mar 20 12:06:50 2012 +1100" }, "message": "TOMOYO: Return error if fails to delete a domain\n\nCall sequence:\ntomoyo_write_domain() --\u003e tomoyo_delete_domain()\n\nIn \u0027tomoyo_delete_domain\u0027, return -EINTR if locking attempt is\ninterrupted by signal.\n\nAt present it returns success to its caller \u0027tomoyo_write_domain()\u0027\neven though domain is not deleted. \u0027tomoyo_write_domain()\u0027 assumes\ndomain is deleted and returns success to its caller. This is wrong behaviour.\n\n\u0027tomoyo_write_domain\u0027 should return error from tomoyo_delete_domain() to its\ncaller.\n\nSigned-off-by: Santosh Nayak \u003csantoshprasadnayak@gmail.com\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "6041e8346f2165679c2184cab60db768d6a26a1d", "tree": "2c4eb032eb851f240c1b70d1afb214a2c661b886", "parents": [ "f67dabbdde1fe112dfff05d02890f1e0d54117a8" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@i-love.sakura.ne.jp", "time": "Wed Mar 14 18:27:49 2012 +0900" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Thu Mar 15 12:29:18 2012 +1100" }, "message": "TOMOYO: Return appropriate value to poll().\n\n\"struct file_operations\"-\u003epoll() expects \"unsigned int\" return value.\nAll files in /sys/kernel/security/tomoyo/ directory other than\n/sys/kernel/security/tomoyo/query and /sys/kernel/security/tomoyo/audit should\nreturn POLLIN | POLLRDNORM | POLLOUT | POLLWRNORM rather than -ENOSYS.\nAlso, /sys/kernel/security/tomoyo/query and /sys/kernel/security/tomoyo/audit\nshould return POLLOUT | POLLWRNORM rather than 0 when there is no data to read.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "2380078cdb7e6d520e33dcf834e0be979d542e48", "tree": "105a729f483b77453ea7a570f39e9efe76e38aa0", "parents": [ "6681ba7ec480bc839584fd0817991d248b4b9e44", "59df3166ef293288d164ab3362a717743e62d20c" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Nov 02 17:01:01 2011 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Nov 02 17:01:01 2011 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.selinuxproject.org/~jmorris/linux-security\n\n* \u0027for-linus\u0027 of git://git.selinuxproject.org/~jmorris/linux-security:\n TOMOYO: Fix interactive judgment functionality.\n" }, { "commit": "59df3166ef293288d164ab3362a717743e62d20c", "tree": "ee10bb9ae940bf59beaf05dd5925d03044eb6559", "parents": [ "c45ed235abf1b0b6666417e3c394f18717976acd" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Oct 20 06:48:57 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Sat Oct 29 08:34:41 2011 +1100" }, "message": "TOMOYO: Fix interactive judgment functionality.\n\nCommit 17fcfbd9 \"TOMOYO: Add interactive enforcing mode.\" introduced ability\nto query access decision using userspace programs. It was using global PID for\nreaching policy configuration of the process. However, use of PID returns stale\npolicy configuration when the process\u0027s subjective credentials and objective\ncredentials differ. Fix this problem by allowing reaching policy configuration\nvia query id.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "36b8d186e6cc8e32cb5227f5645a58e1bc0af190", "tree": "1000ad26e189e6ff2c53fb7eeff605f59c7ad94e", "parents": [ "cd85b557414fe4cd44ea6608825e96612a5fe2b2", "c45ed235abf1b0b6666417e3c394f18717976acd" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 25 09:45:31 2011 +0200" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 25 09:45:31 2011 +0200" }, "message": "Merge branch \u0027next\u0027 of git://selinuxproject.org/~jmorris/linux-security\n\n* \u0027next\u0027 of git://selinuxproject.org/~jmorris/linux-security: (95 commits)\n TOMOYO: Fix incomplete read after seek.\n Smack: allow to access /smack/access as normal user\n TOMOYO: Fix unused kernel config option.\n Smack: fix: invalid length set for the result of /smack/access\n Smack: compilation fix\n Smack: fix for /smack/access output, use string instead of byte\n Smack: domain transition protections (v3)\n Smack: Provide information for UDS getsockopt(SO_PEERCRED)\n Smack: Clean up comments\n Smack: Repair processing of fcntl\n Smack: Rule list lookup performance\n Smack: check permissions from user space (v2)\n TOMOYO: Fix quota and garbage collector.\n TOMOYO: Remove redundant tasklist_lock.\n TOMOYO: Fix domain transition failure warning.\n TOMOYO: Remove tomoyo_policy_memory_lock spinlock.\n TOMOYO: Simplify garbage collector.\n TOMOYO: Fix make namespacecheck warnings.\n target: check hex2bin result\n encrypted-keys: check hex2bin result\n ...\n" }, { "commit": "e0b057b406a33501a656dc8d67ea945d7bcdad61", "tree": "16132a7c59322cb1d406a07b875518a3bbd3db39", "parents": [ "6afcb3b7393f5aa388a0d077c490ed411ab3cd27" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Oct 21 12:37:13 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Sat Oct 22 21:55:26 2011 +0200" }, "message": "TOMOYO: Fix incomplete read after seek.\n\nCommit f23571e8 \"TOMOYO: Copy directly to userspace buffer.\" introduced\ntomoyo_flush() that flushes data to be read as soon as possible.\ntomoyo_select_domain() (which is called by write()) enqueues data which meant\nto be read by next read(), but previous read()\u0027s read buffer\u0027s size was not\ncleared. As a result, since 2.6.36, sequence like\n\n char *cp \u003d \"select global-pid\u003d1\\n\";\n read(fd, buf1, sizeof(buf1));\n write(fd, cp, strlen(cp));\n read(fd, buf2, sizeof(buf2));\n\ncauses enqueued data to be flushed to buf1 rather than buf2.\nFix this bug by clearing read buffer\u0027s size upon write() request.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "6afcb3b7393f5aa388a0d077c490ed411ab3cd27", "tree": "f2d0bca0df7ee7322dee3cfa914e8bb4febf434b", "parents": [ "16014d87509e26d6ed6935adbbf437a571fb5870" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Oct 16 09:43:46 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Oct 19 16:58:59 2011 +0200" }, "message": "TOMOYO: Fix unused kernel config option.\n\nCONFIG_SECURITY_TOMOYO_MAX_{ACCEPT_ENTRY,AUDIT_LOG} introduced by commit\n0e4ae0e0 \"TOMOYO: Make several options configurable.\" were by error not used.\n\nReported-by: Paul Bolle \u003cpebolle@tiscali.nl\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "e2b8b25a6795488eba7bb757706b3ac725c31fac", "tree": "f77e43a01891938e8c83b56d2c249a725923b9ec", "parents": [ "e00fb3f7af111d1b3252f7d622213d2e22be65f5" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Oct 11 14:05:08 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Oct 12 12:15:18 2011 +1100" }, "message": "TOMOYO: Remove redundant tasklist_lock.\n\nrcu_read_lock() is sufficient for calling find_task_by_pid_ns()/find_task_by_vpid().\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "778c4a4d60d932c1df6d270dcbc88365823c3963", "tree": "1c042bff1f11cf4e5d7267329091d878aba3d4d7", "parents": [ "6bce98edc3365a8f780ff3944ac7992544c194fe" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Sep 25 17:49:09 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Sep 26 10:46:19 2011 +1000" }, "message": "TOMOYO: Fix make namespacecheck warnings.\n\nCommit efe836ab \"TOMOYO: Add built-in policy support.\" introduced\ntomoyo_load_builtin_policy() but was by error called from nowhere.\n\nCommit b22b8b9f \"TOMOYO: Rename meminfo to stat and show more statistics.\"\nintroduced tomoyo_update_stat() but was by error not called from\ntomoyo_assign_domain().\n\nAlso, mark tomoyo_io_printf() and tomoyo_path_permission() static functions,\nas reported by \"make namespacecheck\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "6bce98edc3365a8f780ff3944ac7992544c194fe", "tree": "ee10abf2345f651d65d7f10fd385c01e0dc891b3", "parents": [ "cc100551b4d92f47abebfa7c7918b2be71263b4a" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Sep 16 22:54:25 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Sep 19 10:09:59 2011 +1000" }, "message": "TOMOYO: Allow specifying domain transition preference.\n\nI got an opinion that it is difficult to use exception policy\u0027s domain\ntransition control directives because they need to match the pathname specified\nto \"file execute\" directives. For example, if \"file execute /bin/\\*\\-ls\\-cat\"\nis given, corresponding domain transition control directive needs to be like\n\"no_keep_domain /bin/\\*\\-ls\\-cat from any\".\n\nIf we can specify like below, it will become more convenient.\n\n file execute /bin/ls keep exec.realpath\u003d\"/bin/ls\" exec.argv[0]\u003d\"ls\"\n file execute /bin/cat keep exec.realpath\u003d\"/bin/cat\" exec.argv[0]\u003d\"cat\"\n file execute /bin/\\*\\-ls\\-cat child\n file execute /usr/sbin/httpd \u003capache\u003e exec.realpath\u003d\"/usr/sbin/httpd\" exec.argv[0]\u003d\"/usr/sbin/httpd\"\n\nIn above examples, \"keep\" works as if keep_domain is specified, \"child\" works\nas if \"no_reset_domain\" and \"no_initialize_domain\" and \"no_keep_domain\" are\nspecified, \"\u003capache\u003e\" causes domain transition to \u003capache\u003e domain upon\nsuccessful execve() operation.\n\nMoreover, we can also allow transition to different domains based on conditions\nlike below example.\n\n \u003ckernel\u003e /usr/sbin/sshd\n file execute /bin/bash \u003ckernel\u003e /usr/sbin/sshd //batch-session exec.argc\u003d2 exec.argv[1]\u003d\"-c\"\n file execute /bin/bash \u003ckernel\u003e /usr/sbin/sshd //root-session task.uid\u003d0\n file execute /bin/bash \u003ckernel\u003e /usr/sbin/sshd //nonroot-session task.uid!\u003d0\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "843d183cdd816549b73e6bd3ae07f64adddf714b", "tree": "3421638e9c9d44be37e539a4ffed6216bc1f7f3c", "parents": [ "a8f7640963ada66c412314c3559c11ff6946c1a5" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Sep 14 17:03:19 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Sep 15 08:14:21 2011 +1000" }, "message": "TOMOYO: Bump version.\n\nTell userland tools that this is TOMOYO 2.5.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "731d37aa70c7b9de3be6bf2c8287366223bf5ce5", "tree": "8ac6028511485862572695eb91e2d461e0636182", "parents": [ "1f067a682a9bd252107ac6f6946b7332fde42344" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sat Sep 10 15:25:58 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Sep 14 08:27:06 2011 +1000" }, "message": "TOMOYO: Allow domain transition without execve().\n\nTo be able to split permissions for Apache\u0027s CGI programs which are executed\nwithout execve(), add special domain transition which is performed by writing\na TOMOYO\u0027s domainname to /sys/kernel/security/tomoyo/self_domain interface.\n\nThis is an API for TOMOYO-aware userland applications. However, since I expect\nTOMOYO and other LSM modules to run in parallel, this patch does not use\n/proc/self/attr/ interface in order to avoid conflicts with other LSM modules\nwhen it became possible to run multiple LSM modules in parallel.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "1f067a682a9bd252107ac6f6946b7332fde42344", "tree": "379bbbf02f0a802453e585a2a482192409308fbb", "parents": [ "059d84dbb3897d4ee494a9c842c5dda54316cb47" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sat Sep 10 15:24:56 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Sep 14 08:27:06 2011 +1000" }, "message": "TOMOYO: Allow controlling generation of access granted logs for per an entry basis.\n\nAdd per-entry flag which controls generation of grant logs because Xen and KVM\nissues ioctl requests so frequently. For example,\n\n file ioctl /dev/null 0x5401 grant_log\u003dno\n\nwill suppress /sys/kernel/security/tomoyo/audit even if preference says\ngrant_log\u003dyes .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "059d84dbb3897d4ee494a9c842c5dda54316cb47", "tree": "483ca0cb613b1304184b92f075b3f5283d36c723", "parents": [ "d58e0da854376841ac99defeb117a83f086715c6" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sat Sep 10 15:23:54 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Sep 14 08:27:05 2011 +1000" }, "message": "TOMOYO: Add socket operation restriction support.\n\nThis patch adds support for permission checks for PF_INET/PF_INET6/PF_UNIX\nsocket\u0027s bind()/listen()/connect()/send() operations.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "d58e0da854376841ac99defeb117a83f086715c6", "tree": "b6e37d1030180680a7801ecb295d8d3990930375", "parents": [ "5dbe3040c74eef18e66951347eda05b153e69328" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sat Sep 10 15:22:48 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Sep 14 08:27:05 2011 +1000" }, "message": "TOMOYO: Add environment variable name restriction support.\n\nThis patch adds support for checking environment variable\u0027s names.\nAlthough TOMOYO already provides ability to check argv[]/envp[] passed to\nexecve() requests,\n\n file execute /bin/sh exec.envp[\"LD_LIBRARY_PATH\"]\u003d\"bar\"\n\nwill reject execution of /bin/sh if environment variable LD_LIBRARY_PATH is not\ndefined. To grant execution of /bin/sh if LD_LIBRARY_PATH is not defined,\nadministrators have to specify like\n\n file execute /bin/sh exec.envp[\"LD_LIBRARY_PATH\"]\u003d\"/system/lib\"\n file execute /bin/sh exec.envp[\"LD_LIBRARY_PATH\"]\u003dNULL\n\n. Since there are many environment variables whereas conditional checks are\napplied as \"\u0026\u0026\", it is difficult to cover all combinations. Therefore, this\npatch supports conditional checks that are applied as \"||\", by specifying like\n\n file execute /bin/sh\n misc env LD_LIBRARY_PATH exec.envp[\"LD_LIBRARY_PATH\"]\u003d\"/system/lib\"\n\nwhich means \"grant execution of /bin/sh if environment variable is not defined\nor is defined and its value is /system/lib\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "4d81897139ffb738ee14b6f84f63f93ecda1136b", "tree": "27bbf6c03ccc9087e6bdc73b7fed31b471eb8048", "parents": [ "322a8b034003c0d46d39af85bf24fee27b902f48" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sat Aug 06 23:38:30 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 08 13:13:45 2011 +1000" }, "message": "TOMOYO: Fix incomplete read of /sys/kernel/security/tomoyo/profile\n\nCommit bd03a3e4 \"TOMOYO: Add policy namespace support.\" forgot to set EOF flag\nand forgot to print namespace at PREFERENCE line.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0f2a55d5bb2372058275b0b343d90dd5d640d045", "tree": "0faaacea8061e5717efd50d24220d6976e6adba6", "parents": [ "c9206693457a946698e1d67db2b424e1d101493d" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jul 14 14:46:51 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Jul 14 17:50:03 2011 +1000" }, "message": "TOMOYO: Update kernel-doc.\n\nUpdate comments for scripts/kernel-doc and fix some of errors reported by\nscripts/checkpatch.pl .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5b636857fee642694e287e3a181b523b16098c93", "tree": "24afcc11fc35350a29f5d6d73d376a551c5569b8", "parents": [ "2ca9bf453bdd478bcb6c01aa2d0bd4c2f4350563" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:24:54 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:33 2011 +1000" }, "message": "TOMOYO: Allow using argv[]/envp[] of execve() as conditions.\n\nThis patch adds support for permission checks using argv[]/envp[] of execve()\nrequest. Hooks are in the last patch of this pathset.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2ca9bf453bdd478bcb6c01aa2d0bd4c2f4350563", "tree": "b9f6051059a2a90547a4501bf296b0cf3c9dbc76", "parents": [ "8761afd49ebff8ae04c1a7888af090177441d07d" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:23:44 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:33 2011 +1000" }, "message": "TOMOYO: Allow using executable\u0027s realpath and symlink\u0027s target as conditions.\n\nThis patch adds support for permission checks using executable file\u0027s realpath\nupon execve() and symlink\u0027s target upon symlink(). Hooks are in the last patch\nof this pathset.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "8761afd49ebff8ae04c1a7888af090177441d07d", "tree": "f43b52e1b8467eeea465762d2f9d0b81a336faa0", "parents": [ "2066a36125fcbf5220990173b9d8e8bc49ad7538" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:22:41 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:32 2011 +1000" }, "message": "TOMOYO: Allow using owner/group etc. of file objects as conditions.\n\nThis patch adds support for permission checks using file object\u0027s DAC\nattributes (e.g. owner/group) when checking file\u0027s pathnames. Hooks for passing\nfile object\u0027s pointers are in the last patch of this pathset.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2066a36125fcbf5220990173b9d8e8bc49ad7538", "tree": "c8ea3a6d92a8b4b68cda986601336e8e8f58553e", "parents": [ "5c4274f13819b40e726f6ee4ef13b4952cff5010" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:21:37 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:32 2011 +1000" }, "message": "TOMOYO: Allow using UID/GID etc. of current thread as conditions.\n\nThis patch adds support for permission checks using current thread\u0027s UID/GID\netc. in addition to pathnames.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5c4274f13819b40e726f6ee4ef13b4952cff5010", "tree": "c32b5d2932369f24fbfbeb62908b09c505a01186", "parents": [ "ea504819122a76a236f8b95d1556f807a0a41397" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jul 07 21:20:35 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Jul 08 09:25:36 2011 +1000" }, "message": "TOMOYO: Remove /sys/kernel/security/tomoyo/.domain_status interface.\n\n/sys/kernel/security/tomoyo/.domain_status can be easily emulated using\n/sys/kernel/security/tomoyo/domain_policy . We can remove this interface by\nupdating /usr/sbin/tomoyo-setprofile utility.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0e4ae0e0dec634b2ae53ac57d14141b140467dbe", "tree": "9a3b46dd03ea21422359d3948514771d0cc9d72d", "parents": [ "efe836ab2b514ae7b59528af36d452978b42d266" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:22:59 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:22 2011 +1000" }, "message": "TOMOYO: Make several options configurable.\n\nTo be able to start using enforcing mode from the early stage of boot sequence,\nthis patch adds support for activating access control without calling external\npolicy loader program. This will be useful for systems where operations which\ncan lead to the hijacking of the boot sequence are needed before loading the\npolicy. For example, you can activate immediately after loading the fixed part\nof policy which will allow only operations needed for mounting a partition\nwhich contains the variant part of policy and verifying (e.g. running GPG\ncheck) and loading the variant part of policy. Since you can start using\nenforcing mode from the beginning, you can reduce the possibility of hijacking\nthe boot sequence.\n\nThis patch makes several variables configurable on build time. This patch also\nadds TOMOYO_loader\u003d and TOMOYO_trigger\u003d kernel command line option to boot the\nsame kernel in two different init systems (BSD-style init and systemd).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "efe836ab2b514ae7b59528af36d452978b42d266", "tree": "5e2434b25b0d53c4852fad7c9c07db9e99a38b07", "parents": [ "b22b8b9fd90eecfb7133e56b4e113595f09f4492" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:22:18 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:22 2011 +1000" }, "message": "TOMOYO: Add built-in policy support.\n\nTo be able to start using enforcing mode from the early stage of boot sequence,\nthis patch adds support for built-in policy configuration (and next patch adds\nsupport for activating access control without calling external policy loader\nprogram).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "b22b8b9fd90eecfb7133e56b4e113595f09f4492", "tree": "6e15e497a05aa219c598b8b8690fbdb5ae5f0b0a", "parents": [ "2c47ab9353242b0f061959318f83c55360b88fa4" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:21:50 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:22 2011 +1000" }, "message": "TOMOYO: Rename meminfo to stat and show more statistics.\n\nShow statistics such as last policy update time and last policy violation time\nin addition to memory usage.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2c47ab9353242b0f061959318f83c55360b88fa4", "tree": "03693079bf04572d30ef0ca37f717ae8acc29863", "parents": [ "2e503bbb435ae418aebbe4aeede1c6f2a33d6f74" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:21:19 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:21 2011 +1000" }, "message": "TOMOYO: Cleanup part 4.\n\nGather string constants to one file in order to make the object size smaller.\nUse unsigned type where appropriate.\nread()/write() returns ssize_t.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2e503bbb435ae418aebbe4aeede1c6f2a33d6f74", "tree": "c6b783c245716cf87b337b2a855e742133afb7ac", "parents": [ "5625f2e3266319fd29fe4f1c76ccd3f550c79ac4" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:20:55 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:21 2011 +1000" }, "message": "TOMOYO: Fix lockdep warning.\n\nCurrently TOMOYO holds SRCU lock upon open() and releases it upon close()\nbecause list elements stored in the \"struct tomoyo_io_buffer\" instances are\naccessed until close() is called. However, such SRCU usage causes lockdep to\ncomplain about leaving the kernel with SRCU lock held.\n\nThis patch solves the warning by holding/releasing SRCU upon each\nread()/write(). This patch is doing something similar to calling kfree()\nwithout calling synchronize_srcu(), by selectively deferring kfree() by keeping\ntrack of the \"struct tomoyo_io_buffer\" instances.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "bd03a3e4c9a9df0c6b007045fa7fc8889111a478", "tree": "9d78290c878e6466fe3e0bda7ee5989c0dc39e40", "parents": [ "32997144fd9925fc4d506a16990a0c405f766526" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:19:52 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:21 2011 +1000" }, "message": "TOMOYO: Add policy namespace support.\n\nMauras Olivier reported that it is difficult to use TOMOYO in LXC environments,\nfor TOMOYO cannot distinguish between environments outside the container and\nenvironments inside the container since LXC environments are created using\npivot_root(). To address this problem, this patch introduces policy namespace.\n\nEach policy namespace has its own set of domain policy, exception policy and\nprofiles, which are all independent of other namespaces. This independency\nallows users to develop policy without worrying interference among namespaces.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "32997144fd9925fc4d506a16990a0c405f766526", "tree": "52332d25e9317250a1af1b06008d7eae18717c70", "parents": [ "eadd99cc85347b4f9eb10122ac90032eb4971b02" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:19:28 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:20 2011 +1000" }, "message": "TOMOYO: Add ACL group support.\n\nACL group allows administrator to globally grant not only \"file read\"\npermission but also other permissions.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "eadd99cc85347b4f9eb10122ac90032eb4971b02", "tree": "fa6075ad4917422288222ee52bfcb66b7ed30a0e", "parents": [ "d5ca1725ac9ba876c2dd614bb9826d0c4e13d818" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:18:58 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:20 2011 +1000" }, "message": "TOMOYO: Add auditing interface.\n\nAdd /sys/kernel/security/tomoyo/audit interface. This interface generates audit\nlogs in the form of domain policy so that /usr/sbin/tomoyo-auditd can reuse\naudit logs for appending to /sys/kernel/security/tomoyo/domain_policy\ninterface.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "d5ca1725ac9ba876c2dd614bb9826d0c4e13d818", "tree": "fbff7fe1e39597c5bac981f63a2be659f4ec84e7", "parents": [ "0d2171d711cbfca84cc0001121be8a6cc8e4d148" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:18:21 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:20 2011 +1000" }, "message": "TOMOYO: Simplify profile structure.\n\nRemove global preference from profile structure in order to make code simpler.\n\nDue to this structure change, printk() warnings upon policy violation are\ntemporarily disabled. They will be replaced by\n/sys/kernel/security/tomoyo/audit by next patch.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0d2171d711cbfca84cc0001121be8a6cc8e4d148", "tree": "998c6fb0c61e15686a7b70276e17ad9e396741f4", "parents": [ "a238cf5b89ed5285be8de56335665d023972f7d5" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:17:46 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:20 2011 +1000" }, "message": "TOMOYO: Rename directives.\n\nConvert \"allow_...\" style directives to \"file ...\" style directives.\nBy converting to the latter style, we can pack policy like\n\"file read/write/execute /path/to/file\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a238cf5b89ed5285be8de56335665d023972f7d5", "tree": "cd2594f5c80345b5f880a3ccd445d15fb6b7d6cd", "parents": [ "0df7e8b8f1c25c10820bdc679555f2fbfb897ca0" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:17:10 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:20 2011 +1000" }, "message": "TOMOYO: Use struct for passing ACL line.\n\nUse structure for passing ACL line, in preparation for supporting policy\nnamespace and conditional parameters.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0df7e8b8f1c25c10820bdc679555f2fbfb897ca0", "tree": "626a0304fceec0bbee93e43a24bc0f813fe230b7", "parents": [ "b5bc60b4ce313b6dbb42e7d32915dcf0a07c2a68" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:16:36 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:19 2011 +1000" }, "message": "TOMOYO: Cleanup part 3.\n\nUse common structure for ACL with \"struct list_head\" + \"atomic_t\".\nUse array/struct where possible.\nRemove is_group from \"struct tomoyo_name_union\"/\"struct tomoyo_number_union\".\nPass \"struct file\"-\u003eprivate_data rather than \"struct file\".\nUpdate some of comments.\nBring tomoyo_same_acl_head() from common.h to domain.c .\nBring tomoyo_invalid()/tomoyo_valid() from common.h to util.c .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "b5bc60b4ce313b6dbb42e7d32915dcf0a07c2a68", "tree": "4a6a4f4cf1b6d0e5fa22c974fb4cf87d59a88e21", "parents": [ "7c75964f432d14062d8eccfc916aa290f56b5aab" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:16:03 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:19 2011 +1000" }, "message": "TOMOYO: Cleanup part 2.\n\nUpdate (or temporarily remove) comments.\nRemove or replace some of #define lines.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7c75964f432d14062d8eccfc916aa290f56b5aab", "tree": "8aecdb96f9f079dd36735c3acccb79f3d10d6559", "parents": [ "1252cc3b232e582e887623dc5f70979418caaaa2" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jun 26 23:15:31 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 29 09:31:19 2011 +1000" }, "message": "TOMOYO: Cleanup part 1.\n\nIn order to synchronize with TOMOYO 1.8\u0027s syntax,\n\n(1) Remove special handling for allow_read/write permission.\n(2) Replace deny_rewrite/allow_rewrite permission with allow_append permission.\n(3) Remove file_pattern keyword.\n(4) Remove allow_read permission from exception policy.\n(5) Allow creating domains in enforcing mode without calling supervisor.\n(6) Add permission check for opening directory for reading.\n(7) Add permission check for stat() operation.\n(8) Make \"cat \u003c /sys/kernel/security/tomoyo/self_domain\" behave as if\n \"cat /sys/kernel/security/tomoyo/self_domain\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c0fa797ae6cd02ff87c0bfe0d509368a3b45640e", "tree": "4f484333268919be0487ff5fdf9dd380d8bf6ed2", "parents": [ "e4f5f26d8336318a5aa0858223c81cf29fcf5f68" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Apr 03 00:12:54 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Apr 19 09:37:12 2011 +1000" }, "message": "TOMOYO: Fix infinite loop bug when reading /sys/kernel/security/tomoyo/audit\n\nIn tomoyo_flush(), head-\u003er.w[0] holds pointer to string data to be printed.\nBut head-\u003er.w[0] was updated only when the string data was partially\nprinted (because head-\u003er.w[0] will be updated by head-\u003er.w[1] later if\ncompletely printed). However, regarding /sys/kernel/security/tomoyo/query ,\nan additional \u0027\\0\u0027 is printed after the string data was completely printed.\nBut if free space for read buffer became 0 before printing the additional \u0027\\0\u0027,\ntomoyo_flush() was returning without updating head-\u003er.w[0]. As a result,\ntomoyo_flush() forever reprints already printed string data.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2a086e5d3a23570735f75b784d29b93068070833", "tree": "43949632ba2e1c8ed4a8169d64c406d66ce36f23", "parents": [ "a3232d2fa2e3cbab3e76d91cdae5890fee8a4034" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Apr 03 00:09:26 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Apr 19 09:37:06 2011 +1000" }, "message": "TOMOYO: Fix race on updating profile\u0027s comment line.\n\nIn tomoyo_write_profile() since 2.6.34, a lock was by error missing when\nreplacing profile\u0027s comment line. If multiple threads attempted\n\n echo \u00270-COMMENT\u003dcomment\u0027 \u003e /sys/kernel/security/tomoyo/profile\n\nin parallel, garbage collector will fail to kfree() the old value.\nProtect the replacement using a lock. Also, keep the old value rather than\nreplace with empty string when out of memory error has occurred.\n\nSigned-off-by: Xiaochen Wang \u003cwangxiaochen0@gmail.com\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "9f1c1d426b0402b25cd0d7ca719ffc8e20e46d5f", "tree": "5d31ff027688a90cef5ccea5bee1cb3e65639b37", "parents": [ "b0ae19811375031ae3b3fecc65b702a9c6e5cc28" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Oct 08 14:43:22 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Oct 21 10:12:45 2010 +1100" }, "message": "TOMOYO: Print URL information before panic().\n\nConfiguration files for TOMOYO 2.3 are not compatible with TOMOYO 2.2.\nBut current panic() message is too unfriendly and is confusing users.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nReviewed-by: KOSAKI Motohiro \u003ckosaki.motohiro@jp.fujitsu.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "68eda8f59081c74a51d037cc29893bd7c9b3c2d8", "tree": "5970a384719568f6f36ee07efe72adb8cfab39f1", "parents": [ "f6f94e2ab1b33f0082ac22d71f66385a60d8157f" ], "author": { "name": "Dan Carpenter", "email": "error27@gmail.com", "time": "Sun Aug 08 00:17:51 2010 +0200" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Oct 21 10:12:32 2010 +1100" }, "message": "tomoyo: cleanup. don\u0027t store bogus pointer\n\nIf domain is NULL then \u0026domain-\u003elist is a bogus address. Let\u0027s leave\nhead-\u003er.domain NULL instead of saving an unusable pointer.\n\nThis is just a cleanup. The current code always checks head-\u003er.eof\nbefore dereferencing head-\u003er.domain.\n\nSigned-off-by: Dan Carpenter \u003cerror27@gmail.com\u003e\nAcked-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\n" }, { "commit": "c8da96e87d349e9035345293093ecc74792fb96a", "tree": "738b017e4fa8547feb2741969decd749ea6e98e1", "parents": [ "91e71c12c506e15028c252a5a097723f41c518dd" ], "author": { "name": "Ben Hutchings", "email": "ben@decadent.org.uk", "time": "Sun Sep 26 05:55:13 2010 +0100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Sep 27 10:53:18 2010 +1000" }, "message": "TOMOYO: Don\u0027t abuse sys_getpid(), sys_getppid()\n\nSystem call entry functions sys_*() are never to be called from\ngeneral kernel code. The fact that they aren\u0027t declared in header\nfiles should have been a clue. These functions also don\u0027t exist on\nAlpha since it has sys_getxpid() instead.\n\nSigned-off-by: Ben Hutchings \u003cben@decadent.org.uk\u003e\nAcked-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "e6f6a4cc955d626ed26562d98de5766bf1f73526", "tree": "308ef4b42db0e3ebc0078550c7b9cca59f117cd6", "parents": [ "7e3d199a4009a4094a955282daf5ecd43f2c8152" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Jul 27 17:17:06 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:35:10 2010 +1000" }, "message": "TOMOYO: Update version to 2.3.0\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0849e3ba53c3ef603dffa9758a73e07ed186a937", "tree": "5aaaa02db9be90287bfcc6e00e48d0b50c18d6cd", "parents": [ "e2bf69077acefee5247bb661faac2552d29ba7ba" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jun 25 12:22:09 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:55 2010 +1000" }, "message": "TOMOYO: Add missing poll() hook.\n\nCommit 1dae08c \"TOMOYO: Add interactive enforcing mode.\" forgot to register\npoll() hook. As a result, /usr/sbin/tomoyo-queryd was doing busy loop.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "e2bf69077acefee5247bb661faac2552d29ba7ba", "tree": "946adb588df8647f2476fb2f66996e6231521687", "parents": [ "8e5686874bcb882f69d5c04e6b38dc92b97facea" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jun 25 11:16:00 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:54 2010 +1000" }, "message": "TOMOYO: Rename symbols.\n\nUse shorter name in order to make it easier to fit 80 columns limit.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "8e5686874bcb882f69d5c04e6b38dc92b97facea", "tree": "522733e1e4a172d29252a98d340cea3942296684", "parents": [ "f23571e866309a2048030ef6a5f0725cf139d4c9" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jun 25 09:30:09 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:54 2010 +1000" }, "message": "TOMOYO: Small cleanup.\n\nSplit tomoyo_write_profile() into several functions.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "f23571e866309a2048030ef6a5f0725cf139d4c9", "tree": "0116bcef462f367307b2db927b249b7ce21039c2", "parents": [ "5db5a39b6462c8360c9178b28f4b07c320dfca1c" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 24 14:57:16 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:45 2010 +1000" }, "message": "TOMOYO: Copy directly to userspace buffer.\n\nWhen userspace program reads policy from /sys/kernel/security/tomoyo/\ninterface, TOMOYO uses line buffered mode. A line has at least one word.\n\nCommit 006dacc \"TOMOYO: Support longer pathname.\" changed a word\u0027s max length\nfrom 4000 bytes to max kmalloc()able bytes. By that commit, a line\u0027s max length\nchanged from 8192 bytes to more than max kmalloc()able bytes.\n\nMax number of words in a line remains finite. This patch changes the way of\nbuffering so that all words in a line are firstly directly copied to userspace\nbuffer as much as possible and are secondly queued for next read request.\nWords queued are guaranteed to be valid until /sys/kernel/security/tomoyo/\ninterface is close()d.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5db5a39b6462c8360c9178b28f4b07c320dfca1c", "tree": "0350d94c0e134820e035381bcff81515dbda9666", "parents": [ "063821c8160568b3390044390c8328e36c5696ad" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 24 12:24:19 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:45 2010 +1000" }, "message": "TOMOYO: Use common code for policy reading.\n\ntomoyo_print_..._acl() are similar. Merge them.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "063821c8160568b3390044390c8328e36c5696ad", "tree": "68a61753cdc6b0edaf0358eebdea8c20aaa713b1", "parents": [ "475e6fa3d340e75a454ea09191a29e52e2ee6e71" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 24 12:00:25 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:44 2010 +1000" }, "message": "TOMOYO: Allow reading only execute permission.\n\nPolicy editor needs to know allow_execute entries in order to build domain\ntransition tree. Reading all entries is slow. Thus, allow reading only\nallow_execute entries.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "475e6fa3d340e75a454ea09191a29e52e2ee6e71", "tree": "44e8222ec250f8573199fc3132eaeb2f8922f85e", "parents": [ "5448ec4f5062ef75ce74f8d7784d4cea9c46ad00" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 24 11:28:14 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:44 2010 +1000" }, "message": "TOMOYO: Change list iterator.\n\nChange list_for_each_cookie to\n\n(1) start from current position rather than next position\n(2) remove temporary cursor\n(3) check that srcu_read_lock() is held\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5448ec4f5062ef75ce74f8d7784d4cea9c46ad00", "tree": "c4c742b928c799e03328e345e1d4af738f315afb", "parents": [ "0617c7ff34dc9b1d641640c3953274bb2dbe21a6" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon Jun 21 11:14:39 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:43 2010 +1000" }, "message": "TOMOYO: Use common code for domain transition control.\n\nUse common code for \"initialize_domain\"/\"no_initialize_domain\"/\"keep_domain\"/\n\"no_keep_domain\" keywords.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0617c7ff34dc9b1d641640c3953274bb2dbe21a6", "tree": "6be51af32ad65380aff9b7fa385f65ef15b3d53b", "parents": [ "7c2ea22e3c5463627ca98924cd65cb9e480dc29c" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon Jun 21 09:58:53 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:42 2010 +1000" }, "message": "TOMOYO: Remove alias keyword.\n\nSome programs behave differently depending on argv[0] passed to execve().\nTOMOYO has \"alias\" keyword in order to allow administrators to define different\ndomains if requested pathname passed to execve() is a symlink. But \"alias\"\nkeyword is incomplete because this keyword assumes that requested pathname and\nargv[0] are identical. Thus, remove \"alias\" keyword (by this patch) and add\nsyntax for checking argv[0] (by future patches).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7c2ea22e3c5463627ca98924cd65cb9e480dc29c", "tree": "3a105a08cf75c77689bdfe890c64f9ae433748b9", "parents": [ "31845e8c6d3f4f26702e567c667277f9fd1f73a3" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 17 16:55:58 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:42 2010 +1000" }, "message": "TOMOYO: Merge path_group and number_group.\n\nUse common code for \"path_group\" and \"number_group\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "31845e8c6d3f4f26702e567c667277f9fd1f73a3", "tree": "5c457513fcdae4e7e39b19d36e1698ae298ce8d4", "parents": [ "a230f9e7121cbcbfe23bd5a630abf6b53cece555" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 17 16:54:33 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:41 2010 +1000" }, "message": "TOMOYO: Aggregate reader functions.\n\nNow lists are accessible via array index. Aggregate reader functions using index.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a230f9e7121cbcbfe23bd5a630abf6b53cece555", "tree": "a81820f41d57ffd8704aaef4331f696030d7ba77", "parents": [ "a98aa4debe2728abb3353e35fc5d110dcc0d7f0d" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 17 16:53:24 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:40 2010 +1000" }, "message": "TOMOYO: Use array of \"struct list_head\".\n\nAssign list id and make the lists as array of \"struct list_head\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "8fbe71f0e0ac28a39e4a93694c34d670c2f31e88", "tree": "95dc6db6aaaa31a8876bc99c1531bfc26d0e838c", "parents": [ "cb917cf517075a357ce43b74e8a5a57f2c69a734" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Jun 16 16:29:59 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:35 2010 +1000" }, "message": "TOMOYO: Make read function to void.\n\nRead functions do not fail. Make them from int to void.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "71c282362d0672235c5205a7db1f3ac3fcf32981", "tree": "b359947179fad844767fc5b54a0761b7353babc1", "parents": [ "d795ef9e751b72c94600c91e31bdaef55987a9f6" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Jun 16 16:26:38 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:34 2010 +1000" }, "message": "TOMOYO: Remove wrapper function for reading keyword.\n\nKeyword strings are read-only. We can directly access them to reduce code size.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "75093152a97ee0ec281895b4f6229ff3c481fd64", "tree": "960bdf1d441f43c2dfa3c4d54c48af5fc524a1a8", "parents": [ "99a852596beb26cc449ca1a79834c107ef4080e1" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Jun 16 16:23:55 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:33 2010 +1000" }, "message": "TOMOYO: Rename symbols.\n\nUse shorter name in order to make it easier to fix 80 columns limit.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "36f5e1ffbf2bb951105ae4e261bcc1de3eaf510c", "tree": "80e01278296477b4d30288081267d35ff771d720", "parents": [ "82e0f001a4c1112dcff9cafa9812a33889ad9b8a" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Jun 15 09:23:26 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:29 2010 +1000" }, "message": "TOMOYO: Use callback for updating entries.\n\nUse common code for elements using \"struct list_head\" + \"bool\" structure.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "82e0f001a4c1112dcff9cafa9812a33889ad9b8a", "tree": "55c7e99f8773129b602f837f0c79f8d542021195", "parents": [ "237ab459f12cb98eadd3fe7b85343e183a1076a4" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Jun 15 09:22:42 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:28 2010 +1000" }, "message": "TOMOYO: Use common structure for list element.\n\nUse common \"struct list_head\" + \"bool\" structure.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "237ab459f12cb98eadd3fe7b85343e183a1076a4", "tree": "f2835e2945016beb4e29b6a2ed8f9d372dc1b412", "parents": [ "927942aabbbe506bf9bc70a16dc5460ecc64c148" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sat Jun 12 20:46:22 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:34:28 2010 +1000" }, "message": "TOMOYO: Use callback for updating entries.\n\nUse common \"struct list_head\" + \"bool\" + \"u8\" structure and\nuse common code for elements using that structure.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "57c2590fb7fd38bd52708ff2716a577d0c2b3c5a", "tree": "19db2e176e1e49d85482995249ba18aebbb8f7eb", "parents": [ "1084307ca097745ed6e40a192329b133a49271ac" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 03 20:38:44 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:43 2010 +1000" }, "message": "TOMOYO: Update profile structure.\n\nThis patch allows users to change access control mode for per-operation basis.\nThis feature comes from non LSM version of TOMOYO which is designed for\npermitting users to use SELinux and TOMOYO at the same time.\n\nSELinux does not care filename in a directory whereas TOMOYO does. Change of\nfilename can change how the file is used. For example, renaming index.txt to\n.htaccess will change how the file is used. Thus, letting SELinux to enforce\nread()/write()/mmap() etc. restriction and letting TOMOYO to enforce rename()\nrestriction is an example usage of this feature.\n\nWhat is unfortunate for me is that currently LSM does not allow users to use\nSELinux and LSM version of TOMOYO at the same time...\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "1084307ca097745ed6e40a192329b133a49271ac", "tree": "f3b2e81705afb4ca3006ebb931aa0aad426ace02", "parents": [ "3f629636320dfa65804779a3fc333f3147f3b064" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 03 20:38:03 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:42 2010 +1000" }, "message": "TOMOYO: Add pathname aggregation support.\n\nThis patch allows users to aggregate programs which provide similar\nfunctionality (e.g. /usr/bin/vi and /usr/bin/emacs ).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "3f629636320dfa65804779a3fc333f3147f3b064", "tree": "e44dc9f63ae8c6cd37d5471d014cd9b0449027e7", "parents": [ "c8c57e842720d8cc92ac8607f2d1c16d92314573" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 03 20:37:26 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:42 2010 +1000" }, "message": "TOMOYO: Allow wildcard for execute permission.\n\nSome applications create and execute programs dynamically. We need to accept\nwildcard for execute permission because such programs contain random suffix\nin their filenames. This patch loosens up regulation of string parameters.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "9b244373da3eab671da6c5125482121528a9ebf3", "tree": "abbe091de54a260aec57e56ce79c164834354fc8", "parents": [ "ea0d3ab239fba48d6e998b19c28d78f765963007" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Jun 03 20:35:53 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:41 2010 +1000" }, "message": "TOMOYO: Several fixes for TOMOYO\u0027s management programs.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c3ef1500ec833890275172c7d063333404b64d60", "tree": "2453368e521a1f7a00098eef06afbedb8404503d", "parents": [ "17fcfbd9d45b57f38d40e31f9d28db53f4af5c88" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:12:46 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:39 2010 +1000" }, "message": "TOMOYO: Split files into some pieces.\n\nsecurity/tomoyo/common.c became too large to read.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "17fcfbd9d45b57f38d40e31f9d28db53f4af5c88", "tree": "e221937affe4d886706e880f39e1424333490cc0", "parents": [ "2106ccd972dcd9fda7df9b181505fac1741b3508" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:11:36 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:38 2010 +1000" }, "message": "TOMOYO: Add interactive enforcing mode.\n\nSince the behavior of the system is restricted by policy, we may need to update\npolicy when you update packages.\n\nWe need to update policy in the following cases.\n\n * The pathname of files has changed.\n * The dependency of files has changed.\n * The access permissions required has increased.\n\nThe ideal way to update policy is to rebuild from the scratch using learning\nmode. But it is not desirable to change from enforcing mode to other mode if\nthe system has once entered in production state. Suppose MAC could support\nper-application enforcing mode, the MAC becomes useless if an application that\nis not running in enforcing mode was cracked. For example, the whole system\nbecomes vulnerable if only HTTP server application is running in learning mode\nto rebuild policy for the application. So, in TOMOYO Linux, updating policy is\ndone while the system is running in enforcing mode.\n\nThis patch implements \"interactive enforcing mode\" which allows administrators\nto judge whether to accept policy violation in enforcing mode or not.\nA demo movie is available at http://www.youtube.com/watch?v\u003db9q1Jo25LPA .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2106ccd972dcd9fda7df9b181505fac1741b3508", "tree": "4361f9498c303cabc20abc85c1b5ee0afa677b0f", "parents": [ "a1f9bb6a375a8dbf7797ffbd6739c46b338a77f7" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:10:31 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:37 2010 +1000" }, "message": "TOMOYO: Add mount restriction.\n\nmount(2) has three string and one numeric parameters.\nSplit mount restriction code from security/tomoyo/file.c .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "a1f9bb6a375a8dbf7797ffbd6739c46b338a77f7", "tree": "44df8f05e6ad6bd7cf9ce398c99efbd7cff24c20", "parents": [ "cb0abe6a5b58499bd4bc1403f4987af9ead0642c" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:09:15 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:37 2010 +1000" }, "message": "TOMOYO: Split file access control functions by type of parameters.\n\nCheck numeric parameters for operations that deal them\n(e.g. chmod/chown/ioctl).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "cb0abe6a5b58499bd4bc1403f4987af9ead0642c", "tree": "3a48c36dcfe0cfe1e4b6f3faf5ca3e7fae4327c7", "parents": [ "4c3e9e2ded48bcf696a45945ea7d25bb15b873fd" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:08:05 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:36 2010 +1000" }, "message": "TOMOYO: Use structure for passing common arguments.\n\nUse \"struct tomoyo_request_info\" instead of passing individual arguments.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "4c3e9e2ded48bcf696a45945ea7d25bb15b873fd", "tree": "0be326f0f90b0279ae83594e9244c3739d348df1", "parents": [ "babcd37821fba57048b30151969d28303f2a8b6b" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 17 10:06:58 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Aug 02 15:33:35 2010 +1000" }, "message": "TOMOYO: Add numeric values grouping support.\n\nThis patch adds numeric values grouping support, which is useful for grouping\nnumeric values such as file\u0027s UID, DAC\u0027s mode, ioctl()\u0027s cmd number.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7762fbfffdbce8191f5236d5053b290035d3d749", "tree": "08b6de0c09c5571d3bdb61c429e1ec68e748f796", "parents": [ "ba0c1709f4946a5ca1a678f4318ed72c0d409b3c" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon May 10 17:30:26 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon May 17 09:25:57 2010 +1000" }, "message": "TOMOYO: Add pathname grouping support.\n\nThis patch adds pathname grouping support, which is useful for grouping\npathnames that cannot be represented using /\\{dir\\}/ pattern.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "9e4b50e93786d00c703f16ed46e6a4029c0dfdd1", "tree": "51bf6072802888592ae98b9a6c8a26fcb2e1988f", "parents": [ "83c36ccfe4d849f482ea0a62402c7624f4e59f0e" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu May 06 12:40:02 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon May 10 17:59:02 2010 +1000" }, "message": "TOMOYO: Use stack memory for pending entry.\n\nUse stack memory for pending entry to reduce kmalloc() which will be kfree()d.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "292823814261e085cdcef06b6b691e6c2563fbd4", "tree": "8c1eaebcf8f698ea13ac2a9291b9769abde1905e", "parents": [ "2b9e4688fad8867b6e918610f396af3ab9246898" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu May 06 00:18:15 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu May 06 13:19:18 2010 +1000" }, "message": "TOMOYO: Use mutex_lock_interruptible.\n\nSome of TOMOYO\u0027s functions may sleep after mutex_lock(). If OOM-killer selected\na process which is waiting at mutex_lock(), the to-be-killed process can\u0027t be\nkilled. Thus, replace mutex_lock() with mutex_lock_interruptible() so that the\nto-be-killed process can immediately return from TOMOYO\u0027s functions.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "0ffbe2699cda6afbe08501098dff8a8c2fe6ae09", "tree": "81b1a2305d16c873371b65c5a863c0268036cefe", "parents": [ "4e5d6f7ec3833c0da9cf34fa5c53c6058c5908b6", "7ebd467551ed6ae200d7835a84bbda0dcadaa511" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu May 06 10:56:07 2010 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu May 06 10:56:07 2010 +1000" }, "message": "Merge branch \u0027master\u0027 into next\n" }, { "commit": "4e5d6f7ec3833c0da9cf34fa5c53c6058c5908b6", "tree": "5c0db5bfcdcb1b07594f20054cc6eefe05161c9a", "parents": [ "a674fa46c79ffa37995bd1c8e4daa2b3be5a95ae" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Apr 28 14:17:42 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu May 06 00:50:43 2010 +1000" }, "message": "TOMOYO: Use GFP_NOFS rather than GFP_KERNEL.\n\nIn Ubuntu, security_path_*() hooks are exported to Unionfs. Thus, prepare for\nbeing called from inside VFS functions because I\u0027m not sure whether it is safe\nto use GFP_KERNEL or not.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "d25d6fa1a95f465ff1ec4458ca15e30b2c8dffec", "tree": "7362b182dedd825fc762ef7706830837e42943af", "parents": [ "225a9be24d799aa16d543c31fb09f0c9ed1d9caa", "2eaa9cfdf33b8d7fb7aff27792192e0019ae8fc6" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Mar 31 08:39:27 2010 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Mar 31 08:39:27 2010 +1100" }, "message": "Merge branch \u0027master\u0027 into next\n" }, { "commit": "5a0e3ad6af8660be21ca98a971cd00f331318c05", "tree": "5bfb7be11a03176a87296a43ac6647975c00a1d1", "parents": [ "ed391f4ebf8f701d3566423ce8f17e614cde9806" ], "author": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Wed Mar 24 17:04:11 2010 +0900" }, "committer": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Tue Mar 30 22:02:32 2010 +0900" }, "message": "include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h\n\npercpu.h is included by sched.h and module.h and thus ends up being\nincluded when building most .c files. percpu.h includes slab.h which\nin turn includes gfp.h making everything defined by the two files\nuniversally available and complicating inclusion dependencies.\n\npercpu.h -\u003e slab.h dependency is about to be removed. Prepare for\nthis change by updating users of gfp and slab facilities include those\nheaders directly instead of assuming availability. As this conversion\nneeds to touch large number of source files, the following script is\nused as the basis of conversion.\n\n http://userweb.kernel.org/~tj/misc/slabh-sweep.py\n\nThe script does the followings.\n\n* Scan files for gfp and slab usages and update includes such that\n only the necessary includes are there. ie. if only gfp is used,\n gfp.h, if slab is used, slab.h.\n\n* When the script inserts a new include, it looks at the include\n blocks and try to put the new include such that its order conforms\n to its surrounding. It\u0027s put in the include block which contains\n core kernel includes, in the same order that the rest are ordered -\n alphabetical, Christmas tree, rev-Xmas-tree or at the end if there\n doesn\u0027t seem to be any matching order.\n\n* If the script can\u0027t find a place to put a new include (mostly\n because the file doesn\u0027t have fitting include block), it prints out\n an error message indicating which .h file needs to be added to the\n file.\n\nThe conversion was done in the following steps.\n\n1. The initial automatic conversion of all .c files updated slightly\n over 4000 files, deleting around 700 includes and adding ~480 gfp.h\n and ~3000 slab.h inclusions. The script emitted errors for ~400\n files.\n\n2. Each error was manually checked. Some didn\u0027t need the inclusion,\n some needed manual addition while adding it to implementation .h or\n embedding .c file was more appropriate for others. This step added\n inclusions to around 150 files.\n\n3. The script was run again and the output was compared to the edits\n from #2 to make sure no file was left behind.\n\n4. Several build tests were done and a couple of problems were fixed.\n e.g. lib/decompress_*.c used malloc/free() wrappers around slab\n APIs requiring slab.h to be added manually.\n\n5. The script was run on all .h files but without automatically\n editing them as sprinkling gfp.h and slab.h inclusions around .h\n files could easily lead to inclusion dependency hell. Most gfp.h\n inclusion directives were ignored as stuff from gfp.h was usually\n wildly available and often used in preprocessor macros. Each\n slab.h inclusion directive was examined and added manually as\n necessary.\n\n6. percpu.h was updated not to include slab.h.\n\n7. Build test were done on the following configurations and failures\n were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my\n distributed build env didn\u0027t work with gcov compiles) and a few\n more options had to be turned off depending on archs to make things\n build (like ipr on powerpc/64 which failed due to missing writeq).\n\n * x86 and x86_64 UP and SMP allmodconfig and a custom test config.\n * powerpc and powerpc64 SMP allmodconfig\n * sparc and sparc64 SMP allmodconfig\n * ia64 SMP allmodconfig\n * s390 SMP allmodconfig\n * alpha SMP allmodconfig\n * um on x86_64 SMP allmodconfig\n\n8. percpu.h modifications were reverted so that it could be applied as\n a separate patch and serve as bisection point.\n\nGiven the fact that I had only a couple of failures from tests on step\n6, I\u0027m fairly confident about the coverage of this conversion patch.\nIf there is a breakage, it\u0027s likely to be something in one of the arch\nheaders which should be easily discoverable easily on most builds of\nthe specific arch.\n\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\nGuess-its-ok-by: Christoph Lameter \u003ccl@linux-foundation.org\u003e\nCc: Ingo Molnar \u003cmingo@redhat.com\u003e\nCc: Lee Schermerhorn \u003cLee.Schermerhorn@hp.com\u003e\n" }, { "commit": "181427a7e01beab76c789414334375839f026128", "tree": "3a50a93331b536b80d9c393a034489c9678d8a13", "parents": [ "bca14dd14f3b0c5e3e2d1d314679f85b67871365" ], "author": { "name": "Dan Carpenter", "email": "error27@gmail.com", "time": "Sat Mar 13 14:14:22 2010 +0300" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Mar 15 07:51:29 2010 +1100" }, "message": "tomoyo: fix potential use after free\n\nThe original code returns a freed pointer. This function is expected to\nreturn NULL on errors.\n\nSigned-off-by: Dan Carpenter \u003cerror27@gmail.com\u003e\nAcked-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c43a7523470dc2d9947fa114a0b54317975d4c04", "tree": "30a72ed1e9079f19b814263197761820f57c39ce", "parents": [ "eaa5eec739637f32f8733d528ff0b94fd62b1214", "634a539e16bd7a1ba31c3f832baa725565cc9f96" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Mar 09 12:46:47 2010 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Mar 09 12:46:47 2010 +1100" }, "message": "Merge branch \u0027next-queue\u0027 into next\n" }, { "commit": "b380de9e54ec354ccac55fd9a611ffe28b4daa76", "tree": "ea172565aa4ffb6395a6137582e8be63d657d6ce", "parents": [ "c1e992b99603a84d7debb188542b64f2d9232c07" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Mon Mar 01 19:47:04 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Mar 03 09:18:42 2010 +1100" }, "message": "TOMOYO: Remove unused variables.\n\nVariable \"atmark\" is currently unused.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "1fcdc7c527010b144d3951f9ce25faedf264933c", "tree": "5ab23281aae1de41079f2b4962fe17ab6d59be6d", "parents": [ "189b3b1c89761054fee3438f063d7f257306e2d8" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@i-love.sakura.ne.jp", "time": "Thu Feb 25 17:19:25 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Feb 26 09:20:11 2010 +1100" }, "message": "TOMOYO: Protect find_task_by_vpid() with RCU.\n\nHolding tasklist_lock is no longer sufficient for find_task_by_vpid().\nExplicit rcu_read_lock() is required.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\n--\n security/tomoyo/common.c | 4 ++++\n 1 file changed, 4 insertions(+)\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "170800088666963de1111d62fb503889c8c82eda", "tree": "1c8f1671fd48a7688ec8253508dd2cd460e0aff1", "parents": [ "2da5d31bc72d0a36dc16af7f5d5baa4f86df9c76" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Feb 16 21:14:48 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Feb 17 11:37:58 2010 +1100" }, "message": "TOMOYO: Remove __func__ from tomoyo_is_correct_path/domain\n\n__func__ is used for only debug printk(). We can remove it.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7ef612331fb219620cc1abfc2446bb027d388aa0", "tree": "3912acecc7437303e824d26a9ae124b765ce35d3", "parents": [ "084da356f6e55ce42f1d2739178502023908c107" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Feb 16 08:03:30 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Feb 16 11:17:16 2010 +1100" }, "message": "TOMOYO: Use shorter names.\n\nUse shorter name to reduce newlines needed for 80 columns limit.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "847b173ea3d6f50936823d07f2245059bf44713b", "tree": "b53c6d0536af73a078bcff0375f9f4d837f79bba", "parents": [ "ec8e6a4e062e2edebef91e930c20572c9f4c0dda" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Feb 11 09:43:54 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Feb 15 09:00:24 2010 +1100" }, "message": "TOMOYO: Add garbage collector.\n\nThis patch adds garbage collector support to TOMOYO.\nElements are protected by \"struct srcu_struct tomoyo_ss\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "76bb0895d038be7bcdb6ccfcd2dd7deb30371d6b", "tree": "5948c68b08561deb20d155853faed475a15a4235", "parents": [ "bf24fb016c861b7f52be0c36c4cedd3e89afa2e2" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Feb 11 09:42:40 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Feb 15 09:00:18 2010 +1100" }, "message": "TOMOYO: Merge headers.\n\nGather structures and constants scattered around security/tomoyo/ directory.\nThis is for preparation for adding garbage collector since garbage collector\nneeds to know structures and constants which TOMOYO uses.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "bf24fb016c861b7f52be0c36c4cedd3e89afa2e2", "tree": "f485ca2e70d8305d9aaecf45b5fd929b68b971b2", "parents": [ "ca0b7df3374c5566468c17f26fa2dfd3fe3c6a37" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Thu Feb 11 09:41:58 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Feb 15 09:00:16 2010 +1100" }, "message": "TOMOYO: Add refcounter on string data.\n\nAdd refcounter to \"struct tomoyo_name_entry\" and replace tomoyo_save_name()\nwith tomoyo_get_name()/tomoyo_put_name() pair so that we can kfree() when\ngarbage collector is added.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "ca0b7df3374c5566468c17f26fa2dfd3fe3c6a37", "tree": "39fb8dfd34a84b928d18523da5dcebc5b25cb634", "parents": [ "8007f10259d04f37044c2c731bf9ccdd9161d825" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Feb 07 20:23:59 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Feb 11 17:09:45 2010 +1100" }, "message": "TOMOYO: Reduce lines by using common path for addition and deletion.\n\nSince the codes for adding an entry and removing an entry are similar, we can\nsave some lines by using \"if (is_delete) { ... } else { ... }\" branches.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "ea13ddbad0eb4be9cdc406cd7e0804fa4011f6e4", "tree": "4068bb5baad6f6819242b36a00bf395a6db7f1e1", "parents": [ "f40a70861ace69001524644473cc389543b06c3c" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Feb 03 06:43:06 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Feb 08 14:10:20 2010 +1100" }, "message": "TOMOYO: Extract bitfield\n\nSince list elements are rounded up to kmalloc() size rather than sizeof(int),\nsaving one byte by using bitfields is no longer helpful.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "8e2d39a1665e680c095545993aac2fcac6916eb9", "tree": "41687f7e7f4fb37416b7948b6d2e09d0a383459b", "parents": [ "7d52a155e38d5a165759dbbee656455861bf7801" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Jan 26 20:45:27 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jan 27 08:20:48 2010 +1100" }, "message": "TOMOYO: Remove usage counter for temporary memory.\n\nTOMOYO was using own memory usage counter for detecting memory leak.\nBut as kernel 2.6.31 introduced memory leak detection mechanism\n( CONFIG_DEBUG_KMEMLEAK ), we no longer need to have own counter.\n\nWe remove usage counter for memory used for permission checks, but we keep\nusage counter for memory used for policy so that we can apply quota.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "cd7bec6ad80188394a8ea857ff1aa3512fc2282a", "tree": "598e7d59c29966e0d8fa8abf24eb51bbb2f567a6", "parents": [ "e41035a996356c257183e53a70abfb46fa84908b" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Jan 05 06:39:37 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jan 11 09:27:40 2010 +1100" }, "message": "TOMOYO: Remove memory pool for list elements.\n\nCurrently, TOMOYO allocates memory for list elements from memory pool allocated\nby kmalloc(PAGE_SIZE). But that makes it difficult to kfree() when garbage\ncollector is added. Thus, remove memory pool and use kmalloc(sizeof()).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "f737d95ddfea4df68a36ffc9231db4bf34b06d13", "tree": "28a1bf737c96ba8048abcf87a7acfc8412e92a2e", "parents": [ "fdb8ebb729bbb640e64028a4f579a02ebc405727" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Jan 03 21:16:32 2010 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jan 11 07:57:44 2010 +1100" }, "message": "TOMOYO: Replace rw_semaphore by mutex.\n\nSince readers no longer use down_read(), writers no longer\nneed to use rw_semaphore. Replace individual rw_semaphore by\nsingle mutex.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "fdb8ebb729bbb640e64028a4f579a02ebc405727", "tree": "9dfca7422cb858cd05208734affab31d980030fe", "parents": [ "86fc80f16e8a2449d5827bf1a9838b7fd9f70097" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Dec 08 09:34:43 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Dec 15 15:46:31 2009 +1100" }, "message": "TOMOYO: Use RCU primitives for list operation\n\nReplace list operation with RCU primitives and replace\ndown_read()/up_read() with srcu_read_lock()/srcu_read_unlock().\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "937bf6133b21b16965f75223085f4314ae32b8eb", "tree": "4a042bc9298ffddfaf4017a5796cae46e9594d2c", "parents": [ "5d0901a3a0c39c97ca504f73d24030f63cfc9fa2" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Wed Dec 02 21:09:48 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Dec 08 14:58:05 2009 +1100" }, "message": "TOMOYO: Add rest of file operation restrictions.\n\nLSM hooks for chmod()/chown()/chroot() are now ready.\nThis patch utilizes these hooks.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7539cf4b92be4aecc573ea962135f246a7a33401", "tree": "6ed5ada6206e788e937ce1325a70a9d6fb0d3c2f", "parents": [ "b3a222e52e4d4be77cc4520a57af1a4a0d8222d1" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Nov 24 22:00:05 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Nov 25 18:51:16 2009 +1100" }, "message": "TOMOYO: Add recursive directory matching operator support.\n\nTOMOYO 1.7.1 has recursive directory matching operator support.\nI want to add it to TOMOYO for Linux 2.6.33 .\n----------\n[PATCH] TOMOYO: Add recursive directory matching operator support.\n\nThis patch introduces new operator /\\{dir\\}/ which matches\n\u0027/\u0027 + \u0027One or more repetitions of dir/\u0027 (e.g. /dir/ /dir/dir/ /dir/dir/dir/ ).\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "ccf135f509abdbf607e9a68f08ddeee2c66dc36e", "tree": "4641f30dc45901b619a86957efc72fd3d8d46228", "parents": [ "d905163c5b23f6d8511971e06081a1b525e8a0bd" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@i-love.sakura.ne.jp", "time": "Fri Jun 19 10:29:34 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Jun 19 11:32:37 2009 +1000" }, "message": "TOMOYO: Move tomoyo_delete_domain().\n\nWe can mark tomoyo_delete_domain() as a \"static\" function\nby moving it from domain.c to common.c .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c3fa109a5894077d1eaf8731ea741a15dd117b3c", "tree": "a3d5f58ea878868b48a1493055e6f2cb6dd3c9de", "parents": [ "5bf1692f65c12a8aa359dc883468284ffc3c4587" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@i-love.sakura.ne.jp", "time": "Mon Jun 08 12:37:39 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Jun 09 09:30:24 2009 +1000" }, "message": "TOMOYO: Add description of lists and structures.\n\nThis patch adds some descriptions of lists and structures.\nThis patch contains no code changes.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5bf1692f65c12a8aa359dc883468284ffc3c4587", "tree": "bab96097b51791985d6361b6bdfaf0280b0fc995", "parents": [ "0b4ec6e4e01d98e55ae325a41304cccd87fa4c0f" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@i-love.sakura.ne.jp", "time": "Fri Jun 05 14:44:58 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Jun 09 09:30:21 2009 +1000" }, "message": "TOMOYO: Remove unused field.\n\nTOMOYO 2.2.0 is not using total_len field of \"struct tomoyo_path_info\".\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "7d2948b1248109dbc7f4aaf9867c54b1912d494c", "tree": "24edc8fa319598bc32b7d53c7b61fb3ec9ae9e92", "parents": [ "ab588ccadc80f6ef5495e83e176e88c5c0fc2d0e" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Tue Jun 02 20:42:24 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 03 07:51:51 2009 +1000" }, "message": "TOMOYO: Simplify policy reader.\n\nWe can directly assign the result of tomoyo_io_printf() to done flag.\n\nSigned-off-by: Kentaro Takeda \u003ctakedakn@nttdata.co.jp\u003e\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: Toshiharu Harada \u003charadats@nttdata.co.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "ab588ccadc80f6ef5495e83e176e88c5c0fc2d0e", "tree": "ffb995eba759218fd07795f00a1303518621c119", "parents": [ "850b0cee165576f969363a8c52021b5cf9ecbe67" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@i-love.sakura.ne.jp", "time": "Tue Jun 02 14:23:39 2009 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Jun 03 07:50:06 2009 +1000" }, "message": "TOMOYO: Remove redundant markers.\n\nRemove \u0027/***** START/STOP *****/\u0027 markers.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "e24977d45f45d1675e050dc1a0aaf4bfc4ca9866", "tree": "ee39b590596e9ca6cd18b8ece11a1f6d24278c29", "parents": [ "6b3304b531704711286c3359b06922b83fdba015" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Thu Apr 02 21:17:03 2009 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sat May 09 10:49:42 2009 -0400" }, "message": "Reduce path_lookup() abuses\n\n... use kern_path() where possible\n\n[folded a fix from rdd]\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" } ], "next": "39826a1e17c1957bd7b5cd7815b83940e5e3a230" }