)]}' { "log": [ { "commit": "201e72acb2d3821e2de9ce6091e98859c316b29a", "tree": "01e47038346474d659714151b8209673c11f330a", "parents": [ "64e104771351d365e51e588a0e9a656ae6ed2f50" ], "author": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Tue Nov 06 09:17:37 2012 -0800" }, "committer": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Tue Nov 06 12:25:51 2012 -0800" }, "message": "device_cgroup: fix RCU usage\n\ndev_cgroup-\u003eexceptions is protected with devcgroup_mutex for writes\nand RCU for reads; however, RCU usage isn\u0027t correct.\n\n* dev_exception_clean() doesn\u0027t use RCU variant of list_del() and\n kfree(). The function can race with may_access() and may_access()\n may end up dereferencing already freed memory. Use list_del_rcu()\n and kfree_rcu() instead.\n\n* may_access() may be called only with RCU read locked but doesn\u0027t use\n RCU safe traversal over -\u003eexceptions. Use list_for_each_entry_rcu().\n\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\nAcked-by: Serge E. Hallyn \u003cserge.hallyn@ubuntu.com\u003e\nCc: stable@vger.kernel.org\nCc: Aristeu Rozanski \u003caris@redhat.com\u003e\nCc: Li Zefan \u003clizefan@huawei.com\u003e\n" }, { "commit": "64e104771351d365e51e588a0e9a656ae6ed2f50", "tree": "e5078e0ba32729735846aa465c1f53f5d98c11ac", "parents": [ "3d70f8c617a436c7146ecb81df2265b4626dfe89" ], "author": { "name": "Aristeu Rozanski", "email": "aris@redhat.com", "time": "Tue Nov 06 07:25:04 2012 -0800" }, "committer": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Tue Nov 06 07:25:20 2012 -0800" }, "message": "device_cgroup: fix unchecked cgroup parent usage\n\nIn 4cef7299b478687 (\"device_cgroup: add proper checking when changing\ndefault behavior\") the cgroup parent usage is unchecked. root will not\nhave a parent and trying to use device.{allow,deny} will cause problems.\nFor some reason my stressing scripts didn\u0027t test the root directory so I\ndidn\u0027t catch it on my regular tests.\n\nSigned-off-by: Aristeu Rozanski \u003caris@redhat.com\u003e\nCc: Li Zefan \u003clizefan@huawei.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Pavel Emelyanov \u003cxemul@openvz.org\u003e\nAcked-by: Serge E. Hallyn \u003cserge.hallyn@ubuntu.com\u003e\nCc: Jiri Slaby \u003cjslaby@suse.cz\u003e\nCc: Tejun Heo \u003ctj@kernel.org\u003e\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\n" }, { "commit": "4cef7299b4786879a3e113e84084a72b24590c5b", "tree": "31efb5e00be1c1e5cc266046c783c7569e495ede", "parents": [ "26fd8405dd470cb8b54cb96859b7dd437e5e1391" ], "author": { "name": "Aristeu Rozanski", "email": "aris@redhat.com", "time": "Thu Oct 25 13:37:45 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Oct 25 14:37:52 2012 -0700" }, "message": "device_cgroup: add proper checking when changing default behavior\n\nBefore changing a group\u0027s default behavior to ALLOW, we must check if\nits parent\u0027s behavior is also ALLOW.\n\nSigned-off-by: Aristeu Rozanski \u003caris@redhat.com\u003e\nCc: Tejun Heo \u003ctj@kernel.org\u003e\nCc: Li Zefan \u003clizefan@huawei.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Pavel Emelyanov \u003cxemul@openvz.org\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nCc: Jiri Slaby \u003cjslaby@suse.cz\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "26fd8405dd470cb8b54cb96859b7dd437e5e1391", "tree": "c4d77df24842b0d980ccd10e09b00c6230db3176", "parents": [ "5b7aa7d5bb2c5cf7fc05aaa41561af321706ab5f" ], "author": { "name": "Aristeu Rozanski", "email": "aris@redhat.com", "time": "Thu Oct 25 13:37:41 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Oct 25 14:37:52 2012 -0700" }, "message": "device_cgroup: stop using simple_strtoul()\n\nConvert the code to use kstrtou32() instead of simple_strtoul() which is\ndeprecated. The real size of the variables are u32, so use kstrtou32\ninstead of kstrtoul\n\nSigned-off-by: Aristeu Rozanski \u003caris@redhat.com\u003e\nCc: Dave Jones \u003cdavej@redhat.com\u003e\nCc: Tejun Heo \u003ctj@kernel.org\u003e\nCc: Li Zefan \u003clizefan@huawei.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Pavel Emelyanov \u003cxemul@openvz.org\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nCc: Jiri Slaby \u003cjslaby@suse.cz\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "5b7aa7d5bb2c5cf7fc05aaa41561af321706ab5f", "tree": "404da02312a547f3ff66003fe4002a4b4ff14dcb", "parents": [ "8c9506d16925f1b1314d93af383ca3134eb534d8" ], "author": { "name": "Aristeu Rozanski", "email": "aris@redhat.com", "time": "Thu Oct 25 13:37:38 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Oct 25 14:37:52 2012 -0700" }, "message": "device_cgroup: rename deny_all to behavior\n\nThis was done in a v2 patch but v1 ended up being committed. The\nvariable name is less confusing and stores the default behavior when no\nmatching exception exists.\n\nSigned-off-by: Aristeu Rozanski \u003caris@redhat.com\u003e\nCc: Dave Jones \u003cdavej@redhat.com\u003e\nCc: Tejun Heo \u003ctj@kernel.org\u003e\nCc: Li Zefan \u003clizefan@huawei.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Pavel Emelyanov \u003cxemul@openvz.org\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nCc: Jiri Slaby \u003cjslaby@suse.cz\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "8c9506d16925f1b1314d93af383ca3134eb534d8", "tree": "e14dbc5816b375463b8d37eda0f79bcd0ea96a3b", "parents": [ "ef5d437f71afdf4afdbab99213add99f4b1318fd" ], "author": { "name": "Jiri Slaby", "email": "jslaby@suse.cz", "time": "Thu Oct 25 13:37:34 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Oct 25 14:37:52 2012 -0700" }, "message": "cgroup: fix invalid rcu dereference\n\nCommit ad676077a2ae (\"device_cgroup: convert device_cgroup internally to\npolicy + exceptions\") removed rcu locks which are needed in\ntask_devcgroup called in this chain:\n\n devcgroup_inode_mknod OR __devcgroup_inode_permission -\u003e\n __devcgroup_inode_permission -\u003e\n task_devcgroup -\u003e\n task_subsys_state -\u003e\n task_subsys_state_check.\n\nChange the code so that task_devcgroup is safely called with rcu read\nlock held.\n\n \u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\n [ INFO: suspicious RCU usage. ]\n 3.6.0-rc5-next-20120913+ #42 Not tainted\n -------------------------------\n include/linux/cgroup.h:553 suspicious rcu_dereference_check() usage!\n\n other info that might help us debug this:\n\n rcu_scheduler_active \u003d 1, debug_locks \u003d 0\n 2 locks held by kdevtmpfs/23:\n #0: (sb_writers){.+.+.+}, at: [\u003cffffffff8116873f\u003e]\n mnt_want_write+0x1f/0x50\n #1: (\u0026sb-\u003es_type-\u003ei_mutex_key#3/1){+.+.+.}, at: [\u003cffffffff811558af\u003e]\n kern_path_create+0x7f/0x170\n\n stack backtrace:\n Pid: 23, comm: kdevtmpfs Not tainted 3.6.0-rc5-next-20120913+ #42\n Call Trace:\n lockdep_rcu_suspicious+0xfd/0x130\n devcgroup_inode_mknod+0x19d/0x240\n vfs_mknod+0x71/0xf0\n handle_create.isra.2+0x72/0x200\n devtmpfsd+0x114/0x140\n ? handle_create.isra.2+0x200/0x200\n kthread+0xd6/0xe0\n kernel_thread_helper+0x4/0x10\n\nSigned-off-by: Jiri Slaby \u003cjslaby@suse.cz\u003e\nCc: Dave Jones \u003cdavej@redhat.com\u003e\nCc: Tejun Heo \u003ctj@kernel.org\u003e\nCc: Li Zefan \u003clizefan@huawei.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Pavel Emelyanov \u003cxemul@openvz.org\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "2e680dd61e80592385338bfbeb86833d1c60546c", "tree": "a62b80465dd15a7fddb34367ccb7c94e47951dc5", "parents": [ "0e9e3e306c7e472bdcffa34c4c4584301eda03b3" ], "author": { "name": "John Johansen", "email": "john.johansen@canonical.com", "time": "Wed Oct 24 06:27:32 2012 -0700" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Thu Oct 25 02:12:50 2012 +1100" }, "message": "apparmor: fix IRQ stack overflow during free_profile\n\nBugLink: http://bugs.launchpad.net/bugs/1056078\n\nProfile replacement can cause long chains of profiles to build up when\nthe profile being replaced is pinned. When the pinned profile is finally\nfreed, it puts the reference to its replacement, which may in turn nest\nanother call to free_profile on the stack. Because this may happen for\neach profile in the replacedby chain this can result in a recusion that\ncauses the stack to overflow.\n\nBreak this nesting by directly walking the chain of replacedby profiles\n(ie. use iteration instead of recursion to free the list). This results\nin at most 2 levels of free_profile being called, while freeing a\nreplacedby chain.\n\nSigned-off-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "43c422eda99b894f18d1cca17bcd2401efaf7bd0", "tree": "2de386d66b58edaace714ecf0364e47fcad38f7e", "parents": [ "985c9e615a605041d728c08b83d3dda19ae7def8" ], "author": { "name": "John Johansen", "email": "john.johansen@canonical.com", "time": "Wed Oct 17 13:29:33 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Oct 17 16:29:46 2012 -0700" }, "message": "apparmor: fix apparmor OOPS in audit_log_untrustedstring+0x1c/0x40\n\nThe capability defines have moved causing the auto generated names\nof capabilities that apparmor uses in logging to be incorrect.\n\nFix the autogenerated table source to uapi/linux/capability.h\n\nReported-by: YanHong \u003cclouds.yan@gmail.com\u003e\nReported-by: Krzysztof Kolasa \u003ckkolasa@winsoft.pl\u003e\nAnalyzed-by: Al Viro \u003cviro@ZenIV.linux.org.uk\u003e\nSigned-off-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nAcked-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: James Morris \u003cjames.l.morris@oracle.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "45525b26a46cd593cb72070304c4cd7c8391bd37", "tree": "9064f045ef433e4d74d281daa995ee3c082e806e", "parents": [ "dd8e8c4a2c902d8350b702e7bc7c2799e5e7e331" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Oct 16 13:30:07 2012 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Oct 16 13:36:50 2012 -0400" }, "message": "fix a leak in replace_fd() users\n\nreplace_fd() began with \"eats a reference, tries to insert into\ndescriptor table\" semantics; at some point I\u0027d switched it to\nmuch saner current behaviour (\"try to insert into descriptor\ntable, grabbing a new reference if inserted; caller should do\nfput() in any case\"), but forgot to update the callers.\nMea culpa...\n\n[Spotted by Pavel Roskin, who has really weird system with pipe-fed\ncoredumps as part of what he considers a normal boot ;-)]\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "d25282d1c9b9bc4cda7f9d3c0205108e99aa7a9d", "tree": "f414482d768b015a609924293b779b4ad0b8f764", "parents": [ "b6eea87fc6850d3531a64a27d2323a4498cd4e43", "dbadc17683e6c673a69b236c0f041b931cc55c42" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Oct 14 13:39:34 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Oct 14 13:39:34 2012 -0700" }, "message": "Merge branch \u0027modules-next\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux\n\nPull module signing support from Rusty Russell:\n \"module signing is the highlight, but it\u0027s an all-over David Howells frenzy...\"\n\nHmm \"Magrathea: Glacier signing key\". Somebody has been reading too much HHGTTG.\n\n* \u0027modules-next\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/rusty/linux: (37 commits)\n X.509: Fix indefinite length element skip error handling\n X.509: Convert some printk calls to pr_devel\n asymmetric keys: fix printk format warning\n MODSIGN: Fix 32-bit overflow in X.509 certificate validity date checking\n MODSIGN: Make mrproper should remove generated files.\n MODSIGN: Use utf8 strings in signer\u0027s name in autogenerated X.509 certs\n MODSIGN: Use the same digest for the autogen key sig as for the module sig\n MODSIGN: Sign modules during the build process\n MODSIGN: Provide a script for generating a key ID from an X.509 cert\n MODSIGN: Implement module signature checking\n MODSIGN: Provide module signing public keys to the kernel\n MODSIGN: Automatically generate module signing keys if missing\n MODSIGN: Provide Kconfig options\n MODSIGN: Provide gitignore and make clean rules for extra files\n MODSIGN: Add FIPS policy\n module: signature checking hook\n X.509: Add a crypto key parser for binary (DER) X.509 certificates\n MPILIB: Provide a function to read raw data into an MPI\n X.509: Add an ASN.1 decoder\n X.509: Add simple ASN.1 grammar compiler\n ...\n" }, { "commit": "808d4e3cfdcc52b19276175464f6dbca4df13b09", "tree": "11c319127e8c1314c1ed1a777e4284032ab5bd00", "parents": [ "4b2c551f77f5a0c496e2125b1d883f4b26aabf2c" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Thu Oct 11 11:42:01 2012 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Thu Oct 11 20:02:04 2012 -0400" }, "message": "consitify do_mount() arguments\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "9e2d8656f5e8aa214e66b462680cf86b210b74a8", "tree": "f67d62e896cedf75599ea45f9ecf9999c6ad24cd", "parents": [ "1ea4f4f8405cc1ceec23f2d261bc3775785e6712", "9e695d2ecc8451cc2c1603d60b5c8e7f5581923a" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 09 16:23:15 2012 +0900" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 09 16:23:15 2012 +0900" }, "message": "Merge branch \u0027akpm\u0027 (Andrew\u0027s patch-bomb)\n\nMerge patches from Andrew Morton:\n \"A few misc things and very nearly all of the MM tree. A tremendous\n amount of stuff (again), including a significant rbtree library\n rework.\"\n\n* emailed patches from Andrew Morton \u003cakpm@linux-foundation.org\u003e: (160 commits)\n sparc64: Support transparent huge pages.\n mm: thp: Use more portable PMD clearing sequenece in zap_huge_pmd().\n mm: Add and use update_mmu_cache_pmd() in transparent huge page code.\n sparc64: Document PGD and PMD layout.\n sparc64: Eliminate PTE table memory wastage.\n sparc64: Halve the size of PTE tables\n sparc64: Only support 4MB huge pages and 8KB base pages.\n memory-hotplug: suppress \"Trying to free nonexistent resource \u003cXXXXXXXXXXXXXXXX-YYYYYYYYYYYYYYYY\u003e\" warning\n mm: memcg: clean up mm_match_cgroup() signature\n mm: document PageHuge somewhat\n mm: use %pK for /proc/vmallocinfo\n mm, thp: fix mlock statistics\n mm, thp: fix mapped pages avoiding unevictable list on mlock\n memory-hotplug: update memory block\u0027s state and notify userspace\n memory-hotplug: preparation to notify memory block\u0027s state at memory hot remove\n mm: avoid section mismatch warning for memblock_type_name\n make GFP_NOTRACK definition unconditional\n cma: decrease cc.nr_migratepages after reclaiming pagelist\n CMA: migrate mlocked pages\n kpageflags: fix wrong KPF_THP on non-huge compound pages\n ...\n" }, { "commit": "314e51b9851b4f4e8ab302243ff5a6fc6147f379", "tree": "f757b89206355fd129830782566768693eed23ce", "parents": [ "0103bd16fb90bc741c7a03fd1ea4e8a505abad23" ], "author": { "name": "Konstantin Khlebnikov", "email": "khlebnikov@openvz.org", "time": "Mon Oct 08 16:29:02 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 09 16:22:19 2012 +0900" }, "message": "mm: kill vma flag VM_RESERVED and mm-\u003ereserved_vm counter\n\nA long time ago, in v2.4, VM_RESERVED kept swapout process off VMA,\ncurrently it lost original meaning but still has some effects:\n\n | effect | alternative flags\n-+------------------------+---------------------------------------------\n1| account as reserved_vm | VM_IO\n2| skip in core dump | VM_IO, VM_DONTDUMP\n3| do not merge or expand | VM_IO, VM_DONTEXPAND, VM_HUGETLB, VM_PFNMAP\n4| do not mlock | VM_IO, VM_DONTEXPAND, VM_HUGETLB, VM_PFNMAP\n\nThis patch removes reserved_vm counter from mm_struct. Seems like nobody\ncares about it, it does not exported into userspace directly, it only\nreduces total_vm showed in proc.\n\nThus VM_RESERVED can be replaced with VM_IO or pair VM_DONTEXPAND | VM_DONTDUMP.\n\nremap_pfn_range() and io_remap_pfn_range() set VM_IO|VM_DONTEXPAND|VM_DONTDUMP.\nremap_vmalloc_range() set VM_DONTEXPAND | VM_DONTDUMP.\n\n[akpm@linux-foundation.org: drivers/vfio/pci/vfio_pci.c fixup]\nSigned-off-by: Konstantin Khlebnikov \u003ckhlebnikov@openvz.org\u003e\nCc: Alexander Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: Carsten Otte \u003ccotte@de.ibm.com\u003e\nCc: Chris Metcalf \u003ccmetcalf@tilera.com\u003e\nCc: Cyrill Gorcunov \u003cgorcunov@openvz.org\u003e\nCc: Eric Paris \u003ceparis@redhat.com\u003e\nCc: H. Peter Anvin \u003chpa@zytor.com\u003e\nCc: Hugh Dickins \u003chughd@google.com\u003e\nCc: Ingo Molnar \u003cmingo@redhat.com\u003e\nCc: James Morris \u003cjames.l.morris@oracle.com\u003e\nCc: Jason Baron \u003cjbaron@redhat.com\u003e\nCc: Kentaro Takeda \u003ctakedakn@nttdata.co.jp\u003e\nCc: Matt Helsley \u003cmatthltc@us.ibm.com\u003e\nCc: Nick Piggin \u003cnpiggin@kernel.dk\u003e\nCc: Oleg Nesterov \u003coleg@redhat.com\u003e\nCc: Peter Zijlstra \u003ca.p.zijlstra@chello.nl\u003e\nCc: Robert Richter \u003crobert.richter@amd.com\u003e\nCc: Suresh Siddha \u003csuresh.b.siddha@intel.com\u003e\nCc: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nCc: Venkatesh Pallipadi \u003cvenki@google.com\u003e\nAcked-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "2dd8ad81e31d0d36a5d448329c646ab43eb17788", "tree": "cd358be45ed8067673edac7f1db6b6a42a96d9db", "parents": [ "0b173bc4daa8f8ec03a85abf5e47b23502ff80af" ], "author": { "name": "Konstantin Khlebnikov", "email": "khlebnikov@openvz.org", "time": "Mon Oct 08 16:28:51 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 09 16:22:18 2012 +0900" }, "message": "mm: use mm-\u003eexe_file instead of first VM_EXECUTABLE vma-\u003evm_file\n\nSome security modules and oprofile still uses VM_EXECUTABLE for retrieving\na task\u0027s executable file. After this patch they will use mm-\u003eexe_file\ndirectly. mm-\u003eexe_file is protected with mm-\u003emmap_sem, so locking stays\nthe same.\n\nSigned-off-by: Konstantin Khlebnikov \u003ckhlebnikov@openvz.org\u003e\nAcked-by: Chris Metcalf \u003ccmetcalf@tilera.com\u003e\t\t\t[arch/tile]\nAcked-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\t[tomoyo]\nCc: Alexander Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: Carsten Otte \u003ccotte@de.ibm.com\u003e\nCc: Cyrill Gorcunov \u003cgorcunov@openvz.org\u003e\nCc: Eric Paris \u003ceparis@redhat.com\u003e\nCc: H. Peter Anvin \u003chpa@zytor.com\u003e\nCc: Hugh Dickins \u003chughd@google.com\u003e\nCc: Ingo Molnar \u003cmingo@redhat.com\u003e\nAcked-by: James Morris \u003cjames.l.morris@oracle.com\u003e\nCc: Jason Baron \u003cjbaron@redhat.com\u003e\nCc: Kentaro Takeda \u003ctakedakn@nttdata.co.jp\u003e\nCc: Matt Helsley \u003cmatthltc@us.ibm.com\u003e\nCc: Nick Piggin \u003cnpiggin@kernel.dk\u003e\nCc: Oleg Nesterov \u003coleg@redhat.com\u003e\nCc: Peter Zijlstra \u003ca.p.zijlstra@chello.nl\u003e\nCc: Robert Richter \u003crobert.richter@amd.com\u003e\nCc: Suresh Siddha \u003csuresh.b.siddha@intel.com\u003e\nCc: Venkatesh Pallipadi \u003cvenki@google.com\u003e\nAcked-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "50e0d10232db05c6776afcf6098459bff47e8b15", "tree": "0e89971de6d960c8946cc9351d73b297347a0260", "parents": [ "8711798772641b2f593beebebcab5b1ec2309f0c", "c37d6154c0b9163c27e53cc1d0be3867b4abd760" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 09 15:58:38 2012 +0900" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 09 15:58:38 2012 +0900" }, "message": "Merge tag \u0027asm-generic\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic\n\nPull asm-generic updates from Arnd Bergmann:\n \"This has three changes for asm-generic that did not really fit into\n any other branch as normal asm-generic changes do. One is a fix for a\n build warning, the other two are more interesting:\n\n * A patch from Mark Brown to allow using the common clock\n infrastructure on all architectures, so we can use the clock API in\n architecture independent device drivers.\n\n * The UAPI split patches from David Howells for the asm-generic\n files. There are other architecture specific series that are going\n through the arch maintainer tree and that depend on this one.\n\n There may be a few small merge conflicts between Mark\u0027s patch and the\n following arch header file split patches. In each case the solution\n will be to keep the new \"generic-y +\u003d clkdev.h\" line, even if it ends\n up being the only line in the Kbuild file.\"\n\n* tag \u0027asm-generic\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/asm-generic:\n UAPI: (Scripted) Disintegrate include/asm-generic\n asm-generic: Add default clkdev.h\n asm-generic: xor: mark static functions as __maybe_unused\n" }, { "commit": "cf7f601c067994f371ba77721d1e45fce61a4569", "tree": "4ff5a12ae84cf47a9815c3e3979341a66360cb31", "parents": [ "9bb9c3be56834653878f766f471fa1c20e562f4c" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Sep 13 13:06:29 2012 +0100" }, "committer": { "name": "Rusty Russell", "email": "rusty@rustcorp.com.au", "time": "Mon Oct 08 13:49:48 2012 +1030" }, "message": "KEYS: Add payload preparsing opportunity prior to key instantiate or update\n\nGive the key type the opportunity to preparse the payload prior to the\ninstantiation and update routines being called. This is done with the\nprovision of two new key type operations:\n\n\tint (*preparse)(struct key_preparsed_payload *prep);\n\tvoid (*free_preparse)(struct key_preparsed_payload *prep);\n\nIf the first operation is present, then it is called before key creation (in\nthe add/update case) or before the key semaphore is taken (in the update and\ninstantiate cases). The second operation is called to clean up if the first\nwas called.\n\npreparse() is given the opportunity to fill in the following structure:\n\n\tstruct key_preparsed_payload {\n\t\tchar\t\t*description;\n\t\tvoid\t\t*type_data[2];\n\t\tvoid\t\t*payload;\n\t\tconst void\t*data;\n\t\tsize_t\t\tdatalen;\n\t\tsize_t\t\tquotalen;\n\t};\n\nBefore the preparser is called, the first three fields will have been cleared,\nthe payload pointer and size will be stored in data and datalen and the default\nquota size from the key_type struct will be stored into quotalen.\n\nThe preparser may parse the payload in any way it likes and may store data in\nthe type_data[] and payload fields for use by the instantiate() and update()\nops.\n\nThe preparser may also propose a description for the key by attaching it as a\nstring to the description field. This can be used by passing a NULL or \"\"\ndescription to the add_key() system call or the key_create_or_update()\nfunction. This cannot work with request_key() as that required the description\nto tell the upcall about the key to be created.\n\nThis, for example permits keys that store PGP public keys to generate their own\nname from the user ID and public key fingerprint in the key.\n\nThe instantiate() and update() operations are then modified to look like this:\n\n\tint (*instantiate)(struct key *key, struct key_preparsed_payload *prep);\n\tint (*update)(struct key *key, struct key_preparsed_payload *prep);\n\nand the new payload data is passed in *prep, whether or not it was preparsed.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Rusty Russell \u003crusty@rustcorp.com.au\u003e\n" }, { "commit": "638c87a91666df1f16866badee862ce38bf31e4a", "tree": "67be4d125ad6abe2eeee00eab12e0fc8f03fa099", "parents": [ "7cb9cf0224efd6d41b2bdd9bfb412b42aa4281f8", "d26e1936227b538a1691b978566ef269aef10853" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Oct 07 21:07:21 2012 +0900" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sun Oct 07 21:07:21 2012 +0900" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security\n\nPull IMA bugfix (security subsystem) from James Morris.\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:\n ima: fix bug in argument order\n" }, { "commit": "db9aeca97a58563e1ab927d157c9b5048f233e73", "tree": "6569621429efe0e6cc0529b78c50939913f0bd35", "parents": [ "ad676077a2ae4af4bb6627486ce19ccce04f1efe" ], "author": { "name": "Aristeu Rozanski", "email": "aris@redhat.com", "time": "Thu Oct 04 17:15:20 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Oct 06 03:05:14 2012 +0900" }, "message": "device_cgroup: rename whitelist to exception list\n\nThis patch replaces the \"whitelist\" usage in the code and comments and replace\nthem by exception list related information.\n\nSigned-off-by: Aristeu Rozanski \u003caris@redhat.com\u003e\nCc: Tejun Heo \u003ctj@kernel.org\u003e\nCc: Li Zefan \u003clizefan@huawei.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Pavel Emelyanov \u003cxemul@openvz.org\u003e\nAcked-by: Serge E. Hallyn \u003cserge.hallyn@canonical.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "ad676077a2ae4af4bb6627486ce19ccce04f1efe", "tree": "638e05256abe3b04f6acdbecf630b003143649c4", "parents": [ "868539a3b671e0f736ddd11b67bf1dc3d8a5a921" ], "author": { "name": "Aristeu Rozanski", "email": "aris@redhat.com", "time": "Thu Oct 04 17:15:17 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Oct 06 03:05:14 2012 +0900" }, "message": "device_cgroup: convert device_cgroup internally to policy + exceptions\n\nThe original model of device_cgroup is having a whitelist where all the\nallowed devices are listed. The problem with this approach is that is\nimpossible to have the case of allowing everything but few devices.\n\nThe reason for that lies in the way the whitelist is handled internally:\nsince there\u0027s only a whitelist, the \"all devices\" entry would have to be\nremoved and replaced by the entire list of possible devices but the ones\nthat are being denied. Since dev_t is 32 bits long, representing the allowed\ndevices as a bitfield is not memory efficient.\n\nThis patch replaces the \"whitelist\" by a \"exceptions\" list and the default\npolicy is kept as \"deny_all\" variable in dev_cgroup structure.\n\nThe current interface determines that whenever \"a\" is written to devices.allow\nor devices.deny, the entry masking all devices will be added or removed,\nrespectively. This behavior is kept and it\u0027s what will determine the default\npolicy:\n\n\t# cat devices.list\n\ta *:* rwm\n\t# echo a \u003edevices.deny\n\t# cat devices.list\n\t# echo a \u003edevices.allow\n\t# cat devices.list\n\ta *:* rwm\n\nThe interface is also preserved. For example, if one wants to block only access\nto /dev/null:\n\t# ls -l /dev/null\n\tcrw-rw-rw- 1 root root 1, 3 Jul 24 16:17 /dev/null\n\t# echo a \u003edevices.allow\n\t# echo \"c 1:3 rwm\" \u003edevices.deny\n\t# cat /dev/null\n\tcat: /dev/null: Operation not permitted\n\t# echo \u003e/dev/null\n\tbash: /dev/null: Operation not permitted\n\tmknod /tmp/null c 1 3\n\tmknod: `/tmp/null\u0027: Operation not permitted\n\t# echo \"c 1:3 r\" \u003edevices.allow\n\t# cat /dev/null\n\t# echo \u003e/dev/null\n\tbash: /dev/null: Operation not permitted\n\tmknod /tmp/null c 1 3\n\tmknod: `/tmp/null\u0027: Operation not permitted\n\t# echo \"c 1:3 rw\" \u003edevices.allow\n\t# echo \u003e/dev/null\n\t# cat /dev/null\n\t# mknod /tmp/null c 1 3\n\tmknod: `/tmp/null\u0027: Operation not permitted\n\t# echo \"c 1:3 rwm\" \u003edevices.allow\n\t# echo \u003e/dev/null\n\t# cat /dev/null\n\t# mknod /tmp/null c 1 3\n\t#\n\nNote that I didn\u0027t rename the functions/variables in this patch, but in the\nnext one to make reviewing easier.\n\nSigned-off-by: Aristeu Rozanski \u003caris@redhat.com\u003e\nCc: Tejun Heo \u003ctj@kernel.org\u003e\nCc: Li Zefan \u003clizefan@huawei.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Pavel Emelyanov \u003cxemul@openvz.org\u003e\nAcked-by: Serge E. Hallyn \u003cserge.hallyn@canonical.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "868539a3b671e0f736ddd11b67bf1dc3d8a5a921", "tree": "2c2c10e2983c40ffad02fb01d55fad6f4a6b3175", "parents": [ "66b8ef67756b3051bf42a077a82c3c5c279caa5b" ], "author": { "name": "Aristeu Rozanski", "email": "aris@redhat.com", "time": "Thu Oct 04 17:15:15 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Oct 06 03:05:14 2012 +0900" }, "message": "device_cgroup: introduce dev_whitelist_clean()\n\nThis function cleans all the items in a whitelist and will be used by the next\npatches.\n\nSigned-off-by: Aristeu Rozanski \u003caris@redhat.com\u003e\nCc: Tejun Heo \u003ctj@kernel.org\u003e\nCc: Li Zefan \u003clizefan@huawei.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Pavel Emelyanov \u003cxemul@openvz.org\u003e\nAcked-by: Serge E. Hallyn \u003cserge.hallyn@canonical.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "66b8ef67756b3051bf42a077a82c3c5c279caa5b", "tree": "60527442334744981f0766dae6f46bf7ae9b4d4f", "parents": [ "12ae6779332181432a7feda740735ffa5bb3d32d" ], "author": { "name": "Aristeu Rozanski", "email": "aris@redhat.com", "time": "Thu Oct 04 17:15:13 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Sat Oct 06 03:05:13 2012 +0900" }, "message": "device_cgroup: add \"deny_all\" in dev_cgroup structure\n\ndeny_all will determine if the default policy is to deny all device access\nunless for the ones in the exception list.\n\nThis variable will be used in the next patches to convert device_cgroup\ninternally into a default policy + rules.\n\nSigned-off-by: Aristeu Rozanski \u003caris@redhat.com\u003e\nCc: Tejun Heo \u003ctj@kernel.org\u003e\nCc: Li Zefan \u003clizefan@huawei.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Pavel Emelyanov \u003cxemul@openvz.org\u003e\nAcked-by: Serge E. Hallyn \u003cserge.hallyn@canonical.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "d26e1936227b538a1691b978566ef269aef10853", "tree": "c1b803d6177f6c39932a159c7bdb2c557497e16f", "parents": [ "ecefbd94b834fa32559d854646d777c56749ef1c" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Thu Sep 27 18:26:53 2012 +0300" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Fri Oct 05 22:32:16 2012 +1000" }, "message": "ima: fix bug in argument order\n\nmask argument goes first, then func, like ima_must_measure\nand ima_get_action. ima_inode_post_setattr() assumes that.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "8a1ab3155c2ac7fbe5f2038d6e26efeb607a1498", "tree": "42ef93e164b8b2a01adab30db4b33f370f4280d7", "parents": [ "f3dfd599af993385b40fc7a1c947afc12729bc4d" ], "author": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Oct 04 18:20:15 2012 +0100" }, "committer": { "name": "David Howells", "email": "dhowells@redhat.com", "time": "Thu Oct 04 18:20:15 2012 +0100" }, "message": "UAPI: (Scripted) Disintegrate include/asm-generic\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: Arnd Bergmann \u003carnd@arndb.de\u003e\nAcked-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nAcked-by: Michael Kerrisk \u003cmtk.manpages@gmail.com\u003e\nAcked-by: Paul E. McKenney \u003cpaulmck@linux.vnet.ibm.com\u003e\nAcked-by: Dave Jones \u003cdavej@redhat.com\u003e\n" }, { "commit": "88265322c14cce39f7afbc416726ef4fac413298", "tree": "e4956f905ef617971f87788d8f8a09dbb66b70a3", "parents": [ "65b99c74fdd325d1ffa2e5663295888704712604", "bf5308344527d015ac9a6d2bda4ad4d40fd7d943" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 21:38:48 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 21:38:48 2012 -0700" }, "message": "Merge branch \u0027next\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security\n\nPull security subsystem updates from James Morris:\n \"Highlights:\n\n - Integrity: add local fs integrity verification to detect offline\n attacks\n - Integrity: add digital signature verification\n - Simple stacking of Yama with other LSMs (per LSS discussions)\n - IBM vTPM support on ppc64\n - Add new driver for Infineon I2C TIS TPM\n - Smack: add rule revocation for subject labels\"\n\nFixed conflicts with the user namespace support in kernel/auditsc.c and\nsecurity/integrity/ima/ima_policy.c.\n\n* \u0027next\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (39 commits)\n Documentation: Update git repository URL for Smack userland tools\n ima: change flags container data type\n Smack: setprocattr memory leak fix\n Smack: implement revoking all rules for a subject label\n Smack: remove task_wait() hook.\n ima: audit log hashes\n ima: generic IMA action flag handling\n ima: rename ima_must_appraise_or_measure\n audit: export audit_log_task_info\n tpm: fix tpm_acpi sparse warning on different address spaces\n samples/seccomp: fix 31 bit build on s390\n ima: digital signature verification support\n ima: add support for different security.ima data types\n ima: add ima_inode_setxattr/removexattr function and calls\n ima: add inode_post_setattr call\n ima: replace iint spinblock with rwlock/read_lock\n ima: allocating iint improvements\n ima: add appraise action keywords and default rules\n ima: integrity appraisal extension\n vfs: move ima_file_free before releasing the file\n ...\n" }, { "commit": "aab174f0df5d72d31caccf281af5f614fa254578", "tree": "2a172c5009c4ac8755e858593154c258ce7709a0", "parents": [ "ca41cc96b2813221b05af57d0355157924de5a07", "2bd2c1941f141ad780135ccc1cd08ca71a24f10a" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 20:25:04 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 20:25:04 2012 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs\n\nPull vfs update from Al Viro:\n\n - big one - consolidation of descriptor-related logics; almost all of\n that is moved to fs/file.c\n\n (BTW, I\u0027m seriously tempted to rename the result to fd.c. As it is,\n we have a situation when file_table.c is about handling of struct\n file and file.c is about handling of descriptor tables; the reasons\n are historical - file_table.c used to be about a static array of\n struct file we used to have way back).\n\n A lot of stray ends got cleaned up and converted to saner primitives,\n disgusting mess in android/binder.c is still disgusting, but at least\n doesn\u0027t poke so much in descriptor table guts anymore. A bunch of\n relatively minor races got fixed in process, plus an ext4 struct file\n leak.\n\n - related thing - fget_light() partially unuglified; see fdget() in\n there (and yes, it generates the code as good as we used to have).\n\n - also related - bits of Cyrill\u0027s procfs stuff that got entangled into\n that work; _not_ all of it, just the initial move to fs/proc/fd.c and\n switch of fdinfo to seq_file.\n\n - Alex\u0027s fs/coredump.c spiltoff - the same story, had been easier to\n take that commit than mess with conflicts. The rest is a separate\n pile, this was just a mechanical code movement.\n\n - a few misc patches all over the place. Not all for this cycle,\n there\u0027ll be more (and quite a few currently sit in akpm\u0027s tree).\"\n\nFix up trivial conflicts in the android binder driver, and some fairly\nsimple conflicts due to two different changes to the sock_alloc_file()\ninterface (\"take descriptor handling from sock_alloc_file() to callers\"\nvs \"net: Providing protocol type via system.sockprotoname xattr of\n/proc/PID/fd entries\" adding a dentry name to the socket)\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (72 commits)\n MAX_LFS_FILESIZE should be a loff_t\n compat: fs: Generic compat_sys_sendfile implementation\n fs: push rcu_barrier() from deactivate_locked_super() to filesystems\n btrfs: reada_extent doesn\u0027t need kref for refcount\n coredump: move core dump functionality into its own file\n coredump: prevent double-free on an error path in core dumper\n usb/gadget: fix misannotations\n fcntl: fix misannotations\n ceph: don\u0027t abuse d_delete() on failure exits\n hypfs: -\u003ed_parent is never NULL or negative\n vfs: delete surplus inode NULL check\n switch simple cases of fget_light to fdget\n new helpers: fdget()/fdput()\n switch o2hb_region_dev_write() to fget_light()\n proc_map_files_readdir(): don\u0027t bother with grabbing files\n make get_file() return its argument\n vhost_set_vring(): turn pollstart/pollstop into bool\n switch prctl_set_mm_exe_file() to fget_light()\n switch xfs_find_handle() to fget_light()\n switch xfs_swapext() to fget_light()\n ...\n" }, { "commit": "aecdc33e111b2c447b622e287c6003726daa1426", "tree": "3e7657eae4b785e1a1fb5dfb225dbae0b2f0cfc6", "parents": [ "a20acf99f75e49271381d65db097c9763060a1e8", "a3a6cab5ea10cca64d036851fe0d932448f2fe4f" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 13:38:27 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 13:38:27 2012 -0700" }, "message": "Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next\n\nPull networking changes from David Miller:\n\n 1) GRE now works over ipv6, from Dmitry Kozlov.\n\n 2) Make SCTP more network namespace aware, from Eric Biederman.\n\n 3) TEAM driver now works with non-ethernet devices, from Jiri Pirko.\n\n 4) Make openvswitch network namespace aware, from Pravin B Shelar.\n\n 5) IPV6 NAT implementation, from Patrick McHardy.\n\n 6) Server side support for TCP Fast Open, from Jerry Chu and others.\n\n 7) Packet BPF filter supports MOD and XOR, from Eric Dumazet and Daniel\n Borkmann.\n\n 8) Increate the loopback default MTU to 64K, from Eric Dumazet.\n\n 9) Use a per-task rather than per-socket page fragment allocator for\n outgoing networking traffic. This benefits processes that have very\n many mostly idle sockets, which is quite common.\n\n From Eric Dumazet.\n\n10) Use up to 32K for page fragment allocations, with fallbacks to\n smaller sizes when higher order page allocations fail. Benefits are\n a) less segments for driver to process b) less calls to page\n allocator c) less waste of space.\n\n From Eric Dumazet.\n\n11) Allow GRO to be used on GRE tunnels, from Eric Dumazet.\n\n12) VXLAN device driver, one way to handle VLAN issues such as the\n limitation of 4096 VLAN IDs yet still have some level of isolation.\n From Stephen Hemminger.\n\n13) As usual there is a large boatload of driver changes, with the scale\n perhaps tilted towards the wireless side this time around.\n\nFix up various fairly trivial conflicts, mostly caused by the user\nnamespace changes.\n\n* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1012 commits)\n hyperv: Add buffer for extended info after the RNDIS response message.\n hyperv: Report actual status in receive completion packet\n hyperv: Remove extra allocated space for recv_pkt_list elements\n hyperv: Fix page buffer handling in rndis_filter_send_request()\n hyperv: Fix the missing return value in rndis_filter_set_packet_filter()\n hyperv: Fix the max_xfer_size in RNDIS initialization\n vxlan: put UDP socket in correct namespace\n vxlan: Depend on CONFIG_INET\n sfc: Fix the reported priorities of different filter types\n sfc: Remove EFX_FILTER_FLAG_RX_OVERRIDE_IP\n sfc: Fix loopback self-test with separate_tx_channels\u003d1\n sfc: Fix MCDI structure field lookup\n sfc: Add parentheses around use of bitfield macro arguments\n sfc: Fix null function pointer in efx_sriov_channel_type\n vxlan: virtual extensible lan\n igmp: export symbol ip_mc_leave_group\n netlink: add attributes to fdb interface\n tg3: unconditionally select HWMON support when tg3 is enabled.\n Revert \"net: ti cpsw ethernet: allow reading phy interface mode from DT\"\n gre: fix sparse warning\n ...\n" }, { "commit": "437589a74b6a590d175f86cf9f7b2efcee7765e7", "tree": "37bf8635b1356d80ef002b00e84f3faf3d555a63", "parents": [ "68d47a137c3bef754923bccf73fb639c9b0bbd5e", "72235465864d84cedb2d9f26f8e1de824ee20339" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 11:11:09 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 11:11:09 2012 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace\n\nPull user namespace changes from Eric Biederman:\n \"This is a mostly modest set of changes to enable basic user namespace\n support. This allows the code to code to compile with user namespaces\n enabled and removes the assumption there is only the initial user\n namespace. Everything is converted except for the most complex of the\n filesystems: autofs4, 9p, afs, ceph, cifs, coda, fuse, gfs2, ncpfs,\n nfs, ocfs2 and xfs as those patches need a bit more review.\n\n The strategy is to push kuid_t and kgid_t values are far down into\n subsystems and filesystems as reasonable. Leaving the make_kuid and\n from_kuid operations to happen at the edge of userspace, as the values\n come off the disk, and as the values come in from the network.\n Letting compile type incompatible compile errors (present when user\n namespaces are enabled) guide me to find the issues.\n\n The most tricky areas have been the places where we had an implicit\n union of uid and gid values and were storing them in an unsigned int.\n Those places were converted into explicit unions. I made certain to\n handle those places with simple trivial patches.\n\n Out of that work I discovered we have generic interfaces for storing\n quota by projid. I had never heard of the project identifiers before.\n Adding full user namespace support for project identifiers accounts\n for most of the code size growth in my git tree.\n\n Ultimately there will be work to relax privlige checks from\n \"capable(FOO)\" to \"ns_capable(user_ns, FOO)\" where it is safe allowing\n root in a user names to do those things that today we only forbid to\n non-root users because it will confuse suid root applications.\n\n While I was pushing kuid_t and kgid_t changes deep into the audit code\n I made a few other cleanups. I capitalized on the fact we process\n netlink messages in the context of the message sender. I removed\n usage of NETLINK_CRED, and started directly using current-\u003etty.\n\n Some of these patches have also made it into maintainer trees, with no\n problems from identical code from different trees showing up in\n linux-next.\n\n After reading through all of this code I feel like I might be able to\n win a game of kernel trivial pursuit.\"\n\nFix up some fairly trivial conflicts in netfilter uid/git logging code.\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: (107 commits)\n userns: Convert the ufs filesystem to use kuid/kgid where appropriate\n userns: Convert the udf filesystem to use kuid/kgid where appropriate\n userns: Convert ubifs to use kuid/kgid\n userns: Convert squashfs to use kuid/kgid where appropriate\n userns: Convert reiserfs to use kuid and kgid where appropriate\n userns: Convert jfs to use kuid/kgid where appropriate\n userns: Convert jffs2 to use kuid and kgid where appropriate\n userns: Convert hpfs to use kuid and kgid where appropriate\n userns: Convert btrfs to use kuid/kgid where appropriate\n userns: Convert bfs to use kuid/kgid where appropriate\n userns: Convert affs to use kuid/kgid wherwe appropriate\n userns: On alpha modify linux_to_osf_stat to use convert from kuids and kgids\n userns: On ia64 deal with current_uid and current_gid being kuid and kgid\n userns: On ppc convert current_uid from a kuid before printing.\n userns: Convert s390 getting uid and gid system calls to use kuid and kgid\n userns: Convert s390 hypfs to use kuid and kgid where appropriate\n userns: Convert binder ipc to use kuids\n userns: Teach security_path_chown to take kuids and kgids\n userns: Add user namespace support to IMA\n userns: Convert EVM to deal with kuids and kgids in it\u0027s hmac computation\n ...\n" }, { "commit": "68d47a137c3bef754923bccf73fb639c9b0bbd5e", "tree": "e82a527bd978ee96283f03d0df36f47d9aee1e41", "parents": [ "c0e8a139a5bb8add02b4111e9e1957d810d7285e", "8c7f6edbda01f1b1a2e60ad61f14fe38023e433b" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 10:52:28 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 10:52:28 2012 -0700" }, "message": "Merge branch \u0027for-3.7-hierarchy\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup\n\nPull cgroup hierarchy update from Tejun Heo:\n \"Currently, different cgroup subsystems handle nested cgroups\n completely differently. There\u0027s no consistency among subsystems and\n the behaviors often are outright broken.\n\n People at least seem to agree that the broken hierarhcy behaviors need\n to be weeded out if any progress is gonna be made on this front and\n that the fallouts from deprecating the broken behaviors should be\n acceptable especially given that the current behaviors don\u0027t make much\n sense when nested.\n\n This patch makes cgroup emit warning messages if cgroups for\n subsystems with broken hierarchy behavior are nested to prepare for\n fixing them in the future. This was put in a separate branch because\n more related changes were expected (didn\u0027t make it this round) and the\n memory cgroup wanted to pull in this and make changes on top.\"\n\n* \u0027for-3.7-hierarchy\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup:\n cgroup: mark subsystems with broken hierarchy support and whine if cgroups are nested for them\n" }, { "commit": "033d9959ed2dc1029217d4165f80a71702dc578e", "tree": "3d306316e44bdabce2e0bf2ef7e466e525f90b4c", "parents": [ "974a847e00cf3ff1695e62b276892137893706ab", "7c6e72e46c9ea4a88f3f8ba96edce9db4bd48726" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 09:54:49 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Oct 02 09:54:49 2012 -0700" }, "message": "Merge branch \u0027for-3.7\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq\n\nPull workqueue changes from Tejun Heo:\n \"This is workqueue updates for v3.7-rc1. A lot of activities this\n round including considerable API and behavior cleanups.\n\n * delayed_work combines a timer and a work item. The handling of the\n timer part has always been a bit clunky leading to confusing\n cancelation API with weird corner-case behaviors. delayed_work is\n updated to use new IRQ safe timer and cancelation now works as\n expected.\n\n * Another deficiency of delayed_work was lack of the counterpart of\n mod_timer() which led to cancel+queue combinations or open-coded\n timer+work usages. mod_delayed_work[_on]() are added.\n\n These two delayed_work changes make delayed_work provide interface\n and behave like timer which is executed with process context.\n\n * A work item could be executed concurrently on multiple CPUs, which\n is rather unintuitive and made flush_work() behavior confusing and\n half-broken under certain circumstances. This problem doesn\u0027t\n exist for non-reentrant workqueues. While non-reentrancy check\n isn\u0027t free, the overhead is incurred only when a work item bounces\n across different CPUs and even in simulated pathological scenario\n the overhead isn\u0027t too high.\n\n All workqueues are made non-reentrant. This removes the\n distinction between flush_[delayed_]work() and\n flush_[delayed_]_work_sync(). The former is now as strong as the\n latter and the specified work item is guaranteed to have finished\n execution of any previous queueing on return.\n\n * In addition to the various bug fixes, Lai redid and simplified CPU\n hotplug handling significantly.\n\n * Joonsoo introduced system_highpri_wq and used it during CPU\n hotplug.\n\n There are two merge commits - one to pull in IRQ safe timer from\n tip/timers/core and the other to pull in CPU hotplug fixes from\n wq/for-3.6-fixes as Lai\u0027s hotplug restructuring depended on them.\"\n\nFixed a number of trivial conflicts, but the more interesting conflicts\nwere silent ones where the deprecated interfaces had been used by new\ncode in the merge window, and thus didn\u0027t cause any real data conflicts.\n\nTejun pointed out a few of them, I fixed a couple more.\n\n* \u0027for-3.7\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq: (46 commits)\n workqueue: remove spurious WARN_ON_ONCE(in_irq()) from try_to_grab_pending()\n workqueue: use cwq_set_max_active() helper for workqueue_set_max_active()\n workqueue: introduce cwq_set_max_active() helper for thaw_workqueues()\n workqueue: remove @delayed from cwq_dec_nr_in_flight()\n workqueue: fix possible stall on try_to_grab_pending() of a delayed work item\n workqueue: use hotcpu_notifier() for workqueue_cpu_down_callback()\n workqueue: use __cpuinit instead of __devinit for cpu callbacks\n workqueue: rename manager_mutex to assoc_mutex\n workqueue: WORKER_REBIND is no longer necessary for idle rebinding\n workqueue: WORKER_REBIND is no longer necessary for busy rebinding\n workqueue: reimplement idle worker rebinding\n workqueue: deprecate __cancel_delayed_work()\n workqueue: reimplement cancel_delayed_work() using try_to_grab_pending()\n workqueue: use mod_delayed_work() instead of __cancel + queue\n workqueue: use irqsafe timer for delayed_work\n workqueue: clean up delayed_work initializers and add missing one\n workqueue: make deferrable delayed_work initializer names consistent\n workqueue: cosmetic whitespace updates for macro definitions\n workqueue: deprecate system_nrt[_freezable]_wq\n workqueue: deprecate flush[_delayed]_work_sync()\n ...\n" }, { "commit": "94095a1fff89dffe9451839deae4c6a40cf3ec21", "tree": "c1beac5dc336d836c269253db3b00a302777598f", "parents": [ "620e77533f29796df7aff861e79bd72e08554ebb", "f784e8a7989c0da3062d04bfea3db90f41e8f738" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Oct 01 10:25:54 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Oct 01 10:25:54 2012 -0700" }, "message": "Merge branch \u0027core-urgent-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip\n\nPull core kernel fixes from Ingo Molnar:\n \"This is a complex task_work series from Oleg that fixes the bug that\n this VFS commit tried to fix:\n\n d35abdb28824 hold task_lock around checks in keyctl\n\n but solves the problem without the lockup regression that d35abdb28824\n introduced in v3.6.\n\n This series came late in v3.6 and I did not feel confident about it so\n late in the cycle. Might be worth backporting to -stable if it proves\n itself upstream.\"\n\n* \u0027core-urgent-for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:\n task_work: Simplify the usage in ptrace_notify() and get_signal_to_deliver()\n task_work: Revert \"hold task_lock around checks in keyctl\"\n task_work: task_work_add() should not succeed after exit_task_work()\n task_work: Make task_work_add() lockless\n" }, { "commit": "99dbb1632f1165c2726056ebfce6edde0e5a0208", "tree": "2b2fc83db20b4c6d13842496899774b0dc2868e2", "parents": [ "aae6f989c6e97ff8197717fa4d032ad4eba091a7", "9c33c512b2d3167a3580659942ee78437b1b1bc6" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Oct 01 09:06:36 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Oct 01 09:06:36 2012 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial\n\nPull the trivial tree from Jiri Kosina:\n \"Tiny usual fixes all over the place\"\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial: (34 commits)\n doc: fix old config name of kprobetrace\n fs/fs-writeback.c: cleanup riteback_sb_inodes kerneldoc\n btrfs: fix the commment for the action flags in delayed-ref.h\n btrfs: fix trivial typo for the comment of BTRFS_FREE_INO_OBJECTID\n vfs: fix kerneldoc for generic_fh_to_parent()\n treewide: fix comment/printk/variable typos\n ipr: fix small coding style issues\n doc: fix broken utf8 encoding\n nfs: comment fix\n platform/x86: fix asus_laptop.wled_type module parameter\n mfd: printk/comment fixes\n doc: getdelays.c: remember to close() socket on error in create_nl_socket()\n doc: aliasing-test: close fd on write error\n mmc: fix comment typos\n dma: fix comments\n spi: fix comment/printk typos in spi\n Coccinelle: fix typo in memdup_user.cocci\n tmiofb: missing NULL pointer checks\n tools: perf: Fix typo in tools/perf\n tools/testing: fix comment / output typos\n ...\n" }, { "commit": "6a06e5e1bb217be077e1f8ee2745b4c5b1aa02db", "tree": "8faea23112a11f52524eb413f71b7b02712d8b53", "parents": [ "d9f72f359e00a45a6cd7cc2d5121b04b9dc927e1", "6672d90fe779dc0dfffe027c3ede12609df091c2" ], "author": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Fri Sep 28 14:40:49 2012 -0400" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Fri Sep 28 14:40:49 2012 -0400" }, "message": "Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net\n\nConflicts:\n\tdrivers/net/team/team.c\n\tdrivers/net/usb/qmi_wwan.c\n\tnet/batman-adv/bat_iv_ogm.c\n\tnet/ipv4/fib_frontend.c\n\tnet/ipv4/route.c\n\tnet/l2tp/l2tp_netlink.c\n\nThe team, fib_frontend, route, and l2tp_netlink conflicts were simply\noverlapping changes.\n\nqmi_wwan and bat_iv_ogm were of the \"use HEAD\" variety.\n\nWith help from Antonio Quartulli.\n\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "bf5308344527d015ac9a6d2bda4ad4d40fd7d943", "tree": "566e61e2cfc648c374d15cfc8c661b73e1a471f8", "parents": [ "3585e96cd1049682b8a19a0b699422156e9d735b", "979570e02981d4a8fc20b3cc8fd651856c98ee9d" ], "author": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Fri Sep 28 13:37:32 2012 +1000" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Fri Sep 28 13:37:32 2012 +1000" }, "message": "Merge tag \u0027v3.6-rc7\u0027 into next\n\nLinux 3.6-rc7\n\nRequested by David Howells so he can merge his key susbsystem work into\nmy tree with requisite -linus changesets.\n" }, { "commit": "cb0942b81249798e15c3f04eee2946ef543e8115", "tree": "7d494c580a847342577661782c5173f76178aa81", "parents": [ "cecb46f194460d23cacf3b13593f9f5a4f7a0fed" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Aug 27 14:48:26 2012 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Sep 26 21:10:25 2012 -0400" }, "message": "make get_file() return its argument\n\nsimplifies a bunch of callers...\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "c3c073f808b22dfae15ef8412b6f7b998644139a", "tree": "3369bcbe414738d90e6ccfe257f6ce3e72f6a5ae", "parents": [ "ad47bd7252bf402fe7dba92f5240b5ed16832ae7" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Aug 21 22:32:06 2012 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Sep 26 21:09:59 2012 -0400" }, "message": "new helper: iterate_fd()\n\niterates through the opened files in given descriptor table,\ncalling a supplied function; we stop once non-zero is returned.\nCallback gets struct file *, descriptor number and const void *\nargument passed to iterator. It is called with files-\u003efile_lock\nheld, so it is not allowed to block.\n\ntty_io, netprio_cgroup and selinux flush_unauthorized_files()\nconverted to its use.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "ee97cd872d08b8623076f2a63ffb872d0884411a", "tree": "0eb578bbf88459dff4e04b0273531971c539c466", "parents": [ "8280d16172243702ed43432f826ca6130edb4086" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Aug 21 12:26:45 2012 -0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Sep 26 21:09:58 2012 -0400" }, "message": "switch flush_unauthorized_files() to replace_fd()\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "d2b31ca644fdc8704de3367a6a56a5c958c77f53", "tree": "70967aaec7a5a86ffdd6adf3a45d3b3cb8833678", "parents": [ "8b94eea4bfb8df693c5b35d08b74f13cfb92f3de" ], "author": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Fri Jun 01 16:14:19 2012 -0600" }, "committer": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Fri Sep 21 03:13:25 2012 -0700" }, "message": "userns: Teach security_path_chown to take kuids and kgids\n\nDon\u0027t make the security modules deal with raw user space uid and\ngids instead pass in a kuid_t and a kgid_t so that security modules\nonly have to deal with internal kernel uids and gids.\n\nCc: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: James Morris \u003cjames.l.morris@oracle.com\u003e\nCc: John Johansen \u003cjohn.johansen@canonical.com\u003e\nCc: Kentaro Takeda \u003ctakedakn@nttdata.co.jp\u003e\nCc: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nSigned-off-by: Eric W. Biederman \u003cebiederm@xmission.com\u003e\n" }, { "commit": "8b94eea4bfb8df693c5b35d08b74f13cfb92f3de", "tree": "908ffbf4f0bb117ca47346712dc0e57f6434cda1", "parents": [ "cf9c93526f4517581a9e8f1c0d9093a4c7748ec6" ], "author": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Fri May 25 18:24:12 2012 -0600" }, "committer": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Fri Sep 21 03:13:24 2012 -0700" }, "message": "userns: Add user namespace support to IMA\n\nUse kuid\u0027s in the IMA rules.\n\nWhen reporting the current uid in audit logs use from_kuid\nto get a usable value.\n\nCc: Mimi Zohar \u003czohar@us.ibm.com\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nSigned-off-by: Eric W. Biederman \u003cebiederm@xmission.com\u003e\n" }, { "commit": "cf9c93526f4517581a9e8f1c0d9093a4c7748ec6", "tree": "9e9eba640d957fe83e081602f7c227480fb413b5", "parents": [ "29f82ae56e8798f7907d60145e0186082800d130" ], "author": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Fri May 25 18:22:35 2012 -0600" }, "committer": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Fri Sep 21 03:13:24 2012 -0700" }, "message": "userns: Convert EVM to deal with kuids and kgids in it\u0027s hmac computation\n\nCc: Mimi Zohar \u003czohar@us.ibm.com\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nSigned-off-by: Eric W. Biederman \u003cebiederm@xmission.com\u003e\n" }, { "commit": "581abc09c2205e05256d7f75410345d5392d5098", "tree": "af6bbd233f6030fa51a7dcbf0754e83650e0b0ad", "parents": [ "609fcd1b3a55f99667c61609895c83019b21baad" ], "author": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Mon Aug 20 00:09:36 2012 -0700" }, "committer": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Fri Sep 21 03:13:22 2012 -0700" }, "message": "userns: Convert selinux to use kuid and kgid where appropriate\n\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: James Morris \u003cjames.l.morris@oracle.com\u003e\nCc: Eric Paris \u003ceparis@parisplace.org\u003e\nSigned-off-by: \"Eric W. Biederman\" \u003cebiederm@xmission.com\u003e\n" }, { "commit": "609fcd1b3a55f99667c61609895c83019b21baad", "tree": "f90cec33d1f1e0922c28d5528cd0f535dc235b92", "parents": [ "2db81452931eb51cc739d6e495cf1bd4860c3c99" ], "author": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Tue Feb 07 16:34:10 2012 -0800" }, "committer": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Fri Sep 21 03:13:22 2012 -0700" }, "message": "userns: Convert tomoyo to use kuid and kgid where appropriate\n\nAcked-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nSigned-off-by: Eric W. Biederman \u003cebiederm@xmission.com\u003e\n" }, { "commit": "2db81452931eb51cc739d6e495cf1bd4860c3c99", "tree": "959805577a8e8c449fc4b3c576d2f0c840090fa4", "parents": [ "e4849737f76c8767e70dc1575f6e59fc3682b3fe" ], "author": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Tue Feb 07 16:33:13 2012 -0800" }, "committer": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Fri Sep 21 03:13:21 2012 -0700" }, "message": "userns: Convert apparmor to use kuid and kgid where appropriate\n\nCc: John Johansen \u003cjohn.johansen@canonical.com\u003e\nAcked-by: Serge Hallyn \u003cserge.hallyn@canonical.com\u003e\nSigned-off-by: Eric W. Biederman \u003cebiederm@xmission.com\u003e\n" }, { "commit": "0a72ba7aff26fb6e918cee6d2bbfd289069f10ae", "tree": "4263886ae20b6875153c20513b607e6208e8a3f6", "parents": [ "46a2f3b9e99353cc63e15563e8abee71162330f7" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Wed Sep 19 15:32:49 2012 +0300" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Sep 19 08:55:20 2012 -0400" }, "message": "ima: change flags container data type\n\nIMA audit hashes patches introduced new IMA flags and required\nspace went beyond 8 bits. Currently the only flag is IMA_DIGSIG.\nThis patch use 16 bit short instead of 8 bit char.\nWithout this fix IMA signature will be replaced with hash, which\nshould not happen.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "ee8372dd1989287c5eedb69d44bac43f69e496f1", "tree": "419de8719e0cf610f313345d25b231e376083ebd", "parents": [ "b42664f898c976247f7f609b8bb9c94d7475ca10" ], "author": { "name": "Nicolas Dichtel", "email": "nicolas.dichtel@6wind.com", "time": "Mon Sep 10 22:09:45 2012 +0000" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Tue Sep 18 15:57:03 2012 -0400" }, "message": "xfrm: invalidate dst on policy insertion/deletion\n\nWhen a policy is inserted or deleted, all dst should be recalculated.\n\nSigned-off-by: Nicolas Dichtel \u003cnicolas.dichtel@6wind.com\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "46a2f3b9e99353cc63e15563e8abee71162330f7", "tree": "0d8857d5209990480975cc76379f6de1b4c0bf24", "parents": [ "449543b0436a9146b855aad39eab76ae4853e88d" ], "author": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Wed Aug 22 11:44:03 2012 -0700" }, "committer": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Tue Sep 18 09:51:06 2012 -0700" }, "message": "Smack: setprocattr memory leak fix\n\nThe data structure allocations being done in prepare_creds\nare duplicated in smack_setprocattr. This results in the\nstructure allocated in prepare_creds being orphaned and\nnever freed. The duplicate code is removed from\nsmack_setprocattr.\n\nTargeted for git://git.gitorious.org/smack-next/kernel.git\n\nSigned-off-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "449543b0436a9146b855aad39eab76ae4853e88d", "tree": "1b430fec0506e78929cfd944972d7dd49d0f76fd", "parents": [ "c00bedb368ae02a066aed8a888afc286c1df2e60" ], "author": { "name": "Rafal Krypa", "email": "r.krypa@samsung.com", "time": "Wed Jul 11 17:49:30 2012 +0200" }, "committer": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Tue Sep 18 09:50:52 2012 -0700" }, "message": "Smack: implement revoking all rules for a subject label\n\nAdd /smack/revoke-subject special file. Writing a SMACK label to this file will\nset the access to \u0027-\u0027 for all access rules with that subject label.\n\nTargeted for git://git.gitorious.org/smack-next/kernel.git\n\nSigned-off-by: Rafal Krypa \u003cr.krypa@samsung.com\u003e\n" }, { "commit": "c00bedb368ae02a066aed8a888afc286c1df2e60", "tree": "9f72de8b17597cdedb755c553dafe992e2724b1b", "parents": [ "e7c568e0fd0cf6d9c8ab8ea537ba8f3a3ae7c3d8" ], "author": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Thu Aug 09 17:46:38 2012 -0700" }, "committer": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Tue Sep 18 09:50:37 2012 -0700" }, "message": "Smack: remove task_wait() hook.\n\nOn 12/20/2011 11:20 PM, Jarkko Sakkinen wrote:\n\u003e Allow SIGCHLD to be passed to child process without\n\u003e explicit policy. This will help to keep the access\n\u003e control policy simple and easily maintainable with\n\u003e complex applications that require use of multiple\n\u003e security contexts. It will also help to keep them\n\u003e as isolated as possible.\n\u003e\n\u003e Signed-off-by: Jarkko Sakkinen \u003cjarkko.sakkinen@intel.com\u003e\n\nI have a slightly different version that applies to the\ncurrent smack-next tree.\n\nAllow SIGCHLD to be passed to child process without\nexplicit policy. This will help to keep the access\ncontrol policy simple and easily maintainable with\ncomplex applications that require use of multiple\nsecurity contexts. It will also help to keep them\nas isolated as possible.\n\nSigned-off-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n\n security/smack/smack_lsm.c | 37 ++++++++-----------------------------\n 1 files changed, 8 insertions(+), 29 deletions(-)\n" }, { "commit": "8c7f6edbda01f1b1a2e60ad61f14fe38023e433b", "tree": "f1db9712b109575cba86e37140e1e4f8a56ca780", "parents": [ "fbcbe2b3c92ee1c930dcfcf8bb764074c100fd63" ], "author": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Thu Sep 13 12:20:58 2012 -0700" }, "committer": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Fri Sep 14 12:01:16 2012 -0700" }, "message": "cgroup: mark subsystems with broken hierarchy support and whine if cgroups are nested for them\n\nCurrently, cgroup hierarchy support is a mess. cpu related subsystems\nbehave correctly - configuration, accounting and control on a parent\nproperly cover its children. blkio and freezer completely ignore\nhierarchy and treat all cgroups as if they\u0027re directly under the root\ncgroup. Others show yet different behaviors.\n\nThese differing interpretations of cgroup hierarchy make using cgroup\nconfusing and it impossible to co-mount controllers into the same\nhierarchy and obtain sane behavior.\n\nEventually, we want full hierarchy support from all subsystems and\nprobably a unified hierarchy. Users using separate hierarchies\nexpecting completely different behaviors depending on the mounted\nsubsystem is deterimental to making any progress on this front.\n\nThis patch adds cgroup_subsys.broken_hierarchy and sets it to %true\nfor controllers which are lacking in hierarchy support. The goal of\nthis patch is two-fold.\n\n* Move users away from using hierarchy on currently non-hierarchical\n subsystems, so that implementing proper hierarchy support on those\n doesn\u0027t surprise them.\n\n* Keep track of which controllers are broken how and nudge the\n subsystems to implement proper hierarchy support.\n\nFor now, start with a single warning message. We can whine louder\nlater on.\n\nv2: Fixed a typo spotted by Michal. Warning message updated.\n\nv3: Updated memcg part so that it doesn\u0027t generate warning in the\n cases where .use_hierarchy\u003dfalse doesn\u0027t make the behavior\n different from root.use_hierarchy\u003dtrue. Fixed a typo spotted by\n Glauber.\n\nv4: Check -\u003ebroken_hierarchy after cgroup creation is complete so that\n -\u003ecreate() can affect the result per Michal. Dropped unnecessary\n memcg root handling per Michal.\n\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\nAcked-by: Michal Hocko \u003cmhocko@suse.cz\u003e\nAcked-by: Li Zefan \u003clizefan@huawei.com\u003e\nAcked-by: Serge E. Hallyn \u003cserue@us.ibm.com\u003e\nCc: Glauber Costa \u003cglommer@parallels.com\u003e\nCc: Peter Zijlstra \u003cpeterz@infradead.org\u003e\nCc: Paul Turner \u003cpjt@google.com\u003e\nCc: Johannes Weiner \u003channes@cmpxchg.org\u003e\nCc: Thomas Graf \u003ctgraf@suug.ch\u003e\nCc: Vivek Goyal \u003cvgoyal@redhat.com\u003e\nCc: Paul Mackerras \u003cpaulus@samba.org\u003e\nCc: Ingo Molnar \u003cmingo@redhat.com\u003e\nCc: Arnaldo Carvalho de Melo \u003cacme@ghostprotocols.net\u003e\nCc: Neil Horman \u003cnhorman@tuxdriver.com\u003e\nCc: Aneesh Kumar K.V \u003caneesh.kumar@linux.vnet.ibm.com\u003e\n" }, { "commit": "9a56c2db49e7349c7963f0ce66c1ef578d44ebd3", "tree": "de29b56483bb00efabca3ba35c7001cab2aab7be", "parents": [ "5fce5e0bbd44263c36f58ad1113b599d06ed1978" ], "author": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Wed Feb 08 07:53:04 2012 -0800" }, "committer": { "name": "Eric W. Biederman", "email": "ebiederm@xmission.com", "time": "Thu Sep 13 18:28:02 2012 -0700" }, "message": "userns: Convert security/keys to the new userns infrastructure\n\n- Replace key_user -\u003euser_ns equality checks with kuid_has_mapping checks.\n- Use from_kuid to generate key descriptions\n- Use kuid_t and kgid_t and the associated helpers instead of uid_t and gid_t\n- Avoid potential problems with file descriptor passing by displaying\n keys in the user namespace of the opener of key status proc files.\n\nCc: linux-security-module@vger.kernel.org\nCc: keyrings@linux-nfs.org\nCc: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Eric W. Biederman \u003cebiederm@xmission.com\u003e\n" }, { "commit": "e7c568e0fd0cf6d9c8ab8ea537ba8f3a3ae7c3d8", "tree": "f920b77b98c38e28dd2974564db102160e59f3e9", "parents": [ "45e2472e67bf66f794d507b52e82af92e0614e49" ], "author": { "name": "Peter Moody", "email": "pmoody@google.com", "time": "Thu Jun 14 10:04:36 2012 -0700" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Thu Sep 13 14:48:44 2012 -0400" }, "message": "ima: audit log hashes\n\nThis adds an \u0027audit\u0027 policy action which audit logs file measurements.\n\nChangelog v6:\n - use new action flag handling (Dmitry Kasatkin).\n - removed whitespace (Mimi)\n\nChangelog v5:\n - use audit_log_untrustedstring.\n\nChangelog v4:\n - cleanup digest -\u003e hash conversion.\n - use filename rather than d_path in ima_audit_measurement.\n\nChangelog v3:\n - Use newly exported audit_log_task_info for logging pid/ppid/uid/etc.\n - Update the ima_policy ABI documentation.\n\nChangelog v2:\n - Use \u0027audit\u0027 action rather than \u0027measure_and_audit\u0027 to permit\n auditing in the absence of measuring..\n\nChangelog v1:\n - Initial posting.\n\nSigned-off-by: Peter Moody \u003cpmoody@google.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "45e2472e67bf66f794d507b52e82af92e0614e49", "tree": "4b3ba557d4f9da9bca14ce85bee965e4a9fcd6ac", "parents": [ "d9d300cdb6f233c4c591348919c758062198a4f4" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Wed Sep 12 20:51:32 2012 +0300" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Thu Sep 13 14:23:57 2012 -0400" }, "message": "ima: generic IMA action flag handling\n\nMake the IMA action flag handling generic in order to support\nadditional new actions, without requiring changes to the base\nimplementation. New actions, like audit logging, will only\nneed to modify the define statements.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "b3f68f16dbcde6fcdf0fd27695391ff7e9d41233", "tree": "26833634b038b8fd9d18f109deb10770eb3f2a6e", "parents": [ "9da33de62431c7839f98156720862262272a8380" ], "author": { "name": "Oleg Nesterov", "email": "oleg@redhat.com", "time": "Sun Aug 26 21:12:14 2012 +0200" }, "committer": { "name": "Ingo Molnar", "email": "mingo@kernel.org", "time": "Thu Sep 13 16:47:36 2012 +0200" }, "message": "task_work: Revert \"hold task_lock around checks in keyctl\"\n\nThis reverts commit d35abdb28824cf74f0a106a0f9c6f3ff700a35bf.\n\ntask_lock() was added to ensure exit_mm() and thus exit_task_work() is\nnot possible before task_work_add().\n\nThis is wrong, task_lock() must not be nested with write_lock(tasklist).\nAnd this is no longer needed, task_work_add() now fails if it is called\nafter exit_task_work().\n\nReported-by: Dave Jones \u003cdavej@redhat.com\u003e\nSigned-off-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nSigned-off-by: Peter Zijlstra \u003ca.p.zijlstra@chello.nl\u003e\nCc: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nCc: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCc: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nLink: http://lkml.kernel.org/r/20120826191214.GA4231@redhat.com\nSigned-off-by: Ingo Molnar \u003cmingo@kernel.org\u003e\n" }, { "commit": "d9d300cdb6f233c4c591348919c758062198a4f4", "tree": "2a00e8e9100b1d799e5b779008ad0081e7fe5264", "parents": [ "e23eb920b0f3978687c497de2ac3eb9e281dab32" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Wed Jun 27 11:26:14 2012 +0300" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Sep 12 07:28:05 2012 -0400" }, "message": "ima: rename ima_must_appraise_or_measure\n\nWhen AUDIT action support is added to the IMA,\nima_must_appraise_or_measure() does not reflect the real meaning anymore.\nRename it to ima_get_action().\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "9f00d9776bc5beb92e8bfc884a7e96ddc5589e2e", "tree": "2a9f9513a13c73cb1196ebe3426389c1140e2888", "parents": [ "9785e10aedfa0fad5c1aac709dce5ada1b123783" ], "author": { "name": "Pablo Neira Ayuso", "email": "pablo@netfilter.org", "time": "Sat Sep 08 02:53:54 2012 +0000" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Sat Sep 08 18:46:30 2012 -0400" }, "message": "netlink: hide struct module parameter in netlink_kernel_create\n\nThis patch defines netlink_kernel_create as a wrapper function of\n__netlink_kernel_create to hide the struct module *me parameter\n(which seems to be THIS_MODULE in all existing netlink subsystems).\n\nSuggested by David S. Miller.\n\nSigned-off-by: Pablo Neira Ayuso \u003cpablo@netfilter.org\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "9785e10aedfa0fad5c1aac709dce5ada1b123783", "tree": "ca523e084318b6e908b18c6f3e9e53ea7e9a1c49", "parents": [ "16fa9e1d104e6f2c18005a4ac7ea60e4c7fc1286" ], "author": { "name": "Pablo Neira Ayuso", "email": "pablo@netfilter.org", "time": "Sat Sep 08 02:53:53 2012 +0000" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Sat Sep 08 18:45:27 2012 -0400" }, "message": "netlink: kill netlink_set_nonroot\n\nReplace netlink_set_nonroot by one new field `flags\u0027 in\nstruct netlink_kernel_cfg that is passed to netlink_kernel_create.\n\nThis patch also renames NL_NONROOT_* to NL_CFG_F_NONROOT_* since\nnow the flags field in nl_table is generic (so we can add more\nflags if needed in the future).\n\nAlso adjust all callers in the net-next tree to use these flags\ninstead of netlink_set_nonroot.\n\nSigned-off-by: Pablo Neira Ayuso \u003cpablo@netfilter.org\u003e\nSigned-off-by: David S. Miller \u003cdavem@davemloft.net\u003e\n" }, { "commit": "8606404fa555c2ee691376fcc640ab89fe752035", "tree": "4b2d2e43b7ad196b46757faff10d04803381a543", "parents": [ "5a44b41207174e1882ce0c24a752f4cfb65dab07" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Wed Aug 31 14:07:06 2011 +0300" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Fri Sep 07 14:57:48 2012 -0400" }, "message": "ima: digital signature verification support\n\nThis patch adds support for digital signature based integrity appraisal.\nWith this patch, \u0027security.ima\u0027 contains either the file data hash or\na digital signature of the file data hash. The file data hash provides\nthe security attribute of file integrity. In addition to file integrity,\na digital signature provides the security attribute of authenticity.\n\nUnlike EVM, when the file metadata changes, the digital signature is\nreplaced with an HMAC, modification of the file data does not cause the\n\u0027security.ima\u0027 digital signature to be replaced with a hash. As a\nresult, after any modification, subsequent file integrity appraisals\nwould fail.\n\nAlthough digitally signed files can be modified, but by not updating\n\u0027security.ima\u0027 to reflect these modifications, in essence digitally\nsigned files could be considered \u0027immutable\u0027.\n\nIMA uses a different keyring than EVM. While the EVM keyring should not\nbe updated after initialization and locked, the IMA keyring should allow\nupdating or adding new keys when upgrading or installing packages.\n\nChangelog v4:\n- Change IMA_DIGSIG to hex equivalent\nChangelog v3:\n- Permit files without any \u0027security.ima\u0027 xattr to be labeled properly.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "5a44b41207174e1882ce0c24a752f4cfb65dab07", "tree": "a5426be63a4f165f3ce15d1e61d8fd10f37fd8c3", "parents": [ "42c63330f2b05aa6077c1bfc2798c04afe54f6b2" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Jan 09 22:59:36 2012 -0500" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Fri Sep 07 14:57:47 2012 -0400" }, "message": "ima: add support for different security.ima data types\n\nIMA-appraisal currently verifies the integrity of a file based on a\nknown \u0027good\u0027 measurement value. This patch reserves the first byte\nof \u0027security.ima\u0027 as a place holder for the type of method used for\nverifying file data integrity.\n\nChangelog v1:\n- Use the newly defined \u0027struct evm_ima_xattr_data\u0027\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@nokia.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "42c63330f2b05aa6077c1bfc2798c04afe54f6b2", "tree": "bbd7d212ba9c686b2b649718b8b919bdd2eecea4", "parents": [ "9957a5043e7b0b7361cdf48eea22b2900293e63a" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Thu Mar 10 18:54:15 2011 -0500" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Fri Sep 07 14:57:47 2012 -0400" }, "message": "ima: add ima_inode_setxattr/removexattr function and calls\n\nBased on xattr_permission comments, the restriction to modify \u0027security\u0027\nxattr is left up to the underlying fs or lsm. Ensure that not just anyone\ncan modify or remove \u0027security.ima\u0027.\n\nChangelog v1:\n- Unless IMA-APPRAISE is configured, use stub ima_inode_removexattr()/setxattr()\n functions. (Moved ima_inode_removexattr()/setxattr() to ima_appraise.c)\n\nChangelog:\n - take i_mutex to fix locking (Dmitry Kasatkin)\n - ima_reset_appraise_flags should only be called when modifying or\n removing the \u0027security.ima\u0027 xattr. Requires CAP_SYS_ADMIN privilege.\n (Incorporated fix from Roberto Sassu)\n - Even if allowed to update security.ima, reset the appraisal flags,\n forcing re-appraisal.\n - Replace CAP_MAC_ADMIN with CAP_SYS_ADMIN\n - static inline ima_inode_setxattr()/ima_inode_removexattr() stubs\n - ima_protect_xattr should be static\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\n" }, { "commit": "a10bf26b2f53242836e9362c6c9c857b627b82a9", "tree": "98c7b83684f1df42571013af4c0572c7eeea8e76", "parents": [ "bf2276d10ce58ff44ab8857266a6718024496af6" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Wed Feb 08 14:15:42 2012 -0500" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Fri Sep 07 14:57:46 2012 -0400" }, "message": "ima: replace iint spinblock with rwlock/read_lock\n\nFor performance, replace the iint spinlock with rwlock/read_lock.\n\nEric Paris questioned this change, from spinlocks to rwlocks, saying\n\"rwlocks have been shown to actually be slower on multi processor\nsystems in a number of cases due to the cache line bouncing required.\"\n\nBased on performance measurements compiling the kernel on a cold\nboot with multiple jobs with/without this patch, Dmitry Kasatkin\nand I found that rwlocks performed better than spinlocks, but very\ninsignificantly. For example with total compilation time around 6\nminutes, with rwlocks time was 1 - 3 seconds shorter... but always\nlike that.\n\nChangelog v2:\n- new patch taken from the \u0027allocating iint improvements\u0027 patch\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "bf2276d10ce58ff44ab8857266a6718024496af6", "tree": "7be39c026fd30856248f68c964d0f1e2ae703c25", "parents": [ "07f6a79415d7d502ee0c7d02ace6594a7be7429a" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Wed Oct 19 12:04:40 2011 +0300" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Fri Sep 07 14:57:45 2012 -0400" }, "message": "ima: allocating iint improvements\n\nWith IMA-appraisal\u0027s removal of the iint mutex and taking the i_mutex\ninstead, allocating the iint becomes a lot simplier, as we don\u0027t need\nto be concerned with two processes racing to allocate the iint. This\npatch cleans up and improves performance for allocating the iint.\n\n- removed redundant double i_mutex locking\n- combined iint allocation with tree search\n\nChangelog v2:\n- removed the rwlock/read_lock changes from this patch\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "07f6a79415d7d502ee0c7d02ace6594a7be7429a", "tree": "af2a9b3bb84ab621cbf11ab609dd8cc3566f2b12", "parents": [ "2fe5d6def1672ae6635dd71867bf36dcfaa7434b" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Mar 09 22:25:48 2011 -0500" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Fri Sep 07 14:57:45 2012 -0400" }, "message": "ima: add appraise action keywords and default rules\n\nUnlike the IMA measurement policy, the appraise policy can not be dependent\non runtime process information, such as the task uid, as the \u0027security.ima\u0027\nxattr is written on file close and must be updated each time the file changes,\nregardless of the current task uid.\n\nThis patch extends the policy language with \u0027fowner\u0027, defines an appraise\npolicy, which appraises all files owned by root, and defines \u0027ima_appraise_tcb\u0027,\na new boot command line option, to enable the appraise policy.\n\nChangelog v3:\n- separate the measure from the appraise rules in order to support measuring\n without appraising and appraising without measuring.\n- change appraisal default for filesystems without xattr support to fail\n- update default appraise policy for cgroups\n\nChangelog v1:\n- don\u0027t appraise RAMFS (Dmitry Kasatkin)\n- merged rest of \"ima: ima_must_appraise_or_measure API change\" commit\n (Dmtiry Kasatkin)\n\n ima_must_appraise_or_measure() called ima_match_policy twice, which\n searched the policy for a matching rule. Once for a matching measurement\n rule and subsequently for an appraisal rule. Searching the policy twice\n is unnecessary overhead, which could be noticeable with a large policy.\n\n The new version of ima_must_appraise_or_measure() does everything in a\n single iteration using a new version of ima_match_policy(). It returns\n IMA_MEASURE, IMA_APPRAISE mask.\n\n With the use of action mask only one efficient matching function\n is enough. Removed other specific versions of matching functions.\n\nChangelog:\n- change \u0027owner\u0027 to \u0027fowner\u0027 to conform to the new LSM conditions posted by\n Roberto Sassu.\n- fix calls to ima_log_string()\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\n" }, { "commit": "2fe5d6def1672ae6635dd71867bf36dcfaa7434b", "tree": "f83878d309605440b5bc2d2d43a16ccece64c645", "parents": [ "4199d35cbc90c15db447d115bd96ffa5f1d60d3a" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Feb 13 10:15:05 2012 -0500" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Fri Sep 07 14:57:44 2012 -0400" }, "message": "ima: integrity appraisal extension\n\nIMA currently maintains an integrity measurement list used to assert the\nintegrity of the running system to a third party. The IMA-appraisal\nextension adds local integrity validation and enforcement of the\nmeasurement against a \"good\" value stored as an extended attribute\n\u0027security.ima\u0027. The initial methods for validating \u0027security.ima\u0027 are\nhashed based, which provides file data integrity, and digital signature\nbased, which in addition to providing file data integrity, provides\nauthenticity.\n\nThis patch creates and maintains the \u0027security.ima\u0027 xattr, containing\nthe file data hash measurement. Protection of the xattr is provided by\nEVM, if enabled and configured.\n\nBased on policy, IMA calls evm_verifyxattr() to verify a file\u0027s metadata\nintegrity and, assuming success, compares the file\u0027s current hash value\nwith the one stored as an extended attribute in \u0027security.ima\u0027.\n\nChangelov v4:\n- changed iint cache flags to hex values\n\nChangelog v3:\n- change appraisal default for filesystems without xattr support to fail\n\nChangelog v2:\n- fix audit msg \u0027res\u0027 value\n- removed unused \u0027ima_appraise\u003d\u0027 values\n\nChangelog v1:\n- removed unused iint mutex (Dmitry Kasatkin)\n- setattr hook must not reset appraised (Dmitry Kasatkin)\n- evm_verifyxattr() now differentiates between no \u0027security.evm\u0027 xattr\n (INTEGRITY_NOLABEL) and no EVM \u0027protected\u0027 xattrs included in the\n \u0027security.evm\u0027 (INTEGRITY_NOXATTRS).\n- replace hash_status with ima_status (Dmitry Kasatkin)\n- re-initialize slab element ima_status on free (Dmitry Kasatkin)\n- include \u0027security.ima\u0027 in EVM if CONFIG_IMA_APPRAISE, not CONFIG_IMA\n- merged half \"ima: ima_must_appraise_or_measure API change\" (Dmitry Kasatkin)\n- removed unnecessary error variable in process_measurement() (Dmitry Kasatkin)\n- use ima_inode_post_setattr() stub function, if IMA_APPRAISE not configured\n (moved ima_inode_post_setattr() to ima_appraise.c)\n- make sure ima_collect_measurement() can read file\n\nChangelog:\n- add \u0027iint\u0027 to evm_verifyxattr() call (Dimitry Kasatkin)\n- fix the race condition between chmod, which takes the i_mutex and then\n iint-\u003emutex, and ima_file_free() and process_measurement(), which take\n the locks in the reverse order, by eliminating iint-\u003emutex. (Dmitry Kasatkin)\n- cleanup of ima_appraise_measurement() (Dmitry Kasatkin)\n- changes as a result of the iint not allocated for all regular files, but\n only for those measured/appraised.\n- don\u0027t try to appraise new/empty files\n- expanded ima_appraisal description in ima/Kconfig\n- IMA appraise definitions required even if IMA_APPRAISE not enabled\n- add return value to ima_must_appraise() stub\n- unconditionally set status \u003d INTEGRITY_PASS *after* testing status,\n not before. (Found by Joe Perches)\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\n" }, { "commit": "2e4930eb7c8fb20a39dfb5f8a8f80402710dcea8", "tree": "01e5e84032b2d7efe3441080e5ce1c484f696680", "parents": [ "c6993e4ac002c92bc75379212e9179c36d4bf7ee" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Mon Aug 27 11:38:13 2012 -0700" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Sat Sep 08 01:06:14 2012 +1000" }, "message": "Yama: handle 32-bit userspace prctl\n\nWhen running a 64-bit kernel and receiving prctls from a 32-bit\nuserspace, the \"-1\" used as an unsigned long will end up being\nmisdetected. The kernel is looking for 0xffffffffffffffff instead of\n0xffffffff. Since prctl lacks a distinct compat interface, Yama needs\nto handle this translation itself. As such, support either value as\nmeaning PR_SET_PTRACER_ANY, to avoid breaking the ABI for 64-bit.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nAcked-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nCc: stable@vger.kernel.org\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "c6993e4ac002c92bc75379212e9179c36d4bf7ee", "tree": "cdb4c800ea3cf4003b07087166cc767dab79032f", "parents": [ "81198078d7da4240f3cbfc2c6a8ea6cd417f51a7" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Tue Sep 04 13:32:13 2012 -0700" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Wed Sep 05 14:12:31 2012 -0700" }, "message": "security: allow Yama to be unconditionally stacked\n\nUnconditionally call Yama when CONFIG_SECURITY_YAMA_STACKED is selected,\nno matter what LSM module is primary.\n\nUbuntu and Chrome OS already carry patches to do this, and Fedora\nhas voiced interest in doing this as well. Instead of having multiple\ndistributions (or LSM authors) carrying these patches, just allow Yama\nto be called unconditionally when selected by the new CONFIG.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nAcked-by: Serge E. Hallyn \u003cserge.hallyn@canonical.com\u003e\nAcked-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "ec2e1ed2d7f703ee5dfc9bff501bf0ccb70ab23b", "tree": "aec16a9fe1c1d64b009d965f44f5280e2385d73f", "parents": [ "d64569289ab7f7c11a0694d9791e18e373deac3b" ], "author": { "name": "Paul Bolle", "email": "pebolle@tiscali.nl", "time": "Sun Jul 01 15:45:50 2012 +0200" }, "committer": { "name": "Jiri Kosina", "email": "jkosina@suse.cz", "time": "Sat Sep 01 08:35:34 2012 -0700" }, "message": "AppArmor: remove af_names.h from .gitignore\n\nCommit 4fdef2183e6598cc977a9bb9321ef99a44125da3 (\"AppArmor: Cleanup make\nfile to remove cruft and make it easier to read\") removed all traces of\naf_names.h from the tree. Remove its entry in AppArmor\u0027s .gitignore file\ntoo.\n\nSigned-off-by: Paul Bolle \u003cpebolle@tiscali.nl\u003e\nSigned-off-by: Jiri Kosina \u003cjkosina@suse.cz\u003e\n" }, { "commit": "20328b56cdf8fcc79f28c6c50ad8190fc0779e80", "tree": "e8c38d27456bda5b112f0edccf63757e7098d997", "parents": [ "c5df39262dd59dbbffb1017fca0f1661408ac9d5" ], "author": { "name": "Kent Yoder", "email": "key@linux.vnet.ibm.com", "time": "Wed Aug 22 15:01:47 2012 -0500" }, "committer": { "name": "Kent Yoder", "email": "key@linux.vnet.ibm.com", "time": "Wed Aug 22 16:23:23 2012 -0500" }, "message": "ima: enable the IBM vTPM as the default TPM in the PPC64 case\n\nEnable tpm_ibmvtpm driver by default when IMA is enabled on PPC64\n\nSigned-off-by: Kent Yoder \u003ckey@linux.vnet.ibm.com\u003e\n" }, { "commit": "41ab999c80f1d368f32a2554ba8f44feff26f54d", "tree": "8d53970a210364e19ecbdc05f6d8c8f88e6aadbf", "parents": [ "e5dcd87fee12ed64a9ea911102025facc0c7d10c" ], "author": { "name": "Kent Yoder", "email": "key@linux.vnet.ibm.com", "time": "Thu Jun 07 13:47:14 2012 -0500" }, "committer": { "name": "Kent Yoder", "email": "key@linux.vnet.ibm.com", "time": "Wed Aug 22 11:11:33 2012 -0500" }, "message": "tpm: Move tpm_get_random api into the TPM device driver\n\nMove the tpm_get_random api from the trusted keys code into the TPM\ndevice driver itself so that other callers can make use of it. Also,\nchange the api slightly so that the number of bytes read is returned in\nthe call, since the TPM command can potentially return fewer bytes than\nrequested.\n\nAcked-by: David Safford \u003csafford@linux.vnet.ibm.com\u003e\nReviewed-by: H. Peter Anvin \u003chpa@linux.intel.com\u003e\nSigned-off-by: Kent Yoder \u003ckey@linux.vnet.ibm.com\u003e\n" }, { "commit": "3b07e9ca26866697616097044f25fbe53dbab693", "tree": "7621d076c91c05bc0fc3c63bdc54c279a487dfea", "parents": [ "43829731dd372d04d6706c51052b9dabab9ca356" ], "author": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Mon Aug 20 14:51:24 2012 -0700" }, "committer": { "name": "Tejun Heo", "email": "tj@kernel.org", "time": "Mon Aug 20 14:51:24 2012 -0700" }, "message": "workqueue: deprecate system_nrt[_freezable]_wq\n\nsystem_nrt[_freezable]_wq are now spurious. Mark them deprecated and\nconvert all users to system[_freezable]_wq.\n\nIf you\u0027re cc\u0027d and wondering what\u0027s going on: Now all workqueues are\nnon-reentrant, so there\u0027s no reason to use system_nrt[_freezable]_wq.\nPlease use system[_freezable]_wq instead.\n\nThis patch doesn\u0027t make any functional difference.\n\nSigned-off-by: Tejun Heo \u003ctj@kernel.org\u003e\nAcked-By: Lai Jiangshan \u003claijs@cn.fujitsu.com\u003e\n\nCc: Jens Axboe \u003caxboe@kernel.dk\u003e\nCc: David Airlie \u003cairlied@linux.ie\u003e\nCc: Jiri Kosina \u003cjkosina@suse.cz\u003e\nCc: \"David S. Miller\" \u003cdavem@davemloft.net\u003e\nCc: Rusty Russell \u003crusty@rustcorp.com.au\u003e\nCc: \"Paul E. McKenney\" \u003cpaulmck@linux.vnet.ibm.com\u003e\nCc: David Howells \u003cdhowells@redhat.com\u003e\n" }, { "commit": "7612bfeecc197bbb6629842b5c6ff1967f0a9b70", "tree": "d73acd2bc97866b256a70acb83e4ca69bce6e32d", "parents": [ "d9875690d9b89a866022ff49e3fcea892345ad92" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Wed Aug 15 11:41:55 2012 -0700" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Fri Aug 17 20:40:38 2012 +1000" }, "message": "Yama: access task_struct-\u003ecomm directly\n\nThe core ptrace access checking routine holds a task lock, and when\nreporting a failure, Yama takes a separate task lock. To avoid a\npotential deadlock with two ptracers taking the opposite locks, do not\nuse get_task_comm() and just use -\u003ecomm directly since accuracy is not\nimportant for the report.\n\nReported-by: Fengguang Wu \u003cfengguang.wu@intel.com\u003e\nSuggested-by: Oleg Nesterov \u003coleg@redhat.com\u003e\nCC: stable@vger.kernel.org\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nAcked-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "9d8dad742ad1c74d7e7210ee05d0b44961d5ea16", "tree": "b1e738bf17987552cdace2695d8b77328dc29bcf", "parents": [ "f4ba394c1b02e7fc2179fda8d3941a5b3b65efb6" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Thu Aug 09 19:01:26 2012 -0700" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Fri Aug 10 19:58:07 2012 +1000" }, "message": "Yama: higher restrictions should block PTRACE_TRACEME\n\nThe higher ptrace restriction levels should be blocking even\nPTRACE_TRACEME requests. The comments in the LSM documentation are\nmisleading about when the checks happen (the parent does not go through\nsecurity_ptrace_access_check() on a PTRACE_TRACEME call).\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nCc: stable@vger.kernel.org # 3.5.x and later\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "6290c2c439732727899405f39fb76c2f5585b707", "tree": "3b016b4602b6711e4354d1b288018888574d9d48", "parents": [ "c76562b6709fee5eff8a6a779be41c0bce661fd7" ], "author": { "name": "Mel Gorman", "email": "mgorman@suse.de", "time": "Tue Jul 31 16:44:44 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jul 31 18:42:47 2012 -0700" }, "message": "selinux: tag avc cache alloc as non-critical\n\nFailing to allocate a cache entry will only harm performance not\ncorrectness. Do not consume valuable reserve pages for something like\nthat.\n\nSigned-off-by: Peter Zijlstra \u003ca.p.zijlstra@chello.nl\u003e\nSigned-off-by: Mel Gorman \u003cmgorman@suse.de\u003e\nAcked-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Rik van Riel \u003criel@redhat.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nCc: Christoph Hellwig \u003chch@infradead.org\u003e\nCc: David S. Miller \u003cdavem@davemloft.net\u003e\nCc: Eric B Munson \u003cemunson@mgebm.net\u003e\nCc: Mel Gorman \u003cmgorman@suse.de\u003e\nCc: Mike Christie \u003cmichaelc@cs.wisc.edu\u003e\nCc: Neil Brown \u003cneilb@suse.de\u003e\nCc: Sebastian Andrzej Siewior \u003csebastian@breakpoint.cc\u003e\nCc: Trond Myklebust \u003cTrond.Myklebust@netapp.com\u003e\nCc: Xiaotian Feng \u003cdfeng@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "27c1ee3f929555b71fa39ec0d81a7e7185de1b16", "tree": "42e40bdfe4efac660d650658019391536ce67a42", "parents": [ "37cd9600a9e20359b0283983c9e3a55d84347168", "086ff4b3a7fb9cdf41e6a5d0ccd99b86d84633a1" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jul 30 17:25:34 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jul 30 17:25:34 2012 -0700" }, "message": "Merge branch \u0027akpm\u0027 (Andrew\u0027s patch-bomb)\n\nMerge Andrew\u0027s first set of patches:\n \"Non-MM patches:\n\n - lots of misc bits\n\n - tree-wide have_clk() cleanups\n\n - quite a lot of printk tweaks. I draw your attention to \"printk:\n convert the format for KERN_\u003cLEVEL\u003e to a 2 byte pattern\" which\n looks a bit scary. But afaict it\u0027s solid.\n\n - backlight updates\n\n - lib/ feature work (notably the addition and use of memweight())\n\n - checkpatch updates\n\n - rtc updates\n\n - nilfs updates\n\n - fatfs updates (partial, still waiting for acks)\n\n - kdump, proc, fork, IPC, sysctl, taskstats, pps, etc\n\n - new fault-injection feature work\"\n\n* Merge emailed patches from Andrew Morton \u003cakpm@linux-foundation.org\u003e: (128 commits)\n drivers/misc/lkdtm.c: fix missing allocation failure check\n lib/scatterlist: do not re-write gfp_flags in __sg_alloc_table()\n fault-injection: add tool to run command with failslab or fail_page_alloc\n fault-injection: add selftests for cpu and memory hotplug\n powerpc: pSeries reconfig notifier error injection module\n memory: memory notifier error injection module\n PM: PM notifier error injection module\n cpu: rewrite cpu-notifier-error-inject module\n fault-injection: notifier error injection\n c/r: fcntl: add F_GETOWNER_UIDS option\n resource: make sure requested range is included in the root range\n include/linux/aio.h: cpp-\u003eC conversions\n fs: cachefiles: add support for large files in filesystem caching\n pps: return PTR_ERR on error in device_create\n taskstats: check nla_reserve() return\n sysctl: suppress kmemleak messages\n ipc: use Kconfig options for __ARCH_WANT_[COMPAT_]IPC_PARSE_VERSION\n ipc: compat: use signed size_t types for msgsnd and msgrcv\n ipc: allow compat IPC version field parsing if !ARCH_WANT_OLD_COMPAT_IPC\n ipc: add COMPAT_SHMLBA support\n ...\n" }, { "commit": "1d151c337d79fa3de88654d2514f58fbd916a8e0", "tree": "79f96ea4b081f310aa62246e879224467b092261", "parents": [ "65fed8f6f23070b56d0ed3841173ddd410130a89" ], "author": { "name": "Cyrill Gorcunov", "email": "gorcunov@openvz.org", "time": "Mon Jul 30 14:43:00 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jul 30 17:25:21 2012 -0700" }, "message": "c/r: fcntl: add F_GETOWNER_UIDS option\n\nWhen we restore file descriptors we would like them to look exactly as\nthey were at dumping time.\n\nWith help of fcntl it\u0027s almost possible, the missing snippet is file\nowners UIDs.\n\nTo be able to read their values the F_GETOWNER_UIDS is introduced.\n\nThis option is valid iif CONFIG_CHECKPOINT_RESTORE is turned on, otherwise\nreturning -EINVAL.\n\nSigned-off-by: Cyrill Gorcunov \u003cgorcunov@openvz.org\u003e\nAcked-by: \"Eric W. Biederman\" \u003cebiederm@xmission.com\u003e\nCc: \"Serge E. Hallyn\" \u003cserge@hallyn.com\u003e\nCc: Oleg Nesterov \u003coleg@redhat.com\u003e\nCc: Pavel Emelyanov \u003cxemul@parallels.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "e3fea3f70fd68af0574a5f24246cdb4ed07f2b74", "tree": "c3a8ae06734b2987646dd89c87c0a16ee50d420e", "parents": [ "5935e6dcaaa8f666dd7f1169fa87d36752ebeb94" ], "author": { "name": "Al Viro", "email": "viro@ZenIV.linux.org.uk", "time": "Sat Jun 09 08:15:16 2012 +0100" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Mon Jul 30 15:36:50 2012 +1000" }, "message": "selinux: fix selinux_inode_setxattr oops\n\nOK, what we have so far is e.g.\n\tsetxattr(path, name, whatever, 0, XATTR_REPLACE)\nwith name being good enough to get through xattr_permission().\nThen we reach security_inode_setxattr() with the desired value and size.\nAha. name should begin with \"security.selinux\", or we won\u0027t get that\nfar in selinux_inode_setxattr(). Suppose we got there and have enough\npermissions to relabel that sucker. We call security_context_to_sid()\nwith value \u003d\u003d NULL, size \u003d\u003d 0. OK, we want ss_initialized to be non-zero.\nI.e. after everything had been set up and running. No problem...\n\nWe do 1-byte kmalloc(), zero-length memcpy() (which doesn\u0027t oops, even\nthought the source is NULL) and put a NUL there. I.e. form an empty\nstring. string_to_context_struct() is called and looks for the first\n\u0027:\u0027 in there. Not found, -EINVAL we get. OK, security_context_to_sid_core()\nhas rc \u003d\u003d -EINVAL, force \u003d\u003d 0, so it silently returns -EINVAL.\nAll it takes now is not having CAP_MAC_ADMIN and we are fucked.\n\nAll right, it might be a different bug (modulo strange code quoted in the\nreport), but it\u0027s real. Easily fixed, AFAICS:\n\nDeal with size \u003d\u003d 0, value \u003d\u003d NULL case in selinux_inode_setxattr()\n\nCc: stable@vger.kernel.org\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\nTested-by: Dave Jones \u003cdavej@redhat.com\u003e\nReported-by: Dave Jones \u003cdavej@redhat.com\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "3b9fc37280c521b086943f9aedda767f5bf3b2d3", "tree": "c76cc02753da4df5d11e516d8e9373e5f0426b24", "parents": [ "f7da9cdf45cbbad5029d4858dcbc0134e06084ed" ], "author": { "name": "Alan Cox", "email": "alan@linux.intel.com", "time": "Thu Jul 26 14:47:11 2012 -0700" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Mon Jul 30 15:04:17 2012 +1000" }, "message": "smack: off by one error\n\nConsider the input case of a rule that consists entirely of non space\nsymbols followed by a \\0. Say 64 + \\0\n\nIn this case strlen(data) \u003d 64\nkzalloc of subject and object are 64 byte objects\nsscanfdata, \"%s %s %s\", subject, ...)\n\nwill put 65 bytes into subject.\n\nSigned-off-by: Alan Cox \u003calan@linux.intel.com\u003e\nAcked-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\nCc: stable@vger.kernel.org\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "8ded2bbc1845e19c771eb55209aab166ef011243", "tree": "9ab400cdd407a9426fdfcc3432d7c0e19a0607ed", "parents": [ "4cb38750d49010ae72e718d46605ac9ba5a851b4" ], "author": { "name": "Josh Boyer", "email": "jwboyer@redhat.com", "time": "Wed Jul 25 10:40:34 2012 -0400" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Thu Jul 26 13:36:43 2012 -0700" }, "message": "posix_types.h: Cleanup stale __NFDBITS and related definitions\n\nRecently, glibc made a change to suppress sign-conversion warnings in\nFD_SET (glibc commit ceb9e56b3d1). This uncovered an issue with the\nkernel\u0027s definition of __NFDBITS if applications #include\n\u003clinux/types.h\u003e after including \u003csys/select.h\u003e. A build failure would\nbe seen when passing the -Werror\u003dsign-compare and -D_FORTIFY_SOURCE\u003d2\nflags to gcc.\n\nIt was suggested that the kernel should either match the glibc\ndefinition of __NFDBITS or remove that entirely. The current in-kernel\nuses of __NFDBITS can be replaced with BITS_PER_LONG, and there are no\nuses of the related __FDELT and __FDMASK defines. Given that, we\u0027ll\ncontinue the cleanup that was started with commit 8b3d1cda4f5f\n(\"posix_types: Remove fd_set macros\") and drop the remaining unused\nmacros.\n\nAdditionally, linux/time.h has similar macros defined that expand to\nnothing so we\u0027ll remove those at the same time.\n\nReported-by: Jeff Law \u003claw@redhat.com\u003e\nSuggested-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\nCC: \u003cstable@vger.kernel.org\u003e\nSigned-off-by: Josh Boyer \u003cjwboyer@redhat.com\u003e\n[ .. and fix up whitespace as per akpm ]\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "3c4cfadef6a1665d9cd02a543782d03d3e6740c6", "tree": "3df72faaacd494d5ac8c9668df4f529b1b5e4457", "parents": [ "e017507f37d5cb8b541df165a824958bc333bec3", "320f5ea0cedc08ef65d67e056bcb9d181386ef2c" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jul 24 10:01:50 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Tue Jul 24 10:01:50 2012 -0700" }, "message": "Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next\n\nPull networking changes from David S Miller:\n\n 1) Remove the ipv4 routing cache. Now lookups go directly into the FIB\n trie and use prebuilt routes cached there.\n\n No more garbage collection, no more rDOS attacks on the routing\n cache. Instead we now get predictable and consistent performance,\n no matter what the pattern of traffic we service.\n\n This has been almost 2 years in the making. Special thanks to\n Julian Anastasov, Eric Dumazet, Steffen Klassert, and others who\n have helped along the way.\n\n I\u0027m sure that with a change of this magnitude there will be some\n kind of fallout, but such things ought the be simple to fix at this\n point. Luckily I\u0027m not European so I\u0027ll be around all of August to\n fix things :-)\n\n The major stages of this work here are each fronted by a forced\n merge commit whose commit message contains a top-level description\n of the motivations and implementation issues.\n\n 2) Pre-demux of established ipv4 TCP sockets, saves a route demux on\n input.\n\n 3) TCP SYN/ACK performance tweaks from Eric Dumazet.\n\n 4) Add namespace support for netfilter L4 conntrack helpers, from Gao\n Feng.\n\n 5) Add config mechanism for Energy Efficient Ethernet to ethtool, from\n Yuval Mintz.\n\n 6) Remove quadratic behavior from /proc/net/unix, from Eric Dumazet.\n\n 7) Support for connection tracker helpers in userspace, from Pablo\n Neira Ayuso.\n\n 8) Allow userspace driven TX load balancing functions in TEAM driver,\n from Jiri Pirko.\n\n 9) Kill off NLMSG_PUT and RTA_PUT macros, more gross stuff with\n embedded gotos.\n\n10) TCP Small Queues, essentially minimize the amount of TCP data queued\n up in the packet scheduler layer. Whereas the existing BQL (Byte\n Queue Limits) limits the pkt_sched --\u003e netdevice queuing levels,\n this controls the TCP --\u003e pkt_sched queueing levels.\n\n From Eric Dumazet.\n\n11) Reduce the number of get_page/put_page ops done on SKB fragments,\n from Alexander Duyck.\n\n12) Implement protection against blind resets in TCP (RFC 5961), from\n Eric Dumazet.\n\n13) Support the client side of TCP Fast Open, basically the ability to\n send data in the SYN exchange, from Yuchung Cheng.\n\n Basically, the sender queues up data with a sendmsg() call using\n MSG_FASTOPEN, then they do the connect() which emits the queued up\n fastopen data.\n\n14) Avoid all the problems we get into in TCP when timers or PMTU events\n hit a locked socket. The TCP Small Queues changes added a\n tcp_release_cb() that allows us to queue work up to the\n release_sock() caller, and that\u0027s what we use here too. From Eric\n Dumazet.\n\n15) Zero copy on TX support for TUN driver, from Michael S. Tsirkin.\n\n* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next: (1870 commits)\n genetlink: define lockdep_genl_is_held() when CONFIG_LOCKDEP\n r8169: revert \"add byte queue limit support\".\n ipv4: Change rt-\u003ert_iif encoding.\n net: Make skb-\u003eskb_iif always track skb-\u003edev\n ipv4: Prepare for change of rt-\u003ert_iif encoding.\n ipv4: Remove all RTCF_DIRECTSRC handliing.\n ipv4: Really ignore ICMP address requests/replies.\n decnet: Don\u0027t set RTCF_DIRECTSRC.\n net/ipv4/ip_vti.c: Fix __rcu warnings detected by sparse.\n ipv4: Remove redundant assignment\n rds: set correct msg_namelen\n openvswitch: potential NULL deref in sample()\n tcp: dont drop MTU reduction indications\n bnx2x: Add new 57840 device IDs\n tcp: avoid oops in tcp_metrics and reset tcpm_stamp\n niu: Change niu_rbr_fill() to use unlikely() to check niu_rbr_add_page() return value\n niu: Fix to check for dma mapping errors.\n net: Fix references to out-of-scope variables in put_cmsg_compat()\n net: ethernet: davinci_emac: add pm_runtime support\n net: ethernet: davinci_emac: Remove unnecessary #include\n ...\n" }, { "commit": "e05644e17e744315bce12b0948cdc36910b9a76e", "tree": "92d62ff59c57f991ef6b5c3cc2c2dcd205946a11", "parents": [ "97e7292ab5ccd30a13c3612835535fc3f3e59715", "663728418e3494f8e4a82f5d1b2f23c22d11be35" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jul 23 18:49:06 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jul 23 18:49:06 2012 -0700" }, "message": "Merge branch \u0027next\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security\n\nPull security subsystem updates from James Morris:\n \"Nothing groundbreaking for this kernel, just cleanups and fixes, and a\n couple of Smack enhancements.\"\n\n* \u0027next\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (21 commits)\n Smack: Maintainer Record\n Smack: don\u0027t show empty rules when /smack/load or /smack/load2 is read\n Smack: user access check bounds\n Smack: onlycap limits on CAP_MAC_ADMIN\n Smack: fix smack_new_inode bogosities\n ima: audit is compiled only when enabled\n ima: ima_initialized is set only if successful\n ima: add policy for pseudo fs\n ima: remove unused cleanup functions\n ima: free securityfs violations file\n ima: use full pathnames in measurement list\n security: Fix nommu build.\n samples: seccomp: add .gitignore for untracked executables\n tpm: check the chip reference before using it\n TPM: fix memleak when register hardware fails\n TPM: chip disabled state erronously being reported as error\n MAINTAINERS: TPM maintainers\u0027 contacts update\n Merge branches \u0027next-queue\u0027 and \u0027next\u0027 into next\n Remove unused code from MPI library\n Revert \"crypto: GnuPG based MPI lib - additional sources (part 4)\"\n ...\n" }, { "commit": "a66d2c8f7ec1284206ca7c14569e2a607583f1e3", "tree": "08cf68bcef3559b370843cab8191e5cc0f740bde", "parents": [ "a6be1fcbc57f95bb47ef3c8e4ee3d83731b8f21e", "8cae6f7158ec1fa44c8a04a43db7d8020ec60437" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jul 23 12:27:27 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Mon Jul 23 12:27:27 2012 -0700" }, "message": "Merge branch \u0027for-linus-2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs\n\nPull the big VFS changes from Al Viro:\n \"This one is *big* and changes quite a few things around VFS. What\u0027s in there:\n\n - the first of two really major architecture changes - death to open\n intents.\n\n The former is finally there; it was very long in making, but with\n Miklos getting through really hard and messy final push in\n fs/namei.c, we finally have it. Unlike his variant, this one\n doesn\u0027t introduce struct opendata; what we have instead is\n -\u003eatomic_open() taking preallocated struct file * and passing\n everything via its fields.\n\n Instead of returning struct file *, it returns -E... on error, 0\n on success and 1 in \"deal with it yourself\" case (e.g. symlink\n found on server, etc.).\n\n See comments before fs/namei.c:atomic_open(). That made a lot of\n goodies finally possible and quite a few are in that pile:\n -\u003elookup(), -\u003ed_revalidate() and -\u003ecreate() do not get struct\n nameidata * anymore; -\u003elookup() and -\u003ed_revalidate() get lookup\n flags instead, -\u003ecreate() gets \"do we want it exclusive\" flag.\n\n With the introduction of new helper (kern_path_locked()) we are rid\n of all struct nameidata instances outside of fs/namei.c; it\u0027s still\n visible in namei.h, but not for long. Come the next cycle,\n declaration will move either to fs/internal.h or to fs/namei.c\n itself. [me, miklos, hch]\n\n - The second major change: behaviour of final fput(). Now we have\n __fput() done without any locks held by caller *and* not from deep\n in call stack.\n\n That obviously lifts a lot of constraints on the locking in there.\n Moreover, it\u0027s legal now to call fput() from atomic contexts (which\n has immediately simplified life for aio.c). We also don\u0027t need\n anti-recursion logics in __scm_destroy() anymore.\n\n There is a price, though - the damn thing has become partially\n asynchronous. For fput() from normal process we are guaranteed\n that pending __fput() will be done before the caller returns to\n userland, exits or gets stopped for ptrace.\n\n For kernel threads and atomic contexts it\u0027s done via\n schedule_work(), so theoretically we might need a way to make sure\n it\u0027s finished; so far only one such place had been found, but there\n might be more.\n\n There\u0027s flush_delayed_fput() (do all pending __fput()) and there\u0027s\n __fput_sync() (fput() analog doing __fput() immediately). I hope\n we won\u0027t need them often; see warnings in fs/file_table.c for\n details. [me, based on task_work series from Oleg merged last\n cycle]\n\n - sync series from Jan\n\n - large part of \"death to sync_supers()\" work from Artem; the only\n bits missing here are exofs and ext4 ones. As far as I understand,\n those are going via the exofs and ext4 trees resp.; once they are\n in, we can put -\u003ewrite_super() to the rest, along with the thread\n calling it.\n\n - preparatory bits from unionmount series (from dhowells).\n\n - assorted cleanups and fixes all over the place, as usual.\n\n This is not the last pile for this cycle; there\u0027s at least jlayton\u0027s\n ESTALE work and fsfreeze series (the latter - in dire need of fixes,\n so I\u0027m not sure it\u0027ll make the cut this cycle). I\u0027ll probably throw\n symlink/hardlink restrictions stuff from Kees into the next pile, too.\n Plus there\u0027s a lot of misc patches I hadn\u0027t thrown into that one -\n it\u0027s large enough as it is...\"\n\n* \u0027for-linus-2\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (127 commits)\n ext4: switch EXT4_IOC_RESIZE_FS to mnt_want_write_file()\n btrfs: switch btrfs_ioctl_balance() to mnt_want_write_file()\n switch dentry_open() to struct path, make it grab references itself\n spufs: shift dget/mntget towards dentry_open()\n zoran: don\u0027t bother with struct file * in zoran_map\n ecryptfs: don\u0027t reinvent the wheels, please - use struct completion\n don\u0027t expose I_NEW inodes via dentry-\u003ed_inode\n tidy up namei.c a bit\n unobfuscate follow_up() a bit\n ext3: pass custom EOF to generic_file_llseek_size()\n ext4: use core vfs llseek code for dir seeks\n vfs: allow custom EOF in generic_file_llseek code\n vfs: Avoid unnecessary WB_SYNC_NONE writeback during sys_sync and reorder sync passes\n vfs: Remove unnecessary flushing of block devices\n vfs: Make sys_sync writeout also block device inodes\n vfs: Create function for iterating over block devices\n vfs: Reorder operations during sys_sync\n quota: Move quota syncing to -\u003esync_fs method\n quota: Split dquot_quota_sync() to writeback and cache flushing part\n vfs: Move noop_backing_dev_info check from sync into writeback\n ...\n" }, { "commit": "765927b2d508712d320c8934db963bbe14c3fcec", "tree": "97acdb14fae285764def396c4ed01d4d5c93e76a", "parents": [ "bf349a447059656ebe63fb4fd1ccb27ac1da22ad" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jun 26 21:58:53 2012 +0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Jul 23 00:01:29 2012 +0400" }, "message": "switch dentry_open() to struct path, make it grab references itself\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "d35abdb28824cf74f0a106a0f9c6f3ff700a35bf", "tree": "860bbe5c9e2d42293698cd93c32299b2c6dac5a2", "parents": [ "6120d3dbb1220792ebea88cd475e1ec8f8620a93" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sat Jun 30 11:55:24 2012 +0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sun Jul 22 23:58:01 2012 +0400" }, "message": "hold task_lock around checks in keyctl\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "67d1214551e800f9fe7dc7c47a346d2df0fafed5", "tree": "ffcc93af9390339adda36668255e617073b724a1", "parents": [ "158e1645e07f3e9f7e4962d7a0997f5c3b98311b" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Wed Jun 27 11:07:19 2012 +0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sun Jul 22 23:57:56 2012 +0400" }, "message": "merge task_work and rcu_head, get rid of separate allocation for keyring case\n\ntask_work and rcu_head are identical now; merge them (calling the result\nstruct callback_head, rcu_head #define\u0027d to it), kill separate allocation\nin security/keys since we can just use cred-\u003ercu now.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "41f9d29f09ca0b22c3631e8a39676e74cda9bcc0", "tree": "7ab5ed25f14466471fb55536e1cf71c514fb7fe9", "parents": [ "7266702805f9d824f92ce5c4069eca65d0f21d28" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Tue Jun 26 22:10:04 2012 +0400" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Sun Jul 22 23:57:54 2012 +0400" }, "message": "trimming task_work: kill -\u003edata\n\nget rid of the only user of -\u003edata; this is _not_ the final variant - in the\nend we\u0027ll have task_work and rcu_head identical and just use cred-\u003ercu,\nat which point the separate allocation will be gone completely.\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "abaa72d7fd9a20a67b62e6afa0e746e27851dc33", "tree": "ebe4134fcc93a6e205e6004b3e652d7a62281651", "parents": [ "67da22d23fa6f3324e03bcd0580b914b2e4afbf3", "3e4b9459fb0e149c6b74c9e89399a8fc39a92b44" ], "author": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Thu Jul 19 11:17:30 2012 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Thu Jul 19 11:17:30 2012 -0700" }, "message": "Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net\n\nConflicts:\n\tdrivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c\n" }, { "commit": "e2f3b78557ff11f58d836e016900c3210f4fb1c1", "tree": "7ecaa578bee0dd90fc22daa0e3a736411f2d4309", "parents": [ "6f7024285864290259d6b4c36f9e84a4b89ec3c4", "3d2195c3324b27e65ba53d9626a6bd91a2515797" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Jul 18 13:42:44 2012 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Jul 18 13:42:44 2012 -0700" }, "message": "Merge branch \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security\n\nPull SELinux regression fixes from James Morris.\n\nAndrew Morton has a box that hit that open perms problem.\n\nI also renamed the \"epollwakeup\" selinux name for the new capability to\nbe \"block_suspend\", to match the rename done by commit d9914cf66181\n(\"PM: Rename CAP_EPOLLWAKEUP to CAP_BLOCK_SUSPEND\").\n\n* \u0027for-linus\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:\n SELinux: do not check open perms if they are not known to policy\n SELinux: include definition of new capabilities\n" }, { "commit": "3d2195c3324b27e65ba53d9626a6bd91a2515797", "tree": "c17445689c2926fa446c9bef4f5b169b60ce4f15", "parents": [ "64919e60915c5151b3dd4c8d2d9237a115ca990c" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Fri Jul 06 14:13:30 2012 -0400" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Mon Jul 16 11:41:47 2012 +1000" }, "message": "SELinux: do not check open perms if they are not known to policy\n\nWhen I introduced open perms policy didn\u0027t understand them and I\nimplemented them as a policycap. When I added the checking of open perm\nto truncate I forgot to conditionalize it on the userspace defined\npolicy capability. Running an old policy with a new kernel will not\ncheck open on open(2) but will check it on truncate. Conditionalize the\ntruncate check the same as the open check.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nCc: stable@vger.kernel.org # 3.4.x\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "64919e60915c5151b3dd4c8d2d9237a115ca990c", "tree": "712cbc272e15a3b3fe70f27a1ac1d7c57bf2300c", "parents": [ "918227bb1b59444a2c467711fd50cc22bb4a897b" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Fri Jul 06 14:13:29 2012 -0400" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Mon Jul 16 11:40:31 2012 +1000" }, "message": "SELinux: include definition of new capabilities\n\nThe kernel has added CAP_WAKE_ALARM and CAP_EPOLLWAKEUP. We need to\ndefine these in SELinux so they can be mediated by policy.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "65ee7f45cf075adcdd6b6ef365f5a5507f1ea5c5", "tree": "f674119c2d4e6eb877bb283dce89bdafa0442fa4", "parents": [ "3518721a8932b2a243f415c374aef020380efc9d" ], "author": { "name": "Rafal Krypa", "email": "r.krypa@samsung.com", "time": "Mon Jul 09 19:36:34 2012 +0200" }, "committer": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Fri Jul 13 15:49:24 2012 -0700" }, "message": "Smack: don\u0027t show empty rules when /smack/load or /smack/load2 is read\n\nThis patch removes empty rules (i.e. with access set to \u0027-\u0027) from the\nrule list presented to user space.\n\nSmack by design never removes labels nor rules from its lists. Access\nfor a rule may be set to \u0027-\u0027 to effectively disable it. Such rules would\nshow up in the listing generated when /smack/load or /smack/load2 is\nread. This may cause clutter if many rules were disabled.\n\nAs a rule with access set to \u0027-\u0027 is equivalent to no rule at all, they\nmay be safely hidden from the listing.\n\nTargeted for git://git.gitorious.org/smack-next/kernel.git\n\nSigned-off-by: Rafal Krypa \u003cr.krypa@samsung.com\u003e\nSigned-off-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "3518721a8932b2a243f415c374aef020380efc9d", "tree": "f16a039687aaf395e6751b7a9edda85e83b52502", "parents": [ "1880eff77e7a7cb46c68fae7cfa33f72f0a6e70e" ], "author": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Mon Jun 18 19:01:36 2012 -0700" }, "committer": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Fri Jul 13 15:49:24 2012 -0700" }, "message": "Smack: user access check bounds\n\nSome of the bounds checking used on the /smack/access\ninterface was lost when support for long labels was\nadded. No kernel access checks are affected, however\nthis is a case where /smack/access could be used\nincorrectly and fail to detect the error. This patch\nreintroduces the original checks.\n\nTargeted for git://git.gitorious.org/smack-next/kernel.git\n\nSigned-off-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "1880eff77e7a7cb46c68fae7cfa33f72f0a6e70e", "tree": "fc4b9a2ca7c643a30cbe2260886fdbd969bf2b50", "parents": [ "eb982cb4cf6405b97ea1f9e1d10864981f269d46" ], "author": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Tue Jun 05 15:28:30 2012 -0700" }, "committer": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Fri Jul 13 15:49:23 2012 -0700" }, "message": "Smack: onlycap limits on CAP_MAC_ADMIN\n\nSmack is integrated with the POSIX capabilities scheme,\nusing the capabilities CAP_MAC_OVERRIDE and CAP_MAC_ADMIN to\ndetermine if a process is allowed to ignore Smack checks or\nchange Smack related data respectively. Smack provides an\nadditional restriction that if an onlycap value is set\nby writing to /smack/onlycap only tasks with that Smack\nlabel are allowed to use CAP_MAC_OVERRIDE.\n\nThis change adds CAP_MAC_ADMIN as a capability that is affected\nby the onlycap mechanism.\n\nTargeted for git://git.gitorious.org/smack-next/kernel.git\n\nSigned-off-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "eb982cb4cf6405b97ea1f9e1d10864981f269d46", "tree": "8d89448e0ef96d587ea8052021a721e632b4b318", "parents": [ "417c6c8ee2eb6975f357d8975af94ba5fbeaf82d" ], "author": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Wed May 23 17:46:58 2012 -0700" }, "committer": { "name": "Casey Schaufler", "email": "casey@schaufler-ca.com", "time": "Fri Jul 13 15:49:23 2012 -0700" }, "message": "Smack: fix smack_new_inode bogosities\n\nIn January of 2012 Al Viro pointed out three bits of code that\nhe titled \"new_inode_smack bogosities\". This patch repairs these\nerrors.\n\n1. smack_sb_kern_mount() included a NULL check that is impossible.\n The check and NULL case are removed.\n2. smack_kb_kern_mount() included pointless locking. The locking is\n removed. Since this is the only place that lock was used the lock\n is removed from the superblock_smack structure.\n3. smk_fill_super() incorrectly and unnecessarily set the Smack label\n for the smackfs root inode. The assignment has been removed.\n\nTargeted for git://gitorious.org/smack-next/kernel.git\n\nSigned-off-by: Casey Schaufler \u003ccasey@schaufler-ca.com\u003e\n" }, { "commit": "417c6c8ee2eb6975f357d8975af94ba5fbeaf82d", "tree": "02af1e4363f415bfaa45c50a530cee78ecdf87b8", "parents": [ "7ff2267af595e642f1009198ab49e86a239148fa" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Mon Jun 25 12:18:21 2012 +0300" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Thu Jul 05 16:43:59 2012 -0400" }, "message": "ima: audit is compiled only when enabled\n\nIMA auditing code was compiled even when CONFIG_AUDIT was not enabled.\nThis patch compiles auditing code only when possible and enabled.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "7ff2267af595e642f1009198ab49e86a239148fa", "tree": "bd9187795ee24b4a339593caff40ea677e706e17", "parents": [ "8445d64dd761440fb5c73a2abba25009f4bf0e4c" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Mon Jun 25 12:18:11 2012 +0300" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Thu Jul 05 16:43:57 2012 -0400" }, "message": "ima: ima_initialized is set only if successful\n\nSet ima_initialized only if initialization was successful.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "8445d64dd761440fb5c73a2abba25009f4bf0e4c", "tree": "1529319b3b3fed827a02b5b8fafcd367045d540c", "parents": [ "c7de7adc18241a0eb10a6e1fed7cb1e01f53c85a" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Mon Jun 25 12:18:09 2012 +0300" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Thu Jul 05 16:42:33 2012 -0400" }, "message": "ima: add policy for pseudo fs\n\nExclude DEVPTS and BINFMT filesystems from the measurement policy.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "c90a9bb9073a4096596360f02ea711c619663494", "tree": "dc85d9f4c0d423e6b523e81c41a5b68e267de14f", "parents": [ "23c342153ef2a4ad8bd4f2d6515126449658d2b3", "9e85a6f9dc231f3ed3c1dc1b12217505d970142a" ], "author": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Thu Jul 05 03:44:25 2012 -0700" }, "committer": { "name": "David S. Miller", "email": "davem@davemloft.net", "time": "Thu Jul 05 03:44:25 2012 -0700" }, "message": "Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net\n" }, { "commit": "75331a597cf4cde51d9b0bb22cbd03b9837ef9e4", "tree": "799891ab0798cc42b1a0b8dc77cd4c42b0d17036", "parents": [ "09b243577be319ef55310b45c65737008f3ebf12" ], "author": { "name": "Paul Mundt", "email": "lethal@linux-sh.org", "time": "Mon Jul 02 14:34:11 2012 +0900" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Tue Jul 03 21:41:03 2012 +1000" }, "message": "security: Fix nommu build.\n\nThe security + nommu configuration presently blows up with an undefined\nreference to BDI_CAP_EXEC_MAP:\n\nsecurity/security.c: In function \u0027mmap_prot\u0027:\nsecurity/security.c:687:36: error: dereferencing pointer to incomplete type\nsecurity/security.c:688:16: error: \u0027BDI_CAP_EXEC_MAP\u0027 undeclared (first use in this function)\nsecurity/security.c:688:16: note: each undeclared identifier is reported only once for each function it appears in\n\ninclude backing-dev.h directly to fix it up.\n\nSigned-off-by: Paul Mundt \u003clethal@linux-sh.org\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" }, { "commit": "c7de7adc18241a0eb10a6e1fed7cb1e01f53c85a", "tree": "2b79a44399e29c7d20397ec5188b42528f8c90d5", "parents": [ "0ea4f8ae416a9e8d15f4e20680879358f620e8b8" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Mon Jun 25 12:18:10 2012 +0300" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Jul 02 16:43:30 2012 -0400" }, "message": "ima: remove unused cleanup functions\n\nIMA cannot be used as module and does not need __exit functions.\nRemoved them.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "0ea4f8ae416a9e8d15f4e20680879358f620e8b8", "tree": "68c03378249e4d3c543f5c6bf3833774a3c58adb", "parents": [ "08e1b76ae399a010c0d0916b125d75aed6961d16" ], "author": { "name": "Dmitry Kasatkin", "email": "dmitry.kasatkin@intel.com", "time": "Sun Jan 29 19:19:08 2012 -0500" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Jul 02 16:43:30 2012 -0400" }, "message": "ima: free securityfs violations file\n\nOn ima_fs_init() error, free securityfs violations file.\n\nSigned-off-by: Dmitry Kasatkin \u003cdmitry.kasatkin@intel.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\n" }, { "commit": "08e1b76ae399a010c0d0916b125d75aed6961d16", "tree": "88806da1802a75d3edbb46436bb509150177eb76", "parents": [ "659b5e76521c10331495cbd9acb7217e38ff9750" ], "author": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Wed Jun 20 09:32:55 2012 -0400" }, "committer": { "name": "Mimi Zohar", "email": "zohar@linux.vnet.ibm.com", "time": "Mon Jul 02 16:43:29 2012 -0400" }, "message": "ima: use full pathnames in measurement list\n\nThe IMA measurement list contains filename hints, which can be\nambigious without the full pathname. This patch replaces the\nfilename hint with the full pathname, simplifying for userspace\nthe correlating of file hash measurements with files.\n\nChange log v1:\n- Revert to short filenames, when full pathname is longer than IMA\n measurement buffer size. (Based on Dmitry\u0027s review)\n\nSigned-off-by: Mimi Zohar \u003czohar@linux.vnet.ibm.com\u003e\n" }, { "commit": "659b5e76521c10331495cbd9acb7217e38ff9750", "tree": "ed772e27f45fe8984c47166143b48ee3fb0d3bb2", "parents": [ "8aec836acbe56a27080723187f0a0f1686662318" ], "author": { "name": "Paul Mundt", "email": "lethal@linux-sh.org", "time": "Mon Jul 02 14:34:11 2012 +0900" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Mon Jul 02 23:56:04 2012 +1000" }, "message": "security: Fix nommu build.\n\nThe security + nommu configuration presently blows up with an undefined\nreference to BDI_CAP_EXEC_MAP:\n\nsecurity/security.c: In function \u0027mmap_prot\u0027:\nsecurity/security.c:687:36: error: dereferencing pointer to incomplete type\nsecurity/security.c:688:16: error: \u0027BDI_CAP_EXEC_MAP\u0027 undeclared (first use in this function)\nsecurity/security.c:688:16: note: each undeclared identifier is reported only once for each function it appears in\n\ninclude backing-dev.h directly to fix it up.\n\nSigned-off-by: Paul Mundt \u003clethal@linux-sh.org\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n" } ], "next": "a31f2d17b331db970259e875b7223d3aba7e3821" }