)]}'
{
  "log": [
    {
      "commit": "4b174b6d281f5c87234fc65bafc02877f565c5cf",
      "tree": "5c1f0519d2f4d642ac9ecec9a180019fe980958e",
      "parents": [
        "1bae4ce27c9c90344f23c65ea6966c50ffeae2f5"
      ],
      "author": {
        "name": "Mimi Zohar",
        "email": "zohar@linux.vnet.ibm.com",
        "time": "Tue Jan 18 09:07:11 2011 -0500"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Mon Jan 24 10:14:22 2011 +1100"
      },
      "message": "trusted-keys: rename trusted_defined files to trusted\n\nRename trusted_defined.c and trusted_defined.h files to trusted.c and\ntrusted.h, respectively. Based on request from David Howells.\n\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nAcked-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    },
    {
      "commit": "d00a1c72f7f4661212299e6cb132dfa58030bcdb",
      "tree": "2c873e461f42bbf3aea03b7b2e59cea8f941d841",
      "parents": [
        "c749ba912e87ccebd674ae24b97462176c63732e"
      ],
      "author": {
        "name": "Mimi Zohar",
        "email": "zohar@linux.vnet.ibm.com",
        "time": "Tue Nov 23 17:50:34 2010 -0500"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Mon Nov 29 08:55:25 2010 +1100"
      },
      "message": "keys: add new trusted key-type\n\nDefine a new kernel key-type called \u0027trusted\u0027.  Trusted keys are random\nnumber symmetric keys, generated and RSA-sealed by the TPM.  The TPM\nonly unseals the keys, if the boot PCRs and other criteria match.\nUserspace can only ever see encrypted blobs.\n\nBased on suggestions by Jason Gunthorpe, several new options have been\nadded to support additional usages.\n\nThe new options are:\nmigratable\u003d  designates that the key may/may not ever be updated\n             (resealed under a new key, new pcrinfo or new auth.)\n\npcrlock\u003dn    extends the designated PCR \u0027n\u0027 with a random value,\n             so that a key sealed to that PCR may not be unsealed\n             again until after a reboot.\n\nkeyhandle\u003d   specifies the sealing/unsealing key handle.\n\nkeyauth\u003d     specifies the sealing/unsealing key auth.\n\nblobauth\u003d    specifies the sealed data auth.\n\nImplementation of a kernel reserved locality for trusted keys will be\ninvestigated for a possible future extension.\n\nChangelog:\n- Updated and added examples to Documentation/keys-trusted-encrypted.txt\n- Moved generic TPM constants to include/linux/tpm_command.h\n  (David Howell\u0027s suggestion.)\n- trusted_defined.c: replaced kzalloc with kmalloc, added pcrlock failure\n  error handling, added const qualifiers where appropriate.\n- moved to late_initcall\n- updated from hash to shash (suggestion by David Howells)\n- reduced worst stack usage (tpm_seal) from 530 to 312 bytes\n- moved documentation to Documentation directory (suggestion by David Howells)\n- all the other code cleanups suggested by David Howells\n- Add pcrlock CAP_SYS_ADMIN dependency (based on comment by Jason Gunthorpe)\n- New options: migratable, pcrlock, keyhandle, keyauth, blobauth (based on\n  discussions with Jason Gunthorpe)\n- Free payload on failure to create key(reported/fixed by Roberto Sassu)\n- Updated Kconfig and other descriptions (based on Serge Hallyn\u0027s suggestion)\n- Replaced kzalloc() with kmalloc() (reported by Serge Hallyn)\n\nSigned-off-by: David Safford \u003csafford@watson.ibm.com\u003e\nSigned-off-by: Mimi Zohar \u003czohar@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    }
  ]
}