)]}' { "log": [ { "commit": "f9732ea145886786a6f8b0493bc2239e70cbacdb", "tree": "e29b2441cc916a174d7cd0b03cd18986ae545250", "parents": [ "778c4a4d60d932c1df6d270dcbc88365823c3963" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sun Sep 25 17:50:23 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Sep 26 10:46:20 2011 +1000" }, "message": "TOMOYO: Simplify garbage collector.\n\nWhen TOMOYO started using garbage collector at commit 847b173e \"TOMOYO: Add\ngarbage collector.\", we waited for close() before kfree(). Thus, elements to be\nkfree()d were queued up using tomoyo_gc_list list.\n\nBut it turned out that tomoyo_element_linked_by_gc() tends to choke garbage\ncollector when certain pattern of entries are queued.\n\nSince garbage collector is no longer waiting for close() since commit 2e503bbb\n\"TOMOYO: Fix lockdep warning.\", we can remove tomoyo_gc_list list and\ntomoyo_element_linked_by_gc() by doing sequential processing.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "6bce98edc3365a8f780ff3944ac7992544c194fe", "tree": "ee10abf2345f651d65d7f10fd385c01e0dc891b3", "parents": [ "cc100551b4d92f47abebfa7c7918b2be71263b4a" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Sep 16 22:54:25 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Sep 19 10:09:59 2011 +1000" }, "message": "TOMOYO: Allow specifying domain transition preference.\n\nI got an opinion that it is difficult to use exception policy\u0027s domain\ntransition control directives because they need to match the pathname specified\nto \"file execute\" directives. For example, if \"file execute /bin/\\*\\-ls\\-cat\"\nis given, corresponding domain transition control directive needs to be like\n\"no_keep_domain /bin/\\*\\-ls\\-cat from any\".\n\nIf we can specify like below, it will become more convenient.\n\n file execute /bin/ls keep exec.realpath\u003d\"/bin/ls\" exec.argv[0]\u003d\"ls\"\n file execute /bin/cat keep exec.realpath\u003d\"/bin/cat\" exec.argv[0]\u003d\"cat\"\n file execute /bin/\\*\\-ls\\-cat child\n file execute /usr/sbin/httpd \u003capache\u003e exec.realpath\u003d\"/usr/sbin/httpd\" exec.argv[0]\u003d\"/usr/sbin/httpd\"\n\nIn above examples, \"keep\" works as if keep_domain is specified, \"child\" works\nas if \"no_reset_domain\" and \"no_initialize_domain\" and \"no_keep_domain\" are\nspecified, \"\u003capache\u003e\" causes domain transition to \u003capache\u003e domain upon\nsuccessful execve() operation.\n\nMoreover, we can also allow transition to different domains based on conditions\nlike below example.\n\n \u003ckernel\u003e /usr/sbin/sshd\n file execute /bin/bash \u003ckernel\u003e /usr/sbin/sshd //batch-session exec.argc\u003d2 exec.argv[1]\u003d\"-c\"\n file execute /bin/bash \u003ckernel\u003e /usr/sbin/sshd //root-session task.uid\u003d0\n file execute /bin/bash \u003ckernel\u003e /usr/sbin/sshd //nonroot-session task.uid!\u003d0\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "1f067a682a9bd252107ac6f6946b7332fde42344", "tree": "379bbbf02f0a802453e585a2a482192409308fbb", "parents": [ "059d84dbb3897d4ee494a9c842c5dda54316cb47" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Sat Sep 10 15:24:56 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Sep 14 08:27:06 2011 +1000" }, "message": "TOMOYO: Allow controlling generation of access granted logs for per an entry basis.\n\nAdd per-entry flag which controls generation of grant logs because Xen and KVM\nissues ioctl requests so frequently. For example,\n\n file ioctl /dev/null 0x5401 grant_log\u003dno\n\nwill suppress /sys/kernel/security/tomoyo/audit even if preference says\ngrant_log\u003dyes .\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5b636857fee642694e287e3a181b523b16098c93", "tree": "24afcc11fc35350a29f5d6d73d376a551c5569b8", "parents": [ "2ca9bf453bdd478bcb6c01aa2d0bd4c2f4350563" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:24:54 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:33 2011 +1000" }, "message": "TOMOYO: Allow using argv[]/envp[] of execve() as conditions.\n\nThis patch adds support for permission checks using argv[]/envp[] of execve()\nrequest. Hooks are in the last patch of this pathset.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2ca9bf453bdd478bcb6c01aa2d0bd4c2f4350563", "tree": "b9f6051059a2a90547a4501bf296b0cf3c9dbc76", "parents": [ "8761afd49ebff8ae04c1a7888af090177441d07d" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:23:44 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:33 2011 +1000" }, "message": "TOMOYO: Allow using executable\u0027s realpath and symlink\u0027s target as conditions.\n\nThis patch adds support for permission checks using executable file\u0027s realpath\nupon execve() and symlink\u0027s target upon symlink(). Hooks are in the last patch\nof this pathset.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "8761afd49ebff8ae04c1a7888af090177441d07d", "tree": "f43b52e1b8467eeea465762d2f9d0b81a336faa0", "parents": [ "2066a36125fcbf5220990173b9d8e8bc49ad7538" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:22:41 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:32 2011 +1000" }, "message": "TOMOYO: Allow using owner/group etc. of file objects as conditions.\n\nThis patch adds support for permission checks using file object\u0027s DAC\nattributes (e.g. owner/group) when checking file\u0027s pathnames. Hooks for passing\nfile object\u0027s pointers are in the last patch of this pathset.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "2066a36125fcbf5220990173b9d8e8bc49ad7538", "tree": "c8ea3a6d92a8b4b68cda986601336e8e8f58553e", "parents": [ "5c4274f13819b40e726f6ee4ef13b4952cff5010" ], "author": { "name": "Tetsuo Handa", "email": "penguin-kernel@I-love.SAKURA.ne.jp", "time": "Fri Jul 08 13:21:37 2011 +0900" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Jul 11 11:05:32 2011 +1000" }, "message": "TOMOYO: Allow using UID/GID etc. of current thread as conditions.\n\nThis patch adds support for permission checks using current thread\u0027s UID/GID\netc. in addition to pathnames.\n\nSigned-off-by: Tetsuo Handa \u003cpenguin-kernel@I-love.SAKURA.ne.jp\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" } ] }