)]}'
{
  "log": [
    {
      "commit": "1c37c054a7493e0537ea3d15a59dac3a0aa63a05",
      "tree": "f0a07f73ed8707c9843ea5f57a9366608e35af6e",
      "parents": [
        "4bc9410c0cf5079219bdfa3295d83dfacefe1bb2"
      ],
      "author": {
        "name": "Michal Marek",
        "email": "mmarek@suse.cz",
        "time": "Fri Jan 25 13:41:19 2013 +1030"
      },
      "committer": {
        "name": "Rusty Russell",
        "email": "rusty@rustcorp.com.au",
        "time": "Fri Jan 25 16:55:36 2013 +1030"
      },
      "message": "MODSIGN: Add -s \u003csignature\u003e option to sign-file\n\nThis option allows to append an externally computed singature to the\nmodule. This is needed in setups, where the private key is not directly\navailable, but a service exists that returns signatures for given files.\n\nSigned-off-by: Michal Marek \u003cmmarek@suse.cz\u003e\nAcked-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Rusty Russell \u003crusty@rustcorp.com.au\u003e\n"
    },
    {
      "commit": "4bc9410c0cf5079219bdfa3295d83dfacefe1bb2",
      "tree": "df6c60a1d43224b72ba05abb21210b6b57915fd1",
      "parents": [
        "227536740e5cb157fb9fa9b381178c7d34b95d3b"
      ],
      "author": {
        "name": "Michal Marek",
        "email": "mmarek@suse.cz",
        "time": "Fri Jan 25 13:41:12 2013 +1030"
      },
      "committer": {
        "name": "Rusty Russell",
        "email": "rusty@rustcorp.com.au",
        "time": "Fri Jan 25 16:55:36 2013 +1030"
      },
      "message": "MODSIGN: Specify the hash algorithm on sign-file command line\n\nMake the script usable without a .config file.\n\nSigned-off-by: Michal Marek \u003cmmarek@suse.cz\u003e\nAcked-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Rusty Russell \u003crusty@rustcorp.com.au\u003e\n"
    },
    {
      "commit": "916492b1e1a186260951831c53a53d8a448dc026",
      "tree": "89be25f87ff1c051dc0038d1d65f1a5cd5fa1eed",
      "parents": [
        "99b6e1e7233073a23a20824db8c5260a723ed192"
      ],
      "author": {
        "name": "Chun-Yi Lee",
        "email": "jlee@suse.com",
        "time": "Wed Nov 21 11:26:09 2012 +0000"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@linux-foundation.org",
        "time": "Wed Nov 21 06:52:12 2012 -1000"
      },
      "message": "sign-file: fix the perl warning message when extracting ASN.1\n\nThere have the following warning message when running modules install\nfor sign ko files:\n\n  # make modules_install\n  ...\n    INSTALL drivers/input/touchscreen/pcap_ts.ko\n  Found \u003d in conditional, should be \u003d\u003d at scripts/sign-file line 164.\n  Found \u003d in conditional, should be \u003d\u003d at scripts/sign-file line 161.\n  Found \u003d in conditional, should be \u003d\u003d at scripts/sign-file line 159.\n\nThis patch change replace \u0027\u003d\u0027 by \u0027\u003d\u003d\u0027 in elsif conditions for avoid the\nabove warning messages.\n\nSigned-off-by: Chun-Yi Lee \u003cjlee@suse.com\u003e\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n"
    },
    {
      "commit": "caabe240574aec05b2f5667414ce80f9075c2ba1",
      "tree": "d92bf96b009bd0b0caec44c21348812b06805909",
      "parents": [
        "b6bb324dbddd704b4b9a85971e1f7ae79abb2e1d"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Sat Oct 20 01:19:29 2012 +0100"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@linux-foundation.org",
        "time": "Fri Oct 19 17:30:40 2012 -0700"
      },
      "message": "MODSIGN: Move the magic string to the end of a module and eliminate the search\n\nEmit the magic string that indicates a module has a signature after the\nsignature data instead of before it.  This allows module_sig_check() to\nbe made simpler and faster by the elimination of the search for the\nmagic string.  Instead we just need to do a single memcmp().\n\nThis works because at the end of the signature data there is the\nfixed-length signature information block.  This block then falls\nimmediately prior to the magic number.\n\nFrom the contents of the information block, it is trivial to calculate\nthe size of the signature data and thus the size of the actual module\ndata.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n"
    },
    {
      "commit": "b37d1bfb55d4b8a7d234fad0a84dca3336cee50b",
      "tree": "cf3fd49e0e09086029efa662a6cd50bcfe68a6ef",
      "parents": [
        "9e7814404b77c3e8920bee4277162bf3a7460505"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Fri Oct 19 23:56:37 2012 +0100"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@linux-foundation.org",
        "time": "Fri Oct 19 16:11:21 2012 -0700"
      },
      "message": "MODSIGN: perlify sign-file and merge in x509keyid\n\nTurn sign-file into perl and merge in x509keyid.  The latter doesn\u0027t\nneed to be a separate script as it doesn\u0027t actually need to work out the\nSHA1 sum of the X.509 certificate itself, since it can get that from the\nX.509 certificate.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n"
    },
    {
      "commit": "b05e585d4964cf0a70573d29113a1236ced98abf",
      "tree": "30a74a1d0475a2d651cb67b324c4b494d65038bd",
      "parents": [
        "16757372ffa5ee0ef7e82f73a6adbb054a434a13"
      ],
      "author": {
        "name": "Linus Torvalds",
        "email": "torvalds@linux-foundation.org",
        "time": "Fri Oct 19 12:43:19 2012 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@linux-foundation.org",
        "time": "Fri Oct 19 12:43:19 2012 -0700"
      },
      "message": "kbuild: Fix module signature generation\n\nRusty had clearly not actually tested his module signing changes that I\n(trustingly) applied as commit e2a666d52b48 (\"kbuild: sign the modules\nat install time\"). That commit had multiple bugs:\n\n - using \"${#VARIABLE}\" to get the number of characters in a shell\n   variable may look clever, but it\u0027s locale-dependent: it returns the\n   number of *characters*, not bytes. And we do need bytes.\n\n   So don\u0027t use \"${#..}\" expansion, do the stupid \"wc -c\" thing instead\n   (where \"c\" stands for \"bytes\", not \"characters\", despite the letter.\n\n - Rusty had confused \"siglen\" and \"signerlen\", and his conversion\n   didn\u0027t set \"signerlen\" at all, and incorrectly set \"siglen\" to the\n   size of the signer, not the size of the signature.\n\nEnd result: the modified sign-file script did create something that\nsuperficially *looked* like a signature, but didn\u0027t actually work at\nall, and would fail the signature check. Oops.\n\nTssk, tssk, Rusty.\n\nBut Rusty was definitely right that this whole thing should be rewritten\nin perl by somebody who has the perl-fu to do so.  That is not me,\nthough - I\u0027m just doing an emergency fix for the shell script.\n\nCc: Rusty Russell \u003crusty@rustcorp.com.au\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n"
    },
    {
      "commit": "e2a666d52b4825c26c857cada211f3baac26a600",
      "tree": "b7e91bd10e8c1b2932ffd1716fde3abccd7c4dd8",
      "parents": [
        "c9623de4fc2f8320fe94316b46171683be3b1d59"
      ],
      "author": {
        "name": "Rusty Russell",
        "email": "rusty@rustcorp.com.au",
        "time": "Fri Oct 19 11:53:15 2012 +1030"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@linux-foundation.org",
        "time": "Fri Oct 19 08:27:43 2012 -0700"
      },
      "message": "kbuild: sign the modules at install time\n\nLinus deleted the old code and put signing on the install command,\nI fixed it to extract the keyid and signer-name within sign-file\nand cleaned up that script now it always signs in-place.\n\nSome enthusiast should convert sign-key to perl and pull\nx509keyid into it.\n\nSigned-off-by: Rusty Russell \u003crusty@rustcorp.com.au\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n"
    },
    {
      "commit": "80d65e58e93ffdabf58202653a0435bd3cf2d82e",
      "tree": "966d24554f7ca69bd10a0ccf791e805d442a2238",
      "parents": [
        "85ecac79457e30b19802bbfaeba1856ad00945b0"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Wed Sep 26 10:11:06 2012 +0100"
      },
      "committer": {
        "name": "Rusty Russell",
        "email": "rusty@rustcorp.com.au",
        "time": "Wed Oct 10 20:06:33 2012 +1030"
      },
      "message": "MODSIGN: Sign modules during the build process\n\nIf CONFIG_MODULE_SIG is set, then this patch will cause all modules files to\nto have signatures added.  The following steps will occur:\n\n (1) The module will be linked to foo.ko.unsigned instead of foo.ko\n\n (2) The module will be stripped using both \"strip -x -g\" and \"eu-strip\" to\n     ensure minimal size for inclusion in an initramfs.\n\n (3) The signature will be generated on the stripped module.\n\n (4) The signature will be appended to the module, along with some information\n     about the signature and a magic string that indicates the presence of the\n     signature.\n\nStep (3) requires private and public keys to be available.  By default these\nare expected to be found in files:\n\n\tsigning_key.priv\n\tsigning_key.x509\n\nin the base directory of the build.  The first is the private key in PEM form\nand the second is the X.509 certificate in DER form as can be generated from\nopenssl:\n\n\topenssl req \\\n\t\t-new -x509 -outform PEM -out signing_key.x509 \\\n\t\t-keyout signing_key.priv -nodes \\\n\t\t-subj \"/CN\u003dH2G2/O\u003dMagrathea/CN\u003dSlartibartfast\"\n\nIf the secret key is not found then signing will be skipped and the unsigned\nmodule from (1) will just be copied to foo.ko.\n\nIf signing occurs, lines like the following will be seen:\n\n\tLD [M]  fs/foo/foo.ko.unsigned\n\tSTRIP [M] fs/foo/foo.ko.stripped\n\tSIGN [M] fs/foo/foo.ko\n\nwill appear in the build log.  If the signature step will be skipped and the\nfollowing will be seen:\n\n\tLD [M]  fs/foo/foo.ko.unsigned\n\tSTRIP [M] fs/foo/foo.ko.stripped\n\tNO SIGN [M] fs/foo/foo.ko\n\nNOTE!  After the signature step, the signed module _must_not_ be passed through\nstrip.  The unstripped, unsigned module is still available at the name on the\nLD [M] line.  This restriction may affect packaging tools (such as rpmbuild)\nand initramfs composition tools.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Rusty Russell \u003crusty@rustcorp.com.au\u003e\n"
    }
  ]
}
