)]}' { "log": [ { "commit": "b0c2e34be932934698d7032942a18e8550815006", "tree": "a4ddf85461f154eb71dfabe3519a806b1d0626ba", "parents": [ "56ee9577915dc06f55309901012a9ef68dbdb5a8" ], "author": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Tue Sep 20 19:12:52 2022 +0200" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Wed Oct 26 13:22:21 2022 +0200" }, "message": "selinux: use \"grep -E\" instead of \"egrep\"\n\ncommit c969bb8dbaf2f3628927eae73e7c579a74cf1b6e upstream.\n\nThe latest version of grep claims that egrep is now obsolete so the build\nnow contains warnings that look like:\n\tegrep: warning: egrep is obsolescent; using grep -E\nfix this by using \"grep -E\" instead.\n\nCc: Paul Moore \u003cpaul@paul-moore.com\u003e\nCc: Stephen Smalley \u003cstephen.smalley.work@gmail.com\u003e\nCc: Eric Paris \u003ceparis@parisplace.org\u003e\nCc: selinux@vger.kernel.org\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n[PM: tweak to remove vdso reference, cleanup subj line]\nSigned-off-by: Paul Moore \u003cpaul@paul-moore.com\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n" }, { "commit": "1a59d1b8e05ea6ab45f7e18897de1ef0e6bc3da6", "tree": "64603c849c14a892dffe40e56b458377607b21b4", "parents": [ "e78d0eabefb7cabd5f168754a2d890624897f6a1" ], "author": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Mon May 27 08:55:05 2019 +0200" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Thu May 30 11:26:35 2019 -0700" }, "message": "treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156\n\nBased on 1 normalized pattern(s):\n\n this program is free software you can redistribute it and or modify\n it under the terms of the gnu general public license as published by\n the free software foundation either version 2 of the license or at\n your option any later version this program is distributed in the\n hope that it will be useful but without any warranty without even\n the implied warranty of merchantability or fitness for a particular\n purpose see the gnu general public license for more details you\n should have received a copy of the gnu general public license along\n with this program if not write to the free software foundation inc\n 59 temple place suite 330 boston ma 02111 1307 usa\n\nextracted by the scancode license scanner the SPDX license identifier\n\n GPL-2.0-or-later\n\nhas been chosen to replace the boilerplate/reference in 1334 file(s).\n\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nReviewed-by: Allison Randal \u003callison@lohutok.net\u003e\nReviewed-by: Richard Fontana \u003crfontana@redhat.com\u003e\nCc: linux-spdx@vger.kernel.org\nLink: https://lkml.kernel.org/r/20190527070033.113240726@linutronix.de\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n" }, { "commit": "ec8f24b7faaf3d4799a7c3f4c1b87f6b02778ad1", "tree": "66fbd55224767888b7db1f007a063c47669f652d", "parents": [ "09c434b8a0047c69e48499de0107de312901e798" ], "author": { "name": "Thomas Gleixner", "email": "tglx@linutronix.de", "time": "Sun May 19 13:07:45 2019 +0100" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Tue May 21 10:50:46 2019 +0200" }, "message": "treewide: Add SPDX license identifier - Makefile/Kconfig\n\nAdd SPDX license identifiers to all Make/Kconfig files which:\n\n - Have no license information of any form\n\nThese files fall under the project license, GPL v2 only. The resulting SPDX\nlicense identifier is:\n\n GPL-2.0-only\n\nSigned-off-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n" }, { "commit": "ccd19d4cafaaf36132c372e77ee9304b707c1e70", "tree": "eb4952a48578bdd7edf622509f0faa242d5c71a6", "parents": [ "ff1bf4c0714e7936330bb316090a75eaa35061e7" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Tue Mar 19 09:21:06 2019 -0400" }, "committer": { "name": "Paul Moore", "email": "paul@paul-moore.com", "time": "Tue Mar 19 12:29:04 2019 -0400" }, "message": "scripts/selinux: fix build\n\nWe need to add the object tree include directory to the include path\nfor building mdp in order to pick up generated/autoconf.h. Otherwise,\nmake O\u003d/path/to/objtree breaks.\n\nFixes: e37c1877ba5b (\"scripts/selinux: modernize mdp\")\nReported-by: Stephen Rothwell \u003csfr@canb.auug.org.au\u003e\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Paul Moore \u003cpaul@paul-moore.com\u003e\n" }, { "commit": "ff1bf4c0714e7936330bb316090a75eaa35061e7", "tree": "1496c36cb9c09e23d151ceff2044a252f2d5c52c", "parents": [ "e37c1877ba5b17d4251e1688449f8d43fc090802" ], "author": { "name": "Paulo Alcantara", "email": "paulo@paulo.ac", "time": "Sun Feb 24 21:55:28 2019 -0300" }, "committer": { "name": "Paul Moore", "email": "paul@paul-moore.com", "time": "Mon Mar 18 18:52:10 2019 -0400" }, "message": "selinux: use kernel linux/socket.h for genheaders and mdp\n\nWhen compiling genheaders and mdp from a newer host kernel, the\nfollowing error happens:\n\n In file included from scripts/selinux/genheaders/genheaders.c:18:\n ./security/selinux/include/classmap.h:238:2: error: #error New\n address family defined, please update secclass_map. #error New\n address family defined, please update secclass_map. ^~~~~\n make[3]: *** [scripts/Makefile.host:107:\n scripts/selinux/genheaders/genheaders] Error 1 make[2]: ***\n [scripts/Makefile.build:599: scripts/selinux/genheaders] Error 2\n make[1]: *** [scripts/Makefile.build:599: scripts/selinux] Error 2\n make[1]: *** Waiting for unfinished jobs....\n\nInstead of relying on the host definition, include linux/socket.h in\nclassmap.h to have PF_MAX.\n\nSigned-off-by: Paulo Alcantara \u003cpaulo@paulo.ac\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\n[PM: manually merge in mdp.c, subject line tweaks]\nSigned-off-by: Paul Moore \u003cpaul@paul-moore.com\u003e\n" }, { "commit": "e37c1877ba5b17d4251e1688449f8d43fc090802", "tree": "9d4af948a7cb406ddd9447e8b367afa281819fba", "parents": [ "9e98c678c2d6ae3a17cb2de55d17f69dddaa231b" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Thu Feb 21 16:31:47 2019 -0500" }, "committer": { "name": "Paul Moore", "email": "paul@paul-moore.com", "time": "Mon Mar 18 18:38:28 2019 -0400" }, "message": "scripts/selinux: modernize mdp\n\nDerived in part from a patch by Dominick Grift.\n\nThe MDP example no longer works on modern systems. Fix it.\nWhile we are at it, add MLS support and enable it.\n\nNB This still does not work on systems using dbus-daemon instead of\ndbus-broker because dbus-daemon does not yet gracefully handle unknown\nclasses/permissions. This appears to be a deficiency in libselinux\u0027s\nselinux_set_mapping() interface and underlying implementation,\nwhich was never fully updated to deal with unknown classes/permissions\nunlike the kernel. The same problem also occurs with XSELinux.\nPrograms that instead use selinux_check_access() like dbus-broker\nshould not have this problem.\n\nChanges to mdp:\nAdd support for devtmpfs, required by modern Linux distributions.\nAdd MLS support, with sample sensitivities, categories, and constraints.\nGenerate fs_use and genfscon rules based on kernel configuration.\nUpdate list of filesystem types for fs_use and genfscon rules.\nUse object_r for object contexts.\n\nChanges to install_policy.sh:\nBail immediately on any errors.\nProvide more helpful error messages when unable to find userspace tools.\nRefuse to run if SELinux is already enabled.\nUnconditionally move aside /etc/selinux/config and create a new one.\nBuild policy with -U allow so that userspace object managers do not break.\nBuild policy with MLS enabled by default.\nCreate seusers, failsafe_context, and default_contexts for use by\npam_selinux / libselinux.\nCreate x_contexts for the SELinux X extension.\nCreate virtual_domain_context and virtual_image_context for libvirtd.\nSet to permissive mode rather than enforcing to permit initial autorelabel.\nUpdate the list of filesystem types to be relabeled.\nWrite -F to /.autorelabel to cause a forced autorelabel on reboot.\nDrop broken attempt to relabel the /dev mountpoint directory.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nAcked-by: Dominick Grift \u003cdominick.grift@defensec.nl\u003e\nSigned-off-by: Paul Moore \u003cpaul@paul-moore.com\u003e\n" }, { "commit": "a40612ef0ee1e524aafee58d0e5713cf5fdb3d62", "tree": "d91ab06356cb2ffa1b49320127ed35a948c33d98", "parents": [ "651022382c7f8da46cb4872a545ee1da6d097d2a" ], "author": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Dec 10 03:40:11 2018 -0500" }, "committer": { "name": "Al Viro", "email": "viro@zeniv.linux.org.uk", "time": "Mon Dec 10 03:40:11 2018 -0500" }, "message": "genheaders: %-\u003cwidth\u003es had been there since v6; %-*s - since v7\n\nPlease, use at least K\u0026R C; printf had been able to left-adjust\na field for as long as stdio existed and use of \u0027*\u0027 for variable\nwidth had been there since v7. Yes, the first edition of K\u0026R\ndidn\u0027t cover the latter feature (it slightly predates v7), but\nyou are using a much later feature of the language than that -\nin K\u0026R C\nstatic char *stoupperx(const char *s)\n{\n...\n}\nwould\u0027ve been spelled as\nstatic char *stoupperx(s)\nchar *s;\n{\n...\n}\n\nWhile we are at it, the use of strstr() is bogus - it finds the\n_first_ instance of substring, so it\u0027s a lousy fit for checking\nif a string ends with given suffix...\n\nSigned-off-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e\n" }, { "commit": "be65f9ed267fd7d8b3146b7c4be9ecdd3e0aa3ed", "tree": "f9fddf1a58b26a1f2eaf2ed7fa350c1622abbdbb", "parents": [ "3b93c0f4b6accb8105152900d7e414593a8b0c79" ], "author": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Fri Jun 01 10:59:48 2018 +0200" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Tue Jun 05 19:22:35 2018 +0200" }, "message": "staging: lustre: delete the filesystem from the tree.\n\nThe Lustre filesystem has been in the kernel tree for over 5 years now.\nWhile it has been an endless source of enjoyment for new kernel\ndevelopers learning how to do basic codingstyle cleanups, as well as an\nsemi-entertaining source of bewilderment from the vfs developers any\ntime they have looked into the codebase to try to figure out how to port\ntheir latest api changes to this filesystem, it has not really moved\nforward into the \"this is in shape to get out of staging\" despite many\nhalf-completed attempts.\n\nAnd getting code out of staging is the main goal of that portion of the\nkernel tree. Code should not stagnate and it feels like having this\ncode in staging is only causing the development cycle of the filesystem\nto take longer than it should. There is a whole separate out-of-tree\ncopy of this codebase where the developers work on it, and then random\nchanges are thrown over the wall at staging at some later point in time.\nThis dual-tree development model has never worked, and the state of this\ncodebase is proof of that.\n\nSo, let\u0027s just delete the whole mess. Now the lustre developers can go\noff and work in their out-of-tree codebase and not have to worry about\nproviding valid changelog entries and breaking their patches up into\nlogical pieces. They can take the time they have spend doing those\ntypes of housekeeping chores and get the codebase into a much better\nshape, and it can be submitted for inclusion into the real part of the\nkernel tree when ready.\n\nCc: Oleg Drokin \u003coleg.drokin@intel.com\u003e\nCc: Andreas Dilger \u003candreas.dilger@intel.com\u003e\nCc: James Simmons \u003cjsimmons@infradead.org\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n" }, { "commit": "09bd7c75e55cbaa6c731b0c3a5512ad89159f26f", "tree": "a73bd9f94d7661d6ff82f3374d4efea81925f7c8", "parents": [ "fa7f578076a8814caa5371e9f4949e408140766d", "7f855fc805cd9c29867aed56cc20f818b36a7b7b" ], "author": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Nov 17 17:45:29 2017 -0800" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Fri Nov 17 17:45:29 2017 -0800" }, "message": "Merge tag \u0027kbuild-v4.15\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild\n\nPull Kbuild updates from Masahiro Yamada:\n \"One of the most remarkable improvements in this cycle is, Kbuild is\n now able to cache the result of shell commands. Some variables are\n expensive to compute, for example, $(call cc-option,...) invokes the\n compiler. It is not efficient to redo this computation every time,\n even when we are not actually building anything. Kbuild creates a\n hidden file \".cache.mk\" that contains invoked shell commands and their\n results. The speed-up should be noticeable.\n\n Summary:\n\n - Fix arch build issues (hexagon, sh)\n\n - Clean up various Makefiles and scripts\n\n - Fix wrong usage of {CFLAGS,LDFLAGS}_MODULE in arch Makefiles\n\n - Cache variables that are expensive to compute\n\n - Improve cc-ldopton and ld-option for Clang\n\n - Optimize output directory creation\"\n\n* tag \u0027kbuild-v4.15\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild: (30 commits)\n kbuild: move coccicheck help from scripts/Makefile.help to top Makefile\n sh: decompressor: add shipped files to .gitignore\n frv: .gitignore: ignore vmlinux.lds\n selinux: remove unnecessary assignment to subdir-\n kbuild: specify FORCE in Makefile.headersinst as .PHONY target\n kbuild: remove redundant mkdir from ./Kbuild\n kbuild: optimize object directory creation for incremental build\n kbuild: create object directories simpler and faster\n kbuild: filter-out PHONY targets from \"targets\"\n kbuild: remove redundant $(wildcard ...) for cmd_files calculation\n kbuild: create directory for make cache only when necessary\n sh: select KBUILD_DEFCONFIG depending on ARCH\n kbuild: fix linker feature test macros when cross compiling with Clang\n kbuild: shrink .cache.mk when it exceeds 1000 lines\n kbuild: do not call cc-option before KBUILD_CFLAGS initialization\n kbuild: Cache a few more calls to the compiler\n kbuild: Add a cache for generated variables\n kbuild: add forward declaration of default target to Makefile.asm-generic\n kbuild: remove KBUILD_SUBDIR_ASFLAGS and KBUILD_SUBDIR_CCFLAGS\n hexagon/kbuild: replace CFLAGS_MODULE with KBUILD_CFLAGS_MODULE\n ...\n" }, { "commit": "2f3b55ac0e15857f46a3696e964bb244305223bf", "tree": "afe588db9d19bad87e69b011828c016e2b213420", "parents": [ "e474ed45777bc230648186c0db990bd290383ada" ], "author": { "name": "Masahiro Yamada", "email": "yamada.masahiro@socionext.com", "time": "Mon Nov 13 19:40:40 2017 +0900" }, "committer": { "name": "Masahiro Yamada", "email": "yamada.masahiro@socionext.com", "time": "Thu Nov 16 09:13:43 2017 +0900" }, "message": "selinux: remove unnecessary assignment to subdir-\n\nMakefile.clean descends into $(subdir-y). Dummy assignment to subdir-\nis meaningless.\n\nSigned-off-by: Masahiro Yamada \u003cyamada.masahiro@socionext.com\u003e\nAcked-by: Paul Moore \u003cpaul@paul-moore.com\u003e\n" }, { "commit": "b24413180f5600bcb3bb70fbed5cf186b60864bd", "tree": "4ebcae0dab27ee8bfcecb9a5daf65353c6dd7ed6", "parents": [ "bb176f67090ca54869fc1262c913aa69d2ede070" ], "author": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Wed Nov 01 15:07:57 2017 +0100" }, "committer": { "name": "Greg Kroah-Hartman", "email": "gregkh@linuxfoundation.org", "time": "Thu Nov 02 11:10:55 2017 +0100" }, "message": "License cleanup: add SPDX GPL-2.0 license identifier to files with no license\n\nMany source files in the tree are missing licensing information, which\nmakes it harder for compliance tools to determine the correct license.\n\nBy default all files without license information are under the default\nlicense of the kernel, which is GPL version 2.\n\nUpdate the files which contain no license information with the \u0027GPL-2.0\u0027\nSPDX license identifier. The SPDX identifier is a legally binding\nshorthand, which can be used instead of the full boiler plate text.\n\nThis patch is based on work done by Thomas Gleixner and Kate Stewart and\nPhilippe Ombredanne.\n\nHow this work was done:\n\nPatches were generated and checked against linux-4.14-rc6 for a subset of\nthe use cases:\n - file had no licensing information it it.\n - file was a */uapi/* one with no licensing information in it,\n - file was a */uapi/* one with existing licensing information,\n\nFurther patches will be generated in subsequent months to fix up cases\nwhere non-standard license headers were used, and references to license\nhad to be inferred by heuristics based on keywords.\n\nThe analysis to determine which SPDX License Identifier to be applied to\na file was done in a spreadsheet of side by side results from of the\noutput of two independent scanners (ScanCode \u0026 Windriver) producing SPDX\ntag:value files created by Philippe Ombredanne. Philippe prepared the\nbase worksheet, and did an initial spot review of a few 1000 files.\n\nThe 4.13 kernel was the starting point of the analysis with 60,537 files\nassessed. Kate Stewart did a file by file comparison of the scanner\nresults in the spreadsheet to determine which SPDX license identifier(s)\nto be applied to the file. She confirmed any determination that was not\nimmediately clear with lawyers working with the Linux Foundation.\n\nCriteria used to select files for SPDX license identifier tagging was:\n - Files considered eligible had to be source code files.\n - Make and config files were included as candidates if they contained \u003e5\n lines of source\n - File already had some variant of a license header in it (even if \u003c5\n lines).\n\nAll documentation files were explicitly excluded.\n\nThe following heuristics were used to determine which SPDX license\nidentifiers to apply.\n\n - when both scanners couldn\u0027t find any license traces, file was\n considered to have no license information in it, and the top level\n COPYING file license applied.\n\n For non */uapi/* files that summary was:\n\n SPDX license identifier # files\n ---------------------------------------------------|-------\n GPL-2.0 11139\n\n and resulted in the first patch in this series.\n\n If that file was a */uapi/* path one, it was \"GPL-2.0 WITH\n Linux-syscall-note\" otherwise it was \"GPL-2.0\". Results of that was:\n\n SPDX license identifier # files\n ---------------------------------------------------|-------\n GPL-2.0 WITH Linux-syscall-note 930\n\n and resulted in the second patch in this series.\n\n - if a file had some form of licensing information in it, and was one\n of the */uapi/* ones, it was denoted with the Linux-syscall-note if\n any GPL family license was found in the file or had no licensing in\n it (per prior point). Results summary:\n\n SPDX license identifier # files\n ---------------------------------------------------|------\n GPL-2.0 WITH Linux-syscall-note 270\n GPL-2.0+ WITH Linux-syscall-note 169\n ((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) 21\n ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 17\n LGPL-2.1+ WITH Linux-syscall-note 15\n GPL-1.0+ WITH Linux-syscall-note 14\n ((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause) 5\n LGPL-2.0+ WITH Linux-syscall-note 4\n LGPL-2.1 WITH Linux-syscall-note 3\n ((GPL-2.0 WITH Linux-syscall-note) OR MIT) 3\n ((GPL-2.0 WITH Linux-syscall-note) AND MIT) 1\n\n and that resulted in the third patch in this series.\n\n - when the two scanners agreed on the detected license(s), that became\n the concluded license(s).\n\n - when there was disagreement between the two scanners (one detected a\n license but the other didn\u0027t, or they both detected different\n licenses) a manual inspection of the file occurred.\n\n - In most cases a manual inspection of the information in the file\n resulted in a clear resolution of the license that should apply (and\n which scanner probably needed to revisit its heuristics).\n\n - When it was not immediately clear, the license identifier was\n confirmed with lawyers working with the Linux Foundation.\n\n - If there was any question as to the appropriate license identifier,\n the file was flagged for further research and to be revisited later\n in time.\n\nIn total, over 70 hours of logged manual review was done on the\nspreadsheet to determine the SPDX license identifiers to apply to the\nsource files by Kate, Philippe, Thomas and, in some cases, confirmation\nby lawyers working with the Linux Foundation.\n\nKate also obtained a third independent scan of the 4.13 code base from\nFOSSology, and compared selected files where the other two scanners\ndisagreed against that SPDX file, to see if there was new insights. The\nWindriver scanner is based on an older version of FOSSology in part, so\nthey are related.\n\nThomas did random spot checks in about 500 files from the spreadsheets\nfor the uapi headers and agreed with SPDX license identifier in the\nfiles he inspected. For the non-uapi files Thomas did random spot checks\nin about 15000 files.\n\nIn initial set of patches against 4.14-rc6, 3 files were found to have\ncopy/paste license identifier errors, and have been fixed to reflect the\ncorrect identifier.\n\nAdditionally Philippe spent 10 hours this week doing a detailed manual\ninspection and review of the 12,461 patched files from the initial patch\nversion early this week with:\n - a full scancode scan run, collecting the matched texts, detected\n license ids and scores\n - reviewing anything where there was a license detected (about 500+\n files) to ensure that the applied SPDX license was correct\n - reviewing anything where there was no detection but the patch license\n was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied\n SPDX license was correct\n\nThis produced a worksheet with 20 files needing minor correction. This\nworksheet was then exported into 3 different .csv files for the\ndifferent types of files to be modified.\n\nThese .csv files were then reviewed by Greg. Thomas wrote a script to\nparse the csv files and add the proper SPDX tag to the file, in the\nformat that the file expected. This script was further refined by Greg\nbased on the output to detect more types of files automatically and to\ndistinguish between header and source .c files (which need different\ncomment types.) Finally Greg ran the script using the .csv files to\ngenerate the patches.\n\nReviewed-by: Kate Stewart \u003ckstewart@linuxfoundation.org\u003e\nReviewed-by: Philippe Ombredanne \u003cpombredanne@nexb.com\u003e\nReviewed-by: Thomas Gleixner \u003ctglx@linutronix.de\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\n" }, { "commit": "20a8d62eeff844a8624d6b58a0227c057b1aa43f", "tree": "56877fcae339098e9651439856d37fc0e84cd7a6", "parents": [ "cd0d877d633ef46ec72d53eebe0bf930e7506fa4" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Tue Jul 25 12:14:12 2017 -0400" }, "committer": { "name": "Paul Moore", "email": "paul@paul-moore.com", "time": "Mon Jul 31 19:03:02 2017 -0400" }, "message": "selinux: genheaders should fail if too many permissions are defined\n\nEnsure that genheaders fails with an error if too many permissions\nare defined in a class to fit within an access vector. This is similar\nto a check performed by checkpolicy when compiling the policy.\n\nAlso, fix the suffix on the permission constants generated by this program.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Paul Moore \u003cpaul@paul-moore.com\u003e\n" }, { "commit": "229fd05c565eb931aa7c59c9d740e2047701a4ad", "tree": "02fe4d7959df807381453555d232861d30dc651e", "parents": [ "504f231cda569b5e4e48d81a35376641552a5092" ], "author": { "name": "Kees Cook", "email": "keescook@chromium.org", "time": "Sat May 13 04:51:44 2017 -0700" }, "committer": { "name": "Jonathan Corbet", "email": "corbet@lwn.net", "time": "Thu May 18 10:31:30 2017 -0600" }, "message": "doc: ReSTify SELinux.txt\n\nAdjusts for ReST markup and moves under LSM admin guide.\n\nCc: Paul Moore \u003cpaul@paul-moore.com\u003e\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nSigned-off-by: Jonathan Corbet \u003ccorbet@lwn.net\u003e\n" }, { "commit": "c017c71ce09f4c7a5378fccbec6a3d7e96b0c5c2", "tree": "5e39795da65b23adaa26cd82e417ab927380688e", "parents": [ "579fc0dc09111c1f8b94742a0ed5a0bb8fdddbb9" ], "author": { "name": "Nicolas Iooss", "email": "nicolas.iooss@m4x.org", "time": "Sun Mar 05 15:01:52 2017 +0100" }, "committer": { "name": "Paul Moore", "email": "paul@paul-moore.com", "time": "Fri Mar 10 15:09:27 2017 -0500" }, "message": "selinux: include sys/socket.h in host programs to have PF_MAX\n\nCompiling with clang and -Wundef makes the compiler report a usage of\nundefined PF_MAX macro in security/selinux/include/classmap.h:\n\n In file included from scripts/selinux/mdp/mdp.c:48:\n security/selinux/include/classmap.h:37:31: warning: no previous\n extern declaration for non-static variable \u0027secclass_map\u0027\n [-Wmissing-variable-declarations]\n struct security_class_mapping secclass_map[] \u003d {\n ^\n security/selinux/include/classmap.h:235:5: error: \u0027PF_MAX\u0027 is not\n defined, evaluates to 0 [-Werror,-Wundef]\n #if PF_MAX \u003e 43\n ^\n In file included from scripts/selinux/genheaders/genheaders.c:17:\n security/selinux/include/classmap.h:37:31: warning: no previous\n extern declaration for non-static variable \u0027secclass_map\u0027\n [-Wmissing-variable-declarations]\n struct security_class_mapping secclass_map[] \u003d {\n ^\n security/selinux/include/classmap.h:235:5: error: \u0027PF_MAX\u0027 is not\n defined, evaluates to 0 [-Werror,-Wundef]\n #if PF_MAX \u003e 43\n ^\n\nPF_MAX is defined in include/linux/socket.h but not in\ninclude/uapi/linux/socket.h. Therefore host programs have to rely on the\ndefinition from libc\u0027s /usr/include/bits/socket.h, included by\n\u003csys/socket.h\u003e.\n\nFix the issue by using sys/socket.h in mdp and genheaders. When\nclassmap.h is included by security/selinux/avc.c, it uses the kernel\ndefinition of PF_MAX, which makes the test consistent.\n\nSigned-off-by: Nicolas Iooss \u003cnicolas.iooss@m4x.org\u003e\nSigned-off-by: Paul Moore \u003cpaul@paul-moore.com\u003e\n" }, { "commit": "bfc5e3a6af397dcf9c99a6c1872458e7867c4680", "tree": "09d7f23ed281538d97ead3b78691f2a33eee29ff", "parents": [ "9287aed2ad1ff1bde5eb190bcd6dccd5f1cf47d3" ], "author": { "name": "Paul Moore", "email": "paul@paul-moore.com", "time": "Wed Dec 21 10:39:25 2016 -0500" }, "committer": { "name": "Paul Moore", "email": "paul@paul-moore.com", "time": "Wed Dec 21 10:39:25 2016 -0500" }, "message": "selinux: use the kernel headers when building scripts/selinux\n\nCommit 3322d0d64f4e (\"selinux: keep SELinux in sync with new capability\ndefinitions\") added a check on the defined capabilities without\nexplicitly including the capability header file which caused problems\nwhen building genheaders for users of clang/llvm. Resolve this by\nusing the kernel headers when building genheaders, which is arguably\nthe right thing to do regardless, and explicitly including the\nkernel\u0027s capability.h header file in classmap.h. We also update the\nmdp build, even though it wasn\u0027t causing an error we really should\nbe using the headers from the kernel we are building.\n\nReported-by: Nicolas Iooss \u003cnicolas.iooss@m4x.org\u003e\nSigned-off-by: Paul Moore \u003cpaul@paul-moore.com\u003e" }, { "commit": "fda4d578ed0a7e1d116f56a15efea0e4ba78acad", "tree": "c37a5e55eaa07a578f0d2fa9fccd6ead91f403a5", "parents": [ "c3c188b2c3ed29effe8693672ee1c84184103b4e" ], "author": { "name": "Laurent Bigonville", "email": "bigon@bigon.be", "time": "Tue Jul 07 23:10:52 2015 +0200" }, "committer": { "name": "Paul Moore", "email": "pmoore@redhat.com", "time": "Mon Jul 13 13:32:00 2015 -0400" }, "message": "selinux: explicitly declare the role \"base_r\"\n\nThis fixes the compilation of policy generated by mdp with the recent\nversion of checkpolicy.\n\nSigned-off-by: Laurent Bigonville \u003cbigon@bigon.be\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: Paul Moore \u003cpmoore@redhat.com\u003e\n" }, { "commit": "06ed5c2bfacaf67039e87a213fa5d1cdde34246a", "tree": "ea3c6fbc224368b5e993c436e3a3757bf88d8e0e", "parents": [ "221ecca6cafefbb5106cfc8bf9f1105233a33745" ], "author": { "name": "Michal Marek", "email": "mmarek@suse.cz", "time": "Wed Aug 20 16:02:59 2014 +0200" }, "committer": { "name": "Michal Marek", "email": "mmarek@suse.cz", "time": "Wed Aug 20 16:03:45 2014 +0200" }, "message": "kbuild: Make scripts executable\n\nThe Makefiles call the respective interpreter explicitly, but this makes\nit easier to use the scripts manually.\n\nSigned-off-by: Michal Marek \u003cmmarek@suse.cz\u003e\n" }, { "commit": "2ccf4661f315615d018686d91d030a94001d0cc6", "tree": "f5374b5233ba5c43a4710bc8cbc5319091da044e", "parents": [ "32c2e6752ff0f48fe03b9e1c7c64bde580a840d2", "615e51fdda6f274e94b1e905fcaf6111e0d9aa20" ], "author": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Sat Jul 19 17:39:19 2014 +1000" }, "committer": { "name": "James Morris", "email": "james.l.morris@oracle.com", "time": "Sat Jul 19 17:39:19 2014 +1000" }, "message": "Merge branch \u0027next\u0027 of git://git.infradead.org/users/pcmoore/selinux into next\n" }, { "commit": "aa65506f198c482b52ba6592c0023eca8b4bf8bd", "tree": "56e8d1c2ec02c5231863af716ef2b3dd9b800113", "parents": [ "170b5910d9fbea79de1bb40df22eda5f98250c0c" ], "author": { "name": "Masahiro Yamada", "email": "yamada.m@jp.panasonic.com", "time": "Tue Jun 17 17:31:40 2014 -0400" }, "committer": { "name": "Paul Moore", "email": "pmoore@redhat.com", "time": "Tue Jun 17 17:31:40 2014 -0400" }, "message": "selinux, kbuild: remove unnecessary $(hostprogs-y) from clean-files\n\nFiles added to hostprogs-y are cleaned. (See scripts/Makefile.clean)\nAdding them to clean-files is redundant.\n\nSigned-off-by: Masahiro Yamada \u003cyamada.m@jp.panasonic.com\u003e\nAcked-by: Paul Moore \u003cpaul@paul-moore.com\u003e\nSigned-off-by: Paul Moore \u003cpmoore@redhat.com\u003e\n" }, { "commit": "7eb6e340526adf14ed7cf7dfde8b9c6fc0741cfc", "tree": "0e5bfa931e32e706edcb9fc108369ed8902702fe", "parents": [ "2d5c5dbb48253f1729dc09f266a98bd2d7e694cb" ], "author": { "name": "Masahiro Yamada", "email": "yamada.m@jp.panasonic.com", "time": "Thu May 29 14:12:29 2014 +0900" }, "committer": { "name": "Michal Marek", "email": "mmarek@suse.cz", "time": "Tue Jun 10 00:04:06 2014 +0200" }, "message": "kbuild: trivial - remove trailing empty lines\n\nSigned-off-by: Masahiro Yamada \u003cyamada.m@jp.panasonic.com\u003e\n" }, { "commit": "d410fa4ef99112386de5f218dd7df7b4fca910b4", "tree": "e29fbc3f6d27b20d73d8feb4ed73f6767f2e18fe", "parents": [ "61c4f2c81c61f73549928dfd9f3e8f26aa36a8cf" ], "author": { "name": "Randy Dunlap", "email": "randy.dunlap@oracle.com", "time": "Thu May 19 15:59:38 2011 -0700" }, "committer": { "name": "Randy Dunlap", "email": "randy.dunlap@oracle.com", "time": "Thu May 19 15:59:38 2011 -0700" }, "message": "Create Documentation/security/,\nmove LSM-, credentials-, and keys-related files from Documentation/\n to Documentation/security/,\nadd Documentation/security/00-INDEX, and\nupdate all occurrences of Documentation/\u003cmoved_file\u003e\n to Documentation/security/\u003cmoved_file\u003e.\n" }, { "commit": "4bc6c2d5d8386800fde23a8e78cd4f04a0ade0ad", "tree": "9ed72f305050b876d846b44ccf13f63fcbab1ff4", "parents": [ "0b24dcb7f2f7a0ce9b762eef0362c21c88f47b32" ], "author": { "name": "Harry Ciao", "email": "qingtao.cao@windriver.com", "time": "Wed Mar 02 13:46:08 2011 +0800" }, "committer": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Mar 03 15:19:43 2011 -0500" }, "message": "SELinux: Auto-generate security_is_socket_class\n\nThe security_is_socket_class() is auto-generated by genheaders based\non classmap.h to reduce maintenance effort when a new class is defined\nin SELinux kernel. The name for any socket class should be suffixed by\n\"socket\" and doesn\u0027t contain more than one substr of \"socket\".\n\nSigned-off-by: Harry Ciao \u003cqingtao.cao@windriver.com\u003e\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\n" }, { "commit": "310de047eef6685274045db1e6b39c9f313df428", "tree": "4f90d2ea0f068cffee5d9c569260098f6d94dd22", "parents": [ "77c160e7798b4141a0705c734397a9236bb0e726" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Mar 16 08:47:36 2010 +1100" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Tue Mar 16 08:47:36 2010 +1100" }, "message": "selinux: fix warning in genheaders\n\nFix const warning in the genheaders script as a result of\nchanges to the headers, as noted here:\n\nhttp://linux.derkeiler.com/Mailing-Lists/Kernel/2010-03/msg03977.html\n\nReported-by: Stephen Rothwell \u003csfr@canb.auug.org.au\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "85c3b529f8ad4d65ba86b982ef050212ae7dd976", "tree": "becd5d4d607faf5de3bf5d8470cacf715aef8f7a", "parents": [ "821d35a56044e522e811f6a1e8632cc230360280" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Fri Nov 20 11:00:12 2009 -0500" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Mon Nov 23 09:00:44 2009 +1100" }, "message": "SELinux: header generation may hit infinite loop\n\nIf a permission name is long enough the selinux class definition generation\ntool will go into a infinite loop. This is because it\u0027s macro max() is\nfooled into thinking it is dealing with unsigned numbers. This patch makes\nsure the macro always uses signed number so 1 \u003e -1.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "821d35a56044e522e811f6a1e8632cc230360280", "tree": "d15da5efe90a46262e3fed0489f85d954ff41f8d", "parents": [ "dd8dbf2e6880e30c00b18600c962d0cb5a03c555" ], "author": { "name": "Alan Cox", "email": "alan@linux.intel.com", "time": "Wed Nov 18 14:39:51 2009 +0000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Thu Nov 19 09:08:44 2009 +1100" }, "message": "selinux: Fix warnings\n\nscripts/selinux/genheaders/genheaders.c:20: warning: no previous prototype\nfor ?usage?\nscripts/selinux/genheaders/genheaders.c:26: warning: no previous prototype\nfor ?stoupperx?\n\nSigned-off-by: Alan Cox \u003calan@linux.intel.com\u003e\nAcked-by: WANG Cong \u003cxiyou.wangcong@gmail.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "6e8e16c7bc298d7887584c3d027e05db3e86eed9", "tree": "355403813b5945a5a5fdd24054a76a446d05b206", "parents": [ "3e1c2515acf70448cad1ae3ab835ca80be043d33" ], "author": { "name": "Eric Paris", "email": "eparis@redhat.com", "time": "Thu Oct 22 15:38:26 2009 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Sat Oct 24 09:42:27 2009 +0800" }, "message": "SELinux: add .gitignore files for dynamic classes\n\nThe SELinux dynamic class work in c6d3aaa4e35c71a32a86ececacd4eea7ecfc316c\ncreates a number of dynamic header files and scripts. Add .gitignore files\nso git doesn\u0027t complain about these.\n\nSigned-off-by: Eric Paris \u003ceparis@redhat.com\u003e\nAcked-by: Stephen D. Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "8753f6bec352392b52ed9b5e290afb34379f4612", "tree": "b5f381be9f56125309bfbfcaa73d68e08c309747", "parents": [ "c6d3aaa4e35c71a32a86ececacd4eea7ecfc316c" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Wed Sep 30 13:41:02 2009 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Oct 07 21:56:44 2009 +1100" }, "message": "selinux: generate flask headers during kernel build\n\nAdd a simple utility (scripts/selinux/genheaders) and invoke it to\ngenerate the kernel-private class and permission indices in flask.h\nand av_permissions.h automatically during the kernel build from the\nsecurity class mapping definitions in classmap.h. Adding new kernel\nclasses and permissions can then be done just by adding them to classmap.h.\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "c6d3aaa4e35c71a32a86ececacd4eea7ecfc316c", "tree": "1a5475b4370655a22670fd6eb35e54d8b131b362", "parents": [ "23acb98de5a4109a60b5fe3f0439389218b039d7" ], "author": { "name": "Stephen Smalley", "email": "sds@tycho.nsa.gov", "time": "Wed Sep 30 13:37:50 2009 -0400" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Oct 07 21:56:42 2009 +1100" }, "message": "selinux: dynamic class/perm discovery\n\nModify SELinux to dynamically discover class and permission values\nupon policy load, based on the dynamic object class/perm discovery\nlogic from libselinux. A mapping is created between kernel-private\nclass and permission indices used outside the security server and the\npolicy values used within the security server.\n\nThe mappings are only applied upon kernel-internal computations;\nsimilar mappings for the private indices of userspace object managers\nis handled on a per-object manager basis by the userspace AVC. The\ninterfaces for compute_av and transition_sid are split for kernel\nvs. userspace; the userspace functions are distinguished by a _user\nsuffix.\n\nThe kernel-private class indices are no longer tied to the policy\nvalues and thus do not need to skip indices for userspace classes;\nthus the kernel class index values are compressed. The flask.h\ndefinitions were regenerated by deleting the userspace classes from\nrefpolicy\u0027s definitions and then regenerating the headers. Going\nforward, we can just maintain the flask.h, av_permissions.h, and\nclassmap.h definitions separately from policy as they are no longer\ntied to the policy values. The next patch introduces a utility to\nautomate generation of flask.h and av_permissions.h from the\nclassmap.h definitions.\n\nThe older kernel class and permission string tables are removed and\nreplaced by a single security class mapping table that is walked at\npolicy load to generate the mapping. The old kernel class validation\nlogic is completely replaced by the mapping logic.\n\nThe handle unknown logic is reworked. reject_unknown\u003d1 is handled\nwhen the mappings are computed at policy load time, similar to the old\nhandling by the class validation logic. allow_unknown\u003d1 is handled\nwhen computing and mapping decisions - if the permission was not able\nto be mapped (i.e. undefined, mapped to zero), then it is\nautomatically added to the allowed vector. If the class was not able\nto be mapped (i.e. undefined, mapped to zero), then all permissions\nare allowed for it if allow_unknown\u003d1.\n\navc_audit leverages the new security class mapping table to lookup the\nclass and permission names from the kernel-private indices.\n\nThe mdp program is updated to use the new table when generating the\nclass definitions and allow rules for a minimal boot policy for the\nkernel. It should be noted that this policy will not include any\nuserspace classes, nor will its policy index values for the kernel\nclasses correspond with the ones in refpolicy (they will instead match\nthe kernel-private indices).\n\nSigned-off-by: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "5c725138437837291db5c25f4a076ee852e806e3", "tree": "ddd05a26b2aa65a7508546b22235dffa2f41f54f", "parents": [ "e898893399335514b10dfbd75598f8308976abe4" ], "author": { "name": "Trevor Keith", "email": "tsrk@tsrk.net", "time": "Tue Sep 22 16:43:38 2009 -0700" }, "committer": { "name": "Linus Torvalds", "email": "torvalds@linux-foundation.org", "time": "Wed Sep 23 07:39:28 2009 -0700" }, "message": "Fix all -Wmissing-prototypes warnings in x86 defconfig\n\nSigned-off-by: Trevor Keith \u003ctsrk@tsrk.net\u003e\nCc: Sam Ravnborg \u003csam@ravnborg.org\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n" }, { "commit": "b56c8c221d192e4ffa719d00907c3b60fbaa2737", "tree": "bdd84ebc482c9e00dca6536931336e2c614580f8", "parents": [ "d9250dea3f89fe808a525f08888016b495240ed4" ], "author": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 05 21:43:38 2008 +1000" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Fri Sep 05 21:43:38 2008 +1000" }, "message": "SELinux: add gitignore file for mdp script\n\nAdd gitignore file for scripts/selinux/mdp/mdp.\n\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" }, { "commit": "93c06cbbf9fea5d5be1778febb7fa9ab1a74e5f5", "tree": "de0ba51a2901097b7ab28483a040dc6ee5c9bc7d", "parents": [ "3f23d815c5049c9d7022226cec2242e384dd0b43" ], "author": { "name": "Serge E. Hallyn", "email": "serue@us.ibm.com", "time": "Tue Aug 26 14:47:57 2008 -0500" }, "committer": { "name": "James Morris", "email": "jmorris@namei.org", "time": "Wed Aug 27 08:54:08 2008 +1000" }, "message": "selinux: add support for installing a dummy policy (v2)\n\nIn August 2006 I posted a patch generating a minimal SELinux policy. This\nweek, David P. Quigley posted an updated version of that as a patch against\nthe kernel. It also had nice logic for auto-installing the policy.\n\nFollowing is David\u0027s original patch intro (preserved especially\nbc it has stats on the generated policies):\n\nse interested in the changes there were only two significant\nchanges. The first is that the iteration through the list of classes\nused NULL as a sentinel value. The problem with this is that the\nclass_to_string array actually has NULL entries in its table as place\nholders for the user space object classes.\n\nThe second change was that it would seem at some point the initial sids\ntable was NULL terminated. This is no longer the case so that iteration\nhas to be done on array length instead of looking for NULL.\n\nSome statistics on the policy that it generates:\n\nThe policy consists of 523 lines which contain no blank lines. Of those\n523 lines 453 of them are class, permission, and initial sid\ndefinitions. These lines are usually little to no concern to the policy\ndeveloper since they will not be adding object classes or permissions.\nOf the remaining 70 lines there is one type, one role, and one user\nstatement. The remaining lines are broken into three portions. The first\ngroup are TE allow rules which make up 29 of the remaining lines, the\nsecond is assignment of labels to the initial sids which consist of 27\nlines, and file system labeling statements which are the remaining 11.\n\nIn addition to the policy.conf generated there is a single file_contexts\nfile containing two lines which labels the entire system with base_t.\n\nThis policy generates a policy.23 binary that is 7920 bytes.\n\n(then a few versions later...):\n\nThe new policy is 587 lines (stripped of blank lines) with 476 of those\nlines being the boilerplate that I mentioned last time. The remaining\n111 lines have the 3 lines for type, user, and role, 70 lines for the\nallow rules (one for each object class including user space object\nclasses), 27 lines to assign types to the initial sids, and 11 lines for\nfile system labeling. The policy binary is 9194 bytes.\n\nChangelog:\n\n\tAug 26: Added Documentation/SELinux.txt\n\tAug 26: Incorporated a set of comments by Stephen Smalley:\n\t\t1. auto-setup SELINUXTYPE\u003ddummy\n\t\t2. don\u0027t auto-install if selinux is enabled with\n\t\t\tnon-dummy policy\n\t\t3. don\u0027t re-compute policy version\n\t\t4. /sbin/setfiles not /usr/sbin/setfiles\n\tAug 22: As per JMorris comments, made sure make distclean\n\t\tcleans up the mdp directory.\n\t\tRemoved a check for file_contexts which is now\n\t\tcreated in the same file as the check, making it\n\t\tsuperfluous.\n\nSigned-off-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: David Quigley \u003cdpquigl@tycho.nsa.gov\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n" } ] }