)]}'
{
  "commit": "aae7cfcbb733cf16f3bc9cbb650673b94d5df75f",
  "tree": "5e90734622f6f65d6eb7ed83099c05ad8cc2c80c",
  "parents": [
    "b3859ee18ed287170b66b19a78191f7312ec3470"
  ],
  "author": {
    "name": "David Herrmann",
    "email": "dh.herrmann@gmail.com",
    "time": "Fri May 04 16:28:19 2018 +0200"
  },
  "committer": {
    "name": "James Morris",
    "email": "james.morris@microsoft.com",
    "time": "Fri May 04 12:48:54 2018 -0700"
  },
  "message": "security: add hook for socketpair()\n\nRight now the LSM labels for socketpairs are always uninitialized,\nsince there is no security hook for the socketpair() syscall. This\npatch adds the required hooks so LSMs can properly label socketpairs.\nThis allows SO_PEERSEC to return useful information on those sockets.\n\nNote that the behavior of socketpair() can be emulated by creating a\nlistener socket, connecting to it, and then discarding the initial\nlistener socket. With this workaround, SO_PEERSEC would return the\ncaller\u0027s security context. However, with socketpair(), the uninitialized\ncontext is returned unconditionally. This is unexpected and makes\nsocketpair() less useful in situations where the security context is\ncrucial to the application.\n\nWith the new socketpair-hook this disparity can be solved by making\nsocketpair() return the expected security context.\n\nAcked-by: Serge Hallyn \u003cserge@hallyn.com\u003e\nSigned-off-by: Tom Gundersen \u003cteg@jklm.no\u003e\nSigned-off-by: David Herrmann \u003cdh.herrmann@gmail.com\u003e\nSigned-off-by: James Morris \u003cjames.morris@microsoft.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "9d0b286f3dbaf56c5362327a1bc82ed1a9132a34",
      "old_mode": 33188,
      "old_path": "include/linux/lsm_hooks.h",
      "new_id": "8f1131c8dd54b1a6f5586a793eef839036004cfa",
      "new_mode": 33188,
      "new_path": "include/linux/lsm_hooks.h"
    },
    {
      "type": "modify",
      "old_id": "ecb06e1357dd12bbcfd96eba526d673d344b8006",
      "old_mode": 33188,
      "old_path": "include/linux/security.h",
      "new_id": "63030c85ee1927ae0de30a07148fa511e19231aa",
      "new_mode": 33188,
      "new_path": "include/linux/security.h"
    },
    {
      "type": "modify",
      "old_id": "7bc2fde023a797e7a941622a0a6d45c11fdb8b6b",
      "old_mode": 33188,
      "old_path": "security/security.c",
      "new_id": "68f46d849abea30d148dac3942d833c8ef80e114",
      "new_mode": 33188,
      "new_path": "security/security.c"
    }
  ]
}