<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/security, branch v4.20-rc4</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>Merge tag 'selinux-pr-20181115' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux</title>
<updated>2018-11-15T17:26:09+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2018-11-15T17:26:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=da5322e65940e4e8426613a8ff3d99a08b350a52'/>
<id>da5322e65940e4e8426613a8ff3d99a08b350a52</id>
<content type='text'>
Pull SELinux fixes from Paul Moore:
 "Two small SELinux fixes for v4.20.

  Ondrej's patch adds a check on user input, and my patch ensures we
  don't look past the end of a buffer.

  Both patches are quite small and pass the selinux-testsuite"

* tag 'selinux-pr-20181115' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
  selinux: fix non-MLS handling in mls_context_to_sid()
  selinux: check length properly in SCTP bind hook
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull SELinux fixes from Paul Moore:
 "Two small SELinux fixes for v4.20.

  Ondrej's patch adds a check on user input, and my patch ensures we
  don't look past the end of a buffer.

  Both patches are quite small and pass the selinux-testsuite"

* tag 'selinux-pr-20181115' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux:
  selinux: fix non-MLS handling in mls_context_to_sid()
  selinux: check length properly in SCTP bind hook
</pre>
</div>
</content>
</entry>
<entry>
<title>selinux: fix non-MLS handling in mls_context_to_sid()</title>
<updated>2018-11-14T02:44:33+00:00</updated>
<author>
<name>Paul Moore</name>
<email>paul@paul-moore.com</email>
</author>
<published>2018-11-14T02:44:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=877181a8d9dc663f7a73f77f50af714d7888ec3b'/>
<id>877181a8d9dc663f7a73f77f50af714d7888ec3b</id>
<content type='text'>
Commit 95ffe194204a ("selinux: refactor mls_context_to_sid() and make
it stricter") inadvertently changed how we handle labels that did not
contain MLS information.  This patch restores the proper behavior in
mls_context_to_sid() and adds a comment explaining the proper
behavior to help ensure this doesn't happen again.

Fixes: 95ffe194204a ("selinux: refactor mls_context_to_sid() and make it stricter")
Reported-by: Stephen Smalley &lt;sds@tycho.nsa.gov&gt;
Signed-off-by: Paul Moore &lt;paul@paul-moore.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Commit 95ffe194204a ("selinux: refactor mls_context_to_sid() and make
it stricter") inadvertently changed how we handle labels that did not
contain MLS information.  This patch restores the proper behavior in
mls_context_to_sid() and adds a comment explaining the proper
behavior to help ensure this doesn't happen again.

Fixes: 95ffe194204a ("selinux: refactor mls_context_to_sid() and make it stricter")
Reported-by: Stephen Smalley &lt;sds@tycho.nsa.gov&gt;
Signed-off-by: Paul Moore &lt;paul@paul-moore.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>integrity: support new struct public_key_signature encoding field</title>
<updated>2018-11-13T21:09:56+00:00</updated>
<author>
<name>Mimi Zohar</name>
<email>zohar@linux.ibm.com</email>
</author>
<published>2018-11-09T05:53:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=fd35f192e42cf7c0df1e2480bfd5965e35b2f4ca'/>
<id>fd35f192e42cf7c0df1e2480bfd5965e35b2f4ca</id>
<content type='text'>
On systems with IMA-appraisal enabled with a policy requiring file
signatures, the "good" signature values are stored on the filesystem as
extended attributes (security.ima).  Signature verification failure
would normally be limited to just a particular file (eg. executable),
but during boot signature verification failure could result in a system
hang.

Defining and requiring a new public_key_signature field requires all
callers of asymmetric signature verification to be updated to reflect
the change.  This patch updates the integrity asymmetric_verify()
caller.

Fixes: 82f94f24475c ("KEYS: Provide software public key query function [ver #2]")
Signed-off-by: Mimi Zohar &lt;zohar@linux.ibm.com&gt;
Cc: David Howells &lt;dhowells@redhat.com&gt;
Acked-by: Denis Kenzior &lt;denkenz@gmail.com&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
On systems with IMA-appraisal enabled with a policy requiring file
signatures, the "good" signature values are stored on the filesystem as
extended attributes (security.ima).  Signature verification failure
would normally be limited to just a particular file (eg. executable),
but during boot signature verification failure could result in a system
hang.

Defining and requiring a new public_key_signature field requires all
callers of asymmetric signature verification to be updated to reflect
the change.  This patch updates the integrity asymmetric_verify()
caller.

Fixes: 82f94f24475c ("KEYS: Provide software public key query function [ver #2]")
Signed-off-by: Mimi Zohar &lt;zohar@linux.ibm.com&gt;
Cc: David Howells &lt;dhowells@redhat.com&gt;
Acked-by: Denis Kenzior &lt;denkenz@gmail.com&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>selinux: check length properly in SCTP bind hook</title>
<updated>2018-11-13T16:39:09+00:00</updated>
<author>
<name>Ondrej Mosnacek</name>
<email>omosnace@redhat.com</email>
</author>
<published>2018-11-13T15:16:08+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=c138325fb8713472d5a0c3c7258b9131bab40725'/>
<id>c138325fb8713472d5a0c3c7258b9131bab40725</id>
<content type='text'>
selinux_sctp_bind_connect() must verify if the address buffer has
sufficient length before accessing the 'sa_family' field. See
__sctp_connect() for a similar check.

The length of the whole address ('len') is already checked in the
callees.

Reported-by: Qian Cai &lt;cai@gmx.us&gt;
Fixes: d452930fd3b9 ("selinux: Add SCTP support")
Cc: &lt;stable@vger.kernel.org&gt; # 4.17+
Cc: Richard Haines &lt;richard_c_haines@btinternet.com&gt;
Signed-off-by: Ondrej Mosnacek &lt;omosnace@redhat.com&gt;
Tested-by: Qian Cai &lt;cai@gmx.us&gt;
Signed-off-by: Paul Moore &lt;paul@paul-moore.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
selinux_sctp_bind_connect() must verify if the address buffer has
sufficient length before accessing the 'sa_family' field. See
__sctp_connect() for a similar check.

The length of the whole address ('len') is already checked in the
callees.

Reported-by: Qian Cai &lt;cai@gmx.us&gt;
Fixes: d452930fd3b9 ("selinux: Add SCTP support")
Cc: &lt;stable@vger.kernel.org&gt; # 4.17+
Cc: Richard Haines &lt;richard_c_haines@btinternet.com&gt;
Signed-off-by: Ondrej Mosnacek &lt;omosnace@redhat.com&gt;
Tested-by: Qian Cai &lt;cai@gmx.us&gt;
Signed-off-by: Paul Moore &lt;paul@paul-moore.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge tag 'apparmor-pr-2018-11-01' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor</title>
<updated>2018-11-02T17:04:26+00:00</updated>
<author>
<name>Linus Torvalds</name>
<email>torvalds@linux-foundation.org</email>
</author>
<published>2018-11-02T17:04:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=d81f50bd34646d8373b989e55180c0fc9af94e0b'/>
<id>d81f50bd34646d8373b989e55180c0fc9af94e0b</id>
<content type='text'>
Pull apparmor updates from John Johansen:
 "Features/Improvements:
   - replace spin_is_locked() with lockdep
   - add base support for secmark labeling and matching

  Cleanups:
   - clean an indentation issue, remove extraneous space
   - remove no-op permission check in policy_unpack
   - fix checkpatch missing spaces error in Parse secmark policy
   - fix network performance issue in aa_label_sk_perm

  Bug fixes:
   - add #ifdef checks for secmark filtering
   - fix an error code in __aa_create_ns()
   - don't try to replace stale label in ptrace checks
   - fix failure to audit context info in build_change_hat
   - check buffer bounds when mapping permissions mask
   - fully initialize aa_perms struct when answering userspace query
   - fix uninitialized value in aa_split_fqname"

* tag 'apparmor-pr-2018-11-01' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor:
  apparmor: clean an indentation issue, remove extraneous space
  apparmor: fix checkpatch error in Parse secmark policy
  apparmor: add #ifdef checks for secmark filtering
  apparmor: Fix uninitialized value in aa_split_fqname
  apparmor: don't try to replace stale label in ptraceme check
  apparmor: Replace spin_is_locked() with lockdep
  apparmor: Allow filtering based on secmark policy
  apparmor: Parse secmark policy
  apparmor: Add a wildcard secid
  apparmor: don't try to replace stale label in ptrace access check
  apparmor: Fix network performance issue in aa_label_sk_perm
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Pull apparmor updates from John Johansen:
 "Features/Improvements:
   - replace spin_is_locked() with lockdep
   - add base support for secmark labeling and matching

  Cleanups:
   - clean an indentation issue, remove extraneous space
   - remove no-op permission check in policy_unpack
   - fix checkpatch missing spaces error in Parse secmark policy
   - fix network performance issue in aa_label_sk_perm

  Bug fixes:
   - add #ifdef checks for secmark filtering
   - fix an error code in __aa_create_ns()
   - don't try to replace stale label in ptrace checks
   - fix failure to audit context info in build_change_hat
   - check buffer bounds when mapping permissions mask
   - fully initialize aa_perms struct when answering userspace query
   - fix uninitialized value in aa_split_fqname"

* tag 'apparmor-pr-2018-11-01' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor:
  apparmor: clean an indentation issue, remove extraneous space
  apparmor: fix checkpatch error in Parse secmark policy
  apparmor: add #ifdef checks for secmark filtering
  apparmor: Fix uninitialized value in aa_split_fqname
  apparmor: don't try to replace stale label in ptraceme check
  apparmor: Replace spin_is_locked() with lockdep
  apparmor: Allow filtering based on secmark policy
  apparmor: Parse secmark policy
  apparmor: Add a wildcard secid
  apparmor: don't try to replace stale label in ptrace access check
  apparmor: Fix network performance issue in aa_label_sk_perm
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: clean an indentation issue, remove extraneous space</title>
<updated>2018-11-02T05:34:25+00:00</updated>
<author>
<name>Colin Ian King</name>
<email>colin.king@canonical.com</email>
</author>
<published>2018-10-30T14:11:31+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=566f52ece7bd1099d20dfe2f6f0801896643cf8f'/>
<id>566f52ece7bd1099d20dfe2f6f0801896643cf8f</id>
<content type='text'>
Trivial fix to clean up an indentation issue, remove space

Signed-off-by: Colin Ian King &lt;colin.king@canonical.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Trivial fix to clean up an indentation issue, remove space

Signed-off-by: Colin Ian King &lt;colin.king@canonical.com&gt;
Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>apparmor: fix checkpatch error in Parse secmark policy</title>
<updated>2018-11-02T05:28:17+00:00</updated>
<author>
<name>John Johansen</name>
<email>john.johansen@canonical.com</email>
</author>
<published>2018-11-02T05:28:17+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=76af016e65e74023a11b2710e18a98b68b86e3cd'/>
<id>76af016e65e74023a11b2710e18a98b68b86e3cd</id>
<content type='text'>
Fix missed spacing error reported by checkpatch for
9caafbe2b4cf ("Parse secmark policy")

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Fix missed spacing error reported by checkpatch for
9caafbe2b4cf ("Parse secmark policy")

Signed-off-by: John Johansen &lt;john.johansen@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>KEYS: Move trusted.h to include/keys [ver #2]</title>
<updated>2018-10-26T08:30:47+00:00</updated>
<author>
<name>Denis Kenzior</name>
<email>denkenz@gmail.com</email>
</author>
<published>2018-10-09T16:48:49+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=22447981fc050b5f1bdd0e7cbee89b4152a2b2d8'/>
<id>22447981fc050b5f1bdd0e7cbee89b4152a2b2d8</id>
<content type='text'>
Signed-off-by: Denis Kenzior &lt;denkenz@gmail.com&gt;
Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
Tested-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Reviewed-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Signed-off-by: Denis Kenzior &lt;denkenz@gmail.com&gt;
Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
Tested-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Reviewed-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>KEYS: trusted: Expose common functionality [ver #2]</title>
<updated>2018-10-26T08:30:47+00:00</updated>
<author>
<name>Denis Kenzior</name>
<email>denkenz@gmail.com</email>
</author>
<published>2018-10-09T16:48:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=e1ea9f86023e7668604cc6456a818e5e4d0361c9'/>
<id>e1ea9f86023e7668604cc6456a818e5e4d0361c9</id>
<content type='text'>
This patch exposes some common functionality needed to send TPM commands.
Several functions from keys/trusted.c are exposed for use by the new tpm
key subtype and a module dependency is introduced.

In the future, common functionality between the trusted key type and the
asym_tpm subtype should be factored out into a common utility library.

Signed-off-by: Denis Kenzior &lt;denkenz@gmail.com&gt;
Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
Tested-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Reviewed-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This patch exposes some common functionality needed to send TPM commands.
Several functions from keys/trusted.c are exposed for use by the new tpm
key subtype and a module dependency is introduced.

In the future, common functionality between the trusted key type and the
asym_tpm subtype should be factored out into a common utility library.

Signed-off-by: Denis Kenzior &lt;denkenz@gmail.com&gt;
Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
Tested-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Reviewed-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>KEYS: Provide keyctls to drive the new key type ops for asymmetric keys [ver #2]</title>
<updated>2018-10-26T08:30:46+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2018-10-09T16:46:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=00d60fd3b93219ea854220f0fd264b86398cbc53'/>
<id>00d60fd3b93219ea854220f0fd264b86398cbc53</id>
<content type='text'>
Provide five keyctl functions that permit userspace to make use of the new
key type ops for accessing and driving asymmetric keys.

 (*) Query an asymmetric key.

	long keyctl(KEYCTL_PKEY_QUERY,
		    key_serial_t key, unsigned long reserved,
		    struct keyctl_pkey_query *info);

     Get information about an asymmetric key.  The information is returned
     in the keyctl_pkey_query struct:

	__u32	supported_ops;

     A bit mask of flags indicating which ops are supported.  This is
     constructed from a bitwise-OR of:

	KEYCTL_SUPPORTS_{ENCRYPT,DECRYPT,SIGN,VERIFY}

	__u32	key_size;

     The size in bits of the key.

	__u16	max_data_size;
	__u16	max_sig_size;
	__u16	max_enc_size;
	__u16	max_dec_size;

     The maximum sizes in bytes of a blob of data to be signed, a signature
     blob, a blob to be encrypted and a blob to be decrypted.

     reserved must be set to 0.  This is intended for future use to hand
     over one or more passphrases needed unlock a key.

     If successful, 0 is returned.  If the key is not an asymmetric key,
     EOPNOTSUPP is returned.

 (*) Encrypt, decrypt, sign or verify a blob using an asymmetric key.

	long keyctl(KEYCTL_PKEY_ENCRYPT,
		    const struct keyctl_pkey_params *params,
		    const char *info,
		    const void *in,
		    void *out);

	long keyctl(KEYCTL_PKEY_DECRYPT,
		    const struct keyctl_pkey_params *params,
		    const char *info,
		    const void *in,
		    void *out);

	long keyctl(KEYCTL_PKEY_SIGN,
		    const struct keyctl_pkey_params *params,
		    const char *info,
		    const void *in,
		    void *out);

	long keyctl(KEYCTL_PKEY_VERIFY,
		    const struct keyctl_pkey_params *params,
		    const char *info,
		    const void *in,
		    const void *in2);

     Use an asymmetric key to perform a public-key cryptographic operation
     a blob of data.

     The parameter block pointed to by params contains a number of integer
     values:

	__s32		key_id;
	__u32		in_len;
	__u32		out_len;
	__u32		in2_len;

     For a given operation, the in and out buffers are used as follows:

	Operation ID		in,in_len	out,out_len	in2,in2_len
	=======================	===============	===============	===========
	KEYCTL_PKEY_ENCRYPT	Raw data	Encrypted data	-
	KEYCTL_PKEY_DECRYPT	Encrypted data	Raw data	-
	KEYCTL_PKEY_SIGN	Raw data	Signature	-
	KEYCTL_PKEY_VERIFY	Raw data	-		Signature

     info is a string of key=value pairs that supply supplementary
     information.

     The __spare space in the parameter block must be set to 0.  This is
     intended, amongst other things, to allow the passing of passphrases
     required to unlock a key.

     If successful, encrypt, decrypt and sign all return the amount of data
     written into the output buffer.  Verification returns 0 on success.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
Tested-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Reviewed-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Reviewed-by: Denis Kenzior &lt;denkenz@gmail.com&gt;
Tested-by: Denis Kenzior &lt;denkenz@gmail.com&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Provide five keyctl functions that permit userspace to make use of the new
key type ops for accessing and driving asymmetric keys.

 (*) Query an asymmetric key.

	long keyctl(KEYCTL_PKEY_QUERY,
		    key_serial_t key, unsigned long reserved,
		    struct keyctl_pkey_query *info);

     Get information about an asymmetric key.  The information is returned
     in the keyctl_pkey_query struct:

	__u32	supported_ops;

     A bit mask of flags indicating which ops are supported.  This is
     constructed from a bitwise-OR of:

	KEYCTL_SUPPORTS_{ENCRYPT,DECRYPT,SIGN,VERIFY}

	__u32	key_size;

     The size in bits of the key.

	__u16	max_data_size;
	__u16	max_sig_size;
	__u16	max_enc_size;
	__u16	max_dec_size;

     The maximum sizes in bytes of a blob of data to be signed, a signature
     blob, a blob to be encrypted and a blob to be decrypted.

     reserved must be set to 0.  This is intended for future use to hand
     over one or more passphrases needed unlock a key.

     If successful, 0 is returned.  If the key is not an asymmetric key,
     EOPNOTSUPP is returned.

 (*) Encrypt, decrypt, sign or verify a blob using an asymmetric key.

	long keyctl(KEYCTL_PKEY_ENCRYPT,
		    const struct keyctl_pkey_params *params,
		    const char *info,
		    const void *in,
		    void *out);

	long keyctl(KEYCTL_PKEY_DECRYPT,
		    const struct keyctl_pkey_params *params,
		    const char *info,
		    const void *in,
		    void *out);

	long keyctl(KEYCTL_PKEY_SIGN,
		    const struct keyctl_pkey_params *params,
		    const char *info,
		    const void *in,
		    void *out);

	long keyctl(KEYCTL_PKEY_VERIFY,
		    const struct keyctl_pkey_params *params,
		    const char *info,
		    const void *in,
		    const void *in2);

     Use an asymmetric key to perform a public-key cryptographic operation
     a blob of data.

     The parameter block pointed to by params contains a number of integer
     values:

	__s32		key_id;
	__u32		in_len;
	__u32		out_len;
	__u32		in2_len;

     For a given operation, the in and out buffers are used as follows:

	Operation ID		in,in_len	out,out_len	in2,in2_len
	=======================	===============	===============	===========
	KEYCTL_PKEY_ENCRYPT	Raw data	Encrypted data	-
	KEYCTL_PKEY_DECRYPT	Encrypted data	Raw data	-
	KEYCTL_PKEY_SIGN	Raw data	Signature	-
	KEYCTL_PKEY_VERIFY	Raw data	-		Signature

     info is a string of key=value pairs that supply supplementary
     information.

     The __spare space in the parameter block must be set to 0.  This is
     intended, amongst other things, to allow the passing of passphrases
     required to unlock a key.

     If successful, encrypt, decrypt and sign all return the amount of data
     written into the output buffer.  Verification returns 0 on success.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
Tested-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Reviewed-by: Marcel Holtmann &lt;marcel@holtmann.org&gt;
Reviewed-by: Denis Kenzior &lt;denkenz@gmail.com&gt;
Tested-by: Denis Kenzior &lt;denkenz@gmail.com&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
