Show patches with: State = Action Required       |    Archived = No       |   141 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[GIT,PULL] selinux/selinux-pr-20250323 [GIT,PULL] selinux/selinux-pr-20250323 - - - --- 2025-03-23 Paul Moore New
[v4,1/3] lsm: introduce new hooks for setting/getting inode fsxattr fs: introduce getfsxattrat and setfsxattrat syscalls - - - --- 2025-03-21 Andrey Albershteyn New
[v3] Inject matchpathcon_filespec_add64() if !defined(__INO_T_MATCHES_INO64_T) instead of using __B… [v3] Inject matchpathcon_filespec_add64() if !defined(__INO_T_MATCHES_INO64_T) instead of using __B… - - - --- 2025-03-20 наб New
[v3,5/5] Audit: Add record for multiple object contexts [v3,1/5] Audit: Create audit_stamp structure - - - --- 2025-03-19 Casey Schaufler New
[v3,4/5] Audit: multiple subject lsm values for netlabel [v3,1/5] Audit: Create audit_stamp structure - - - --- 2025-03-19 Casey Schaufler New
[v3,3/5] Audit: Add record for multiple task security contexts [v3,1/5] Audit: Create audit_stamp structure - - - --- 2025-03-19 Casey Schaufler New
[v3,2/5] LSM: security_lsmblob_to_secctx module selection [v3,1/5] Audit: Create audit_stamp structure - - - --- 2025-03-19 Casey Schaufler New
[v3,1/5] Audit: Create audit_stamp structure [v3,1/5] Audit: Create audit_stamp structure - - - --- 2025-03-19 Casey Schaufler New
[v2] Inject matchpathcon_filespec_add64() if !defined(__INO_T_MATCHES_INO64_T) instead of using __B… [v2] Inject matchpathcon_filespec_add64() if !defined(__INO_T_MATCHES_INO64_T) instead of using __B… - - - --- 2025-03-18 наб New
[RFC,7/7] selinux: drop copy-paste comment Untitled series #945024 - - - --- 2025-03-18 Christian Göttsche New
[RFC,1/6] selinux: constify network address pointer [RFC,1/6] selinux: constify network address pointer - - - --- 2025-03-18 Christian Göttsche New
[RFC,6/6] selinux: add cache stats for network tables [RFC,1/6] selinux: constify network address pointer - - - --- 2025-03-18 Christian Göttsche New
[RFC,5/6] selinux: unify OOM handling in network hashtables [RFC,1/6] selinux: constify network address pointer - - - --- 2025-03-18 Christian Göttsche New
[RFC,4/6] selinux: improve network lookup failure warnings [RFC,1/6] selinux: constify network address pointer - - - --- 2025-03-18 Christian Göttsche New
[RFC,3/6] selinux: add likely hints for fast paths [RFC,1/6] selinux: constify network address pointer - - - --- 2025-03-18 Christian Göttsche New
[RFC,2/6] selinux: contify network namespace pointer [RFC,1/6] selinux: constify network address pointer - - - --- 2025-03-18 Christian Göttsche New
[v3] selinux: support wildcard match in genfscon [v3] selinux: support wildcard match in genfscon - - - --- 2025-03-18 Takaya Saeki New
libsepol: Print info nodes at the first child libsepol: Print info nodes at the first child - - - --- 2025-03-17 Inseob Kim bachradsusi New
libsepol: Print line markers also for allow rules libsepol: Print line markers also for allow rules - - - --- 2025-03-17 Inseob Kim bachradsusi New
checkpolicy: free ebitmap on error in define_compute_type_helper() checkpolicy: free ebitmap on error in define_compute_type_helper() - - - --- 2025-03-14 Christian Göttsche bachradsusi New
[v3,1/4] libselinux: constify global strings [v3,1/4] libselinux: constify global strings 1 - - --- 2025-03-14 Christian Göttsche bachradsusi New
[v3,4/4] libselinux: limit fcontext regex path length [v3,1/4] libselinux: constify global strings - - - --- 2025-03-14 Christian Göttsche bachradsusi New
[v3,3/4] libselinux: initialize regex arch string in a thread safe way [v3,1/4] libselinux: constify global strings - - - --- 2025-03-14 Christian Göttsche bachradsusi New
[v3,2/4] libselinux: use local instead of global error buffer [v3,1/4] libselinux: constify global strings - - - --- 2025-03-14 Christian Göttsche bachradsusi New
[V2] selinux: access sid under READ/WRITE_ONCE [V2] selinux: access sid under READ/WRITE_ONCE - - - --- 2025-03-11 Edward Adam Davis pcmoore Under Review
Insert -I../../libselinux/include and -L../../libselinux/src into subprograms where needed Insert -I../../libselinux/include and -L../../libselinux/src into subprograms where needed - - - --- 2025-02-27 наб bachradsusi New
Don't inject matchpathcon_filespec_add64() ifdef __x86_64__ Don't inject matchpathcon_filespec_add64() ifdef __x86_64__ - - - --- 2025-02-27 наб bachradsusi New
[1/2] libselinux: introduce context_to_str(3) [1/2] libselinux: introduce context_to_str(3) - - - --- 2025-02-26 Christian Göttsche bachradsusi New
[2/2] mcstrans: make use of context_to_str(3) [1/2] libselinux: introduce context_to_str(3) - - - --- 2025-02-26 Christian Göttsche bachradsusi New
[1/2] libselinux: add restore option to modify user and role portions [1/2] libselinux: add restore option to modify user and role portions - - - --- 2025-02-26 Christian Göttsche bachradsusi New
[2/2] setfiles: add option to modify user and role portions [1/2] libselinux: add restore option to modify user and role portions - - - --- 2025-02-26 Christian Göttsche bachradsusi New
[1/3] checkpolicy: free left hand conditional expression on error [1/3] checkpolicy: free left hand conditional expression on error - - - --- 2025-02-25 Christian Göttsche bachradsusi New
[3/3] checkpolicy: perform cleanup on error in define_filename_trans() [1/3] checkpolicy: free left hand conditional expression on error - - - --- 2025-02-25 Christian Göttsche bachradsusi New
[2/3] checkpolicy: abort on mismatched declarations [1/3] checkpolicy: free left hand conditional expression on error - - - --- 2025-02-25 Christian Göttsche bachradsusi New
libsemanage: improve performance of semanage store rebuild libsemanage: improve performance of semanage store rebuild 1 - - --- 2025-02-25 Petr Lautrbach bachradsusi New
selinux: add FILE__WATCH_MOUNTNS selinux: add FILE__WATCH_MOUNTNS 1 - - --- 2025-02-24 Miklos Szeredi pcmoore Under Review
checkpolicy: rework cleanup in define_te_avtab_xperms_helper() checkpolicy: rework cleanup in define_te_avtab_xperms_helper() 1 - - --- 2025-02-22 Christian Göttsche bachradsusi New
[v2] libsemanage: create semanage_basename to ensure posix compliance [v2] libsemanage: create semanage_basename to ensure posix compliance 1 - - --- 2025-02-21 Rahul Sandhu bachradsusi New
libsemanage: define basename macro for non-glibc systems libsemanage: define basename macro for non-glibc systems - - - --- 2025-02-20 Rahul Sandhu bachradsusi New
libselinux: warn on identical duplicate properties libselinux: warn on identical duplicate properties 1 - - --- 2025-02-13 Thiébaud Weksteen bachradsusi New
Switch from bison name-prefix to api.prefix Switch from bison name-prefix to api.prefix 1 - - --- 2025-02-12 Daniel Burgener bachradsusi New
[v3] Support static-only builds [v3] Support static-only builds - - - --- 2025-02-11 Alyssa Ross bachradsusi New
[testsuite] policy,tests: add tests for new permissions for loading files/data [testsuite] policy,tests: add tests for new permissions for loading files/data - 1 1 --- 2025-02-05 kippndavis.work@gmx.com omos New
[4/4] libselinux: limit fcontext regex path length [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[3/4] libselinux: initialize regex arch string in a thread safe way [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[2/4] libselinux: use local instead of global error buffer [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[1/4] libselinux: constify global strings [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[RFC,2/2] libsemanage: Set new restorecon handle before doing restorecon Possible solution to possible regression - - - --- 2025-01-22 James Carter bachradsusi New
[RFC,1/2] libselinux: Close old selabel handle when setting a new one Possible solution to possible regression - - - --- 2025-01-22 James Carter bachradsusi New
[v2] libselinux: limit node depth while parsing compiled fcontexts [v2] libselinux: limit node depth while parsing compiled fcontexts 1 - - --- 2025-01-16 Christian Göttsche bachradsusi New
[v2] semanage: improve -e documentation and fix delete operation [v2] semanage: improve -e documentation and fix delete operation - - - --- 2025-01-14 Christian Göttsche bachradsusi New
[RFC,v2,00/17] testsuite: misc fixes and virtme-ng support - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,17/17] tests: drop headers from Makefile dependencies [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,16/17] tests: fail on compiler warnings and enable Wextra [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,15/17] tests: test code tweaks [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,14/17] defconfig: enable CONFIG_NETFILTER_NETLINK_LOG [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,13/17] defconfig: enable CONFIG_XFRM_USER [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,12/17] tests/filesystem: improve fsnotify check and preload loop module [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,11/17] tests/inet_socket: skip mptcp if not supported [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,10/17] tests/tun_tap: skip if not supported [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,09/17] tests/extended_socket_class: work with CONFIG_CRYPTO_USER_API disabled [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,08/17] tests/notify: work with CONFIG_FANOTIFY disabled [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,07/17] test: overlayfs related tweaks [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,06/17] Makefile: add PHONY targets [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,05/17] tests: enable strictness for perl scripts [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,04/17] tests: port scripts to sh and please shellcheck [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,03/17] tools: quote command to prevent word splitting [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,02/17] Makefile: use $(MAKE) to pass options [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,01/17] Fix typos [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,44/44] selinux: fix inode initialization when no namespace is initialized SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,43/44] selinux: introduce a Kconfig option for SELinux namespaces SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,42/44] selinux: exempt creation of init SELinux namespace from limits SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,41/44] selinux: allow userspace to detect non-init SELinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,40/44] selinux: init inode from nearest initialized namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,39/44] selinux: defer inode init on current selinux state SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,38/44] selinux: convert nlmsg_sock_has_extended_perms() to namespace-aware SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,37/44] selinux: disallow writes to /sys/fs/selinux/user in non-init namespaces SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,36/44] selinux: set initial SID context for init to "kernel" in global SID table SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,35/44] selinux: split cred_ssid_has_perm() into two cases SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,34/44] selinux: make open_perms namespace-aware SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,33/44] selinux: refactor selinux_state_create() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,32/44] selinux: limit selinux netlink notifications to init namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,31/44] selinux: fix namespace creation SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,30/44] selinux: add limits for SELinux namespaces SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,29/44] selinux: switch selinux_lsm_setattr() checks to current namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,28/44] selinux: convert xfrm and netlabel permission checks SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,27/44] selinux: annotate process transition permission checks SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,26/44] selinux: annotate selinuxfs permission checks SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,25/44] selinux: introduce selinux_state_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,24/44] selinux: convert additional checks to cred_ssid_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,23/44] selinux: rename cred_has_perm*() to cred_tsid_has_perm*() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,22/44] selinux: convert selinux_file_send_sigiotask() to namespace-aware helper SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,21/44] selinux: add kerneldoc to new permission checking functions SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,20/44] selinux: update bprm hooks for selinux namespaces SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,19/44] selinux: fix selinux_lsm_getattr() check SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,18/44] selinux: introduce task_obj_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,17/44] selinux: introduce cred_ssid_has_perm() and cred_other_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,16/44] selinux: introduce cred_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,15/44] selinux: introduce cred_self_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,14/44] selinux: introduce cred_has_extended_perms() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
« 1 2 »