SELinux Development list

Show patches with: State = Action Required | Archived = No | 117 patches

« 1 2 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
selinux: Handle NULL return from selinux_inode in inode_security_rcu	selinux: Handle NULL return from selinux_inode in inode_security_rcu	- - -	---	2025-01-16	Ingyu Jang		New
[userspace] README: fix broken testsuite run status badge	[userspace] README: fix broken testsuite run status badge	1 - -	---	2025-01-16	Ondrej Mosnacek		New
[v2] libselinux: limit node depth while parsing compiled fcontexts	[v2] libselinux: limit node depth while parsing compiled fcontexts	- - -	---	2025-01-16	Christian Göttsche		New
[v2] semanage: improve -e documentation and fix delete operation	[v2] semanage: improve -e documentation and fix delete operation	- - -	---	2025-01-14	Christian Göttsche	bachradsusi	New
[RFC,v2,00/17] testsuite: misc fixes and virtme-ng support		- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,17/17] tests: drop headers from Makefile dependencies	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,16/17] tests: fail on compiler warnings and enable Wextra	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,15/17] tests: test code tweaks	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,14/17] defconfig: enable CONFIG_NETFILTER_NETLINK_LOG	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,13/17] defconfig: enable CONFIG_XFRM_USER	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,12/17] tests/filesystem: improve fsnotify check and preload loop module	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,11/17] tests/inet_socket: skip mptcp if not supported	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,10/17] tests/tun_tap: skip if not supported	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,09/17] tests/extended_socket_class: work with CONFIG_CRYPTO_USER_API disabled	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,08/17] tests/notify: work with CONFIG_FANOTIFY disabled	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,07/17] test: overlayfs related tweaks	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,06/17] Makefile: add PHONY targets	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,05/17] tests: enable strictness for perl scripts	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,04/17] tests: port scripts to sh and please shellcheck	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,03/17] tools: quote command to prevent word splitting	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,02/17] Makefile: use $(MAKE) to pass options	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,v2,01/17] Fix typos	[RFC,v2,01/17] Fix typos	- - -	---	2025-01-07	Christian Göttsche	omos	New
[RFC,44/44] selinux: fix inode initialization when no namespace is initialized	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,43/44] selinux: introduce a Kconfig option for SELinux namespaces	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,42/44] selinux: exempt creation of init SELinux namespace from limits	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,41/44] selinux: allow userspace to detect non-init SELinux namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,40/44] selinux: init inode from nearest initialized namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,39/44] selinux: defer inode init on current selinux state	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,38/44] selinux: convert nlmsg_sock_has_extended_perms() to namespace-aware	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,37/44] selinux: disallow writes to /sys/fs/selinux/user in non-init namespaces	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,36/44] selinux: set initial SID context for init to "kernel" in global SID table	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,35/44] selinux: split cred_ssid_has_perm() into two cases	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,34/44] selinux: make open_perms namespace-aware	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,33/44] selinux: refactor selinux_state_create()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,32/44] selinux: limit selinux netlink notifications to init namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,31/44] selinux: fix namespace creation	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,30/44] selinux: add limits for SELinux namespaces	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,29/44] selinux: switch selinux_lsm_setattr() checks to current namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,28/44] selinux: convert xfrm and netlabel permission checks	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,27/44] selinux: annotate process transition permission checks	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,26/44] selinux: annotate selinuxfs permission checks	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,25/44] selinux: introduce selinux_state_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,24/44] selinux: convert additional checks to cred_ssid_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,23/44] selinux: rename cred_has_perm() to cred_tsid_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,22/44] selinux: convert selinux_file_send_sigiotask() to namespace-aware helper	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,21/44] selinux: add kerneldoc to new permission checking functions	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,20/44] selinux: update bprm hooks for selinux namespaces	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,19/44] selinux: fix selinux_lsm_getattr() check	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,18/44] selinux: introduce task_obj_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,17/44] selinux: introduce cred_ssid_has_perm() and cred_other_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,16/44] selinux: introduce cred_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,15/44] selinux: introduce cred_self_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,14/44] selinux: introduce cred_has_extended_perms()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,13/44] selinux: introduce cred_task_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,12/44] selinux: update hook functions to use correct selinux namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,11/44] selinux: wrap security server interfaces to use the global SID table	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,10/44] selinux: introduce a global SID table	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,09/44] selinuxfs: restrict write operations to the same selinux namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,08/44] selinux: add a selinuxfs interface to unshare selinux namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,07/44] selinux: introduce cred_selinux_state() and use it	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,06/44] selinux: support per-task/cred selinux namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,05/44] netstate,selinux: create the selinux netlink socket per network namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,04/44] selinux: dynamically allocate selinux namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,03/44] selinux: support multiple selinuxfs instances	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,02/44] selinux: introduce current_selinux_state	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,01/44] selinux: restore passing of selinux_state	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
libselinux: avoid quadratic complexity for many regex specs validation	libselinux: avoid quadratic complexity for many regex specs validation	- - -	---	2024-12-30	Christian Göttsche	bachradsusi	New
libselinux: update max node depth	libselinux: update max node depth	- - -	---	2024-12-30	Christian Göttsche	bachradsusi	New
[linux-next,2/2] perf: Return EACCESS when need perfmon capability	Fix perf security check problem	- - -	---	2024-12-23	Luo Gengkun	pcmoore	Under Review
[linux-next,1/2] perf: Remove unnecessary parameter of security check	Fix perf security check problem	- - -	---	2024-12-23	Luo Gengkun	pcmoore	Under Review
[RFC,1/3] libsepol: update sort order for netifcon definitions	[RFC,1/3] libsepol: update sort order for netifcon definitions	- - -	---	2024-12-17	Christian Göttsche	bachradsusi	New
[RFC,3/3] secilc/test: add test for wildcard netifcon statement	[RFC,1/3] libsepol: update sort order for netifcon definitions	- - -	---	2024-12-17	Christian Göttsche	bachradsusi	New
[RFC,2/3] checkpolicy: add support for wildcard netifcon names	[RFC,1/3] libsepol: update sort order for netifcon definitions	- - -	---	2024-12-17	Christian Göttsche	bachradsusi	New
[RFC] selinux: support wildcard network interface names	[RFC] selinux: support wildcard network interface names	- - -	---	2024-12-17	Christian Göttsche	pcmoore	New
[RFC,v2,22/22] selinux: restrict policy strings	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,21/22] selinux: check for simple types	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,20/22] selinux: more strict bounds check	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,19/22] selinux: validate symbols	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,18/22] selinux: beef up isvalid checks	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,17/22] selinux: reorder policydb_index()	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,16/22] selinux: check type attr map overflows	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,15/22] selinux: introduce ebitmap_highest_set_bit()	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,14/22] selinux: pre-validate conditional expressions	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,13/22] selinux: validate constraints	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,12/22] selinux: check length fields in policies	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,11/22] selinux: more strict policy parsing	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,10/22] selinux: use u16 for security classes	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
selinux: Read sk->sk_family once in selinux_socket_bind()	selinux: Read sk->sk_family once in selinux_socket_bind()	1 - -	---	2024-12-12	Mikhail Ivanov	pcmoore	Under Review
selinux: support wildcard match in genfscon	selinux: support wildcard match in genfscon	- - -	---	2024-12-10	Takaya Saeki	pcmoore	Under Review
selinux: KASAN; slab-out-of-bounds in avc_lookup	selinux: KASAN; slab-out-of-bounds in avc_lookup	- - -	---	2024-12-10	Joey Jiao	pcmoore	Under Review
[17/17] tests: drop headers from Makefile dependencies	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[16/17] tests: fail on compiler warnings and enable Wextra	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[15/17] tests: test code tweaks	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[14/17] defconfig: enable CONFIG_NETFILTER_NETLINK_LOG	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[13/17] defconfig: enable CONFIG_XFRM_USER	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[12/17] tests/filesystem: improve fsnotify check and preload loop module	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[11/17] tests/inet_socket: skip mptcp if not supported	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[10/17] tests/tun_tap: skip if not supported	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[09/17] tests/extended_socket_class: work with CONFIG_CRYPTO_USER_API disabled	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[08/17] tests/notify: work with CONFIG_FANOTIFY disabled	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New

« 1 2 »