Show patches with: State = Action Required       |    Archived = No       |   108 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v2] libsemanage: create semanage_basename to ensure posix compliance [v2] libsemanage: create semanage_basename to ensure posix compliance - - - --- 2025-02-21 Rahul Sandhu New
libsemanage: define basename macro for non-glibc systems libsemanage: define basename macro for non-glibc systems - - - --- 2025-02-20 Rahul Sandhu New
libselinux: warn on identical duplicate properties libselinux: warn on identical duplicate properties - - - --- 2025-02-13 Thiébaud Weksteen New
Switch from bison name-prefix to api.prefix Switch from bison name-prefix to api.prefix - - - --- 2025-02-12 Daniel Burgener New
[v3] Support static-only builds [v3] Support static-only builds - - - --- 2025-02-11 Alyssa Ross New
[v2] selinux: add permission checks for loading other kinds of kernel files [v2] selinux: add permission checks for loading other kinds of kernel files 1 - - --- 2025-02-11 kippndavis.work@gmx.com New
[testsuite] policy,tests: add tests for new permissions for loading files/data [testsuite] policy,tests: add tests for new permissions for loading files/data - - - --- 2025-02-05 kippndavis.work@gmx.com omos New
[4/4] libselinux: limit fcontext regex path length [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[3/4] libselinux: initialize regex arch string in a thread safe way [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[2/4] libselinux: use local instead of global error buffer [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[1/4] libselinux: constify global strings [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[RFC,2/2] libsemanage: Set new restorecon handle before doing restorecon Possible solution to possible regression - - - --- 2025-01-22 James Carter bachradsusi New
[RFC,1/2] libselinux: Close old selabel handle when setting a new one Possible solution to possible regression - - - --- 2025-01-22 James Carter bachradsusi New
[v2] libselinux: limit node depth while parsing compiled fcontexts [v2] libselinux: limit node depth while parsing compiled fcontexts - - - --- 2025-01-16 Christian Göttsche bachradsusi New
[v2] semanage: improve -e documentation and fix delete operation [v2] semanage: improve -e documentation and fix delete operation - - - --- 2025-01-14 Christian Göttsche bachradsusi New
[RFC,v2,00/17] testsuite: misc fixes and virtme-ng support - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,17/17] tests: drop headers from Makefile dependencies [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,16/17] tests: fail on compiler warnings and enable Wextra [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,15/17] tests: test code tweaks [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,14/17] defconfig: enable CONFIG_NETFILTER_NETLINK_LOG [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,13/17] defconfig: enable CONFIG_XFRM_USER [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,12/17] tests/filesystem: improve fsnotify check and preload loop module [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,11/17] tests/inet_socket: skip mptcp if not supported [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,10/17] tests/tun_tap: skip if not supported [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,09/17] tests/extended_socket_class: work with CONFIG_CRYPTO_USER_API disabled [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,08/17] tests/notify: work with CONFIG_FANOTIFY disabled [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,07/17] test: overlayfs related tweaks [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,06/17] Makefile: add PHONY targets [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,05/17] tests: enable strictness for perl scripts [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,04/17] tests: port scripts to sh and please shellcheck [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,03/17] tools: quote command to prevent word splitting [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,02/17] Makefile: use $(MAKE) to pass options [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,01/17] Fix typos [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,44/44] selinux: fix inode initialization when no namespace is initialized SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,43/44] selinux: introduce a Kconfig option for SELinux namespaces SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,42/44] selinux: exempt creation of init SELinux namespace from limits SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,41/44] selinux: allow userspace to detect non-init SELinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,40/44] selinux: init inode from nearest initialized namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,39/44] selinux: defer inode init on current selinux state SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,38/44] selinux: convert nlmsg_sock_has_extended_perms() to namespace-aware SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,37/44] selinux: disallow writes to /sys/fs/selinux/user in non-init namespaces SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,36/44] selinux: set initial SID context for init to "kernel" in global SID table SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,35/44] selinux: split cred_ssid_has_perm() into two cases SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,34/44] selinux: make open_perms namespace-aware SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,33/44] selinux: refactor selinux_state_create() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,32/44] selinux: limit selinux netlink notifications to init namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,31/44] selinux: fix namespace creation SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,30/44] selinux: add limits for SELinux namespaces SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,29/44] selinux: switch selinux_lsm_setattr() checks to current namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,28/44] selinux: convert xfrm and netlabel permission checks SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,27/44] selinux: annotate process transition permission checks SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,26/44] selinux: annotate selinuxfs permission checks SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,25/44] selinux: introduce selinux_state_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,24/44] selinux: convert additional checks to cred_ssid_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,23/44] selinux: rename cred_has_perm*() to cred_tsid_has_perm*() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,22/44] selinux: convert selinux_file_send_sigiotask() to namespace-aware helper SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,21/44] selinux: add kerneldoc to new permission checking functions SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,20/44] selinux: update bprm hooks for selinux namespaces SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,19/44] selinux: fix selinux_lsm_getattr() check SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,18/44] selinux: introduce task_obj_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,17/44] selinux: introduce cred_ssid_has_perm() and cred_other_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,16/44] selinux: introduce cred_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,15/44] selinux: introduce cred_self_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,14/44] selinux: introduce cred_has_extended_perms() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,13/44] selinux: introduce cred_task_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,12/44] selinux: update hook functions to use correct selinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,11/44] selinux: wrap security server interfaces to use the global SID table SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,10/44] selinux: introduce a global SID table SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,09/44] selinuxfs: restrict write operations to the same selinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,08/44] selinux: add a selinuxfs interface to unshare selinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,07/44] selinux: introduce cred_selinux_state() and use it SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,06/44] selinux: support per-task/cred selinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,05/44] netstate,selinux: create the selinux netlink socket per network namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,04/44] selinux: dynamically allocate selinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,03/44] selinux: support multiple selinuxfs instances SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,02/44] selinux: introduce current_selinux_state SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,01/44] selinux: restore passing of selinux_state SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
libselinux: avoid quadratic complexity for many regex specs validation libselinux: avoid quadratic complexity for many regex specs validation - - - --- 2024-12-30 Christian Göttsche bachradsusi New
libselinux: update max node depth libselinux: update max node depth - - - --- 2024-12-30 Christian Göttsche bachradsusi New
[linux-next,2/2] perf: Return EACCESS when need perfmon capability Fix perf security check problem - - - --- 2024-12-23 Luo Gengkun pcmoore Under Review
[linux-next,1/2] perf: Remove unnecessary parameter of security check Fix perf security check problem - - - --- 2024-12-23 Luo Gengkun pcmoore Under Review
[RFC,1/3] libsepol: update sort order for netifcon definitions [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC,3/3] secilc/test: add test for wildcard netifcon statement [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC,2/3] checkpolicy: add support for wildcard netifcon names [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC] selinux: support wildcard network interface names [RFC] selinux: support wildcard network interface names - - - --- 2024-12-17 Christian Göttsche pcmoore New
[RFC,v2,22/22] selinux: restrict policy strings [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,21/22] selinux: check for simple types [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,20/22] selinux: more strict bounds check [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,19/22] selinux: validate symbols [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,18/22] selinux: beef up isvalid checks [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,17/22] selinux: reorder policydb_index() [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,16/22] selinux: check type attr map overflows [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,15/22] selinux: introduce ebitmap_highest_set_bit() [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,14/22] selinux: pre-validate conditional expressions [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,13/22] selinux: validate constraints [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,12/22] selinux: check length fields in policies [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,11/22] selinux: more strict policy parsing [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,10/22] selinux: use u16 for security classes [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
selinux: Read sk->sk_family once in selinux_socket_bind() selinux: Read sk->sk_family once in selinux_socket_bind() 1 - - --- 2024-12-12 Mikhail Ivanov pcmoore Under Review
selinux: support wildcard match in genfscon selinux: support wildcard match in genfscon - - - --- 2024-12-10 Takaya Saeki pcmoore Under Review
« 1 2 »