Toggle navigation
Patchwork
SELinux Development list
Patches
Bundles
About this project
Login
Register
Mail settings
Show patches with
: State =
Action Required
| Archived =
No
| 72 patches
Series
Submitter
State
any
Action Required
New
Under Review
Accepted
Rejected
RFC
Not Applicable
Changes Requested
Awaiting Upstream
Superseded
Deferred
Search
Archived
No
Yes
Both
Delegate
Apply
Patch
Series
A/R/T
S/W/F
Date
Submitter
Delegate
State
[RFC,3/3] selinux: overhaul sidtab to fix bug and improve performance
Fix ENOMEM errors during policy reload
- - -
0 0 0
2018-11-13
Ondrej Mosnacek
New
[RFC,2/3] selinux: use separate table for initial SID lookup
Fix ENOMEM errors during policy reload
- - -
0 0 0
2018-11-13
Ondrej Mosnacek
New
[RFC,1/3] selinux: refactor sidtab conversion
Fix ENOMEM errors during policy reload
1 - -
0 0 0
2018-11-13
Ondrej Mosnacek
New
[v3] selinux: simplify mls_context_to_sid()
[v3] selinux: simplify mls_context_to_sid()
- - -
0 0 0
2018-11-12
Ondrej Mosnacek
New
[v6,5/5] sidechannel: Linux Security Module for sidechannel
LSM: Support ptrace sidechannel access checks
- - -
0 0 0
2018-11-05
Casey Schaufler
New
[v6,4/5] Capability: Complete PTRACE_MODE_SCHED
LSM: Support ptrace sidechannel access checks
- - -
0 0 0
2018-11-05
Casey Schaufler
New
[v6,3/5] SELinux: Prepare for PTRACE_MODE_SCHED
LSM: Support ptrace sidechannel access checks
- - -
0 0 0
2018-11-05
Casey Schaufler
New
[v6,2/5] Smack: Prepare for PTRACE_MODE_SCHED
LSM: Support ptrace sidechannel access checks
- - -
0 0 0
2018-11-05
Casey Schaufler
New
[v6,1/5] AppArmor: Prepare for PTRACE_MODE_SCHED
LSM: Support ptrace sidechannel access checks
- - -
0 0 0
2018-11-05
Casey Schaufler
New
[6/5] capability: Repair sidechannel test in ptrace
LSM: Add and use a hook for side-channel safety checks
- 1 -
0 0 0
2018-09-27
Casey Schaufler
New
[21/19] LSM: Cleanup and fixes from Tetsuo Handa
LSM: Module stacking for SARA and Landlock
- - -
0 0 0
2018-09-26
Casey Schaufler
New
[v4,20/19] LSM: Correct file blob free empty blob check
LSM: Module stacking for SARA and Landlock
- 1 -
0 0 0
2018-09-26
Casey Schaufler
New
[security-next,v3,07/29] LSM: Convert security_initcall() into DEFINE_LSM()
Untitled series #22821
- - -
0 0 0
2018-09-25
Kees Cook
New
[10/34] selinux: Implement the new mount API LSM hooks [ver #12]
VFS: Introduce filesystem context [ver #12]
- - -
0 0 0
2018-09-21
David Howells
New
[RFC] selinux: add a fallback to defcontext for native labeling
[RFC] selinux: add a fallback to defcontext for native labeling
- - -
0 0 0
2018-09-19
Jann Horn via Selinux
New
[10/10] LSM: Blob sharing support for S.A.R.A and LandLock
LSM: Module stacking in support of S.A.R.A and Landlock
- - -
0 0 0
2018-09-11
Casey Schaufler
New
[09/10] LSM: Infrastructure management of the inode security
LSM: Module stacking in support of S.A.R.A and Landlock
- - -
0 0 0
2018-09-11
Casey Schaufler
New
[08/10] Smack: Abstract use of inode security blob
LSM: Module stacking in support of S.A.R.A and Landlock
- 1 -
0 0 0
2018-09-11
Casey Schaufler
New
[07/10] SELinux: Abstract use of inode security blob
LSM: Module stacking in support of S.A.R.A and Landlock
- 1 -
0 0 0
2018-09-11
Casey Schaufler
New
[06/10] LSM: Infrastructure management of the file security blob
LSM: Module stacking in support of S.A.R.A and Landlock
- - -
0 0 0
2018-09-11
Casey Schaufler
New
[05/10] SELinux: Abstract use of file security blob
LSM: Module stacking in support of S.A.R.A and Landlock
- 1 -
0 0 0
2018-09-11
Casey Schaufler
New
[04/10] LSM: Infrastructure management of the cred security blob
LSM: Module stacking in support of S.A.R.A and Landlock
- - -
0 0 0
2018-09-11
Casey Schaufler
New
[03/10] SELinux: Abstract use of cred security blob
LSM: Module stacking in support of S.A.R.A and Landlock
- 1 -
0 0 0
2018-09-11
Casey Schaufler
New
[02/10] Smack: Abstract use of cred security blob
LSM: Module stacking in support of S.A.R.A and Landlock
- - -
0 0 0
2018-09-11
Casey Schaufler
New
[01/10] procfs: add smack subdir to attrs
LSM: Module stacking in support of S.A.R.A and Landlock
- 1 -
0 0 0
2018-09-11
Casey Schaufler
New
[RFC,net-next,01/15] net: Reserve protocol numbers for LoRa
- - -
0 0 0
2018-07-01
Andreas Färber
New
[-next] security: use octal not symbolic permissions
1 - -
0 0 0
2018-06-11
Joe Perches
New
[V3,5/5,selinux-next] selinux: Switch to rcu read locks for avc_compute
- - -
0 0 0
2018-05-30
peter enderborg
New
[V3,4/5,selinux-next] selinux: seqno separation
- - -
0 0 0
2018-05-30
peter enderborg
New
[V3,3/5,selinux-next] selinux: sidtab_clone switch to use rwlock.
- - -
0 0 0
2018-05-30
peter enderborg
New
[V3,2/5,selinux-next] selinux: Introduce selinux_ruleset struct
- - -
0 0 0
2018-05-30
peter enderborg
New
[V3,1/5,selinux-next] selinux: Make allocation atomic in policydb objects functions.
- - -
0 0 0
2018-05-30
peter enderborg
New
[15/18] security: Remove pr_fmt duplicate logging prefixes
1 - -
0 0 0
2018-05-10
Joe Perches
New
[Fwd:,[PATCH,v2,14/15] selinux: allow setxattr on rootfs so initramfs code can set them]
- - -
0 0 0
2018-01-25
Stephen Smalley
New
[Fwd:,[PATCH,v2,15/15] selinux: delay sid population for rootfs till init is complete]
- - -
0 0 0
2018-01-25
Stephen Smalley
New
[RFC,v0.2] selinuxns: extend namespace support to security.selinux xattrs
- - -
0 0 0
2017-11-21
James Morris
New
selinux-testsuite: inet_socket: test xfrm state selectors
- - -
0 0 0
2017-10-30
Stephen Smalley
New
Additional tests for long-time supported netlink classes
- - -
0 0 0
2017-07-13
Milos Malik
New
[v6,2/2] selinux: expose policy brief via selinuxfs
- - -
0 0 0
2017-05-17
Sebastien Buisson
New
[v6,1/2] selinux: add brief info to policydb
- - -
0 0 0
2017-05-17
Sebastien Buisson
New
selinux-testsuite: capable_file: Add dac_override and dac_read_search tests
- - -
0 0 0
2017-03-02
Stephen Smalley
New
[v4,21/21] fuse: Allow user namespace mounts
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,20/21] fuse: Restrict allow_other to the superblock's namespace or a descendant
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,18/21] fuse: Add support for pid namespaces
1 - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb()
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,15/21] fs: Don't remove suid for CAP_FSETID in s_user_ns
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as()
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link()
1 1 -
0 0 0
2016-04-26
Seth Forshee
New
[v4,09/21] Smack: Handle labels consistently in untrusted mounts
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,08/21] userns: Replace in_userns with current_in_userns
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,07/21] selinux: Add support for unprivileged mounts from user namespaces
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,06/21] fs: Treat foreign mounts as nosuid
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,05/21] block_dev: Check permissions towards block device inode when mounting
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev()
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible()
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,01/21] fs: fix a posible leak of allocated superblock
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,18/21] fuse: Add support for pid namespaces
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb()
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as()
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link()
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,08/21] userns: Replace in_userns with current_in_userns
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev()
- - -
0 0 0
2016-04-26
Seth Forshee
New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible()
- - -
0 0 0
2016-04-26
Seth Forshee
New