SELinux Development list

Show patches with: State = Action Required | Archived = No | 65 patches

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
libselpol: Sort portcon rules consistently	libselpol: Sort portcon rules consistently	1 - -	0 0 0	2020-05-28	James Carter		New
[v4] selinux: allow reading labels before policy is loaded	[v4] selinux: allow reading labels before policy is loaded	1 - -	0 0 0	2020-05-28	Jonathan Lebon		New
[v2,3/3] sepolgen-ifgen: refactor default policy path retrieval	[v2,1/3] sepolgen: parse gen_tunable as bool	- - -	0 0 0	2020-05-28	Christian Göttsche		New
[v2,2/3] refparser: add missing newline after error message	[v2,1/3] sepolgen: parse gen_tunable as bool	1 - -	0 0 0	2020-05-28	Christian Göttsche		New
[v2,1/3] sepolgen: parse gen_tunable as bool	[v2,1/3] sepolgen: parse gen_tunable as bool	- - -	0 0 0	2020-05-28	Christian Göttsche		New
Add restorecon -x opt to not cross FS boundaries (cf github #208)	Add restorecon -x opt to not cross FS boundaries (cf github #208)	- - -	0 0 0	2020-05-26	Peter Whittaker		New
semanage bash completion: handle semanage module #246	semanage bash completion: handle semanage module #246	- - -	0 0 0	2020-05-25	Topi Miettinen		New
checkpolicy: Minor tweaks to the names of the contributors to the manpages	checkpolicy: Minor tweaks to the names of the contributors to the manpages	1 - -	0 0 0	2020-05-25	Andrej Shadura		New
capabilities: Introduce CAP_RESTORE	capabilities: Introduce CAP_RESTORE	- - -	0 0 0	2020-05-22	Adrian Reber		New
[v2] ci: run SELinux kernel test suite	[v2] ci: run SELinux kernel test suite	- - -	0 0 0	2020-05-20	William Roberts		New
[RFC,V2] selinux-testsuite: Add check for key changes on watch_queue	[RFC,V2] selinux-testsuite: Add check for key changes on watch_queue	- - -	0 0 0	2020-05-15	Richard Haines	omos	Under Review
[v3] secilc/docs: fix use of TMPDIR	[v3] secilc/docs: fix use of TMPDIR	1 - -	0 0 0	2020-05-15	Topi Miettinen		New
[v17,23/23] AppArmor: Remove the exclusive flag	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,22/23] LSM: Add /proc attr entry for full LSM context	LSM: Module stacking for AppArmor	- 1 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,21/23] Audit: Add a new record for multiple object LSM attributes	LSM: Module stacking for AppArmor	- 1 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,20/23] Audit: Add a new record for multiple subject LSM attributes	LSM: Module stacking for AppArmor	- 1 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,19/23] LSM: Verify LSM display sanity in binder	LSM: Module stacking for AppArmor	1 1 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,18/23] NET: Store LSM netlabel data in a lsmblob	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,17/23] LSM: security_secid_to_secctx in netlink netfilter	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,16/23] LSM: Use lsmcontext in security_inode_getsecctx	LSM: Module stacking for AppArmor	1 - -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,15/23] LSM: Use lsmcontext in security_secid_to_secctx	LSM: Module stacking for AppArmor	2 1 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,14/23] LSM: Ensure the correct LSM context releaser	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,13/23] LSM: Specify which LSM to display	LSM: Module stacking for AppArmor	2 1 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,12/23] IMA: Change internal interfaces to use lsmblobs	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,11/23] LSM: Use lsmblob in security_cred_getsecid	LSM: Module stacking for AppArmor	2 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,10/23] LSM: Use lsmblob in security_inode_getsecid	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,09/23] LSM: Use lsmblob in security_task_getsecid	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,08/23] LSM: Use lsmblob in security_ipc_getsecid	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,07/23] LSM: Use lsmblob in security_secid_to_secctx	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,06/23] Use lsmblob in security_secctx_to_secid	LSM: Module stacking for AppArmor	- 1 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,05/23] net: Prepare UDS for security module stacking	LSM: Module stacking for AppArmor	- 1 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,04/23] LSM: Use lsmblob in security_kernel_act_as	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,03/23] LSM: Use lsmblob in security_audit_rule_match	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,02/23] LSM: Create and manage the lsmblob data structure.	LSM: Module stacking for AppArmor	2 - -	0 0 0	2020-05-14	Casey Schaufler		New
[v17,01/23] LSM: Infrastructure management of the sock security	LSM: Module stacking for AppArmor	2 2 -	0 0 0	2020-05-14	Casey Schaufler		New
keys: Move permissions checking decisions into the checking code	keys: Move permissions checking decisions into the checking code	- - -	0 0 0	2020-05-14	David Howells		New
[3/3] fs: move kernel_read*() calls to its own symbol namespace	fs: reduce export usage of kerne_read*() calls	- - -	0 0 0	2020-05-13	Luis Chamberlain		New
[2/3] security: add symbol namespace for reading file data	fs: reduce export usage of kerne_read*() calls	- - -	0 0 0	2020-05-13	Luis Chamberlain		New
[1/3] fs: unexport kernel_read_file()	fs: reduce export usage of kerne_read*() calls	- - -	0 0 0	2020-05-13	Luis Chamberlain		New
chcat: don't crash if access to binary policy is prohibited	chcat: don't crash if access to binary policy is prohibited	- - -	0 0 0	2020-05-09	bauen1		New
[v2,3/3] selinux: complete the inlining of hashtab functions	Inline some hashtab functions to improve performance	- - -	0 0 0	2020-05-04	Ondrej Mosnacek		New
[v2,2/3] selinux: prepare for inlining of hashtab functions	Inline some hashtab functions to improve performance	- - -	0 0 0	2020-05-04	Ondrej Mosnacek		New
[v2,1/3] selinux: specialize symtab insert and search functions	Inline some hashtab functions to improve performance	- - -	0 0 0	2020-05-04	Ondrej Mosnacek		New
[v3,2/2] libsepol: implement POLICYDB_VERSION_COMP_FTRANS	userspace: Implement new format of filename trans rules	- - -	0 0 0	2020-05-02	Ondrej Mosnacek		New
[v3,1/2] libsepol,checkpolicy: optimize storage of filename transitions	userspace: Implement new format of filename trans rules	- - -	0 0 0	2020-05-02	Ondrej Mosnacek		New
[v3,3/3] perf docs: introduce security.txt file to document related issues	perf: make Perf tool aware of SELinux access control	- - -	0 0 0	2020-04-30	Alexey Budankov		New
[v3,2/3] perf tool: make Perf tool aware of SELinux access control	perf: make Perf tool aware of SELinux access control	- - -	0 0 0	2020-04-30	Alexey Budankov		New
[v3,1/3] perf docs: extend CAP_SYS_ADMIN with CAP_PERFMON where needed	perf: make Perf tool aware of SELinux access control	- - -	0 0 0	2020-04-30	Alexey Budankov		New
[v3,3/3] perf docs: introduce security.txt file to document related issues	perf: make Perf tool aware of SELinux access control	- - -	0 0 0	2020-04-24	Alexey Budankov		New
[v3,2/3] perf tool: make Perf tool aware of SELinux access control	perf: make Perf tool aware of SELinux access control	- - -	0 0 0	2020-04-24	Alexey Budankov		New
[v3,1/3] perf docs: extend CAP_SYS_ADMIN with CAP_PERFMON where needed	perf: make Perf tool aware of SELinux access control	- - -	0 0 0	2020-04-24	Alexey Budankov		New
[RFC] selinux-testsuite: Run tests using remote server	[RFC] selinux-testsuite: Run tests using remote server	- - -	0 0 0	2020-04-20	Richard Haines	omos	Under Review
[v5,3/3] Wire UFFD up to SELinux	SELinux support for anonymous inodes and UFFD	- - -	0 0 0	2020-04-01	Daniel Colascione		New
[v5,2/3] Teach SELinux about anonymous inodes	SELinux support for anonymous inodes and UFFD	- - -	0 0 0	2020-04-01	Daniel Colascione		New
[v5,1/3] Add a new LSM-supporting anonymous inode interface	SELinux support for anonymous inodes and UFFD	- - -	0 0 0	2020-04-01	Daniel Colascione		New
[RFC,5/5] selinux-testsuite: add testing for unprivileged sandboxing capability	[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil	- - -	0 0 0	2020-03-13	Stephen Smalley		New
[RFC,4/5] selinux-testsuite: add tests/sandbox/rxdir_rx_allow.cil	[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil	- - -	0 0 0	2020-03-13	Stephen Smalley		New
[RFC,3/5] selinux-testsuite: add tests/sandbox/rxdir_no_allow.cil	[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil	- - -	0 0 0	2020-03-13	Stephen Smalley		New
[RFC,2/5] selinux-testsuite: add tests/sandbox/nodir_rx_allow.cil	[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil	- - -	0 0 0	2020-03-13	Stephen Smalley		New
[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil	[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil	- - -	0 0 0	2020-03-13	Stephen Smalley		New
[RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability	[RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability	- - -	0 0 0	2020-03-13	Stephen Smalley		New
[RFC] selinux: add unprivileged sandboxing capability	[RFC] selinux: add unprivileged sandboxing capability	- - -	0 0 0	2020-03-13	Stephen Smalley		New
security/selinux: Add support for new key permissions	security/selinux: Add support for new key permissions	- - -	0 0 0	2020-02-03	Richard Haines		New
[RFC,v3] security,capability: pass object information to security_capable	[RFC,v3] security,capability: pass object information to security_capable	- - -	0 0 0	2019-08-15	Aaron Goidel		New
[RFC] audit, security: allow LSMs to selectively enable audit collection	[RFC] audit, security: allow LSMs to selectively enable audit collection	- - -	0 0 0	2019-08-15	Aaron Goidel		New