Show patches with: State = Action Required       |    Archived = No       |   72 patches
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,3/3] selinux: overhaul sidtab to fix bug and improve performance Fix ENOMEM errors during policy reload - - - 0 0 0 2018-11-13 Ondrej Mosnacek New
[RFC,2/3] selinux: use separate table for initial SID lookup Fix ENOMEM errors during policy reload - - - 0 0 0 2018-11-13 Ondrej Mosnacek New
[RFC,1/3] selinux: refactor sidtab conversion Fix ENOMEM errors during policy reload 1 - - 0 0 0 2018-11-13 Ondrej Mosnacek New
[v3] selinux: simplify mls_context_to_sid() [v3] selinux: simplify mls_context_to_sid() - - - 0 0 0 2018-11-12 Ondrej Mosnacek New
[v6,5/5] sidechannel: Linux Security Module for sidechannel LSM: Support ptrace sidechannel access checks - - - 0 0 0 2018-11-05 Casey Schaufler New
[v6,4/5] Capability: Complete PTRACE_MODE_SCHED LSM: Support ptrace sidechannel access checks - - - 0 0 0 2018-11-05 Casey Schaufler New
[v6,3/5] SELinux: Prepare for PTRACE_MODE_SCHED LSM: Support ptrace sidechannel access checks - - - 0 0 0 2018-11-05 Casey Schaufler New
[v6,2/5] Smack: Prepare for PTRACE_MODE_SCHED LSM: Support ptrace sidechannel access checks - - - 0 0 0 2018-11-05 Casey Schaufler New
[v6,1/5] AppArmor: Prepare for PTRACE_MODE_SCHED LSM: Support ptrace sidechannel access checks - - - 0 0 0 2018-11-05 Casey Schaufler New
[6/5] capability: Repair sidechannel test in ptrace LSM: Add and use a hook for side-channel safety checks - 1 - 0 0 0 2018-09-27 Casey Schaufler New
[21/19] LSM: Cleanup and fixes from Tetsuo Handa LSM: Module stacking for SARA and Landlock - - - 0 0 0 2018-09-26 Casey Schaufler New
[v4,20/19] LSM: Correct file blob free empty blob check LSM: Module stacking for SARA and Landlock - 1 - 0 0 0 2018-09-26 Casey Schaufler New
[security-next,v3,07/29] LSM: Convert security_initcall() into DEFINE_LSM() Untitled series #22821 - - - 0 0 0 2018-09-25 Kees Cook New
[10/34] selinux: Implement the new mount API LSM hooks [ver #12] VFS: Introduce filesystem context [ver #12] - - - 0 0 0 2018-09-21 David Howells New
[RFC] selinux: add a fallback to defcontext for native labeling [RFC] selinux: add a fallback to defcontext for native labeling - - - 0 0 0 2018-09-19 Jann Horn via Selinux New
[10/10] LSM: Blob sharing support for S.A.R.A and LandLock LSM: Module stacking in support of S.A.R.A and Landlock - - - 0 0 0 2018-09-11 Casey Schaufler New
[09/10] LSM: Infrastructure management of the inode security LSM: Module stacking in support of S.A.R.A and Landlock - - - 0 0 0 2018-09-11 Casey Schaufler New
[08/10] Smack: Abstract use of inode security blob LSM: Module stacking in support of S.A.R.A and Landlock - 1 - 0 0 0 2018-09-11 Casey Schaufler New
[07/10] SELinux: Abstract use of inode security blob LSM: Module stacking in support of S.A.R.A and Landlock - 1 - 0 0 0 2018-09-11 Casey Schaufler New
[06/10] LSM: Infrastructure management of the file security blob LSM: Module stacking in support of S.A.R.A and Landlock - - - 0 0 0 2018-09-11 Casey Schaufler New
[05/10] SELinux: Abstract use of file security blob LSM: Module stacking in support of S.A.R.A and Landlock - 1 - 0 0 0 2018-09-11 Casey Schaufler New
[04/10] LSM: Infrastructure management of the cred security blob LSM: Module stacking in support of S.A.R.A and Landlock - - - 0 0 0 2018-09-11 Casey Schaufler New
[03/10] SELinux: Abstract use of cred security blob LSM: Module stacking in support of S.A.R.A and Landlock - 1 - 0 0 0 2018-09-11 Casey Schaufler New
[02/10] Smack: Abstract use of cred security blob LSM: Module stacking in support of S.A.R.A and Landlock - - - 0 0 0 2018-09-11 Casey Schaufler New
[01/10] procfs: add smack subdir to attrs LSM: Module stacking in support of S.A.R.A and Landlock - 1 - 0 0 0 2018-09-11 Casey Schaufler New
[RFC,net-next,01/15] net: Reserve protocol numbers for LoRa - - - 0 0 0 2018-07-01 Andreas Färber New
[-next] security: use octal not symbolic permissions 1 - - 0 0 0 2018-06-11 Joe Perches New
[V3,5/5,selinux-next] selinux: Switch to rcu read locks for avc_compute - - - 0 0 0 2018-05-30 peter enderborg New
[V3,4/5,selinux-next] selinux: seqno separation - - - 0 0 0 2018-05-30 peter enderborg New
[V3,3/5,selinux-next] selinux: sidtab_clone switch to use rwlock. - - - 0 0 0 2018-05-30 peter enderborg New
[V3,2/5,selinux-next] selinux: Introduce selinux_ruleset struct - - - 0 0 0 2018-05-30 peter enderborg New
[V3,1/5,selinux-next] selinux: Make allocation atomic in policydb objects functions. - - - 0 0 0 2018-05-30 peter enderborg New
[15/18] security: Remove pr_fmt duplicate logging prefixes 1 - - 0 0 0 2018-05-10 Joe Perches New
[Fwd:,[PATCH,v2,14/15] selinux: allow setxattr on rootfs so initramfs code can set them] - - - 0 0 0 2018-01-25 Stephen Smalley New
[Fwd:,[PATCH,v2,15/15] selinux: delay sid population for rootfs till init is complete] - - - 0 0 0 2018-01-25 Stephen Smalley New
[RFC,v0.2] selinuxns: extend namespace support to security.selinux xattrs - - - 0 0 0 2017-11-21 James Morris New
selinux-testsuite: inet_socket: test xfrm state selectors - - - 0 0 0 2017-10-30 Stephen Smalley New
Additional tests for long-time supported netlink classes - - - 0 0 0 2017-07-13 Milos Malik New
[v6,2/2] selinux: expose policy brief via selinuxfs - - - 0 0 0 2017-05-17 Sebastien Buisson New
[v6,1/2] selinux: add brief info to policydb - - - 0 0 0 2017-05-17 Sebastien Buisson New
selinux-testsuite: capable_file: Add dac_override and dac_read_search tests - - - 0 0 0 2017-03-02 Stephen Smalley New
[v4,21/21] fuse: Allow user namespace mounts - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,20/21] fuse: Restrict allow_other to the superblock's namespace or a descendant - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,15/21] fs: Don't remove suid for CAP_FSETID in s_user_ns - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 1 - 0 0 0 2016-04-26 Seth Forshee New
[v4,09/21] Smack: Handle labels consistently in untrusted mounts - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,07/21] selinux: Add support for unprivileged mounts from user namespaces - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,06/21] fs: Treat foreign mounts as nosuid - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,05/21] block_dev: Check permissions towards block device inode when mounting - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,01/21] fs: fix a posible leak of allocated superblock - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - 0 0 0 2016-04-26 Seth Forshee New