Show patches with: State = Action Required       |   137 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[testsuite,v2] tests: make kernel iptables support optional [testsuite,v2] tests: make kernel iptables support optional - - - --- 2021-10-25 Ondrej Mosnacek New
[net,4/4] security: implement sctp_assoc_established hook in selinux security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
[net,3/4] security: add sctp_assoc_established hook security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
[net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
[net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long New
sctp: initialize endpoint LSM labels also on the client side sctp: initialize endpoint LSM labels also on the client side - - - --- 2021-10-21 Ondrej Mosnacek New
libsepol: avoid passing NULL pointer to memcpy libsepol: avoid passing NULL pointer to memcpy - - - --- 2021-10-21 Christian Göttsche New
[v2] libselinux: use valid address to silence glibc 2.34 warnings [v2] libselinux: use valid address to silence glibc 2.34 warnings - - - --- 2021-10-21 Christian Göttsche New
[v2,3/3] libsemanage/tests: free memory [v2,1/3] libsepol: do not pass NULL to memcpy - - - --- 2021-10-19 Christian Göttsche New
[v2,2/3] libsemanage: do not sort empty records [v2,1/3] libsepol: do not pass NULL to memcpy - - - --- 2021-10-19 Christian Göttsche New
[v2,1/3] libsepol: do not pass NULL to memcpy [v2,1/3] libsepol: do not pass NULL to memcpy - - - --- 2021-10-19 Christian Göttsche New
[userspace,v3,7/7] setfiles/restorecon: support parallel relabeling Parallel setfiles/restorecon - - - --- 2021-10-19 Ondrej Mosnacek New
[userspace,v3,6/7] selinux_restorecon: introduce selinux_restorecon_parallel(3) Parallel setfiles/restorecon - - - --- 2021-10-19 Ondrej Mosnacek New
[userspace,v3,5/7] selinux_restorecon: add a global mutex to synchronize progress output Parallel setfiles/restorecon - - - --- 2021-10-19 Ondrej Mosnacek New
[userspace,v3,4/7] libselinux: make selinux_log() thread-safe Parallel setfiles/restorecon - - - --- 2021-10-19 Ondrej Mosnacek New
[userspace,v3,3/7] selinux_restorecon: protect file_spec list with a mutex Parallel setfiles/restorecon - - - --- 2021-10-19 Ondrej Mosnacek New
[userspace,v3,2/7] selinux_restorecon: simplify fl_head allocation by using calloc() Parallel setfiles/restorecon - - - --- 2021-10-19 Ondrej Mosnacek New
[userspace,v3,1/7] label_file: fix a data race Parallel setfiles/restorecon - - - --- 2021-10-19 Ondrej Mosnacek New
libselinux: use dummy variable to silence glibc 2.34 warnings libselinux: use dummy variable to silence glibc 2.34 warnings - - - --- 2021-10-15 Christian Göttsche New
[userspace] README: update continuous integration badges [userspace] README: update continuous integration badges 1 - - --- 2021-09-27 Nicolas Iooss New
[userspace] GitHub Actions: do not use macOS latest runner for now [userspace] GitHub Actions: do not use macOS latest runner for now 1 - - --- 2021-09-27 Nicolas Iooss New
[setools] __init__.py: Make NetworkX dep optional [setools] __init__.py: Make NetworkX dep optional - - - --- 2021-09-19 Jason Zaman New
cil_container_statements.md: clarify in-statement limitations cil_container_statements.md: clarify in-statement limitations - - - --- 2021-08-12 Dominick Grift New
[SYSTEMD,7/7] core: tweak job_type_to_access_method SELinux permissions Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,6/7] core: avoid bypasses in D-BUS SELinux filter Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,5/7] core: implement the sd-bus generic callback for SELinux Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,4/7] core: add support for MAC checks on unit install operations Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,3/7] selinux: mark _mac_selinux_generic_access_check with leading underscore Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,2/7] selinux: improve debug log format Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,1/7] selinux: add function name to audit data Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
libsepol regressions libsepol regressions - - - --- 2021-08-01 Dominick Grift New
[v2] libsepol/cil: move the fuzz target and build script to the selinux repository [v2] libsepol/cil: move the fuzz target and build script to the selinux repository 1 - - --- 2021-07-15 Evgeny Vereshchagin New
[2/2] README: add OSS-Fuzz/CIFuzz badges [1/2] ci: turn on CIFuzz - - - --- 2021-07-10 Evgeny Vereshchagin New
[1/2] ci: turn on CIFuzz [1/2] ci: turn on CIFuzz 1 - - --- 2021-07-10 Evgeny Vereshchagin New
[v2] checkpolicy: fix the leak memory when uses xperms [v2] checkpolicy: fix the leak memory when uses xperms - - 1 --- 2021-06-01 liwugang New
selinux: make use of variables when defining libdir and includedir selinux: make use of variables when defining libdir and includedir - - - --- 2020-07-16 W. Michael Petullo New
[v4,21/21] fuse: Allow user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,20/21] fuse: Restrict allow_other to the superblock's namespace or a descendant 2 - - --- 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - --- 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs 2 - - --- 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - --- 2016-04-26 Seth Forshee New
[v4,15/21] fs: Don't remove suid for CAP_FSETID in s_user_ns 1 - - --- 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - --- 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns 1 - - --- 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - --- 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 1 - --- 2016-04-26 Seth Forshee New
[v4,09/21] Smack: Handle labels consistently in untrusted mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - --- 2016-04-26 Seth Forshee New
[v4,07/21] selinux: Add support for unprivileged mounts from user namespaces 2 - - --- 2016-04-26 Seth Forshee New
[v4,06/21] fs: Treat foreign mounts as nosuid 2 - - --- 2016-04-26 Seth Forshee New
[v4,05/21] block_dev: Check permissions towards block device inode when mounting 1 - - --- 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - --- 2016-04-26 Seth Forshee New
[v4,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - --- 2016-04-26 Seth Forshee New
[v4,01/21] fs: fix a posible leak of allocated superblock 1 - - --- 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - --- 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - --- 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - --- 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - --- 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 - - --- 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - --- 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - --- 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - --- 2016-04-26 Seth Forshee New
[testsuite] tests/sctp: add client peeloff tests [testsuite] tests/sctp: add client peeloff tests - - - --- 2021-10-21 Ondrej Mosnacek omos Under Review
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime selinux-testsuite: Reduce sctp test runtime - - - --- 2020-11-04 Richard Haines omos Under Review
[V2,1/1] selinux-testsuite: Add btrfs support for filesystem tests selinux-testsuite: Add btrfs support for filesystem tests - - - --- 2020-11-03 Richard Haines omos Queued
[RFC,V2,2/2] selinux-testsuite: Run SCTP tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
[RFC,V2,1/2] selinux-testsuite: Run tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
[RFC,5/5] selinux-testsuite: add testing for unprivileged sandboxing capability [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,4/5] selinux-testsuite: add tests/sandbox/rxdir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,3/5] selinux-testsuite: add tests/sandbox/rxdir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,2/5] selinux-testsuite: add tests/sandbox/nodir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[v2,2/2] fuse: Send security context of inode on file creation fuse: Send file/inode security context during creation - - - --- 2021-10-12 Vivek Goyal pcmoore New
[v2,1/2] fuse: Add a flag FUSE_SECURITY_CTX fuse: Send file/inode security context during creation - - - --- 2021-10-12 Vivek Goyal pcmoore New
security: Return xattr name from security_dentry_init_security() security: Return xattr name from security_dentry_init_security() - 1 - --- 2021-09-30 Vivek Goyal pcmoore New
lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() - - - --- 2021-09-29 Paul Moore pcmoore New
[2/2] fuse: Send security context of inode on file creation fuse: Send file/inode security context during creation - - - --- 2021-09-24 Vivek Goyal pcmoore New
[1/2] fuse: Add a flag FUSE_SECURITY_CTX fuse: Send file/inode security context during creation - - - --- 2021-09-24 Vivek Goyal pcmoore New
[v29,28/28] AppArmor: Remove the exclusive flag [v29,01/28] LSM: Infrastructure management of the sock security 2 1 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,27/28] LSM: Add /proc attr entry for full LSM context [v29,01/28] LSM: Infrastructure management of the sock security - 1 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,26/28] Audit: Add record for multiple object security contexts [v29,01/28] LSM: Infrastructure management of the sock security - - - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,25/28] Audit: Add record for multiple task security contexts [v29,01/28] LSM: Infrastructure management of the sock security - - - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,24/28] Audit: Add framework for auxiliary records [v29,01/28] LSM: Infrastructure management of the sock security - - - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,23/28] Audit: Create audit_stamp structure [v29,01/28] LSM: Infrastructure management of the sock security - - - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,22/28] Audit: Keep multiple LSM data in audit_names [v29,01/28] LSM: Infrastructure management of the sock security - - - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,21/28] LSM: Extend security_secid_to_secctx to include module selection [v29,01/28] LSM: Infrastructure management of the sock security - - - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,20/28] LSM: Verify LSM display sanity in binder [v29,01/28] LSM: Infrastructure management of the sock security 2 2 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,19/28] NET: Store LSM netlabel data in a lsmblob [v29,01/28] LSM: Infrastructure management of the sock security 2 2 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,18/28] LSM: security_secid_to_secctx in netlink netfilter [v29,01/28] LSM: Infrastructure management of the sock security 3 2 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,17/28] LSM: Use lsmcontext in security_inode_getsecctx [v29,01/28] LSM: Infrastructure management of the sock security 3 2 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,16/28] LSM: Use lsmcontext in security_secid_to_secctx [v29,01/28] LSM: Infrastructure management of the sock security 2 1 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,15/28] LSM: Ensure the correct LSM context releaser [v29,01/28] LSM: Infrastructure management of the sock security 3 2 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,14/28] LSM: Specify which LSM to display [v29,01/28] LSM: Infrastructure management of the sock security - - - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,13/28] IMA: Change internal interfaces to use lsmblobs [v29,01/28] LSM: Infrastructure management of the sock security 1 2 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,12/28] LSM: Use lsmblob in security_cred_getsecid [v29,01/28] LSM: Infrastructure management of the sock security 2 2 - --- 2021-09-24 Casey Schaufler pcmoore New
« 1 2 »