Show patches with: State = Action Required       |   165 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v7,6/6] evm: Support multiple LSMs providing an xattr evm: Do HMAC of multiple per LSM xattrs for new inodes - 1 - --- 2022-12-01 Roberto Sassu New
[v7,5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure evm: Do HMAC of multiple per LSM xattrs for new inodes - 1 - --- 2022-12-01 Roberto Sassu New
[v7,4/6] security: Allow all LSMs to provide xattrs for inode_init_security hook evm: Do HMAC of multiple per LSM xattrs for new inodes - 1 - --- 2022-12-01 Roberto Sassu New
[v7,3/6] security: Remove security_old_inode_init_security() evm: Do HMAC of multiple per LSM xattrs for new inodes - 1 - --- 2022-12-01 Roberto Sassu New
[v7,2/6] ocfs2: Switch to security_inode_init_security() evm: Do HMAC of multiple per LSM xattrs for new inodes - 1 - --- 2022-12-01 Roberto Sassu New
[v7,1/6] reiserfs: Switch to security_inode_init_security() evm: Do HMAC of multiple per LSM xattrs for new inodes - 1 - --- 2022-12-01 Roberto Sassu New
[v2] Use `pip install` instead of `setup.py install` [v2] Use `pip install` instead of `setup.py install` - - - --- 2022-11-29 Petr Lautrbach New
libselinux:add check for malloc libselinux:add check for malloc - - - --- 2022-11-29 Jie Lu New
[RFC,v4,6/6] libsepol: update CIL generation for trivial not-self rules not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[RFC,v4,5/6] libsepol/tests: add tests for minus self neverallow rules not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[RFC,v4,4/6] libsepol/tests: add tests for not self neverallow rules not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[RFC,v4,3/6] checkpolicy: add not-self neverallow support not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[RFC,v4,2/6] libsepol/cil: Add notself and minusself support to CIL not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[RFC,v4,1/6] libsepol: Add not self support for neverallow rules not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[2/2] libsemanage: Use more conscious language [1/2] checkpolicy: Improve error message for type bounds - - - --- 2022-11-24 Vit Mojzis New
[1/2] checkpolicy: Improve error message for type bounds [1/2] checkpolicy: Improve error message for type bounds - - - --- 2022-11-24 Vit Mojzis New
[v6,6/6] evm: Support multiple LSMs providing an xattr evm: Do HMAC of multiple per LSM xattrs for new inodes - - - --- 2022-11-23 Roberto Sassu New
[v6,5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure evm: Do HMAC of multiple per LSM xattrs for new inodes - - - --- 2022-11-23 Roberto Sassu New
[v6,4/6] security: Allow all LSMs to provide xattrs for inode_init_security hook evm: Do HMAC of multiple per LSM xattrs for new inodes - - - --- 2022-11-23 Roberto Sassu New
[v6,3/6] security: Remove security_old_inode_init_security() evm: Do HMAC of multiple per LSM xattrs for new inodes - - - --- 2022-11-23 Roberto Sassu New
[v6,2/6] ocfs2: Switch to security_inode_init_security() evm: Do HMAC of multiple per LSM xattrs for new inodes - - - --- 2022-11-23 Roberto Sassu New
[v6,1/6] reiserfs: Switch to security_inode_init_security() evm: Do HMAC of multiple per LSM xattrs for new inodes - - - --- 2022-11-23 Roberto Sassu New
[v5,6/6] evm: Support multiple LSMs providing an xattr evm: Prepare for moving to the LSM infrastructure - - - --- 2022-11-23 Roberto Sassu New
[v5,5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure evm: Prepare for moving to the LSM infrastructure - - - --- 2022-11-23 Roberto Sassu New
[v5,4/6] security: Allow all LSMs to provide xattrs for inode_init_security hook evm: Prepare for moving to the LSM infrastructure - - - --- 2022-11-23 Roberto Sassu New
[v5,3/6] security: Remove security_old_inode_init_security() evm: Prepare for moving to the LSM infrastructure - - - --- 2022-11-23 Roberto Sassu New
[v5,2/6] ocfs2: Switch to security_inode_init_security() evm: Prepare for moving to the LSM infrastructure - - - --- 2022-11-23 Roberto Sassu New
[v5,1/6] reiserfs: Switch to security_inode_init_security() evm: Prepare for moving to the LSM infrastructure - - - --- 2022-11-23 Roberto Sassu New
[v2] libselinux: fix some memory issues in db_init [v2] libselinux: fix some memory issues in db_init 1 - - --- 2022-11-22 Jie Lu New
libselinux: fix some memory issues in db_init libselinux: fix some memory issues in db_init - - - --- 2022-11-21 Jie Lu New
[RFC,6/6] libsemanage/tests: rename bool identifiers [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
[RFC,5/6] libsepol: rename bool identifiers [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
[RFC,4/6] checkpolicy: rename bool identifiers [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
[RFC,3/6] libsepol/tests: rename bool indentifiers [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
[RFC,2/6] checkpolicy: update cond_expr_t struct member name [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
[RFC,1/6] libsepol: rename struct member [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
libselinux: Drop '\n' from avc_log() messages libselinux: Drop '\n' from avc_log() messages - - - --- 2022-10-25 Petr Lautrbach New
systemd socket activation selinux context pr review systemd socket activation selinux context pr review - - - --- 2022-10-10 Ted Toth New
[v3] docs: update the README.md with a basic SELinux description [v3] docs: update the README.md with a basic SELinux description 1 - - --- 2022-10-03 Paul Moore New
[userspace] fixfiles: do not cross mounts when traversing directories [userspace] fixfiles: do not cross mounts when traversing directories - - - --- 2022-09-19 Ondrej Mosnacek New
[1/3] secilc/docs: selinuxuser actually takes a string not identifier [1/3] secilc/docs: selinuxuser actually takes a string not identifier - - - --- 2022-08-28 bauen1 New
[1/4] ci: bump versions in GitHub Actions [1/4] ci: bump versions in GitHub Actions 1 - - --- 2022-08-08 Christian Göttsche New
libselinux/utils: install into bin PATH libselinux/utils: install into bin PATH - - - --- 2022-08-08 Christian Göttsche New
[2/2] sepolgen: Support named xperms [1/2] sepolgen: Update refparser to handle xperm - - - --- 2022-08-01 chris.lindee@gmail.com New
[1/2] sepolgen: Update refparser to handle xperm [1/2] sepolgen: Update refparser to handle xperm - - - --- 2022-08-01 chris.lindee@gmail.com New
[v3,8/8] secilc: include segregate attributes in tests [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,7/8] secilc: run tests against development version of libsepol [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,6/8] libsepol/cil: add support for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,5/8] libsepol/tests: add test for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,4/8] checkpolicy: add front-end support for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,3/8] libsepol: add compile-time constraint for mutual exclusive attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,2/8] libsepol: add ebitmap iterator wrapper with startnode [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[3/5] libsepol: operator on const pointers during validation [1/5] libsepol: rename validate_policydb to policydb_validate - - - --- 2022-07-13 Christian Göttsche New
libselinux: set errno to EBADF on O_PATH emulation failure libselinux: set errno to EBADF on O_PATH emulation failure - - - --- 2022-07-06 Christian Göttsche New
[RFC,4/4] checkpolicy: add front-end support for segregate attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,3/4] libsepol: add compile-time constraint for mutual exclusive attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,2/4] libsepol: add ebitmap iterator wrapper with startnode [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[v2] libsepol: fix validation of user declarations in non-base modules [v2] libsepol: fix validation of user declarations in non-base modules - - - --- 2022-06-09 Christian Göttsche New
[RFC,3/3] checkpolicy: rework initial SID handling [RFC,1/3] libsepol: export initial SIDs - - - --- 2022-06-07 Christian Göttsche New
[RFC,2/3] libsepol: validate initial SIDs [RFC,1/3] libsepol: export initial SIDs - - - --- 2022-06-07 Christian Göttsche New
[RFC,1/3] libsepol: export initial SIDs [RFC,1/3] libsepol: export initial SIDs - - - --- 2022-06-07 Christian Göttsche New
[1/4] libselinux: add man page redirections [1/4] libselinux: add man page redirections 1 - - --- 2022-05-20 Christian Göttsche New
Makefile: always include and link with DESTDIR Makefile: always include and link with DESTDIR - - - --- 2022-05-20 Christian Göttsche New
[1/2] libselinux: restorecon: add fallback for pre 3.6 Linux [1/2] libselinux: restorecon: add fallback for pre 3.6 Linux - - - --- 2022-05-17 Christian Göttsche New
libselinux/utils/getsebool: add options to display en-/disabled booleans libselinux/utils/getsebool: add options to display en-/disabled booleans - - - --- 2022-04-28 Christian Göttsche New
[v2,6/6] Enable missing prototypes [v2,1/6] libsepol/cil: declare file local functions static - - - --- 2022-04-05 Christian Göttsche New
libselinux: Prevent cached context giving wrong results libselinux: Prevent cached context giving wrong results - - - --- 2022-01-27 Johannes Segitz New
[libselinux] libselinux: make threadsafe for discover_class_cache [libselinux] libselinux: make threadsafe for discover_class_cache - - - --- 2022-01-20 Purushottam Choudhary New
[2/2,RFC] libsepol/cil: Add notself and minusself support to CIL libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[1/2,RFC] libsepol: Add not self support for neverallow rules libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[RFC,v3,5/5] libsepol: pass avtab to report function [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,4/5] libsepol: free ebitmap on end of function [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,3/5] checkpolicy: add not-self neverallow support [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,2/5] libsepol: add not-self neverallow support [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[XSERVER,2/2] selinux: log events with appropriate audit type [XSERVER,1/2] selinux: remap security classes on policyload - - - --- 2021-11-25 Christian Göttsche New
[XSERVER,1/2] selinux: remap security classes on policyload [XSERVER,1/2] selinux: remap security classes on policyload - - - --- 2021-11-25 Christian Göttsche New
[2/2] dbus: Add filetrans for /tmp/dbus-* session socket [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
[1/2] selinux: Add map perms [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
[v2] Support static-only builds [v2] Support static-only builds - - - --- 2021-11-13 Alyssa Ross New
[v4,21/21] fuse: Allow user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,20/21] fuse: Restrict allow_other to the superblock's namespace or a descendant 2 - - --- 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - --- 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs 2 - - --- 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - --- 2016-04-26 Seth Forshee New
[v4,15/21] fs: Don't remove suid for CAP_FSETID in s_user_ns 1 - - --- 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - --- 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns 1 - - --- 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - --- 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 1 - --- 2016-04-26 Seth Forshee New
[v4,09/21] Smack: Handle labels consistently in untrusted mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - --- 2016-04-26 Seth Forshee New
[v4,07/21] selinux: Add support for unprivileged mounts from user namespaces 2 - - --- 2016-04-26 Seth Forshee New
[v4,06/21] fs: Treat foreign mounts as nosuid 2 - - --- 2016-04-26 Seth Forshee New
[v4,05/21] block_dev: Check permissions towards block device inode when mounting 1 - - --- 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - --- 2016-04-26 Seth Forshee New
[v4,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - --- 2016-04-26 Seth Forshee New
« 1 2 »