Show patches with: State = Action Required       |   177 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c Untitled series #439529 - - - --- 2021-02-28 Alexey Dobriyan pcmoore New
[1/2,RFC] libsepol: Add not self support for neverallow rules libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[1/2] checkpolicy: Improve error message for type bounds [1/2] checkpolicy: Improve error message for type bounds - - - --- 2022-11-24 Vit Mojzis New
[1/2] libselinux: restorecon: add fallback for pre 3.6 Linux [1/2] libselinux: restorecon: add fallback for pre 3.6 Linux - - - --- 2022-05-17 Christian Göttsche New
[1/2] libsepol/tests: use more strict compiler options [1/2] libsepol/tests: use more strict compiler options 1 - - --- 2022-11-14 Christian Göttsche New
[1/2] selinux: Add map perms [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
[1/2] sepolgen: Update refparser to handle xperm [1/2] sepolgen: Update refparser to handle xperm - - - --- 2022-08-01 chris.lindee@gmail.com New
[1/3] libselinux: make use of strndup [1/3] libselinux: make use of strndup - - - --- 2022-11-09 Christian Göttsche New
[1/3] libselinux: simplify string copying [1/3] libselinux: simplify string copying 1 - - --- 2022-11-09 Christian Göttsche New
[1/3] secilc/docs: selinuxuser actually takes a string not identifier [1/3] secilc/docs: selinuxuser actually takes a string not identifier - - - --- 2022-08-28 bauen1 New
[1/4] ci: bump versions in GitHub Actions [1/4] ci: bump versions in GitHub Actions 1 - - --- 2022-08-08 Christian Göttsche New
[1/4] libselinux: add man page redirections [1/4] libselinux: add man page redirections 1 - - --- 2022-05-20 Christian Göttsche New
[2/2,RFC] libsepol/cil: Add notself and minusself support to CIL libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[2/2] dbus: Add filetrans for /tmp/dbus-* session socket [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
[2/2] libsemanage: Use more conscious language [1/2] checkpolicy: Improve error message for type bounds - - - --- 2022-11-24 Vit Mojzis New
[2/2] libsepol/tests: add tests for neverallow assertions [1/2] libsepol/tests: use more strict compiler options - - - --- 2022-11-14 Christian Göttsche New
[2/2] sepolgen: Support named xperms [1/2] sepolgen: Update refparser to handle xperm - - - --- 2022-08-01 chris.lindee@gmail.com New
[2/3] checkpolicy: simplify string copying [1/3] libselinux: simplify string copying - - - --- 2022-11-09 Christian Göttsche New
[2/3] libselinux: bail out on path truncations [1/3] libselinux: make use of strndup - - - --- 2022-11-09 Christian Göttsche New
[28/32] selinux: Use mem_to_flex_dup() with xfrm and sidtab Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore New
[3/3] libselinux: filter arguments with path separators [1/3] libselinux: make use of strndup - - - --- 2022-11-09 Christian Göttsche New
[3/3] libsepol: simplify string copying [1/3] libselinux: simplify string copying - - - --- 2022-11-09 Christian Göttsche New
[3/5] libsepol: operator on const pointers during validation [1/5] libsepol: rename validate_policydb to policydb_validate - - - --- 2022-07-13 Christian Göttsche New
[libselinux] libselinux: make threadsafe for discover_class_cache [libselinux] libselinux: make threadsafe for discover_class_cache - - - --- 2022-01-20 Purushottam Choudhary New
[RESEND,v18,1/4] Add flags option to get xattr method paired to __vfs_getxattr overlayfs override_creds=off & nested get xattr fix 5 1 - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method overlayfs override_creds=off & nested get xattr fix - - - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,3/4] overlayfs: override_creds=off option bypass creator_cred overlayfs override_creds=off & nested get xattr fix - - - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,4/4] overlayfs: inode_owner_or_capable called during execv Untitled series #368853 - - - --- 2020-10-22 Mark Salyzyn pcmoore New
[RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU [RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU - - - --- 2021-04-16 Stephen Brennan pcmoore New
[RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU [RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU - - - --- 2021-02-04 Stephen Brennan pcmoore New
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime selinux-testsuite: Reduce sctp test runtime - - - --- 2020-11-04 Richard Haines omos Under Review
[RFC,1/1] selinuxns: Replace state pointer with namespace id [RFC,1/1] selinuxns: Replace state pointer with namespace id - - - --- 2022-02-16 Igor Baranov pcmoore New
[RFC,1/2] fs/xattr: add *at family syscalls [RFC,1/2] fs/xattr: add *at family syscalls - - - --- 2022-08-30 Christian Göttsche pcmoore New
[RFC,1/3] libsepol: export initial SIDs [RFC,1/3] libsepol: export initial SIDs - - - --- 2022-06-07 Christian Göttsche New
[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,1/6] libsepol: rename struct member [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
[RFC,1/7] LSM: Infrastructure management of the superblock [RFC,1/7] LSM: Infrastructure management of the superblock 1 2 - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,1/9] sk_buff: track nfct status in newly added skb->_state [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,2/2] fs/xattr: wire up syscalls [RFC,1/2] fs/xattr: add *at family syscalls - - - --- 2022-08-30 Christian Göttsche pcmoore New
[RFC,2/2] security, nfs: Provide a hook for fs_context security initialisation [RFC,1/2] security: Remove security_add_mnt_opt() as it's unused - - - --- 2021-12-08 David Howells pcmoore New
[RFC,2/3] libsepol: validate initial SIDs [RFC,1/3] libsepol: export initial SIDs - - - --- 2022-06-07 Christian Göttsche New
[RFC,2/4] libsepol: add ebitmap iterator wrapper with startnode [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,2/5] selinux-testsuite: add tests/sandbox/nodir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,2/6] checkpolicy: update cond_expr_t struct member name [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
[RFC,2/7] selinux: support per-namespace superblock security structures [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,2/9] sk_buff: track dst status in skb->_state [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,3/3] checkpolicy: rework initial SID handling [RFC,1/3] libsepol: export initial SIDs - - - --- 2022-06-07 Christian Göttsche New
[RFC,3/4] libsepol: add compile-time constraint for mutual exclusive attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,3/5] selinux-testsuite: add tests/sandbox/rxdir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,3/6] libsepol/tests: rename bool indentifiers [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
[RFC,3/7] SELINUXNS: Fix initilization of the superblock security under spinlock [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,3/9] sk_buff: move the active_extensions into the state bitfield [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,4/4] checkpolicy: add front-end support for segregate attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,4/5] selinux-testsuite: add tests/sandbox/rxdir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,4/6] checkpolicy: rename bool identifiers [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
[RFC,4/7] SELINUXNS: Namespacing for xattrs [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,4/9] net: optimize GRO for the common case. [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,5/5] selinux-testsuite: add testing for unprivileged sandboxing capability [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,5/6] libsepol: rename bool identifiers [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
[RFC,5/7] SELINUXNS: Migrate all open files and all vma to new namespace [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,5/9] skbuff: introduce has_sk state bit. [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,6/6] libsemanage/tests: rename bool identifiers [RFC,1/6] libsepol: rename struct member - - - --- 2022-11-14 Christian Göttsche New
[RFC,6/7] SELINUXNS: Fixing superblock security structure memory leakage [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,6/9] veth: use skb_prepare_for_gro() [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,7/7] SELINUXNS: Fixing concurrency issues [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,7/9] sk_buff: move inner header fields after tail [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,8/9] sk_buff: move vlan field after tail. [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,9/9] sk_buff: access secmark via getter/setter [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,V2,1/2] selinux-testsuite: Run tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
[RFC,V2,2/2] selinux-testsuite: Run SCTP tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
[RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,2/5] libsepol: add not-self neverallow support [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,3/5] checkpolicy: add not-self neverallow support [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,4/5] libsepol: free ebitmap on end of function [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,5/5] libsepol: pass avtab to report function [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3] security,capability: pass object information to security_capable [RFC,v3] security,capability: pass object information to security_capable - - - --- 2019-08-15 Aaron Goidel pcmoore New
[RFC,v4,1/6] libsepol: Add not self support for neverallow rules not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[RFC,v4,2/6] libsepol/cil: Add notself and minusself support to CIL not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[RFC,v4,3/6] checkpolicy: add not-self neverallow support not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[RFC,v4,4/6] libsepol/tests: add tests for not self neverallow rules not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[RFC,v4,5/6] libsepol/tests: add tests for minus self neverallow rules not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[RFC,v4,6/6] libsepol: update CIL generation for trivial not-self rules not-self neverallow support - - - --- 2022-11-25 Christian Göttsche New
[RFC] audit, security: allow LSMs to selectively enable audit collection [RFC] audit, security: allow LSMs to selectively enable audit collection - - - --- 2019-08-15 Aaron Goidel pcmoore New
[RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability [RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability - - - --- 2020-03-13 Stephen Smalley pcmoore New
[RFC] selinux: Add netlink xperm support [RFC] selinux: Add netlink xperm support - - - --- 2021-11-10 Bram Bonné pcmoore New
[RFC] selinux: add unprivileged sandboxing capability [RFC] selinux: add unprivileged sandboxing capability - - - --- 2020-03-13 Stephen Smalley pcmoore New
[RFC] SELINUX: Remove obsolete deferred inode security init list. [RFC] SELINUX: Remove obsolete deferred inode security init list. - - - --- 2022-11-14 Konstantin Meskhidze pcmoore New
[RFC] Use `pip install` instead of `setup.py install` [RFC] Use `pip install` instead of `setup.py install` 1 - - --- 2022-11-22 Petr Lautrbach New
[RFC] userfaultfd: open userfaultfds with O_RDONLY [RFC] userfaultfd: open userfaultfds with O_RDONLY - - - --- 2021-06-24 Ondrej Mosnacek pcmoore New
[userspace] fixfiles: do not cross mounts when traversing directories [userspace] fixfiles: do not cross mounts when traversing directories - - - --- 2022-09-19 Ondrej Mosnacek New
[v1,2/2] selinux: add support for the io_uring setup permission Add LSM access controls for io_uring_setup - - - --- 2022-11-07 Gil Cukierman pcmoore New
[V2,1/1] selinux-testsuite: Add btrfs support for filesystem tests selinux-testsuite: Add btrfs support for filesystem tests - - - --- 2020-11-03 Richard Haines omos Queued
[v2,1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag vfs/security/NFS/btrfs: clean up and fix LSM option handling - - 1 --- 2021-05-17 Ondrej Mosnacek pcmoore New
[v2,2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount vfs/security/NFS/btrfs: clean up and fix LSM option handling - - - --- 2021-05-17 Ondrej Mosnacek pcmoore New
[v2,2/3] libselinux: bail out on path truncations Untitled series #694191 - - - --- 2022-11-10 Christian Göttsche New
[v2,6/6] Enable missing prototypes [v2,1/6] libsepol/cil: declare file local functions static - - - --- 2022-04-05 Christian Göttsche New
[V2,testsuite] tests/inet_socket: Add socket transition tests [V2,testsuite] tests/inet_socket: Add socket transition tests - - - --- 2021-11-25 Richard Haines omos New
[v2] fixfiles: Unmount temporary bind mounts on SIGINT [v2] fixfiles: Unmount temporary bind mounts on SIGINT 1 - 1 --- 2022-11-07 Petr Lautrbach New
[v2] libselinux: fix some memory issues in db_init [v2] libselinux: fix some memory issues in db_init 1 - - --- 2022-11-22 Jie Lu New
[v2] libsepol: fix validation of user declarations in non-base modules [v2] libsepol: fix validation of user declarations in non-base modules - - - --- 2022-06-09 Christian Göttsche New
« 1 2 »