Show patches with: State = Action Required       |   284 patches
« 1 2 3 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,15/44] selinux: introduce cred_self_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,14/44] selinux: introduce cred_has_extended_perms() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,13/44] selinux: introduce cred_task_has_perm() SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,12/44] selinux: update hook functions to use correct selinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,11/44] selinux: wrap security server interfaces to use the global SID table SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,10/44] selinux: introduce a global SID table SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,09/44] selinuxfs: restrict write operations to the same selinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,08/44] selinux: add a selinuxfs interface to unshare selinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,07/44] selinux: introduce cred_selinux_state() and use it SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,06/44] selinux: support per-task/cred selinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,05/44] netstate,selinux: create the selinux netlink socket per network namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,04/44] selinux: dynamically allocate selinux namespace SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,03/44] selinux: support multiple selinuxfs instances SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,02/44] selinux: introduce current_selinux_state SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,01/44] selinux: restore passing of selinux_state SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
libselinux: avoid quadratic complexity for many regex specs validation libselinux: avoid quadratic complexity for many regex specs validation - - - --- 2024-12-30 Christian Göttsche bachradsusi New
libselinux: update max node depth libselinux: update max node depth - - - --- 2024-12-30 Christian Göttsche bachradsusi New
[RFC,1/3] libsepol: update sort order for netifcon definitions [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC,3/3] secilc/test: add test for wildcard netifcon statement [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC,2/3] checkpolicy: add support for wildcard netifcon names [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC,v2,22/22] selinux: restrict policy strings [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,21/22] selinux: check for simple types [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,20/22] selinux: more strict bounds check [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,19/22] selinux: validate symbols [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,18/22] selinux: beef up isvalid checks [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,17/22] selinux: reorder policydb_index() [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,16/22] selinux: check type attr map overflows [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,15/22] selinux: introduce ebitmap_highest_set_bit() [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,14/22] selinux: pre-validate conditional expressions [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,13/22] selinux: validate constraints [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,12/22] selinux: check length fields in policies [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,11/22] selinux: more strict policy parsing [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,10/22] selinux: use u16 for security classes [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
selinux: Read sk->sk_family once in selinux_socket_bind() selinux: Read sk->sk_family once in selinux_socket_bind() 1 - - --- 2024-12-12 Mikhail Ivanov pcmoore Under Review
selinux: support wildcard match in genfscon selinux: support wildcard match in genfscon - - - --- 2024-12-10 Takaya Saeki pcmoore Under Review
selinux: KASAN; slab-out-of-bounds in avc_lookup selinux: KASAN; slab-out-of-bounds in avc_lookup - - - --- 2024-12-10 Joey Jiao pcmoore Under Review
selinux,xfrm: fix dangling refcount on deferred skb free selinux,xfrm: fix dangling refcount on deferred skb free - - - --- 2024-11-06 Ondrej Mosnacek pcmoore Under Review
selinux: support IPPROTO_SMC in socket_type_to_security_class() selinux: support IPPROTO_SMC in socket_type_to_security_class() 1 - - --- 2024-08-15 Jeongjun Park pcmoore Under Review
[v2,2/2] security: remove unused cred_alloc_blank/cred_transfer helpers get rid of cred_transfer - - - --- 2024-08-05 Jann Horn pcmoore New
[v2,1/2] KEYS: use synchronous task work for changing parent credentials get rid of cred_transfer - - - --- 2024-08-05 Jann Horn pcmoore New
[testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup [testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup - - - --- 2024-07-02 GONG Ruiqi omos New
[RFC] ima: Use sequence number to wait for policy updates [RFC] ima: Use sequence number to wait for policy updates - - - --- 2024-05-07 Roberto Sassu pcmoore New
[RFC,3/3] newrole: use ROWHAMMER resistant values [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,2/3] newrole: cleanse shadow data hold by libc [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,1/3] newrole: constant time password comparison [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[2/2] selinux: add support for xperms in conditional policies [1/2] selinux: constify source policy in cond_policydb_dup() - - - --- 2024-04-05 Christian Göttsche pcmoore New
[RFC] libselinux: disable capturing in fcontext matching [RFC] libselinux: disable capturing in fcontext matching - - - --- 2024-01-08 Christian Göttsche bachradsusi New
[RFC] libsepol: handle long permission names in sepol_av_to_string() [RFC] libsepol: handle long permission names in sepol_av_to_string() - - - --- 2023-12-11 Christian Göttsche bachradsusi New
libsepol: validate common classes in scope indices libsepol: validate common classes in scope indices - - - --- 2023-12-08 Christian Göttsche bachradsusi New
[RFC] libsepol: validate permission identifier length [RFC] libsepol: validate permission identifier length - - - --- 2023-12-07 Christian Göttsche bachradsusi New
[v6] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions [v6] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions 1 1 - --- 2023-12-05 Juraj Marcin bachradsusi New
[v4] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions [v4] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions - 1 - --- 2023-11-21 Juraj Marcin bachradsusi New
[RFC] selinux: assorted hash table improvements [RFC] selinux: assorted hash table improvements - - - --- 2023-11-14 Paul Moore pcmoore New
[2/2] libsepol: rework saturation check [1/2] libsepol: use str_read() where appropriate - - - --- 2023-11-01 Christian Göttsche bachradsusi New
libsepol: ignore writing invalid polcaps in fuzzer libsepol: ignore writing invalid polcaps in fuzzer - - - --- 2023-11-01 Christian Göttsche bachradsusi New
[RFC,v2,27/27] libselinux: add selabel_file(5) fuzzer libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,26/27] libselinux: remove unused hashtab code libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,17/27] libselinux: remove SELABEL_OPT_SUBSET support from selabel_file(5) libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,13/27] libselinux/utils: introduce selabel_compare libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,10/27] libselinux: introduce selabel_nuke libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[8/9,v4] secilc/test: Add deny rule tests Add CIL Deny Rule - - - --- 2023-08-09 James Carter bachradsusi New
[7/7,v2] secilc/test: Add notself and other tests Add support for notself and other to CIL - - - --- 2023-08-09 James Carter bachradsusi New
[v3,2/7] selinux: use u32 as bit type in ebitmap code [v3,1/7] selinux: avoid implicit conversions in avtab code - - - --- 2023-08-07 Christian Göttsche pcmoore New
[v2] selinux: optimize ebitmap_and() [v2] selinux: optimize ebitmap_and() - - - --- 2023-08-03 Christian Göttsche pcmoore New
[v6] semanage, sepolicy: list also ports not attributed with port_type [v6] semanage, sepolicy: list also ports not attributed with port_type - - - --- 2023-07-28 Topi Miettinen bachradsusi New
libselinux/utils: introduce getpolicyload libselinux/utils: introduce getpolicyload - - - --- 2023-07-06 Christian Göttsche bachradsusi New
[RFC,07/20] selinux: services: update type for umber of class permissions [RFC,01/20] selinux: check for multiplication overflow in put_entry() - - - --- 2023-07-06 Christian Göttsche pcmoore Under Review
libselinux: Add CPPFLAGS to Makefile libselinux: Add CPPFLAGS to Makefile - - - --- 2023-06-06 ChungSheng Wu bachradsusi New
semanage: list all nodes even if not attributed with node_type semanage: list all nodes even if not attributed with node_type - - - --- 2023-06-04 Topi Miettinen bachradsusi New
[RFC] selinux: TESTING ONLY, PLEASE IGNORE [RFC] selinux: TESTING ONLY, PLEASE IGNORE - - - --- 2023-05-16 Paul Moore pcmoore Under Review
[RFC,9/9] restorecond: drop last matchpathcon call [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,8/9] restorecond: check selinux_restorecon(3) for failure [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,7/9] secon: check selinux_raw_to_trans_context(3) for failure [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,5/9] libselinux: explicitly ignore return values [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,4/9] mcstrans: check getcon(3) and context_range_set(3) for failure [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,3/9] libselinux: declare avc_open(3) options parameter const [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,v4,6/6] libsepol: update CIL generation for trivial not-self rules not-self neverallow support 1 - - --- 2022-11-25 Christian Göttsche bachradsusi New
[RFC,v4,2/6] libsepol/cil: Add notself and minusself support to CIL not-self neverallow support - - - --- 2022-11-25 Christian Göttsche bachradsusi New
[RFC,1/2] fs/xattr: add *at family syscalls [RFC,1/2] fs/xattr: add *at family syscalls - - - --- 2022-08-30 Christian Göttsche pcmoore New
[RFC,2/2] fs/xattr: wire up syscalls [RFC,1/2] fs/xattr: add *at family syscalls - - - --- 2022-08-30 Christian Göttsche pcmoore New
[1/3] secilc/docs: selinuxuser actually takes a string not identifier [1/3] secilc/docs: selinuxuser actually takes a string not identifier - - - --- 2022-08-28 bauen1 bachradsusi New
selinux: Variable type completion selinux: Variable type completion - - - --- 2022-08-16 Xin Gao pcmoore New
tests/sctp: reenable the SCTP ASCONF tests tests/sctp: reenable the SCTP ASCONF tests - - - --- 2022-08-09 Paul Moore omos Under Review
[v3,8/8] secilc: include segregate attributes in tests [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,7/8] secilc: run tests against development version of libsepol [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,6/8] libsepol/cil: add support for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,5/8] libsepol/tests: add test for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,4/8] checkpolicy: add front-end support for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,3/8] libsepol: add compile-time constraint for mutual exclusive attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,2/8] libsepol: add ebitmap iterator wrapper with startnode [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[RFC,4/4] checkpolicy: add front-end support for segregate attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,3/4] libsepol: add compile-time constraint for mutual exclusive attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,2/4] libsepol: add ebitmap iterator wrapper with startnode [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[1/4] libselinux: add man page redirections [1/4] libselinux: add man page redirections 1 - - --- 2022-05-20 Christian Göttsche New
Makefile: always include and link with DESTDIR Makefile: always include and link with DESTDIR - - - --- 2022-05-20 Christian Göttsche New
[28/32] selinux: Use mem_to_flex_dup() with xfrm and sidtab Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore New
selinux: use unsigned char for boolean values selinux: use unsigned char for boolean values - - - --- 2022-05-02 Christian Göttsche pcmoore New
[RFC,7/7] SELINUXNS: Fixing concurrency issues [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,6/7] SELINUXNS: Fixing superblock security structure memory leakage [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,5/7] SELINUXNS: Migrate all open files and all vma to new namespace [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
« 1 2 3 »