Show patches with: none      |   8975 patches
« 1 2 ... 21 22 2389 90 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[testsuite,v2] tests/sctp: add client peeloff tests [testsuite,v2] tests/sctp: add client peeloff tests - - - --- 2022-02-12 Ondrej Mosnacek omos Superseded
[net,v3,2/2] security: implement sctp_assoc_established hook in selinux security: fixups for the security hooks in sctp - - - --- 2022-02-12 Ondrej Mosnacek pcmoore Accepted
[net,v3,1/2] security: add sctp_assoc_established hook security: fixups for the security hooks in sctp - - - --- 2022-02-12 Ondrej Mosnacek pcmoore Accepted
[2/2] libsepol: Don't write out constraint if it has no permissions [1/2] libsepol/cil: Don't add constraint if there are no permissions - - - --- 2022-02-11 James Carter Accepted
[1/2] libsepol/cil: Don't add constraint if there are no permissions [1/2] libsepol/cil: Don't add constraint if there are no permissions - - - --- 2022-02-11 James Carter Accepted
[3/3] libsepol: validate several flags [1/3] libsepol: use correct error type to please UBSAN - - - --- 2022-02-10 Christian Göttsche Accepted
[2/3] libsepol: more strict constraint validation [1/3] libsepol: use correct error type to please UBSAN - - - --- 2022-02-10 Christian Göttsche Accepted
[1/3] libsepol: use correct error type to please UBSAN [1/3] libsepol: use correct error type to please UBSAN 1 - - --- 2022-02-10 Christian Göttsche Accepted
[v2] checkpolicy: allow wildcard permissions in constraints [v2] checkpolicy: allow wildcard permissions in constraints 1 - - --- 2022-02-10 Christian Göttsche Accepted
[testsuite] tests/binder: Adjust kernel uapi headers check for building [testsuite] tests/binder: Adjust kernel uapi headers check for building - - - --- 2022-02-09 GONG, Ruiqi omos Accepted
checkpolicy: allow wildcard permissions in constraints checkpolicy: allow wildcard permissions in constraints - - - --- 2022-02-04 Christian Göttsche Superseded
[2/2] libsepol: add policy utilities [1/2] libsepol: add sepol_av_perm_to_string - - - --- 2022-02-04 Christian Göttsche Superseded
[1/2] libsepol: add sepol_av_perm_to_string [1/2] libsepol: add sepol_av_perm_to_string - - - --- 2022-02-04 Christian Göttsche Superseded
[GIT,PULL] SELinux fixes for v5.17 (#1) [GIT,PULL] SELinux fixes for v5.17 (#1) - - - --- 2022-02-03 Paul Moore pcmoore Accepted
[userspace,v2,6/6] semodule: add command-line option to detect module changes Optionally rebuild policy store only if there were external changes to modules - - - --- 2022-02-03 Ondrej Mosnacek Accepted
[userspace,v2,5/6] libsemanage: optionally rebuild policy when modules are changed externally Optionally rebuild policy store only if there were external changes to modules - - - --- 2022-02-03 Ondrej Mosnacek Accepted
[userspace,v2,4/6] libsemanage: clean up semanage_direct_commit() a bit Optionally rebuild policy store only if there were external changes to modules - - - --- 2022-02-03 Ondrej Mosnacek Accepted
[userspace,v2,3/6] libsemanage: move compressed file handling into a separate object Optionally rebuild policy store only if there were external changes to modules - - - --- 2022-02-03 Ondrej Mosnacek Accepted
[userspace,v2,2/6] semodule,libsemanage: move module hashing into libsemanage Optionally rebuild policy store only if there were external changes to modules - - - --- 2022-02-03 Ondrej Mosnacek Accepted
[userspace,v2,1/6] libsemanage: add missing include to boolean_record.c Optionally rebuild policy store only if there were external changes to modules 1 - - --- 2022-02-03 Ondrej Mosnacek Accepted
[v32,28/28] AppArmor: Remove the exclusive flag [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 1 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,27/28] LSM: Add /proc attr entry for full LSM context [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - 1 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,26/28] Audit: Add record for multiple object security contexts [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,25/28] Audit: Add record for multiple task security contexts [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,24/28] Audit: Add framework for auxiliary records [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,23/28] Audit: Create audit_stamp structure [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,22/28] Audit: Keep multiple LSM data in audit_names [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,21/28] LSM: Extend security_secid_to_secctx to include module selection [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,20/28] binder: Pass LSM identifier for confirmation [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,19/28] NET: Store LSM netlabel data in a lsmblob [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,18/28] LSM: security_secid_to_secctx in netlink netfilter [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 3 2 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,17/28] LSM: Use lsmcontext in security_inode_getsecctx [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 3 2 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,16/28] LSM: Use lsmcontext in security_secid_to_secctx [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,15/28] LSM: Ensure the correct LSM context releaser [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 3 2 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,14/28] LSM: Specify which LSM to display [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,13/28] LSM: Use lsmblob in security_cred_getsecid [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,12/28] LSM: Use lsmblob in security_inode_getsecid [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,11/28] LSM: Use lsmblob in security_current_getsecid [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,10/28] LSM: Use lsmblob in security_ipc_getsecid [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,09/28] LSM: Use lsmblob in security_secid_to_secctx [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,08/28] LSM: Use lsmblob in security_secctx_to_secid [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,07/28] LSM: Use lsmblob in security_kernel_act_as [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,06/28] LSM: Use lsmblob in security_audit_rule_match [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,05/28] IMA: avoid label collisions with stacked LSMs [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,04/28] LSM: provide lsm name and id slot mappings [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,03/28] LSM: Add the lsmblob data structure. [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - 1 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,02/28] LSM: Infrastructure management of the sock security [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
[v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule [v32,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 - - --- 2022-02-02 Casey Schaufler pcmoore Changes Requested
selinux: parse contexts for mount options early selinux: parse contexts for mount options early - - - --- 2022-02-02 Ondrej Mosnacek pcmoore Accepted
[v2] selinux: fix double free of cond_list on error paths [v2] selinux: fix double free of cond_list on error paths - - - --- 2022-02-02 Vratislav Bendel pcmoore Accepted
[v3,2/2] selinux: try to use preparsed sid before calling parse_sid() selinux: parse sids earlier to avoid doing memory allocations under spinlock - - - --- 2022-01-31 Scott Mayhew pcmoore Accepted
[v3,1/2] selinux: Fix selinux_sb_mnt_opts_compat() selinux: parse sids earlier to avoid doing memory allocations under spinlock - - - --- 2022-01-31 Scott Mayhew pcmoore Accepted
libsepol: do not add gaps to string list libsepol: do not add gaps to string list 1 - - --- 2022-01-31 Christian Göttsche Accepted
libsepol: Populate and use policy name libsepol: Populate and use policy name - - - --- 2022-01-31 Thiébaud Weksteen Superseded
[3/3] selinux: remove duplicate cond_list clean up calls selinux: Fix and clean policydb->cond_list error paths - - - --- 2022-01-28 Vratislav Bendel pcmoore Rejected
[2/3] selinux: fix double free of cond_list on error paths selinux: Fix and clean policydb->cond_list error paths - - - --- 2022-01-28 Vratislav Bendel pcmoore Changes Requested
[1/3] selinux: consistently clear cond_list on error paths selinux: Fix and clean policydb->cond_list error paths - - - --- 2022-01-28 Vratislav Bendel pcmoore Changes Requested
[v2] selinux: various sparse fixes [v2] selinux: various sparse fixes - - - --- 2022-01-27 Paul Moore pcmoore Accepted
[v2] selinux: fix a type cast problem in cred_init_security() [v2] selinux: fix a type cast problem in cred_init_security() - - - --- 2022-01-27 Paul Moore pcmoore Accepted
selinux: various sparse fixes selinux: various sparse fixes - - - --- 2022-01-27 Paul Moore pcmoore Superseded
[v2] LSM: general protection fault in legacy_parse_param [v2] LSM: general protection fault in legacy_parse_param 2 - - --- 2022-01-27 Casey Schaufler pcmoore Accepted
selinux: fix a type cast problem in cred_init_security() selinux: fix a type cast problem in cred_init_security() - - - --- 2022-01-27 Paul Moore pcmoore Superseded
libselinux: Prevent cached context giving wrong results libselinux: Prevent cached context giving wrong results - - - --- 2022-01-27 Johannes Segitz New
policycoreutils: handle argument counter of zero policycoreutils: handle argument counter of zero 1 - - --- 2022-01-26 Christian Göttsche Accepted
SELinux: Always allow FIOCLEX and FIONCLEX SELinux: Always allow FIOCLEX and FIONCLEX - - - --- 2022-01-25 Demi Marie Obenour pcmoore Changes Requested
[RFC] selinux: split no transition execve check [RFC] selinux: split no transition execve check - - - --- 2022-01-25 Christian Göttsche pcmoore Rejected
[RFC] mm: create security context for memfd_secret inodes [RFC] mm: create security context for memfd_secret inodes - - - --- 2022-01-25 Christian Göttsche pcmoore Accepted
[1/9] selinux: check return value of sel_make_avc_files [1/9] selinux: check return value of sel_make_avc_files - 1 - --- 2022-01-25 Christian Göttsche pcmoore Accepted
[9/9] selinux: drop unused macro [1/9] selinux: check return value of sel_make_avc_files - 1 - --- 2022-01-25 Christian Göttsche pcmoore Accepted
[8/9] selinux: simplify cred_init_security [1/9] selinux: check return value of sel_make_avc_files - - - --- 2022-01-25 Christian Göttsche pcmoore Accepted
[7/9] selinux: do not discard const qualifier in cast [1/9] selinux: check return value of sel_make_avc_files - - - --- 2022-01-25 Christian Göttsche pcmoore Accepted
[6/9] selinux: drop unused parameter of avtab_insert_node [1/9] selinux: check return value of sel_make_avc_files - - - --- 2022-01-25 Christian Göttsche pcmoore Accepted
[5/9] selinux: drop cast to same type [1/9] selinux: check return value of sel_make_avc_files - - - --- 2022-01-25 Christian Göttsche pcmoore Accepted
[4/9] selinux: enclose macro arguments in parenthesis [1/9] selinux: check return value of sel_make_avc_files - 1 - --- 2022-01-25 Christian Göttsche pcmoore Accepted
[3/9] selinux: declare name parameter of hash_eval const [1/9] selinux: check return value of sel_make_avc_files - - - --- 2022-01-25 Christian Göttsche pcmoore Accepted
[2/9] selinux: declare path parameters of _genfs_sid const [1/9] selinux: check return value of sel_make_avc_files - - - --- 2022-01-25 Christian Göttsche pcmoore Accepted
libsepol: invert only valid range of role bitmap libsepol: invert only valid range of role bitmap 1 - - --- 2022-01-25 Christian Göttsche Accepted
[v3] libsepol: handle type gaps [v3] libsepol: handle type gaps 1 - - --- 2022-01-25 Christian Göttsche Accepted
[-next] selinux: access superblock_security_struct in LSM blob way [-next] selinux: access superblock_security_struct in LSM blob way - 1 - --- 2022-01-25 GONG, Ruiqi pcmoore Accepted
libselinux: Cached security context not accurate libselinux: Cached security context not accurate - - - --- 2022-01-21 Johannes Segitz Changes Requested
[RFC,v2,2/2] selinux: try to use preparsed sid before calling parse_sid() selinux: parse sids earlier to avoid doing memory allocations under spinlock - - - --- 2022-01-20 Scott Mayhew pcmoore Changes Requested
[RFC,v2,1/2] selinux: Fix selinux_sb_mnt_opts_compat() selinux: parse sids earlier to avoid doing memory allocations under spinlock - - - --- 2022-01-20 Scott Mayhew pcmoore Changes Requested
[libselinux] libselinux: make threadsafe for discover_class_cache [libselinux] libselinux: make threadsafe for discover_class_cache - - - --- 2022-01-20 Purushottam Choudhary New
[4/4,v2] libsepol/cil: Limit the amount of reporting for context rule conflicts libsepol/cil: Limit certain error and warning reports - - - --- 2022-01-19 James Carter Accepted
[3/4,v2] libsepol/cil: Limit the neverallow violations reported libsepol/cil: Limit certain error and warning reports - - - --- 2022-01-19 James Carter Accepted
[2/4,v2] libsepol/cil: Provide more control over reporting bounds failures libsepol/cil: Limit certain error and warning reports - - - --- 2022-01-19 James Carter Accepted
[1/4,v2] libsepol/cil: Add cil_get_log_level() function libsepol/cil: Limit certain error and warning reports - - - --- 2022-01-19 James Carter Accepted
libsepol: drop trailing newlines in log messages libsepol: drop trailing newlines in log messages 1 - - --- 2022-01-19 Christian Göttsche Accepted
libsepol: return failure on saturated class name length libsepol: return failure on saturated class name length 1 - - --- 2022-01-19 Christian Göttsche Accepted
[RFC] selinux: Fix selinux_sb_mnt_opts_compat() [RFC] selinux: Fix selinux_sb_mnt_opts_compat() - - - --- 2022-01-18 Scott Mayhew pcmoore Superseded
libsepol: reject invalid roles before inverting libsepol: reject invalid roles before inverting - - - --- 2022-01-17 Christian Göttsche Changes Requested
selinux: check the return value of audit_log_start() selinux: check the return value of audit_log_start() - - - --- 2022-01-15 Xiaoke Wang pcmoore Rejected
[2/2] libsepol/cil: Limit the amount of reporting for context rule conflicts [1/2] libsepol/cil: Limit the amount of reporting for neverallow violations - - - --- 2022-01-14 James Carter Superseded
[1/2] libsepol/cil: Limit the amount of reporting for neverallow violations [1/2] libsepol/cil: Limit the amount of reporting for neverallow violations - - - --- 2022-01-14 James Carter Superseded
libselinux: Strip spaces before values in config libselinux: Strip spaces before values in config - - - --- 2022-01-13 Vit Mojzis Superseded
libsepol/cil: Ensure that the class in a classcommon is a kernel class libsepol/cil: Ensure that the class in a classcommon is a kernel class - - - --- 2022-01-13 James Carter Accepted
[RFC,userspace,5/5] semodule: add command-line option to detect module changes Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek Superseded
[RFC,userspace,4/5] libsemanage: optionally rebuild policy when modules are changed externally Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek Superseded
[RFC,userspace,3/5] libsemanage: move compressed file handling into a separate object Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek Superseded
[RFC,userspace,2/5] semodule,libsemanage: move module hashing into libsemanage Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek Superseded
« 1 2 ... 21 22 2389 90 »