Show patches with: none      |   9291 patches
« 1 2 ... 3 4 592 93 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v2,02/10] auditsc: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,01/10] fs/exec: Drop task_lock() inside __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks Introduce user namespace capabilities - - - --- 2024-06-09 Jonathan Calmels pcmoore Handled Elsewhere
[v2,3/4] capabilities: Add sysctl to mask off userns caps Introduce user namespace capabilities - - - --- 2024-06-09 Jonathan Calmels pcmoore Handled Elsewhere
[v2,2/4] capabilities: Add securebit to restrict userns caps Introduce user namespace capabilities - - - --- 2024-06-09 Jonathan Calmels pcmoore Handled Elsewhere
[v2,1/4] capabilities: Add user namespace capabilities Introduce user namespace capabilities - 1 - --- 2024-06-09 Jonathan Calmels pcmoore Handled Elsewhere
tree-wide: fix misc typos tree-wide: fix misc typos 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
checkpolicy: reject duplicate nodecon statements checkpolicy: reject duplicate nodecon statements 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[2/2] libsepol: rework permission enabled check [1/2] libsepol: move unchanged data out of loop 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[1/2] libsepol: move unchanged data out of loop [1/2] libsepol: move unchanged data out of loop 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[2/2] libselinux: constify avc_open(3) parameter [1/2] libselinux: deprecate security_disable(3) 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[1/2] libselinux: deprecate security_disable(3) [1/2] libselinux: deprecate security_disable(3) - - - --- 2024-06-08 Christian Göttsche bachradsusi Superseded
libsepol: hashtab: save one comparison on hit libsepol: hashtab: save one comparison on hit 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
libsepol: validate attribute-type maps libsepol: validate attribute-type maps 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
libsepol: contify function pointer arrays libsepol: contify function pointer arrays 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
fixfiles: drop unnecessary \ line endings fixfiles: drop unnecessary \ line endings 1 - - --- 2024-06-06 Petr Lautrbach bachradsusi Accepted
[6/6] selftests/bpf: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm - - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[5/6] bpftool: Make task comm always be NUL-terminated kernel: Avoid memcpy of task comm - 1 - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[4/6] security: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm 1 - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[3/6] auditsc: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm 1 - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[2/6] tracing: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm - - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[1/6] fs/exec: Drop task_lock() inside __get_task_comm() kernel: Avoid memcpy of task comm - - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[v3,2/2,testsuite] tests/nfs_filesystem: comment out failing mount [v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-31 Stephen Smalley omos Accepted
[v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now [v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-31 Stephen Smalley omos Accepted
[v2,2/2] tests/nfs_filesystem: remove failing mount [v2,1/2] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-29 Stephen Smalley omos Superseded
[v2,1/2] tools/nfs.sh: comment out the fscontext= tests for now [v2,1/2] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-29 Stephen Smalley omos Superseded
[PR,#134] sesearch: CIL output [PR,#134] sesearch: CIL output - - - --- 2024-05-17 Topi Miettinen bachradsusi Changes Requested
tracing/treewide: Remove second parameter of __assign_str() tracing/treewide: Remove second parameter of __assign_str() 5 - 1 --- 2024-05-16 Steven Rostedt pcmoore Handled Elsewhere
[4/4] sandbox: Add support for Wayland [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[3/4] seunshare: Add [ -P pipewiresocket ] [ -W waylandsocket ] options [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[2/4] sandbox: do not run window manager if it's not a session [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[1/4] sandbox: do not fail without xmodmap [1/4] sandbox: do not fail without xmodmap 1 - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[GIT,PULL] selinux/selinux-pr-20240513 [GIT,PULL] selinux/selinux-pr-20240513 - - - --- 2024-05-13 Paul Moore pcmoore Accepted
[2/2] checkpolicy: support CIDR notation for nodecon statements [1/2] checkpolicy: perform contiguous check in host byte order - - - --- 2024-05-08 Christian Göttsche bachradsusi Accepted
[1/2] checkpolicy: perform contiguous check in host byte order [1/2] checkpolicy: perform contiguous check in host byte order 1 - - --- 2024-05-08 Christian Göttsche bachradsusi Accepted
[RFC] ima: Use sequence number to wait for policy updates [RFC] ima: Use sequence number to wait for policy updates - - - --- 2024-05-07 Roberto Sassu pcmoore New
[v3] ima: Avoid blocking in RCU read-side critical section [v3] ima: Avoid blocking in RCU read-side critical section 1 2 - --- 2024-05-07 Guozihua (Scott) pcmoore Handled Elsewhere
[2/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now [1/2,testsuite] tests/nfs_filesystem: remove failing mount - - - --- 2024-05-06 Stephen Smalley omos Superseded
[1/2,testsuite] tests/nfs_filesystem: remove failing mount [1/2,testsuite] tests/nfs_filesystem: remove failing mount - - - --- 2024-05-06 Stephen Smalley omos Superseded
[4/4] libsepol: include prefix for module policy versions [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[3/4] libsepol: validate type-attribute-map for old policies [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[2/4] libsepol: only exempt gaps checking for kernel policies [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[1/4] libsepol: reject self flag in type rules in old policies [1/4] libsepol: reject self flag in type rules in old policies 1 - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[v3] nfsd: set security label during create operations [v3] nfsd: set security label during create operations - 2 - --- 2024-05-03 Stephen Smalley pcmoore Handled Elsewhere
[RFC] lsm: fixup the inode xattr capability handling [RFC] lsm: fixup the inode xattr capability handling - - - --- 2024-05-03 Paul Moore pcmoore Handled Elsewhere
[v2] nfsd: set security label during create operations [v2] nfsd: set security label during create operations - 1 - --- 2024-05-02 Stephen Smalley pcmoore Superseded
[RFC] nfsd: set security label during create operations [RFC] nfsd: set security label during create operations - - - --- 2024-05-02 Stephen Smalley Handled Elsewhere
libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) 1 - - --- 2024-04-30 Vit Mojzis bachradsusi Accepted
[3/3] mcstrans: free constraint in error branch [1/3] libselinux: free empty scandir(3) result - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[2/3] libselinux: avoid pointer dereference before check [1/3] libselinux: free empty scandir(3) result - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[1/3] libselinux: free empty scandir(3) result [1/3] libselinux: free empty scandir(3) result 1 - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[5/5] libselinux: constify selinux_set_mapping(3) parameter [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[4/5] libselinux/man: add format attribute for set_matchpathcon_printf(3) [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[3/5] libselinux/man: use void in synopses [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[2/5] libselinux/man: sync const qualifiers [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[1/5] libselinux/man: correct file extension of man pages [1/5] libselinux/man: correct file extension of man pages 1 - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[v2] ima: Avoid blocking in RCU read-side critical section [v2] ima: Avoid blocking in RCU read-side critical section - - - --- 2024-04-28 Guozihua (Scott) pcmoore Superseded
[v3,2/2] fs/xattr: add *at family syscalls Untitled series #848337 - 1 - --- 2024-04-26 Christian Göttsche pcmoore Handled Elsewhere
ima: Avoid blocking in RCU read-side critical section ima: Avoid blocking in RCU read-side critical section - - - --- 2024-04-17 Guozihua (Scott) pcmoore Changes Requested
[v2] libsepol: validate class permissions [v2] libsepol: validate class permissions 1 - - --- 2024-04-15 Christian Göttsche bachradsusi Accepted
github: bump Python and Ruby versions github: bump Python and Ruby versions 1 - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[RFC,3/3] newrole: use ROWHAMMER resistant values [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,2/3] newrole: cleanse shadow data hold by libc [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,1/3] newrole: constant time password comparison [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[4/4] checkpolicy: drop global policyvers variable [1/4] libsepol: improve policy lookup failure message - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[3/4] checkpolicy: declare file local variable static [1/4] libsepol: improve policy lookup failure message - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[2/4] checkpolicy/tests: add test for splitting xperm rule [1/4] libsepol: improve policy lookup failure message - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[1/4] libsepol: improve policy lookup failure message [1/4] libsepol: improve policy lookup failure message 1 - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
libsepol: validate class permissions libsepol: validate class permissions - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[1/2] selinux: constify source policy in cond_policydb_dup() [1/2] selinux: constify source policy in cond_policydb_dup() - - - --- 2024-04-05 Christian Göttsche pcmoore Accepted
[2/2] selinux: add support for xperms in conditional policies [1/2] selinux: constify source policy in cond_policydb_dup() - - - --- 2024-04-05 Christian Göttsche pcmoore New
[v2] selinux: pre-allocate the status page [v2] selinux: pre-allocate the status page - - - --- 2024-04-05 Christian Göttsche pcmoore Accepted
selinux: avoid printk_ratelimit() selinux: avoid printk_ratelimit() - - - --- 2024-04-05 Christian Göttsche pcmoore Accepted
netlink: Remove the include of files doesn't exist netlink: Remove the include of files doesn't exist - - - --- 2024-04-05 I Hsin Cheng pcmoore Rejected
selinux: clarify return code in filename_trans_read_helper_compat() selinux: clarify return code in filename_trans_read_helper_compat() - - - --- 2024-04-04 Ondrej Mosnacek pcmoore Accepted
[GIT,PULL] selinux/selinux-pr-20240402 [GIT,PULL] selinux/selinux-pr-20240402 - - - --- 2024-04-03 Paul Moore pcmoore Accepted
libsepol: constify function pointer arrays libsepol: constify function pointer arrays 1 - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[6/6] checkpolicy: free complete role_allow_rule on error [1/6] checkpolicy: include <ctype.h> for isprint(3) - - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[5/6] checkpolicy: drop union stack_item_u [1/6] checkpolicy: include <ctype.h> for isprint(3) - - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[4/6] checkpolicy: drop never read member [1/6] checkpolicy: include <ctype.h> for isprint(3) - - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[3/6] libsepol: validate access vector permissions [1/6] checkpolicy: include <ctype.h> for isprint(3) - - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[2/6] checkpolicy/fuzz: override YY_FATAL_ERROR [1/6] checkpolicy: include <ctype.h> for isprint(3) - - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[1/6] checkpolicy: include <ctype.h> for isprint(3) [1/6] checkpolicy: include <ctype.h> for isprint(3) 1 - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
libsepol/cil: Check common perms when verifiying "all" libsepol/cil: Check common perms when verifiying "all" - - - --- 2024-04-01 James Carter bachradsusi Accepted
[2/2] checkpolicy: update error diagnostic [1/2] checkpolicy: free identifiers on invalid typebounds - - - --- 2024-03-30 Christian Göttsche bachradsusi Accepted
[1/2] checkpolicy: free identifiers on invalid typebounds [1/2] checkpolicy: free identifiers on invalid typebounds 1 - - --- 2024-03-30 Christian Göttsche bachradsusi Accepted
selinux: pre-allocate the status page selinux: pre-allocate the status page - - - --- 2024-03-28 Christian Göttsche pcmoore Changes Requested
selinux: avoid dereference of garbage after mount failure selinux: avoid dereference of garbage after mount failure - - - --- 2024-03-28 Christian Göttsche pcmoore Accepted
selinux: update numeric format specifiers for ebitmaps selinux: update numeric format specifiers for ebitmaps - - - --- 2024-03-27 Christian Göttsche pcmoore Accepted
selinux: fix pr_err() format specifier in ebitmap_read() selinux: fix pr_err() format specifier in ebitmap_read() - - - --- 2024-03-27 Paul Moore pcmoore Rejected
[v2] libselinux: avoid logs in get_ordered_context_list() without policy [v2] libselinux: avoid logs in get_ordered_context_list() without policy - - - --- 2024-03-22 Christian Göttsche bachradsusi Accepted
[2/2] checkpolicy: handle unprintable token [1/2] checkpolicy: use YYerror only when available - - - --- 2024-03-22 Christian Göttsche bachradsusi Accepted
[1/2] checkpolicy: use YYerror only when available [1/2] checkpolicy: use YYerror only when available 1 - - --- 2024-03-22 Christian Göttsche bachradsusi Accepted
[v2] libselinux: avoid logs in get_ordered_context_list() without policy [v2] libselinux: avoid logs in get_ordered_context_list() without policy 1 - - --- 2024-03-22 Christian Göttsche bachradsusi Accepted
[PR#420,v4] audit2allow: CIL output mode [PR#420,v4] audit2allow: CIL output mode 1 - - --- 2024-03-19 Topi Miettinen Accepted
[v2,1/2] selinux: dump statistics for more hash tables [v2,1/2] selinux: dump statistics for more hash tables - - - --- 2024-03-15 Christian Göttsche pcmoore Accepted
[v2,2/2] selinux: improve symtab string hashing [v2,1/2] selinux: dump statistics for more hash tables - - - --- 2024-03-15 Christian Göttsche pcmoore Accepted
[v3] selinux: optimize ebitmap_and() [v3] selinux: optimize ebitmap_and() - - - --- 2024-03-15 Christian Göttsche pcmoore Changes Requested
[RFC,2/2] selinux: wire up new execstack LSM hook Untitled series #835707 - - - --- 2024-03-15 Christian Göttsche pcmoore Handled Elsewhere
selinux: use u32 as bit type in ebitmap code selinux: use u32 as bit type in ebitmap code - - - --- 2024-03-15 Christian Göttsche pcmoore Accepted
« 1 2 ... 3 4 592 93 »