Show patches with: State = Action Required       |   158 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,v3] security,capability: pass object information to security_capable [RFC,v3] security,capability: pass object information to security_capable - - - --- 2019-08-15 Aaron Goidel pcmoore New
[RFC] audit, security: allow LSMs to selectively enable audit collection [RFC] audit, security: allow LSMs to selectively enable audit collection - - - --- 2019-08-15 Aaron Goidel pcmoore New
[RFC,7/7] SELINUXNS: Fixing concurrency issues [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,6/7] SELINUXNS: Fixing superblock security structure memory leakage [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,5/7] SELINUXNS: Migrate all open files and all vma to new namespace [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,4/7] SELINUXNS: Namespacing for xattrs [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,3/7] SELINUXNS: Fix initilization of the superblock security under spinlock [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,2/7] selinux: support per-namespace superblock security structures [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,1/7] LSM: Infrastructure management of the superblock [RFC,1/7] LSM: Infrastructure management of the superblock 1 2 - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c Untitled series #439529 - - - --- 2021-02-28 Alexey Dobriyan pcmoore New
[v2] Support static-only builds [v2] Support static-only builds - - - --- 2021-11-13 Alyssa Ross New
[RFC] selinux: Add netlink xperm support [RFC] selinux: Add netlink xperm support - - - --- 2021-11-10 Bram Bonné pcmoore New
[RFC,4/4] checkpolicy: add front-end support for segregate attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,3/4] libsepol: add compile-time constraint for mutual exclusive attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,2/4] libsepol: add ebitmap iterator wrapper with startnode [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,1/4] libsepol: refactor ebitmap conversion in link.c [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,8/8] net: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,7/8] bpf: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,6/8] kernel: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,5/8] fs: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,4/8] drivers: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - 1 - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,3/8] block: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - 1 - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,2/8] capability: use new capable_any functionality [v3,1/8] capability: add any wrapper to test for multiple caps with exactly one audit message - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v3,RFC] sched: only perform capability check on privileged operation [v3,RFC] sched: only perform capability check on privileged operation - - - --- 2022-06-15 Christian Göttsche pcmoore New
[v2,4/4] watchkey: skip if CONFIG_WATCH_QUEUE not set [v2,1/4] support Dash as default shell - - - --- 2022-06-15 Christian Göttsche New
[v2,3/4] filesystem: allow getfilecon(3) to pass test [v2,1/4] support Dash as default shell - - - --- 2022-06-15 Christian Göttsche New
[v2,2/4] support perf_event_paranoid=3 [v2,1/4] support Dash as default shell - - - --- 2022-06-15 Christian Göttsche New
[v2,1/4] support Dash as default shell [v2,1/4] support Dash as default shell - - - --- 2022-06-15 Christian Göttsche New
[4/4] watchkey: skip if CONFIG_WATCH_QUEUE not set [1/4] support Dash as default shell - - - --- 2022-06-14 Christian Göttsche New
[3/4] filesystem: allow getfilecon(3) to pass test [1/4] support Dash as default shell - - - --- 2022-06-14 Christian Göttsche New
[2/4] support perf_event_paranoid=3 [1/4] support Dash as default shell - - - --- 2022-06-14 Christian Göttsche New
[1/4] support Dash as default shell [1/4] support Dash as default shell - - - --- 2022-06-14 Christian Göttsche New
libsepol: avoid potential NULL dereference on optional parameter libsepol: avoid potential NULL dereference on optional parameter - - - --- 2022-06-10 Christian Göttsche New
[v2] libsepol: fix validation of user declarations in non-base modules [v2] libsepol: fix validation of user declarations in non-base modules - - - --- 2022-06-09 Christian Göttsche New
[RFC,3/3] checkpolicy: rework initial SID handling [RFC,1/3] libsepol: export initial SIDs - - - --- 2022-06-07 Christian Göttsche New
[RFC,2/3] libsepol: validate initial SIDs [RFC,1/3] libsepol: export initial SIDs - - - --- 2022-06-07 Christian Göttsche New
[RFC,1/3] libsepol: export initial SIDs [RFC,1/3] libsepol: export initial SIDs - - - --- 2022-06-07 Christian Göttsche New
[v2,3/4] libselinux: name parameters in context.h Untitled series #648107 - - - --- 2022-06-07 Christian Göttsche New
[v4,4/4] libselinux: check for truncations Untitled series #648106 - - - --- 2022-06-07 Christian Göttsche New
[v2] libselinux: restorecon: avoid printing NULL pointer [v2] libselinux: restorecon: avoid printing NULL pointer - - - --- 2022-06-07 Christian Göttsche New
[RFC] f*xattr: allow O_PATH descriptors [RFC] f*xattr: allow O_PATH descriptors - 1 - --- 2022-06-07 Christian Göttsche pcmoore New
libsepol: fix validation of user declarations in modules libsepol: fix validation of user declarations in modules 1 - - --- 2022-06-07 Christian Göttsche New
semodule: avoid toctou on output module semodule: avoid toctou on output module 1 - - --- 2022-05-20 Christian Göttsche New
libselinux: declare return value of context_str(3) const libselinux: declare return value of context_str(3) const 1 - - --- 2022-05-20 Christian Göttsche New
[4/4] libselinux: declare parameter of security_load_policy(3) const [1/4] libselinux: add man page redirections - - - --- 2022-05-20 Christian Göttsche New
[3/4] libselinux: name parameters in context.h [1/4] libselinux: add man page redirections - - - --- 2022-05-20 Christian Göttsche New
[2/4] libselinux: enclose macro definition in parenthesis [1/4] libselinux: add man page redirections - - - --- 2022-05-20 Christian Göttsche New
[1/4] libselinux: add man page redirections [1/4] libselinux: add man page redirections 1 - - --- 2022-05-20 Christian Göttsche New
Makefile: always include and link with DESTDIR Makefile: always include and link with DESTDIR - - - --- 2022-05-20 Christian Göttsche New
python/audit2allow: close file stream on error python/audit2allow: close file stream on error 1 - - --- 2022-05-20 Christian Göttsche New
[v3,4/4] libselinux: check for truncations Untitled series #643600 - - - --- 2022-05-20 Christian Göttsche New
[RFC,v2,4/4] libselinux: check for truncations Untitled series #642403 - - - --- 2022-05-17 Christian Göttsche New
[2/2] libselinux: restorecon: avoid printing NULL pointer [1/2] libselinux: restorecon: add fallback for pre 3.6 Linux - - - --- 2022-05-17 Christian Göttsche New
[1/2] libselinux: restorecon: add fallback for pre 3.6 Linux [1/2] libselinux: restorecon: add fallback for pre 3.6 Linux - - - --- 2022-05-17 Christian Göttsche New
[RFC,3/4] libselinux: introduce strlcpy [RFC,1/4] libselinux: simplify policy path logic to avoid uninitialized read - - - --- 2022-05-10 Christian Göttsche New
[RFC,2/4] libselinux: add header guard for internal header [RFC,1/4] libselinux: simplify policy path logic to avoid uninitialized read - - - --- 2022-05-10 Christian Göttsche New
[RFC,1/4] libselinux: simplify policy path logic to avoid uninitialized read [RFC,1/4] libselinux: simplify policy path logic to avoid uninitialized read 1 - - --- 2022-05-10 Christian Göttsche New
[v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-05-02 Christian Göttsche pcmoore New
[v2,8/8] net: use new capable_or functionality [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - 1 - --- 2022-05-02 Christian Göttsche pcmoore New
[v2,7/8] kernel/bpf: use new capable_or functionality [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-05-02 Christian Göttsche pcmoore New
[v2,6/8] kernel: use new capable_or functionality [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-05-02 Christian Göttsche pcmoore New
[v2,5/8] fs: use new capable_or functionality [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-05-02 Christian Göttsche pcmoore New
[v2,4/8] drivers: use new capable_or functionality [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message 1 1 - --- 2022-05-02 Christian Göttsche pcmoore New
[v2,3/8] block: use new capable_or functionality [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-05-02 Christian Göttsche pcmoore New
[v2,2/8] capability: use new capable_or functionality [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-05-02 Christian Göttsche pcmoore New
[v2,RFC] sched: only perform capability check on privileged operation [v2,RFC] sched: only perform capability check on privileged operation - - - --- 2022-05-02 Christian Göttsche pcmoore New
selinux: use unsigned char for boolean values selinux: use unsigned char for boolean values - - - --- 2022-05-02 Christian Göttsche pcmoore New
libselinux/utils/getsebool: add options to display en-/disabled booleans libselinux/utils/getsebool: add options to display en-/disabled booleans - - - --- 2022-04-28 Christian Göttsche New
[v2,6/6] Enable missing prototypes [v2,1/6] libsepol/cil: declare file local functions static - - - --- 2022-04-05 Christian Göttsche New
[RFC,v3,5/5] libsepol: pass avtab to report function [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,4/5] libsepol: free ebitmap on end of function [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,3/5] checkpolicy: add not-self neverallow support [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,2/5] libsepol: add not-self neverallow support [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[XSERVER,2/2] selinux: log events with appropriate audit type [XSERVER,1/2] selinux: remap security classes on policyload - - - --- 2021-11-25 Christian Göttsche New
[XSERVER,1/2] selinux: remap security classes on policyload [XSERVER,1/2] selinux: remap security classes on policyload - - - --- 2021-11-25 Christian Göttsche New
[RFC,2/2] security, nfs: Provide a hook for fs_context security initialisation [RFC,1/2] security: Remove security_add_mnt_opt() as it's unused - - - --- 2021-12-08 David Howells pcmoore New
python: remove IOError in certain cases python: remove IOError in certain cases - - - --- 2022-06-16 Elijah Conners New
[RFC,1/1] selinuxns: Replace state pointer with namespace id [RFC,1/1] selinuxns: Replace state pointer with namespace id - - - --- 2022-02-16 Igor Baranov pcmoore New
[2/2,RFC] libsepol/cil: Add notself and minusself support to CIL libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[1/2,RFC] libsepol: Add not self support for neverallow rules libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[2/2] dbus: Add filetrans for /tmp/dbus-* session socket [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
[1/2] selinux: Add map perms [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
libselinux: Prevent cached context giving wrong results libselinux: Prevent cached context giving wrong results - - - --- 2022-01-27 Johannes Segitz New
[28/32] selinux: Use mem_to_flex_dup() with xfrm and sidtab Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore New
[RESEND,v18,4/4] overlayfs: inode_owner_or_capable called during execv Untitled series #368853 - - - --- 2020-10-22 Mark Salyzyn pcmoore New
[RESEND,v18,3/4] overlayfs: override_creds=off option bypass creator_cred overlayfs override_creds=off & nested get xattr fix - - - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method overlayfs override_creds=off & nested get xattr fix - - - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,1/4] Add flags option to get xattr method paired to __vfs_getxattr overlayfs override_creds=off & nested get xattr fix 5 1 - --- 2020-10-21 Mark Salyzyn pcmoore New
[1/1] libselinux: do not return the cached prev_current value when using getpidcon() [1/1] libselinux: do not return the cached prev_current value when using getpidcon() 1 - - --- 2022-05-29 Nicolas Iooss New
[userspace,2/2] semodule: rename --rebuild-if-modules-changed to --refresh Refine semantics of libsemanage's check_ext_changes - - - --- 2022-06-08 Ondrej Mosnacek New
[userspace,1/2] libsemanage: always write kernel policy when check_ext_changes is specified Refine semantics of libsemanage's check_ext_changes - - - --- 2022-06-08 Ondrej Mosnacek New
[RFC] userfaultfd: open userfaultfds with O_RDONLY [RFC] userfaultfd: open userfaultfds with O_RDONLY - - - --- 2021-06-24 Ondrej Mosnacek pcmoore New
[v2,2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount vfs/security/NFS/btrfs: clean up and fix LSM option handling - - - --- 2021-05-17 Ondrej Mosnacek pcmoore New
[v2,1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag vfs/security/NFS/btrfs: clean up and fix LSM option handling - - 1 --- 2021-05-17 Ondrej Mosnacek pcmoore New
[RFC,9/9] sk_buff: access secmark via getter/setter [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,8/9] sk_buff: move vlan field after tail. [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,7/9] sk_buff: move inner header fields after tail [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,6/9] veth: use skb_prepare_for_gro() [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
« 1 2 »