Show patches with: State = Action Required       |   247 patches
« 1 2 3 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[testsuite] policy,tests: add tests for new permissions for loading files/data [testsuite] policy,tests: add tests for new permissions for loading files/data - - - --- 2025-02-05 kippndavis.work@gmx.com New
selinux: add permission checks for loading other kinds of kernel files selinux: add permission checks for loading other kinds of kernel files - - - --- 2025-02-05 kippndavis.work@gmx.com New
[RFC,v3] security,capability: pass object information to security_capable [RFC,v3] security,capability: pass object information to security_capable - - - --- 2019-08-15 Aaron Goidel pcmoore New
[RFC] audit, security: allow LSMs to selectively enable audit collection [RFC] audit, security: allow LSMs to selectively enable audit collection - - - --- 2019-08-15 Aaron Goidel pcmoore New
[RFC,7/7] SELINUXNS: Fixing concurrency issues [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,6/7] SELINUXNS: Fixing superblock security structure memory leakage [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,5/7] SELINUXNS: Migrate all open files and all vma to new namespace [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,4/7] SELINUXNS: Namespacing for xattrs [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,3/7] SELINUXNS: Fix initilization of the superblock security under spinlock [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,2/7] selinux: support per-namespace superblock security structures [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,1/7] LSM: Infrastructure management of the superblock [RFC,1/7] LSM: Infrastructure management of the superblock 1 2 - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c Untitled series #439529 - - - --- 2021-02-28 Alexey Dobriyan pcmoore New
[v2] Support static-only builds [v2] Support static-only builds - - - --- 2021-11-13 Alyssa Ross New
[1/3] secilc/docs: selinuxuser actually takes a string not identifier [1/3] secilc/docs: selinuxuser actually takes a string not identifier - - - --- 2022-08-28 bauen1 bachradsusi New
[RFC] selinux: Add netlink xperm support [RFC] selinux: Add netlink xperm support - - - --- 2021-11-10 Bram Bonné pcmoore New
[4/4] libselinux: limit fcontext regex path length [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[3/4] libselinux: initialize regex arch string in a thread safe way [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[2/4] libselinux: use local instead of global error buffer [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[1/4] libselinux: constify global strings [1/4] libselinux: constify global strings - - - --- 2025-01-31 Christian Göttsche bachradsusi New
[v2] libselinux: limit node depth while parsing compiled fcontexts [v2] libselinux: limit node depth while parsing compiled fcontexts - - - --- 2025-01-16 Christian Göttsche bachradsusi New
[v2] semanage: improve -e documentation and fix delete operation [v2] semanage: improve -e documentation and fix delete operation - - - --- 2025-01-14 Christian Göttsche bachradsusi New
[RFC,v2,00/17] testsuite: misc fixes and virtme-ng support - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,17/17] tests: drop headers from Makefile dependencies [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,16/17] tests: fail on compiler warnings and enable Wextra [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,15/17] tests: test code tweaks [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,14/17] defconfig: enable CONFIG_NETFILTER_NETLINK_LOG [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,13/17] defconfig: enable CONFIG_XFRM_USER [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,12/17] tests/filesystem: improve fsnotify check and preload loop module [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,11/17] tests/inet_socket: skip mptcp if not supported [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,10/17] tests/tun_tap: skip if not supported [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,09/17] tests/extended_socket_class: work with CONFIG_CRYPTO_USER_API disabled [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,08/17] tests/notify: work with CONFIG_FANOTIFY disabled [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,07/17] test: overlayfs related tweaks [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,06/17] Makefile: add PHONY targets [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,05/17] tests: enable strictness for perl scripts [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,04/17] tests: port scripts to sh and please shellcheck [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,03/17] tools: quote command to prevent word splitting [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,02/17] Makefile: use $(MAKE) to pass options [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
[RFC,v2,01/17] Fix typos [RFC,v2,01/17] Fix typos - - - --- 2025-01-07 Christian Göttsche omos New
libselinux: avoid quadratic complexity for many regex specs validation libselinux: avoid quadratic complexity for many regex specs validation - - - --- 2024-12-30 Christian Göttsche bachradsusi New
libselinux: update max node depth libselinux: update max node depth - - - --- 2024-12-30 Christian Göttsche bachradsusi New
[RFC,1/3] libsepol: update sort order for netifcon definitions [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC,3/3] secilc/test: add test for wildcard netifcon statement [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC,2/3] checkpolicy: add support for wildcard netifcon names [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC] selinux: support wildcard network interface names [RFC] selinux: support wildcard network interface names - - - --- 2024-12-17 Christian Göttsche pcmoore New
[RFC,v2,22/22] selinux: restrict policy strings [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,21/22] selinux: check for simple types [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,20/22] selinux: more strict bounds check [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,19/22] selinux: validate symbols [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,18/22] selinux: beef up isvalid checks [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,17/22] selinux: reorder policydb_index() [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,16/22] selinux: check type attr map overflows [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,15/22] selinux: introduce ebitmap_highest_set_bit() [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,14/22] selinux: pre-validate conditional expressions [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,13/22] selinux: validate constraints [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,12/22] selinux: check length fields in policies [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,11/22] selinux: more strict policy parsing [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,10/22] selinux: use u16 for security classes [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,3/3] newrole: use ROWHAMMER resistant values [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,2/3] newrole: cleanse shadow data hold by libc [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,1/3] newrole: constant time password comparison [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[2/2] selinux: add support for xperms in conditional policies [1/2] selinux: constify source policy in cond_policydb_dup() - - - --- 2024-04-05 Christian Göttsche pcmoore New
[RFC] libselinux: disable capturing in fcontext matching [RFC] libselinux: disable capturing in fcontext matching - - - --- 2024-01-08 Christian Göttsche bachradsusi New
[RFC] libsepol: handle long permission names in sepol_av_to_string() [RFC] libsepol: handle long permission names in sepol_av_to_string() - - - --- 2023-12-11 Christian Göttsche bachradsusi New
libsepol: validate common classes in scope indices libsepol: validate common classes in scope indices - - - --- 2023-12-08 Christian Göttsche bachradsusi New
[RFC] libsepol: validate permission identifier length [RFC] libsepol: validate permission identifier length - - - --- 2023-12-07 Christian Göttsche bachradsusi New
[2/2] libsepol: rework saturation check [1/2] libsepol: use str_read() where appropriate - - - --- 2023-11-01 Christian Göttsche bachradsusi New
libsepol: ignore writing invalid polcaps in fuzzer libsepol: ignore writing invalid polcaps in fuzzer - - - --- 2023-11-01 Christian Göttsche bachradsusi New
[RFC,v2,27/27] libselinux: add selabel_file(5) fuzzer libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,26/27] libselinux: remove unused hashtab code libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,17/27] libselinux: remove SELABEL_OPT_SUBSET support from selabel_file(5) libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,13/27] libselinux/utils: introduce selabel_compare libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,10/27] libselinux: introduce selabel_nuke libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[v3,2/7] selinux: use u32 as bit type in ebitmap code [v3,1/7] selinux: avoid implicit conversions in avtab code - - - --- 2023-08-07 Christian Göttsche pcmoore New
[v2] selinux: optimize ebitmap_and() [v2] selinux: optimize ebitmap_and() - - - --- 2023-08-03 Christian Göttsche pcmoore New
libselinux/utils: introduce getpolicyload libselinux/utils: introduce getpolicyload - - - --- 2023-07-06 Christian Göttsche bachradsusi New
[RFC,07/20] selinux: services: update type for umber of class permissions [RFC,01/20] selinux: check for multiplication overflow in put_entry() - - - --- 2023-07-06 Christian Göttsche pcmoore Under Review
[RFC,9/9] restorecond: drop last matchpathcon call [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,8/9] restorecond: check selinux_restorecon(3) for failure [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,7/9] secon: check selinux_raw_to_trans_context(3) for failure [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,5/9] libselinux: explicitly ignore return values [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,4/9] mcstrans: check getcon(3) and context_range_set(3) for failure [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,3/9] libselinux: declare avc_open(3) options parameter const [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,v4,6/6] libsepol: update CIL generation for trivial not-self rules not-self neverallow support 1 - - --- 2022-11-25 Christian Göttsche bachradsusi New
[RFC,v4,2/6] libsepol/cil: Add notself and minusself support to CIL not-self neverallow support - - - --- 2022-11-25 Christian Göttsche bachradsusi New
[RFC,1/2] fs/xattr: add *at family syscalls [RFC,1/2] fs/xattr: add *at family syscalls - - - --- 2022-08-30 Christian Göttsche pcmoore New
[RFC,2/2] fs/xattr: wire up syscalls [RFC,1/2] fs/xattr: add *at family syscalls - - - --- 2022-08-30 Christian Göttsche pcmoore New
[v3,8/8] secilc: include segregate attributes in tests [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,7/8] secilc: run tests against development version of libsepol [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,6/8] libsepol/cil: add support for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,5/8] libsepol/tests: add test for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,4/8] checkpolicy: add front-end support for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,3/8] libsepol: add compile-time constraint for mutual exclusive attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,2/8] libsepol: add ebitmap iterator wrapper with startnode [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[RFC,4/4] checkpolicy: add front-end support for segregate attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,3/4] libsepol: add compile-time constraint for mutual exclusive attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,2/4] libsepol: add ebitmap iterator wrapper with startnode [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[1/4] libselinux: add man page redirections [1/4] libselinux: add man page redirections 1 - - --- 2022-05-20 Christian Göttsche New
Makefile: always include and link with DESTDIR Makefile: always include and link with DESTDIR - - - --- 2022-05-20 Christian Göttsche New
selinux: use unsigned char for boolean values selinux: use unsigned char for boolean values - - - --- 2022-05-02 Christian Göttsche pcmoore New
« 1 2 3 »