Show patches with: State = Action Required       |   174 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
selinux: cleanup selinux_lsm_getattr() selinux: cleanup selinux_lsm_getattr() - - - --- 2024-02-23 Paul Moore pcmoore New
sepolgen: adjust parse for refpolicy sepolgen: adjust parse for refpolicy - - - --- 2024-02-22 Christian Göttsche bachradsusi New
[v2] checkpolicy, libsepol: Fix potential double free of mls_level_t [v2] checkpolicy, libsepol: Fix potential double free of mls_level_t - - - --- 2024-02-21 James Carter bachradsusi New
[PR#420,v2] audit2allow: CIL output mode [PR#420,v2] audit2allow: CIL output mode - - - --- 2024-02-19 Topi Miettinen bachradsusi New
[v2] python/semanage: Allow modifying records on "add" [v2] python/semanage: Allow modifying records on "add" - - - --- 2024-02-14 Vit Mojzis bachradsusi New
python/semanage: Do not sort local fcontext definitions python/semanage: Do not sort local fcontext definitions - - - --- 2024-02-07 Vit Mojzis bachradsusi New
[RFC,v2,9/9] libselinux: support parallel selabel_lookup(3) libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi New
[RFC,v2,8/9] libselinux: add selabel_file(5) fuzzer libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi New
[RFC,v2,7/9] libselinux: remove unused hashtab code libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi New
[RFC,v2,6/9] libselinux: rework selabel_file(5) database libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi New
[RFC,v2,5/9] libselinux: sidtab updates libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi New
[RFC,v2,4/9] libselinux: add unique id to sidtab entries libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi New
[RFC,v2,3/9] libselinux: use more appropriate types in sidtab libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi New
[RFC,v2,2/9] libselinux/utils: introduce selabel_compare libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi New
[RFC,v2,1/9] policycoreutils: introduce unsetfiles libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi New
[3/3] mcstrans: ensure transitivity in compare functions [1/3] libsepol: ensure transitivity in compare functions - - - --- 2024-01-31 Christian Göttsche bachradsusi New
[2/3] libsepol/cil: ensure transitivity in compare functions [1/3] libsepol: ensure transitivity in compare functions - - - --- 2024-01-31 Christian Göttsche bachradsusi New
[1/3] libsepol: ensure transitivity in compare functions [1/3] libsepol: ensure transitivity in compare functions 1 - - --- 2024-01-31 Christian Göttsche bachradsusi New
[15/15] checkpolicy: misc policy_define.c cleanup [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[14/15] checkpolicy: avoid assigning garbage values [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[13/15] checkpolicy: free temporary bounds type [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[12/15] checkpolicy: provide more descriptive error messages [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[11/15] checkpolicy: fix use-after-free on invalid sens alias [01/15] checkpolicy: add libfuzz based fuzzer - - - --- 2024-01-22 Christian Göttsche bachradsusi New
[10/15] libsepol: add copy member to level_datum [01/15] checkpolicy: add libfuzz based fuzzer - - - --- 2024-01-22 Christian Göttsche bachradsusi New
[09/15] libsepol: use typedef [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[08/15] checkpolicy: bail out on invalid role [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[07/15] checkpolicy: call YYABORT on parse errors [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[06/15] checkpolicy: clean expression on error [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[05/15] checkpolicy: check allocation and free memory on error at type definition [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[04/15] checkpolicy: free ebitmap on error [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[03/15] checkpolicy: cleanup identifiers on error [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[02/15] checkpolicy: cleanup resources on parse error [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[01/15] checkpolicy: add libfuzz based fuzzer [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi New
[RFC] libselinux: disable capturing in fcontext matching [RFC] libselinux: disable capturing in fcontext matching - - - --- 2024-01-08 Christian Göttsche bachradsusi New
[v2] libsepol: Use a dynamic buffer in sepol_av_to_string() [v2] libsepol: Use a dynamic buffer in sepol_av_to_string() - - - --- 2023-12-12 James Carter bachradsusi New
[RFC] libsepol: handle long permission names in sepol_av_to_string() [RFC] libsepol: handle long permission names in sepol_av_to_string() - - - --- 2023-12-11 Christian Göttsche bachradsusi New
libsepol: validate common classes in scope indices libsepol: validate common classes in scope indices - - - --- 2023-12-08 Christian Göttsche bachradsusi New
[RFC] libsepol: validate permission identifier length [RFC] libsepol: validate permission identifier length - - - --- 2023-12-07 Christian Göttsche bachradsusi New
[v6] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions [v6] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions 1 1 - --- 2023-12-05 Juraj Marcin bachradsusi New
[v4] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions [v4] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions - 1 - --- 2023-11-21 Juraj Marcin bachradsusi New
[RFC] selinux: assorted hash table improvements [RFC] selinux: assorted hash table improvements - - - --- 2023-11-14 Paul Moore pcmoore New
[2/2] libsepol: rework saturation check [1/2] libsepol: use str_read() where appropriate - - - --- 2023-11-01 Christian Göttsche bachradsusi New
libsepol: ignore writing invalid polcaps in fuzzer libsepol: ignore writing invalid polcaps in fuzzer - - - --- 2023-11-01 Christian Göttsche bachradsusi New
[RFC,v2,27/27] libselinux: add selabel_file(5) fuzzer libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,26/27] libselinux: remove unused hashtab code libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,17/27] libselinux: remove SELABEL_OPT_SUBSET support from selabel_file(5) libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,13/27] libselinux/utils: introduce selabel_compare libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,10/27] libselinux: introduce selabel_nuke libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[8/9,v4] secilc/test: Add deny rule tests Add CIL Deny Rule - - - --- 2023-08-09 James Carter bachradsusi New
[7/7,v2] secilc/test: Add notself and other tests Add support for notself and other to CIL - - - --- 2023-08-09 James Carter bachradsusi New
[v3,2/7] selinux: use u32 as bit type in ebitmap code [v3,1/7] selinux: avoid implicit conversions in avtab code - - - --- 2023-08-07 Christian Göttsche pcmoore New
[v2] selinux: optimize ebitmap_and() [v2] selinux: optimize ebitmap_and() - - - --- 2023-08-03 Christian Göttsche pcmoore New
[v6] semanage, sepolicy: list also ports not attributed with port_type [v6] semanage, sepolicy: list also ports not attributed with port_type - - - --- 2023-07-28 Topi Miettinen bachradsusi New
[testsuite] ci: test also on CentOS Stream 9 [testsuite] ci: test also on CentOS Stream 9 - - - --- 2023-07-25 Ondrej Mosnacek omos New
libselinux/utils: introduce getpolicyload libselinux/utils: introduce getpolicyload - - - --- 2023-07-06 Christian Göttsche bachradsusi New
libselinux: Add CPPFLAGS to Makefile libselinux: Add CPPFLAGS to Makefile - - - --- 2023-06-06 ChungSheng Wu bachradsusi New
semanage: list all nodes even if not attributed with node_type semanage: list all nodes even if not attributed with node_type - - - --- 2023-06-04 Topi Miettinen bachradsusi New
[RFC,9/9] restorecond: drop last matchpathcon call [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,8/9] restorecond: check selinux_restorecon(3) for failure [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,7/9] secon: check selinux_raw_to_trans_context(3) for failure [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,5/9] libselinux: explicitly ignore return values [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,4/9] mcstrans: check getcon(3) and context_range_set(3) for failure [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,3/9] libselinux: declare avc_open(3) options parameter const [RFC,1/9] libselinux: annotate interfaces with compiler attributes - - - --- 2023-05-12 Christian Göttsche bachradsusi New
[RFC,v4,6/6] libsepol: update CIL generation for trivial not-self rules not-self neverallow support 1 - - --- 2022-11-25 Christian Göttsche bachradsusi New
[RFC,v4,2/6] libsepol/cil: Add notself and minusself support to CIL not-self neverallow support - - - --- 2022-11-25 Christian Göttsche bachradsusi New
[RFC,1/2] fs/xattr: add *at family syscalls [RFC,1/2] fs/xattr: add *at family syscalls - - - --- 2022-08-30 Christian Göttsche pcmoore New
[RFC,2/2] fs/xattr: wire up syscalls [RFC,1/2] fs/xattr: add *at family syscalls - - - --- 2022-08-30 Christian Göttsche pcmoore New
[1/3] secilc/docs: selinuxuser actually takes a string not identifier [1/3] secilc/docs: selinuxuser actually takes a string not identifier - - - --- 2022-08-28 bauen1 bachradsusi New
selinux: Variable type completion selinux: Variable type completion - - - --- 2022-08-16 Xin Gao pcmoore New
[v3,8/8] secilc: include segregate attributes in tests [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,7/8] secilc: run tests against development version of libsepol [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,6/8] libsepol/cil: add support for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,5/8] libsepol/tests: add test for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,4/8] checkpolicy: add front-end support for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,3/8] libsepol: add compile-time constraint for mutual exclusive attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,2/8] libsepol: add ebitmap iterator wrapper with startnode [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[RFC,4/4] checkpolicy: add front-end support for segregate attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,3/4] libsepol: add compile-time constraint for mutual exclusive attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,2/4] libsepol: add ebitmap iterator wrapper with startnode [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[1/4] libselinux: add man page redirections [1/4] libselinux: add man page redirections 1 - - --- 2022-05-20 Christian Göttsche New
Makefile: always include and link with DESTDIR Makefile: always include and link with DESTDIR - - - --- 2022-05-20 Christian Göttsche New
[28/32] selinux: Use mem_to_flex_dup() with xfrm and sidtab Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore New
selinux: use unsigned char for boolean values selinux: use unsigned char for boolean values - - - --- 2022-05-02 Christian Göttsche pcmoore New
[RFC,7/7] SELINUXNS: Fixing concurrency issues [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,6/7] SELINUXNS: Fixing superblock security structure memory leakage [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,5/7] SELINUXNS: Migrate all open files and all vma to new namespace [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,4/7] SELINUXNS: Namespacing for xattrs [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,3/7] SELINUXNS: Fix initilization of the superblock security under spinlock [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,2/7] selinux: support per-namespace superblock security structures [RFC,1/7] LSM: Infrastructure management of the superblock - - - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[RFC,1/7] LSM: Infrastructure management of the superblock [RFC,1/7] LSM: Infrastructure management of the superblock 1 2 - --- 2022-04-18 Alexander Kozhevnikov pcmoore New
[v2,6/6] Enable missing prototypes [v2,1/6] libsepol/cil: declare file local functions static - - - --- 2022-04-05 Christian Göttsche New
[RFC,1/1] selinuxns: Replace state pointer with namespace id [RFC,1/1] selinuxns: Replace state pointer with namespace id - - - --- 2022-02-16 Igor Baranov pcmoore New
libselinux: Prevent cached context giving wrong results libselinux: Prevent cached context giving wrong results - - - --- 2022-01-27 Johannes Segitz New
[libselinux] libselinux: make threadsafe for discover_class_cache [libselinux] libselinux: make threadsafe for discover_class_cache - - - --- 2022-01-20 Purushottam Choudhary New
[2/2,RFC] libsepol/cil: Add notself and minusself support to CIL libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[1/2,RFC] libsepol: Add not self support for neverallow rules libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[RFC,2/2] security, nfs: Provide a hook for fs_context security initialisation [RFC,1/2] security: Remove security_add_mnt_opt() as it's unused - - - --- 2021-12-08 David Howells pcmoore New
[XSERVER,2/2] selinux: log events with appropriate audit type [XSERVER,1/2] selinux: remap security classes on policyload - - - --- 2021-11-25 Christian Göttsche New
[XSERVER,1/2] selinux: remap security classes on policyload [XSERVER,1/2] selinux: remap security classes on policyload - - - --- 2021-11-25 Christian Göttsche New
[V2,testsuite] tests/inet_socket: Add socket transition tests [V2,testsuite] tests/inet_socket: Add socket transition tests - - - --- 2021-11-25 Richard Haines omos New
« 1 2 »