Show patches with: State = Action Required       |   138 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[GIT,PULL] SELinux fixes for v5.15 (#1) [GIT,PULL] SELinux fixes for v5.15 (#1) - - - --- 2021-09-17 Paul Moore New
libsepol/cil: Handle operations in a class mapping when verifying libsepol/cil: Handle operations in a class mapping when verifying - - - --- 2021-09-16 James Carter New
[v3,02/13] libsepol: free memory after policy validation Untitled series #547317 - - - --- 2021-09-15 Christian Göttsche New
[v2,11/13] checkpolicy: error out on parsing too big integers Untitled series #547293 - - - --- 2021-09-15 Christian Göttsche New
[v2,09/13] checkpolicy: resolve dismod memory leaks Untitled series #547293 - - - --- 2021-09-15 Christian Göttsche New
[v2,02/13] libsepol: free memory after policy validation Untitled series #547293 - - - --- 2021-09-15 Christian Göttsche New
[v2] libselinux/utils: drop requirement to combine compiling and linking [v2] libselinux/utils: drop requirement to combine compiling and linking - - - --- 2021-09-14 Christian Göttsche New
[13/13] checkpolicy: free extended permission memory checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[12/13] checkpolicy: print warning on source line overflow checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[11/13] checkpolicy: error out on parsing too big integers checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[10/13] checkpolicy: avoid implicit conversion checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[09/13] checkpolicy: resolve dismod memory leaks checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[08/13] checkpolicy: add missing function declarations checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[07/13] checkpolicy: mark file local functions in policy_define static checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[06/13] checkpolicy: mark read-only parameters in module compiler const checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[05/13] checkpolicy: misc checkpolicy tweaks checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[04/13] checkpolicy: misc checkmodule tweaks checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[03/13] checkpolicy: enclose macro argument in parentheses checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[02/13] libsepol: free memory after policy validation checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
[01/13] libsepol: avoid implicit conversions checkpolicy improvements - - - --- 2021-09-14 Christian Göttsche New
libsepol/cil: Do not use original type and typeattribute datums libsepol/cil: Do not use original type and typeattribute datums - - - --- 2021-09-13 James Carter New
cil_container_statements.md: clarify in-statement limitations cil_container_statements.md: clarify in-statement limitations - - - --- 2021-08-12 Dominick Grift New
[SYSTEMD,7/7] core: tweak job_type_to_access_method SELinux permissions Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,6/7] core: avoid bypasses in D-BUS SELinux filter Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,5/7] core: implement the sd-bus generic callback for SELinux Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,4/7] core: add support for MAC checks on unit install operations Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,3/7] selinux: mark _mac_selinux_generic_access_check with leading underscore Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,2/7] selinux: improve debug log format Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,1/7] selinux: add function name to audit data Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
libsepol regressions libsepol regressions - - - --- 2021-08-01 Dominick Grift New
[v28,01/25] LSM: Infrastructure management of the sock security [v28,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-07-22 Casey Schaufler New
[v2] libsepol/cil: move the fuzz target and build script to the selinux repository [v2] libsepol/cil: move the fuzz target and build script to the selinux repository 1 - - --- 2021-07-15 Evgeny Vereshchagin New
[2/2] README: add OSS-Fuzz/CIFuzz badges [1/2] ci: turn on CIFuzz - - - --- 2021-07-10 Evgeny Vereshchagin New
[1/2] ci: turn on CIFuzz [1/2] ci: turn on CIFuzz 1 - - --- 2021-07-10 Evgeny Vereshchagin New
[v2] checkpolicy: fix the leak memory when uses xperms [v2] checkpolicy: fix the leak memory when uses xperms - - 1 --- 2021-06-01 liwugang New
selinux: make use of variables when defining libdir and includedir selinux: make use of variables when defining libdir and includedir - - - --- 2020-07-16 W. Michael Petullo New
[v4,21/21] fuse: Allow user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,20/21] fuse: Restrict allow_other to the superblock's namespace or a descendant 2 - - --- 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - --- 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs 2 - - --- 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - --- 2016-04-26 Seth Forshee New
[v4,15/21] fs: Don't remove suid for CAP_FSETID in s_user_ns 1 - - --- 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - --- 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns 1 - - --- 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - --- 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 1 - --- 2016-04-26 Seth Forshee New
[v4,09/21] Smack: Handle labels consistently in untrusted mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - --- 2016-04-26 Seth Forshee New
[v4,07/21] selinux: Add support for unprivileged mounts from user namespaces 2 - - --- 2016-04-26 Seth Forshee New
[v4,06/21] fs: Treat foreign mounts as nosuid 2 - - --- 2016-04-26 Seth Forshee New
[v4,05/21] block_dev: Check permissions towards block device inode when mounting 1 - - --- 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - --- 2016-04-26 Seth Forshee New
[v4,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - --- 2016-04-26 Seth Forshee New
[v4,01/21] fs: fix a posible leak of allocated superblock 1 - - --- 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - --- 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - --- 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - --- 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - --- 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 - - --- 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - --- 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - --- 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - --- 2016-04-26 Seth Forshee New
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime selinux-testsuite: Reduce sctp test runtime - - - --- 2020-11-04 Richard Haines omos Under Review
[V2,1/1] selinux-testsuite: Add btrfs support for filesystem tests selinux-testsuite: Add btrfs support for filesystem tests - - - --- 2020-11-03 Richard Haines omos Queued
[RFC,V2,2/2] selinux-testsuite: Run SCTP tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
[RFC,V2,1/2] selinux-testsuite: Run tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
[RFC,5/5] selinux-testsuite: add testing for unprivileged sandboxing capability [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,4/5] selinux-testsuite: add tests/sandbox/rxdir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,3/5] selinux-testsuite: add tests/sandbox/rxdir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,2/5] selinux-testsuite: add tests/sandbox/nodir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[v4,8/8] Smack: Brutalist io_uring support Add LSM access controls and auditing to io_uring - - - --- 2021-09-15 Paul Moore pcmoore New
[v4,7/8] selinux: add support for the io_uring access controls Add LSM access controls and auditing to io_uring - - - --- 2021-09-15 Paul Moore pcmoore New
[v4,6/8] lsm,io_uring: add LSM hooks to io_uring Add LSM access controls and auditing to io_uring - - - --- 2021-09-15 Paul Moore pcmoore New
[v4,5/8] io_uring: convert io_uring to the secure anon inode interface Add LSM access controls and auditing to io_uring - - - --- 2021-09-15 Paul Moore pcmoore New
[v4,4/8] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure() Add LSM access controls and auditing to io_uring 1 - - --- 2021-09-15 Paul Moore pcmoore New
[v4,3/8] audit: add filtering for io_uring records Add LSM access controls and auditing to io_uring 1 - - --- 2021-09-15 Paul Moore pcmoore New
[v4,2/8] audit,io_uring,io-wq: add some basic audit support to io_uring Add LSM access controls and auditing to io_uring - - - --- 2021-09-15 Paul Moore pcmoore New
[v4,1/8] audit: prepare audit_context for use in calling contexts beyond syscalls Add LSM access controls and auditing to io_uring 1 - - --- 2021-09-15 Paul Moore pcmoore New
selinux: enable genfscon labeling for securityfs selinux: enable genfscon labeling for securityfs - - - --- 2021-09-15 Christian Göttsche pcmoore New
[2/1] man-pages: xattr.7: Update text for user extended xattr behavior change Relax restrictions on user.* xattr - - - --- 2021-09-02 Vivek Goyal pcmoore New
[v3,1/1] xattr: Allow user.* xattr on symlink and special files Relax restrictions on user.* xattr - - - --- 2021-09-02 Vivek Goyal pcmoore New
[net-next,v4,01/15] mctp: Add MCTP base Add Management Component Transport Protocol support - - - --- 2021-07-29 Jeremy Kerr pcmoore New
selinux: fix race condition when computing ocontext SIDs selinux: fix race condition when computing ocontext SIDs - - - --- 2021-07-28 Ondrej Mosnacek pcmoore New
[v28,25/25] AppArmor: Remove the exclusive flag [v28,01/25] LSM: Infrastructure management of the sock security 2 1 - --- 2021-07-22 Casey Schaufler pcmoore New
[v28,24/25] LSM: Add /proc attr entry for full LSM context [v28,01/25] LSM: Infrastructure management of the sock security - 1 - --- 2021-07-22 Casey Schaufler pcmoore New
[v28,23/25] Audit: Add record for multiple object LSM attributes [v28,01/25] LSM: Infrastructure management of the sock security - - - --- 2021-07-22 Casey Schaufler pcmoore New
[v28,22/25] Audit: Add record for multiple process LSM attributes [v28,01/25] LSM: Infrastructure management of the sock security - - - --- 2021-07-22 Casey Schaufler pcmoore New
[v28,21/25] audit: support non-syscall auxiliary records [v28,01/25] LSM: Infrastructure management of the sock security 1 - - --- 2021-07-22 Casey Schaufler pcmoore New
[v28,20/25] LSM: Verify LSM display sanity in binder [v28,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-07-22 Casey Schaufler pcmoore New
[v28,19/25] NET: Store LSM netlabel data in a lsmblob [v28,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-07-22 Casey Schaufler pcmoore New
[v28,18/25] LSM: security_secid_to_secctx in netlink netfilter [v28,01/25] LSM: Infrastructure management of the sock security 3 2 - --- 2021-07-22 Casey Schaufler pcmoore New
[v28,17/25] LSM: Use lsmcontext in security_inode_getsecctx [v28,01/25] LSM: Infrastructure management of the sock security 3 2 - --- 2021-07-22 Casey Schaufler pcmoore New
[v28,16/25] LSM: Use lsmcontext in security_secid_to_secctx [v28,01/25] LSM: Infrastructure management of the sock security 2 1 - --- 2021-07-22 Casey Schaufler pcmoore New
[v28,15/25] LSM: Ensure the correct LSM context releaser [v28,01/25] LSM: Infrastructure management of the sock security 3 2 - --- 2021-07-22 Casey Schaufler pcmoore New
« 1 2 »