SELinux Development list

Show patches with: State = Action Required | 179 patches

« 1 2 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[v2,13/13] LSM: Remove lsmblob scaffolding	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,12/13] Netlabel: Use lsmblob for audit data	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,11/13] Audit: Change context data from secid to lsmblob	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,10/13] LSM: Create new security_cred_getlsmblob LSM hook	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,09/13] Audit: use an lsmblob in audit_names	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,08/13] LSM: Use lsmblob in security_inode_getsecid	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,07/13] LSM: Use lsmblob in security_current_getsecid	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,06/13] Audit: Update shutdown LSM data	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,05/13] LSM: Use lsmblob in security_ipc_getsecid	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,04/13] Audit: maintain an lsmblob in audit_context	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,03/13] LSM: Add lsmblob_to_secctx hook	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,02/13] LSM: Use lsmblob in security_audit_rule_match	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[v2,01/13] LSM: Add the lsmblob data structure.	[v2,01/13] LSM: Add the lsmblob data structure.	- - -	---	2024-08-30	Casey Schaufler		New
[testsuite,v2] tests/extended_socket_class: test SMC sockets	[testsuite,v2] tests/extended_socket_class: test SMC sockets	- - -	---	2024-08-29	Stephen Smalley		New
[testsuite] policy,tests: add tests for netlink xperms	[testsuite] policy,tests: add tests for netlink xperms	- - 1	---	2024-08-28	Stephen Smalley		New
[v3] checkpolicy: Fix MLS users in optional blocks	[v3] checkpolicy: Fix MLS users in optional blocks	- - -	---	2024-08-28	James Carter	bachradsusi	New
[v2] sepolgen-ifgen: allow M4 escaped filenames	[v2] sepolgen-ifgen: allow M4 escaped filenames	- - -	---	2024-08-27	Petr Lautrbach	bachradsusi	New
libselinux: rename hashtab functions	libselinux: rename hashtab functions	1 - -	---	2024-08-26	Thiébaud Weksteen	bachradsusi	New
[3/3] libsepol: Add policy capability netlink_xperm	[1/3] libsepol: Rename ioctl xperms structures and functions	1 - -	---	2024-08-22	Thiébaud Weksteen	bachradsusi	New
[2/3] libsepol: Support nlmsg extended permissions	[1/3] libsepol: Rename ioctl xperms structures and functions	1 - -	---	2024-08-22	Thiébaud Weksteen	bachradsusi	New
[1/3] libsepol: Rename ioctl xperms structures and functions	[1/3] libsepol: Rename ioctl xperms structures and functions	1 - -	---	2024-08-22	Thiébaud Weksteen	bachradsusi	New
selinux: Add netlink xperm support	selinux: Add netlink xperm support	1 - 1	---	2024-08-20	Thiébaud Weksteen	pcmoore	New
sepolgen-ifgen: allow M4 escaped filenames	sepolgen-ifgen: allow M4 escaped filenames	- - -	---	2024-08-19	Petr Lautrbach	bachradsusi	New
checkpolicy: Fix MLS users in optional blocks	checkpolicy: Fix MLS users in optional blocks	- - -	---	2024-08-14	James Carter	bachradsusi	New
checkpolicy: Fix MLS users in optional blocks	checkpolicy: Fix MLS users in optional blocks	- - -	---	2024-08-12	James Carter	bachradsusi	New
libsepol/cil: Allow dotted names in aliasactual rules	libsepol/cil: Allow dotted names in aliasactual rules	- - -	---	2024-08-12	James Carter	bachradsusi	New
[v2,2/2] security: remove unused cred_alloc_blank/cred_transfer helpers	get rid of cred_transfer	- - -	---	2024-08-05	Jann Horn	pcmoore	New
[v2,1/2] KEYS: use synchronous task work for changing parent credentials	get rid of cred_transfer	- - -	---	2024-08-05	Jann Horn	pcmoore	New
[testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup	[testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup	- - -	---	2024-07-02	Gong Ruiqi	omos	New
[PR,#134] sesearch: CIL output	[PR,#134] sesearch: CIL output	- - -	---	2024-05-17	Topi Miettinen	bachradsusi	New
[RFC] ima: Use sequence number to wait for policy updates	[RFC] ima: Use sequence number to wait for policy updates	- - -	---	2024-05-07	Roberto Sassu	pcmoore	New
[RFC,3/3] newrole: use ROWHAMMER resistant values	[RFC,1/3] newrole: constant time password comparison	- - -	---	2024-04-08	Christian Göttsche	bachradsusi	New
[RFC,2/3] newrole: cleanse shadow data hold by libc	[RFC,1/3] newrole: constant time password comparison	- - -	---	2024-04-08	Christian Göttsche	bachradsusi	New
[RFC,1/3] newrole: constant time password comparison	[RFC,1/3] newrole: constant time password comparison	- - -	---	2024-04-08	Christian Göttsche	bachradsusi	New
[2/2] selinux: add support for xperms in conditional policies	[1/2] selinux: constify source policy in cond_policydb_dup()	- - -	---	2024-04-05	Christian Göttsche	pcmoore	New
[RFC] libselinux: disable capturing in fcontext matching	[RFC] libselinux: disable capturing in fcontext matching	- - -	---	2024-01-08	Christian Göttsche	bachradsusi	New
[RFC] libsepol: handle long permission names in sepol_av_to_string()	[RFC] libsepol: handle long permission names in sepol_av_to_string()	- - -	---	2023-12-11	Christian Göttsche	bachradsusi	New
libsepol: validate common classes in scope indices	libsepol: validate common classes in scope indices	- - -	---	2023-12-08	Christian Göttsche	bachradsusi	New
[RFC] libsepol: validate permission identifier length	[RFC] libsepol: validate permission identifier length	- - -	---	2023-12-07	Christian Göttsche	bachradsusi	New
[v6] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions	[v6] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions	1 1 -	---	2023-12-05	Juraj Marcin	bachradsusi	New
[v4] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions	[v4] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions	- 1 -	---	2023-11-21	Juraj Marcin	bachradsusi	New
[RFC] selinux: assorted hash table improvements	[RFC] selinux: assorted hash table improvements	- - -	---	2023-11-14	Paul Moore	pcmoore	New
[2/2] libsepol: rework saturation check	[1/2] libsepol: use str_read() where appropriate	- - -	---	2023-11-01	Christian Göttsche	bachradsusi	New
libsepol: ignore writing invalid polcaps in fuzzer	libsepol: ignore writing invalid polcaps in fuzzer	- - -	---	2023-11-01	Christian Göttsche	bachradsusi	New
[RFC,v2,27/27] libselinux: add selabel_file(5) fuzzer	libselinux: rework selabel_file(5) database	- - -	---	2023-08-14	Christian Göttsche	bachradsusi	New
[RFC,v2,26/27] libselinux: remove unused hashtab code	libselinux: rework selabel_file(5) database	- - -	---	2023-08-14	Christian Göttsche	bachradsusi	New
[RFC,v2,17/27] libselinux: remove SELABEL_OPT_SUBSET support from selabel_file(5)	libselinux: rework selabel_file(5) database	- - -	---	2023-08-14	Christian Göttsche	bachradsusi	New
[RFC,v2,13/27] libselinux/utils: introduce selabel_compare	libselinux: rework selabel_file(5) database	- - -	---	2023-08-14	Christian Göttsche	bachradsusi	New
[RFC,v2,10/27] libselinux: introduce selabel_nuke	libselinux: rework selabel_file(5) database	- - -	---	2023-08-14	Christian Göttsche	bachradsusi	New
[8/9,v4] secilc/test: Add deny rule tests	Add CIL Deny Rule	- - -	---	2023-08-09	James Carter	bachradsusi	New
[7/7,v2] secilc/test: Add notself and other tests	Add support for notself and other to CIL	- - -	---	2023-08-09	James Carter	bachradsusi	New
[v3,2/7] selinux: use u32 as bit type in ebitmap code	[v3,1/7] selinux: avoid implicit conversions in avtab code	- - -	---	2023-08-07	Christian Göttsche	pcmoore	New
[v2] selinux: optimize ebitmap_and()	[v2] selinux: optimize ebitmap_and()	- - -	---	2023-08-03	Christian Göttsche	pcmoore	New
[v6] semanage, sepolicy: list also ports not attributed with port_type	[v6] semanage, sepolicy: list also ports not attributed with port_type	- - -	---	2023-07-28	Topi Miettinen	bachradsusi	New
[testsuite] ci: test also on CentOS Stream 9	[testsuite] ci: test also on CentOS Stream 9	- - -	---	2023-07-25	Ondrej Mosnacek	omos	New
libselinux/utils: introduce getpolicyload	libselinux/utils: introduce getpolicyload	- - -	---	2023-07-06	Christian Göttsche	bachradsusi	New
libselinux: Add CPPFLAGS to Makefile	libselinux: Add CPPFLAGS to Makefile	- - -	---	2023-06-06	ChungSheng Wu	bachradsusi	New
semanage: list all nodes even if not attributed with node_type	semanage: list all nodes even if not attributed with node_type	- - -	---	2023-06-04	Topi Miettinen	bachradsusi	New
[RFC,9/9] restorecond: drop last matchpathcon call	[RFC,1/9] libselinux: annotate interfaces with compiler attributes	- - -	---	2023-05-12	Christian Göttsche	bachradsusi	New
[RFC,8/9] restorecond: check selinux_restorecon(3) for failure	[RFC,1/9] libselinux: annotate interfaces with compiler attributes	- - -	---	2023-05-12	Christian Göttsche	bachradsusi	New
[RFC,7/9] secon: check selinux_raw_to_trans_context(3) for failure	[RFC,1/9] libselinux: annotate interfaces with compiler attributes	- - -	---	2023-05-12	Christian Göttsche	bachradsusi	New
[RFC,5/9] libselinux: explicitly ignore return values	[RFC,1/9] libselinux: annotate interfaces with compiler attributes	- - -	---	2023-05-12	Christian Göttsche	bachradsusi	New
[RFC,4/9] mcstrans: check getcon(3) and context_range_set(3) for failure	[RFC,1/9] libselinux: annotate interfaces with compiler attributes	- - -	---	2023-05-12	Christian Göttsche	bachradsusi	New
[RFC,3/9] libselinux: declare avc_open(3) options parameter const	[RFC,1/9] libselinux: annotate interfaces with compiler attributes	- - -	---	2023-05-12	Christian Göttsche	bachradsusi	New
[RFC,v4,6/6] libsepol: update CIL generation for trivial not-self rules	not-self neverallow support	1 - -	---	2022-11-25	Christian Göttsche	bachradsusi	New
[RFC,v4,2/6] libsepol/cil: Add notself and minusself support to CIL	not-self neverallow support	- - -	---	2022-11-25	Christian Göttsche	bachradsusi	New
[RFC,1/2] fs/xattr: add *at family syscalls	[RFC,1/2] fs/xattr: add *at family syscalls	- - -	---	2022-08-30	Christian Göttsche	pcmoore	New
[RFC,2/2] fs/xattr: wire up syscalls	[RFC,1/2] fs/xattr: add *at family syscalls	- - -	---	2022-08-30	Christian Göttsche	pcmoore	New
[1/3] secilc/docs: selinuxuser actually takes a string not identifier	[1/3] secilc/docs: selinuxuser actually takes a string not identifier	- - -	---	2022-08-28	bauen1	bachradsusi	New
selinux: Variable type completion	selinux: Variable type completion	- - -	---	2022-08-16	Xin Gao	pcmoore	New
[v3,8/8] secilc: include segregate attributes in tests	[v3,1/8] libsepol: refactor ebitmap conversion in link.c	- - -	---	2022-07-21	Christian Göttsche		New
[v3,7/8] secilc: run tests against development version of libsepol	[v3,1/8] libsepol: refactor ebitmap conversion in link.c	- - -	---	2022-07-21	Christian Göttsche		New
[v3,6/8] libsepol/cil: add support for segregate attributes	[v3,1/8] libsepol: refactor ebitmap conversion in link.c	- - -	---	2022-07-21	Christian Göttsche		New
[v3,5/8] libsepol/tests: add test for segregate attributes	[v3,1/8] libsepol: refactor ebitmap conversion in link.c	- - -	---	2022-07-21	Christian Göttsche		New
[v3,4/8] checkpolicy: add front-end support for segregate attributes	[v3,1/8] libsepol: refactor ebitmap conversion in link.c	- - -	---	2022-07-21	Christian Göttsche		New
[v3,3/8] libsepol: add compile-time constraint for mutual exclusive attributes	[v3,1/8] libsepol: refactor ebitmap conversion in link.c	- - -	---	2022-07-21	Christian Göttsche		New
[v3,2/8] libsepol: add ebitmap iterator wrapper with startnode	[v3,1/8] libsepol: refactor ebitmap conversion in link.c	- - -	---	2022-07-21	Christian Göttsche		New
[RFC,4/4] checkpolicy: add front-end support for segregate attributes	[RFC,1/4] libsepol: refactor ebitmap conversion in link.c	- - -	---	2022-06-16	Christian Göttsche		New
[RFC,3/4] libsepol: add compile-time constraint for mutual exclusive attributes	[RFC,1/4] libsepol: refactor ebitmap conversion in link.c	- - -	---	2022-06-16	Christian Göttsche		New
[RFC,2/4] libsepol: add ebitmap iterator wrapper with startnode	[RFC,1/4] libsepol: refactor ebitmap conversion in link.c	- - -	---	2022-06-16	Christian Göttsche		New
[1/4] libselinux: add man page redirections	[1/4] libselinux: add man page redirections	1 - -	---	2022-05-20	Christian Göttsche		New
Makefile: always include and link with DESTDIR	Makefile: always include and link with DESTDIR	- - -	---	2022-05-20	Christian Göttsche		New
[28/32] selinux: Use mem_to_flex_dup() with xfrm and sidtab	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	New
selinux: use unsigned char for boolean values	selinux: use unsigned char for boolean values	- - -	---	2022-05-02	Christian Göttsche	pcmoore	New
[RFC,7/7] SELINUXNS: Fixing concurrency issues	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,6/7] SELINUXNS: Fixing superblock security structure memory leakage	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,5/7] SELINUXNS: Migrate all open files and all vma to new namespace	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,4/7] SELINUXNS: Namespacing for xattrs	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,3/7] SELINUXNS: Fix initilization of the superblock security under spinlock	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,2/7] selinux: support per-namespace superblock security structures	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,1/7] LSM: Infrastructure management of the superblock	[RFC,1/7] LSM: Infrastructure management of the superblock	1 2 -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[v2,6/6] Enable missing prototypes	[v2,1/6] libsepol/cil: declare file local functions static	- - -	---	2022-04-05	Christian Göttsche		New
[RFC,1/1] selinuxns: Replace state pointer with namespace id	[RFC,1/1] selinuxns: Replace state pointer with namespace id	- - -	---	2022-02-16	Igor Baranov	pcmoore	New
libselinux: Prevent cached context giving wrong results	libselinux: Prevent cached context giving wrong results	- - -	---	2022-01-27	Johannes Segitz		New
[libselinux] libselinux: make threadsafe for discover_class_cache	[libselinux] libselinux: make threadsafe for discover_class_cache	- - -	---	2022-01-20	Purushottam Choudhary		New
[2/2,RFC] libsepol/cil: Add notself and minusself support to CIL	libsepol: Adding support for not-self rules	- - -	---	2022-01-11	James Carter		New
[1/2,RFC] libsepol: Add not self support for neverallow rules	libsepol: Adding support for not-self rules	- - -	---	2022-01-11	James Carter		New
[RFC,2/2] security, nfs: Provide a hook for fs_context security initialisation	[RFC,1/2] security: Remove security_add_mnt_opt() as it's unused	- - -	---	2021-12-08	David Howells	pcmoore	New
[XSERVER,2/2] selinux: log events with appropriate audit type	[XSERVER,1/2] selinux: remap security classes on policyload	- - -	---	2021-11-25	Christian Göttsche		New
[XSERVER,1/2] selinux: remap security classes on policyload	[XSERVER,1/2] selinux: remap security classes on policyload	- - -	---	2021-11-25	Christian Göttsche		New

« 1 2 »