SELinux Development list

Show patches with: State = Action Required | 83 patches

Patch	Series	A/R/T	S/W/F	Date	Submitter	State
[RFC,v3] security,capability: pass object information to security_capable	[RFC,v3] security,capability: pass object information to security_capable	- - -	0 0 0	2019-08-15	Aaron Goidel	New
[RFC] audit, security: allow LSMs to selectively enable audit collection	[RFC] audit, security: allow LSMs to selectively enable audit collection	- - -	0 0 0	2019-08-15	Aaron Goidel	New
[v4,9/9] drivers/oprofile: open access for CAP_SYS_PERFMON privileged process	Introduce CAP_SYS_PERFMON to secure system performance monitoring and observability	- - -	0 0 0	2019-12-18	Alexey Budankov	New
[v4,8/9] drivers/perf: open access for CAP_SYS_PERFMON privileged process	Introduce CAP_SYS_PERFMON to secure system performance monitoring and observability	- - -	0 0 0	2019-12-18	Alexey Budankov	New
[v4,7/9] parisc/perf: open access for CAP_SYS_PERFMON privileged process	Introduce CAP_SYS_PERFMON to secure system performance monitoring and observability	- - -	0 0 0	2019-12-18	Alexey Budankov	New
[v4,6/9] powerpc/perf: open access for CAP_SYS_PERFMON privileged process	Introduce CAP_SYS_PERFMON to secure system performance monitoring and observability	- - -	0 0 0	2019-12-18	Alexey Budankov	New
[v4,5/9] trace/bpf_trace: open access for CAP_SYS_PERFMON privileged process	Introduce CAP_SYS_PERFMON to secure system performance monitoring and observability	- - -	0 0 0	2019-12-18	Alexey Budankov	New
[v4,4/9] drm/i915/perf: open access for CAP_SYS_PERFMON privileged process	Introduce CAP_SYS_PERFMON to secure system performance monitoring and observability	1 - -	0 0 0	2019-12-18	Alexey Budankov	New
[v4,3/9] perf tool: extend Perf tool with CAP_SYS_PERFMON capability support	Introduce CAP_SYS_PERFMON to secure system performance monitoring and observability	- - -	0 0 0	2019-12-18	Alexey Budankov	New
[v4,2/9] perf/core: open access for CAP_SYS_PERFMON privileged process	Introduce CAP_SYS_PERFMON to secure system performance monitoring and observability	- - -	0 0 0	2019-12-18	Alexey Budankov	New
[v4,1/9] capabilities: introduce CAP_SYS_PERFMON to kernel and user space	Introduce CAP_SYS_PERFMON to secure system performance monitoring and observability	1 - -	0 0 0	2019-12-18	Alexey Budankov	New
[v13,26/25] Audit: Multiple LSM support in audit rules	LSM: Module stacking for AppArmor	- - -	0 0 0	2020-01-03	Casey Schaufler	New
[v13,25/25] AppArmor: Remove the exclusive flag	LSM: Module stacking for AppArmor	- 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[24/25] LSM: Add /proc attr entry for full LSM context	LSM: Module stacking for AppArmor	- - -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,23/25] NET: Add SO_PEERCONTEXT for multiple LSMs	LSM: Module stacking for AppArmor	- - -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,22/25] Audit: Include object data for all security modules	LSM: Module stacking for AppArmor	1 - -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,21/25] Audit: Add subj_LSM fields when necessary	LSM: Module stacking for AppArmor	1 - -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,20/25] LSM: Verify LSM display sanity in binder	LSM: Module stacking for AppArmor	1 - -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,19/25] NET: Store LSM netlabel data in a lsmblob	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,18/25] LSM: security_secid_to_secctx in netlink netfilter	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,17/25] LSM: Use lsmcontext in security_inode_getsecctx	LSM: Module stacking for AppArmor	1 - -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,16/25] LSM: Use lsmcontext in security_dentry_init_security	LSM: Module stacking for AppArmor	- - -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,15/25] LSM: Use lsmcontext in security_secid_to_secctx	LSM: Module stacking for AppArmor	1 - -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,14/25] LSM: Ensure the correct LSM context releaser	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,13/25] LSM: Specify which LSM to display	LSM: Module stacking for AppArmor	1 - -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,12/25] IMA: Change internal interfaces to use lsmblobs	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,11/25] LSM: Use lsmblob in security_cred_getsecid	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,10/25] LSM: Use lsmblob in security_inode_getsecid	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,09/25] LSM: Use lsmblob in security_task_getsecid	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,08/25] LSM: Use lsmblob in security_ipc_getsecid	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,07/25] LSM: Use lsmblob in security_secid_to_secctx	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,06/25] Use lsmblob in security_secctx_to_secid	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,05/25] net: Prepare UDS for security module stacking	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,04/25] LSM: Use lsmblob in security_kernel_act_as	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,03/25] LSM: Use lsmblob in security_audit_rule_match	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,02/25] LSM: Create and manage the lsmblob data structure.	LSM: Module stacking for AppArmor	1 1 -	0 0 0	2019-12-24	Casey Schaufler	New
[v13,01/25] LSM: Infrastructure management of the sock security	LSM: Module stacking for AppArmor	1 2 -	0 0 0	2019-12-24	Casey Schaufler	New
[v2] mcstrans: start early and stop late	[v2] mcstrans: start early and stop late	- - -	0 0 0	2019-12-11	Dominick Grift	New
[v3] selinux: map RTM_GETLINK to a privileged permission	[v3] selinux: map RTM_GETLINK to a privileged permission	- - -	0 0 0	2020-01-17	Jeffrey Vander Stoep	New
[RFC] selinux: policydb - convert filename trans hash to rhashtable	[RFC] selinux: policydb - convert filename trans hash to rhashtable	- - -	0 0 0	2020-01-16	Lucas Stach	New
selinux: move status variables out of selinux_ss	selinux: move status variables out of selinux_ss	- - -	0 0 0	2020-01-17	Ondrej Mosnacek	New
[v2,5/5] selinux: generalize evaluate_cond_node()	selinux: Assorted simplifications and cleanups	- - -	0 0 0	2020-01-17	Ondrej Mosnacek	New
[v2,4/5] selinux: convert cond_expr to array	selinux: Assorted simplifications and cleanups	- 1 -	0 0 0	2020-01-17	Ondrej Mosnacek	New
[v2,3/5] selinux: convert cond_av_list to array	selinux: Assorted simplifications and cleanups	- 1 -	0 0 0	2020-01-17	Ondrej Mosnacek	New
[v2,2/5] selinux: convert cond_list to array	selinux: Assorted simplifications and cleanups	- - -	0 0 0	2020-01-17	Ondrej Mosnacek	New
[v2,1/5] selinux: simplify evaluate_cond_node()	selinux: Assorted simplifications and cleanups	- - -	0 0 0	2020-01-17	Ondrej Mosnacek	New
[V6,1/1] selinux-testsuite: Add filesystem tests	selinux-testsuite: Add filesystem tests	- - -	0 0 0	2020-01-16	Richard Haines	New
[v4,21/21] fuse: Allow user namespace mounts		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,20/21] fuse: Restrict allow_other to the superblock's namespace or a descendant		2 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns		- - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,18/21] fuse: Add support for pid namespaces		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs		2 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb()		2 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,15/21] fs: Don't remove suid for CAP_FSETID in s_user_ns		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as()		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link()		1 1 -	0 0 0	2016-04-26	Seth Forshee	New
[v4,09/21] Smack: Handle labels consistently in untrusted mounts		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,08/21] userns: Replace in_userns with current_in_userns		2 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,07/21] selinux: Add support for unprivileged mounts from user namespaces		2 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,06/21] fs: Treat foreign mounts as nosuid		2 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,05/21] block_dev: Check permissions towards block device inode when mounting		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev()		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible()		- - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,01/21] fs: fix a posible leak of allocated superblock		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns		- - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,18/21] fuse: Add support for pid namespaces		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb()		2 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as()		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link()		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,08/21] userns: Replace in_userns with current_in_userns		2 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev()		1 - -	0 0 0	2016-04-26	Seth Forshee	New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible()		- - -	0 0 0	2016-04-26	Seth Forshee	New
libselinux: update man pages for userspace policy enforcers	libselinux: update man pages for userspace policy enforcers	- - -	0 0 0	2020-01-17	Stephen Smalley	New
[v2] libsepol,checkpolicy: remove use of hardcoded security class values	[v2] libsepol,checkpolicy: remove use of hardcoded security class values	- - -	0 0 0	2020-01-16	Stephen Smalley	New
libselinux: remove flask.h and av_permissions.h	libselinux: remove flask.h and av_permissions.h	1 - -	0 0 0	2020-01-15	Stephen Smalley	New
[RFC] selinux: implement move_mount hook	[RFC] selinux: implement move_mount hook	- - -	0 0 0	2020-01-13	Stephen Smalley	New
Documentation,selinux: deprecate setting checkreqprot to 1	Documentation,selinux: deprecate setting checkreqprot to 1	- - -	0 0 0	2020-01-08	Stephen Smalley	New