SELinux Development list

Show patches with: State = Action Required | 197 patches

« 1 2 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[RFC,v3] security,capability: pass object information to security_capable	[RFC,v3] security,capability: pass object information to security_capable	- - -	---	2019-08-15	Aaron Goidel	pcmoore	New
[RFC] audit, security: allow LSMs to selectively enable audit collection	[RFC] audit, security: allow LSMs to selectively enable audit collection	- - -	---	2019-08-15	Aaron Goidel	pcmoore	New
[09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c	Untitled series #439529	- - -	---	2021-02-28	Alexey Dobriyan	pcmoore	New
[v2] Support static-only builds	[v2] Support static-only builds	- - -	---	2021-11-13	Alyssa Ross		New
security/selinux: fix potential memleak	security/selinux: fix potential memleak	- - -	---	2021-12-02	Bernard Zhao		New
security/selinux: fix potential memleak in error branch	security/selinux: fix potential memleak in error branch	- - -	---	2021-12-02	Bernard Zhao		New
[RFC] selinux: Add netlink xperm support	[RFC] selinux: Add netlink xperm support	- - -	---	2021-11-10	Bram Bonné	pcmoore	New
[RFC] libsepol,checkpolicy: Add netlink xperm support	[RFC] libsepol,checkpolicy: Add netlink xperm support	- - -	---	2021-11-10	Bram Bonné		New
[v30,28/28] AppArmor: Remove the exclusive flag	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 1 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,27/28] LSM: Add /proc attr entry for full LSM context	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- 1 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,26/28] Audit: Add record for multiple object security contexts	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,25/28] Audit: Add record for multiple task security contexts	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,24/28] Audit: Add framework for auxiliary records	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,23/28] Audit: Create audit_stamp structure	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,22/28] Audit: Keep multiple LSM data in audit_names	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,21/28] LSM: Extend security_secid_to_secctx to include module selection	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,20/28] binder: Pass LSM identifier for confirmation	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,19/28] NET: Store LSM netlabel data in a lsmblob	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,18/28] LSM: security_secid_to_secctx in netlink netfilter	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	3 2 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,17/28] LSM: Use lsmcontext in security_inode_getsecctx	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	3 2 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,16/28] LSM: Use lsmcontext in security_secid_to_secctx	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 1 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,15/28] LSM: Ensure the correct LSM context releaser	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	3 2 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,14/28] LSM: Specify which LSM to display	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,13/28] LSM: Use lsmblob in security_cred_getsecid	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,12/28] LSM: Use lsmblob in security_inode_getsecid	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,11/28] LSM: Use lsmblob in security_task_getsecid	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,10/28] LSM: Use lsmblob in security_ipc_getsecid	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,09/28] LSM: Use lsmblob in security_secid_to_secctx	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	1 1 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,08/28] LSM: Use lsmblob in security_secctx_to_secid	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	1 1 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,07/28] LSM: Use lsmblob in security_kernel_act_as	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,06/28] LSM: Use lsmblob in security_audit_rule_match	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,05/28] IMA: avoid label collisions with stacked LSMs	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,04/28] LSM: provide lsm name and id slot mappings	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	1 1 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,03/28] LSM: Add the lsmblob data structure.	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,02/28] LSM: Infrastructure management of the sock security	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-11-24	Casey Schaufler	pcmoore	New
[v2,1/3] mcstrans: port to new PCRE2 from end-of-life PCRE	[v2,1/3] mcstrans: port to new PCRE2 from end-of-life PCRE	1 - -	---	2021-11-30	Christian Göttsche		New
[2/2] checkpolicy: warn on bogus IP address or netmask in nodecon statement	[1/2] libsepol/cil: support IPv4/IPv6 address embedding	- - -	---	2021-11-30	Christian Göttsche		New
[1/2] libsepol/cil: support IPv4/IPv6 address embedding	[1/2] libsepol/cil: support IPv4/IPv6 address embedding	- - -	---	2021-11-30	Christian Göttsche		New
[XSERVER,2/2] selinux: log events with appropriate audit type	[XSERVER,1/2] selinux: remap security classes on policyload	- - -	---	2021-11-25	Christian Göttsche		New
[XSERVER,1/2] selinux: remap security classes on policyload	[XSERVER,1/2] selinux: remap security classes on policyload	- - -	---	2021-11-25	Christian Göttsche		New
libsepol: free ebitmap on end of function	libsepol: free ebitmap on end of function	- - -	---	2021-11-25	Christian Göttsche		New
[RFC,v2,4/4] libsepol: free ebitmap on end of function	[RFC,v2,1/4] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-24	Christian Göttsche		New
[RFC,v2,3/4] checkpolicy: add not-self neverallow support	[RFC,v2,1/4] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-24	Christian Göttsche		New
[RFC,v2,2/4] libsepol: add not-self neverallow support	[RFC,v2,1/4] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-24	Christian Göttsche		New
[RFC,v2,1/4] libsepol: introduce ebitmap_subtract()	[RFC,v2,1/4] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-24	Christian Göttsche		New
[RFC,3/3] checkpolicy: add not-self neverallow support	[RFC,1/3] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-23	Christian Göttsche		New
[RFC,2/3] libsepol: add not-self neverallow support	[RFC,1/3] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-23	Christian Göttsche		New
[RFC,1/3] libsepol: introduce ebitmap_subtract()	[RFC,1/3] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-23	Christian Göttsche		New
[3/3] Replace PCRE with PCRE2 build dependencies	[1/3] mcstrans: port to new PCRE2 from end-of-life PCRE	1 - -	---	2021-11-23	Christian Göttsche		New
[2/3] libselinux: use PCRE2 by default	[1/3] mcstrans: port to new PCRE2 from end-of-life PCRE	1 - -	---	2021-11-23	Christian Göttsche		New
[1/3] mcstrans: port to new PCRE2 from end-of-life PCRE	[1/3] mcstrans: port to new PCRE2 from end-of-life PCRE	- - -	---	2021-11-23	Christian Göttsche		New
[RFC] capability: add capable_or to test for multiple caps with exactly one audit message	[RFC] capability: add capable_or to test for multiple caps with exactly one audit message	- - -	---	2021-11-16	Christian Göttsche	pcmoore	New
[RFC,v2,36/36] libsepol: validate class default targets	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,35/36] libsepol: validate fsuse types	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,34/36] libsepol: validate categories	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,33/36] libsepol: validate policy properties	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,32/36] libsepol: validate permissive types	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,31/36] libsepol: validate genfs contexts	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,30/36] libsepol: validate ocontexts	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,29/36] libsepol: validate type of avtab type rules	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,28/36] libsepol: validate constraint expression operators and attributes	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,27/36] libsepol: validate avtab and avrule types	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,26/36] libsepol: resolve log message mismatch	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,25/36] libsepol: validate permission count of classes	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,24/36] libsepol: validate expanded user range and level	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,23/36] libsepol: validate MLS levels	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,22/36] libsepol: split validation of datum array gaps and entries	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,21/36] libsepol: do not create a string list with initial size zero	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,20/36] libsepol: use correct size for initial string list	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,19/36] libsepol: do not crash on user gaps	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,18/36] libsepol: do not crash on class gaps	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,17/36] libsepol: do not underflow on short format arguments	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,16/36] libsepol: use size_t for indexes in strs helpers	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,15/36] libsepol: zero member before potential dereference	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,14/36] libsepol: reject invalid filetrans source type	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,13/36] libsepol: reject abnormal huge sid ids	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,12/36] libsepol: clean memory on conditional insertion failure	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,11/36] libsepol: enforce avtab item limit	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,10/36] libsepol: add checks for read sizes	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,09/36] libsepol: use reallocarray wrapper to avoid overflows	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,08/36] libsepol: use mallocarray wrapper to avoid overflows	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,07/36] libsepol: use logging framework in ebitmap.c	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,06/36] libsepol: use logging framework in conditional.c	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,05/36] libsepol/fuzz: limit element sizes for fuzzing	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,04/36] libsepol: add libfuzz based fuzzer for reading binary policies	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,03/36] libsepol/fuzz: silence secilc-fuzzer	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,02/36] cifuzz: use the default runtime of 600 seconds	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
[RFC,v2,01/36] cifuzz: enable report-unreproducible-crashes	libsepol: add fuzzer for reading binary policies	- - -	---	2021-11-05	Christian Göttsche		New
libsepol: avoid passing NULL pointer to memcpy	libsepol: avoid passing NULL pointer to memcpy	- - -	---	2021-10-21	Christian Göttsche		New
[v19,4/4] overlayfs: inode_owner_or_capable called during execv	overlayfs override_creds=off & nested get xattr fix	- - -	---	2021-11-17	David Anderson	pcmoore	New
[v19,3/4] overlayfs: override_creds=off option bypass creator_cred	overlayfs override_creds=off & nested get xattr fix	- - -	---	2021-11-17	David Anderson	pcmoore	New
[v19,2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method	overlayfs override_creds=off & nested get xattr fix	- - -	---	2021-11-17	David Anderson	pcmoore	New
[v19,1/4] Add flags option to get xattr method paired to __vfs_getxattr	overlayfs override_creds=off & nested get xattr fix	5 1 -	---	2021-11-17	David Anderson	pcmoore	New
cil_container_statements.md: clarify in-statement limitations	cil_container_statements.md: clarify in-statement limitations	- - -	---	2021-08-12	Dominick Grift		New
libsepol regressions	libsepol regressions	- - -	---	2021-08-01	Dominick Grift		New
ci: run the tests under ASan/UBsan on GHActions	ci: run the tests under ASan/UBsan on GHActions	- - -	---	2021-11-15	Evgeny Vereshchagin		New
[v2] libsepol/cil: move the fuzz target and build script to the selinux repository	[v2] libsepol/cil: move the fuzz target and build script to the selinux repository	1 - -	---	2021-07-15	Evgeny Vereshchagin		New
[2/2] README: add OSS-Fuzz/CIFuzz badges	[1/2] ci: turn on CIFuzz	- - -	---	2021-07-10	Evgeny Vereshchagin		New
[1/2] ci: turn on CIFuzz	[1/2] ci: turn on CIFuzz	1 - -	---	2021-07-10	Evgeny Vereshchagin		New

« 1 2 »