SELinux Development list

Show patches with: State = Action Required | 283 patches

« 1 2 3 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[RFC] audit, security: allow LSMs to selectively enable audit collection	[RFC] audit, security: allow LSMs to selectively enable audit collection	- - -	---	2019-08-15	Aaron Goidel	pcmoore	New
[RFC,v3] security,capability: pass object information to security_capable	[RFC,v3] security,capability: pass object information to security_capable	- - -	---	2019-08-15	Aaron Goidel	pcmoore	New
[RFC] selinux: add unprivileged sandboxing capability	[RFC] selinux: add unprivileged sandboxing capability	- - -	---	2020-03-13	Stephen Smalley	pcmoore	New
[RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability	[RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability	- - -	---	2020-03-13	Stephen Smalley	pcmoore	New
[RESEND,v18,1/4] Add flags option to get xattr method paired to __vfs_getxattr	overlayfs override_creds=off & nested get xattr fix	5 1 -	---	2020-10-21	Mark Salyzyn	pcmoore	New
[RESEND,v18,2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method	overlayfs override_creds=off & nested get xattr fix	- - -	---	2020-10-21	Mark Salyzyn	pcmoore	New
[RESEND,v18,3/4] overlayfs: override_creds=off option bypass creator_cred	overlayfs override_creds=off & nested get xattr fix	- - -	---	2020-10-21	Mark Salyzyn	pcmoore	New
[RESEND,v18,4/4] overlayfs: inode_owner_or_capable called during execv	Untitled series #368853	- - -	---	2020-10-22	Mark Salyzyn	pcmoore	New
[RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU	[RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU	- - -	---	2021-02-04	Stephen Brennan	pcmoore	New
RTIC: selinux: ARM64: Move selinux_state to a separate page	RTIC: selinux: ARM64: Move selinux_state to a separate page	1 - -	---	2021-02-16	Preeti Nagar	pcmoore	New
[09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c	Untitled series #439529	- - -	---	2021-02-28	Alexey Dobriyan	pcmoore	New
[RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU	[RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU	- - -	---	2021-04-16	Stephen Brennan	pcmoore	New
[v2,1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag	vfs/security/NFS/btrfs: clean up and fix LSM option handling	- - 1	---	2021-05-17	Ondrej Mosnacek	pcmoore	New
[v2,2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount	vfs/security/NFS/btrfs: clean up and fix LSM option handling	- - -	---	2021-05-17	Ondrej Mosnacek	pcmoore	New
[RFC] userfaultfd: open userfaultfds with O_RDONLY	[RFC] userfaultfd: open userfaultfds with O_RDONLY	- - -	---	2021-06-24	Ondrej Mosnacek	pcmoore	New
[RFC,1/9] sk_buff: track nfct status in newly added skb->_state	[RFC,1/9] sk_buff: track nfct status in newly added skb->_state	- - -	---	2021-07-21	Paolo Abeni	pcmoore	New
[RFC,2/9] sk_buff: track dst status in skb->_state	[RFC,1/9] sk_buff: track nfct status in newly added skb->_state	- - -	---	2021-07-21	Paolo Abeni	pcmoore	New
[RFC,3/9] sk_buff: move the active_extensions into the state bitfield	[RFC,1/9] sk_buff: track nfct status in newly added skb->_state	- - -	---	2021-07-21	Paolo Abeni	pcmoore	New
[RFC,4/9] net: optimize GRO for the common case.	[RFC,1/9] sk_buff: track nfct status in newly added skb->_state	- - -	---	2021-07-21	Paolo Abeni	pcmoore	New
[RFC,5/9] skbuff: introduce has_sk state bit.	[RFC,1/9] sk_buff: track nfct status in newly added skb->_state	- - -	---	2021-07-21	Paolo Abeni	pcmoore	New
[RFC,6/9] veth: use skb_prepare_for_gro()	[RFC,1/9] sk_buff: track nfct status in newly added skb->_state	- - -	---	2021-07-21	Paolo Abeni	pcmoore	New
[RFC,7/9] sk_buff: move inner header fields after tail	[RFC,1/9] sk_buff: track nfct status in newly added skb->_state	- - -	---	2021-07-21	Paolo Abeni	pcmoore	New
[RFC,8/9] sk_buff: move vlan field after tail.	[RFC,1/9] sk_buff: track nfct status in newly added skb->_state	- - -	---	2021-07-21	Paolo Abeni	pcmoore	New
[RFC,9/9] sk_buff: access secmark via getter/setter	[RFC,1/9] sk_buff: track nfct status in newly added skb->_state	- - -	---	2021-07-21	Paolo Abeni	pcmoore	New
[v3,1/1] xattr: Allow user.* xattr on symlink and special files	Relax restrictions on user.* xattr	- - -	---	2021-09-02	Vivek Goyal	pcmoore	New
[RFC] selinux: Add netlink xperm support	[RFC] selinux: Add netlink xperm support	- - -	---	2021-11-10	Bram Bonné	pcmoore	New
[v3,1/1] fuse: Send security context of inode on file creation	fuse: Send file/inode security context during creation	- - -	---	2021-11-10	Vivek Goyal	pcmoore	New
[RFC,2/2] security, nfs: Provide a hook for fs_context security initialisation	[RFC,1/2] security: Remove security_add_mnt_opt() as it's unused	- - -	---	2021-12-08	David Howells	pcmoore	New
[RFC,1/1] selinuxns: Replace state pointer with namespace id	[RFC,1/1] selinuxns: Replace state pointer with namespace id	- - -	---	2022-02-16	Igor Baranov	pcmoore	New
[RFC,1/7] LSM: Infrastructure management of the superblock	[RFC,1/7] LSM: Infrastructure management of the superblock	1 2 -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,2/7] selinux: support per-namespace superblock security structures	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,3/7] SELINUXNS: Fix initilization of the superblock security under spinlock	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,4/7] SELINUXNS: Namespacing for xattrs	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,5/7] SELINUXNS: Migrate all open files and all vma to new namespace	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,6/7] SELINUXNS: Fixing superblock security structure memory leakage	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
[RFC,7/7] SELINUXNS: Fixing concurrency issues	[RFC,1/7] LSM: Infrastructure management of the superblock	- - -	---	2022-04-18	Alexander Kozhevnikov	pcmoore	New
selinux: use unsigned char for boolean values	selinux: use unsigned char for boolean values	- - -	---	2022-05-02	Christian Göttsche	pcmoore	New
[28/32] selinux: Use mem_to_flex_dup() with xfrm and sidtab	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	New
selinux: Variable type completion	selinux: Variable type completion	- - -	---	2022-08-16	Xin Gao	pcmoore	New
[RFC,2/2] fs/xattr: wire up syscalls	[RFC,1/2] fs/xattr: add *at family syscalls	- - -	---	2022-08-30	Christian Göttsche	pcmoore	New
[RFC,1/2] fs/xattr: add *at family syscalls	[RFC,1/2] fs/xattr: add *at family syscalls	- - -	---	2022-08-30	Christian Göttsche	pcmoore	New
[RFC] selinux: TESTING ONLY, PLEASE IGNORE	[RFC] selinux: TESTING ONLY, PLEASE IGNORE	- - -	---	2023-05-16	Paul Moore	pcmoore	Under Review
[RFC,07/20] selinux: services: update type for umber of class permissions	[RFC,01/20] selinux: check for multiplication overflow in put_entry()	- - -	---	2023-07-06	Christian Göttsche	pcmoore	Under Review
[v2] selinux: optimize ebitmap_and()	[v2] selinux: optimize ebitmap_and()	- - -	---	2023-08-03	Christian Göttsche	pcmoore	New
[v3,2/7] selinux: use u32 as bit type in ebitmap code	[v3,1/7] selinux: avoid implicit conversions in avtab code	- - -	---	2023-08-07	Christian Göttsche	pcmoore	New
[RFC] selinux: assorted hash table improvements	[RFC] selinux: assorted hash table improvements	- - -	---	2023-11-14	Paul Moore	pcmoore	New
[2/2] selinux: add support for xperms in conditional policies	[1/2] selinux: constify source policy in cond_policydb_dup()	- - -	---	2024-04-05	Christian Göttsche	pcmoore	New
[RFC] ima: Use sequence number to wait for policy updates	[RFC] ima: Use sequence number to wait for policy updates	- - -	---	2024-05-07	Roberto Sassu	pcmoore	New
[v2,1/2] KEYS: use synchronous task work for changing parent credentials	get rid of cred_transfer	- - -	---	2024-08-05	Jann Horn	pcmoore	New
[v2,2/2] security: remove unused cred_alloc_blank/cred_transfer helpers	get rid of cred_transfer	- - -	---	2024-08-05	Jann Horn	pcmoore	New
selinux: support IPPROTO_SMC in socket_type_to_security_class()	selinux: support IPPROTO_SMC in socket_type_to_security_class()	1 - -	---	2024-08-15	Jeongjun Park	pcmoore	Under Review
selinux,xfrm: fix dangling refcount on deferred skb free	selinux,xfrm: fix dangling refcount on deferred skb free	- - -	---	2024-11-06	Ondrej Mosnacek	pcmoore	Under Review
selinux: KASAN; slab-out-of-bounds in avc_lookup	selinux: KASAN; slab-out-of-bounds in avc_lookup	- - -	---	2024-12-10	Joey Jiao	pcmoore	Under Review
selinux: support wildcard match in genfscon	selinux: support wildcard match in genfscon	- - -	---	2024-12-10	Takaya Saeki	pcmoore	Under Review
selinux: Read sk->sk_family once in selinux_socket_bind()	selinux: Read sk->sk_family once in selinux_socket_bind()	1 - -	---	2024-12-12	Mikhail Ivanov	pcmoore	Under Review
[RFC,v2,10/22] selinux: use u16 for security classes	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,11/22] selinux: more strict policy parsing	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,12/22] selinux: check length fields in policies	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,13/22] selinux: validate constraints	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,14/22] selinux: pre-validate conditional expressions	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,15/22] selinux: introduce ebitmap_highest_set_bit()	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,16/22] selinux: check type attr map overflows	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,17/22] selinux: reorder policydb_index()	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,18/22] selinux: beef up isvalid checks	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,19/22] selinux: validate symbols	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,20/22] selinux: more strict bounds check	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,21/22] selinux: check for simple types	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,v2,22/22] selinux: restrict policy strings	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche	pcmoore	Under Review
[RFC,01/44] selinux: restore passing of selinux_state	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,02/44] selinux: introduce current_selinux_state	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,03/44] selinux: support multiple selinuxfs instances	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,04/44] selinux: dynamically allocate selinux namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,05/44] netstate,selinux: create the selinux netlink socket per network namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,06/44] selinux: support per-task/cred selinux namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,07/44] selinux: introduce cred_selinux_state() and use it	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,08/44] selinux: add a selinuxfs interface to unshare selinux namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,09/44] selinuxfs: restrict write operations to the same selinux namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,10/44] selinux: introduce a global SID table	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,11/44] selinux: wrap security server interfaces to use the global SID table	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,12/44] selinux: update hook functions to use correct selinux namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,13/44] selinux: introduce cred_task_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,14/44] selinux: introduce cred_has_extended_perms()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,15/44] selinux: introduce cred_self_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,16/44] selinux: introduce cred_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,17/44] selinux: introduce cred_ssid_has_perm() and cred_other_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,18/44] selinux: introduce task_obj_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,19/44] selinux: fix selinux_lsm_getattr() check	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,20/44] selinux: update bprm hooks for selinux namespaces	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,21/44] selinux: add kerneldoc to new permission checking functions	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,22/44] selinux: convert selinux_file_send_sigiotask() to namespace-aware helper	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,23/44] selinux: rename cred_has_perm() to cred_tsid_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,24/44] selinux: convert additional checks to cred_ssid_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,25/44] selinux: introduce selinux_state_has_perm()	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,26/44] selinux: annotate selinuxfs permission checks	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,27/44] selinux: annotate process transition permission checks	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,28/44] selinux: convert xfrm and netlabel permission checks	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,29/44] selinux: switch selinux_lsm_setattr() checks to current namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,30/44] selinux: add limits for SELinux namespaces	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,31/44] selinux: fix namespace creation	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New
[RFC,32/44] selinux: limit selinux netlink notifications to init namespace	SELinux namespace support	- - -	---	2025-01-02	Stephen Smalley	pcmoore	New

« 1 2 3 »