Show patches with: State = Action Required       |   133 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,v3] security,capability: pass object information to security_capable [RFC,v3] security,capability: pass object information to security_capable - - - --- 2019-08-15 Aaron Goidel pcmoore New
[RFC] audit, security: allow LSMs to selectively enable audit collection [RFC] audit, security: allow LSMs to selectively enable audit collection - - - --- 2019-08-15 Aaron Goidel pcmoore New
[09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c Untitled series #439529 - - - --- 2021-02-28 Alexey Dobriyan pcmoore New
[v27,25/25] AppArmor: Remove the exclusive flag [v27,01/25] LSM: Infrastructure management of the sock security 2 1 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,24/25] LSM: Add /proc attr entry for full LSM context [v27,01/25] LSM: Infrastructure management of the sock security - 1 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,23/25] Audit: Add record for multiple object LSM attributes [v27,01/25] LSM: Infrastructure management of the sock security - - - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,22/25] Audit: Add record for multiple process LSM attributes [v27,01/25] LSM: Infrastructure management of the sock security - - - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,21/25] audit: add support for non-syscall auxiliary records [v27,01/25] LSM: Infrastructure management of the sock security - - - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,20/25] LSM: Verify LSM display sanity in binder [v27,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,19/25] NET: Store LSM netlabel data in a lsmblob [v27,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,18/25] LSM: security_secid_to_secctx in netlink netfilter [v27,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,17/25] LSM: Use lsmcontext in security_inode_getsecctx [v27,01/25] LSM: Infrastructure management of the sock security 3 1 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,16/25] LSM: Use lsmcontext in security_secid_to_secctx [v27,01/25] LSM: Infrastructure management of the sock security 2 1 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,15/25] LSM: Ensure the correct LSM context releaser [v27,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,14/25] LSM: Specify which LSM to display [v27,01/25] LSM: Infrastructure management of the sock security - - - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,13/25] IMA: Change internal interfaces to use lsmblobs [v27,01/25] LSM: Infrastructure management of the sock security 1 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,12/25] LSM: Use lsmblob in security_cred_getsecid [v27,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,11/25] LSM: Use lsmblob in security_inode_getsecid [v27,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,10/25] LSM: Use lsmblob in security_task_getsecid [v27,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,09/25] LSM: Use lsmblob in security_ipc_getsecid [v27,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,08/25] LSM: Use lsmblob in security_secid_to_secctx [v27,01/25] LSM: Infrastructure management of the sock security - - - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,07/25] LSM: Use lsmblob in security_secctx_to_secid [v27,01/25] LSM: Infrastructure management of the sock security - - - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,06/25] LSM: Use lsmblob in security_kernel_act_as [v27,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,05/25] LSM: Use lsmblob in security_audit_rule_match [v27,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,04/25] IMA: avoid label collisions with stacked LSMs [v27,01/25] LSM: Infrastructure management of the sock security - - - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,03/25] LSM: provide lsm name and id slot mappings [v27,01/25] LSM: Infrastructure management of the sock security - - - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,02/25] LSM: Add the lsmblob data structure. [v27,01/25] LSM: Infrastructure management of the sock security 3 - - --- 2021-06-11 Casey Schaufler pcmoore New
[v27,01/25] LSM: Infrastructure management of the sock security [v27,01/25] LSM: Infrastructure management of the sock security 2 2 - --- 2021-06-11 Casey Schaufler pcmoore New
[23/23] libsepol: declare read-only arrays const libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[22/23] libsepol: declare file local variable static libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[21/23] libsepol: drop unnecessary casts libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[20/23] libsepol: drop repeated semicolons libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[19/23] libsepol/cil: avoid using maybe uninitialized variables libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[18/23] libsepol/cil: drop unnecessary casts libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[17/23] libsepol/cil: drop dead store libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[16/23] libsepol/cil: drop extra semicolon libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[15/23] libsepol/cil: silence cast warning libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[14/23] libsepol: remove dead stores libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[13/23] libsepol: assure string NUL-termination libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[12/23] libsepol: do not allocate memory of size 0 libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[11/23] libsepol: mark read-only parameters of type_set_ interfaces const libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[10/23] libsepol: mark read-only parameters of ebitmap interfaces const libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[09/23] libsepol: remove dead stores libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[08/23] libsepol/cil: follow declaration-after-statement libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[07/23] libsepol: follow declaration-after-statement libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[06/23] libsepol: avoid unsigned integer overflow libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[05/23] libsepol: avoid implicit conversions libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[04/23] libsepol: ignore UBSAN false-positives libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[03/23] libsepol: remove unused functions libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[02/23] libsepol: resolve missing prototypes libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
[01/23] libsepol: fix typos libsepol: miscellaneous cleanup - - - --- 2021-06-08 Christian Göttsche New
libsepol/cil: Allow duplicate optional blocks in most cases libsepol/cil: Allow duplicate optional blocks in most cases - - - --- 2021-06-17 James Carter New
libsepol: Quote paths when generating policy.conf from binary policy libsepol: Quote paths when generating policy.conf from binary policy 1 - - --- 2021-06-16 James Carter New
[3/3] secilc/test: Add test for anonymous args Fix problems with CIL's handling of anonymous call arguments - - - --- 2021-06-15 James Carter New
[2/3] libsepol/cil: Account for anonymous category sets in an expression Fix problems with CIL's handling of anonymous call arguments - - - --- 2021-06-15 James Carter New
[1/3] libsepol/cil: Fix anonymous IP address call arguments Fix problems with CIL's handling of anonymous call arguments - - - --- 2021-06-15 James Carter New
[5/5] libsepol/cil: Improve degenerate inheritance check Another round of secilc-fuzzer problems fixed - - - --- 2021-06-14 James Carter New
[4/5] libsepol/cil: Reduce the initial symtab sizes for blocks Another round of secilc-fuzzer problems fixed 1 - - --- 2021-06-14 James Carter New
[3/5] libsepol/cil: Check for empty list when marking neverallow attributes Another round of secilc-fuzzer problems fixed 1 - - --- 2021-06-14 James Carter New
[2/5] libsepol/cil: Fix syntax checking of defaultrange rule Another round of secilc-fuzzer problems fixed - - - --- 2021-06-14 James Carter New
[1/5] libsepol/cil: Properly check for loops in sets Another round of secilc-fuzzer problems fixed 1 - - --- 2021-06-14 James Carter New
[v2] checkpolicy: fix the leak memory when uses xperms [v2] checkpolicy: fix the leak memory when uses xperms - - 1 --- 2021-06-01 liwugang New
[RESEND,v18,4/4] overlayfs: inode_owner_or_capable called during execv Untitled series #368853 - - - --- 2020-10-22 Mark Salyzyn pcmoore New
[RESEND,v18,3/4] overlayfs: override_creds=off option bypass creator_cred overlayfs override_creds=off & nested get xattr fix - - - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method overlayfs override_creds=off & nested get xattr fix - - - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,1/4] Add flags option to get xattr method paired to __vfs_getxattr overlayfs override_creds=off & nested get xattr fix 5 1 - --- 2020-10-21 Mark Salyzyn pcmoore New
[v3] lockdown,selinux: fix wrong subject in some SELinux lockdown checks [v3] lockdown,selinux: fix wrong subject in some SELinux lockdown checks 1 - - --- 2021-06-16 Ondrej Mosnacek pcmoore New
[v2,2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount vfs/security/NFS/btrfs: clean up and fix LSM option handling - - - --- 2021-05-17 Ondrej Mosnacek pcmoore New
[v2,1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag vfs/security/NFS/btrfs: clean up and fix LSM option handling - - 1 --- 2021-05-17 Ondrej Mosnacek pcmoore New
[RFC,9/9] Smack: Brutalist io_uring support with debug Add LSM access controls and auditing to io_uring - - - --- 2021-05-21 Paul Moore pcmoore New
[RFC,8/9] selinux: add support for the io_uring access controls Add LSM access controls and auditing to io_uring - - - --- 2021-05-21 Paul Moore pcmoore New
[RFC,7/9] lsm,io_uring: add LSM hooks to io_uring Add LSM access controls and auditing to io_uring - - - --- 2021-05-21 Paul Moore pcmoore New
[RFC,6/9] io_uring: convert io_uring to the secure anon inode interface Add LSM access controls and auditing to io_uring - - - --- 2021-05-21 Paul Moore pcmoore New
[RFC,5/9] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure() Add LSM access controls and auditing to io_uring - - - --- 2021-05-21 Paul Moore pcmoore New
[RFC,4/9] audit: add filtering for io_uring records Add LSM access controls and auditing to io_uring - - - --- 2021-05-21 Paul Moore pcmoore New
[RFC,3/9] audit: dev/test patch to force io_uring auditing Add LSM access controls and auditing to io_uring - - - --- 2021-05-21 Paul Moore pcmoore New
[RFC,2/9] audit,io_uring,io-wq: add some basic audit support to io_uring Add LSM access controls and auditing to io_uring - - - --- 2021-05-21 Paul Moore pcmoore New
[RFC,1/9] audit: prepare audit_context for use in calling contexts beyond syscalls Add LSM access controls and auditing to io_uring 1 - - --- 2021-05-21 Paul Moore pcmoore New
RTIC: selinux: ARM64: Move selinux_state to a separate page RTIC: selinux: ARM64: Move selinux_state to a separate page 1 - - --- 2021-02-16 Preeti Nagar pcmoore New
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime selinux-testsuite: Reduce sctp test runtime - - - --- 2020-11-04 Richard Haines omos Under Review
[V2,1/1] selinux-testsuite: Add btrfs support for filesystem tests selinux-testsuite: Add btrfs support for filesystem tests - - - --- 2020-11-03 Richard Haines omos Queued
[RFC,V2,2/2] selinux-testsuite: Run SCTP tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
[RFC,V2,1/2] selinux-testsuite: Run tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
fs: Return raw xattr for security.* if there is size disagreement with LSMs fs: Return raw xattr for security.* if there is size disagreement with LSMs - - 1 --- 2021-06-16 Roberto Sassu pcmoore New
[v3,6/6] evm: Support multiple LSMs providing an xattr evm: Prepare for moving to the LSM infrastructure - - - --- 2021-04-27 Roberto Sassu pcmoore New
[v3,5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure evm: Prepare for moving to the LSM infrastructure - - - --- 2021-04-27 Roberto Sassu pcmoore New
[v3,4/6] security: Support multiple LSMs implementing the inode_init_security hook evm: Prepare for moving to the LSM infrastructure - - - --- 2021-04-27 Roberto Sassu pcmoore New
[v3,3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook evm: Prepare for moving to the LSM infrastructure - - - --- 2021-04-27 Roberto Sassu pcmoore New
[v3,2/6] security: Rewrite security_old_inode_init_security() evm: Prepare for moving to the LSM infrastructure - - - --- 2021-04-27 Roberto Sassu pcmoore New
[v3,1/6] reiserfs: Add missing calls to reiserfs_security_free() evm: Prepare for moving to the LSM infrastructure - - - --- 2021-04-27 Roberto Sassu pcmoore New
[v4,21/21] fuse: Allow user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,20/21] fuse: Restrict allow_other to the superblock's namespace or a descendant 2 - - --- 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - --- 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs 2 - - --- 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - --- 2016-04-26 Seth Forshee New
[v4,15/21] fs: Don't remove suid for CAP_FSETID in s_user_ns 1 - - --- 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - --- 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns 1 - - --- 2016-04-26 Seth Forshee New
« 1 2 »