Show patches with: State = Action Required       |   179 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v2,13/13] LSM: Remove lsmblob scaffolding [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,12/13] Netlabel: Use lsmblob for audit data [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,11/13] Audit: Change context data from secid to lsmblob [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,10/13] LSM: Create new security_cred_getlsmblob LSM hook [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,09/13] Audit: use an lsmblob in audit_names [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,08/13] LSM: Use lsmblob in security_inode_getsecid [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,07/13] LSM: Use lsmblob in security_current_getsecid [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,06/13] Audit: Update shutdown LSM data [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,05/13] LSM: Use lsmblob in security_ipc_getsecid [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,04/13] Audit: maintain an lsmblob in audit_context [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,03/13] LSM: Add lsmblob_to_secctx hook [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,02/13] LSM: Use lsmblob in security_audit_rule_match [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,01/13] LSM: Add the lsmblob data structure. [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[testsuite,v2] tests/extended_socket_class: test SMC sockets [testsuite,v2] tests/extended_socket_class: test SMC sockets - - - --- 2024-08-29 Stephen Smalley New
[testsuite] policy,tests: add tests for netlink xperms [testsuite] policy,tests: add tests for netlink xperms - - 1 --- 2024-08-28 Stephen Smalley New
[v3,8/8] secilc: include segregate attributes in tests [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,7/8] secilc: run tests against development version of libsepol [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,6/8] libsepol/cil: add support for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,5/8] libsepol/tests: add test for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,4/8] checkpolicy: add front-end support for segregate attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,3/8] libsepol: add compile-time constraint for mutual exclusive attributes [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[v3,2/8] libsepol: add ebitmap iterator wrapper with startnode [v3,1/8] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-07-21 Christian Göttsche New
[RFC,4/4] checkpolicy: add front-end support for segregate attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,3/4] libsepol: add compile-time constraint for mutual exclusive attributes [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[RFC,2/4] libsepol: add ebitmap iterator wrapper with startnode [RFC,1/4] libsepol: refactor ebitmap conversion in link.c - - - --- 2022-06-16 Christian Göttsche New
[1/4] libselinux: add man page redirections [1/4] libselinux: add man page redirections 1 - - --- 2022-05-20 Christian Göttsche New
Makefile: always include and link with DESTDIR Makefile: always include and link with DESTDIR - - - --- 2022-05-20 Christian Göttsche New
[v2,6/6] Enable missing prototypes [v2,1/6] libsepol/cil: declare file local functions static - - - --- 2022-04-05 Christian Göttsche New
libselinux: Prevent cached context giving wrong results libselinux: Prevent cached context giving wrong results - - - --- 2022-01-27 Johannes Segitz New
[libselinux] libselinux: make threadsafe for discover_class_cache [libselinux] libselinux: make threadsafe for discover_class_cache - - - --- 2022-01-20 Purushottam Choudhary New
[2/2,RFC] libsepol/cil: Add notself and minusself support to CIL libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[1/2,RFC] libsepol: Add not self support for neverallow rules libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[XSERVER,2/2] selinux: log events with appropriate audit type [XSERVER,1/2] selinux: remap security classes on policyload - - - --- 2021-11-25 Christian Göttsche New
[XSERVER,1/2] selinux: remap security classes on policyload [XSERVER,1/2] selinux: remap security classes on policyload - - - --- 2021-11-25 Christian Göttsche New
[2/2] dbus: Add filetrans for /tmp/dbus-* session socket [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
[1/2] selinux: Add map perms [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
[v2] Support static-only builds [v2] Support static-only builds - - - --- 2021-11-13 Alyssa Ross New
[v4,21/21] fuse: Allow user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,20/21] fuse: Restrict allow_other to the superblock's namespace or a descendant 2 - - --- 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - --- 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs 2 - - --- 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - --- 2016-04-26 Seth Forshee New
[v4,15/21] fs: Don't remove suid for CAP_FSETID in s_user_ns 1 - - --- 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - --- 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns 1 - - --- 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - --- 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 1 - --- 2016-04-26 Seth Forshee New
[v4,09/21] Smack: Handle labels consistently in untrusted mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - --- 2016-04-26 Seth Forshee New
[v4,07/21] selinux: Add support for unprivileged mounts from user namespaces 2 - - --- 2016-04-26 Seth Forshee New
[v4,06/21] fs: Treat foreign mounts as nosuid 2 - - --- 2016-04-26 Seth Forshee New
[v4,05/21] block_dev: Check permissions towards block device inode when mounting 1 - - --- 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - --- 2016-04-26 Seth Forshee New
[v4,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - --- 2016-04-26 Seth Forshee New
[v4,01/21] fs: fix a posible leak of allocated superblock 1 - - --- 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - --- 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - --- 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - --- 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - --- 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - --- 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - --- 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 - - --- 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - --- 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - --- 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - --- 2016-04-26 Seth Forshee New
[v3] checkpolicy: Fix MLS users in optional blocks [v3] checkpolicy: Fix MLS users in optional blocks - - - --- 2024-08-28 James Carter bachradsusi New
[v2] sepolgen-ifgen: allow M4 escaped filenames [v2] sepolgen-ifgen: allow M4 escaped filenames - - - --- 2024-08-27 Petr Lautrbach bachradsusi New
libselinux: rename hashtab functions libselinux: rename hashtab functions 1 - - --- 2024-08-26 Thiébaud Weksteen bachradsusi New
[3/3] libsepol: Add policy capability netlink_xperm [1/3] libsepol: Rename ioctl xperms structures and functions 1 - - --- 2024-08-22 Thiébaud Weksteen bachradsusi New
[2/3] libsepol: Support nlmsg extended permissions [1/3] libsepol: Rename ioctl xperms structures and functions 1 - - --- 2024-08-22 Thiébaud Weksteen bachradsusi New
[1/3] libsepol: Rename ioctl xperms structures and functions [1/3] libsepol: Rename ioctl xperms structures and functions 1 - - --- 2024-08-22 Thiébaud Weksteen bachradsusi New
sepolgen-ifgen: allow M4 escaped filenames sepolgen-ifgen: allow M4 escaped filenames - - - --- 2024-08-19 Petr Lautrbach bachradsusi New
checkpolicy: Fix MLS users in optional blocks checkpolicy: Fix MLS users in optional blocks - - - --- 2024-08-14 James Carter bachradsusi New
checkpolicy: Fix MLS users in optional blocks checkpolicy: Fix MLS users in optional blocks - - - --- 2024-08-12 James Carter bachradsusi New
libsepol/cil: Allow dotted names in aliasactual rules libsepol/cil: Allow dotted names in aliasactual rules - - - --- 2024-08-12 James Carter bachradsusi New
[PR,#134] sesearch: CIL output [PR,#134] sesearch: CIL output - - - --- 2024-05-17 Topi Miettinen bachradsusi New
[RFC,3/3] newrole: use ROWHAMMER resistant values [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,2/3] newrole: cleanse shadow data hold by libc [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,1/3] newrole: constant time password comparison [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC] libselinux: disable capturing in fcontext matching [RFC] libselinux: disable capturing in fcontext matching - - - --- 2024-01-08 Christian Göttsche bachradsusi New
[RFC] libsepol: handle long permission names in sepol_av_to_string() [RFC] libsepol: handle long permission names in sepol_av_to_string() - - - --- 2023-12-11 Christian Göttsche bachradsusi New
libsepol: validate common classes in scope indices libsepol: validate common classes in scope indices - - - --- 2023-12-08 Christian Göttsche bachradsusi New
[RFC] libsepol: validate permission identifier length [RFC] libsepol: validate permission identifier length - - - --- 2023-12-07 Christian Göttsche bachradsusi New
[v6] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions [v6] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions 1 1 - --- 2023-12-05 Juraj Marcin bachradsusi New
[v4] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions [v4] checkpolicy,libsepol: add prefix/suffix matching to filename type transitions - 1 - --- 2023-11-21 Juraj Marcin bachradsusi New
[2/2] libsepol: rework saturation check [1/2] libsepol: use str_read() where appropriate - - - --- 2023-11-01 Christian Göttsche bachradsusi New
libsepol: ignore writing invalid polcaps in fuzzer libsepol: ignore writing invalid polcaps in fuzzer - - - --- 2023-11-01 Christian Göttsche bachradsusi New
[RFC,v2,27/27] libselinux: add selabel_file(5) fuzzer libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,26/27] libselinux: remove unused hashtab code libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,17/27] libselinux: remove SELABEL_OPT_SUBSET support from selabel_file(5) libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,13/27] libselinux/utils: introduce selabel_compare libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[RFC,v2,10/27] libselinux: introduce selabel_nuke libselinux: rework selabel_file(5) database - - - --- 2023-08-14 Christian Göttsche bachradsusi New
[8/9,v4] secilc/test: Add deny rule tests Add CIL Deny Rule - - - --- 2023-08-09 James Carter bachradsusi New
[7/7,v2] secilc/test: Add notself and other tests Add support for notself and other to CIL - - - --- 2023-08-09 James Carter bachradsusi New
[v6] semanage, sepolicy: list also ports not attributed with port_type [v6] semanage, sepolicy: list also ports not attributed with port_type - - - --- 2023-07-28 Topi Miettinen bachradsusi New
libselinux/utils: introduce getpolicyload libselinux/utils: introduce getpolicyload - - - --- 2023-07-06 Christian Göttsche bachradsusi New
libselinux: Add CPPFLAGS to Makefile libselinux: Add CPPFLAGS to Makefile - - - --- 2023-06-06 ChungSheng Wu bachradsusi New
« 1 2 »