Show patches with: State = Action Required       |   86 patches
Patch Series A/R/T S/W/F Date Submitter Delegate State
libsepol: Create the macro ebitmap_is_empty() and use it where needed libsepol: Create the macro ebitmap_is_empty() and use it where needed - - - 0 0 0 2020-02-19 James Carter New
[v2,2/2] libsepol: grow hashtab dynamically libsepol: Grow hashtab dynamically - - - 0 0 0 2020-02-19 Ondrej Mosnacek New
[v2,1/2] libsepol,newrole: remove unused hashtab functions libsepol: Grow hashtab dynamically 1 - - 0 0 0 2020-02-19 Ondrej Mosnacek New
[v2] selinux: reduce the use of hard-coded hash sizes [v2] selinux: reduce the use of hard-coded hash sizes 1 - - 0 0 0 2020-02-19 Ondrej Mosnacek New
[RFC] libselinux: deprecate security_compute_user(), update man pages [RFC] libselinux: deprecate security_compute_user(), update man pages - - - 0 0 0 2020-02-18 Stephen Smalley New
libsepol: Use ebitmap_length() to check for an empty ebitmap libsepol: Use ebitmap_length() to check for an empty ebitmap - - - 0 0 0 2020-02-18 James Carter New
[v3] selinux: optimize storage of filename transitions [v3] selinux: optimize storage of filename transitions 1 - - 0 0 0 2020-02-18 Ondrej Mosnacek New
libselinux: Fix Ru translation of failsafe context libselinux: Fix Ru translation of failsafe context 1 - - 0 0 0 2020-02-17 Mikhail Novosyolov New
[v6] libselinux: Eliminate use of security_compute_user() [v6] libselinux: Eliminate use of security_compute_user() 1 - - 0 0 0 2020-02-17 Petr Lautrbach New
[v7,12/12] doc/admin-guide: update kernel.rst with CAP_PERFMON information Introduce CAP_PERFMON to secure system performance monitoring and observability - - - 0 0 0 2020-02-17 Alexey Budankov New
[v7,11/12] doc/admin-guide: update perf-security.rst with CAP_PERFMON information Introduce CAP_PERFMON to secure system performance monitoring and observability - - - 0 0 0 2020-02-17 Alexey Budankov New
[v7,10/12] drivers/oprofile: open access for CAP_PERFMON privileged process Introduce CAP_PERFMON to secure system performance monitoring and observability - 1 - 0 0 0 2020-02-17 Alexey Budankov New
[v7,09/12] drivers/perf: open access for CAP_PERFMON privileged process Introduce CAP_PERFMON to secure system performance monitoring and observability - 1 - 0 0 0 2020-02-17 Alexey Budankov New
[v7,08/12] parisc/perf: open access for CAP_PERFMON privileged process Introduce CAP_PERFMON to secure system performance monitoring and observability - 1 - 0 0 0 2020-02-17 Alexey Budankov New
[v7,07/12] powerpc/perf: open access for CAP_PERFMON privileged process Introduce CAP_PERFMON to secure system performance monitoring and observability - 1 - 0 0 0 2020-02-17 Alexey Budankov New
[v7,06/12] trace/bpf_trace: open access for CAP_PERFMON privileged process Introduce CAP_PERFMON to secure system performance monitoring and observability - 1 - 0 0 0 2020-02-17 Alexey Budankov New
[v7,05/12] drm/i915/perf: open access for CAP_PERFMON privileged process Introduce CAP_PERFMON to secure system performance monitoring and observability - 1 - 0 0 0 2020-02-17 Alexey Budankov New
[v7,04/12] perf tool: extend Perf tool with CAP_PERFMON capability support Introduce CAP_PERFMON to secure system performance monitoring and observability - 1 - 0 0 0 2020-02-17 Alexey Budankov New
[v7,03/12] perf/core: open access to probes for CAP_PERFMON privileged process Introduce CAP_PERFMON to secure system performance monitoring and observability - 1 - 0 0 0 2020-02-17 Alexey Budankov New
[v7,02/12] perf/core: open access to the core for CAP_PERFMON privileged process Introduce CAP_PERFMON to secure system performance monitoring and observability - 1 - 0 0 0 2020-02-17 Alexey Budankov New
[v7,01/12] capabilities: introduce CAP_PERFMON to kernel and user space Introduce CAP_PERFMON to secure system performance monitoring and observability 2 - - 0 0 0 2020-02-17 Alexey Budankov New
[v15,23/23] AppArmor: Remove the exclusive flag LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,22/23] LSM: Add /proc attr entry for full LSM context LSM: Module stacking for AppArmor - - - 0 0 0 2020-02-14 Casey Schaufler New
[v15,21/23] Audit: Include object data for all security modules LSM: Module stacking for AppArmor 1 - - 0 0 0 2020-02-14 Casey Schaufler New
[v15,20/23] Audit: Add subj_LSM fields when necessary LSM: Module stacking for AppArmor 1 - - 0 0 0 2020-02-14 Casey Schaufler New
[v15,19/23] LSM: Verify LSM display sanity in binder LSM: Module stacking for AppArmor 1 - - 0 0 0 2020-02-14 Casey Schaufler New
[v15,18/23] NET: Store LSM netlabel data in a lsmblob LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,17/23] LSM: security_secid_to_secctx in netlink netfilter LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,16/23] LSM: Use lsmcontext in security_inode_getsecctx LSM: Module stacking for AppArmor 1 - - 0 0 0 2020-02-14 Casey Schaufler New
[v15,15/23] LSM: Use lsmcontext in security_secid_to_secctx LSM: Module stacking for AppArmor 1 - - 0 0 0 2020-02-14 Casey Schaufler New
[v15,14/23] LSM: Ensure the correct LSM context releaser LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,13/23] LSM: Specify which LSM to display LSM: Module stacking for AppArmor 1 - - 0 0 0 2020-02-14 Casey Schaufler New
[v15,12/23] IMA: Change internal interfaces to use lsmblobs LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,11/23] LSM: Use lsmblob in security_cred_getsecid LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,10/23] LSM: Use lsmblob in security_inode_getsecid LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,09/23] LSM: Use lsmblob in security_task_getsecid LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,08/23] LSM: Use lsmblob in security_ipc_getsecid LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,07/23] LSM: Use lsmblob in security_secid_to_secctx LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,06/23] Use lsmblob in security_secctx_to_secid LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,05/23] net: Prepare UDS for security module stacking LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,04/23] LSM: Use lsmblob in security_kernel_act_as LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,03/23] LSM: Use lsmblob in security_audit_rule_match LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[v15,02/23] LSM: Create and manage the lsmblob data structure. LSM: Module stacking for AppArmor 1 - - 0 0 0 2020-02-14 Casey Schaufler New
[v15,01/23] LSM: Infrastructure management of the sock security LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-02-14 Casey Schaufler New
[3/3] Wire UFFD up to SELinux [1/3] Add a new LSM-supporting anonymous inode interface - - - 0 0 0 2020-02-14 Daniel Colascione New
[2/3] Teach SELinux about anonymous inodes [1/3] Add a new LSM-supporting anonymous inode interface - - - 0 0 0 2020-02-14 Daniel Colascione New
[1/3] Add a new LSM-supporting anonymous inode interface [1/3] Add a new LSM-supporting anonymous inode interface - - - 0 0 0 2020-02-14 Daniel Colascione New
[RFC] security,anon_inodes,kvm: enable security support for anon inodes [RFC] security,anon_inodes,kvm: enable security support for anon inodes - - - 0 0 0 2020-02-13 Stephen Smalley New
security/selinux: Add support for new key permissions security/selinux: Add support for new key permissions - - - 0 0 0 2020-02-03 Richard Haines New
[v2] selinux: remove unused initial SIDs and improve handling [v2] selinux: remove unused initial SIDs and improve handling - - - 0 0 0 2020-01-29 Stephen Smalley New
[v4] libsepol,checkpolicy: remove use of hardcoded security class values [v4] libsepol,checkpolicy: remove use of hardcoded security class values 1 - - 0 0 0 2020-01-21 Stephen Smalley New
[RFC] selinux: policydb - convert filename trans hash to rhashtable [RFC] selinux: policydb - convert filename trans hash to rhashtable - - - 0 0 0 2020-01-16 Lucas Stach New
[v2] mcstrans: start early and stop late [v2] mcstrans: start early and stop late - - - 0 0 0 2019-12-11 Dominick Grift New
[RFC,v3] security,capability: pass object information to security_capable [RFC,v3] security,capability: pass object information to security_capable - - - 0 0 0 2019-08-15 Aaron Goidel New
[RFC] audit, security: allow LSMs to selectively enable audit collection [RFC] audit, security: allow LSMs to selectively enable audit collection - - - 0 0 0 2019-08-15 Aaron Goidel New
[v4,21/21] fuse: Allow user namespace mounts 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,20/21] fuse: Restrict allow_other to the superblock's namespace or a descendant 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,15/21] fs: Don't remove suid for CAP_FSETID in s_user_ns 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 1 - 0 0 0 2016-04-26 Seth Forshee New
[v4,09/21] Smack: Handle labels consistently in untrusted mounts 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,07/21] selinux: Add support for unprivileged mounts from user namespaces 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,06/21] fs: Treat foreign mounts as nosuid 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,05/21] block_dev: Check permissions towards block device inode when mounting 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,01/21] fs: fix a posible leak of allocated superblock 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - 0 0 0 2016-04-26 Seth Forshee New