Show patches with: State = Action Required       |   188 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[01/16,v2] libsepol: Return an error if check_assertion() returns an error. Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[02/16,v2] libsepol: Change label in check_assertion_avtab_match() Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[03/16,v2] libsepol: Remove uneeded error messages in assertion checking Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[04/16,v2] libsepol: Check for error from check_assertion_extended_permissions() Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[05/16,v2] libsepol: Use consistent return checking style Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[06/16,v2] libsepol: Move check of target types to before check for self Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[07/16,v2] libsepol: Create function check_assertion_self_match() and use it Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[08/16,v2] libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c Untitled series #439529 - - - --- 2021-02-28 Alexey Dobriyan pcmoore New
[09/16,v2] libsepol: Remove unnessesary check for matching class Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[1/2,RFC] libsepol: Add not self support for neverallow rules libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[1/2] libsepol/cil: Limit the amount of reporting for neverallow violations [1/2] libsepol/cil: Limit the amount of reporting for neverallow violations - - - --- 2022-01-14 James Carter New
[1/2] selinux: Add map perms [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
[1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block [1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block - - - --- 2022-01-05 James Carter New
[1/4,v2] libsepol/cil: Add cil_get_log_level() function libsepol/cil: Limit certain error and warning reports - - - --- 2022-01-19 James Carter New
[10/16,v2] libsepol: Move assigning outer loop index out of inner loop Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[11/16,v2] libsepol: Make use of previously created ebitmap when checking self Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[12/16,v2] libsepol: Refactor match_any_class_permissions() to be clearer Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[13/16,v2] libsepol: Make return value clearer when reporting neverallowx errors Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[14/16,v2] libsepol: The src and tgt must be the same if neverallow uses self Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[15/16,v2] libsepol: Set args avtab pointer when reporting assertion violations Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[16/16,v2] libsepol: Fix two problems with neverallowxperm reporting Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[2/2,RFC] libsepol/cil: Add notself and minusself support to CIL libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[2/2] dbus: Add filetrans for /tmp/dbus-* session socket [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
[2/2] libsepol/cil: Limit the amount of reporting for context rule conflicts [1/2] libsepol/cil: Limit the amount of reporting for neverallow violations - - - --- 2022-01-14 James Carter New
[2/3] libsepol/cil: Mark as abstract all sub-blocks of an abstract block [1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block - - - --- 2022-01-05 James Carter New
[2/4,v2] libsepol/cil: Provide more control over reporting bounds failures libsepol/cil: Limit certain error and warning reports - - - --- 2022-01-19 James Carter New
[3/3] libsepol/cil: Do not resolve names to declarations in abstract blocks [1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block - - - --- 2022-01-05 James Carter New
[3/4,v2] libsepol/cil: Limit the neverallow violations reported libsepol/cil: Limit certain error and warning reports - - - --- 2022-01-19 James Carter New
[3/9] selinux: declare name parameter of hash_eval const [1/9] selinux: check return value of sel_make_avc_files - - - --- 2022-01-25 Christian Göttsche pcmoore New
[4/4,v2] libsepol/cil: Limit the amount of reporting for context rule conflicts libsepol/cil: Limit certain error and warning reports - - - --- 2022-01-19 James Carter New
[4/9] selinux: enclose macro arguments in parenthesis [1/9] selinux: check return value of sel_make_avc_files - 1 - --- 2022-01-25 Christian Göttsche pcmoore New
[5/9] selinux: drop cast to same type [1/9] selinux: check return value of sel_make_avc_files - - - --- 2022-01-25 Christian Göttsche pcmoore New
[6/9] selinux: drop unused parameter of avtab_insert_node [1/9] selinux: check return value of sel_make_avc_files - - - --- 2022-01-25 Christian Göttsche pcmoore New
[7/9] selinux: do not discard const qualifier in cast [1/9] selinux: check return value of sel_make_avc_files - - - --- 2022-01-25 Christian Göttsche pcmoore New
[8/9] selinux: simplify cred_init_security [1/9] selinux: check return value of sel_make_avc_files - - - --- 2022-01-25 Christian Göttsche pcmoore New
[9/9] selinux: drop unused macro [1/9] selinux: check return value of sel_make_avc_files - 1 - --- 2022-01-25 Christian Göttsche pcmoore New
[libselinux] libselinux: make threadsafe for discover_class_cache [libselinux] libselinux: make threadsafe for discover_class_cache - - - --- 2022-01-20 Purushottam Choudhary New
[net] selinux: fix SCTP client peeloff socket labeling [net] selinux: fix SCTP client peeloff socket labeling - - - --- 2021-11-04 Ondrej Mosnacek pcmoore New
[PATCHv2,net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long pcmoore New
[PATCHv2,net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long pcmoore New
[PATCHv2,net,3/4] security: add sctp_assoc_established hook security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long pcmoore New
[PATCHv2,net,4/4] security: implement sctp_assoc_established hook in selinux security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long pcmoore New
[RESEND,v18,1/4] Add flags option to get xattr method paired to __vfs_getxattr overlayfs override_creds=off & nested get xattr fix 5 1 - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method overlayfs override_creds=off & nested get xattr fix - - - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,3/4] overlayfs: override_creds=off option bypass creator_cred overlayfs override_creds=off & nested get xattr fix - - - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,4/4] overlayfs: inode_owner_or_capable called during execv Untitled series #368853 - - - --- 2020-10-22 Mark Salyzyn pcmoore New
[RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU [RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU - - - --- 2021-04-16 Stephen Brennan pcmoore New
[RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU [RESEND,v5] proc: Allow pid_revalidate() during LOOKUP_RCU - - - --- 2021-02-04 Stephen Brennan pcmoore New
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime selinux-testsuite: Reduce sctp test runtime - - - --- 2020-11-04 Richard Haines omos Under Review
[RFC,1/1] testsuite sctp: Add tests for sctp_socket transition rules selinux-testsuite: Add tests for sctp_socket transition rules - - - --- 2021-11-07 Richard Haines omos New
[RFC,1/3] libsepol: introduce ebitmap_subtract() [RFC,1/3] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-23 Christian Göttsche New
[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,1/9] sk_buff: track nfct status in newly added skb->_state [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,2/2] security, nfs: Provide a hook for fs_context security initialisation [RFC,1/2] security: Remove security_add_mnt_opt() as it's unused - - - --- 2021-12-08 David Howells pcmoore New
[RFC,2/3] libsepol: add not-self neverallow support [RFC,1/3] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-23 Christian Göttsche New
[RFC,2/5] selinux-testsuite: add tests/sandbox/nodir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,2/9] sk_buff: track dst status in skb->_state [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,3/3] checkpolicy: add not-self neverallow support [RFC,1/3] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-23 Christian Göttsche New
[RFC,3/5] selinux-testsuite: add tests/sandbox/rxdir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,3/9] sk_buff: move the active_extensions into the state bitfield [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,4/5] selinux-testsuite: add tests/sandbox/rxdir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,4/9] net: optimize GRO for the common case. [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,5/5] selinux-testsuite: add testing for unprivileged sandboxing capability [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - --- 2020-03-13 Stephen Smalley omos New
[RFC,5/9] skbuff: introduce has_sk state bit. [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,6/9] veth: use skb_prepare_for_gro() [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,7/9] sk_buff: move inner header fields after tail [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,8/9] sk_buff: move vlan field after tail. [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,9/9] sk_buff: access secmark via getter/setter [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,userspace,1/5] libsemanage: add missing include to boolean_record.c Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek New
[RFC,userspace,2/5] semodule,libsemanage: move module hashing into libsemanage Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek New
[RFC,userspace,3/5] libsemanage: move compressed file handling into a separate object Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek New
[RFC,userspace,4/5] libsemanage: optionally rebuild policy when modules are changed externally Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek New
[RFC,userspace,5/5] semodule: add command-line option to detect module changes Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek New
[RFC,V2,1/2] selinux-testsuite: Run tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
[RFC,v2,1/4] libsepol: introduce ebitmap_subtract() [RFC,v2,1/4] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-24 Christian Göttsche New
[RFC,V2,2/2] selinux-testsuite: Run SCTP tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
[RFC,v2,2/4] libsepol: add not-self neverallow support [RFC,v2,1/4] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-24 Christian Göttsche New
[RFC,v2,3/4] checkpolicy: add not-self neverallow support [RFC,v2,1/4] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-24 Christian Göttsche New
[RFC,v2,4/4] libsepol: free ebitmap on end of function [RFC,v2,1/4] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-24 Christian Göttsche New
[RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,2/5] libsepol: add not-self neverallow support [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,3/5] checkpolicy: add not-self neverallow support [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,4/5] libsepol: free ebitmap on end of function [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3,5/5] libsepol: pass avtab to report function [RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement() - - - --- 2021-12-04 Christian Göttsche New
[RFC,v3] security,capability: pass object information to security_capable [RFC,v3] security,capability: pass object information to security_capable - - - --- 2019-08-15 Aaron Goidel pcmoore New
[RFC] audit, security: allow LSMs to selectively enable audit collection [RFC] audit, security: allow LSMs to selectively enable audit collection - - - --- 2019-08-15 Aaron Goidel pcmoore New
[RFC] capability: add capable_or to test for multiple caps with exactly one audit message [RFC] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2021-11-16 Christian Göttsche pcmoore New
[RFC] libsepol,checkpolicy: Add netlink xperm support [RFC] libsepol,checkpolicy: Add netlink xperm support - - - --- 2021-11-10 Bram Bonné New
[RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability [RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability - - - --- 2020-03-13 Stephen Smalley pcmoore New
[RFC] mm: create security context for memfd_secret inodes [RFC] mm: create security context for memfd_secret inodes - - - --- 2022-01-25 Christian Göttsche pcmoore New
[RFC] selinux: Add netlink xperm support [RFC] selinux: Add netlink xperm support - - - --- 2021-11-10 Bram Bonné pcmoore New
[RFC] selinux: add unprivileged sandboxing capability [RFC] selinux: add unprivileged sandboxing capability - - - --- 2020-03-13 Stephen Smalley pcmoore New
[RFC] selinux: split no transition execve check [RFC] selinux: split no transition execve check - - - --- 2022-01-25 Christian Göttsche pcmoore New
[RFC] userfaultfd: open userfaultfds with O_RDONLY [RFC] userfaultfd: open userfaultfds with O_RDONLY - - - --- 2021-06-24 Ondrej Mosnacek pcmoore New
[testsuite] tests/binder: Build only for 4.11 and later kernels [testsuite] tests/binder: Build only for 4.11 and later kernels - - - --- 2022-01-13 GONG, Ruiqi omos New
[testsuite] tests/inet_socket: Add socket transition tests [testsuite] tests/inet_socket: Add socket transition tests - - - --- 2021-11-17 Richard Haines omos New
[testsuite] tests/sctp: add client peeloff tests [testsuite] tests/sctp: add client peeloff tests - - - --- 2021-10-21 Ondrej Mosnacek omos Under Review
[v19,1/4] Add flags option to get xattr method paired to __vfs_getxattr overlayfs override_creds=off & nested get xattr fix 5 1 - --- 2021-11-17 David Anderson pcmoore New
[v19,2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method overlayfs override_creds=off & nested get xattr fix - - - --- 2021-11-17 David Anderson pcmoore New
« 1 2 »