Show patches with: State = Action Required       |    Archived = No       |   75 patches
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC] audit, security: allow LSMs to selectively enable audit collection [RFC] audit, security: allow LSMs to selectively enable audit collection - - - 0 0 0 2019-08-15 Aaron Goidel New
[RFC,v3] security,capability: pass object information to security_capable [RFC,v3] security,capability: pass object information to security_capable - - - 0 0 0 2019-08-15 Aaron Goidel New
security/selinux: Add support for new key permissions security/selinux: Add support for new key permissions - - - 0 0 0 2020-02-03 Richard Haines New
[RFC] selinux: add unprivileged sandboxing capability [RFC] selinux: add unprivileged sandboxing capability - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability [RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,2/5] selinux-testsuite: add tests/sandbox/nodir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,3/5] selinux-testsuite: add tests/sandbox/rxdir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,4/5] selinux-testsuite: add tests/sandbox/rxdir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,5/5] selinux-testsuite: add testing for unprivileged sandboxing capability [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[v5,1/3] Add a new LSM-supporting anonymous inode interface SELinux support for anonymous inodes and UFFD - - - 0 0 0 2020-04-01 Daniel Colascione New
[v5,2/3] Teach SELinux about anonymous inodes SELinux support for anonymous inodes and UFFD - - - 0 0 0 2020-04-01 Daniel Colascione New
[v5,3/3] Wire UFFD up to SELinux SELinux support for anonymous inodes and UFFD - - - 0 0 0 2020-04-01 Daniel Colascione New
[RFC] selinux-testsuite: Run tests using remote server [RFC] selinux-testsuite: Run tests using remote server - - - 0 0 0 2020-04-20 Richard Haines omos Under Review
[v3,1/3] perf docs: extend CAP_SYS_ADMIN with CAP_PERFMON where needed perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-24 Alexey Budankov New
[v3,2/3] perf tool: make Perf tool aware of SELinux access control perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-24 Alexey Budankov New
[v3,3/3] perf docs: introduce security.txt file to document related issues perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-24 Alexey Budankov New
[v3,1/3] perf docs: extend CAP_SYS_ADMIN with CAP_PERFMON where needed perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-30 Alexey Budankov New
[v3,2/3] perf tool: make Perf tool aware of SELinux access control perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-30 Alexey Budankov New
[v3,3/3] perf docs: introduce security.txt file to document related issues perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-30 Alexey Budankov New
[v3,1/2] libsepol,checkpolicy: optimize storage of filename transitions userspace: Implement new format of filename trans rules - - - 0 0 0 2020-05-02 Ondrej Mosnacek New
[v3,2/2] libsepol: implement POLICYDB_VERSION_COMP_FTRANS userspace: Implement new format of filename trans rules - - - 0 0 0 2020-05-02 Ondrej Mosnacek New
[v2,1/3] selinux: specialize symtab insert and search functions Inline some hashtab functions to improve performance - - - 0 0 0 2020-05-04 Ondrej Mosnacek New
[v2,2/3] selinux: prepare for inlining of hashtab functions Inline some hashtab functions to improve performance - - - 0 0 0 2020-05-04 Ondrej Mosnacek New
[v2,3/3] selinux: complete the inlining of hashtab functions Inline some hashtab functions to improve performance - - - 0 0 0 2020-05-04 Ondrej Mosnacek New
sepolgen: parse gen_tunable as bool sepolgen: parse gen_tunable as bool - - - 0 0 0 2020-05-05 Christian Göttsche New
chcat: don't crash if access to binary policy is prohibited chcat: don't crash if access to binary policy is prohibited - - - 0 0 0 2020-05-09 bauen1 New
[1/3] fs: unexport kernel_read_file() fs: reduce export usage of kerne_read*() calls - - - 0 0 0 2020-05-13 Luis Chamberlain New
[2/3] security: add symbol namespace for reading file data fs: reduce export usage of kerne_read*() calls - - - 0 0 0 2020-05-13 Luis Chamberlain New
[3/3] fs: move kernel_read*() calls to its own symbol namespace fs: reduce export usage of kerne_read*() calls - - - 0 0 0 2020-05-13 Luis Chamberlain New
keys: Move permissions checking decisions into the checking code keys: Move permissions checking decisions into the checking code - - - 0 0 0 2020-05-14 David Howells New
[v17,01/23] LSM: Infrastructure management of the sock security LSM: Module stacking for AppArmor 2 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,02/23] LSM: Create and manage the lsmblob data structure. LSM: Module stacking for AppArmor 2 - - 0 0 0 2020-05-14 Casey Schaufler New
[v17,03/23] LSM: Use lsmblob in security_audit_rule_match LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,04/23] LSM: Use lsmblob in security_kernel_act_as LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,05/23] net: Prepare UDS for security module stacking LSM: Module stacking for AppArmor - 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,06/23] Use lsmblob in security_secctx_to_secid LSM: Module stacking for AppArmor - 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,07/23] LSM: Use lsmblob in security_secid_to_secctx LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,08/23] LSM: Use lsmblob in security_ipc_getsecid LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,09/23] LSM: Use lsmblob in security_task_getsecid LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,10/23] LSM: Use lsmblob in security_inode_getsecid LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,11/23] LSM: Use lsmblob in security_cred_getsecid LSM: Module stacking for AppArmor 2 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,12/23] IMA: Change internal interfaces to use lsmblobs LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,13/23] LSM: Specify which LSM to display LSM: Module stacking for AppArmor 2 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,14/23] LSM: Ensure the correct LSM context releaser LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,15/23] LSM: Use lsmcontext in security_secid_to_secctx LSM: Module stacking for AppArmor 2 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,16/23] LSM: Use lsmcontext in security_inode_getsecctx LSM: Module stacking for AppArmor 1 - - 0 0 0 2020-05-14 Casey Schaufler New
[v17,17/23] LSM: security_secid_to_secctx in netlink netfilter LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,18/23] NET: Store LSM netlabel data in a lsmblob LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,19/23] LSM: Verify LSM display sanity in binder LSM: Module stacking for AppArmor 1 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,20/23] Audit: Add a new record for multiple subject LSM attributes LSM: Module stacking for AppArmor - 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,21/23] Audit: Add a new record for multiple object LSM attributes LSM: Module stacking for AppArmor - 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,22/23] LSM: Add /proc attr entry for full LSM context LSM: Module stacking for AppArmor - 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,23/23] AppArmor: Remove the exclusive flag LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v3] secilc/docs: fix use of TMPDIR [v3] secilc/docs: fix use of TMPDIR 1 - - 0 0 0 2020-05-15 Topi Miettinen New
[RFC,V2] selinux-testsuite: Add check for key changes on watch_queue [RFC,V2] selinux-testsuite: Add check for key changes on watch_queue - - - 0 0 0 2020-05-15 Richard Haines omos Under Review
[v2] ci: run SELinux kernel test suite [v2] ci: run SELinux kernel test suite - - - 0 0 0 2020-05-20 William Roberts New
capabilities: Introduce CAP_RESTORE capabilities: Introduce CAP_RESTORE - - - 0 0 0 2020-05-22 Adrian Reber New
libselinux: utils: link with shared libfts libselinux: utils: link with shared libfts - - - 0 0 0 2020-05-22 Đoàn Trần Công Danh New
[v3,1/2] libsepol: Fix type alias handling in kernel_to_cil [v3,1/2] libsepol: Fix type alias handling in kernel_to_cil - - - 0 0 0 2020-05-22 James Carter New
[v3,2/2] libsepol: Fix type alias handling in kernel_to_conf [v3,1/2] libsepol: Fix type alias handling in kernel_to_cil 1 - - 0 0 0 2020-05-22 James Carter New
[v2,1/3] libsepol: Write CIL default MLS rules on separate lines [v2,1/3] libsepol: Write CIL default MLS rules on separate lines - - - 0 0 0 2020-05-22 James Carter New
[v2,2/3] libsepol: Improve writing CIL sensitivity rules [v2,1/3] libsepol: Write CIL default MLS rules on separate lines - - - 0 0 0 2020-05-22 James Carter New
[v2,3/3] libsepol: Improve writing CIL category rules [v2,1/3] libsepol: Write CIL default MLS rules on separate lines 1 - - 0 0 0 2020-05-22 James Carter New
selinux: allow reading labels before policy is loaded selinux: allow reading labels before policy is loaded - - - 0 0 0 2020-05-23 Jonathan Lebon New
checkpolicy: Minor tweaks to the names of the contributors to the manpages checkpolicy: Minor tweaks to the names of the contributors to the manpages - - - 0 0 0 2020-05-25 Andrej Shadura New
semanage bash completion: handle semanage module #246 semanage bash completion: handle semanage module #246 - - - 0 0 0 2020-05-25 Topi Miettinen New
Add restorecon -x opt to not cross FS boundaries (cf github #208) Add restorecon -x opt to not cross FS boundaries (cf github #208) - - - 0 0 0 2020-05-26 Peter Whittaker New
[v3,1/2] libsepol/cil: Initialize the multiple_decls field of the cil db [v3,1/2] libsepol/cil: Initialize the multiple_decls field of the cil db 1 - - 0 0 0 2020-05-26 James Carter New
[v3,2/2] libsepol/cil: Return error when identifier declared as both type and attribute [v3,1/2] libsepol/cil: Initialize the multiple_decls field of the cil db 1 - - 0 0 0 2020-05-26 James Carter New
[v2] selinux: allow reading labels before policy is loaded [v2] selinux: allow reading labels before policy is loaded - - - 0 0 0 2020-05-27 Jonathan Lebon New
selinux: allow reading labels before policy is loaded selinux: allow reading labels before policy is loaded 1 - - 0 0 0 2020-05-27 Jonathan Lebon New
[v2,1/3] sepolgen: parse gen_tunable as bool [v2,1/3] sepolgen: parse gen_tunable as bool - - - 0 0 0 2020-05-28 Christian Göttsche New
[v2,2/3] refparser: add missing newline after error message [v2,1/3] sepolgen: parse gen_tunable as bool - - - 0 0 0 2020-05-28 Christian Göttsche New
[v2,3/3] sepolgen-ifgen: refactor default policy path retrieval [v2,1/3] sepolgen: parse gen_tunable as bool - - - 0 0 0 2020-05-28 Christian Göttsche New