SELinux Development list

Show patches with: Archived = No | 9074 patches

« 1 2 3 4 … 90 91 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[bpf-next,v4,13/20] bpf, lsm: Add check for BPF LSM return value	Add return value range check for BPF LSM	1 - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,12/20] bpf, lsm: Enable BPF LSM prog to read/write return value parameters	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,11/20] bpf, lsm: Add disabled BPF LSM hook list	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,10/20] lsm: Refactor return value of LSM hook audit_rule_match	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,09/20] lsm: Refactor return value of LSM hook key_getsecurity	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,08/20] lsm: Refactor return value of LSM hook getprocattr	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,07/20] lsm: Refactor return value of LSM hook setprocattr	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,06/20] lsm: Refactor return value of LSM hook getselfattr	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,05/20] lsm: Refactor return value of LSM hook inode_copy_up_xattr	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,04/20] lsm: Refactor return value of LSM hook inode_listsecurity	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,03/20] lsm: Refactor return value of LSM hook inode_getsecurity	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,02/20] lsm: Refactor return value of LSM hook inode_need_killpriv	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[bpf-next,v4,01/20] lsm: Refactor return value of LSM hook vm_enough_memory	Add return value range check for BPF LSM	- - -	---	2024-07-11	Xu Kuohai	pcmoore	Handled Elsewhere
[-next] selinux: refactor code to return the correct errno	[-next] selinux: refactor code to return the correct errno	- - -	---	2024-07-11	Gaosheng Cui	pcmoore	Changes Requested
[RFC] lsm: add the inode_free_security_rcu() LSM implementation hook	[RFC] lsm: add the inode_free_security_rcu() LSM implementation hook	- - -	---	2024-07-10	Paul Moore	pcmoore	Handled Elsewhere
libselinux: set free'd data to NULL	libselinux: set free'd data to NULL	1 - -	---	2024-07-09	Petr Lautrbach	bachradsusi	Accepted
checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix	checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix	1 - -	---	2024-07-08	James Carter	bachradsusi	Accepted
selinux,smack: remove the capability checks in the removexattr hooks	selinux,smack: remove the capability checks in the removexattr hooks	1 - -	---	2024-07-03	Paul Moore	pcmoore	Handled Elsewhere
selinux: Streamline type determination in security_compute_sid	selinux: Streamline type determination in security_compute_sid	- - -	---	2024-07-03	Canfeng Guo	pcmoore	Accepted
[testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup	[testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup	- - -	---	2024-07-02	Gong Ruiqi	omos	New
libselinux: Fix integer comparison issues when compiling for 32-bit	libselinux: Fix integer comparison issues when compiling for 32-bit	1 1 -	---	2024-07-01	James Carter	bachradsusi	Accepted
UnicodeDecodeError: utf-8 on python semanage -i import	UnicodeDecodeError: utf-8 on python semanage -i import	- - -	---	2024-07-01	Allan Oepping	bachradsusi	Rejected
selinux: Streamline type determination in security_compute_sid	selinux: Streamline type determination in security_compute_sid	- - -	---	2024-06-29	Canfeng Guo	pcmoore	Changes Requested
selinux: Use 1UL for EBITMAP_BIT to match maps type	selinux: Use 1UL for EBITMAP_BIT to match maps type	- - -	---	2024-06-29	Canfeng Guo	pcmoore	Accepted
[v4,11/11] drm: Replace strcpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-28	Yafang Shao	pcmoore	Handled Elsewhere
[v4,10/11] net: Replace strcpy() with __get_task_comm()	Improve the copy of task comm	- - -	---	2024-06-28	Yafang Shao	pcmoore	Handled Elsewhere
[v4,09/11] tracing: Replace strncpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-28	Yafang Shao	pcmoore	Handled Elsewhere
[v4,08/11] tsacct: Replace strncpy() with __get_task_comm()	Improve the copy of task comm	- - -	---	2024-06-28	Yafang Shao	pcmoore	Handled Elsewhere
[v4,07/11] mm/kmemleak: Replace strncpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-28	Yafang Shao	pcmoore	Handled Elsewhere
[v4,06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul}	Improve the copy of task comm	- - -	---	2024-06-28	Yafang Shao	pcmoore	Handled Elsewhere
[v4,05/11] mm/util: Fix possible race condition in kstrdup()	Improve the copy of task comm	- - -	---	2024-06-28	Yafang Shao	pcmoore	Handled Elsewhere
[v4,04/11] bpftool: Ensure task comm is always NUL-terminated	Improve the copy of task comm	- 1 -	---	2024-06-28	Yafang Shao	pcmoore	Handled Elsewhere
[v4,03/11] security: Replace memcpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-28	Yafang Shao	pcmoore	Handled Elsewhere
[v4,02/11] auditsc: Replace memcpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-28	Yafang Shao	pcmoore	Handled Elsewhere
[v4,01/11] fs/exec: Drop task_lock() inside __get_task_comm()	Improve the copy of task comm	- - -	---	2024-06-28	Yafang Shao	pcmoore	Handled Elsewhere
[v2] libselinux: deprecate security_disable(3)	[v2] libselinux: deprecate security_disable(3)	1 - -	---	2024-06-23	Christian Göttsche	bachradsusi	Accepted
[v3,11/11] drm: Replace strcpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-21	Yafang Shao		Handled Elsewhere
[v3,10/11] net: Replace strcpy() with __get_task_comm()	Improve the copy of task comm	- - -	---	2024-06-21	Yafang Shao		Handled Elsewhere
[v3,09/11] tracing: Replace strncpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-21	Yafang Shao		Handled Elsewhere
[v3,08/11] tsacct: Replace strncpy() with __get_task_comm()	Improve the copy of task comm	- - -	---	2024-06-21	Yafang Shao		Handled Elsewhere
[v3,07/11] mm/kmemleak: Replace strncpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-21	Yafang Shao		Handled Elsewhere
[v3,06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul}	Improve the copy of task comm	- - -	---	2024-06-21	Yafang Shao		Handled Elsewhere
[v3,05/11] mm/util: Fix possible race condition in kstrdup()	Improve the copy of task comm	- - -	---	2024-06-21	Yafang Shao		Handled Elsewhere
[v3,04/11] bpftool: Ensure task comm is always NUL-terminated	Improve the copy of task comm	- 1 -	---	2024-06-21	Yafang Shao		Handled Elsewhere
[v3,03/11] security: Replace memcpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-21	Yafang Shao		Handled Elsewhere
[v3,02/11] auditsc: Replace memcpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-21	Yafang Shao		Handled Elsewhere
[v3,01/11] fs/exec: Drop task_lock() inside __get_task_comm()	Improve the copy of task comm	- - -	---	2024-06-21	Yafang Shao		Handled Elsewhere
libsepol: check scope permissions refer to valid class	libsepol: check scope permissions refer to valid class	1 - -	---	2024-06-15	Christian Göttsche	bachradsusi	Accepted
libsepol: Do not reject all type rules in conditionals when validating	libsepol: Do not reject all type rules in conditionals when validating	1 1 -	---	2024-06-14	James Carter	bachradsusi	Accepted
[v2,10/10] drm: Replace strcpy() with __get_task_comm()	Improve the copy of task comm	- - -	---	2024-06-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,09/10] net: Replace strcpy() with __get_task_comm()	Improve the copy of task comm	- - -	---	2024-06-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,08/10] tracing: Replace strncpy() with __get_task_comm()	Improve the copy of task comm	- - -	---	2024-06-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,07/10] tsacct: Replace strncpy() with __get_task_comm()	Improve the copy of task comm	- - -	---	2024-06-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,06/10] mm/kmemleak: Replace strncpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,05/10] mm/util: Fix possible race condition in kstrdup()	Improve the copy of task comm	- - -	---	2024-06-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,04/10] bpftool: Ensure task comm is always NUL-terminated	Improve the copy of task comm	- 1 -	---	2024-06-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,03/10] security: Replace memcpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,02/10] auditsc: Replace memcpy() with __get_task_comm()	Improve the copy of task comm	1 - -	---	2024-06-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,01/10] fs/exec: Drop task_lock() inside __get_task_comm()	Improve the copy of task comm	- - -	---	2024-06-13	Yafang Shao	pcmoore	Handled Elsewhere
[v2,4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks	Introduce user namespace capabilities	- - -	---	2024-06-09	Jonathan Calmels	pcmoore	Handled Elsewhere
[v2,3/4] capabilities: Add sysctl to mask off userns caps	Introduce user namespace capabilities	- - -	---	2024-06-09	Jonathan Calmels	pcmoore	Handled Elsewhere
[v2,2/4] capabilities: Add securebit to restrict userns caps	Introduce user namespace capabilities	- - -	---	2024-06-09	Jonathan Calmels	pcmoore	Handled Elsewhere
[v2,1/4] capabilities: Add user namespace capabilities	Introduce user namespace capabilities	- 1 -	---	2024-06-09	Jonathan Calmels	pcmoore	Handled Elsewhere
tree-wide: fix misc typos	tree-wide: fix misc typos	1 - -	---	2024-06-08	Christian Göttsche	bachradsusi	Accepted
checkpolicy: reject duplicate nodecon statements	checkpolicy: reject duplicate nodecon statements	1 - -	---	2024-06-08	Christian Göttsche	bachradsusi	Accepted
[2/2] libsepol: rework permission enabled check	[1/2] libsepol: move unchanged data out of loop	1 - -	---	2024-06-08	Christian Göttsche	bachradsusi	Accepted
[1/2] libsepol: move unchanged data out of loop	[1/2] libsepol: move unchanged data out of loop	1 - -	---	2024-06-08	Christian Göttsche	bachradsusi	Accepted
[2/2] libselinux: constify avc_open(3) parameter	[1/2] libselinux: deprecate security_disable(3)	1 - -	---	2024-06-08	Christian Göttsche	bachradsusi	Accepted
[1/2] libselinux: deprecate security_disable(3)	[1/2] libselinux: deprecate security_disable(3)	- - -	---	2024-06-08	Christian Göttsche	bachradsusi	Superseded
libsepol: hashtab: save one comparison on hit	libsepol: hashtab: save one comparison on hit	1 - -	---	2024-06-08	Christian Göttsche	bachradsusi	Accepted
libsepol: validate attribute-type maps	libsepol: validate attribute-type maps	1 - -	---	2024-06-08	Christian Göttsche	bachradsusi	Accepted
libsepol: contify function pointer arrays	libsepol: contify function pointer arrays	1 - -	---	2024-06-08	Christian Göttsche	bachradsusi	Accepted
fixfiles: drop unnecessary \ line endings	fixfiles: drop unnecessary \ line endings	1 - -	---	2024-06-06	Petr Lautrbach	bachradsusi	Accepted
[6/6] selftests/bpf: Replace memcpy() with __get_task_comm()	kernel: Avoid memcpy of task comm	- - -	---	2024-06-02	Yafang Shao	pcmoore	Handled Elsewhere
[5/6] bpftool: Make task comm always be NUL-terminated	kernel: Avoid memcpy of task comm	- 1 -	---	2024-06-02	Yafang Shao	pcmoore	Handled Elsewhere
[4/6] security: Replace memcpy() with __get_task_comm()	kernel: Avoid memcpy of task comm	1 - -	---	2024-06-02	Yafang Shao	pcmoore	Handled Elsewhere
[3/6] auditsc: Replace memcpy() with __get_task_comm()	kernel: Avoid memcpy of task comm	1 - -	---	2024-06-02	Yafang Shao	pcmoore	Handled Elsewhere
[2/6] tracing: Replace memcpy() with __get_task_comm()	kernel: Avoid memcpy of task comm	- - -	---	2024-06-02	Yafang Shao	pcmoore	Handled Elsewhere
[1/6] fs/exec: Drop task_lock() inside __get_task_comm()	kernel: Avoid memcpy of task comm	- - -	---	2024-06-02	Yafang Shao	pcmoore	Handled Elsewhere
[v3,2/2,testsuite] tests/nfs_filesystem: comment out failing mount	[v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now	- - -	---	2024-05-31	Stephen Smalley	omos	Accepted
[v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now	[v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now	- - -	---	2024-05-31	Stephen Smalley	omos	Accepted
[v2,2/2] tests/nfs_filesystem: remove failing mount	[v2,1/2] tools/nfs.sh: comment out the fscontext= tests for now	- - -	---	2024-05-29	Stephen Smalley	omos	Superseded
[v2,1/2] tools/nfs.sh: comment out the fscontext= tests for now	[v2,1/2] tools/nfs.sh: comment out the fscontext= tests for now	- - -	---	2024-05-29	Stephen Smalley	omos	Superseded
[PR,#134] sesearch: CIL output	[PR,#134] sesearch: CIL output	- - -	---	2024-05-17	Topi Miettinen	bachradsusi	Changes Requested
tracing/treewide: Remove second parameter of __assign_str()	tracing/treewide: Remove second parameter of __assign_str()	5 - 1	---	2024-05-16	Steven Rostedt	pcmoore	Handled Elsewhere
[4/4] sandbox: Add support for Wayland	[1/4] sandbox: do not fail without xmodmap	- - -	---	2024-05-14	Petr Lautrbach	bachradsusi	Accepted
[3/4] seunshare: Add [ -P pipewiresocket ] [ -W waylandsocket ] options	[1/4] sandbox: do not fail without xmodmap	- - -	---	2024-05-14	Petr Lautrbach	bachradsusi	Accepted
[2/4] sandbox: do not run window manager if it's not a session	[1/4] sandbox: do not fail without xmodmap	- - -	---	2024-05-14	Petr Lautrbach	bachradsusi	Accepted
[1/4] sandbox: do not fail without xmodmap	[1/4] sandbox: do not fail without xmodmap	1 - -	---	2024-05-14	Petr Lautrbach	bachradsusi	Accepted
[GIT,PULL] selinux/selinux-pr-20240513	[GIT,PULL] selinux/selinux-pr-20240513	- - -	---	2024-05-13	Paul Moore	pcmoore	Accepted
[2/2] checkpolicy: support CIDR notation for nodecon statements	[1/2] checkpolicy: perform contiguous check in host byte order	- - -	---	2024-05-08	Christian Göttsche	bachradsusi	Accepted
[1/2] checkpolicy: perform contiguous check in host byte order	[1/2] checkpolicy: perform contiguous check in host byte order	1 - -	---	2024-05-08	Christian Göttsche	bachradsusi	Accepted
[RFC] ima: Use sequence number to wait for policy updates	[RFC] ima: Use sequence number to wait for policy updates	- - -	---	2024-05-07	Roberto Sassu	pcmoore	New
[v3] ima: Avoid blocking in RCU read-side critical section	[v3] ima: Avoid blocking in RCU read-side critical section	1 2 -	---	2024-05-07	Guozihua (Scott)	pcmoore	Handled Elsewhere
[2/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now	[1/2,testsuite] tests/nfs_filesystem: remove failing mount	- - -	---	2024-05-06	Stephen Smalley	omos	Superseded
[1/2,testsuite] tests/nfs_filesystem: remove failing mount	[1/2,testsuite] tests/nfs_filesystem: remove failing mount	- - -	---	2024-05-06	Stephen Smalley	omos	Superseded
[4/4] libsepol: include prefix for module policy versions	[1/4] libsepol: reject self flag in type rules in old policies	- - -	---	2024-05-06	Christian Göttsche	bachradsusi	Accepted
[3/4] libsepol: validate type-attribute-map for old policies	[1/4] libsepol: reject self flag in type rules in old policies	- - -	---	2024-05-06	Christian Göttsche	bachradsusi	Accepted
[2/4] libsepol: only exempt gaps checking for kernel policies	[1/4] libsepol: reject self flag in type rules in old policies	- - -	---	2024-05-06	Christian Göttsche	bachradsusi	Accepted
[1/4] libsepol: reject self flag in type rules in old policies	[1/4] libsepol: reject self flag in type rules in old policies	1 - -	---	2024-05-06	Christian Göttsche	bachradsusi	Accepted

« 1 2 3 4 … 90 91 »