Show patches with: Archived = No       |   9250 patches
« 1 2 ... 6 7 892 93 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v2,04/25] capability: rename cpu_vfs_cap_data to vfs_caps fs: use type-safe uid representation for filesystem capabilities 1 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Handled Elsewhere
[v2,03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Handled Elsewhere
[v2,02/25] mnt_idmapping: include cred.h fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Handled Elsewhere
[v2,01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h fs: use type-safe uid representation for filesystem capabilities - 1 - --- 2024-02-21 Seth Forshee (DigitalOcean) pcmoore Handled Elsewhere
[v2] checkpolicy, libsepol: Fix potential double free of mls_level_t [v2] checkpolicy, libsepol: Fix potential double free of mls_level_t - - - --- 2024-02-21 James Carter bachradsusi Superseded
[PR#420,v2] audit2allow: CIL output mode [PR#420,v2] audit2allow: CIL output mode - - - --- 2024-02-19 Topi Miettinen bachradsusi Superseded
[PR#420] audit2allow: CIL output mode [PR#420] audit2allow: CIL output mode - - - --- 2024-02-18 Topi Miettinen Superseded
[v7,4/4] userfaultfd: use per-vma locks in userfaultfd operations per-vma locks in userfaultfd - 1 - --- 2024-02-15 Lokesh Gidra pcmoore Handled Elsewhere
[v7,3/4] mm: add vma_assert_locked() for !CONFIG_PER_VMA_LOCK per-vma locks in userfaultfd - 1 - --- 2024-02-15 Lokesh Gidra pcmoore Handled Elsewhere
[v7,2/4] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx per-vma locks in userfaultfd - 2 - --- 2024-02-15 Lokesh Gidra pcmoore Handled Elsewhere
[v7,1/4] userfaultfd: move userfaultfd_ctx struct to header file per-vma locks in userfaultfd - 2 - --- 2024-02-15 Lokesh Gidra pcmoore Handled Elsewhere
[v10,25/25] integrity: Remove LSM security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,24/25] ima: Make it independent from 'integrity' LSM security: Move IMA and EVM to the LSM infrastructure 1 3 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,23/25] evm: Make it independent from 'integrity' LSM security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,22/25] evm: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 3 3 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,21/25] ima: Move IMA-Appraisal to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 3 3 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,20/25] ima: Move to LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 5 2 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,19/25] integrity: Move integrity_kernel_module_request() to IMA security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,18/25] security: Introduce key_post_create_or_update hook security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,17/25] security: Introduce inode_post_remove_acl hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,16/25] security: Introduce inode_post_set_acl hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,15/25] security: Introduce inode_post_create_tmpfile hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,14/25] security: Introduce path_post_mknod hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,13/25] security: Introduce file_release hook security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,12/25] security: Introduce file_post_open hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,11/25] security: Introduce inode_post_removexattr hook security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,10/25] security: Introduce inode_post_setattr hook security: Move IMA and EVM to the LSM infrastructure 3 2 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,09/25] security: Align inode_setattr hook definition with EVM security: Move IMA and EVM to the LSM infrastructure 2 2 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 1 4 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,05/25] ima: Align ima_post_read_file() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 1 4 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,04/25] ima: Align ima_inode_removexattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,03/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,02/25] ima: Align ima_file_mprotect() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 2 3 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v10,01/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure security: Move IMA and EVM to the LSM infrastructure 1 4 - --- 2024-02-15 Roberto Sassu pcmoore Handled Elsewhere
[v2] python/semanage: Allow modifying records on "add" [v2] python/semanage: Allow modifying records on "add" 1 - - --- 2024-02-14 Vit Mojzis bachradsusi Accepted
[v6,3/3] userfaultfd: use per-vma locks in userfaultfd operations per-vma locks in userfaultfd - - - --- 2024-02-13 Lokesh Gidra pcmoore Handled Elsewhere
[v6,2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx per-vma locks in userfaultfd - 1 - --- 2024-02-13 Lokesh Gidra pcmoore Handled Elsewhere
[v6,1/3] userfaultfd: move userfaultfd_ctx struct to header file per-vma locks in userfaultfd - 1 - --- 2024-02-13 Lokesh Gidra pcmoore Handled Elsewhere
checkpolicy, libsepol: Fix potential double free of mls_level_t checkpolicy, libsepol: Fix potential double free of mls_level_t - - - --- 2024-02-13 James Carter bachradsusi Superseded
[v5,3/3] userfaultfd: use per-vma locks in userfaultfd operations per-vma locks in userfaultfd - - - --- 2024-02-13 Lokesh Gidra pcmoore Handled Elsewhere
[v5,2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx per-vma locks in userfaultfd - 1 - --- 2024-02-13 Lokesh Gidra pcmoore Handled Elsewhere
[v5,1/3] userfaultfd: move userfaultfd_ctx struct to header file per-vma locks in userfaultfd - 1 - --- 2024-02-13 Lokesh Gidra pcmoore Handled Elsewhere
[testsuite] tests/inet_socket: test CALIPSO also with datagram protocols [testsuite] tests/inet_socket: test CALIPSO also with datagram protocols - - - --- 2024-02-12 Ondrej Mosnacek omos Accepted
[v4,3/3] userfaultfd: use per-vma locks in userfaultfd operations per-vma locks in userfaultfd - - - --- 2024-02-08 Lokesh Gidra pcmoore Handled Elsewhere
[v4,2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx per-vma locks in userfaultfd - 1 - --- 2024-02-08 Lokesh Gidra pcmoore Handled Elsewhere
[v4,1/3] userfaultfd: move userfaultfd_ctx struct to header file per-vma locks in userfaultfd - 1 - --- 2024-02-08 Lokesh Gidra pcmoore Handled Elsewhere
[testsuite] policy: fix testsuite_domain_type_minimal() to work with rpm-ostree [testsuite] policy: fix testsuite_domain_type_minimal() to work with rpm-ostree - - - --- 2024-02-08 Ondrej Mosnacek omos Accepted
python/semanage: Do not sort local fcontext definitions python/semanage: Do not sort local fcontext definitions 1 - - --- 2024-02-07 Vit Mojzis bachradsusi Accepted
[5.4,4.19] lsm: new security_file_ioctl_compat() hook [5.4,4.19] lsm: new security_file_ioctl_compat() hook - 1 - --- 2024-02-06 Eric Biggers pcmoore Handled Elsewhere
[v3,3/3] userfaultfd: use per-vma locks in userfaultfd operations per-vma locks in userfaultfd - - - --- 2024-02-06 Lokesh Gidra pcmoore Handled Elsewhere
[v3,2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx per-vma locks in userfaultfd - 1 - --- 2024-02-06 Lokesh Gidra pcmoore Handled Elsewhere
[v3,1/3] userfaultfd: move userfaultfd_ctx struct to header file per-vma locks in userfaultfd - 1 - --- 2024-02-06 Lokesh Gidra pcmoore Handled Elsewhere
[v2] selinux: only filter copy-up xattrs following initialization [v2] selinux: only filter copy-up xattrs following initialization - - - --- 2024-02-02 David Disseldorp pcmoore Accepted
[RFC,v2,9/9] libselinux: support parallel selabel_lookup(3) libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi Superseded
[RFC,v2,8/9] libselinux: add selabel_file(5) fuzzer libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi Superseded
[RFC,v2,7/9] libselinux: remove unused hashtab code libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi Superseded
[RFC,v2,6/9] libselinux: rework selabel_file(5) database libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi Superseded
[RFC,v2,5/9] libselinux: sidtab updates libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi Superseded
[RFC,v2,4/9] libselinux: add unique id to sidtab entries libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi Superseded
[RFC,v2,3/9] libselinux: use more appropriate types in sidtab libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi Superseded
[RFC,v2,2/9] libselinux/utils: introduce selabel_compare libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi Superseded
[RFC,v2,1/9] policycoreutils: introduce unsetfiles libselinux: rework selabel_file(5) database - - - --- 2024-01-31 Christian Göttsche bachradsusi Superseded
[3/3] mcstrans: ensure transitivity in compare functions [1/3] libsepol: ensure transitivity in compare functions - - - --- 2024-01-31 Christian Göttsche bachradsusi Accepted
[2/3] libsepol/cil: ensure transitivity in compare functions [1/3] libsepol: ensure transitivity in compare functions - - - --- 2024-01-31 Christian Göttsche bachradsusi Accepted
[1/3] libsepol: ensure transitivity in compare functions [1/3] libsepol: ensure transitivity in compare functions 1 - - --- 2024-01-31 Christian Göttsche bachradsusi Accepted
selinux: correct return values in selinux_socket_getpeersec_dgram() selinux: correct return values in selinux_socket_getpeersec_dgram() - - - --- 2024-01-30 Paul Moore pcmoore Accepted
[v2,3/3] userfaultfd: use per-vma locks in userfaultfd operations per-vma locks in userfaultfd - - - --- 2024-01-29 Lokesh Gidra pcmoore Handled Elsewhere
[v2,2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx per-vma locks in userfaultfd - 1 - --- 2024-01-29 Lokesh Gidra pcmoore Handled Elsewhere
[v2,1/3] userfaultfd: move userfaultfd_ctx struct to header file per-vma locks in userfaultfd - 1 - --- 2024-01-29 Lokesh Gidra pcmoore Handled Elsewhere
security: fix no-op hook logic in security_inode_{set,remove}xattr() security: fix no-op hook logic in security_inode_{set,remove}xattr() - - - --- 2024-01-29 Ondrej Mosnacek pcmoore Handled Elsewhere
selinux: Use kfree_sensitive for certain code paths of security selinux: Use kfree_sensitive for certain code paths of security - - - --- 2024-01-28 Ronald Monthero pcmoore Rejected
lsm: fix default return value of the socket_getpeersec_* hooks lsm: fix default return value of the socket_getpeersec_* hooks - - - --- 2024-01-26 Ondrej Mosnacek pcmoore Handled Elsewhere
[3/3] userfaultfd: use per-vma locks in userfaultfd operations [1/3] userfaultfd: move userfaultfd_ctx struct to header file - - - --- 2024-01-26 Lokesh Gidra pcmoore Handled Elsewhere
[2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx [1/3] userfaultfd: move userfaultfd_ctx struct to header file - - - --- 2024-01-26 Lokesh Gidra pcmoore Handled Elsewhere
[1/3] userfaultfd: move userfaultfd_ctx struct to header file [1/3] userfaultfd: move userfaultfd_ctx struct to header file - - - --- 2024-01-26 Lokesh Gidra pcmoore Handled Elsewhere
security: fix the logic in security_inode_getsecctx() security: fix the logic in security_inode_getsecctx() - 1 - --- 2024-01-26 Ondrej Mosnacek pcmoore Handled Elsewhere
python/semanage: Allow modifying records on "add" python/semanage: Allow modifying records on "add" 1 - - --- 2024-01-24 Vit Mojzis bachradsusi Superseded
io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL - - - --- 2024-01-23 Paul Moore pcmoore Handled Elsewhere
[15/15] checkpolicy: misc policy_define.c cleanup [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[14/15] checkpolicy: avoid assigning garbage values [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[13/15] checkpolicy: free temporary bounds type [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[12/15] checkpolicy: provide more descriptive error messages [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[11/15] checkpolicy: fix use-after-free on invalid sens alias [01/15] checkpolicy: add libfuzz based fuzzer - - - --- 2024-01-22 Christian Göttsche bachradsusi Superseded
[10/15] libsepol: add copy member to level_datum [01/15] checkpolicy: add libfuzz based fuzzer - - - --- 2024-01-22 Christian Göttsche bachradsusi Superseded
[09/15] libsepol: use typedef [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[08/15] checkpolicy: bail out on invalid role [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[07/15] checkpolicy: call YYABORT on parse errors [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[06/15] checkpolicy: clean expression on error [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[05/15] checkpolicy: check allocation and free memory on error at type definition [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[04/15] checkpolicy: free ebitmap on error [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[03/15] checkpolicy: cleanup identifiers on error [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[02/15] checkpolicy: cleanup resources on parse error [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
[01/15] checkpolicy: add libfuzz based fuzzer [01/15] checkpolicy: add libfuzz based fuzzer 1 - - --- 2024-01-22 Christian Göttsche bachradsusi Accepted
selinux: reduce the object class calculations at inode init time selinux: reduce the object class calculations at inode init time - 1 - --- 2024-01-19 Paul Moore pcmoore Accepted
userfaultfd: fix return error if mmap_changing is non-zero in MOVE ioctl userfaultfd: fix return error if mmap_changing is non-zero in MOVE ioctl 2 - - --- 2024-01-17 Lokesh Gidra Handled Elsewhere
userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb - - - --- 2024-01-17 Lokesh Gidra Handled Elsewhere
[v9,25/25] integrity: Remove LSM security: Move IMA and EVM to the LSM infrastructure 1 2 - --- 2024-01-15 Roberto Sassu pcmoore Handled Elsewhere
[v9,24/25] ima: Make it independent from 'integrity' LSM security: Move IMA and EVM to the LSM infrastructure - 2 - --- 2024-01-15 Roberto Sassu pcmoore Handled Elsewhere
« 1 2 ... 6 7 892 93 »