Toggle navigation
Patchwork
SELinux Development list
Patches
Bundles
About this project
Login
Register
Mail settings
Show patches with
: Archived =
No
| 9250 patches
Series
Submitter
State
any
Action Required
New
Under Review
Accepted
Rejected
RFC
Not Applicable
Changes Requested
Awaiting Upstream
Superseded
Deferred
Mainlined
Queued
Needs ACK
Handled Elsewhere
In Next
Search
Archived
No
Yes
Both
Delegate
------
Nobody
holtmann
holtmann
holtmann
agk
mchehab
mchehab
gregkh
gregkh
mtosatti
lethal
lethal
avi
cvaroqui
jbrassow
mikulas
dtor
bmarzins
tmlind
jmberg
jmberg
mcgrof
mcgrof
mcgrof
lenb
lenb
kyle
felipebalbi
varenet
helge
helge
khilman
khilman
khilman
khilman
jwoithe
mlin
Zhang Rui
Zhang Rui
iksaif
cjackiewicz
hmh
jbarnes
jbarnes
jbarnes
willy
snitzer
iwamatsu
dougsland
mjg59
rafael
rafael
rafael
ericvh@gmail.com
ykzhao
venkip
sandeen
pwsan
lucho@ionkov.net
rminnich
anholt
aystarik
roland
shefty
mason
glikely
krh
djbw
djbw
djbw
cmarinas
doyu
jrn
sage
tomba
mmarek
cjb
trondmy
jikos
bcousson
jic23
olof
olof
olof
nsekhar
weiny2
horms
horms
bwidawsk
bwidawsk
shemminger
eulfhan
josef
josef
josef
dianders
jpan9
hal
kdave
bleung
evalenti
jlbec
wsa
bhelgaas
vkoul
vkoul
szlin
davejiang
markgross
tagr
tiwai
vireshk
mmind
dledford
geert
geert
herbert
herbert
kvalo
kvalo
kvalo
bentiss
arend
rzwisler
stellarhopper
stellarhopper
jejb
matthias_bgg
dvhart
axboe
axboe
pcmoore
pcmoore
pcmoore
mkp
mkp
stefan_schmidt
leon
lucvoo
jsakkine
jsakkine
jsakkine
bamse
bamse
demarchi
krzk
groeck
groeck
sboyd
sboyd
mturquette
mturquette
0andriy
carlocaione
luca
dgc
kbingham
derosier
narmstrong
narmstrong
atull
tytso
tytso
djwong
bvanassche
omos
jpirko
jpirko
GustavoARSilva
pkshih
patersonc
brauner
shuahkh
shuahkh
shuahkh
palmer
palmer
jgg
Kishon
idosch
labbott
jsimmons
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
lfadmin
broonie
broonie
broonie
mricon
mricon
mricon
kees
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
lfgitoliteapi
arnd
linusw
perfinion
bbrezillon
bachradsusi
rostedt
rostedt
kholk
nbd
ebiggers
ebiggers
pavelm
sds
m0reeze
ganis
jwcart2
matttbe
andmur01
lorpie01
chanwoochoi
dlezcano
jhedberg
vudentz
robertfoss
bgix
tedd_an
tsbogend
wens
wcrobert
robher
kstewart
kwilczynski
hansg
bpf
netdev
dsa
ethtool
netdrv
martineau
abelloni
trix
pabeni
mani_sadhasivam
mlimonci
liusong6
mjp
tohojo
pmalani
prestwoj
prestwoj
dhowells
tzungbi
conchuod
paulmck
jes
mtkaczyk
colyli
cem
pateldipen1984
iweiny
iweiny
bjorn
mhiramat
JanKiszka
jaegeuk
mraynal
aring
konradybcio
ij
Hailan
jstitt007
denkenz
denkenz
mkorenbl
jjohnson
frank_li
geliang
mdraidci
mdraidci
peluse
joelgranados
Apply
«
1
2
...
90
91
92
93
»
Patch
Series
A/R/T
S/W/F
Date
Submitter
Delegate
State
[2/2] libsepol: fix type bounds checking for attributes
- - -
-
-
-
2016-04-28
Stephen Smalley
Not Applicable
[1/2] libsepol: Only apply bounds checking to source types in rules
- - -
-
-
-
2016-04-28
Stephen Smalley
Not Applicable
selinux: Build policy on systems not supporting DCCP protocol
- - -
-
-
-
2016-04-24
Richard Haines
Accepted
[v2,8/8] genhomedircon: fix FALLBACK_NAME regex
- - -
-
-
-
2016-04-23
Jason Zaman
Superseded
[v2,7/8] genhomedircon: write contexts for username and userid
- - -
-
-
-
2016-04-23
Jason Zaman
Superseded
[v2,6/8] genhomedircon: make USERID, USERNAME context lists
- - -
-
-
-
2016-04-23
Jason Zaman
Superseded
[v2,5/8] genhomedircon: Add uid and gid to struct user_entry
- - -
-
-
-
2016-04-23
Jason Zaman
Superseded
[v2,4/8] genhomedircon: make all write context funcs take user_entry struct
- - -
-
-
-
2016-04-23
Jason Zaman
Superseded
[v2,3/8] genhomedircon: rename FALLBACK #defines consistent with struct
- - -
-
-
-
2016-04-23
Jason Zaman
Superseded
[v2,2/8] genhomedircon: move fallback user to genhomedircon_user_entry_t
- - -
-
-
-
2016-04-23
Jason Zaman
Superseded
[v2,1/8] genhomedircon: factor out common replacement code
- - -
-
-
-
2016-04-23
Jason Zaman
Superseded
[v3,21/21] fuse: Allow user namespace mounts
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,18/21] fuse: Add support for pid namespaces
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,16/21] fs: Allow superblock owner to access do_remount_sb()
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,13/21] fs: Update posix_acl support to handle user namespace mounts
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,11/21] cred: Reject inodes with invalid ids in set_create_file_as()
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,10/21] fs: Check for invalid i_uid in may_follow_link()
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,09/21] Smack: Handle labels consistently in untrusted mounts
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,08/21] userns: Replace in_userns with current_in_userns
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,07/21] selinux: Add support for unprivileged mounts from user namespaces
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,06/21] fs: Treat foreign mounts as nosuid
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,04/21] block_dev: Support checking inode permissions in lookup_bdev()
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible()
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
[v3,01/21] fs: fix a posible leak of allocated superblock
- - -
-
-
-
2016-04-22
Seth Forshee
Superseded
Fix extended permissions neverallow checking
- - -
-
-
-
2016-04-20
Jeffrey Vander Stoep
Accepted
selinux: check ss_initialized before revalidating an inode label
- - -
-
-
-
2016-04-19
Paul Moore
Accepted
selinux: delay inode label lookup as long as possible
- - -
-
-
-
2016-04-19
Paul Moore
Accepted
selinux: don't revalidate an inode's label when explicitly setting it
- - -
-
-
-
2016-04-19
Paul Moore
Accepted
[6/6] libsepol: When generating CIL use HLL line mark for neverallows
- - -
-
-
-
2016-04-19
James Carter
Rejected
[5/6] libsepol/cil: Remove path field from cil_tree_node struct
- - -
-
-
-
2016-04-19
James Carter
Rejected
[4/6] libsepol/cil: Replace cil_log() calls with cil_tree_log()
- - -
-
-
-
2016-04-19
James Carter
Rejected
[3/6] libsepol/cil: Add cil_tree_log() and supporting functions
- - -
-
-
-
2016-04-19
James Carter
Rejected
[2/6] libsepol/cil: Store CIL filename in parse tree and AST
- - -
-
-
-
2016-04-19
James Carter
Rejected
[1/6] libsepol/cil: Add high-level language line marking support
- - -
-
-
-
2016-04-19
James Carter
Rejected
security/selinux: Change bool variable name to index.
- - -
-
-
-
2016-04-14
Prarit Bhargava
Accepted
[RFC] selinux: always return a value from the netport/netnode/netif caches
- - -
-
-
-
2016-04-13
Paul Moore
Rejected
[3/3] libsepol/cil: Cleanup neverallow checking and fail if bounds checking fails
- - -
-
-
-
2016-04-13
James Carter
Accepted
[2/3] libsepol/cil: Improve type bounds check reporting
- - -
-
-
-
2016-04-13
James Carter
Accepted
[1/3] libsepol/cil: Fixed bug in cil_type_match_any()
- - -
-
-
-
2016-04-13
James Carter
Accepted
fixfiles: make sure $LOGFILE starts with a slash
- - -
-
-
-
2016-04-12
Oskari Saarenmaa
Not Applicable
selinux-testsuite: Update README
- - -
-
-
-
2016-04-12
Stephen Smalley
Accepted
libselinux: Fix typo in sefcontext_compile.8
- - -
-
-
-
2016-04-12
Petr Lautrbach
Accepted
selinux: apply execstack check on thread stacks
- - -
-
-
-
2016-04-08
Stephen Smalley
Accepted
selinux: distinguish non-init user namespace capability checks
- - -
-
-
-
2016-04-08
Stephen Smalley
Accepted
[7/7] genhomedircon: write contexts for username and userid
- - -
-
-
-
2016-04-08
Jason Zaman
Superseded
[6/7] genhomedircon: make USERID, USERNAME context lists
- - -
-
-
-
2016-04-08
Jason Zaman
Superseded
[5/7] genhomedircon: Add uid and gid to struct user_entry
- - -
-
-
-
2016-04-08
Jason Zaman
Superseded
[4/7] genhomedircon: make all write context funcs take user_entry struct
- - -
-
-
-
2016-04-08
Jason Zaman
Superseded
[3/7] genhomedircon: rename FALLBACK #defines consistent with struct
- - -
-
-
-
2016-04-08
Jason Zaman
Superseded
[2/7] genhomedircon: move fallback user to genhomedircon_user_entry_t
- - -
-
-
-
2016-04-08
Jason Zaman
Superseded
[1/7] genhomedircon: factor out common replacement code
- - -
-
-
-
2016-04-08
Jason Zaman
Superseded
[2/2,v3] checkpolicy: Fail if module name different than output base filename
- - -
-
-
-
2016-04-08
James Carter
Accepted
[1/2,v3] policycoreutils/hll/pp: Warn if module name different than output filename
- - -
-
-
-
2016-04-08
James Carter
Accepted
[net-next] security: drop the unused hook skb_owned_by
- - -
-
-
-
2016-04-08
Paolo Abeni
Accepted
[2/2,v2] checkpolicy: Warn if module name different than output filename
- - -
-
-
-
2016-04-07
James Carter
Superseded
[1/2,v2] policycoreutils/hll/pp: Warn if module name different than output filename
- - -
-
-
-
2016-04-07
James Carter
Superseded
[RFC] selinux-testsuite: Add test for execstack on thread stack
- - -
-
-
-
2016-04-06
Stephen Smalley
Superseded
[RFC] selinux: apply execstack check on thread stacks
- - -
-
-
-
2016-04-06
Stephen Smalley
Superseded
[RFC] selinux-testsuite: Add tests for non-init userns capability checks
- - -
-
-
-
2016-04-06
Stephen Smalley
Superseded
[RFC] selinux-testsuite: Add tests for non-init userns capability checks
- - -
-
-
-
2016-04-06
Stephen Smalley
Superseded
[RFC] selinux: distinguish non-init user namespace capability checks
- - -
-
-
-
2016-04-06
Stephen Smalley
Superseded
selinux: Add support for portcon dccp protocol
- - -
-
-
-
2016-04-06
Richard Haines
Accepted
cil_mem.c: #define _GNU_SOURCE
- - -
-
-
-
2016-04-06
Nick Kralevich
Rejected
[v3] selinux: restrict kernel module loading
- - -
-
-
-
2016-04-05
Jeffrey Vander Stoep
Accepted
[v2] selinux: restrict kernel module loading
- - -
-
-
-
2016-04-03
Jeffrey Vander Stoep
Superseded
selinux: restrict kernel module loading
- - -
-
-
-
2016-04-01
Jeffrey Vander Stoep
Superseded
selinux: consolidate the ptrace parent lookup code
- - -
-
-
-
2016-04-01
Paul Moore
Accepted
selinux: simply inode label states to INVALID and INITIALIZED
- - -
-
-
-
2016-03-28
Paul Moore
Accepted
selinux: don't revalidate inodes in selinux_socket_getpeersec_dgram()
- - -
-
-
-
2016-03-28
Paul Moore
Accepted
[RESEND,v2,11/18] fs: Ensure the mounter of a filesystem is privileged towards its inodes
- - -
-
-
-
2016-03-28
Seth Forshee
Superseded
netlabel: fix a problem with netlbl_secattr_catmap_setrng()
- - -
-
-
-
2016-03-28
Paul Moore
Accepted
[3/3] checkpolicy: Warn if module name different than filenames
- - -
-
-
-
2016-03-25
James Carter
Superseded
[2/3] policycoreutils/hll/pp: Warn if module name different from filenames
- - -
-
-
-
2016-03-25
James Carter
Superseded
[1/3] libsepol: Add function to check if module name matches filename
- - -
-
-
-
2016-03-25
James Carter
Superseded
Just sent a small patch to github to fix the selinuxfs man pages.
- - -
-
-
-
2016-03-25
Daniel Walsh
Accepted
selinux: fix memory leak on node_ptr on error return path
- - -
-
-
-
2016-03-21
Colin King
Rejected
policycoreutils/sepolgen: Add support for TYPEBOUNDS statement in INTERFACE policy files.
- - -
-
-
-
2016-03-21
Miroslav Grepl
Accepted
libsepol/cil: fix bug when resetting class permission values
- - -
-
-
-
2016-03-17
Steve Lawrence
Accepted
fs: remove excess check for in_userns
- - -
-
-
-
2016-03-15
Pavel Tikhomirov
Not Applicable
fs: fix a posible leak of allocated superblock
- - -
-
-
-
2016-03-15
Pavel Tikhomirov
Not Applicable
libselinux: only mount /proc if necessary
- - -
-
-
-
2016-02-29
Stephen Smalley
Accepted
[2/2] libselinux: procattr: return einval for <= 0 pid args.
- - -
-
-
-
2016-02-23
Daniel Cashman
Accepted
[1/2] libselinux: procattr: return error on invalid pid_t input.
- - -
-
-
-
2016-02-23
Daniel Cashman
Accepted
libselinux: selinux_restorecon.3 man page corrections.
- - -
-
-
-
2016-02-21
Richard Haines
Accepted
selinux: Don't sleep inside inode_getsecid hook
- - -
-
-
-
2016-02-18
Andreas Gruenbacher
Accepted
[RFC,v3,19/19] netlabel: Implement CALIPSO config functions for SMACK.
- - -
-
-
-
2016-02-17
Huw Davies
RFC
[RFC,v3,18/19] calipso: Add a label cache.
- - -
-
-
-
2016-02-17
Huw Davies
RFC
[RFC,v3,17/19] calipso: Add validation of CALIPSO option.
- - -
-
-
-
2016-02-17
Huw Davies
RFC
[RFC,v3,16/19] netlabel: Pass a family parameter to netlbl_skbuff_err().
- - -
-
-
-
2016-02-17
Huw Davies
RFC
[RFC,v3,15/19] calipso: Allow the lsm to label the skbuff directly.
- - -
-
-
-
2016-02-17
Huw Davies
RFC
[RFC,v3,14/19] ipv6: constify the skb pointer of ipv6_find_tlv().
- - -
-
-
-
2016-02-17
Huw Davies
RFC
[RFC,v3,13/19] calipso: Allow request sockets to be relabelled by the lsm.
- - -
-
-
-
2016-02-17
Huw Davies
RFC
[RFC,v3,12/19] ipv6: Allow request socks to contain IPv6 options.
- - -
-
-
-
2016-02-17
Huw Davies
RFC
[RFC,v3,11/19] netlabel: Prevent setsockopt() from changing the hop-by-hop option.
- - -
-
-
-
2016-02-17
Huw Davies
RFC
[RFC,v3,10/19] calipso: Set the calipso socket label to match the secattr.
- - -
-
-
-
2016-02-17
Huw Davies
RFC
[RFC,v3,09/19] netlabel: Move bitmap manipulation functions to the NetLabel core.
- - -
-
-
-
2016-02-17
Huw Davies
RFC
«
1
2
...
90
91
92
93
»