Show patches with: State = Action Required       |    Archived = No       |   174 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
libsepol: return failure on saturated class name length libsepol: return failure on saturated class name length - - - --- 2022-01-19 Christian Göttsche New
[RFC] selinux: Fix selinux_sb_mnt_opts_compat() [RFC] selinux: Fix selinux_sb_mnt_opts_compat() - - - --- 2022-01-18 Scott Mayhew New
libsepol: reject invalid roles before inverting libsepol: reject invalid roles before inverting - - - --- 2022-01-17 Christian Göttsche New
selinux: check the return value of audit_log_start() selinux: check the return value of audit_log_start() - - - --- 2022-01-15 Xiaoke Wang New
[2/2] libsepol/cil: Limit the amount of reporting for context rule conflicts [1/2] libsepol/cil: Limit the amount of reporting for neverallow violations - - - --- 2022-01-14 James Carter New
[1/2] libsepol/cil: Limit the amount of reporting for neverallow violations [1/2] libsepol/cil: Limit the amount of reporting for neverallow violations - - - --- 2022-01-14 James Carter New
libselinux: Strip spaces before values in config libselinux: Strip spaces before values in config - - - --- 2022-01-13 Vit Mojzis New
libsepol/cil: Ensure that the class in a classcommon is a kernel class libsepol/cil: Ensure that the class in a classcommon is a kernel class - - - --- 2022-01-13 James Carter New
[RFC,userspace,5/5] semodule: add command-line option to detect module changes Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek New
[RFC,userspace,4/5] libsemanage: optionally rebuild policy when modules are changed externally Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek New
[RFC,userspace,3/5] libsemanage: move compressed file handling into a separate object Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek New
[RFC,userspace,2/5] semodule,libsemanage: move module hashing into libsemanage Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek New
[RFC,userspace,1/5] libsemanage: add missing include to boolean_record.c Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek New
[testsuite] tests/binder: Build only for 4.11 and later kernels [testsuite] tests/binder: Build only for 4.11 and later kernels - - - --- 2022-01-13 GONG, Ruiqi omos New
[2/2,RFC] libsepol/cil: Add notself and minusself support to CIL libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[1/2,RFC] libsepol: Add not self support for neverallow rules libsepol: Adding support for not-self rules - - - --- 2022-01-11 James Carter New
[16/16,v2] libsepol: Fix two problems with neverallowxperm reporting Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[15/16,v2] libsepol: Set args avtab pointer when reporting assertion violations Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[14/16,v2] libsepol: The src and tgt must be the same if neverallow uses self Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[13/16,v2] libsepol: Make return value clearer when reporting neverallowx errors Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[12/16,v2] libsepol: Refactor match_any_class_permissions() to be clearer Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[11/16,v2] libsepol: Make use of previously created ebitmap when checking self Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[10/16,v2] libsepol: Move assigning outer loop index out of inner loop Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[09/16,v2] libsepol: Remove unnessesary check for matching class Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[08/16,v2] libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[07/16,v2] libsepol: Create function check_assertion_self_match() and use it Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[06/16,v2] libsepol: Move check of target types to before check for self Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[05/16,v2] libsepol: Use consistent return checking style Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[04/16,v2] libsepol: Check for error from check_assertion_extended_permissions() Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[03/16,v2] libsepol: Remove uneeded error messages in assertion checking Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[02/16,v2] libsepol: Change label in check_assertion_avtab_match() Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
[01/16,v2] libsepol: Return an error if check_assertion() returns an error. Refactor and fix assertion checking - - - --- 2022-01-11 James Carter New
policycoreutils: Improve error message when selabel_open fails policycoreutils: Improve error message when selabel_open fails 1 - - --- 2022-01-10 Vit Mojzis New
libsepol: check for saturated class name length libsepol: check for saturated class name length 1 - - --- 2022-01-06 Christian Göttsche New
[v2] libsepol: handle type gaps [v2] libsepol: handle type gaps - - - --- 2022-01-06 Christian Göttsche New
[3/3] libsepol/cil: Do not resolve names to declarations in abstract blocks [1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block - - - --- 2022-01-05 James Carter New
[2/3] libsepol/cil: Mark as abstract all sub-blocks of an abstract block [1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block - - - --- 2022-01-05 James Carter New
[1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block [1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block - - - --- 2022-01-05 James Carter New
libsepol: handle type gaps when optimizing libsepol: handle type gaps when optimizing - - - --- 2021-12-23 Christian Göttsche New
[v2] libsepol: check for valid sensitivity before lookup [v2] libsepol: check for valid sensitivity before lookup 1 - - --- 2021-12-23 Christian Göttsche New
libsepol/cil: bail out on snprintf failure libsepol/cil: bail out on snprintf failure 1 - - --- 2021-12-20 Christian Göttsche New
[16/16] libsepol: Fix two problems with neverallowxperm reporting Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[15/16] libsepol: Set args avtab pointer when reporting assertion violations Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[14/16] libsepol: The src and tgt must be the same if neverallow uses self Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[13/16] libsepol: Make return value clearer when reporting neverallowx errors Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[12/16] libsepol: Refactor match_any_class_permissions() to be clearer Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[11/16] libsepol: Make use of previously created ebitmap when checking self Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[10/16] libsepol: Move assigning outer loop index out of inner loop Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[09/16] libsepol: Remove unnessesary check for matching class Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[08/16] libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[07/16] libsepol: Create function check_assertion_self_match() and use it Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[06/16] libsepol: Move check of target types to before check for self Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[05/16] libsepol: Use consistent return checking style Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[04/16] libsepol: Check for error from check_assertion_extended_permissions() Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[03/16] libsepol: Remove uneeded error messages in assertion checking Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[02/16] libsepol: Change label in check_assertion_avtab_match() Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
[01/16] libsepol: Return an error if check_assertion() returns an error. Refactor and fix assertion checking - - - --- 2021-12-17 James Carter New
selinux-notebook: Add epub build selinux-notebook: Add epub build - - - --- 2021-12-16 Richard Haines pcmoore New
[v31,28/28] AppArmor: Remove the exclusive flag [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 1 - --- 2021-12-13 Casey Schaufler New
[v31,27/28] LSM: Add /proc attr entry for full LSM context [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - 1 - --- 2021-12-13 Casey Schaufler New
[v31,26/28] Audit: Add record for multiple object security contexts [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-12-13 Casey Schaufler New
[v31,25/28] Audit: Add record for multiple task security contexts [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-12-13 Casey Schaufler New
[v31,24/28] Audit: Add framework for auxiliary records [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-12-13 Casey Schaufler New
[v31,23/28] Audit: Create audit_stamp structure [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 - - --- 2021-12-13 Casey Schaufler New
[v31,22/28] Audit: Keep multiple LSM data in audit_names [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 - - --- 2021-12-13 Casey Schaufler New
[v31,21/28] LSM: Extend security_secid_to_secctx to include module selection [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-12-13 Casey Schaufler New
[v31,20/28] binder: Pass LSM identifier for confirmation [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-12-13 Casey Schaufler New
[v31,19/28] NET: Store LSM netlabel data in a lsmblob [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-12-13 Casey Schaufler New
[v31,18/28] LSM: security_secid_to_secctx in netlink netfilter [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 3 2 - --- 2021-12-13 Casey Schaufler New
[v31,17/28] LSM: Use lsmcontext in security_inode_getsecctx [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 3 2 - --- 2021-12-13 Casey Schaufler New
[v31,16/28] LSM: Use lsmcontext in security_secid_to_secctx [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-12-13 Casey Schaufler New
[v31,15/28] LSM: Ensure the correct LSM context releaser [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 3 2 - --- 2021-12-13 Casey Schaufler New
[v31,14/28] LSM: Specify which LSM to display [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-12-13 Casey Schaufler New
[v31,13/28] LSM: Use lsmblob in security_cred_getsecid [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-12-13 Casey Schaufler New
[v31,12/28] LSM: Use lsmblob in security_inode_getsecid [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-12-13 Casey Schaufler New
[v31,11/28] LSM: Use lsmblob in security_task_getsecid [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-12-13 Casey Schaufler New
[v31,10/28] LSM: Use lsmblob in security_ipc_getsecid [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-12-13 Casey Schaufler New
[v31,09/28] LSM: Use lsmblob in security_secid_to_secctx [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2021-12-13 Casey Schaufler New
[v31,08/28] LSM: Use lsmblob in security_secctx_to_secid [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2021-12-13 Casey Schaufler New
[v31,07/28] LSM: Use lsmblob in security_kernel_act_as [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-12-13 Casey Schaufler New
[v31,06/28] LSM: Use lsmblob in security_audit_rule_match [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 - - --- 2021-12-13 Casey Schaufler New
[v31,05/28] IMA: avoid label collisions with stacked LSMs [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-12-13 Casey Schaufler New
[v31,04/28] LSM: provide lsm name and id slot mappings [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2021-12-13 Casey Schaufler New
[v31,03/28] LSM: Add the lsmblob data structure. [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-12-13 Casey Schaufler New
[v31,02/28] LSM: Infrastructure management of the sock security [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-12-13 Casey Schaufler New
[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule [v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 - - --- 2021-12-13 Casey Schaufler New
[V2,4/4] selinux-notebook: Add epub build SELinux Notebook: Add eBook reader build - - - --- 2021-12-13 Richard Haines pcmoore New
[v2] secilc: kernel policy language is infix [v2] secilc: kernel policy language is infix - - - --- 2021-12-12 Topi Miettinen New
[v3,36/36] libsepol: validate class default targets libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
[v3,35/36] libsepol: validate fsuse types libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
[v3,34/36] libsepol: validate categories libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
[v3,33/36] libsepol: validate policy properties libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
[v3,32/36] libsepol: validate permissive types libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
[v3,31/36] libsepol: validate genfs contexts libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
[v3,30/36] libsepol: validate ocontexts libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
[v3,29/36] libsepol: validate type of avtab type rules libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
[v3,28/36] libsepol: validate constraint expression operators and attributes libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
[v3,27/36] libsepol: validate avtab and avrule types libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
[v3,26/36] libsepol: resolve log message mismatch libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
[v3,25/36] libsepol: validate permission count of classes libsepol: add fuzzer for reading binary policies - - - --- 2021-12-09 Christian Göttsche New
« 1 2 »