SELinux Development list

Show patches with: State = Action Required | Archived = No | 112 patches

« 1 2 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[v3,1/1] xattr: Allow user.* xattr on symlink and special files	Relax restrictions on user.* xattr	- - -	---	2021-09-02	Vivek Goyal	pcmoore	New
[PATCHv2,net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone	security: fixups for the security hooks in sctp	- 1 1	---	2021-11-02	Xin Long	pcmoore	New
[PATCHv2,net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce	security: fixups for the security hooks in sctp	- 1 1	---	2021-11-02	Xin Long	pcmoore	New
[PATCHv2,net,3/4] security: add sctp_assoc_established hook	security: fixups for the security hooks in sctp	- 1 1	---	2021-11-02	Xin Long	pcmoore	New
[PATCHv2,net,4/4] security: implement sctp_assoc_established hook in selinux	security: fixups for the security hooks in sctp	- 1 1	---	2021-11-02	Xin Long	pcmoore	New
[net] selinux: fix SCTP client peeloff socket labeling	[net] selinux: fix SCTP client peeloff socket labeling	- - -	---	2021-11-04	Ondrej Mosnacek	pcmoore	New
[RFC] selinux: Add netlink xperm support	[RFC] selinux: Add netlink xperm support	- - -	---	2021-11-10	Bram Bonné	pcmoore	New
[v3,1/1] fuse: Send security context of inode on file creation	fuse: Send file/inode security context during creation	- - -	---	2021-11-10	Vivek Goyal	pcmoore	New
[RFC] capability: add capable_or to test for multiple caps with exactly one audit message	[RFC] capability: add capable_or to test for multiple caps with exactly one audit message	- - -	---	2021-11-16	Christian Göttsche	pcmoore	New
[v19,1/4] Add flags option to get xattr method paired to __vfs_getxattr	overlayfs override_creds=off & nested get xattr fix	5 1 -	---	2021-11-17	David Anderson	pcmoore	New
[v19,2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method	overlayfs override_creds=off & nested get xattr fix	- - -	---	2021-11-17	David Anderson	pcmoore	New
[v19,3/4] overlayfs: override_creds=off option bypass creator_cred	overlayfs override_creds=off & nested get xattr fix	- - -	---	2021-11-17	David Anderson	pcmoore	New
[v19,4/4] overlayfs: inode_owner_or_capable called during execv	overlayfs override_creds=off & nested get xattr fix	- - -	---	2021-11-17	David Anderson	pcmoore	New
[RFC,2/2] security, nfs: Provide a hook for fs_context security initialisation	[RFC,1/2] security: Remove security_add_mnt_opt() as it's unused	- - -	---	2021-12-08	David Howells	pcmoore	New
[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	1 - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,02/28] LSM: Infrastructure management of the sock security	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,03/28] LSM: Add the lsmblob data structure.	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,04/28] LSM: provide lsm name and id slot mappings	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	1 1 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,05/28] IMA: avoid label collisions with stacked LSMs	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,06/28] LSM: Use lsmblob in security_audit_rule_match	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	1 - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,07/28] LSM: Use lsmblob in security_kernel_act_as	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,08/28] LSM: Use lsmblob in security_secctx_to_secid	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	1 1 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,09/28] LSM: Use lsmblob in security_secid_to_secctx	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	1 1 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,10/28] LSM: Use lsmblob in security_ipc_getsecid	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,11/28] LSM: Use lsmblob in security_task_getsecid	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,12/28] LSM: Use lsmblob in security_inode_getsecid	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,13/28] LSM: Use lsmblob in security_cred_getsecid	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,14/28] LSM: Specify which LSM to display	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,15/28] LSM: Ensure the correct LSM context releaser	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	3 2 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,16/28] LSM: Use lsmcontext in security_secid_to_secctx	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,17/28] LSM: Use lsmcontext in security_inode_getsecctx	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	3 2 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,18/28] LSM: security_secid_to_secctx in netlink netfilter	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	3 2 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,19/28] NET: Store LSM netlabel data in a lsmblob	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 2 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,20/28] binder: Pass LSM identifier for confirmation	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,21/28] LSM: Extend security_secid_to_secctx to include module selection	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,22/28] Audit: Keep multiple LSM data in audit_names	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	1 - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,23/28] Audit: Create audit_stamp structure	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	1 - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,24/28] Audit: Add framework for auxiliary records	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,25/28] Audit: Add record for multiple task security contexts	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,26/28] Audit: Add record for multiple object security contexts	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- - -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,27/28] LSM: Add /proc attr entry for full LSM context	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	- 1 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[v31,28/28] AppArmor: Remove the exclusive flag	[v31,01/28] integrity: disassociate ima_filter_rule from security_audit_rule	2 1 -	---	2021-12-13	Casey Schaufler	pcmoore	New
[V2,1/1] selinux-testsuite: Add btrfs support for filesystem tests	selinux-testsuite: Add btrfs support for filesystem tests	- - -	---	2020-11-03	Richard Haines	omos	Queued
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime	selinux-testsuite: Reduce sctp test runtime	- - -	---	2020-11-04	Richard Haines	omos	Under Review
[testsuite] tests/sctp: add client peeloff tests	[testsuite] tests/sctp: add client peeloff tests	- - -	---	2021-10-21	Ondrej Mosnacek	omos	Under Review
[RFC,1/1] testsuite sctp: Add tests for sctp_socket transition rules	selinux-testsuite: Add tests for sctp_socket transition rules	- - -	---	2021-11-07	Richard Haines	omos	New
[testsuite] tests/inet_socket: Add socket transition tests	[testsuite] tests/inet_socket: Add socket transition tests	- - -	---	2021-11-17	Richard Haines	omos	New
[V2,testsuite] tests/inet_socket: Add socket transition tests	[V2,testsuite] tests/inet_socket: Add socket transition tests	- - -	---	2021-11-25	Richard Haines	omos	New
[testsuite] tests/binder: Build only for 4.11 and later kernels	[testsuite] tests/binder: Build only for 4.11 and later kernels	- - -	---	2022-01-13	GONG, Ruiqi	omos	New
[RFC] libsepol,checkpolicy: Add netlink xperm support	[RFC] libsepol,checkpolicy: Add netlink xperm support	- - -	---	2021-11-10	Bram Bonné		New
[v2] Support static-only builds	[v2] Support static-only builds	- - -	---	2021-11-13	Alyssa Ross		New
Kernel policy language is infix	Kernel policy language is infix	- - -	---	2021-11-19	Topi Miettinen		New
Kernel policy language is infix	Kernel policy language is infix	- - -	---	2021-11-19	Topi Miettinen		New
[1/2] selinux: Add map perms	[1/2] selinux: Add map perms	- - -	---	2021-11-21	Jason Zaman		New
[2/2] dbus: Add filetrans for /tmp/dbus-* session socket	[1/2] selinux: Add map perms	- - -	---	2021-11-21	Jason Zaman		New
[RFC,1/3] libsepol: introduce ebitmap_subtract()	[RFC,1/3] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-23	Christian Göttsche		New
[RFC,2/3] libsepol: add not-self neverallow support	[RFC,1/3] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-23	Christian Göttsche		New
[RFC,3/3] checkpolicy: add not-self neverallow support	[RFC,1/3] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-23	Christian Göttsche		New
[RFC,v2,1/4] libsepol: introduce ebitmap_subtract()	[RFC,v2,1/4] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-24	Christian Göttsche		New
[RFC,v2,2/4] libsepol: add not-self neverallow support	[RFC,v2,1/4] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-24	Christian Göttsche		New
[RFC,v2,3/4] checkpolicy: add not-self neverallow support	[RFC,v2,1/4] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-24	Christian Göttsche		New
[RFC,v2,4/4] libsepol: free ebitmap on end of function	[RFC,v2,1/4] libsepol: introduce ebitmap_subtract()	- - -	---	2021-11-24	Christian Göttsche		New
libsepol: free ebitmap on end of function	libsepol: free ebitmap on end of function	- - -	---	2021-11-25	Christian Göttsche		New
[XSERVER,1/2] selinux: remap security classes on policyload	[XSERVER,1/2] selinux: remap security classes on policyload	- - -	---	2021-11-25	Christian Göttsche		New
[XSERVER,2/2] selinux: log events with appropriate audit type	[XSERVER,1/2] selinux: remap security classes on policyload	- - -	---	2021-11-25	Christian Göttsche		New
[RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement()	[RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement()	- - -	---	2021-12-04	Christian Göttsche		New
[RFC,v3,2/5] libsepol: add not-self neverallow support	[RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement()	- - -	---	2021-12-04	Christian Göttsche		New
[RFC,v3,3/5] checkpolicy: add not-self neverallow support	[RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement()	- - -	---	2021-12-04	Christian Göttsche		New
[RFC,v3,4/5] libsepol: free ebitmap on end of function	[RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement()	- - -	---	2021-12-04	Christian Göttsche		New
[RFC,v3,5/5] libsepol: pass avtab to report function	[RFC,v3,1/5] libsepol: introduce ebitmap_relative_complement()	- - -	---	2021-12-04	Christian Göttsche		New
[v2] secilc: kernel policy language is infix	[v2] secilc: kernel policy language is infix	- - -	---	2021-12-12	Topi Miettinen		New
libsepol: handle type gaps when optimizing	libsepol: handle type gaps when optimizing	- - -	---	2021-12-23	Christian Göttsche		New
[1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block	[1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block	- - -	---	2022-01-05	James Carter		New
[2/3] libsepol/cil: Mark as abstract all sub-blocks of an abstract block	[1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block	- - -	---	2022-01-05	James Carter		New
[3/3] libsepol/cil: Do not resolve names to declarations in abstract blocks	[1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block	- - -	---	2022-01-05	James Carter		New
[v2] libsepol: handle type gaps	[v2] libsepol: handle type gaps	- - -	---	2022-01-06	Christian Göttsche		New
[01/16,v2] libsepol: Return an error if check_assertion() returns an error.	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[02/16,v2] libsepol: Change label in check_assertion_avtab_match()	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[03/16,v2] libsepol: Remove uneeded error messages in assertion checking	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[04/16,v2] libsepol: Check for error from check_assertion_extended_permissions()	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[05/16,v2] libsepol: Use consistent return checking style	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[06/16,v2] libsepol: Move check of target types to before check for self	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[07/16,v2] libsepol: Create function check_assertion_self_match() and use it	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[08/16,v2] libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[09/16,v2] libsepol: Remove unnessesary check for matching class	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[10/16,v2] libsepol: Move assigning outer loop index out of inner loop	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[11/16,v2] libsepol: Make use of previously created ebitmap when checking self	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[12/16,v2] libsepol: Refactor match_any_class_permissions() to be clearer	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[13/16,v2] libsepol: Make return value clearer when reporting neverallowx errors	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[14/16,v2] libsepol: The src and tgt must be the same if neverallow uses self	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[15/16,v2] libsepol: Set args avtab pointer when reporting assertion violations	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[16/16,v2] libsepol: Fix two problems with neverallowxperm reporting	Refactor and fix assertion checking	- - -	---	2022-01-11	James Carter		New
[1/2,RFC] libsepol: Add not self support for neverallow rules	libsepol: Adding support for not-self rules	- - -	---	2022-01-11	James Carter		New
[2/2,RFC] libsepol/cil: Add notself and minusself support to CIL	libsepol: Adding support for not-self rules	- - -	---	2022-01-11	James Carter		New
[RFC,userspace,1/5] libsemanage: add missing include to boolean_record.c	Allow rebuilding policy store only if there were external changes to modules	- - -	---	2022-01-13	Ondrej Mosnacek		New
[RFC,userspace,2/5] semodule,libsemanage: move module hashing into libsemanage	Allow rebuilding policy store only if there were external changes to modules	- - -	---	2022-01-13	Ondrej Mosnacek		New
[RFC,userspace,3/5] libsemanage: move compressed file handling into a separate object	Allow rebuilding policy store only if there were external changes to modules	- - -	---	2022-01-13	Ondrej Mosnacek		New
[RFC,userspace,4/5] libsemanage: optionally rebuild policy when modules are changed externally	Allow rebuilding policy store only if there were external changes to modules	- - -	---	2022-01-13	Ondrej Mosnacek		New
[RFC,userspace,5/5] semodule: add command-line option to detect module changes	Allow rebuilding policy store only if there were external changes to modules	- - -	---	2022-01-13	Ondrej Mosnacek		New
libsepol/cil: Ensure that the class in a classcommon is a kernel class	libsepol/cil: Ensure that the class in a classcommon is a kernel class	- - -	---	2022-01-13	James Carter		New

« 1 2 »