Show patches with: State = Action Required       |    Archived = No       |   138 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC] sched: only issue an audit on privileged operation [RFC] sched: only issue an audit on privileged operation - - - --- 2020-09-04 Christian Göttsche pcmoore New
[RESEND,v18,1/4] Add flags option to get xattr method paired to __vfs_getxattr overlayfs override_creds=off & nested get xattr fix 5 1 - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method overlayfs override_creds=off & nested get xattr fix - - - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,3/4] overlayfs: override_creds=off option bypass creator_cred overlayfs override_creds=off & nested get xattr fix - - - --- 2020-10-21 Mark Salyzyn pcmoore New
[RESEND,v18,4/4] overlayfs: inode_owner_or_capable called during execv Untitled series #368853 - - - --- 2020-10-22 Mark Salyzyn pcmoore New
vfs: fix fsconfig(2) LSM mount option handling for btrfs vfs: fix fsconfig(2) LSM mount option handling for btrfs - - 1 --- 2020-11-18 Ondrej Mosnacek pcmoore New
[v23,01/23] LSM: Infrastructure management of the sock security [v23,01/23] LSM: Infrastructure management of the sock security 2 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,02/23] LSM: Create and manage the lsmblob data structure. [v23,01/23] LSM: Infrastructure management of the sock security 3 - - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,03/23] LSM: Use lsmblob in security_audit_rule_match [v23,01/23] LSM: Infrastructure management of the sock security 2 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,04/23] LSM: Use lsmblob in security_kernel_act_as [v23,01/23] LSM: Infrastructure management of the sock security 2 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,05/23] LSM: Use lsmblob in security_secctx_to_secid [v23,01/23] LSM: Infrastructure management of the sock security - - - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,06/23] LSM: Use lsmblob in security_secid_to_secctx [v23,01/23] LSM: Infrastructure management of the sock security - - - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,07/23] LSM: Use lsmblob in security_ipc_getsecid [v23,01/23] LSM: Infrastructure management of the sock security 2 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,08/23] LSM: Use lsmblob in security_task_getsecid [v23,01/23] LSM: Infrastructure management of the sock security 2 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,09/23] LSM: Use lsmblob in security_inode_getsecid [v23,01/23] LSM: Infrastructure management of the sock security 2 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,10/23] LSM: Use lsmblob in security_cred_getsecid [v23,01/23] LSM: Infrastructure management of the sock security 2 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,11/23] IMA: Change internal interfaces to use lsmblobs [v23,01/23] LSM: Infrastructure management of the sock security 1 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,12/23] LSM: Specify which LSM to display [v23,01/23] LSM: Infrastructure management of the sock security - - - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,13/23] LSM: Ensure the correct LSM context releaser [v23,01/23] LSM: Infrastructure management of the sock security 1 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,14/23] LSM: Use lsmcontext in security_secid_to_secctx [v23,01/23] LSM: Infrastructure management of the sock security 2 1 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,15/23] LSM: Use lsmcontext in security_inode_getsecctx [v23,01/23] LSM: Infrastructure management of the sock security 2 1 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,16/23] LSM: security_secid_to_secctx in netlink netfilter [v23,01/23] LSM: Infrastructure management of the sock security 2 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,17/23] NET: Store LSM netlabel data in a lsmblob [v23,01/23] LSM: Infrastructure management of the sock security 2 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,18/23] LSM: Verify LSM display sanity in binder [v23,01/23] LSM: Infrastructure management of the sock security 2 2 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,19/23] audit: add support for non-syscall auxiliary records [v23,01/23] LSM: Infrastructure management of the sock security - - - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,20/23] Audit: Add new record for multiple process LSM attributes [v23,01/23] LSM: Infrastructure management of the sock security - - - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,21/23] Audit: Add a new record for multiple object LSM attributes [v23,01/23] LSM: Infrastructure management of the sock security - - - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,22/23] LSM: Add /proc attr entry for full LSM context [v23,01/23] LSM: Infrastructure management of the sock security - 1 - --- 2020-11-20 Casey Schaufler pcmoore New
[v23,23/23] AppArmor: Remove the exclusive flag [v23,01/23] LSM: Infrastructure management of the sock security 2 1 - --- 2020-11-20 Casey Schaufler pcmoore New
[v4] proc: Allow pid_revalidate() during LOOKUP_RCU [v4] proc: Allow pid_revalidate() during LOOKUP_RCU - - - --- 2021-01-04 Stephen Brennan pcmoore New
[v10,1/8] IMA: generalize keyring specific measurement constructs IMA: support for measuring kernel integrity critical data - 1 - --- 2021-01-08 Tushar Sugandhi pcmoore New
[v10,2/8] IMA: add support to measure buffer data hash IMA: support for measuring kernel integrity critical data - 1 - --- 2021-01-08 Tushar Sugandhi pcmoore New
[v10,3/8] IMA: define a hook to measure kernel integrity critical data IMA: support for measuring kernel integrity critical data - 1 - --- 2021-01-08 Tushar Sugandhi pcmoore New
[v10,4/8] IMA: add policy rule to measure critical data IMA: support for measuring kernel integrity critical data - 2 - --- 2021-01-08 Tushar Sugandhi pcmoore New
[v10,5/8] IMA: limit critical data measurement based on a label IMA: support for measuring kernel integrity critical data - 1 - --- 2021-01-08 Tushar Sugandhi pcmoore New
[v10,6/8] IMA: extend critical data hook to limit the measurement based on a label IMA: support for measuring kernel integrity critical data - 1 - --- 2021-01-08 Tushar Sugandhi pcmoore New
[v10,7/8] IMA: define a builtin critical data measurement policy IMA: support for measuring kernel integrity critical data - 2 - --- 2021-01-08 Tushar Sugandhi pcmoore New
[v10,8/8] selinux: include a consumer of the new IMA critical data hook IMA: support for measuring kernel integrity critical data 1 1 - --- 2021-01-08 Tushar Sugandhi pcmoore New
[v2,1/1] mm/madvise: replace ptrace attach requirement for process_madvise [v2,1/1] mm/madvise: replace ptrace attach requirement for process_madvise 2 1 - --- 2021-01-11 Suren Baghdasaryan pcmoore New
[v5,01/42] namespace: take lock_mount_hash() directly when changing flags idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,02/42] mount: make {lock,unlock}_mount_hash() static idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,03/42] namespace: only take read lock in do_reconfigure_mnt() idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,04/42] fs: split out functions to hold writers idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,05/42] fs: add attr_flags_to_mnt_flags helper idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,06/42] fs: add mount_setattr() idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,07/42] tests: add mount_setattr() selftests idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,08/42] fs: add id translation helpers idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,09/42] mount: attach mappings to mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,10/42] capability: handle idmapped mounts idmapped mounts 1 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,11/42] namei: make permission helpers idmapped mount aware idmapped mounts 1 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,12/42] inode: make init and permission helpers idmapped mount aware idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,13/42] attr: handle idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,14/42] acl: handle idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,15/42] fs: add file_user_ns() helper idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,16/42] xattr: handle idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,17/42] commoncap: handle idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,18/42] stat: handle idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,19/42] namei: handle idmapped mounts in may_*() helpers idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,20/42] namei: introduce struct renamedata idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,21/42] namei: prepare for idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,22/42] open: handle idmapped mounts in do_truncate() idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,23/42] open: handle idmapped mounts idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,24/42] af_unix: handle idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,25/42] utimes: handle idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,26/42] fcntl: handle idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,27/42] notify: handle idmapped mounts idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,28/42] init: handle idmapped mounts idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,29/42] ioctl: handle idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,30/42] would_dump: handle idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,31/42] exec: handle idmapped mounts idmapped mounts - 1 - --- 2021-01-12 Christian Brauner pcmoore New
[v5,33/42] apparmor: handle idmapped mounts idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,34/42] ima: handle idmapped mounts idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,35/42] fat: handle idmapped mounts idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,36/42] ext4: support idmapped mounts idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,37/42] xfs: support idmapped mounts idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,38/42] ecryptfs: do not mount on top of idmapped mounts idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,39/42] overlayfs: do not mount on top of idmapped mounts idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,40/42] fs: introduce MOUNT_ATTR_IDMAP idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
[v5,41/42] tests: extend mount_setattr tests idmapped mounts - - - --- 2021-01-12 Christian Brauner pcmoore New
selinux: include a consumer of the new IMA critical data hook selinux: include a consumer of the new IMA critical data hook 1 1 - --- 2021-01-14 Lakshmi Ramasubramanian pcmoore New
[RFC,V2,1/2] selinux-testsuite: Run tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
[RFC,V2,2/2] selinux-testsuite: Run SCTP tests using remote server selinux-testsuite: Run tests using remote server - - - --- 2020-08-26 Richard Haines omos New
[V2,1/1] selinux-testsuite: Add btrfs support for filesystem tests selinux-testsuite: Add btrfs support for filesystem tests - - - --- 2020-11-03 Richard Haines omos Queued
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime selinux-testsuite: Reduce sctp test runtime - - - --- 2020-11-04 Richard Haines omos Under Review
[v3,1/1] selinux-testsuite: Add userfaultfd test [v3,1/1] selinux-testsuite: Add userfaultfd test - - - --- 2021-01-08 Lokesh Gidra omos Under Review
[RFC,DBUS] selinux: add option to control checking of reply messages [RFC,DBUS] selinux: add option to control checking of reply messages - - - --- 2020-12-28 Christian Göttsche New
[1/6] libsepol: do not decode out-of-bound rolebounds [1/6] libsepol: do not decode out-of-bound rolebounds - - - --- 2020-12-30 Nicolas Iooss New
[1/1] GitHub Actions: run SELinux testsuite in Fedora virtual machine [1/1] GitHub Actions: run SELinux testsuite in Fedora virtual machine - - - --- 2020-12-30 Nicolas Iooss New
newrole: preserve environment variable XDG_RUNTIME_DIR newrole: preserve environment variable XDG_RUNTIME_DIR - - - --- 2021-01-06 Christian Göttsche New
[1/2] libsepol/cil: Update symtab nprim field when adding or removing datums [1/2] libsepol/cil: Update symtab nprim field when adding or removing datums - - - --- 2021-01-06 James Carter New
[2/2] libsepol/cil: Fix heap-use-after-free in __class_reset_perm_values() [1/2] libsepol/cil: Update symtab nprim field when adding or removing datums - - - --- 2021-01-06 James Carter New
[1/2] libselinux: accept const fromcon in get_context API [1/2] libselinux: accept const fromcon in get_context API - - - --- 2021-01-08 Christian Göttsche New
[2/2] libselinux: update getseuser [1/2] libselinux: accept const fromcon in get_context API - - - --- 2021-01-08 Christian Göttsche New
python/sepolgen: allow any policy statement in ifndef python/sepolgen: allow any policy statement in ifndef - - - --- 2021-01-11 Vit Mojzis New
[v2,1/2] setfiles: Do not abort on labeling error [v2,1/2] setfiles: Do not abort on labeling error - - - --- 2021-01-13 Petr Lautrbach New
[v2,2/2] setfiles: drop ABORT_ON_ERRORS and related code [v2,1/2] setfiles: Do not abort on labeling error - - - --- 2021-01-13 Petr Lautrbach New
NFSv4.2: fix return value of _nfs4_get_security_label() NFSv4.2: fix return value of _nfs4_get_security_label() - 1 - --- 2021-01-15 Ondrej Mosnacek New
[RFC,1/1] selinux-notebook: Add new section for Embedded Systems selinux-notebook: Add new section for Embedded Systems - - - --- 2021-01-19 Richard Haines New
[v2,1/1] libsepol: do not decode out-of-bound rolebounds [v2,1/1] libsepol: do not decode out-of-bound rolebounds - - - --- 2021-01-20 Nicolas Iooss New
[1/1] process_madvise.2: Add process_madvise man page [1/1] process_madvise.2: Add process_madvise man page - - - --- 2021-01-20 Suren Baghdasaryan New
« 1 2 »