SELinux Development list

Show patches with: State = Action Required | Archived = No | 98 patches

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[v2] selinux: match extended permissions to their base permissions	[v2] selinux: match extended permissions to their base permissions	- - -	---	2024-12-20	Thiébaud Weksteen		New
[1/2] lsm: add LSM hooks for io_uring_setup()	[1/2] lsm: add LSM hooks for io_uring_setup()	- - -	---	2024-12-19	Hamza Mahfooz		New
lsm,io_uring: add LSM hooks for io_uring_setup()	lsm,io_uring: add LSM hooks for io_uring_setup()	- - -	---	2024-12-19	Hamza Mahfooz		New
[GIT,PULL] selinux/selinux-pr-20241217	[GIT,PULL] selinux/selinux-pr-20241217	- - -	---	2024-12-18	Paul Moore		New
[6/6] Audit: Add record for multiple object contexts	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler		New
[5/6] Audit: multiple subject lsm values for netlabel	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler		New
[4/6] Audit: Add record for multiple task security contexts	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler		New
[3/6] LSM: security_lsmblob_to_secctx module selection	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler		New
[2/6] Audit: Allow multiple records in an audit_buffer	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler		New
[1/6] Audit: Create audit_stamp structure	[1/6] Audit: Create audit_stamp structure	- - -	---	2024-12-17	Casey Schaufler		New
libselinux/fuzz: readjust load_mmap() update	libselinux/fuzz: readjust load_mmap() update	- - -	---	2024-12-17	Christian Göttsche		New
[RFC,1/3] libsepol: update sort order for netifcon definitions	[RFC,1/3] libsepol: update sort order for netifcon definitions	- - -	---	2024-12-17	Christian Göttsche		New
[RFC,3/3] secilc/test: add test for wildcard netifcon statement	[RFC,1/3] libsepol: update sort order for netifcon definitions	- - -	---	2024-12-17	Christian Göttsche		New
[RFC,2/3] checkpolicy: add support for wildcard netifcon names	[RFC,1/3] libsepol: update sort order for netifcon definitions	- - -	---	2024-12-17	Christian Göttsche		New
[RFC] selinux: support wildcard network interface names	[RFC] selinux: support wildcard network interface names	- - -	---	2024-12-17	Christian Göttsche		New
[RFC,v2,22/22] selinux: restrict policy strings	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,21/22] selinux: check for simple types	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,20/22] selinux: more strict bounds check	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,19/22] selinux: validate symbols	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,18/22] selinux: beef up isvalid checks	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,17/22] selinux: reorder policydb_index()	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,16/22] selinux: check type attr map overflows	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,15/22] selinux: introduce ebitmap_highest_set_bit()	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,14/22] selinux: pre-validate conditional expressions	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,13/22] selinux: validate constraints	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,12/22] selinux: check length fields in policies	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,11/22] selinux: more strict policy parsing	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,10/22] selinux: use u16 for security classes	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,09/22] selinux: make use of str_read()	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,08/22] selinux: avoid unnecessary indirection in struct level_datum	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,07/22] selinux: use known type instead of void pointer	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,06/22] selinux: rename comparison functions for clarity	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,05/22] selinux: avoid nontransitive comparison	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,04/22] selinux: rework match_ipv6_addrmask()	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,03/22] selinux: align and constify functions	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,02/22] selinux: avoid using types indicating user space interaction	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
[RFC,v2,01/22] selinux: supply missing field initializers	[RFC,v2,01/22] selinux: supply missing field initializers	- - -	---	2024-12-16	Christian Göttsche		New
selinux: Read sk->sk_family once in selinux_socket_bind()	selinux: Read sk->sk_family once in selinux_socket_bind()	- - -	---	2024-12-12	Mikhail Ivanov	pcmoore	Under Review
selinux: support wildcard match in genfscon	selinux: support wildcard match in genfscon	- - -	---	2024-12-10	Takaya Saeki	pcmoore	Under Review
selinux: KASAN; slab-out-of-bounds in avc_lookup	selinux: KASAN; slab-out-of-bounds in avc_lookup	- - -	---	2024-12-10	Joey Jiao	pcmoore	Under Review
selinux: match extended permissions to their base permissions	selinux: match extended permissions to their base permissions	- - -	---	2024-12-05	Thiébaud Weksteen	pcmoore	Under Review
[RFC] ioctl: add test for conditional xperms	[RFC] ioctl: add test for conditional xperms	1 - 1	---	2024-11-28	Christian Göttsche	omos	Under Review
[17/17] tests: drop headers from Makefile dependencies	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[16/17] tests: fail on compiler warnings and enable Wextra	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[15/17] tests: test code tweaks	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[14/17] defconfig: enable CONFIG_NETFILTER_NETLINK_LOG	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[13/17] defconfig: enable CONFIG_XFRM_USER	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[12/17] tests/filesystem: improve fsnotify check and preload loop module	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[11/17] tests/inet_socket: skip mptcp if not supported	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[10/17] tests/tun_tap: skip if not supported	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[09/17] tests/extended_socket_class: work with CONFIG_CRYPTO_USER_API disabled	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[08/17] tests/notify: work with CONFIG_FANOTIFY disabled	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[07/17] test: overlayfs related tweaks	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[06/17] Makefile: add PHONY targets	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[05/17] tests: enable strictness for perl scripts	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[04/17] tests: port scripts to sh and please shellcheck	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[03/17] tools: quote command to prevent word splitting	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[02/17] Makefile: use $(MAKE) to pass options	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[01/17] Fix typos	[01/17] Fix typos	- - -	---	2024-11-18	Christian Göttsche	omos	New
[00/17] testsuite: misc fixes and virtme-ng support		- - -	---	2024-11-18	Christian Göttsche	omos	New
[RFC,22/22] selinux: restrict policy strings	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,21/22] selinux: check for simple types	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,20/22] selinux: more strict bounds check	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,19/22] selinux: validate symbols	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,18/22] selinux: beef up isvalid checks	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,17/22] selinux: reorder policydb_index()	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,16/22] selinux: check type attr map overflows	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,15/22] selinux: introduce ebitmap_highest_set_bit()	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,14/22] selinux: pre-validate conditional expressions	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,13/22] selinux: validate constraints	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,12/22] selinux: check length fields in policies	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,11/22] selinux: more strict policy parsing	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,10/22] selinux: use u16 for security classes	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,09/22] selinux: make use of str_read()	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,08/22] selinux: avoid unnecessary indirection in struct level_datum	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,07/22] selinux: use known type instead of void pointer	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,06/22] selinux: rename comparison functions for clarity	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,05/22] selinux: avoid nontransitive comparison	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,04/22] selinux: rework match_ipv6_addrmask()	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,03/22] selinux: align and constify functions	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,02/22] selinux: avoid using types indicating user space interaction	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[RFC,01/22] selinux: supply missing field initializers	[RFC,01/22] selinux: supply missing field initializers	- - -	---	2024-11-15	Christian Göttsche	pcmoore	New
[v1,2/2] libsemanage: allow specifying SUBDIRS when building	[v1,1/2] libsepol: allow specifying SUBDIRS when building	- - -	---	2024-11-13	dmitry.sharshakov@siderolabs.com	bachradsusi	New
[v1,1/2] libsepol: allow specifying SUBDIRS when building	[v1,1/2] libsepol: allow specifying SUBDIRS when building	- - -	---	2024-11-13	dmitry.sharshakov@siderolabs.com	bachradsusi	New
selinux,xfrm: fix dangling refcount on deferred skb free	selinux,xfrm: fix dangling refcount on deferred skb free	- - -	---	2024-11-06	Ondrej Mosnacek	pcmoore	New
[3/3] all: coding style fixes	[1/3] check-syntax: update arguments for astyle v3.2 (possibly earlier)	- - -	---	2024-10-24	Paul Moore	omos	New
[2/3] check-syntax: ignore "bad" astyle versions	[1/3] check-syntax: update arguments for astyle v3.2 (possibly earlier)	- - -	---	2024-10-24	Paul Moore	omos	New
[1/3] check-syntax: update arguments for astyle v3.2 (possibly earlier)	[1/3] check-syntax: update arguments for astyle v3.2 (possibly earlier)	- - -	---	2024-10-24	Paul Moore	omos	New
selinux_set_callback for policy load not triggering	selinux_set_callback for policy load not triggering	- - -	---	2024-10-17	Matthew Sheets	bachradsusi	New
selinux: support IPPROTO_SMC in socket_type_to_security_class()	selinux: support IPPROTO_SMC in socket_type_to_security_class()	1 - -	---	2024-08-15	Jeongjun Park	pcmoore	Under Review
[v2,2/2] security: remove unused cred_alloc_blank/cred_transfer helpers	get rid of cred_transfer	- - -	---	2024-08-05	Jann Horn	pcmoore	New
[v2,1/2] KEYS: use synchronous task work for changing parent credentials	get rid of cred_transfer	- - -	---	2024-08-05	Jann Horn	pcmoore	New
[testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup	[testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup	- - -	---	2024-07-02	Gong Ruiqi	omos	New
[RFC,07/20] selinux: services: update type for umber of class permissions	[RFC,01/20] selinux: check for multiplication overflow in put_entry()	- - -	---	2023-07-06	Christian Göttsche	pcmoore	Under Review
[RFC] selinux: TESTING ONLY, PLEASE IGNORE	[RFC] selinux: TESTING ONLY, PLEASE IGNORE	- - -	---	2023-05-16	Paul Moore	pcmoore	Under Review
tests/sctp: reenable the SCTP ASCONF tests	tests/sctp: reenable the SCTP ASCONF tests	- - -	---	2022-08-09	Paul Moore	omos	Under Review
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime	selinux-testsuite: Reduce sctp test runtime	- - -	---	2020-11-04	Richard Haines	omos	Under Review
[V2,1/1] selinux-testsuite: Add btrfs support for filesystem tests	selinux-testsuite: Add btrfs support for filesystem tests	- - -	---	2020-11-03	Richard Haines	omos	Queued