Show patches with: State = Action Required       |    Archived = No       |   117 patches
« 1 2 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v3,1/1] xattr: Allow user.* xattr on symlink and special files Relax restrictions on user.* xattr - - - --- 2021-09-02 Vivek Goyal pcmoore New
[2/1] man-pages: xattr.7: Update text for user extended xattr behavior change Relax restrictions on user.* xattr - - - --- 2021-09-02 Vivek Goyal pcmoore New
[1/2] fuse: Add a flag FUSE_SECURITY_CTX fuse: Send file/inode security context during creation - - - --- 2021-09-24 Vivek Goyal pcmoore New
[2/2] fuse: Send security context of inode on file creation fuse: Send file/inode security context during creation - - - --- 2021-09-24 Vivek Goyal pcmoore New
security: Return xattr name from security_dentry_init_security() security: Return xattr name from security_dentry_init_security() - 1 - --- 2021-09-30 Vivek Goyal pcmoore New
[v2] security: Return xattr name from security_dentry_init_security() [v2] security: Return xattr name from security_dentry_init_security() - 2 - --- 2021-10-12 Vivek Goyal pcmoore New
[v2,1/2] fuse: Add a flag FUSE_SECURITY_CTX fuse: Send file/inode security context during creation - - - --- 2021-10-12 Vivek Goyal pcmoore New
[v2,2/2] fuse: Send security context of inode on file creation fuse: Send file/inode security context during creation - - - --- 2021-10-12 Vivek Goyal pcmoore New
[V2,1/1] selinux-testsuite: Add btrfs support for filesystem tests selinux-testsuite: Add btrfs support for filesystem tests - - - --- 2020-11-03 Richard Haines omos Queued
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime selinux-testsuite: Reduce sctp test runtime - - - --- 2020-11-04 Richard Haines omos Under Review
lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() - - - --- 2021-09-29 Paul Moore pcmoore New
[RFC,1/9] sk_buff: track nfct status in newly added skb->_state [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,2/9] sk_buff: track dst status in skb->_state [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,3/9] sk_buff: move the active_extensions into the state bitfield [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,4/9] net: optimize GRO for the common case. [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,5/9] skbuff: introduce has_sk state bit. [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,6/9] veth: use skb_prepare_for_gro() [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,7/9] sk_buff: move inner header fields after tail [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,8/9] sk_buff: move vlan field after tail. [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[RFC,9/9] sk_buff: access secmark via getter/setter [RFC,1/9] sk_buff: track nfct status in newly added skb->_state - - - --- 2021-07-21 Paolo Abeni pcmoore New
[v2,1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag vfs/security/NFS/btrfs: clean up and fix LSM option handling - - 1 --- 2021-05-17 Ondrej Mosnacek pcmoore New
[v2,2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount vfs/security/NFS/btrfs: clean up and fix LSM option handling - - - --- 2021-05-17 Ondrej Mosnacek pcmoore New
[RFC] userfaultfd: open userfaultfds with O_RDONLY [RFC] userfaultfd: open userfaultfds with O_RDONLY - - - --- 2021-06-24 Ondrej Mosnacek pcmoore New
[userspace,v2,1/6] selinux_restorecon: simplify fl_head allocation by using calloc() Parallel setfiles/restorecon - - - --- 2021-10-14 Ondrej Mosnacek New
[userspace,v2,2/6] selinux_restorecon: protect file_spec list with a mutex Parallel setfiles/restorecon - - - --- 2021-10-14 Ondrej Mosnacek New
[userspace,v2,3/6] libselinux: make selinux_log() thread-safe Parallel setfiles/restorecon - - - --- 2021-10-14 Ondrej Mosnacek New
[userspace,v2,4/6] selinux_restorecon: add a global mutex to synchronize progress output Parallel setfiles/restorecon - - - --- 2021-10-14 Ondrej Mosnacek New
[userspace,v2,5/6] selinux_restorecon: introduce selinux_restorecon_parallel(3) Parallel setfiles/restorecon - - - --- 2021-10-14 Ondrej Mosnacek New
[userspace,v2,6/6] setfiles/restorecon: support parallel relabeling Parallel setfiles/restorecon - - - --- 2021-10-14 Ondrej Mosnacek New
[userspace] GitHub Actions: do not use macOS latest runner for now [userspace] GitHub Actions: do not use macOS latest runner for now 1 - - --- 2021-09-27 Nicolas Iooss New
[userspace] README: update continuous integration badges [userspace] README: update continuous integration badges 1 - - --- 2021-09-27 Nicolas Iooss New
[v2] checkpolicy: fix the leak memory when uses xperms [v2] checkpolicy: fix the leak memory when uses xperms - - 1 --- 2021-06-01 liwugang New
[setools] __init__.py: Make NetworkX dep optional [setools] __init__.py: Make NetworkX dep optional - - - --- 2021-09-19 Jason Zaman New
libsepol/cil: Fix potential undefined shifts libsepol/cil: Fix potential undefined shifts - - - --- 2021-10-08 James Carter New
[1/4] libsepol: Fix potential undefined shifts [1/4] libsepol: Fix potential undefined shifts - - - --- 2021-10-08 James Carter New
[2/4] libsepol/cil: Fix potential undefined shifts [1/4] libsepol: Fix potential undefined shifts 1 - - --- 2021-10-08 James Carter New
[3/4] checkpolicy: Fix potential undefined shifts [1/4] libsepol: Fix potential undefined shifts - - - --- 2021-10-08 James Carter New
[4/4] libselinux: Fix potential undefined shifts [1/4] libsepol: Fix potential undefined shifts - - - --- 2021-10-08 James Carter New
[1/2] ci: turn on CIFuzz [1/2] ci: turn on CIFuzz 1 - - --- 2021-07-10 Evgeny Vereshchagin New
[2/2] README: add OSS-Fuzz/CIFuzz badges [1/2] ci: turn on CIFuzz - - - --- 2021-07-10 Evgeny Vereshchagin New
[v2] libsepol/cil: move the fuzz target and build script to the selinux repository [v2] libsepol/cil: move the fuzz target and build script to the selinux repository 1 - - --- 2021-07-15 Evgeny Vereshchagin New
libsepol regressions libsepol regressions - - - --- 2021-08-01 Dominick Grift New
cil_container_statements.md: clarify in-statement limitations cil_container_statements.md: clarify in-statement limitations - - - --- 2021-08-12 Dominick Grift New
[SYSTEMD,1/7] selinux: add function name to audit data Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,2/7] selinux: improve debug log format Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,3/7] selinux: mark _mac_selinux_generic_access_check with leading underscore Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,4/7] core: add support for MAC checks on unit install operations Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,5/7] core: implement the sd-bus generic callback for SELinux Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,6/7] core: avoid bypasses in D-BUS SELinux filter Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[SYSTEMD,7/7] core: tweak job_type_to_access_method SELinux permissions Re-add SELinux checks for unit install operations - - - --- 2021-08-05 Christian Göttsche New
[RFC,01/35] cifuzz: enable report-unreproducible-crashes libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,02/35] cifuzz: use the default runtime of 600 seconds libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,03/35] libsepol/fuzz: silence secilc-fuzzer libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,04/35] libsepol: add libfuzz based fuzzer for reading binary policies libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,05/35] libsepol/fuzz: limit element sizes for fuzzing libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,06/35] libsepol: use logging framework in conditional.c libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,07/35] libsepol: use logging framework in ebitmap.c libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,08/35] libsepol: use mallocarray wrapper to avoid overflows libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,09/35] libsepol: use reallocarray wrapper to avoid overflows libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,10/35] libsepol: add checks for read sizes libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,11/35] libsepol: enforce avtab item limit libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,12/35] libsepol: clean memory on conditional read failure libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,13/35] libsepol: validate MLS levels libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,14/35] libsepol: reject invalid fsuse types libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,15/35] libsepol: reject invalid default targets libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,16/35] libsepol: validate expanded user range and level libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,17/35] libsepol: validate types libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,18/35] libsepol: use size_t for indexes in strs helpers libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,19/35] libsepol: reject abnormal huge sid ids libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,20/35] libsepol: do not crash on class gaps libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,21/35] libsepol: do not crash on user gaps libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,22/35] libsepol: validate permission count of classes libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,23/35] libsepol: resolve log message mismatch libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,24/35] libsepol: zero member before potential dereference libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,25/35] libsepol: validate avtab types libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,26/35] libsepol: validate constraint expression operators and attributes libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,27/35] libsepol: validate type of avtab type rules libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,28/35] libsepol: validate ocontexts libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,29/35] libsepol: validate genfs contexts libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,30/35] libsepol: validate permissive types libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,31/35] libsepol: validate policy properties libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,32/35] libsepol: do not underflow on short format arguments libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,33/35] libsepol: validate categories libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,34/35] libsepol: use correct size for initial string list libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[RFC,35/35] libsepol: do not create a string list with initial size zero libsepol: add fuzzer for reading binary policies - - - --- 2021-10-11 Christian Göttsche New
[1/3] libsepol: do not pass NULL to memcpy [1/3] libsepol: do not pass NULL to memcpy - - - --- 2021-10-13 Christian Göttsche New
[2/3] libsemanage: do not sort empty records [1/3] libsepol: do not pass NULL to memcpy - - - --- 2021-10-13 Christian Göttsche New
[3/3] libsemanage/tests: free memory [1/3] libsepol: do not pass NULL to memcpy - - - --- 2021-10-13 Christian Göttsche New
libselinux: use dummy variable to silence glibc 2.34 warnings libselinux: use dummy variable to silence glibc 2.34 warnings - - - --- 2021-10-15 Christian Göttsche New
[v29,01/28] LSM: Infrastructure management of the sock security [v29,01/28] LSM: Infrastructure management of the sock security 2 2 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,02/28] LSM: Add the lsmblob data structure. [v29,01/28] LSM: Infrastructure management of the sock security 3 - - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,03/28] LSM: provide lsm name and id slot mappings [v29,01/28] LSM: Infrastructure management of the sock security 1 1 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,04/28] IMA: avoid label collisions with stacked LSMs [v29,01/28] LSM: Infrastructure management of the sock security - 1 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,05/28] LSM: Use lsmblob in security_audit_rule_match [v29,01/28] LSM: Infrastructure management of the sock security 2 2 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,06/28] LSM: Use lsmblob in security_kernel_act_as [v29,01/28] LSM: Infrastructure management of the sock security 2 2 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,07/28] LSM: Use lsmblob in security_secctx_to_secid [v29,01/28] LSM: Infrastructure management of the sock security 1 1 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,08/28] LSM: Use lsmblob in security_secid_to_secctx [v29,01/28] LSM: Infrastructure management of the sock security 1 1 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,09/28] LSM: Use lsmblob in security_ipc_getsecid [v29,01/28] LSM: Infrastructure management of the sock security 2 2 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,10/28] LSM: Use lsmblob in security_task_getsecid [v29,01/28] LSM: Infrastructure management of the sock security 2 2 - --- 2021-09-24 Casey Schaufler pcmoore New
[v29,11/28] LSM: Use lsmblob in security_inode_getsecid [v29,01/28] LSM: Infrastructure management of the sock security 2 2 - --- 2021-09-24 Casey Schaufler pcmoore New
« 1 2 »