SELinux Development list

Show patches with: none | 7312 patches

« 1 2 3 4 … 73 74 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[RFC,1/2] security: Remove security_add_mnt_opt() as it's unused	[RFC,1/2] security: Remove security_add_mnt_opt() as it's unused	- - -	---	2021-12-08	David Howells	pcmoore	In Next
[SYSTEMD,1/7] selinux: add function name to audit data	Re-add SELinux checks for unit install operations	- - -	---	2021-08-05	Christian Göttsche		Handled Elsewhere
[SYSTEMD,2/7] selinux: improve debug log format	Re-add SELinux checks for unit install operations	- - -	---	2021-08-05	Christian Göttsche		Handled Elsewhere
[SYSTEMD,3/7] selinux: mark _mac_selinux_generic_access_check with leading underscore	Re-add SELinux checks for unit install operations	- - -	---	2021-08-05	Christian Göttsche		Handled Elsewhere
[SYSTEMD,4/7] core: add support for MAC checks on unit install operations	Re-add SELinux checks for unit install operations	- - -	---	2021-08-05	Christian Göttsche		Handled Elsewhere
[SYSTEMD,5/7] core: implement the sd-bus generic callback for SELinux	Re-add SELinux checks for unit install operations	- - -	---	2021-08-05	Christian Göttsche		Handled Elsewhere
[SYSTEMD,6/7] core: avoid bypasses in D-BUS SELinux filter	Re-add SELinux checks for unit install operations	- - -	---	2021-08-05	Christian Göttsche		Handled Elsewhere
[SYSTEMD,7/7] core: tweak job_type_to_access_method SELinux permissions	Re-add SELinux checks for unit install operations	- - -	---	2021-08-05	Christian Göttsche		Handled Elsewhere
[4.4,1/2] binder: use euid from cred instead of using task	[4.4,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[4.4,2/2] binder: use cred instead of task for selinux checks	[4.4,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[4.9,1/2] binder: use euid from cred instead of using task	[4.9,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[4.9,2/2] binder: use cred instead of task for selinux checks	[4.9,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[4.14,1/2] binder: use euid from cred instead of using task	[4.14,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[4.14,2/2] binder: use cred instead of task for selinux checks	[4.14,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[4.19,1/2] binder: use euid from cred instead of using task	[4.19,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[4.19,2/2] binder: use cred instead of task for selinux checks	[4.19,1/2] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[5.4,1/3] binder: use euid from cred instead of using task	[5.4,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[5.4,2/3] binder: use cred instead of task for selinux checks	[5.4,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[5.4,3/3] binder: use cred instead of task for getsecid	[5.4,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[5.10,1/3] binder: use euid from cred instead of using task	[5.10,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[5.10,2/3] binder: use cred instead of task for selinux checks	[5.10,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[5.10,3/3] binder: use cred instead of task for getsecid	[5.10,1/3] binder: use euid from cred instead of using task	1 - -	---	2021-11-10	Todd Kjos	pcmoore	Handled Elsewhere
[RFC] capability: add capable_or to test for multiple caps with exactly one audit message	[RFC] capability: add capable_or to test for multiple caps with exactly one audit message	- - -	---	2021-11-16	Christian Göttsche	pcmoore	Handled Elsewhere
[RFC,2/2] capability: use new capable_or functionality	[RFC,1/2] capability: add capable_or to test for multiple caps with exactly one audit message	- - -	---	2022-02-17	Christian Göttsche	pcmoore	Handled Elsewhere
[RFC,1/2] capability: add capable_or to test for multiple caps with exactly one audit message	[RFC,1/2] capability: add capable_or to test for multiple caps with exactly one audit message	- - -	---	2022-02-17	Christian Göttsche	pcmoore	Handled Elsewhere
userfaultfd, capability: introduce CAP_USERFAULTFD	userfaultfd, capability: introduce CAP_USERFAULTFD	- - -	---	2022-02-24	Axel Rasmussen	pcmoore	Handled Elsewhere
[RESEND] xfs: don't generate selinux audit messages for capability testing	[RESEND] xfs: don't generate selinux audit messages for capability testing	1 2 -	---	2022-03-01	Darrick J. Wong	pcmoore	Handled Elsewhere
[v4] firmware_loader: use kernel credentials when reading firmware	[v4] firmware_loader: use kernel credentials when reading firmware	1 1 -	---	2022-05-02	Thiébaud Weksteen	pcmoore	Handled Elsewhere
[01/32] netlink: Avoid memcpy() across flexible array boundary	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[02/32] Introduce flexible array struct memcpy() helpers	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[03/32] flex_array: Add Kunit tests	Introduce flexible array struct memcpy() helpers	- 1 -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[04/32] fortify: Add run-time WARN for cross-field memcpy()	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[05/32] brcmfmac: Use mem_to_flex_dup() with struct brcmf_fweh_queue_item	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[06/32] iwlwifi: calib: Prepare to use mem_to_flex_dup()	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[07/32] iwlwifi: calib: Use mem_to_flex_dup() with struct iwl_calib_result	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[08/32] iwlwifi: mvm: Use mem_to_flex_dup() with struct ieee80211_key_conf	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[09/32] p54: Use mem_to_flex_dup() with struct p54_cal_database	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[10/32] wcn36xx: Use mem_to_flex_dup() with struct wcn36xx_hal_ind_msg	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[11/32] nl80211: Use mem_to_flex_dup() with struct cfg80211_cqm_config	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[12/32] cfg80211: Use mem_to_flex_dup() with struct cfg80211_bss_ies	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[13/32] mac80211: Use mem_to_flex_dup() with several structs	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[14/32] af_unix: Use mem_to_flex_dup() with struct unix_address	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[15/32] 802/garp: Use mem_to_flex_dup() with struct garp_attr	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[16/32] 802/mrp: Use mem_to_flex_dup() with struct mrp_attr	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[17/32] net/flow_offload: Use mem_to_flex_dup() with struct flow_action_cookie	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[18/32] firewire: Use __mem_to_flex_dup() with struct iso_interrupt_event	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[19/32] afs: Use mem_to_flex_dup() with struct afs_acl	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[20/32] ASoC: sigmadsp: Use mem_to_flex_dup() with struct sigmadsp_data	Introduce flexible array struct memcpy() helpers	1 - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[21/32] soc: qcom: apr: Use mem_to_flex_dup() with struct apr_rx_buf	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[22/32] atags_proc: Use mem_to_flex_dup() with struct buffer	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[23/32] Bluetooth: Use mem_to_flex_dup() with struct hci_op_configure_data_path	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[24/32] IB/hfi1: Use mem_to_flex_dup() for struct tid_rb_node	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[25/32] Drivers: hv: utils: Use mem_to_flex_dup() with struct cn_msg	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[26/32] ima: Use mem_to_flex_dup() with struct modsig	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[27/32] KEYS: Use mem_to_flex_dup() with struct user_key_payload	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[29/32] xtensa: Use mem_to_flex_dup() with struct property	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[30/32] usb: gadget: f_fs: Use mem_to_flex_dup() with struct ffs_buffer	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[31/32] xenbus: Use mem_to_flex_dup() with struct read_buffer	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[32/32] esas2r: Use __mem_to_flex() with struct atto_ioctl	Introduce flexible array struct memcpy() helpers	- - -	---	2022-05-04	Kees Cook	pcmoore	Handled Elsewhere
[v2] cred: Propagate security_prepare_creds() error code	[v2] cred: Propagate security_prepare_creds() error code	2 1 -	---	2022-05-25	Frederick Lawler	pcmoore	Handled Elsewhere
[v3] cred: Propagate security_prepare_creds() error code	[v3] cred: Propagate security_prepare_creds() error code	2 1 -	---	2022-06-08	Frederick Lawler	pcmoore	Handled Elsewhere
[V2,1/1] selinux-testsuite: Add btrfs support for filesystem tests	selinux-testsuite: Add btrfs support for filesystem tests	- - -	---	2020-11-03	Richard Haines	omos	Queued
[04/21] fs: Replace CURRENT_TIME with current_fs_time() for inode timestamps		1 - -	---	2016-06-09	Deepa Dinamani		Deferred
libselinux/getconlist: add verbose switch to print more information	libselinux/getconlist: add verbose switch to print more information	- - -	---	2020-02-19	Christian Göttsche		Deferred
[RFC] selinux: runtime disable is deprecated, add some ssleep() discomfort	[RFC] selinux: runtime disable is deprecated, add some ssleep() discomfort	- - -	---	2020-06-02	Paul Moore		Deferred
selinux: make use of variables when defining libdir and includedir	selinux: make use of variables when defining libdir and includedir	- - -	---	2020-07-16	W. Michael Petullo		Deferred
[RFC,1/1] selinux-testsuite: Add GTP tests	selinux-testsuite: Add GTP tests	- - -	---	2020-09-24	Richard Haines	omos	Deferred
[01/19] block_dev: Support checking inode permissions in lookup_bdev()		- - -	---	2015-12-02	Seth Forshee		Superseded
[02/19] block_dev: Check permissions towards block device inode when mounting		- - -	---	2015-12-02	Seth Forshee		Superseded
[03/19] fs: Treat foreign mounts as nosuid		- - -	---	2015-12-02	Seth Forshee		Superseded
[04/19] selinux: Add support for unprivileged mounts from user namespaces		- - -	---	2015-12-02	Seth Forshee		Superseded
[05/19] userns: Replace in_userns with current_in_userns		- - -	---	2015-12-02	Seth Forshee		Superseded
[06/19] Smack: Handle labels consistently in untrusted mounts		- - -	---	2015-12-02	Seth Forshee		Superseded
[07/19] fs: Check for invalid i_uid in may_follow_link()		- - -	---	2015-12-02	Seth Forshee		Superseded
[08/19] cred: Reject inodes with invalid ids in set_create_file_as()		- - -	---	2015-12-02	Seth Forshee		Superseded
[09/19] fs: Refuse uid/gid changes which don't map into s_user_ns		- - -	---	2015-12-02	Seth Forshee		Superseded
[10/19] fs: Update posix_acl support to handle user namespace mounts		- - -	---	2015-12-02	Seth Forshee		Superseded
[11/19] fs: Ensure the mounter of a filesystem is privileged towards its inodes		- - -	---	2015-12-02	Seth Forshee		Superseded
[12/19] fs: Don't remove suid for CAP_FSETID in s_user_ns		- - -	---	2015-12-02	Seth Forshee		Superseded
[13/19] fs: Allow superblock owner to access do_remount_sb()		- - -	---	2015-12-02	Seth Forshee		Superseded
[14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns		- - -	---	2015-12-02	Seth Forshee		Superseded
[15/19] capabilities: Allow privileged user in s_user_ns to set file caps		- - -	---	2015-12-02	Seth Forshee		Superseded
[16/19] fuse: Add support for pid namespaces		- - -	---	2015-12-02	Seth Forshee		Superseded
[17/19] fuse: Support fuse filesystems outside of init_user_ns		- - -	---	2015-12-02	Seth Forshee		Superseded
[18/19] fuse: Restrict allow_other to the superblock's namespace or a descendant		- - -	---	2015-12-02	Seth Forshee		Superseded
[19/19] fuse: Allow user namespace mounts		- - -	---	2015-12-02	Seth Forshee		Superseded
[v2,01/18] block_dev: Support checking inode permissions in lookup_bdev()		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,02/18] block_dev: Check permissions towards block device inode when mounting		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,03/18] fs: Treat foreign mounts as nosuid		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,04/18] selinux: Add support for unprivileged mounts from user namespaces		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,05/18] userns: Replace in_userns with current_in_userns		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,06/18] Smack: Handle labels consistently in untrusted mounts		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,07/18] fs: Check for invalid i_uid in may_follow_link()		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,08/18] cred: Reject inodes with invalid ids in set_create_file_as()		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,09/18] fs: Refuse uid/gid changes which don't map into s_user_ns		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,10/18] fs: Update posix_acl support to handle user namespace mounts		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,11/18] fs: Ensure the mounter of a filesystem is privileged towards its inodes		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,12/18] fs: Don't remove suid for CAP_FSETID in s_user_ns		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,13/18] fs: Allow superblock owner to access do_remount_sb()		- - -	---	2015-12-07	Seth Forshee		Superseded
[v2,14/18] capabilities: Allow privileged user in s_user_ns to set security.* xattrs		- - -	---	2015-12-07	Seth Forshee		Superseded

« 1 2 3 4 … 73 74 »