Show patches with: Archived = No       |   8897 patches
« 1 2 3 488 89 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
libselinux/restorecon: Include <selinux/label.h> libselinux/restorecon: Include <selinux/label.h> 1 - - --- 2024-07-26 Vit Mojzis New
[v4] libsemanage: Preserve file context and ownership in policy store [v4] libsemanage: Preserve file context and ownership in policy store 1 - - --- 2024-07-25 Vit Mojzis New
[v1,2/2] lsm: Refactor return value of LSM hook inode_copy_up_xattr Refactor return value of two lsm hooks - - - --- 2024-07-24 Xu Kuohai pcmoore Handled Elsewhere
[v1,1/2] lsm: Refactor return value of LSM hook vm_enough_memory Refactor return value of two lsm hooks - - - --- 2024-07-24 Xu Kuohai pcmoore Handled Elsewhere
libsepol/cil: Check that sym_index is within bounds libsepol/cil: Check that sym_index is within bounds - - - --- 2024-07-23 Vit Mojzis bachradsusi New
[v3] libsemanage: Preserve file context and ownership in policy store [v3] libsemanage: Preserve file context and ownership in policy store - - - --- 2024-07-23 Vit Mojzis bachradsusi New
libsepol/sepol_compute_sid: Do not destroy uninitialized context libsepol/sepol_compute_sid: Do not destroy uninitialized context - - - --- 2024-07-19 Vit Mojzis bachradsusi New
[v2] libsemanage: Preserve file context and ownership in policy store [v2] libsemanage: Preserve file context and ownership in policy store - - - --- 2024-07-19 Vit Mojzis bachradsusi Superseded
[GIT,PULL] selinux/selinux-pr-20240715 [GIT,PULL] selinux/selinux-pr-20240715 - - - --- 2024-07-15 Paul Moore pcmoore Accepted
[RPC] Topic: Issues and Testing Regarding SELinx AVC Cache Modification [RPC] Topic: Issues and Testing Regarding SELinx AVC Cache Modification - - - --- 2024-07-15 Canfeng Guo pcmoore RFC
[-next,v2] selinux: refactor code to return ERR_PTR in selinux_netlbl_sock_genattr [-next,v2] selinux: refactor code to return ERR_PTR in selinux_netlbl_sock_genattr - - - --- 2024-07-12 cuigaosheng pcmoore Under Review
[RFC] libsemanage: Do not change file context when copying files [RFC] libsemanage: Do not change file context when copying files - - - --- 2024-07-11 Vit Mojzis bachradsusi Superseded
[bpf-next,v4,20/20] selftests/bpf: Add verifier tests for bpf lsm Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,19/20] selftests/bpf: Add test for lsm tail call Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,18/20] selftests/bpf: Add return value checks for failed tests Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,17/20] selftests/bpf: Avoid load failure for token_lsm.c Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,16/20] bpf: Add a special case for bitwise AND on range [-1, 0] Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,15/20] bpf: Fix compare error in function retval_range_within Add return value range check for BPF LSM 1 - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,14/20] bpf: Prevent tail call between progs attached to different hooks Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,13/20] bpf, lsm: Add check for BPF LSM return value Add return value range check for BPF LSM 1 - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,12/20] bpf, lsm: Enable BPF LSM prog to read/write return value parameters Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,11/20] bpf, lsm: Add disabled BPF LSM hook list Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,10/20] lsm: Refactor return value of LSM hook audit_rule_match Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,09/20] lsm: Refactor return value of LSM hook key_getsecurity Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,08/20] lsm: Refactor return value of LSM hook getprocattr Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,07/20] lsm: Refactor return value of LSM hook setprocattr Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,06/20] lsm: Refactor return value of LSM hook getselfattr Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,05/20] lsm: Refactor return value of LSM hook inode_copy_up_xattr Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,04/20] lsm: Refactor return value of LSM hook inode_listsecurity Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,03/20] lsm: Refactor return value of LSM hook inode_getsecurity Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,02/20] lsm: Refactor return value of LSM hook inode_need_killpriv Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[bpf-next,v4,01/20] lsm: Refactor return value of LSM hook vm_enough_memory Add return value range check for BPF LSM - - - --- 2024-07-11 Xu Kuohai pcmoore Handled Elsewhere
[-next] selinux: refactor code to return the correct errno [-next] selinux: refactor code to return the correct errno - - - --- 2024-07-11 cuigaosheng pcmoore Changes Requested
[RFC] lsm: add the inode_free_security_rcu() LSM implementation hook [RFC] lsm: add the inode_free_security_rcu() LSM implementation hook - - - --- 2024-07-10 Paul Moore pcmoore Handled Elsewhere
libselinux: set free'd data to NULL libselinux: set free'd data to NULL 1 - - --- 2024-07-09 Petr Lautrbach bachradsusi Accepted
checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix - - - --- 2024-07-08 James Carter bachradsusi New
selinux,smack: remove the capability checks in the removexattr hooks selinux,smack: remove the capability checks in the removexattr hooks 1 - - --- 2024-07-03 Paul Moore pcmoore Handled Elsewhere
selinux: Streamline type determination in security_compute_sid selinux: Streamline type determination in security_compute_sid - - - --- 2024-07-03 Canfeng Guo pcmoore Under Review
[testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup [testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup - - - --- 2024-07-02 Gong Ruiqi omos New
libselinux: Fix integer comparison issues when compiling for 32-bit libselinux: Fix integer comparison issues when compiling for 32-bit - 1 - --- 2024-07-01 James Carter bachradsusi New
UnicodeDecodeError: utf-8 on python semanage -i import UnicodeDecodeError: utf-8 on python semanage -i import - - - --- 2024-07-01 Allan Oepping bachradsusi New
selinux: Streamline type determination in security_compute_sid selinux: Streamline type determination in security_compute_sid - - - --- 2024-06-29 Canfeng Guo pcmoore Changes Requested
selinux: Use 1UL for EBITMAP_BIT to match maps type selinux: Use 1UL for EBITMAP_BIT to match maps type - - - --- 2024-06-29 Canfeng Guo pcmoore Accepted
[v4,11/11] drm: Replace strcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-28 Yafang Shao pcmoore Handled Elsewhere
[v4,10/11] net: Replace strcpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-28 Yafang Shao pcmoore Handled Elsewhere
[v4,09/11] tracing: Replace strncpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-28 Yafang Shao pcmoore Handled Elsewhere
[v4,08/11] tsacct: Replace strncpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-28 Yafang Shao pcmoore Handled Elsewhere
[v4,07/11] mm/kmemleak: Replace strncpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-28 Yafang Shao pcmoore Handled Elsewhere
[v4,06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul} Improve the copy of task comm - - - --- 2024-06-28 Yafang Shao pcmoore Handled Elsewhere
[v4,05/11] mm/util: Fix possible race condition in kstrdup() Improve the copy of task comm - - - --- 2024-06-28 Yafang Shao pcmoore Handled Elsewhere
[v4,04/11] bpftool: Ensure task comm is always NUL-terminated Improve the copy of task comm - 1 - --- 2024-06-28 Yafang Shao pcmoore Handled Elsewhere
[v4,03/11] security: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-28 Yafang Shao pcmoore Handled Elsewhere
[v4,02/11] auditsc: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-28 Yafang Shao pcmoore Handled Elsewhere
[v4,01/11] fs/exec: Drop task_lock() inside __get_task_comm() Improve the copy of task comm - - - --- 2024-06-28 Yafang Shao pcmoore Handled Elsewhere
[v2] libselinux: deprecate security_disable(3) [v2] libselinux: deprecate security_disable(3) 1 - - --- 2024-06-23 Christian Göttsche bachradsusi New
[v3,11/11] drm: Replace strcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,10/11] net: Replace strcpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,09/11] tracing: Replace strncpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,08/11] tsacct: Replace strncpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,07/11] mm/kmemleak: Replace strncpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul} Improve the copy of task comm - - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,05/11] mm/util: Fix possible race condition in kstrdup() Improve the copy of task comm - - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,04/11] bpftool: Ensure task comm is always NUL-terminated Improve the copy of task comm - 1 - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,03/11] security: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,02/11] auditsc: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-21 Yafang Shao Handled Elsewhere
[v3,01/11] fs/exec: Drop task_lock() inside __get_task_comm() Improve the copy of task comm - - - --- 2024-06-21 Yafang Shao Handled Elsewhere
libsepol: check scope permissions refer to valid class libsepol: check scope permissions refer to valid class 1 - - --- 2024-06-15 Christian Göttsche bachradsusi Accepted
libsepol: Do not reject all type rules in conditionals when validating libsepol: Do not reject all type rules in conditionals when validating 1 1 - --- 2024-06-14 James Carter bachradsusi Accepted
[v2,10/10] drm: Replace strcpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,09/10] net: Replace strcpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,08/10] tracing: Replace strncpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,07/10] tsacct: Replace strncpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,06/10] mm/kmemleak: Replace strncpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,05/10] mm/util: Fix possible race condition in kstrdup() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,04/10] bpftool: Ensure task comm is always NUL-terminated Improve the copy of task comm - 1 - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,03/10] security: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,02/10] auditsc: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,01/10] fs/exec: Drop task_lock() inside __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao pcmoore Handled Elsewhere
[v2,4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks Introduce user namespace capabilities - - - --- 2024-06-09 Jonathan Calmels pcmoore Handled Elsewhere
[v2,3/4] capabilities: Add sysctl to mask off userns caps Introduce user namespace capabilities - - - --- 2024-06-09 Jonathan Calmels pcmoore Handled Elsewhere
[v2,2/4] capabilities: Add securebit to restrict userns caps Introduce user namespace capabilities - - - --- 2024-06-09 Jonathan Calmels pcmoore Handled Elsewhere
[v2,1/4] capabilities: Add user namespace capabilities Introduce user namespace capabilities - 1 - --- 2024-06-09 Jonathan Calmels pcmoore Handled Elsewhere
tree-wide: fix misc typos tree-wide: fix misc typos 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
checkpolicy: reject duplicate nodecon statements checkpolicy: reject duplicate nodecon statements 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[2/2] libsepol: rework permission enabled check [1/2] libsepol: move unchanged data out of loop 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[1/2] libsepol: move unchanged data out of loop [1/2] libsepol: move unchanged data out of loop 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[2/2] libselinux: constify avc_open(3) parameter [1/2] libselinux: deprecate security_disable(3) 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[1/2] libselinux: deprecate security_disable(3) [1/2] libselinux: deprecate security_disable(3) - - - --- 2024-06-08 Christian Göttsche bachradsusi New
libsepol: hashtab: save one comparison on hit libsepol: hashtab: save one comparison on hit 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
libsepol: validate attribute-type maps libsepol: validate attribute-type maps 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
libsepol: contify function pointer arrays libsepol: contify function pointer arrays 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
fixfiles: drop unnecessary \ line endings fixfiles: drop unnecessary \ line endings 1 - - --- 2024-06-06 Petr Lautrbach bachradsusi Accepted
[6/6] selftests/bpf: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm - - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[5/6] bpftool: Make task comm always be NUL-terminated kernel: Avoid memcpy of task comm - 1 - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[4/6] security: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm 1 - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[3/6] auditsc: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm 1 - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[2/6] tracing: Replace memcpy() with __get_task_comm() kernel: Avoid memcpy of task comm - - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[1/6] fs/exec: Drop task_lock() inside __get_task_comm() kernel: Avoid memcpy of task comm - - - --- 2024-06-02 Yafang Shao pcmoore Handled Elsewhere
[v3,2/2,testsuite] tests/nfs_filesystem: comment out failing mount [v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-31 Stephen Smalley omos Accepted
[v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now [v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-31 Stephen Smalley omos Accepted
« 1 2 3 488 89 »