Show patches with: Archived = No       |   6574 patches
« 1 2 3 465 66 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[7/7] title.md: Clarify example code location Various SELinux Notebook updates - - - --- 2021-12-03 Richard Haines New
[6/7] policy_config_files.md: Update snapperd_contexts contents Various SELinux Notebook updates - - - --- 2021-12-03 Richard Haines New
[5/7] policy_config_files.md: Update openssh_contexts contents Various SELinux Notebook updates - - - --- 2021-12-03 Richard Haines New
[4/7] policy_config_files.md: Update openrc_contexts contents Various SELinux Notebook updates - - - --- 2021-12-03 Richard Haines New
[3/7] object_classes_permissions.md: Deprecate lockdown class Various SELinux Notebook updates - - - --- 2021-12-03 Richard Haines New
[2/7] object_classes_permissions.md: Correct the context object class entry Various SELinux Notebook updates - - - --- 2021-12-03 Richard Haines New
[1/7] notebook: Minor formatting fixes Various SELinux Notebook updates - - - --- 2021-12-03 Richard Haines New
[-next] selinux: Use struct_size() helper in kmalloc() [-next] selinux: Use struct_size() helper in kmalloc() - - - --- 2021-12-02 Xiu Jianfeng New
security/selinux: fix potential memleak security/selinux: fix potential memleak - - - --- 2021-12-02 Bernard Zhao New
security/selinux: fix potential memleak in error branch security/selinux: fix potential memleak in error branch - - - --- 2021-12-02 Bernard Zhao New
[v2,1/3] mcstrans: port to new PCRE2 from end-of-life PCRE [v2,1/3] mcstrans: port to new PCRE2 from end-of-life PCRE 1 - - --- 2021-11-30 Christian Göttsche New
[2/2] checkpolicy: warn on bogus IP address or netmask in nodecon statement [1/2] libsepol/cil: support IPv4/IPv6 address embedding - - - --- 2021-11-30 Christian Göttsche New
[1/2] libsepol/cil: support IPv4/IPv6 address embedding [1/2] libsepol/cil: support IPv4/IPv6 address embedding - - - --- 2021-11-30 Christian Göttsche New
[XSERVER,2/2] selinux: log events with appropriate audit type [XSERVER,1/2] selinux: remap security classes on policyload - - - --- 2021-11-25 Christian Göttsche New
[XSERVER,1/2] selinux: remap security classes on policyload [XSERVER,1/2] selinux: remap security classes on policyload - - - --- 2021-11-25 Christian Göttsche New
libsepol: free ebitmap on end of function libsepol: free ebitmap on end of function - - - --- 2021-11-25 Christian Göttsche New
[V2,testsuite] tests/inet_socket: Add socket transition tests [V2,testsuite] tests/inet_socket: Add socket transition tests - - - --- 2021-11-25 Richard Haines New
[RFC,v2,4/4] libsepol: free ebitmap on end of function [RFC,v2,1/4] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-24 Christian Göttsche New
[RFC,v2,3/4] checkpolicy: add not-self neverallow support [RFC,v2,1/4] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-24 Christian Göttsche New
[RFC,v2,2/4] libsepol: add not-self neverallow support [RFC,v2,1/4] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-24 Christian Göttsche New
[RFC,v2,1/4] libsepol: introduce ebitmap_subtract() [RFC,v2,1/4] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-24 Christian Göttsche New
[5.10,130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT Untitled series #585215 1 1 - --- 2021-11-24 Greg Kroah-Hartman pcmoore Not Applicable
[5.15,222/279] block: Check ADMIN before NICE for IOPRIO_CLASS_RT Untitled series #585227 1 1 - --- 2021-11-24 Greg Kroah-Hartman pcmoore Not Applicable
Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS 1 - - --- 2021-11-24 Jacob M Cutright Accepted
[v30,28/28] AppArmor: Remove the exclusive flag [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 1 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,27/28] LSM: Add /proc attr entry for full LSM context [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - 1 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,26/28] Audit: Add record for multiple object security contexts [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,25/28] Audit: Add record for multiple task security contexts [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,24/28] Audit: Add framework for auxiliary records [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,23/28] Audit: Create audit_stamp structure [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,22/28] Audit: Keep multiple LSM data in audit_names [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,21/28] LSM: Extend security_secid_to_secctx to include module selection [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,20/28] binder: Pass LSM identifier for confirmation [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,19/28] NET: Store LSM netlabel data in a lsmblob [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,18/28] LSM: security_secid_to_secctx in netlink netfilter [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 3 2 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,17/28] LSM: Use lsmcontext in security_inode_getsecctx [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 3 2 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,16/28] LSM: Use lsmcontext in security_secid_to_secctx [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 1 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,15/28] LSM: Ensure the correct LSM context releaser [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 3 2 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,14/28] LSM: Specify which LSM to display [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,13/28] LSM: Use lsmblob in security_cred_getsecid [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,12/28] LSM: Use lsmblob in security_inode_getsecid [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,11/28] LSM: Use lsmblob in security_task_getsecid [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,10/28] LSM: Use lsmblob in security_ipc_getsecid [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,09/28] LSM: Use lsmblob in security_secid_to_secctx [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,08/28] LSM: Use lsmblob in security_secctx_to_secid [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,07/28] LSM: Use lsmblob in security_kernel_act_as [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,06/28] LSM: Use lsmblob in security_audit_rule_match [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,05/28] IMA: avoid label collisions with stacked LSMs [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,04/28] LSM: provide lsm name and id slot mappings [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,03/28] LSM: Add the lsmblob data structure. [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,02/28] LSM: Infrastructure management of the sock security [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2021-11-24 Casey Schaufler pcmoore New
[v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2021-11-24 Casey Schaufler pcmoore New
[GIT,PULL] SELinux fixes for v5.16 (#2) [GIT,PULL] SELinux fixes for v5.16 (#2) - - - --- 2021-11-23 Paul Moore pcmoore Accepted
[RFC,3/3] checkpolicy: add not-self neverallow support [RFC,1/3] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-23 Christian Göttsche New
[RFC,2/3] libsepol: add not-self neverallow support [RFC,1/3] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-23 Christian Göttsche New
[RFC,1/3] libsepol: introduce ebitmap_subtract() [RFC,1/3] libsepol: introduce ebitmap_subtract() - - - --- 2021-11-23 Christian Göttsche New
[3/3] Replace PCRE with PCRE2 build dependencies [1/3] mcstrans: port to new PCRE2 from end-of-life PCRE 1 - - --- 2021-11-23 Christian Göttsche New
[2/3] libselinux: use PCRE2 by default [1/3] mcstrans: port to new PCRE2 from end-of-life PCRE 1 - - --- 2021-11-23 Christian Göttsche New
[1/3] mcstrans: port to new PCRE2 from end-of-life PCRE [1/3] mcstrans: port to new PCRE2 from end-of-life PCRE - - - --- 2021-11-23 Christian Göttsche New
semodule: Don't forget to munmap() data semodule: Don't forget to munmap() data 1 - - --- 2021-11-23 Petr Lautrbach Accepted
libselinux: Fix selinux_restorecon_parallel symbol version libselinux: Fix selinux_restorecon_parallel symbol version 1 - - --- 2021-11-23 Petr Lautrbach Accepted
[2/2] dbus: Add filetrans for /tmp/dbus-* session socket [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
[1/2] selinux: Add map perms [1/2] selinux: Add map perms - - - --- 2021-11-21 Jason Zaman New
Kernel policy language is infix Kernel policy language is infix - - - --- 2021-11-19 Topi Miettinen New
Kernel policy language is infix Kernel policy language is infix - - - --- 2021-11-19 Topi Miettinen New
selinux: fix NULL-pointer dereference when hashtab allocation fails selinux: fix NULL-pointer dereference when hashtab allocation fails - - - --- 2021-11-19 Ondrej Mosnacek pcmoore Accepted
[testsuite] tests/inet_socket: Add socket transition tests [testsuite] tests/inet_socket: Add socket transition tests - - - --- 2021-11-17 Richard Haines omos New
[v19,4/4] overlayfs: inode_owner_or_capable called during execv overlayfs override_creds=off & nested get xattr fix - - - --- 2021-11-17 David Anderson pcmoore New
[v19,3/4] overlayfs: override_creds=off option bypass creator_cred overlayfs override_creds=off & nested get xattr fix - - - --- 2021-11-17 David Anderson pcmoore New
[v19,2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method overlayfs override_creds=off & nested get xattr fix - - - --- 2021-11-17 David Anderson pcmoore New
[v19,1/4] Add flags option to get xattr method paired to __vfs_getxattr overlayfs override_creds=off & nested get xattr fix 5 1 - --- 2021-11-17 David Anderson pcmoore New
[V2] netlabel: Update man page to clarify SELinux labeling [V2] netlabel: Update man page to clarify SELinux labeling - - - --- 2021-11-16 Richard Haines pcmoore Accepted
netlabel: Update man page to clarify SELinux labeling netlabel: Update man page to clarify SELinux labeling - - - --- 2021-11-16 Richard Haines pcmoore Superseded
semodule: Fix lang_ext column index semodule: Fix lang_ext column index 1 - - --- 2021-11-16 Petr Lautrbach Accepted
semodule: add -m | --checksum option semodule: add -m | --checksum option 1 - - --- 2021-11-16 Petr Lautrbach Accepted
[RFC] capability: add capable_or to test for multiple caps with exactly one audit message [RFC] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2021-11-16 Christian Göttsche pcmoore New
[v3] selinux-notebook: New chapter: Hardening SELinux [v3] selinux-notebook: New chapter: Hardening SELinux - - - --- 2021-11-16 Topi Miettinen pcmoore New
ci: run the tests under ASan/UBsan on GHActions ci: run the tests under ASan/UBsan on GHActions - - - --- 2021-11-15 Evgeny Vereshchagin New
[v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT [v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT 1 - - --- 2021-11-15 Alistair Delva pcmoore Accepted
block: Check ADMIN before NICE for IOPRIO_CLASS_RT block: Check ADMIN before NICE for IOPRIO_CLASS_RT - - - --- 2021-11-15 Alistair Delva pcmoore Superseded
[v2] Support static-only builds [v2] Support static-only builds - - - --- 2021-11-13 Alyssa Ross New
[v2] selinux-notebook: New chapter: Hardening SELinux [v2] selinux-notebook: New chapter: Hardening SELinux - - - --- 2021-11-13 Topi Miettinen pcmoore Superseded
[GIT,PULL] SELinux fix / revert for v5.16 (#1) [GIT,PULL] SELinux fix / revert for v5.16 (#1) - - - --- 2021-11-12 Paul Moore pcmoore Accepted
net,lsm,selinux: revert the security_sctp_assoc_established() hook net,lsm,selinux: revert the security_sctp_assoc_established() hook - - - --- 2021-11-12 Paul Moore pcmoore Accepted
binder: fix test regression due to sender_euid change binder: fix test regression due to sender_euid change 2 - - --- 2021-11-12 Todd Kjos pcmoore Accepted
[12/12] libsemanage: add extern prototype for legacy function [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[11/12] libsemanage: include paired header for prototypes [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[10/12] libsemanage: mark local functions static [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[09/12] mcstrans: avoid missing prototypes [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[08/12] python: mark local functions static [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[07/12] sandbox: mark local functions static [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[06/12] policycoreutils: mark local functions static [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[05/12] checkpolicy: ignore possible string truncation [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[04/12] Enable extra global compiler warnings [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[03/12] policycoreutils: use string literal as format strings [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[02/12] libsepol: use string literals as format strings [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[01/12] checkpolicy: use correct unsigned format specifiers [01/12] checkpolicy: use correct unsigned format specifiers 1 - - --- 2021-11-12 Christian Göttsche Accepted
selinux-notebook: New chapter: Hardening SELinux selinux-notebook: New chapter: Hardening SELinux - - - --- 2021-11-12 Topi Miettinen pcmoore Superseded
Support static-only builds Support static-only builds - - - --- 2021-11-11 Alyssa Ross Superseded
[5.10,3/3] binder: use cred instead of task for getsecid [5.10,1/3] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
« 1 2 3 465 66 »