Show patches with: Archived = No       |   9007 patches
« 1 2 3 490 91 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v2,13/13] LSM: Remove lsmblob scaffolding [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,12/13] Netlabel: Use lsmblob for audit data [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,11/13] Audit: Change context data from secid to lsmblob [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,10/13] LSM: Create new security_cred_getlsmblob LSM hook [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,09/13] Audit: use an lsmblob in audit_names [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,08/13] LSM: Use lsmblob in security_inode_getsecid [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,07/13] LSM: Use lsmblob in security_current_getsecid [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,06/13] Audit: Update shutdown LSM data [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,05/13] LSM: Use lsmblob in security_ipc_getsecid [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,04/13] Audit: maintain an lsmblob in audit_context [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,03/13] LSM: Add lsmblob_to_secctx hook [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,02/13] LSM: Use lsmblob in security_audit_rule_match [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[v2,01/13] LSM: Add the lsmblob data structure. [v2,01/13] LSM: Add the lsmblob data structure. - - - --- 2024-08-30 Casey Schaufler New
[testsuite,v2] tests/extended_socket_class: test SMC sockets [testsuite,v2] tests/extended_socket_class: test SMC sockets - - - --- 2024-08-29 Stephen Smalley New
[testsuite] policy,tests: add tests for netlink xperms [testsuite] policy,tests: add tests for netlink xperms - - 1 --- 2024-08-28 Stephen Smalley New
[v3] checkpolicy: Fix MLS users in optional blocks [v3] checkpolicy: Fix MLS users in optional blocks - - - --- 2024-08-28 James Carter bachradsusi New
[v2] sepolgen-ifgen: allow M4 escaped filenames [v2] sepolgen-ifgen: allow M4 escaped filenames - - - --- 2024-08-27 Petr Lautrbach bachradsusi New
libselinux: rename hashtab functions libselinux: rename hashtab functions 1 - - --- 2024-08-26 Thiébaud Weksteen bachradsusi New
[3/3] libsepol: Add policy capability netlink_xperm [1/3] libsepol: Rename ioctl xperms structures and functions 1 - - --- 2024-08-22 Thiébaud Weksteen bachradsusi New
[2/3] libsepol: Support nlmsg extended permissions [1/3] libsepol: Rename ioctl xperms structures and functions 1 - - --- 2024-08-22 Thiébaud Weksteen bachradsusi New
[1/3] libsepol: Rename ioctl xperms structures and functions [1/3] libsepol: Rename ioctl xperms structures and functions 1 - - --- 2024-08-22 Thiébaud Weksteen bachradsusi New
selinux: Add netlink xperm support selinux: Add netlink xperm support 1 - 1 --- 2024-08-20 Thiébaud Weksteen pcmoore New
sepolgen-ifgen: allow M4 escaped filenames sepolgen-ifgen: allow M4 escaped filenames - - - --- 2024-08-19 Petr Lautrbach bachradsusi New
checkpolicy: Fix MLS users in optional blocks checkpolicy: Fix MLS users in optional blocks - - - --- 2024-08-14 James Carter bachradsusi New
checkpolicy: Fix MLS users in optional blocks checkpolicy: Fix MLS users in optional blocks - - - --- 2024-08-12 James Carter bachradsusi New
libsepol/cil: Allow dotted names in aliasactual rules libsepol/cil: Allow dotted names in aliasactual rules - - - --- 2024-08-12 James Carter bachradsusi New
[v2,2/2] security: remove unused cred_alloc_blank/cred_transfer helpers get rid of cred_transfer - - - --- 2024-08-05 Jann Horn pcmoore New
[v2,1/2] KEYS: use synchronous task work for changing parent credentials get rid of cred_transfer - - - --- 2024-08-05 Jann Horn pcmoore New
[testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup [testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup - - - --- 2024-07-02 Gong Ruiqi omos New
[PR,#134] sesearch: CIL output [PR,#134] sesearch: CIL output - - - --- 2024-05-17 Topi Miettinen bachradsusi New
[RFC] ima: Use sequence number to wait for policy updates [RFC] ima: Use sequence number to wait for policy updates - - - --- 2024-05-07 Roberto Sassu pcmoore New
[RFC,3/3] newrole: use ROWHAMMER resistant values [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,2/3] newrole: cleanse shadow data hold by libc [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,1/3] newrole: constant time password comparison [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[2/2] selinux: add support for xperms in conditional policies [1/2] selinux: constify source policy in cond_policydb_dup() - - - --- 2024-04-05 Christian Göttsche pcmoore New
[1/1] selinux,smack: don't bypass permissions check in inode_setsecctx hook selinux,smack: don't bypass permissions check in inode_setsecctx hook 1 3 1 --- 2024-08-28 Scott Mayhew pcmoore Under Review
[testsuite] tests/extended_socket_class: test SMC sockets [testsuite] tests/extended_socket_class: test SMC sockets - 1 - --- 2024-08-16 Stephen Smalley omos Under Review
selinux: support IPPROTO_SMC in socket_type_to_security_class() selinux: support IPPROTO_SMC in socket_type_to_security_class() 1 - - --- 2024-08-15 Jeongjun Park pcmoore Under Review
[2/2] selinux: move genheaders to security/selinux/ selinux: Do not include <linux/*.h> from host programs (+ extra clean-up) - - - --- 2024-08-09 Masahiro Yamada pcmoore Under Review
[1/2] selinux: do not include <linux/*.h> headers from host programs selinux: Do not include <linux/*.h> from host programs (+ extra clean-up) - - - --- 2024-08-09 Masahiro Yamada pcmoore Under Review
[RFC,07/20] selinux: services: update type for umber of class permissions [RFC,01/20] selinux: check for multiplication overflow in put_entry() - - - --- 2023-07-06 Christian Göttsche pcmoore Under Review
[RFC] selinux: TESTING ONLY, PLEASE IGNORE [RFC] selinux: TESTING ONLY, PLEASE IGNORE - - - --- 2023-05-16 Paul Moore pcmoore Under Review
tests/sctp: reenable the SCTP ASCONF tests tests/sctp: reenable the SCTP ASCONF tests - - - --- 2022-08-09 Paul Moore omos Under Review
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime selinux-testsuite: Reduce sctp test runtime - - - --- 2020-11-04 Richard Haines omos Under Review
[RESEND] selinux: mark all newly created Internet domain sockets as labeled sockets [RESEND] selinux: mark all newly created Internet domain sockets as labeled sockets - - - --- 2024-08-28 Guido Trentalancia pcmoore Accepted
selinux: replace kmem_cache_create() with KMEM_CACHE() selinux: replace kmem_cache_create() with KMEM_CACHE() - - - --- 2024-08-27 ericsu@linux.microsoft.com pcmoore Accepted
[testsuite] tests/key_socket: skip the test if CONFIG_NET_KEY is not enabled [testsuite] tests/key_socket: skip the test if CONFIG_NET_KEY is not enabled 1 - - --- 2024-08-27 Ondrej Mosnacek omos Accepted
selinux: annotate false positive data race to avoid KCSAN warnings selinux: annotate false positive data race to avoid KCSAN warnings - - - --- 2024-08-26 Stephen Smalley pcmoore Accepted
[1/1] selinux: simplify avc_xperms_audit_required() [1/1] selinux: simplify avc_xperms_audit_required() - - - --- 2024-08-22 Zhen Lei pcmoore Accepted
[GIT,PULL] selinux/selinux-pr-20240814 [GIT,PULL] selinux/selinux-pr-20240814 - - - --- 2024-08-14 Paul Moore pcmoore Accepted
selinux: revert our use of vma_is_initial_heap() selinux: revert our use of vma_is_initial_heap() - - - --- 2024-08-08 Paul Moore pcmoore Accepted
[1/1] selinux: add the processing of the failure of avc_add_xperms_decision() [1/1] selinux: add the processing of the failure of avc_add_xperms_decision() 1 - - --- 2024-08-07 Leizhen (ThunderTown) pcmoore Accepted
[1/1] selinux: Fix potential counting error in avc_add_xperms_decision() [1/1] selinux: Fix potential counting error in avc_add_xperms_decision() 1 - - --- 2024-08-06 Leizhen (ThunderTown) pcmoore Accepted
[v1,2/2] policygen: respect CIL option when generating comments [v1,1/2] sepolgen: initialize gen_cil - - - --- 2024-08-01 dmitry.sharshakov@siderolabs.com bachradsusi Accepted
[v1,1/2] sepolgen: initialize gen_cil [v1,1/2] sepolgen: initialize gen_cil 1 - - --- 2024-08-01 dmitry.sharshakov@siderolabs.com bachradsusi Accepted
[v5] libsemanage: Preserve file context and ownership in policy store [v5] libsemanage: Preserve file context and ownership in policy store 1 - - --- 2024-07-29 Vit Mojzis Accepted
libselinux/restorecon: Include <selinux/label.h> libselinux/restorecon: Include <selinux/label.h> 1 - - --- 2024-07-26 Vit Mojzis Accepted
libsepol/cil: Check that sym_index is within bounds libsepol/cil: Check that sym_index is within bounds 1 - - --- 2024-07-23 Vit Mojzis bachradsusi Accepted
libsepol/sepol_compute_sid: Do not destroy uninitialized context libsepol/sepol_compute_sid: Do not destroy uninitialized context 1 1 - --- 2024-07-19 Vit Mojzis bachradsusi Accepted
[GIT,PULL] selinux/selinux-pr-20240715 [GIT,PULL] selinux/selinux-pr-20240715 - - - --- 2024-07-15 Paul Moore pcmoore Accepted
[-next,v2] selinux: refactor code to return ERR_PTR in selinux_netlbl_sock_genattr [-next,v2] selinux: refactor code to return ERR_PTR in selinux_netlbl_sock_genattr - - - --- 2024-07-12 Gaosheng Cui pcmoore Accepted
libselinux: set free'd data to NULL libselinux: set free'd data to NULL 1 - - --- 2024-07-09 Petr Lautrbach bachradsusi Accepted
checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix 1 - - --- 2024-07-08 James Carter bachradsusi Accepted
selinux: Streamline type determination in security_compute_sid selinux: Streamline type determination in security_compute_sid - - - --- 2024-07-03 Canfeng Guo pcmoore Accepted
libselinux: Fix integer comparison issues when compiling for 32-bit libselinux: Fix integer comparison issues when compiling for 32-bit 1 1 - --- 2024-07-01 James Carter bachradsusi Accepted
selinux: Use 1UL for EBITMAP_BIT to match maps type selinux: Use 1UL for EBITMAP_BIT to match maps type - - - --- 2024-06-29 Canfeng Guo pcmoore Accepted
[v2] libselinux: deprecate security_disable(3) [v2] libselinux: deprecate security_disable(3) 1 - - --- 2024-06-23 Christian Göttsche bachradsusi Accepted
libsepol: check scope permissions refer to valid class libsepol: check scope permissions refer to valid class 1 - - --- 2024-06-15 Christian Göttsche bachradsusi Accepted
libsepol: Do not reject all type rules in conditionals when validating libsepol: Do not reject all type rules in conditionals when validating 1 1 - --- 2024-06-14 James Carter bachradsusi Accepted
tree-wide: fix misc typos tree-wide: fix misc typos 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
checkpolicy: reject duplicate nodecon statements checkpolicy: reject duplicate nodecon statements 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[2/2] libsepol: rework permission enabled check [1/2] libsepol: move unchanged data out of loop 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[1/2] libsepol: move unchanged data out of loop [1/2] libsepol: move unchanged data out of loop 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[2/2] libselinux: constify avc_open(3) parameter [1/2] libselinux: deprecate security_disable(3) 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
libsepol: hashtab: save one comparison on hit libsepol: hashtab: save one comparison on hit 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
libsepol: validate attribute-type maps libsepol: validate attribute-type maps 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
libsepol: contify function pointer arrays libsepol: contify function pointer arrays 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
fixfiles: drop unnecessary \ line endings fixfiles: drop unnecessary \ line endings 1 - - --- 2024-06-06 Petr Lautrbach bachradsusi Accepted
[v3,2/2,testsuite] tests/nfs_filesystem: comment out failing mount [v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-31 Stephen Smalley omos Accepted
[v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now [v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-31 Stephen Smalley omos Accepted
[4/4] sandbox: Add support for Wayland [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[3/4] seunshare: Add [ -P pipewiresocket ] [ -W waylandsocket ] options [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[2/4] sandbox: do not run window manager if it's not a session [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[1/4] sandbox: do not fail without xmodmap [1/4] sandbox: do not fail without xmodmap 1 - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[GIT,PULL] selinux/selinux-pr-20240513 [GIT,PULL] selinux/selinux-pr-20240513 - - - --- 2024-05-13 Paul Moore pcmoore Accepted
[2/2] checkpolicy: support CIDR notation for nodecon statements [1/2] checkpolicy: perform contiguous check in host byte order - - - --- 2024-05-08 Christian Göttsche bachradsusi Accepted
[1/2] checkpolicy: perform contiguous check in host byte order [1/2] checkpolicy: perform contiguous check in host byte order 1 - - --- 2024-05-08 Christian Göttsche bachradsusi Accepted
[4/4] libsepol: include prefix for module policy versions [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[3/4] libsepol: validate type-attribute-map for old policies [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[2/4] libsepol: only exempt gaps checking for kernel policies [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[1/4] libsepol: reject self flag in type rules in old policies [1/4] libsepol: reject self flag in type rules in old policies 1 - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) 1 - - --- 2024-04-30 Vit Mojzis bachradsusi Accepted
[3/3] mcstrans: free constraint in error branch [1/3] libselinux: free empty scandir(3) result - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[2/3] libselinux: avoid pointer dereference before check [1/3] libselinux: free empty scandir(3) result - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[1/3] libselinux: free empty scandir(3) result [1/3] libselinux: free empty scandir(3) result 1 - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[5/5] libselinux: constify selinux_set_mapping(3) parameter [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[4/5] libselinux/man: add format attribute for set_matchpathcon_printf(3) [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[3/5] libselinux/man: use void in synopses [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[2/5] libselinux/man: sync const qualifiers [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[1/5] libselinux/man: correct file extension of man pages [1/5] libselinux/man: correct file extension of man pages 1 - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
« 1 2 3 490 91 »