Show patches with: Archived = No       |   8832 patches
« 1 2 3 488 89 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
libsepol: check scope permissions refer to valid class libsepol: check scope permissions refer to valid class - - - --- 2024-06-15 Christian Göttsche New
libsepol: Do not reject all type rules in conditionals when validating libsepol: Do not reject all type rules in conditionals when validating - 1 - --- 2024-06-14 James Carter New
[v2,10/10] drm: Replace strcpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao New
[v2,09/10] net: Replace strcpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao New
[v2,08/10] tracing: Replace strncpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao New
[v2,07/10] tsacct: Replace strncpy() with __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao New
[v2,06/10] mm/kmemleak: Replace strncpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-13 Yafang Shao New
[v2,05/10] mm/util: Fix possible race condition in kstrdup() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao New
[v2,04/10] bpftool: Ensure task comm is always NUL-terminated Improve the copy of task comm - 1 - --- 2024-06-13 Yafang Shao New
[v2,03/10] security: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-13 Yafang Shao New
[v2,02/10] auditsc: Replace memcpy() with __get_task_comm() Improve the copy of task comm 1 - - --- 2024-06-13 Yafang Shao New
[v2,01/10] fs/exec: Drop task_lock() inside __get_task_comm() Improve the copy of task comm - - - --- 2024-06-13 Yafang Shao New
tree-wide: fix misc typos tree-wide: fix misc typos 1 - - --- 2024-06-08 Christian Göttsche bachradsusi New
checkpolicy: reject duplicate nodecon statements checkpolicy: reject duplicate nodecon statements 1 - - --- 2024-06-08 Christian Göttsche bachradsusi New
[2/2] libsepol: rework permission enabled check [1/2] libsepol: move unchanged data out of loop 1 - - --- 2024-06-08 Christian Göttsche bachradsusi New
[1/2] libsepol: move unchanged data out of loop [1/2] libsepol: move unchanged data out of loop 1 - - --- 2024-06-08 Christian Göttsche bachradsusi New
[2/2] libselinux: constify avc_open(3) parameter [1/2] libselinux: deprecate security_disable(3) 1 - - --- 2024-06-08 Christian Göttsche bachradsusi New
[1/2] libselinux: deprecate security_disable(3) [1/2] libselinux: deprecate security_disable(3) - - - --- 2024-06-08 Christian Göttsche bachradsusi New
libsepol: hashtab: save one comparison on hit libsepol: hashtab: save one comparison on hit 1 - - --- 2024-06-08 Christian Göttsche bachradsusi New
libsepol: validate attribute-type maps libsepol: validate attribute-type maps 1 - - --- 2024-06-08 Christian Göttsche bachradsusi New
libsepol: contify function pointer arrays libsepol: contify function pointer arrays 1 - - --- 2024-06-08 Christian Göttsche bachradsusi New
fixfiles: drop unnecessary \ line endings fixfiles: drop unnecessary \ line endings 1 - - --- 2024-06-06 Petr Lautrbach bachradsusi New
[PR,#134] sesearch: CIL output [PR,#134] sesearch: CIL output - - - --- 2024-05-17 Topi Miettinen bachradsusi New
[RFC] ima: Use sequence number to wait for policy updates [RFC] ima: Use sequence number to wait for policy updates - - - --- 2024-05-07 Roberto Sassu pcmoore New
[v3] ima: Avoid blocking in RCU read-side critical section [v3] ima: Avoid blocking in RCU read-side critical section 1 2 - --- 2024-05-07 Guozihua (Scott) pcmoore New
[3/3] mcstrans: free constraint in error branch [1/3] libselinux: free empty scandir(3) result - - - --- 2024-04-29 Christian Göttsche bachradsusi New
[2/3] libselinux: avoid pointer dereference before check [1/3] libselinux: free empty scandir(3) result - - - --- 2024-04-29 Christian Göttsche bachradsusi New
[1/3] libselinux: free empty scandir(3) result [1/3] libselinux: free empty scandir(3) result 1 - - --- 2024-04-29 Christian Göttsche bachradsusi New
[RFC,3/3] newrole: use ROWHAMMER resistant values [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,2/3] newrole: cleanse shadow data hold by libc [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,1/3] newrole: constant time password comparison [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[2/2] selinux: add support for xperms in conditional policies [1/2] selinux: constify source policy in cond_policydb_dup() - - - --- 2024-04-05 Christian Göttsche pcmoore New
[RFC,2/2] selinux: wire up new execstack LSM hook Untitled series #835707 - - - --- 2024-03-15 Christian Göttsche pcmoore New
[RFC] libselinux: disable capturing in fcontext matching [RFC] libselinux: disable capturing in fcontext matching - - - --- 2024-01-08 Christian Göttsche bachradsusi New
[RFC,07/20] selinux: services: update type for umber of class permissions [RFC,01/20] selinux: check for multiplication overflow in put_entry() - - - --- 2023-07-06 Christian Göttsche pcmoore Under Review
[RFC] selinux: TESTING ONLY, PLEASE IGNORE [RFC] selinux: TESTING ONLY, PLEASE IGNORE - - - --- 2023-05-16 Paul Moore pcmoore Under Review
tests/sctp: reenable the SCTP ASCONF tests tests/sctp: reenable the SCTP ASCONF tests - - - --- 2022-08-09 Paul Moore omos Under Review
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime selinux-testsuite: Reduce sctp test runtime - - - --- 2020-11-04 Richard Haines omos Under Review
[v3,2/2,testsuite] tests/nfs_filesystem: comment out failing mount [v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-31 Stephen Smalley omos Accepted
[v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now [v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-31 Stephen Smalley omos Accepted
[4/4] sandbox: Add support for Wayland [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[3/4] seunshare: Add [ -P pipewiresocket ] [ -W waylandsocket ] options [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[2/4] sandbox: do not run window manager if it's not a session [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[1/4] sandbox: do not fail without xmodmap [1/4] sandbox: do not fail without xmodmap 1 - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[GIT,PULL] selinux/selinux-pr-20240513 [GIT,PULL] selinux/selinux-pr-20240513 - - - --- 2024-05-13 Paul Moore pcmoore Accepted
[2/2] checkpolicy: support CIDR notation for nodecon statements [1/2] checkpolicy: perform contiguous check in host byte order - - - --- 2024-05-08 Christian Göttsche bachradsusi Accepted
[1/2] checkpolicy: perform contiguous check in host byte order [1/2] checkpolicy: perform contiguous check in host byte order 1 - - --- 2024-05-08 Christian Göttsche bachradsusi Accepted
[4/4] libsepol: include prefix for module policy versions [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[3/4] libsepol: validate type-attribute-map for old policies [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[2/4] libsepol: only exempt gaps checking for kernel policies [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[1/4] libsepol: reject self flag in type rules in old policies [1/4] libsepol: reject self flag in type rules in old policies 1 - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) 1 - - --- 2024-04-30 Vit Mojzis bachradsusi Accepted
[5/5] libselinux: constify selinux_set_mapping(3) parameter [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[4/5] libselinux/man: add format attribute for set_matchpathcon_printf(3) [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[3/5] libselinux/man: use void in synopses [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[2/5] libselinux/man: sync const qualifiers [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[1/5] libselinux/man: correct file extension of man pages [1/5] libselinux/man: correct file extension of man pages 1 - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[v2] libsepol: validate class permissions [v2] libsepol: validate class permissions 1 - - --- 2024-04-15 Christian Göttsche bachradsusi Accepted
github: bump Python and Ruby versions github: bump Python and Ruby versions 1 - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[4/4] checkpolicy: drop global policyvers variable [1/4] libsepol: improve policy lookup failure message - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[3/4] checkpolicy: declare file local variable static [1/4] libsepol: improve policy lookup failure message - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[2/4] checkpolicy/tests: add test for splitting xperm rule [1/4] libsepol: improve policy lookup failure message - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[1/4] libsepol: improve policy lookup failure message [1/4] libsepol: improve policy lookup failure message 1 - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
libsepol: validate class permissions libsepol: validate class permissions - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[1/2] selinux: constify source policy in cond_policydb_dup() [1/2] selinux: constify source policy in cond_policydb_dup() - - - --- 2024-04-05 Christian Göttsche pcmoore Accepted
[v2] selinux: pre-allocate the status page [v2] selinux: pre-allocate the status page - - - --- 2024-04-05 Christian Göttsche pcmoore Accepted
selinux: avoid printk_ratelimit() selinux: avoid printk_ratelimit() - - - --- 2024-04-05 Christian Göttsche pcmoore Accepted
selinux: clarify return code in filename_trans_read_helper_compat() selinux: clarify return code in filename_trans_read_helper_compat() - - - --- 2024-04-04 Ondrej Mosnacek pcmoore Accepted
[GIT,PULL] selinux/selinux-pr-20240402 [GIT,PULL] selinux/selinux-pr-20240402 - - - --- 2024-04-03 Paul Moore pcmoore Accepted
libsepol: constify function pointer arrays libsepol: constify function pointer arrays 1 - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[6/6] checkpolicy: free complete role_allow_rule on error [1/6] checkpolicy: include <ctype.h> for isprint(3) - - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[5/6] checkpolicy: drop union stack_item_u [1/6] checkpolicy: include <ctype.h> for isprint(3) - - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[4/6] checkpolicy: drop never read member [1/6] checkpolicy: include <ctype.h> for isprint(3) - - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[3/6] libsepol: validate access vector permissions [1/6] checkpolicy: include <ctype.h> for isprint(3) - - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[2/6] checkpolicy/fuzz: override YY_FATAL_ERROR [1/6] checkpolicy: include <ctype.h> for isprint(3) - - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
[1/6] checkpolicy: include <ctype.h> for isprint(3) [1/6] checkpolicy: include <ctype.h> for isprint(3) 1 - - --- 2024-04-02 Christian Göttsche bachradsusi Accepted
libsepol/cil: Check common perms when verifiying "all" libsepol/cil: Check common perms when verifiying "all" - - - --- 2024-04-01 James Carter bachradsusi Accepted
[2/2] checkpolicy: update error diagnostic [1/2] checkpolicy: free identifiers on invalid typebounds - - - --- 2024-03-30 Christian Göttsche bachradsusi Accepted
[1/2] checkpolicy: free identifiers on invalid typebounds [1/2] checkpolicy: free identifiers on invalid typebounds 1 - - --- 2024-03-30 Christian Göttsche bachradsusi Accepted
selinux: avoid dereference of garbage after mount failure selinux: avoid dereference of garbage after mount failure - - - --- 2024-03-28 Christian Göttsche pcmoore Accepted
selinux: update numeric format specifiers for ebitmaps selinux: update numeric format specifiers for ebitmaps - - - --- 2024-03-27 Christian Göttsche pcmoore Accepted
[v2] libselinux: avoid logs in get_ordered_context_list() without policy [v2] libselinux: avoid logs in get_ordered_context_list() without policy - - - --- 2024-03-22 Christian Göttsche bachradsusi Accepted
[2/2] checkpolicy: handle unprintable token [1/2] checkpolicy: use YYerror only when available - - - --- 2024-03-22 Christian Göttsche bachradsusi Accepted
[1/2] checkpolicy: use YYerror only when available [1/2] checkpolicy: use YYerror only when available 1 - - --- 2024-03-22 Christian Göttsche bachradsusi Accepted
[v2] libselinux: avoid logs in get_ordered_context_list() without policy [v2] libselinux: avoid logs in get_ordered_context_list() without policy 1 - - --- 2024-03-22 Christian Göttsche bachradsusi Accepted
[PR#420,v4] audit2allow: CIL output mode [PR#420,v4] audit2allow: CIL output mode 1 - - --- 2024-03-19 Topi Miettinen Accepted
[v2,1/2] selinux: dump statistics for more hash tables [v2,1/2] selinux: dump statistics for more hash tables - - - --- 2024-03-15 Christian Göttsche pcmoore Accepted
[v2,2/2] selinux: improve symtab string hashing [v2,1/2] selinux: dump statistics for more hash tables - - - --- 2024-03-15 Christian Göttsche pcmoore Accepted
selinux: use u32 as bit type in ebitmap code selinux: use u32 as bit type in ebitmap code - - - --- 2024-03-15 Christian Göttsche pcmoore Accepted
[2/2] selinux: make more use of current_sid() [1/2] selinux: avoid identifier using reserved name - - - --- 2024-03-15 Christian Göttsche pcmoore Accepted
[v2] selinux: reject invalid ebitmaps [v2] selinux: reject invalid ebitmaps - - - --- 2024-03-15 Christian Göttsche pcmoore Accepted
libselinux: avoid logs in get_ordered_context_list() without policy libselinux: avoid logs in get_ordered_context_list() without policy - - - --- 2024-03-15 Christian Göttsche bachradsusi Accepted
libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks - - - --- 2024-03-13 James Carter bachradsusi Accepted
[5/5] libselinux/utils/selabel_digest: pass BASEONLY only for file backend [1/5] libselinux/utils/selabel_digest: drop unsupported option -d - - - --- 2024-03-13 Christian Göttsche bachradsusi Accepted
[4/5] libselinux: free data on selabel open failure [1/5] libselinux/utils/selabel_digest: drop unsupported option -d - - - --- 2024-03-13 Christian Göttsche bachradsusi Accepted
[3/5] libselinux/utils/selabel_digest: avoid buffer overflow [1/5] libselinux/utils/selabel_digest: drop unsupported option -d - - - --- 2024-03-13 Christian Göttsche bachradsusi Accepted
[2/5] libselinux/utils/selabel_digest: cleanup [1/5] libselinux/utils/selabel_digest: drop unsupported option -d - - - --- 2024-03-13 Christian Göttsche bachradsusi Accepted
[1/5] libselinux/utils/selabel_digest: drop unsupported option -d [1/5] libselinux/utils/selabel_digest: drop unsupported option -d 1 - - --- 2024-03-13 Christian Göttsche bachradsusi Accepted
[GIT,PULL] selinux/selinux-pr-20240312 [GIT,PULL] selinux/selinux-pr-20240312 - - - --- 2024-03-12 Paul Moore pcmoore Accepted
[v2] libsepol: Fix buffer overflow when using sepol_av_to_string() [v2] libsepol: Fix buffer overflow when using sepol_av_to_string() - - - --- 2024-03-11 James Carter bachradsusi Accepted
« 1 2 3 488 89 »