Show patches with: none      |   4448 patches
« 1 2 3 444 45 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
libselpol: Sort portcon rules consistently libselpol: Sort portcon rules consistently 1 - - 0 0 0 2020-05-28 James Carter New
[v4] selinux: allow reading labels before policy is loaded [v4] selinux: allow reading labels before policy is loaded 1 - - 0 0 0 2020-05-28 Jonathan Lebon New
[v2,3/3] sepolgen-ifgen: refactor default policy path retrieval [v2,1/3] sepolgen: parse gen_tunable as bool - - - 0 0 0 2020-05-28 Christian Göttsche New
[v2,2/3] refparser: add missing newline after error message [v2,1/3] sepolgen: parse gen_tunable as bool 1 - - 0 0 0 2020-05-28 Christian Göttsche New
[v2,1/3] sepolgen: parse gen_tunable as bool [v2,1/3] sepolgen: parse gen_tunable as bool - - - 0 0 0 2020-05-28 Christian Göttsche New
Add restorecon -x opt to not cross FS boundaries (cf github #208) Add restorecon -x opt to not cross FS boundaries (cf github #208) - - - 0 0 0 2020-05-26 Peter Whittaker New
semanage bash completion: handle semanage module #246 semanage bash completion: handle semanage module #246 - - - 0 0 0 2020-05-25 Topi Miettinen New
checkpolicy: Minor tweaks to the names of the contributors to the manpages checkpolicy: Minor tweaks to the names of the contributors to the manpages 1 - - 0 0 0 2020-05-25 Andrej Shadura New
capabilities: Introduce CAP_RESTORE capabilities: Introduce CAP_RESTORE - - - 0 0 0 2020-05-22 Adrian Reber New
[v2] ci: run SELinux kernel test suite [v2] ci: run SELinux kernel test suite - - - 0 0 0 2020-05-20 William Roberts New
[v3] secilc/docs: fix use of TMPDIR [v3] secilc/docs: fix use of TMPDIR 1 - - 0 0 0 2020-05-15 Topi Miettinen New
[v17,23/23] AppArmor: Remove the exclusive flag LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,22/23] LSM: Add /proc attr entry for full LSM context LSM: Module stacking for AppArmor - 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,21/23] Audit: Add a new record for multiple object LSM attributes LSM: Module stacking for AppArmor - 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,20/23] Audit: Add a new record for multiple subject LSM attributes LSM: Module stacking for AppArmor - 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,19/23] LSM: Verify LSM display sanity in binder LSM: Module stacking for AppArmor 1 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,18/23] NET: Store LSM netlabel data in a lsmblob LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,17/23] LSM: security_secid_to_secctx in netlink netfilter LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,16/23] LSM: Use lsmcontext in security_inode_getsecctx LSM: Module stacking for AppArmor 1 - - 0 0 0 2020-05-14 Casey Schaufler New
[v17,15/23] LSM: Use lsmcontext in security_secid_to_secctx LSM: Module stacking for AppArmor 2 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,14/23] LSM: Ensure the correct LSM context releaser LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,13/23] LSM: Specify which LSM to display LSM: Module stacking for AppArmor 2 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,12/23] IMA: Change internal interfaces to use lsmblobs LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,11/23] LSM: Use lsmblob in security_cred_getsecid LSM: Module stacking for AppArmor 2 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,10/23] LSM: Use lsmblob in security_inode_getsecid LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,09/23] LSM: Use lsmblob in security_task_getsecid LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,08/23] LSM: Use lsmblob in security_ipc_getsecid LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,07/23] LSM: Use lsmblob in security_secid_to_secctx LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,06/23] Use lsmblob in security_secctx_to_secid LSM: Module stacking for AppArmor - 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,05/23] net: Prepare UDS for security module stacking LSM: Module stacking for AppArmor - 1 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,04/23] LSM: Use lsmblob in security_kernel_act_as LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,03/23] LSM: Use lsmblob in security_audit_rule_match LSM: Module stacking for AppArmor 1 2 - 0 0 0 2020-05-14 Casey Schaufler New
[v17,02/23] LSM: Create and manage the lsmblob data structure. LSM: Module stacking for AppArmor 2 - - 0 0 0 2020-05-14 Casey Schaufler New
[v17,01/23] LSM: Infrastructure management of the sock security LSM: Module stacking for AppArmor 2 2 - 0 0 0 2020-05-14 Casey Schaufler New
keys: Move permissions checking decisions into the checking code keys: Move permissions checking decisions into the checking code - - - 0 0 0 2020-05-14 David Howells New
[3/3] fs: move kernel_read*() calls to its own symbol namespace fs: reduce export usage of kerne_read*() calls - - - 0 0 0 2020-05-13 Luis Chamberlain New
[2/3] security: add symbol namespace for reading file data fs: reduce export usage of kerne_read*() calls - - - 0 0 0 2020-05-13 Luis Chamberlain New
[1/3] fs: unexport kernel_read_file() fs: reduce export usage of kerne_read*() calls - - - 0 0 0 2020-05-13 Luis Chamberlain New
chcat: don't crash if access to binary policy is prohibited chcat: don't crash if access to binary policy is prohibited - - - 0 0 0 2020-05-09 bauen1 New
[v2,3/3] selinux: complete the inlining of hashtab functions Inline some hashtab functions to improve performance - - - 0 0 0 2020-05-04 Ondrej Mosnacek New
[v2,2/3] selinux: prepare for inlining of hashtab functions Inline some hashtab functions to improve performance - - - 0 0 0 2020-05-04 Ondrej Mosnacek New
[v2,1/3] selinux: specialize symtab insert and search functions Inline some hashtab functions to improve performance - - - 0 0 0 2020-05-04 Ondrej Mosnacek New
[v3,2/2] libsepol: implement POLICYDB_VERSION_COMP_FTRANS userspace: Implement new format of filename trans rules - - - 0 0 0 2020-05-02 Ondrej Mosnacek New
[v3,1/2] libsepol,checkpolicy: optimize storage of filename transitions userspace: Implement new format of filename trans rules - - - 0 0 0 2020-05-02 Ondrej Mosnacek New
[v3,3/3] perf docs: introduce security.txt file to document related issues perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-30 Alexey Budankov New
[v3,2/3] perf tool: make Perf tool aware of SELinux access control perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-30 Alexey Budankov New
[v3,1/3] perf docs: extend CAP_SYS_ADMIN with CAP_PERFMON where needed perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-30 Alexey Budankov New
[v3,3/3] perf docs: introduce security.txt file to document related issues perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-24 Alexey Budankov New
[v3,2/3] perf tool: make Perf tool aware of SELinux access control perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-24 Alexey Budankov New
[v3,1/3] perf docs: extend CAP_SYS_ADMIN with CAP_PERFMON where needed perf: make Perf tool aware of SELinux access control - - - 0 0 0 2020-04-24 Alexey Budankov New
[v5,3/3] Wire UFFD up to SELinux SELinux support for anonymous inodes and UFFD - - - 0 0 0 2020-04-01 Daniel Colascione New
[v5,2/3] Teach SELinux about anonymous inodes SELinux support for anonymous inodes and UFFD - - - 0 0 0 2020-04-01 Daniel Colascione New
[v5,1/3] Add a new LSM-supporting anonymous inode interface SELinux support for anonymous inodes and UFFD - - - 0 0 0 2020-04-01 Daniel Colascione New
[RFC,5/5] selinux-testsuite: add testing for unprivileged sandboxing capability [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,4/5] selinux-testsuite: add tests/sandbox/rxdir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,3/5] selinux-testsuite: add tests/sandbox/rxdir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,2/5] selinux-testsuite: add tests/sandbox/nodir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability [RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC] selinux: add unprivileged sandboxing capability [RFC] selinux: add unprivileged sandboxing capability - - - 0 0 0 2020-03-13 Stephen Smalley New
security/selinux: Add support for new key permissions security/selinux: Add support for new key permissions - - - 0 0 0 2020-02-03 Richard Haines New
[RFC,v3] security,capability: pass object information to security_capable [RFC,v3] security,capability: pass object information to security_capable - - - 0 0 0 2019-08-15 Aaron Goidel New
[RFC] audit, security: allow LSMs to selectively enable audit collection [RFC] audit, security: allow LSMs to selectively enable audit collection - - - 0 0 0 2019-08-15 Aaron Goidel New
[v4,21/21] fuse: Allow user namespace mounts 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,20/21] fuse: Restrict allow_other to the superblock's namespace or a descendant 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,15/21] fs: Don't remove suid for CAP_FSETID in s_user_ns 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 1 - 0 0 0 2016-04-26 Seth Forshee New
[v4,09/21] Smack: Handle labels consistently in untrusted mounts 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,07/21] selinux: Add support for unprivileged mounts from user namespaces 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,06/21] fs: Treat foreign mounts as nosuid 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,05/21] block_dev: Check permissions towards block device inode when mounting 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,01/21] fs: fix a posible leak of allocated superblock 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - 0 0 0 2016-04-26 Seth Forshee New
[RFC,V2] selinux-testsuite: Add check for key changes on watch_queue [RFC,V2] selinux-testsuite: Add check for key changes on watch_queue - - - 0 0 0 2020-05-15 Richard Haines omos Under Review
[RFC] selinux-testsuite: Run tests using remote server [RFC] selinux-testsuite: Run tests using remote server - - - 0 0 0 2020-04-20 Richard Haines omos Under Review
[v3,2/2] libsepol/cil: Return error when identifier declared as both type and attribute [v3,1/2] libsepol/cil: Initialize the multiple_decls field of the cil db 1 - - 0 0 0 2020-05-26 James Carter Accepted
[v3,1/2] libsepol/cil: Initialize the multiple_decls field of the cil db [v3,1/2] libsepol/cil: Initialize the multiple_decls field of the cil db 1 - - 0 0 0 2020-05-26 James Carter Accepted
[v2,3/3] libsepol: Improve writing CIL category rules [v2,1/3] libsepol: Write CIL default MLS rules on separate lines 1 - - 0 0 0 2020-05-22 James Carter Accepted
[v2,2/3] libsepol: Improve writing CIL sensitivity rules [v2,1/3] libsepol: Write CIL default MLS rules on separate lines - - - 0 0 0 2020-05-22 James Carter Accepted
« 1 2 3 444 45 »