SELinux Development list

Show patches with: none | 8958 patches

« 1 2 ... 43 44 45 … 89 90 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	State
[v3,04/19] fs/kernel_read_file: Remove FIRMWARE_PREALLOC_BUFFER enum	Introduce partial kernel_read_file() support	1 1 -	---	2020-07-24	Kees Cook	Superseded
[v3,03/19] firmware_loader: EFI firmware loader must handle pre-allocated buffer	Introduce partial kernel_read_file() support	1 - -	---	2020-07-24	Kees Cook	Superseded
[v3,02/19] selftest/firmware: Add selftest timeout in settings	Introduce partial kernel_read_file() support	1 1 -	---	2020-07-24	Kees Cook	Superseded
[v3,01/19] test_firmware: Test platform fw loading on non-EFI systems	Introduce partial kernel_read_file() support	1 - -	---	2020-07-24	Kees Cook	Superseded
[v19,23/23] AppArmor: Remove the exclusive flag	LSM: Module stacking for AppArmor	2 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,22/23] LSM: Add /proc attr entry for full LSM context	LSM: Module stacking for AppArmor	- 1 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,21/23] Audit: Add a new record for multiple object LSM attributes	LSM: Module stacking for AppArmor	- - -	---	2020-07-24	Casey Schaufler	Superseded
[v19,20/23] Audit: Add new record for multiple process LSM attributes	LSM: Module stacking for AppArmor	- - -	---	2020-07-24	Casey Schaufler	Superseded
[v19,19/23] LSM: Verify LSM display sanity in binder	LSM: Module stacking for AppArmor	1 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,18/23] NET: Store LSM netlabel data in a lsmblob	LSM: Module stacking for AppArmor	1 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,17/23] LSM: security_secid_to_secctx in netlink netfilter	LSM: Module stacking for AppArmor	1 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,16/23] LSM: Use lsmcontext in security_inode_getsecctx	LSM: Module stacking for AppArmor	1 1 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,15/23] LSM: Use lsmcontext in security_secid_to_secctx	LSM: Module stacking for AppArmor	2 1 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,14/23] LSM: Ensure the correct LSM context releaser	LSM: Module stacking for AppArmor	1 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,13/23] LSM: Specify which LSM to display	LSM: Module stacking for AppArmor	2 1 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,12/23] IMA: Change internal interfaces to use lsmblobs	LSM: Module stacking for AppArmor	1 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,11/23] LSM: Use lsmblob in security_cred_getsecid	LSM: Module stacking for AppArmor	2 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,10/23] LSM: Use lsmblob in security_inode_getsecid	LSM: Module stacking for AppArmor	1 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,09/23] LSM: Use lsmblob in security_task_getsecid	LSM: Module stacking for AppArmor	1 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,08/23] LSM: Use lsmblob in security_ipc_getsecid	LSM: Module stacking for AppArmor	1 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,07/23] LSM: Use lsmblob in security_secid_to_secctx	LSM: Module stacking for AppArmor	1 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,06/23] LSM: Use lsmblob in security_secctx_to_secid	LSM: Module stacking for AppArmor	- 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,05/23] net: Prepare UDS for security module stacking	LSM: Module stacking for AppArmor	- 1 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,04/23] LSM: Use lsmblob in security_kernel_act_as	LSM: Module stacking for AppArmor	1 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,03/23] LSM: Use lsmblob in security_audit_rule_match	LSM: Module stacking for AppArmor	1 2 -	---	2020-07-24	Casey Schaufler	Superseded
[v19,02/23] LSM: Create and manage the lsmblob data structure.	LSM: Module stacking for AppArmor	3 - -	---	2020-07-24	Casey Schaufler	Superseded
[v19,01/23] LSM: Infrastructure management of the sock security	LSM: Module stacking for AppArmor	2 2 -	---	2020-07-24	Casey Schaufler	Superseded
[RFC] Improve getcon man page	[RFC] Improve getcon man page	- - -	---	2020-07-24	Christian Göttsche	Changes Requested
[v4] libselinux: use kernel status page by default	[v4] libselinux: use kernel status page by default	- - -	---	2020-07-24	Mike Palmiotto	Superseded
selinux: add tracepoint on denials	selinux: add tracepoint on denials	- - -	---	2020-07-24	Thiébaud Weksteen	Changes Requested
[v3] libselinux: use kernel status page by default	[v3] libselinux: use kernel status page by default	- - -	---	2020-07-23	Mike Palmiotto	Superseded
[SELinux-notebook,v9] objects.md: some clarifications	[SELinux-notebook,v9] objects.md: some clarifications	1 - -	---	2020-07-23	Dominick Grift	Accepted
[RESEND,PATCHv4,2/2] fuse: Call security hooks on new inodes	[RESEND,PATCHv4,1/2] uapi: fuse: Add FUSE_SECURITY_CTX	- - -	---	2020-07-22	Chirantan Ekbote	Not Applicable
[RESEND,PATCHv4,1/2] uapi: fuse: Add FUSE_SECURITY_CTX	[RESEND,PATCHv4,1/2] uapi: fuse: Add FUSE_SECURITY_CTX	- - -	---	2020-07-22	Chirantan Ekbote	Not Applicable
[SELinux-notebook,v8] objects.md: some clarifications	[SELinux-notebook,v8] objects.md: some clarifications	- - -	---	2020-07-21	Dominick Grift	Superseded
[SELinux-notebook,v2] lsm_selinux: document genfs_seclabel_symlinks policy capability	[SELinux-notebook,v2] lsm_selinux: document genfs_seclabel_symlinks policy capability	1 - -	---	2020-07-21	Dominick Grift	Accepted
[SELinux-notebook,v7] objects.md: some clarifications	[SELinux-notebook,v7] objects.md: some clarifications	- - -	---	2020-07-21	Dominick Grift	Superseded
[RFC] Porting glibc away from deprecated libselinux APIs	[RFC] Porting glibc away from deprecated libselinux APIs	- - -	---	2020-07-21	Arjun Shankar	RFC
policycoreutils: fix inaccurate description in sestatus	policycoreutils: fix inaccurate description in sestatus	- - -	---	2020-07-21	Dominick Grift	Rejected
[SELinux-notebook] lsm_selinux: document genfs_seclabel_symlinks policy capability	[SELinux-notebook] lsm_selinux: document genfs_seclabel_symlinks policy capability	- - -	---	2020-07-20	Dominick Grift	Changes Requested
[SELinux-notebook] object_classes_permissions: describe bpf and perfmon capabilities	[SELinux-notebook] object_classes_permissions: describe bpf and perfmon capabilities	1 - -	---	2020-07-20	Dominick Grift	Accepted
[SELinux-notebook,v5] adds CIL policy with makefile	[SELinux-notebook,v5] adds CIL policy with makefile	2 - -	---	2020-07-19	Dominick Grift	Accepted
[v5,2/2] libsepol: implement POLICYDB_VERSION_COMP_FTRANS	userspace: Implement new format of filename trans rules	- - -	---	2020-07-19	Ondrej Mosnacek	Superseded
[v5,1/2] libsepol,checkpolicy: optimize storage of filename transitions	userspace: Implement new format of filename trans rules	- - -	---	2020-07-19	Ondrej Mosnacek	Superseded
[v6,7/7] selftests: add clone3() CAP_CHECKPOINT_RESTORE test	capabilities: Introduce CAP_CHECKPOINT_RESTORE	- - -	---	2020-07-19	Adrian Reber	Not Applicable
[v6,6/7] prctl: exe link permission error changed from -EINVAL to -EPERM	capabilities: Introduce CAP_CHECKPOINT_RESTORE	- 1 -	---	2020-07-19	Adrian Reber	Not Applicable
[v6,5/7] prctl: Allow local CAP_CHECKPOINT_RESTORE to change /proc/self/exe	capabilities: Introduce CAP_CHECKPOINT_RESTORE	- - -	---	2020-07-19	Adrian Reber	Not Applicable
[v6,4/7] proc: allow access in init userns for map_files with CAP_CHECKPOINT_RESTORE	capabilities: Introduce CAP_CHECKPOINT_RESTORE	- 2 -	---	2020-07-19	Adrian Reber	Not Applicable
[v6,3/7] pid_namespace: use checkpoint_restore_ns_capable() for ns_last_pid	capabilities: Introduce CAP_CHECKPOINT_RESTORE	1 1 -	---	2020-07-19	Adrian Reber	Not Applicable
[v6,2/7] pid: use checkpoint_restore_ns_capable() for set_tid	capabilities: Introduce CAP_CHECKPOINT_RESTORE	1 1 -	---	2020-07-19	Adrian Reber	Not Applicable
[v6,1/7] capabilities: Introduce CAP_CHECKPOINT_RESTORE	capabilities: Introduce CAP_CHECKPOINT_RESTORE	1 1 -	---	2020-07-19	Adrian Reber	Not Applicable
[SELinux-notebook,v6] objects.md: some clarifications	[SELinux-notebook,v6] objects.md: some clarifications	- - -	---	2020-07-19	Dominick Grift	Changes Requested
[SELinux-notebook,v4] adds CIL policy with makefile	[SELinux-notebook,v4] adds CIL policy with makefile	1 - -	---	2020-07-18	Dominick Grift	Superseded
[SELinux-notebook,v5] objects.md: some clarifications	[SELinux-notebook,v5] objects.md: some clarifications	- - -	---	2020-07-18	Dominick Grift	Superseded
[v3,5/5] LSM: Define workqueue for measuring security module state	LSM: Measure security module state	- - -	---	2020-07-17	Lakshmi Ramasubramanian	Superseded
[v3,4/5] LSM: Define SELinux function to measure security state	LSM: Measure security module state	- - -	---	2020-07-17	Lakshmi Ramasubramanian	Superseded
[v3,3/5] LSM: Add security_measure_data in lsm_info struct	LSM: Measure security module state	- - -	---	2020-07-17	Lakshmi Ramasubramanian	Superseded
[v3,2/5] IMA: Define an IMA hook to measure LSM data	LSM: Measure security module state	- - -	---	2020-07-17	Lakshmi Ramasubramanian	Superseded
[v3,1/5] IMA: Add LSM_STATE func to measure LSM data	LSM: Measure security module state	- - -	---	2020-07-17	Lakshmi Ramasubramanian	Superseded
[13/13] fs/kernel_file_read: Add "offset" arg for partial reads	Introduce partial kernel_read_file() support	- - -	---	2020-07-17	Kees Cook	Superseded
[12/13] LSM: Add "contents" flag to kernel_read_file hook	Introduce partial kernel_read_file() support	- - -	---	2020-07-17	Kees Cook	Superseded
[11/13] module: Call security_kernel_post_load_data()	Introduce partial kernel_read_file() support	- - -	---	2020-07-17	Kees Cook	Superseded
[10/13] firmware_loader: Use security_post_load_data()	Introduce partial kernel_read_file() support	- - -	---	2020-07-17	Kees Cook	Superseded
[09/13] LSM: Introduce kernel_post_load_data() hook	Introduce partial kernel_read_file() support	- - -	---	2020-07-17	Kees Cook	Superseded
[08/13] fs/kernel_read_file: Add file_size output argument	Introduce partial kernel_read_file() support	- - -	---	2020-07-17	Kees Cook	Superseded
[07/13] fs/kernel_read_file: Switch buffer size arg to size_t	Introduce partial kernel_read_file() support	- - -	---	2020-07-17	Kees Cook	Superseded
[06/13] fs/kernel_read_file: Remove redundant size argument	Introduce partial kernel_read_file() support	- - -	---	2020-07-17	Kees Cook	Superseded
[05/13] fs/kernel_read_file: Split into separate source file	Introduce partial kernel_read_file() support	1 - -	---	2020-07-17	Kees Cook	Superseded
[04/13] fs/kernel_read_file: Split into separate include file	Introduce partial kernel_read_file() support	1 1 -	---	2020-07-17	Kees Cook	Superseded
[03/13] fs/kernel_read_file: Remove FIRMWARE_EFI_EMBEDDED enum	Introduce partial kernel_read_file() support	1 - -	---	2020-07-17	Kees Cook	Superseded
[02/13] fs/kernel_read_file: Remove FIRMWARE_PREALLOC_BUFFER enum	Introduce partial kernel_read_file() support	1 - -	---	2020-07-17	Kees Cook	Superseded
[01/13] firmware_loader: EFI firmware loader must handle pre-allocated buffer	Introduce partial kernel_read_file() support	1 - -	---	2020-07-17	Kees Cook	Superseded
[v4,2/2] libsepol: implement POLICYDB_VERSION_COMP_FTRANS	userspace: Implement new format of filename trans rules	- - -	---	2020-07-17	Ondrej Mosnacek	Superseded
[v4,1/2] libsepol,checkpolicy: optimize storage of filename transitions	userspace: Implement new format of filename trans rules	- - -	---	2020-07-17	Ondrej Mosnacek	Superseded
[v2] libselinux: Use sestatus if open	[v2] libselinux: Use sestatus if open	- - -	---	2020-07-16	Mike Palmiotto	Superseded
[RFC,5/5] keys: Implement a 'container' keyring	keys: Security changes, ACLs and Container keyring	- - -	---	2020-07-16	David Howells	Not Applicable
[RFC,4/5] keys: Split the search perms between KEY_NEED_USE and KEY_NEED_SEARCH	keys: Security changes, ACLs and Container keyring	- - -	---	2020-07-16	David Howells	Not Applicable
[RFC,3/5] keys: Provide KEYCTL_GRANT_PERMISSION	keys: Security changes, ACLs and Container keyring	- - -	---	2020-07-16	David Howells	Not Applicable
[RFC,1/5] keys: Move permissions checking decisions into the checking code	keys: Security changes, ACLs and Container keyring	- - -	---	2020-07-16	David Howells	Not Applicable
selinux: make use of variables when defining libdir and includedir	selinux: make use of variables when defining libdir and includedir	- - -	---	2020-07-16	W. Michael Petullo	Deferred
python/audit2allow: add #include <limits.h> to sepolgen-ifgen-attr-helper.c	python/audit2allow: add #include <limits.h> to sepolgen-ifgen-attr-helper.c	1 - -	---	2020-07-16	W. Michael Petullo	Accepted
[SELinux-notebook,v3] adds CIL policy with makefile	[SELinux-notebook,v3] adds CIL policy with makefile	- - -	---	2020-07-16	Dominick Grift	Superseded
[SELinux-notebook,v2] adds CIL policy with makefile	[SELinux-notebook,v2] adds CIL policy with makefile	- - -	---	2020-07-16	Dominick Grift	Superseded
[v2,5/5] LSM: Define workqueue for measuring security module state	LSM: Measure security module state	- - -	---	2020-07-16	Lakshmi Ramasubramanian	Superseded
[v2,4/5] LSM: Define SELinux function to measure security state	LSM: Measure security module state	- - -	---	2020-07-16	Lakshmi Ramasubramanian	Superseded
[v3,3/5] LSM: Add security_measure_data in lsm_info struct	LSM: Measure security module state	- - -	---	2020-07-16	Lakshmi Ramasubramanian	Superseded
[v2,2/5] IMA: Define an IMA hook to measure LSM data	LSM: Measure security module state	- - -	---	2020-07-16	Lakshmi Ramasubramanian	Superseded
[v2,1/5] IMA: Add LSM_STATE func to measure LSM data	LSM: Measure security module state	- - -	---	2020-07-16	Lakshmi Ramasubramanian	Superseded
restorecond: Set X-GNOME-HiddenUnderSystemd=true in restorecond.desktop file	restorecond: Set X-GNOME-HiddenUnderSystemd=true in restorecond.desktop file	1 - -	---	2020-07-16	Laurent Bigonville	Accepted
[SELinux-notebook,v4] objects.md: some clarifications	[SELinux-notebook,v4] objects.md: some clarifications	- - -	---	2020-07-16	Dominick Grift	Superseded
[SELinux-notebook,v3] objects.md: some clarifications	[SELinux-notebook,v3] objects.md: some clarifications	- - -	---	2020-07-16	Dominick Grift	Superseded
[SELinux-notebook] adds CIL policy with makefile	[SELinux-notebook] adds CIL policy with makefile	- - -	---	2020-07-16	Dominick Grift	Superseded
[v1,5/5] LSM: Define workqueue for measuring security module state	LSM: Measure security module state	- - -	---	2020-07-15	Lakshmi Ramasubramanian	Superseded
[v1,4/5] LSM: Define SELinux function to measure security state	LSM: Measure security module state	- - -	---	2020-07-15	Lakshmi Ramasubramanian	Superseded
[v1,3/5] LSM: Add security_state function pointer in lsm_info struct	LSM: Measure security module state	- - -	---	2020-07-15	Lakshmi Ramasubramanian	Superseded
[v1,2/5] IMA: Define an IMA hook to measure LSM data	LSM: Measure security module state	- - -	---	2020-07-15	Lakshmi Ramasubramanian	Superseded
[v1,1/5] IMA: Add LSM_STATE func to measure LSM data	LSM: Measure security module state	- - -	---	2020-07-15	Lakshmi Ramasubramanian	Superseded
[v5,6/6] selftests: add clone3() CAP_CHECKPOINT_RESTORE test	capabilities: Introduce CAP_CHECKPOINT_RESTORE	1 - -	---	2020-07-15	Adrian Reber	Superseded
[v5,5/6] prctl: Allow checkpoint/restore capable processes to change exe link	capabilities: Introduce CAP_CHECKPOINT_RESTORE	- - -	---	2020-07-15	Adrian Reber	Superseded
[v5,4/6] proc: allow access in init userns for map_files with CAP_CHECKPOINT_RESTORE	capabilities: Introduce CAP_CHECKPOINT_RESTORE	- 1 -	---	2020-07-15	Adrian Reber	Superseded

« 1 2 ... 43 44 45 … 89 90 »