Show patches with: Archived = No       |   9042 patches
« 1 2 3 490 91 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
selinux,smack: properly reference the LSM blob in security_watch_key() selinux,smack: properly reference the LSM blob in security_watch_key() - 1 - --- 2024-09-19 Paul Moore New
mm: call the security_mmap_file() LSM hook in remap_file_pages() mm: call the security_mmap_file() LSM hook in remap_file_pages() 1 - - --- 2024-09-19 Paul Moore New
[5/5] LSM: Use lsm_context in security_inode_notifysecctx [1/5] LSM: Replace context+len with lsm_context - - - --- 2024-09-17 Casey Schaufler New
[4/5] LSM: secctx provider check on release [1/5] LSM: Replace context+len with lsm_context - - - --- 2024-09-17 Casey Schaufler New
[3/5] LSM: lsm_context in security_dentry_init_security [1/5] LSM: Replace context+len with lsm_context - - - --- 2024-09-17 Casey Schaufler New
[2/5] LSM: Use lsm_context in security_inode_getsecctx [1/5] LSM: Replace context+len with lsm_context - - - --- 2024-09-17 Casey Schaufler New
[1/5] LSM: Replace context+len with lsm_context [1/5] LSM: Replace context+len with lsm_context - 1 - --- 2024-09-17 Casey Schaufler New
[GIT,PULL] selinux/selinux-pr-20240911 [GIT,PULL] selinux/selinux-pr-20240911 - - - --- 2024-09-13 Paul Moore pcmoore New
[testsuite] policy,tests: add tests for netlink xperms [testsuite] policy,tests: add tests for netlink xperms - - 1 --- 2024-08-28 Stephen Smalley omos New
[v3] checkpolicy: Fix MLS users in optional blocks [v3] checkpolicy: Fix MLS users in optional blocks - - - --- 2024-08-28 James Carter bachradsusi New
[v2] sepolgen-ifgen: allow M4 escaped filenames [v2] sepolgen-ifgen: allow M4 escaped filenames - - - --- 2024-08-27 Petr Lautrbach bachradsusi New
[v2,2/2] security: remove unused cred_alloc_blank/cred_transfer helpers get rid of cred_transfer - - - --- 2024-08-05 Jann Horn pcmoore New
[v2,1/2] KEYS: use synchronous task work for changing parent credentials get rid of cred_transfer - - - --- 2024-08-05 Jann Horn pcmoore New
[testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup [testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup - - - --- 2024-07-02 Gong Ruiqi omos New
[RFC] ima: Use sequence number to wait for policy updates [RFC] ima: Use sequence number to wait for policy updates - - - --- 2024-05-07 Roberto Sassu pcmoore New
[RFC,3/3] newrole: use ROWHAMMER resistant values [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,2/3] newrole: cleanse shadow data hold by libc [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[RFC,1/3] newrole: constant time password comparison [RFC,1/3] newrole: constant time password comparison - - - --- 2024-04-08 Christian Göttsche bachradsusi New
[2/2] selinux: add support for xperms in conditional policies [1/2] selinux: constify source policy in cond_policydb_dup() - - - --- 2024-04-05 Christian Göttsche pcmoore New
[v3] selinux: Add netlink xperm support [v3] selinux: Add netlink xperm support - - - --- 2024-09-12 Thiébaud Weksteen pcmoore Under Review
[v2,2/2] selinux: move genheaders to security/selinux/ [v2,1/2] selinux: do not include <linux/*.h> headers from host programs - - - --- 2024-09-06 Masahiro Yamada pcmoore Under Review
[v2,1/2] selinux: do not include <linux/*.h> headers from host programs [v2,1/2] selinux: do not include <linux/*.h> headers from host programs - - - --- 2024-09-06 Masahiro Yamada pcmoore Under Review
selinux: support IPPROTO_SMC in socket_type_to_security_class() selinux: support IPPROTO_SMC in socket_type_to_security_class() 1 - - --- 2024-08-15 Jeongjun Park pcmoore Under Review
[2/2] selinux: move genheaders to security/selinux/ selinux: Do not include <linux/*.h> from host programs (+ extra clean-up) - - - --- 2024-08-09 Masahiro Yamada pcmoore Under Review
[1/2] selinux: do not include <linux/*.h> headers from host programs selinux: Do not include <linux/*.h> from host programs (+ extra clean-up) - - - --- 2024-08-09 Masahiro Yamada pcmoore Under Review
[RFC,07/20] selinux: services: update type for umber of class permissions [RFC,01/20] selinux: check for multiplication overflow in put_entry() - - - --- 2023-07-06 Christian Göttsche pcmoore Under Review
[RFC] selinux: TESTING ONLY, PLEASE IGNORE [RFC] selinux: TESTING ONLY, PLEASE IGNORE - - - --- 2023-05-16 Paul Moore pcmoore Under Review
tests/sctp: reenable the SCTP ASCONF tests tests/sctp: reenable the SCTP ASCONF tests - - - --- 2022-08-09 Paul Moore omos Under Review
[RFC,1/1] selinux-testsuite: Reduce sctp test runtime selinux-testsuite: Reduce sctp test runtime - - - --- 2020-11-04 Richard Haines omos Under Review
[testsuite] policy/test_filesystem.te: fix policy for NFS over a symlinked directory [testsuite] policy/test_filesystem.te: fix policy for NFS over a symlinked directory 1 - - --- 2024-09-09 Ondrej Mosnacek omos Accepted
selinux: fix style problems in security/selinux/include/audit.h selinux: fix style problems in security/selinux/include/audit.h - - - --- 2024-09-03 Paul Moore pcmoore Accepted
[testsuite,v2] tests/extended_socket_class: test SMC sockets [testsuite,v2] tests/extended_socket_class: test SMC sockets - - - --- 2024-08-29 Stephen Smalley omos Accepted
[RESEND] selinux: mark all newly created Internet domain sockets as labeled sockets [RESEND] selinux: mark all newly created Internet domain sockets as labeled sockets - - - --- 2024-08-28 Guido Trentalancia pcmoore Accepted
selinux: replace kmem_cache_create() with KMEM_CACHE() selinux: replace kmem_cache_create() with KMEM_CACHE() - - - --- 2024-08-27 ericsu@linux.microsoft.com pcmoore Accepted
[testsuite] tests/key_socket: skip the test if CONFIG_NET_KEY is not enabled [testsuite] tests/key_socket: skip the test if CONFIG_NET_KEY is not enabled 1 - - --- 2024-08-27 Ondrej Mosnacek omos Accepted
selinux: annotate false positive data race to avoid KCSAN warnings selinux: annotate false positive data race to avoid KCSAN warnings - - - --- 2024-08-26 Stephen Smalley pcmoore Accepted
libselinux: rename hashtab functions libselinux: rename hashtab functions 1 - - --- 2024-08-26 Thiébaud Weksteen bachradsusi Accepted
[1/1] selinux: simplify avc_xperms_audit_required() [1/1] selinux: simplify avc_xperms_audit_required() - - - --- 2024-08-22 Leizhen (ThunderTown) pcmoore Accepted
[3/3] libsepol: Add policy capability netlink_xperm [1/3] libsepol: Rename ioctl xperms structures and functions 1 - - --- 2024-08-22 Thiébaud Weksteen bachradsusi Accepted
[2/3] libsepol: Support nlmsg extended permissions [1/3] libsepol: Rename ioctl xperms structures and functions 1 - - --- 2024-08-22 Thiébaud Weksteen bachradsusi Accepted
[1/3] libsepol: Rename ioctl xperms structures and functions [1/3] libsepol: Rename ioctl xperms structures and functions 1 - - --- 2024-08-22 Thiébaud Weksteen bachradsusi Accepted
[GIT,PULL] selinux/selinux-pr-20240814 [GIT,PULL] selinux/selinux-pr-20240814 - - - --- 2024-08-14 Paul Moore pcmoore Accepted
libsepol/cil: Allow dotted names in aliasactual rules libsepol/cil: Allow dotted names in aliasactual rules - - - --- 2024-08-12 James Carter bachradsusi Accepted
selinux: revert our use of vma_is_initial_heap() selinux: revert our use of vma_is_initial_heap() - - - --- 2024-08-08 Paul Moore pcmoore Accepted
[1/1] selinux: add the processing of the failure of avc_add_xperms_decision() [1/1] selinux: add the processing of the failure of avc_add_xperms_decision() 1 - - --- 2024-08-07 Leizhen (ThunderTown) pcmoore Accepted
[1/1] selinux: Fix potential counting error in avc_add_xperms_decision() [1/1] selinux: Fix potential counting error in avc_add_xperms_decision() 1 - - --- 2024-08-06 Leizhen (ThunderTown) pcmoore Accepted
[v1,2/2] policygen: respect CIL option when generating comments [v1,1/2] sepolgen: initialize gen_cil - - - --- 2024-08-01 dmitry.sharshakov@siderolabs.com bachradsusi Accepted
[v1,1/2] sepolgen: initialize gen_cil [v1,1/2] sepolgen: initialize gen_cil 1 - - --- 2024-08-01 dmitry.sharshakov@siderolabs.com bachradsusi Accepted
[v5] libsemanage: Preserve file context and ownership in policy store [v5] libsemanage: Preserve file context and ownership in policy store 1 - - --- 2024-07-29 Vit Mojzis Accepted
libselinux/restorecon: Include <selinux/label.h> libselinux/restorecon: Include <selinux/label.h> 1 - - --- 2024-07-26 Vit Mojzis Accepted
libsepol/cil: Check that sym_index is within bounds libsepol/cil: Check that sym_index is within bounds 1 - - --- 2024-07-23 Vit Mojzis bachradsusi Accepted
libsepol/sepol_compute_sid: Do not destroy uninitialized context libsepol/sepol_compute_sid: Do not destroy uninitialized context 1 1 - --- 2024-07-19 Vit Mojzis bachradsusi Accepted
[GIT,PULL] selinux/selinux-pr-20240715 [GIT,PULL] selinux/selinux-pr-20240715 - - - --- 2024-07-15 Paul Moore pcmoore Accepted
[-next,v2] selinux: refactor code to return ERR_PTR in selinux_netlbl_sock_genattr [-next,v2] selinux: refactor code to return ERR_PTR in selinux_netlbl_sock_genattr - - - --- 2024-07-12 Gaosheng Cui pcmoore Accepted
libselinux: set free'd data to NULL libselinux: set free'd data to NULL 1 - - --- 2024-07-09 Petr Lautrbach bachradsusi Accepted
checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix 1 - - --- 2024-07-08 James Carter bachradsusi Accepted
selinux: Streamline type determination in security_compute_sid selinux: Streamline type determination in security_compute_sid - - - --- 2024-07-03 Canfeng Guo pcmoore Accepted
libselinux: Fix integer comparison issues when compiling for 32-bit libselinux: Fix integer comparison issues when compiling for 32-bit 1 1 - --- 2024-07-01 James Carter bachradsusi Accepted
selinux: Use 1UL for EBITMAP_BIT to match maps type selinux: Use 1UL for EBITMAP_BIT to match maps type - - - --- 2024-06-29 Canfeng Guo pcmoore Accepted
[v2] libselinux: deprecate security_disable(3) [v2] libselinux: deprecate security_disable(3) 1 - - --- 2024-06-23 Christian Göttsche bachradsusi Accepted
libsepol: check scope permissions refer to valid class libsepol: check scope permissions refer to valid class 1 - - --- 2024-06-15 Christian Göttsche bachradsusi Accepted
libsepol: Do not reject all type rules in conditionals when validating libsepol: Do not reject all type rules in conditionals when validating 1 1 - --- 2024-06-14 James Carter bachradsusi Accepted
tree-wide: fix misc typos tree-wide: fix misc typos 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
checkpolicy: reject duplicate nodecon statements checkpolicy: reject duplicate nodecon statements 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[2/2] libsepol: rework permission enabled check [1/2] libsepol: move unchanged data out of loop 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[1/2] libsepol: move unchanged data out of loop [1/2] libsepol: move unchanged data out of loop 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
[2/2] libselinux: constify avc_open(3) parameter [1/2] libselinux: deprecate security_disable(3) 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
libsepol: hashtab: save one comparison on hit libsepol: hashtab: save one comparison on hit 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
libsepol: validate attribute-type maps libsepol: validate attribute-type maps 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
libsepol: contify function pointer arrays libsepol: contify function pointer arrays 1 - - --- 2024-06-08 Christian Göttsche bachradsusi Accepted
fixfiles: drop unnecessary \ line endings fixfiles: drop unnecessary \ line endings 1 - - --- 2024-06-06 Petr Lautrbach bachradsusi Accepted
[v3,2/2,testsuite] tests/nfs_filesystem: comment out failing mount [v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-31 Stephen Smalley omos Accepted
[v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now [v3,1/2,testsuite] tools/nfs.sh: comment out the fscontext= tests for now - - - --- 2024-05-31 Stephen Smalley omos Accepted
[4/4] sandbox: Add support for Wayland [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[3/4] seunshare: Add [ -P pipewiresocket ] [ -W waylandsocket ] options [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[2/4] sandbox: do not run window manager if it's not a session [1/4] sandbox: do not fail without xmodmap - - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[1/4] sandbox: do not fail without xmodmap [1/4] sandbox: do not fail without xmodmap 1 - - --- 2024-05-14 Petr Lautrbach bachradsusi Accepted
[GIT,PULL] selinux/selinux-pr-20240513 [GIT,PULL] selinux/selinux-pr-20240513 - - - --- 2024-05-13 Paul Moore pcmoore Accepted
[2/2] checkpolicy: support CIDR notation for nodecon statements [1/2] checkpolicy: perform contiguous check in host byte order - - - --- 2024-05-08 Christian Göttsche bachradsusi Accepted
[1/2] checkpolicy: perform contiguous check in host byte order [1/2] checkpolicy: perform contiguous check in host byte order 1 - - --- 2024-05-08 Christian Göttsche bachradsusi Accepted
[4/4] libsepol: include prefix for module policy versions [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[3/4] libsepol: validate type-attribute-map for old policies [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[2/4] libsepol: only exempt gaps checking for kernel policies [1/4] libsepol: reject self flag in type rules in old policies - - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
[1/4] libsepol: reject self flag in type rules in old policies [1/4] libsepol: reject self flag in type rules in old policies 1 - - --- 2024-05-06 Christian Göttsche bachradsusi Accepted
libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) 1 - - --- 2024-04-30 Vit Mojzis bachradsusi Accepted
[3/3] mcstrans: free constraint in error branch [1/3] libselinux: free empty scandir(3) result - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[2/3] libselinux: avoid pointer dereference before check [1/3] libselinux: free empty scandir(3) result - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[1/3] libselinux: free empty scandir(3) result [1/3] libselinux: free empty scandir(3) result 1 - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[5/5] libselinux: constify selinux_set_mapping(3) parameter [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[4/5] libselinux/man: add format attribute for set_matchpathcon_printf(3) [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[3/5] libselinux/man: use void in synopses [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[2/5] libselinux/man: sync const qualifiers [1/5] libselinux/man: correct file extension of man pages - - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[1/5] libselinux/man: correct file extension of man pages [1/5] libselinux/man: correct file extension of man pages 1 - - --- 2024-04-29 Christian Göttsche bachradsusi Accepted
[v2] libsepol: validate class permissions [v2] libsepol: validate class permissions 1 - - --- 2024-04-15 Christian Göttsche bachradsusi Accepted
github: bump Python and Ruby versions github: bump Python and Ruby versions 1 - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[4/4] checkpolicy: drop global policyvers variable [1/4] libsepol: improve policy lookup failure message - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[3/4] checkpolicy: declare file local variable static [1/4] libsepol: improve policy lookup failure message - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[2/4] checkpolicy/tests: add test for splitting xperm rule [1/4] libsepol: improve policy lookup failure message - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
[1/4] libsepol: improve policy lookup failure message [1/4] libsepol: improve policy lookup failure message 1 - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
libsepol: validate class permissions libsepol: validate class permissions - - - --- 2024-04-08 Christian Göttsche bachradsusi Accepted
« 1 2 3 490 91 »