Show patches with: Submitter = Ondrej Mosnacek       |   377 patches
« 1 2 3 4 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
selinux: fix race when removing selinuxfs entries selinux: fix race when removing selinuxfs entries - - - --- 2018-10-02 Ondrej Mosnacek Rejected
restorecond: Do not ignore the -f option restorecond: Do not ignore the -f option - - - --- 2018-10-03 Ondrej Mosnacek Not Applicable
[v2] selinux: fix byte order and alignment issues in policydb.c [v2] selinux: fix byte order and alignment issues in policydb.c - - - --- 2018-10-16 Ondrej Mosnacek Superseded
[v3] selinux: policydb - fix byte order and alignment issues [v3] selinux: policydb - fix byte order and alignment issues 1 - - --- 2018-10-17 Ondrej Mosnacek Superseded
libsepol: fix endianity in ibpkey range checks libsepol: fix endianity in ibpkey range checks 1 - - --- 2018-10-17 Ondrej Mosnacek Not Applicable
[v4] selinux: policydb - fix byte order and alignment issues [v4] selinux: policydb - fix byte order and alignment issues - - - --- 2018-10-18 Ondrej Mosnacek Superseded
[v2] libsepol: fix endianity in ibpkey range checks [v2] libsepol: fix endianity in ibpkey range checks 1 - - --- 2018-10-18 Ondrej Mosnacek Not Applicable
[v5] selinux: policydb - fix byte order and alignment issues [v5] selinux: policydb - fix byte order and alignment issues - - - --- 2018-10-22 Ondrej Mosnacek Superseded
libsepol: add missing ibendport port validity check libsepol: add missing ibendport port validity check - - - --- 2018-10-22 Ondrej Mosnacek Not Applicable
[v2] libsepol: add missing ibendport port validity check [v2] libsepol: add missing ibendport port validity check - - - --- 2018-10-23 Ondrej Mosnacek Not Applicable
[v6] selinux: policydb - fix byte order and alignment issues [v6] selinux: policydb - fix byte order and alignment issues 1 - - --- 2018-10-23 Ondrej Mosnacek Accepted
[1/2] selinux: use separate table for initial SID lookup Fix ENOMEM errors during policy reload - - - --- 2018-10-31 Ondrej Mosnacek Changes Requested
[2/2] selinux: fix ENOMEM errors during policy reload Fix ENOMEM errors during policy reload - - - --- 2018-10-31 Ondrej Mosnacek Changes Requested
selinux: simplify mls_context_to_sid() selinux: simplify mls_context_to_sid() - - - --- 2018-11-09 Ondrej Mosnacek Superseded
[v2] selinux: simplify mls_context_to_sid() [v2] selinux: simplify mls_context_to_sid() - - - --- 2018-11-09 Ondrej Mosnacek Superseded
[v3] selinux: simplify mls_context_to_sid() [v3] selinux: simplify mls_context_to_sid() - - - --- 2018-11-12 Ondrej Mosnacek Rejected
[RFC,1/3] selinux: refactor sidtab conversion Fix ENOMEM errors during policy reload 1 - - --- 2018-11-13 Ondrej Mosnacek Accepted
[RFC,2/3] selinux: use separate table for initial SID lookup Fix ENOMEM errors during policy reload - - - --- 2018-11-13 Ondrej Mosnacek Superseded
[RFC,3/3] selinux: overhaul sidtab to fix bug and improve performance Fix ENOMEM errors during policy reload - - - --- 2018-11-13 Ondrej Mosnacek Superseded
[RFC,1/3] cgroup: fix parsing empty mount option string Fix SELinux context mount with the cgroup filesystem - - - --- 2018-12-13 Ondrej Mosnacek Not Applicable
[RFC,2/3] selinux: never allow relabeling on context mounts Fix SELinux context mount with the cgroup filesystem - - - --- 2018-12-13 Ondrej Mosnacek Superseded
[RFC,3/3] selinux: do not override context on context mounts Fix SELinux context mount with the cgroup filesystem - - - --- 2018-12-13 Ondrej Mosnacek Superseded
[v2,1/2] selinux: never allow relabeling on context mounts Fix SELinux context mount with the cgroup filesystem - 1 - --- 2018-12-21 Ondrej Mosnacek Accepted
[v2,2/2] selinux: do not override context on context mounts Fix SELinux context mount with the cgroup filesystem - 1 - --- 2018-12-21 Ondrej Mosnacek Accepted
[1/3] LSM: Add new hook for generic node initialization Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-01-09 Ondrej Mosnacek Superseded
[2/3] selinux: Implement the object_init_security hook Allow initializing the kernfs node's secctx based on its parent - 1 - --- 2019-01-09 Ondrej Mosnacek Superseded
[3/3] kernfs: Initialize security of newly created nodes Allow initializing the kernfs node's secctx based on its parent - 1 - --- 2019-01-09 Ondrej Mosnacek Superseded
[v2,1/3] LSM: Add new hook for generic node initialization Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-01-09 Ondrej Mosnacek Changes Requested
[v2,2/3] selinux: Implement the object_init_security hook Allow initializing the kernfs node's secctx based on its parent - 1 - --- 2019-01-09 Ondrej Mosnacek Changes Requested
[v2,3/3] kernfs: Initialize security of newly created nodes Allow initializing the kernfs node's secctx based on its parent - 1 - --- 2019-01-09 Ondrej Mosnacek Changes Requested
[RFC] selinux: log invalid contexts in AVCs [RFC] selinux: log invalid contexts in AVCs - - - --- 2019-01-18 Ondrej Mosnacek Superseded
[v2] selinux: log invalid contexts in AVCs [v2] selinux: log invalid contexts in AVCs - - - --- 2019-01-21 Ondrej Mosnacek Superseded
[v3,1/4] selinux: inline some AVC functions used only once Report raw context in AVCs + refactoring - 1 - --- 2019-01-25 Ondrej Mosnacek Accepted
[v3,2/4] selinux: replace some BUG_ON()s with a WARN_ON() Report raw context in AVCs + refactoring - 1 - --- 2019-01-25 Ondrej Mosnacek Accepted
[v3,3/4] selinux: remove some useless BUG_ONs Report raw context in AVCs + refactoring - - - --- 2019-01-25 Ondrej Mosnacek Changes Requested
[v3,4/4] selinux: log invalid contexts in AVCs Report raw context in AVCs + refactoring - 1 - --- 2019-01-25 Ondrej Mosnacek Accepted
selinux: replace BUG_ONs with WARN_ONs in avc.c selinux: replace BUG_ONs with WARN_ONs in avc.c - - - --- 2019-01-26 Ondrej Mosnacek Superseded
[v2] selinux: replace BUG_ONs with WARN_ONs in avc.c [v2] selinux: replace BUG_ONs with WARN_ONs in avc.c - 1 - --- 2019-01-28 Ondrej Mosnacek Accepted
[v3,1/5] selinux: try security xattr after genfs for kernfs filesystems Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-01-30 Ondrej Mosnacek Superseded
[v3,2/5] kernfs: use simple_xattrs for security attributes Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-01-30 Ondrej Mosnacek Superseded
[v3,3/5] LSM: add new hook for kernfs node initialization Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-01-30 Ondrej Mosnacek Superseded
[v3,4/5] selinux: implement the kernfs_init_security hook Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-01-30 Ondrej Mosnacek Superseded
[v3,5/5] kernfs: initialize security of newly created nodes Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-01-30 Ondrej Mosnacek Superseded
[v4,1/5] selinux: try security xattr after genfs for kernfs filesystems Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-05 Ondrej Mosnacek Superseded
[v4,2/5] kernfs: use simple_xattrs for security attributes Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-05 Ondrej Mosnacek Superseded
[v4,3/5] LSM: add new hook for kernfs node initialization Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-05 Ondrej Mosnacek Superseded
[v4,4/5] selinux: implement the kernfs_init_security hook Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-05 Ondrej Mosnacek Superseded
[v4,5/5] kernfs: initialize security of newly created nodes Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-05 Ondrej Mosnacek Superseded
[v5,1/5] selinux: try security xattr after genfs for kernfs filesystems Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-05 Ondrej Mosnacek Superseded
[v5,2/5] kernfs: use simple_xattrs for security attributes Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-05 Ondrej Mosnacek Superseded
[v5,3/5] LSM: add new hook for kernfs node initialization Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-05 Ondrej Mosnacek Superseded
[v5,4/5] selinux: implement the kernfs_init_security hook Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-05 Ondrej Mosnacek Superseded
[v5,5/5] kernfs: initialize security of newly created nodes Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-05 Ondrej Mosnacek Superseded
[v6,1/5] selinux: try security xattr after genfs for kernfs filesystems Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-14 Ondrej Mosnacek Superseded
[v6,2/5] kernfs: use simple_xattrs for security attributes Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-14 Ondrej Mosnacek Superseded
[v6,3/5] LSM: add new hook for kernfs node initialization Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-14 Ondrej Mosnacek Superseded
[v6,4/5] selinux: implement the kernfs_init_security hook Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-14 Ondrej Mosnacek Superseded
[v6,5/5] kernfs: initialize security of newly created nodes Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-14 Ondrej Mosnacek Superseded
[v7,1/7] kernfs: clean up struct kernfs_iattrs Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-22 Ondrej Mosnacek Accepted
[v7,2/7] kernfs: do not alloc iattrs in kernfs_xattr_get Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-22 Ondrej Mosnacek Accepted
[v7,3/7] selinux: try security xattr after genfs for kernfs filesystems Allow initializing the kernfs node's secctx based on its parent 1 - - --- 2019-02-22 Ondrej Mosnacek Accepted
[v7,4/7] kernfs: use simple_xattrs for security attributes Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-22 Ondrej Mosnacek Accepted
[v7,5/7] LSM: add new hook for kernfs node initialization Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-22 Ondrej Mosnacek Accepted
[v7,6/7] selinux: implement the kernfs_init_security hook Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-22 Ondrej Mosnacek Accepted
[v7,7/7] kernfs: initialize security of newly created nodes Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-02-22 Ondrej Mosnacek Accepted
selinux: fix NULL dereference in policydb_destroy() selinux: fix NULL dereference in policydb_destroy() 1 - - --- 2019-03-17 Ondrej Mosnacek Accepted
LSM: lsm_hooks.h - fix missing colon in docstring LSM: lsm_hooks.h - fix missing colon in docstring - - - --- 2019-03-25 Ondrej Mosnacek Accepted
selinux: remove useless assignments selinux: remove useless assignments - - - --- 2019-03-25 Ondrej Mosnacek Accepted
kernfs: fix xattr name handling in LSM helpers kernfs: fix xattr name handling in LSM helpers - - - --- 2019-03-26 Ondrej Mosnacek Superseded
[v2] kernfs: fix xattr name handling in LSM helpers [v2] kernfs: fix xattr name handling in LSM helpers - - - --- 2019-03-26 Ondrej Mosnacek Superseded
[v3] kernfs: fix xattr name handling in LSM helpers [v3] kernfs: fix xattr name handling in LSM helpers - - - --- 2019-04-01 Ondrej Mosnacek Superseded
[v4] kernfs: fix xattr name handling in LSM helpers [v4] kernfs: fix xattr name handling in LSM helpers - - - --- 2019-04-03 Ondrej Mosnacek Accepted
selinux: remove some no-op BUG_ONs selinux: remove some no-op BUG_ONs - - - --- 2019-05-04 Ondrej Mosnacek Accepted
selinux: support attributes in type transitions selinux: support attributes in type transitions - - - --- 2019-05-06 Ondrej Mosnacek Changes Requested
[userspace] libsepol: add ebitmap_for_each_set_bit macro [userspace] libsepol: add ebitmap_for_each_set_bit macro - - - --- 2019-05-13 Ondrej Mosnacek Superseded
[userspace] run_init: fix build when crypt() is not in unistd.h [userspace] run_init: fix build when crypt() is not in unistd.h - - - --- 2019-05-13 Ondrej Mosnacek Accepted
[userspace,v2] libsepol: add ebitmap_for_each_set_bit macro [userspace,v2] libsepol: add ebitmap_for_each_set_bit macro 1 - - --- 2019-05-14 Ondrej Mosnacek Accepted
[userspace,1/4] libsepol: add a function to optimize kernel policy Remove redundant rules when building policydb - - - --- 2019-05-23 Ondrej Mosnacek Superseded
[userspace,2/4] secilc: optimize policy before writing Remove redundant rules when building policydb - - - --- 2019-05-23 Ondrej Mosnacek Superseded
[userspace,3/4] libsemanage: optimize policy on rebuild Remove redundant rules when building policydb - - - --- 2019-05-23 Ondrej Mosnacek Superseded
[userspace,4/4] semodule: add flag to disable policy optimization Remove redundant rules when building policydb - - - --- 2019-05-23 Ondrej Mosnacek Superseded
[userspace,v2,1/7] libsepol: add a function to optimize kernel policy Remove redundant rules when building policydb - - - --- 2019-05-28 Ondrej Mosnacek Superseded
[userspace,v2,2/7] libsemanage: optionally optimize policy on rebuild Remove redundant rules when building policydb - - - --- 2019-05-28 Ondrej Mosnacek Superseded
[userspace,v2,3/7] semodule: add flag to enable policy optimization Remove redundant rules when building policydb - - - --- 2019-05-28 Ondrej Mosnacek Superseded
[userspace,v2,4/7] secilc: add flag to enable policy optimization Remove redundant rules when building policydb - - - --- 2019-05-28 Ondrej Mosnacek Superseded
[userspace,v2,5/7] checkpolicy: add flag to enable policy optimization Remove redundant rules when building policydb - - - --- 2019-05-28 Ondrej Mosnacek Superseded
[userspace,v2,6/7,RFC] lisepol: slightly more thorough optimization Remove redundant rules when building policydb - - - --- 2019-05-28 Ondrej Mosnacek Superseded
[userspace,v2,7/7,RFC] libsemanage: switch to config file entry Remove redundant rules when building policydb - - - --- 2019-05-28 Ondrej Mosnacek Superseded
[userspace,v3,1/7] libsepol: add a function to optimize kernel policy Remove redundant rules when building policydb - - - --- 2019-05-29 Ondrej Mosnacek Changes Requested
[userspace,v3,2/7] libsemanage: optionally optimize policy on rebuild Remove redundant rules when building policydb - - - --- 2019-05-29 Ondrej Mosnacek Changes Requested
[userspace,v3,3/7] semodule: add flag to enable policy optimization Remove redundant rules when building policydb - - - --- 2019-05-29 Ondrej Mosnacek Changes Requested
[userspace,v3,4/7] secilc: add flag to enable policy optimization Remove redundant rules when building policydb - - - --- 2019-05-29 Ondrej Mosnacek Changes Requested
[userspace,v3,5/7] checkpolicy: add flag to enable policy optimization Remove redundant rules when building policydb - - - --- 2019-05-29 Ondrej Mosnacek Changes Requested
[userspace,v3,6/7,RFC] lisepol: slightly more thorough optimization Remove redundant rules when building policydb - - - --- 2019-05-29 Ondrej Mosnacek Changes Requested
[userspace,v3,7/7,RFC] libsemanage: switch to config file entry Remove redundant rules when building policydb - - - --- 2019-05-29 Ondrej Mosnacek Changes Requested
selinux: log raw contexts as untrusted strings selinux: log raw contexts as untrusted strings 1 - - --- 2019-06-11 Ondrej Mosnacek Accepted
selinux: fix empty write to keycreate file selinux: fix empty write to keycreate file - - - --- 2019-06-12 Ondrej Mosnacek Accepted
[userspace,v4,1/4] libsepol: add a function to optimize kernel policy Remove redundant rules when building policydb - - - --- 2019-06-13 Ondrej Mosnacek Accepted
[userspace,v4,2/4] libsemanage: optionally optimize policy on rebuild Remove redundant rules when building policydb - - - --- 2019-06-13 Ondrej Mosnacek Accepted
[userspace,v4,3/4] secilc: add flag to enable policy optimization Remove redundant rules when building policydb - - - --- 2019-06-13 Ondrej Mosnacek Accepted
« 1 2 3 4 »