SELinux Development list

Show patches with: Submitter = Ondrej Mosnacek | 527 patches

« 1 2 3 4 … 5 6 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
[RFC,RESEND] userfaultfd: open userfaultfds with O_RDONLY	[RFC,RESEND] userfaultfd: open userfaultfds with O_RDONLY	2 - -	---	2022-07-08	Ondrej Mosnacek	pcmoore	Handled Elsewhere
[1/2] fs: convert simple_xattrs to RCU list	fs: fix capable() call in simple_xattr_list()	- - -	---	2022-09-01	Ondrej Mosnacek	pcmoore	Handled Elsewhere
[2/2] fs: don't call capable() prematurely in simple_xattr_list()	fs: fix capable() call in simple_xattr_list()	- - -	---	2022-09-01	Ondrej Mosnacek	pcmoore	Handled Elsewhere
[v2] fs: don't audit the capability check in simple_xattr_list()	[v2] fs: don't audit the capability check in simple_xattr_list()	- 2 -	---	2022-11-03	Ondrej Mosnacek	pcmoore	Handled Elsewhere
kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()	kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()	- - -	---	2023-02-15	Ondrej Mosnacek	pcmoore	Handled Elsewhere
[v2] kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()	[v2] kernel/sys.c: fix and improve control flow in __sys_setres[ug]id()	- - -	---	2023-02-17	Ondrej Mosnacek	pcmoore	Handled Elsewhere
io_uring: don't audit the capability check in io_uring_create()	io_uring: don't audit the capability check in io_uring_create()	- 1 -	---	2023-07-18	Ondrej Mosnacek	pcmoore	Handled Elsewhere
security: fix the logic in security_inode_getsecctx()	security: fix the logic in security_inode_getsecctx()	- 1 -	---	2024-01-26	Ondrej Mosnacek	pcmoore	Handled Elsewhere
lsm: fix default return value of the socket_getpeersec_* hooks	lsm: fix default return value of the socket_getpeersec_* hooks	- - -	---	2024-01-26	Ondrej Mosnacek	pcmoore	Handled Elsewhere
security: fix no-op hook logic in security_inode_{set,remove}xattr()	security: fix no-op hook logic in security_inode_{set,remove}xattr()	- - -	---	2024-01-29	Ondrej Mosnacek	pcmoore	Handled Elsewhere
[v2] selinux: fix byte order and alignment issues in policydb.c	[v2] selinux: fix byte order and alignment issues in policydb.c	- - -	---	2018-10-16	Ondrej Mosnacek		Superseded
[v3] selinux: policydb - fix byte order and alignment issues	[v3] selinux: policydb - fix byte order and alignment issues	1 - -	---	2018-10-17	Ondrej Mosnacek		Superseded
[v4] selinux: policydb - fix byte order and alignment issues	[v4] selinux: policydb - fix byte order and alignment issues	- - -	---	2018-10-18	Ondrej Mosnacek		Superseded
[v5] selinux: policydb - fix byte order and alignment issues	[v5] selinux: policydb - fix byte order and alignment issues	- - -	---	2018-10-22	Ondrej Mosnacek		Superseded
selinux: simplify mls_context_to_sid()	selinux: simplify mls_context_to_sid()	- - -	---	2018-11-09	Ondrej Mosnacek		Superseded
[v2] selinux: simplify mls_context_to_sid()	[v2] selinux: simplify mls_context_to_sid()	- - -	---	2018-11-09	Ondrej Mosnacek		Superseded
[RFC,2/3] selinux: use separate table for initial SID lookup	Fix ENOMEM errors during policy reload	- - -	---	2018-11-13	Ondrej Mosnacek		Superseded
[RFC,3/3] selinux: overhaul sidtab to fix bug and improve performance	Fix ENOMEM errors during policy reload	- - -	---	2018-11-13	Ondrej Mosnacek		Superseded
[RFC,2/3] selinux: never allow relabeling on context mounts	Fix SELinux context mount with the cgroup filesystem	- - -	---	2018-12-13	Ondrej Mosnacek		Superseded
[RFC,3/3] selinux: do not override context on context mounts	Fix SELinux context mount with the cgroup filesystem	- - -	---	2018-12-13	Ondrej Mosnacek		Superseded
[1/3] LSM: Add new hook for generic node initialization	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-01-09	Ondrej Mosnacek		Superseded
[2/3] selinux: Implement the object_init_security hook	Allow initializing the kernfs node's secctx based on its parent	- 1 -	---	2019-01-09	Ondrej Mosnacek		Superseded
[3/3] kernfs: Initialize security of newly created nodes	Allow initializing the kernfs node's secctx based on its parent	- 1 -	---	2019-01-09	Ondrej Mosnacek		Superseded
[RFC] selinux: log invalid contexts in AVCs	[RFC] selinux: log invalid contexts in AVCs	- - -	---	2019-01-18	Ondrej Mosnacek		Superseded
[v2] selinux: log invalid contexts in AVCs	[v2] selinux: log invalid contexts in AVCs	- - -	---	2019-01-21	Ondrej Mosnacek		Superseded
selinux: replace BUG_ONs with WARN_ONs in avc.c	selinux: replace BUG_ONs with WARN_ONs in avc.c	- - -	---	2019-01-26	Ondrej Mosnacek		Superseded
[v3,1/5] selinux: try security xattr after genfs for kernfs filesystems	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-01-30	Ondrej Mosnacek		Superseded
[v3,2/5] kernfs: use simple_xattrs for security attributes	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-01-30	Ondrej Mosnacek		Superseded
[v3,3/5] LSM: add new hook for kernfs node initialization	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-01-30	Ondrej Mosnacek		Superseded
[v3,4/5] selinux: implement the kernfs_init_security hook	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-01-30	Ondrej Mosnacek		Superseded
[v3,5/5] kernfs: initialize security of newly created nodes	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-01-30	Ondrej Mosnacek		Superseded
[v4,1/5] selinux: try security xattr after genfs for kernfs filesystems	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-05	Ondrej Mosnacek		Superseded
[v4,2/5] kernfs: use simple_xattrs for security attributes	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-05	Ondrej Mosnacek		Superseded
[v4,3/5] LSM: add new hook for kernfs node initialization	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-05	Ondrej Mosnacek		Superseded
[v4,4/5] selinux: implement the kernfs_init_security hook	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-05	Ondrej Mosnacek		Superseded
[v4,5/5] kernfs: initialize security of newly created nodes	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-05	Ondrej Mosnacek		Superseded
[v5,1/5] selinux: try security xattr after genfs for kernfs filesystems	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-05	Ondrej Mosnacek		Superseded
[v5,2/5] kernfs: use simple_xattrs for security attributes	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-05	Ondrej Mosnacek		Superseded
[v5,3/5] LSM: add new hook for kernfs node initialization	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-05	Ondrej Mosnacek		Superseded
[v5,4/5] selinux: implement the kernfs_init_security hook	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-05	Ondrej Mosnacek		Superseded
[v5,5/5] kernfs: initialize security of newly created nodes	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-05	Ondrej Mosnacek		Superseded
[v6,1/5] selinux: try security xattr after genfs for kernfs filesystems	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-14	Ondrej Mosnacek		Superseded
[v6,2/5] kernfs: use simple_xattrs for security attributes	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-14	Ondrej Mosnacek		Superseded
[v6,3/5] LSM: add new hook for kernfs node initialization	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-14	Ondrej Mosnacek		Superseded
[v6,4/5] selinux: implement the kernfs_init_security hook	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-14	Ondrej Mosnacek		Superseded
[v6,5/5] kernfs: initialize security of newly created nodes	Allow initializing the kernfs node's secctx based on its parent	- - -	---	2019-02-14	Ondrej Mosnacek		Superseded
kernfs: fix xattr name handling in LSM helpers	kernfs: fix xattr name handling in LSM helpers	- - -	---	2019-03-26	Ondrej Mosnacek		Superseded
[v2] kernfs: fix xattr name handling in LSM helpers	[v2] kernfs: fix xattr name handling in LSM helpers	- - -	---	2019-03-26	Ondrej Mosnacek		Superseded
[v3] kernfs: fix xattr name handling in LSM helpers	[v3] kernfs: fix xattr name handling in LSM helpers	- - -	---	2019-04-01	Ondrej Mosnacek		Superseded
[userspace] libsepol: add ebitmap_for_each_set_bit macro	[userspace] libsepol: add ebitmap_for_each_set_bit macro	- - -	---	2019-05-13	Ondrej Mosnacek		Superseded
[userspace,1/4] libsepol: add a function to optimize kernel policy	Remove redundant rules when building policydb	- - -	---	2019-05-23	Ondrej Mosnacek		Superseded
[userspace,2/4] secilc: optimize policy before writing	Remove redundant rules when building policydb	- - -	---	2019-05-23	Ondrej Mosnacek		Superseded
[userspace,3/4] libsemanage: optimize policy on rebuild	Remove redundant rules when building policydb	- - -	---	2019-05-23	Ondrej Mosnacek		Superseded
[userspace,4/4] semodule: add flag to disable policy optimization	Remove redundant rules when building policydb	- - -	---	2019-05-23	Ondrej Mosnacek		Superseded
[userspace,v2,1/7] libsepol: add a function to optimize kernel policy	Remove redundant rules when building policydb	- - -	---	2019-05-28	Ondrej Mosnacek		Superseded
[userspace,v2,2/7] libsemanage: optionally optimize policy on rebuild	Remove redundant rules when building policydb	- - -	---	2019-05-28	Ondrej Mosnacek		Superseded
[userspace,v2,3/7] semodule: add flag to enable policy optimization	Remove redundant rules when building policydb	- - -	---	2019-05-28	Ondrej Mosnacek		Superseded
[userspace,v2,4/7] secilc: add flag to enable policy optimization	Remove redundant rules when building policydb	- - -	---	2019-05-28	Ondrej Mosnacek		Superseded
[userspace,v2,5/7] checkpolicy: add flag to enable policy optimization	Remove redundant rules when building policydb	- - -	---	2019-05-28	Ondrej Mosnacek		Superseded
[userspace,v2,6/7,RFC] lisepol: slightly more thorough optimization	Remove redundant rules when building policydb	- - -	---	2019-05-28	Ondrej Mosnacek		Superseded
[userspace,v2,7/7,RFC] libsemanage: switch to config file entry	Remove redundant rules when building policydb	- - -	---	2019-05-28	Ondrej Mosnacek		Superseded
selinux: check sidtab limit before adding a new entry	selinux: check sidtab limit before adding a new entry	- - -	---	2019-07-22	Ondrej Mosnacek		Superseded
selinux: avoid atomic_t usage in sidtab	selinux: avoid atomic_t usage in sidtab	- - -	---	2019-07-25	Ondrej Mosnacek		Superseded
[userspace] sepolicy: generate man pages in parallel	[userspace] sepolicy: generate man pages in parallel	1 - -	---	2019-10-14	Ondrej Mosnacek		Superseded
[v2] selinux: cache the SID -> context string translation	[v2] selinux: cache the SID -> context string translation	- 1 1	---	2019-11-06	Ondrej Mosnacek		Superseded
[v3] selinux: cache the SID -> context string translation	[v3] selinux: cache the SID -> context string translation	- 1 1	---	2019-11-08	Ondrej Mosnacek		Superseded
[testsuite] policy: check for module_request support for key_socket	[testsuite] policy: check for module_request support for key_socket	- - -	---	2019-11-25	Ondrej Mosnacek		Superseded
[testsuite,v4] policy: use the kernel_request_load_module() interface	[testsuite,v4] policy: use the kernel_request_load_module() interface	1 - -	---	2019-11-26	Ondrej Mosnacek		Superseded
[testsuite,v5] policy: use the kernel_request_load_module() interface	[testsuite,v5] policy: use the kernel_request_load_module() interface	- - -	---	2019-11-27	Ondrej Mosnacek		Superseded
selinux: reorder hooks to make runtime disable less broken	selinux: reorder hooks to make runtime disable less broken	- - -	---	2019-12-09	Ondrej Mosnacek		Superseded
[2/6] selinux: simplify security_preserve_bools()	selinux: Assorted simplifications and cleanups	- 1 -	---	2020-01-16	Ondrej Mosnacek		Superseded
[3/6] selinux: convert cond_list to array	selinux: Assorted simplifications and cleanups	- 1 -	---	2020-01-16	Ondrej Mosnacek		Superseded
[4/6] selinux: convert cond_av_list to array	selinux: Assorted simplifications and cleanups	- 1 -	---	2020-01-16	Ondrej Mosnacek		Superseded
[5/6] selinux: convert cond_expr to array	selinux: Assorted simplifications and cleanups	- 1 -	---	2020-01-16	Ondrej Mosnacek		Superseded
[6/6] selinux: generalize evaluate_cond_node()	selinux: Assorted simplifications and cleanups	- 1 -	---	2020-01-16	Ondrej Mosnacek		Superseded
selinux: fix sparse warnings in policydb.c	selinux: fix sparse warnings in policydb.c	- 1 -	---	2020-01-16	Ondrej Mosnacek		Superseded
[v2,2/5] selinux: convert cond_list to array	selinux: Assorted simplifications and cleanups	- 1 -	---	2020-01-17	Ondrej Mosnacek		Superseded
[v2,3/5] selinux: convert cond_av_list to array	selinux: Assorted simplifications and cleanups	- 1 -	---	2020-01-17	Ondrej Mosnacek		Superseded
[v2,4/5] selinux: convert cond_expr to array	selinux: Assorted simplifications and cleanups	- 1 -	---	2020-01-17	Ondrej Mosnacek		Superseded
[v2,5/5] selinux: generalize evaluate_cond_node()	selinux: Assorted simplifications and cleanups	- 1 -	---	2020-01-17	Ondrej Mosnacek		Superseded
[userspace,1/4] libsepol: fix CIL_KEY_* build errors with -fno-common	Fix build with -fno-common	- - -	---	2020-01-22	Ondrej Mosnacek		Superseded
[userspace,2/4] libsepol: remove unused cil_mem_error_handler	Fix build with -fno-common	- - -	---	2020-01-22	Ondrej Mosnacek		Superseded
[userspace,3/4] checkpolicy: remove unused te_assertions	Fix build with -fno-common	- - -	---	2020-01-22	Ondrej Mosnacek		Superseded
[userspace,4/4] Makefile: always build with -fno-common	Fix build with -fno-common	- - -	---	2020-01-22	Ondrej Mosnacek		Superseded
[1/2] selinux: factor out loop body from filename_trans_read()	Optimize storage of filename transitions	- - -	---	2020-02-11	Ondrej Mosnacek		Superseded
[2/2] selinux: optimize storage of filename transitions	Optimize storage of filename transitions	- - -	---	2020-02-11	Ondrej Mosnacek		Superseded
[userspace] libsepol: cache ebitmap cardinality value	[userspace] libsepol: cache ebitmap cardinality value	- - -	---	2020-02-12	Ondrej Mosnacek		Superseded
selinux: reduce the use of hard-coded hash sizes	selinux: reduce the use of hard-coded hash sizes	- - -	---	2020-02-17	Ondrej Mosnacek		Superseded
[v2] selinux: reduce the use of hard-coded hash sizes	[v2] selinux: reduce the use of hard-coded hash sizes	1 - -	---	2020-02-19	Ondrej Mosnacek		Superseded
[1/2] libsepol,newrole: remove unused hashtab functions	libsepol: Grow hashtab dynamically	1 - -	---	2020-02-19	Ondrej Mosnacek		Superseded
[2/2] libsepol: grow hashtab dynamically	libsepol: Grow hashtab dynamically	1 - -	---	2020-02-19	Ondrej Mosnacek		Superseded
[testsuite] tests/sctp: fix setting of the SCTP_EVENTS sockopt	[testsuite] tests/sctp: fix setting of the SCTP_EVENTS sockopt	- - -	---	2020-02-24	Ondrej Mosnacek		Superseded
[testsuite] tests: add test for default_range glblub support	[testsuite] tests: add test for default_range glblub support	1 - -	---	2020-03-03	Ondrej Mosnacek		Superseded
[RFC] libsepol/cil: raise default attrs_expand_size to 2	[RFC] libsepol/cil: raise default attrs_expand_size to 2	- - -	---	2020-03-04	Ondrej Mosnacek		Superseded
[v2,1/2] libsepol,checkpolicy: optimize storage of filename transitions	userspace: Implement new format of filename trans rules	1 - -	---	2020-03-28	Ondrej Mosnacek		Superseded
[v2,2/2] libsepol: implement POLICYDB_VERSION_COMP_FTRANS	userspace: Implement new format of filename trans rules	1 - -	---	2020-03-28	Ondrej Mosnacek		Superseded
selinux: store role transitions in a hash table	selinux: store role transitions in a hash table	- - -	---	2020-04-06	Ondrej Mosnacek		Superseded
[v3,1/2] libsepol,checkpolicy: optimize storage of filename transitions	userspace: Implement new format of filename trans rules	- - -	---	2020-05-02	Ondrej Mosnacek		Superseded
[v3,2/2] libsepol: implement POLICYDB_VERSION_COMP_FTRANS	userspace: Implement new format of filename trans rules	- - -	---	2020-05-02	Ondrej Mosnacek		Superseded
[v2,1/3] selinux: specialize symtab insert and search functions	Inline some hashtab functions to improve performance	- - -	---	2020-05-04	Ondrej Mosnacek		Superseded

« 1 2 3 4 … 5 6 »