Show patches with: Submitter = Ondrej Mosnacek       |    Archived = No       |   523 patches
« 1 2 3 45 6 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[1/2] audit: introduce a struct to represent an audit timestamp Provide matching audit timestamp in the SELinux AVC trace event - - - --- 2022-12-19 Ondrej Mosnacek Superseded
[1/2] fs: convert simple_xattrs to RCU list fs: fix capable() call in simple_xattr_list() - - - --- 2022-09-01 Ondrej Mosnacek pcmoore Handled Elsewhere
[1/2] libsemanage: preserve parent Makefile's flags in debug mode userspace: Fix DEBUG=1 build - - - --- 2020-02-06 Ondrej Mosnacek Accepted
[1/2] libsepol,checkpolicy: optimize storage of filename transitions userspace: Implement new format of filename trans rules - - - --- 2020-03-27 Ondrej Mosnacek Changes Requested
[1/2] libsepol,newrole: remove unused hashtab functions libsepol: Grow hashtab dynamically 1 - - --- 2020-02-19 Ondrej Mosnacek Superseded
[1/2] selinux: factor out loop body from filename_trans_read() Optimize storage of filename transitions - - - --- 2020-02-11 Ondrej Mosnacek Superseded
[1/2] selinux: fix a race condition in security_read_policy() Fix race conditions when reading out policy data - - - --- 2020-08-24 Ondrej Mosnacek pcmoore Rejected
[1/2] selinux: hash context structure directly Hash context structures directly - - - --- 2020-04-09 Ondrej Mosnacek Changes Requested
[1/2] selinux: switch unnecessary GFP_ATOMIC allocs to GFP_KERNEL selinux: Clean up GFP flag usage - - - --- 2020-08-24 Ondrej Mosnacek Superseded
[1/2] selinux: treat atomic flags more carefully LSM: Drop security_delete_hooks() 1 2 - --- 2020-01-07 Ondrej Mosnacek Accepted
[1/2] selinux: use separate table for initial SID lookup Fix ENOMEM errors during policy reload - - - --- 2018-10-31 Ondrej Mosnacek Changes Requested
[1/2] tests/sctp: fix a race condition in the new ASCONF test Fix ASCONF test and ensure it can be always run 1 - - --- 2020-10-21 Ondrej Mosnacek omos Accepted
[1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag vfs/security/NFS/btrfs: clean up and fix LSM option handling - - - --- 2021-04-09 Ondrej Mosnacek pcmoore Superseded
[1/3] libsepol: skip unnecessary check in build_type_map() libsepol: Speed up policy optimization 1 - - --- 2020-02-27 Ondrej Mosnacek Accepted
[1/3] LSM: Add new hook for generic node initialization Allow initializing the kernfs node's secctx based on its parent - - - --- 2019-01-09 Ondrej Mosnacek Superseded
[1/3] selinux: fix cond_list corruption when changing booleans selinux: fix changing booleans - - - --- 2021-03-30 Ondrej Mosnacek pcmoore Changes Requested
[1/4] selinux: simplify range_write() Inline some hashtab functions to improve performance - - - --- 2020-04-28 Ondrej Mosnacek Accepted
[1/5] selinux: remove unused global variables Clean up SELinux global variables - - - --- 2021-01-06 Ondrej Mosnacek pcmoore Accepted
[1/6] selinux: do not allocate ancillary buffer on first load selinux: Assorted simplifications and cleanups - 1 - --- 2020-01-16 Ondrej Mosnacek Accepted
[2/2] fs: don't call capable() prematurely in simple_xattr_list() fs: fix capable() call in simple_xattr_list() - - - --- 2022-09-01 Ondrej Mosnacek pcmoore Handled Elsewhere
[2/2] libsepol: grow hashtab dynamically libsepol: Grow hashtab dynamically 1 - - --- 2020-02-19 Ondrej Mosnacek Superseded
[2/2] libsepol: implement POLICYDB_VERSION_COMP_FTRANS userspace: Implement new format of filename trans rules - - - --- 2020-03-27 Ondrej Mosnacek Changes Requested
[2/2] security,selinux: get rid of security_delete_hooks() LSM: Drop security_delete_hooks() 1 1 - --- 2020-01-07 Ondrej Mosnacek Changes Requested
[2/2] selinux: drop the gfp_t argument from str_read() selinux: Clean up GFP flag usage - - - --- 2020-08-24 Ondrej Mosnacek Superseded
[2/2] selinux: fix a race condition in sel_open_policy() Fix race conditions when reading out policy data - - - --- 2020-08-24 Ondrej Mosnacek pcmoore Changes Requested
[2/2] selinux: fix ENOMEM errors during policy reload Fix ENOMEM errors during policy reload - - - --- 2018-10-31 Ondrej Mosnacek Changes Requested
[2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount vfs/security/NFS/btrfs: clean up and fix LSM option handling - - - --- 2021-04-09 Ondrej Mosnacek pcmoore Superseded
[2/2] selinux: move context hashing under sidtab Hash context structures directly - - - --- 2020-04-09 Ondrej Mosnacek Changes Requested
[2/2] selinux: optimize storage of filename transitions Optimize storage of filename transitions - - - --- 2020-02-11 Ondrej Mosnacek Superseded
[2/2] tests/sctp: set up a GRE tunnel to activate ASCONF tests Fix ASCONF test and ensure it can be always run 1 - - --- 2020-10-21 Ondrej Mosnacek omos Accepted
[2/2] Travis-CI: test that DEBUG build works userspace: Fix DEBUG=1 build 1 - - --- 2020-02-06 Ondrej Mosnacek Accepted
[2/3] libsepol: optimize inner loop in build_type_map() libsepol: Speed up policy optimization 1 - - --- 2020-02-27 Ondrej Mosnacek Accepted
[2/3] selinux: Implement the object_init_security hook Allow initializing the kernfs node's secctx based on its parent - 1 - --- 2019-01-09 Ondrej Mosnacek Superseded
[2/3] selinux: simplify duplicate_policydb_cond_list() by using kmemdup() selinux: fix changing booleans - - - --- 2021-03-30 Ondrej Mosnacek pcmoore Accepted
[2/4] selinux: do not allocate hashtabs dynamically Inline some hashtab functions to improve performance - - - --- 2020-04-28 Ondrej Mosnacek Accepted
[2/5] selinux: drop the unnecessary aurule_callback variable Clean up SELinux global variables - - - --- 2021-01-06 Ondrej Mosnacek pcmoore Accepted
[2/6] selinux: simplify security_preserve_bools() selinux: Assorted simplifications and cleanups - 1 - --- 2020-01-16 Ondrej Mosnacek Superseded
[3/3] kernfs: Initialize security of newly created nodes Allow initializing the kernfs node's secctx based on its parent - 1 - --- 2019-01-09 Ondrej Mosnacek Superseded
[3/3] libsepol: speed up policy optimization libsepol: Speed up policy optimization 1 - - --- 2020-02-27 Ondrej Mosnacek Accepted
[3/3] selinux: constify some avtab function arguments selinux: fix changing booleans - - - --- 2021-03-30 Ondrej Mosnacek pcmoore Accepted
[3/4] selinux: prepare for inlining of hashtab functions Inline some hashtab functions to improve performance - - - --- 2020-04-28 Ondrej Mosnacek Changes Requested
[3/5] selinux: make selinuxfs_mount static Clean up SELinux global variables - - - --- 2021-01-06 Ondrej Mosnacek pcmoore Accepted
[3/6] selinux: convert cond_list to array selinux: Assorted simplifications and cleanups - 1 - --- 2020-01-16 Ondrej Mosnacek Superseded
[4/4] selinux: complete the inlining of hashtab functions Inline some hashtab functions to improve performance - - - --- 2020-04-28 Ondrej Mosnacek Changes Requested
[4/5] selinux: mark some global variables __ro_after_init Clean up SELinux global variables - - - --- 2021-01-06 Ondrej Mosnacek pcmoore Accepted
[4/6] selinux: convert cond_av_list to array selinux: Assorted simplifications and cleanups - 1 - --- 2020-01-16 Ondrej Mosnacek Superseded
[5/5] selinux: mark selinux_xfrm_refcount as __read_mostly Clean up SELinux global variables - - - --- 2021-01-06 Ondrej Mosnacek pcmoore Accepted
[5/6] selinux: convert cond_expr to array selinux: Assorted simplifications and cleanups - 1 - --- 2020-01-16 Ondrej Mosnacek Superseded
[6/6] selinux: generalize evaluate_cond_node() selinux: Assorted simplifications and cleanups - 1 - --- 2020-01-16 Ondrej Mosnacek Superseded
[net,v3,1/2] security: add sctp_assoc_established hook security: fixups for the security hooks in sctp - - - --- 2022-02-12 Ondrej Mosnacek pcmoore Accepted
[net,v3,2/2] security: implement sctp_assoc_established hook in selinux security: fixups for the security hooks in sctp - - - --- 2022-02-12 Ondrej Mosnacek pcmoore Accepted
[net] selinux: fix SCTP client peeloff socket labeling [net] selinux: fix SCTP client peeloff socket labeling - - - --- 2021-11-04 Ondrej Mosnacek pcmoore Superseded
[RESEND,1/2] audit: introduce a struct to represent an audit timestamp Provide matching audit timestamp in the SELinux AVC trace event - - - --- 2022-12-19 Ondrej Mosnacek pcmoore Rejected
[RESEND,2/2] selinux: provide matching audit timestamp in the AVC trace event Provide matching audit timestamp in the SELinux AVC trace event - - - --- 2022-12-19 Ondrej Mosnacek pcmoore Rejected
[RFC,1/2] libsemanage: support changing policy version via API userspace: Allow changing version of kernel policy built by semodule - - - --- 2020-02-06 Ondrej Mosnacek Rejected
[RFC,1/2] LSM,anon_inodes: explicitly distinguish anon inode types selinux,anon_inodes: Use a separate SELinux class for each type of anon inode - - - --- 2021-04-21 Ondrej Mosnacek pcmoore Rejected
[RFC,1/3] cgroup: fix parsing empty mount option string Fix SELinux context mount with the cgroup filesystem - - - --- 2018-12-13 Ondrej Mosnacek Not Applicable
[RFC,1/3] selinux: refactor sidtab conversion Fix ENOMEM errors during policy reload 1 - - --- 2018-11-13 Ondrej Mosnacek Accepted
[RFC,1/3] selinux: simplify away security_policydb_len() selinux: RCU conversion follow-ups - - - --- 2020-08-25 Ondrej Mosnacek Superseded
[RFC,2/2] selinux: add capability to map anon inode types to separate classes selinux,anon_inodes: Use a separate SELinux class for each type of anon inode - - - --- 2021-04-21 Ondrej Mosnacek pcmoore Rejected
[RFC,2/2] semodule: support changing policyvers via command line userspace: Allow changing version of kernel policy built by semodule - - - --- 2020-02-06 Ondrej Mosnacek Rejected
[RFC,2/3] selinux: never allow relabeling on context mounts Fix SELinux context mount with the cgroup filesystem - - - --- 2018-12-13 Ondrej Mosnacek Superseded
[RFC,2/3] selinux: remove the 'initialized' flag from selinux_state selinux: RCU conversion follow-ups - - - --- 2020-08-25 Ondrej Mosnacek Superseded
[RFC,2/3] selinux: use separate table for initial SID lookup Fix ENOMEM errors during policy reload - - - --- 2018-11-13 Ondrej Mosnacek Superseded
[RFC,3/3] selinux: do not override context on context mounts Fix SELinux context mount with the cgroup filesystem - - - --- 2018-12-13 Ondrej Mosnacek Superseded
[RFC,3/3] selinux: overhaul sidtab to fix bug and improve performance Fix ENOMEM errors during policy reload - - - --- 2018-11-13 Ondrej Mosnacek Superseded
[RFC,3/3] selinux: track policy lifetime with refcount selinux: RCU conversion follow-ups - - - --- 2020-08-25 Ondrej Mosnacek Superseded
[RFC,RESEND] userfaultfd: open userfaultfds with O_RDONLY [RFC,RESEND] userfaultfd: open userfaultfds with O_RDONLY 2 - - --- 2022-07-08 Ondrej Mosnacek pcmoore Handled Elsewhere
[RFC,testsuite] Add extended_anon_inode_class policy capability support [RFC,testsuite] Add extended_anon_inode_class policy capability support - - - --- 2021-04-21 Ondrej Mosnacek omos Rejected
[RFC,userspace,1/5] libsemanage: add missing include to boolean_record.c Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek Superseded
[RFC,userspace,1/6] selinux_restorecon: simplify fl_head allocation by using calloc() Parallel setfiles/restorecon - - - --- 2021-03-23 Ondrej Mosnacek RFC
[RFC,userspace,2/5] semodule,libsemanage: move module hashing into libsemanage Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek Superseded
[RFC,userspace,2/6] selinux_restorecon: protect file_spec list with a mutex Parallel setfiles/restorecon - - - --- 2021-03-23 Ondrej Mosnacek RFC
[RFC,userspace,3/5] libsemanage: move compressed file handling into a separate object Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek Superseded
[RFC,userspace,3/6] selinux_restorecon: introduce selinux_log_sync() Parallel setfiles/restorecon - - - --- 2021-03-23 Ondrej Mosnacek RFC
[RFC,userspace,4/5] libsemanage: optionally rebuild policy when modules are changed externally Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek Superseded
[RFC,userspace,4/6] selinux_restorecon: add a global mutex to synchronize progress output Parallel setfiles/restorecon - - - --- 2021-03-23 Ondrej Mosnacek RFC
[RFC,userspace,5/5] semodule: add command-line option to detect module changes Allow rebuilding policy store only if there were external changes to modules - - - --- 2022-01-13 Ondrej Mosnacek Superseded
[RFC,userspace,5/6] selinux_restorecon: introduce selinux_restorecon_parallel(3) Parallel setfiles/restorecon - - - --- 2021-03-23 Ondrej Mosnacek RFC
[RFC,userspace,6/6] setfiles/restorecon: support parallel relabeling Parallel setfiles/restorecon - - - --- 2021-03-23 Ondrej Mosnacek RFC
[RFC,v2] libsepol/cil: raise default attrs_expand_size to 2 [RFC,v2] libsepol/cil: raise default attrs_expand_size to 2 1 - - --- 2020-03-05 Ondrej Mosnacek Accepted
[RFC] libsepol/cil: raise default attrs_expand_size to 2 [RFC] libsepol/cil: raise default attrs_expand_size to 2 - - - --- 2020-03-04 Ondrej Mosnacek Superseded
[RFC] selinux: log invalid contexts in AVCs [RFC] selinux: log invalid contexts in AVCs - - - --- 2019-01-18 Ondrej Mosnacek Superseded
[testsuite,01/24] keys: change test_newcon_key_t to be just an object context Clean up testsuite policy and support running as sysadm_t - - - --- 2022-07-29 Ondrej Mosnacek omos Superseded
[testsuite,02/24] test_global.te: remove unused role require Clean up testsuite policy and support running as sysadm_t - - - --- 2022-07-29 Ondrej Mosnacek omos Superseded
[testsuite,03/24] test_global.te: don't add domains to system_r Clean up testsuite policy and support running as sysadm_t - - - --- 2022-07-29 Ondrej Mosnacek omos Superseded
[testsuite,06/24] test_policy.if: remove weird rule from testsuite_domain_type_minimal() Clean up testsuite policy and support running as sysadm_t - - - --- 2022-07-29 Ondrej Mosnacek omos Superseded
[testsuite,07/24] policy: move unconfined_t-related dontaudit rule to where it fits better Clean up testsuite policy and support running as sysadm_t - - - --- 2022-07-29 Ondrej Mosnacek omos Superseded
[testsuite,08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy Clean up testsuite policy and support running as sysadm_t - - - --- 2022-07-29 Ondrej Mosnacek omos Superseded
[testsuite,09/24] policy: move miscfiles_domain_entry_test_files() to general policy Clean up testsuite policy and support running as sysadm_t - - - --- 2022-07-29 Ondrej Mosnacek omos Superseded
[testsuite,1/1] tests/keys: fix the KEYCTL_DH_COMPUTE parameter values [testsuite,1/1] tests/keys: fix the KEYCTL_DH_COMPUTE parameter values - - - --- 2020-10-14 Ondrej Mosnacek omos Accepted
[testsuite,1/2] check-syntax: use 'command -v' instead of 'which' Migrate CI to GH Actions 1 - - --- 2021-01-22 Ondrej Mosnacek omos Accepted
[testsuite,1/2] policy: remove CIL workarounds for missing anon_inode class Prepare userfaultfd policy for Fedora policy changes - - - --- 2022-08-24 Ondrej Mosnacek omos Accepted
[testsuite,1/2] policy/test_ioctl_xperms.te: add ioctl numbers for other arches FIOQSIZE followup fixes - - - --- 2022-04-21 Ondrej Mosnacek omos Accepted
[testsuite,1/2] tests/extended_socket_class: make Bluetooth support optional Make SCTP and Bluetooth support optional - - - --- 2022-04-13 Ondrej Mosnacek omos Accepted
[testsuite,1/2] tests/keys: use a longer prime in DH params Make the keys test pass in FIPS mode - - - --- 2022-06-28 Ondrej Mosnacek omos Accepted
[testsuite,1/2] tests/module_load: simplify the clean target [testsuite,1/2] tests/module_load: simplify the clean target - - - --- 2021-09-06 Ondrej Mosnacek omos Accepted
[testsuite,1/2] tests/task_setscheduler: fix for old kernels RFE: remove special RHEL-5 and -4 policies - - - --- 2019-09-20 Ondrej Mosnacek Accepted
[testsuite,1/3] perf_event: measure CPU 0 rather than CPU 1 perf_event: fixes and cleanups - - - --- 2021-03-02 Ondrej Mosnacek omos Accepted
[testsuite,1/3] policy: consolidate macros for home dirs access Fix refpolicy build & build test_policy.pp in Travis - - - --- 2019-09-30 Ondrej Mosnacek Changes Requested
« 1 2 3 45 6 »