Show patches with: Submitter = Stephen Smalley       |    Archived = No       |   331 patches
« 1 2 3 4 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
socket.7,ip.7: Document SO_PEERSEC for AF_INET sockets socket.7,ip.7: Document SO_PEERSEC for AF_INET sockets - - - --- 2020-09-15 Stephen Smalley Accepted
[v2] socket.7,unix.7: add initial description for SO_PEERSEC [v2] socket.7,unix.7: add initial description for SO_PEERSEC - 1 - --- 2020-09-14 Stephen Smalley Accepted
socket.7,unix.7: add initial description for SO_PEERSEC socket.7,unix.7: add initial description for SO_PEERSEC - - - --- 2020-09-10 Stephen Smalley Superseded
selinux: access policycaps with READ_ONCE/WRITE_ONCE selinux: access policycaps with READ_ONCE/WRITE_ONCE - - - --- 2020-09-10 Stephen Smalley Accepted
[v2] selinux: move policy mutex to selinux_state, use in lockdep checks [v2] selinux: move policy mutex to selinux_state, use in lockdep checks - 1 - --- 2020-08-26 Stephen Smalley Accepted
selinux: permit removing security.selinux xattr before policy load selinux: permit removing security.selinux xattr before policy load - - - --- 2020-08-20 Stephen Smalley Accepted
[RFC,v3] selinux: convert policy read-write lock to RCU [RFC,v3] selinux: convert policy read-write lock to RCU - - - --- 2020-08-19 Stephen Smalley Superseded
selinux: avoid dereferencing the policy prior to initialization selinux: avoid dereferencing the policy prior to initialization - - 1 --- 2020-08-19 Stephen Smalley Accepted
[RFC,v2] selinux: convert policy read-write lock to RCU [RFC,v2] selinux: convert policy read-write lock to RCU - - - --- 2020-08-18 Stephen Smalley Superseded
[RFC] selinux: convert policy read-write lock to RCU [RFC] selinux: convert policy read-write lock to RCU - - - --- 2020-08-18 Stephen Smalley Superseded
[RFC] selinux: refactor changing booleans [RFC] selinux: refactor changing booleans - - - --- 2020-08-11 Stephen Smalley Superseded
libselinux: fix build order libselinux: fix build order - - - --- 2020-08-06 Stephen Smalley Accepted
[RFC] selinux: move policy commit after updating selinuxfs [RFC] selinux: move policy commit after updating selinuxfs - - - --- 2020-08-04 Stephen Smalley Superseded
[RFC,v3] selinux: encapsulate policy state, refactor policy load [RFC,v3] selinux: encapsulate policy state, refactor policy load - - - --- 2020-08-03 Stephen Smalley Superseded
[RFC] selinux: encapsulate policy state, refactor policy load [RFC] selinux: encapsulate policy state, refactor policy load - - - --- 2020-07-30 Stephen Smalley Superseded
selinux: encapsulate policy-dependent state selinux: encapsulate policy-dependent state - - - --- 2020-07-28 Stephen Smalley Changes Requested
selinux: log error messages on required process class / permissions selinux: log error messages on required process class / permissions - - - --- 2020-06-17 Stephen Smalley Accepted
scripts/selinux/mdp: fix initial SID handling scripts/selinux/mdp: fix initial SID handling - - - --- 2020-06-17 Stephen Smalley Accepted
libselinux: fix selinux_restorecon() statfs bug libselinux: fix selinux_restorecon() statfs bug 1 - 1 --- 2020-06-04 Stephen Smalley Accepted
libsepol: drop broken warning on duplicate filename transitions libsepol: drop broken warning on duplicate filename transitions 1 - - --- 2020-05-13 Stephen Smalley Accepted
[v2] libsemanage: fsync final files before rename [v2] libsemanage: fsync final files before rename 1 - - --- 2020-05-13 Stephen Smalley Accepted
libsemanage: fsync before rename libsemanage: fsync before rename - - - --- 2020-05-13 Stephen Smalley Superseded
[testsuite] tests/filesystem: fix quotas_test [testsuite] tests/filesystem: fix quotas_test - - - --- 2020-05-08 Stephen Smalley Changes Requested
[v4,testsuite,07/15] test_policy.if: use ptynode instead of unconfined_devpts_t Update to work on Debian - - - --- 2020-05-08 Stephen Smalley Changes Requested
[v3] selinux-testsuite: update to work on Debian [v3] selinux-testsuite: update to work on Debian - - - --- 2020-05-07 Stephen Smalley Superseded
[v2] selinux-testsuite: update to work on Debian [v2] selinux-testsuite: update to work on Debian - - - --- 2020-05-06 Stephen Smalley Superseded
MAINTAINERS: Update my email address MAINTAINERS: Update my email address - - - --- 2020-03-11 Stephen Smalley Accepted
[RFC] libselinux: deprecate security_compute_user(), update man pages [RFC] libselinux: deprecate security_compute_user(), update man pages - - - --- 2020-02-18 Stephen Smalley RFC
[RFC] security,anon_inodes,kvm: enable security support for anon inodes [RFC] security,anon_inodes,kvm: enable security support for anon inodes - - - --- 2020-02-13 Stephen Smalley RFC
[v3,2/2] testsuite: add further nfs tests [v3,1/2] testsuite: provide support for testing labeled NFS - - - --- 2020-01-30 Stephen Smalley Accepted
[v3,1/2] testsuite: provide support for testing labeled NFS [v3,1/2] testsuite: provide support for testing labeled NFS - - - --- 2020-01-30 Stephen Smalley Accepted
[v2,2/2] testsuite: add further nfs tests [v2,1/2] testsuite: provide support for testing labeled NFS - - - --- 2020-01-30 Stephen Smalley Superseded
[v2,1/2] testsuite: provide support for testing labeled NFS [v2,1/2] testsuite: provide support for testing labeled NFS - - - --- 2020-01-30 Stephen Smalley Superseded
testsuite: add further nfs tests testsuite: add further nfs tests - - - --- 2020-01-30 Stephen Smalley Superseded
testsuite: provide support for testing labeled NFS testsuite: provide support for testing labeled NFS - - - --- 2020-01-30 Stephen Smalley Superseded
testsuite: enable running over labeled NFS testsuite: enable running over labeled NFS - - - --- 2020-01-29 Stephen Smalley Accepted
[v2] selinux: remove unused initial SIDs and improve handling [v2] selinux: remove unused initial SIDs and improve handling - - - --- 2020-01-29 Stephen Smalley Changes Requested
[v2] libsepol,checkpolicy: support omitting unused initial sid contexts [v2] libsepol,checkpolicy: support omitting unused initial sid contexts 1 - - --- 2020-01-29 Stephen Smalley Accepted
libsepol,checkpolicy: support omitting unused initial sid contexts libsepol,checkpolicy: support omitting unused initial sid contexts - - - --- 2020-01-28 Stephen Smalley Superseded
selinux: remove unused initial SIDs and improve handling selinux: remove unused initial SIDs and improve handling - - - --- 2020-01-27 Stephen Smalley Superseded
testsuite/policy: fixes for running on a labeled NFS mount testsuite/policy: fixes for running on a labeled NFS mount - - - --- 2020-01-23 Stephen Smalley Accepted
[v4] libsepol,checkpolicy: remove use of hardcoded security class values [v4] libsepol,checkpolicy: remove use of hardcoded security class values 1 - - --- 2020-01-21 Stephen Smalley Accepted
libselinux: export flush_class_cache(), call it on policyload libselinux: export flush_class_cache(), call it on policyload - - - --- 2020-01-21 Stephen Smalley Accepted
[v2] selinux: fix regression introduced by move_mount(2) syscall [v2] selinux: fix regression introduced by move_mount(2) syscall - 2 - --- 2020-01-17 Stephen Smalley Accepted
[v3] libsepol,checkpolicy: remove use of hardcoded security class values [v3] libsepol,checkpolicy: remove use of hardcoded security class values - - - --- 2020-01-17 Stephen Smalley Superseded
libselinux: update man pages for userspace policy enforcers libselinux: update man pages for userspace policy enforcers - - - --- 2020-01-17 Stephen Smalley Accepted
[v2] libsepol,checkpolicy: remove use of hardcoded security class values [v2] libsepol,checkpolicy: remove use of hardcoded security class values - - - --- 2020-01-16 Stephen Smalley Superseded
libsepol,checkpolicy: remove use of hardcoded security class values libsepol,checkpolicy: remove use of hardcoded security class values - - - --- 2020-01-16 Stephen Smalley Superseded
libselinux: remove flask.h and av_permissions.h libselinux: remove flask.h and av_permissions.h 1 - - --- 2020-01-15 Stephen Smalley Accepted
[RFC] selinux: implement move_mount hook [RFC] selinux: implement move_mount hook - - - --- 2020-01-13 Stephen Smalley Superseded
selinux: make default_noexec read-only after init selinux: make default_noexec read-only after init - - - --- 2020-01-08 Stephen Smalley Accepted
Documentation,selinux: deprecate setting checkreqprot to 1 Documentation,selinux: deprecate setting checkreqprot to 1 - - - --- 2020-01-08 Stephen Smalley Accepted
[RFC] selinux: deprecate setting checkreqprot to 1 [RFC] selinux: deprecate setting checkreqprot to 1 - - - --- 2020-01-07 Stephen Smalley RFC
Documentation,selinux: fix references to old selinuxfs mount point Documentation,selinux: fix references to old selinuxfs mount point - - - --- 2020-01-07 Stephen Smalley Accepted
Documentation,selinux: fix references to old selinuxfs mount point Documentation,selinux: fix references to old selinuxfs mount point - - - --- 2020-01-07 Stephen Smalley Changes Requested
[v2] selinux: clean up selinux_enabled/disabled/enforcing_boot [v2] selinux: clean up selinux_enabled/disabled/enforcing_boot - - - --- 2019-12-17 Stephen Smalley Accepted
[RFC] selinux: randomize layout of key structures [RFC] selinux: randomize layout of key structures - 1 - --- 2019-12-13 Stephen Smalley Accepted
[RFC] selinux: clean up selinux_enabled/disabled [RFC] selinux: clean up selinux_enabled/disabled - - - --- 2019-12-13 Stephen Smalley Superseded
security: only build lsm_audit if CONFIG_SECURITY=y security: only build lsm_audit if CONFIG_SECURITY=y - - - --- 2019-12-10 Stephen Smalley Accepted
[v4] selinux-testsuite: add lockdown tests [v4] selinux-testsuite: add lockdown tests - - - --- 2019-12-10 Stephen Smalley Accepted
[RFC,v3] selinux-testsuite: add lockdown tests [RFC,v3] selinux-testsuite: add lockdown tests - - - --- 2019-11-27 Stephen Smalley Superseded
[RFC,v2] selinux-testsuite: add lockdown tests [RFC,v2] selinux-testsuite: add lockdown tests - - - --- 2019-11-27 Stephen Smalley Superseded
[RFC,v2] security,lockdown,selinux: implement SELinux lockdown [RFC,v2] security,lockdown,selinux: implement SELinux lockdown - 1 - --- 2019-11-27 Stephen Smalley Accepted
selinux: clean up selinux_inode_permission MAY_NOT_BLOCK tests selinux: clean up selinux_inode_permission MAY_NOT_BLOCK tests - - - --- 2019-11-22 Stephen Smalley Accepted
[2/2] selinux: fall back to ref-walk if audit is required [1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" - - - --- 2019-11-22 Stephen Smalley Accepted
[1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" [1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" - - - --- 2019-11-22 Stephen Smalley Accepted
[RFC,2/2] selinux: fall back to ref-walk upon LSM_AUDIT_DATA_DENTRY too [RFC,1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" - - - --- 2019-11-21 Stephen Smalley Superseded
[RFC,1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" [RFC,1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" - - - --- 2019-11-21 Stephen Smalley Superseded
[v3] selinux-testsuite: add tests for fsnotify [v3] selinux-testsuite: add tests for fsnotify - - - --- 2019-10-31 Stephen Smalley Accepted
[RFC] selinux-testsuite: add lockdown tests [RFC] selinux-testsuite: add lockdown tests - - - --- 2019-10-30 Stephen Smalley Superseded
[RFC] selinux: add SELinux hooks for lockdown integrity and confidentiality [RFC] selinux: add SELinux hooks for lockdown integrity and confidentiality - - - --- 2019-10-30 Stephen Smalley Superseded
[RFC,11/10] selinux: fix support multiple selinuxfs instances Untitled series #188777 - - - --- 2019-10-16 Stephen Smalley Accepted
[RFC,10/10] selinuxfs: restrict write operations to the same selinux namespace SELinux namespace series, re-based - - - --- 2019-10-15 Stephen Smalley Accepted
[RFC,09/10] selinux: add a selinuxfs interface to unshare selinux namespace SELinux namespace series, re-based - - - --- 2019-10-15 Stephen Smalley Accepted
[RFC,08/10] selinux: introduce cred_selinux_ns() and use it SELinux namespace series, re-based - - - --- 2019-10-15 Stephen Smalley Accepted
[RFC,07/10] selinux: support per-task/cred selinux namespace SELinux namespace series, re-based - - - --- 2019-10-15 Stephen Smalley Accepted
[RFC,06/10] netns,selinux: create the selinux netlink socket per network namespace SELinux namespace series, re-based - - - --- 2019-10-15 Stephen Smalley Accepted
[RFC,05/10] selinux: Annotate lockdep for services locks SELinux namespace series, re-based - - - --- 2019-10-15 Stephen Smalley Accepted
[RFC,04/10] selinuxns: mark init_selinux_ns as __ro_after_init SELinux namespace series, re-based - - - --- 2019-10-15 Stephen Smalley Accepted
[RFC,03/10] selinux: dynamically allocate selinux namespace SELinux namespace series, re-based - - - --- 2019-10-15 Stephen Smalley Accepted
[RFC,02/10] selinux: support multiple selinuxfs instances SELinux namespace series, re-based - - - --- 2019-10-15 Stephen Smalley Accepted
[v2] python/sepolicy: call segenxml.py with python3 [v2] python/sepolicy: call segenxml.py with python3 1 - - --- 2019-10-09 Stephen Smalley Accepted
python/sepolicy: call segenxml.py with python3 python/sepolicy: call segenxml.py with python3 1 - - --- 2019-09-26 Stephen Smalley Superseded
selinux-testsuite: drop use of userdom_read_inherited_user_tmp_files selinux-testsuite: drop use of userdom_read_inherited_user_tmp_files - - 1 --- 2019-09-18 Stephen Smalley Accepted
selinux-testsuite: apply perltidy to infiniband test scripts selinux-testsuite: apply perltidy to infiniband test scripts - - - --- 2019-09-18 Stephen Smalley Accepted
selinux-testsuite: fix test/file to avoid noise in test output selinux-testsuite: fix test/file to avoid noise in test output - - - --- 2019-09-18 Stephen Smalley Accepted
selinux: fix residual uses of current_security() for the SELinux blob selinux: fix residual uses of current_security() for the SELinux blob 1 1 - --- 2019-09-04 Stephen Smalley Accepted
selinux-testsuite: fix old python shebang in tests/overlay/access selinux-testsuite: fix old python shebang in tests/overlay/access - - - --- 2019-06-19 Stephen Smalley Accepted
scripts/selinux: fix build scripts/selinux: fix build - - - --- 2019-03-19 Stephen Smalley Accepted
[v3] libselinux: selinux_set_mapping: fix handling of unknown classes/perms [v3] libselinux: selinux_set_mapping: fix handling of unknown classes/perms 1 - - --- 2019-02-25 Stephen Smalley Accepted
[v2] libselinux: selinux_set_mapping: fix handling of unknown classes/perms [v2] libselinux: selinux_set_mapping: fix handling of unknown classes/perms - - - --- 2019-02-22 Stephen Smalley Superseded
libselinux: selinux_set_mapping: fix handling of unknown classes/perms libselinux: selinux_set_mapping: fix handling of unknown classes/perms - - - --- 2019-02-22 Stephen Smalley Superseded
[v6] scripts/selinux: modernize mdp [v6] scripts/selinux: modernize mdp 1 - - --- 2019-02-21 Stephen Smalley Accepted
scripts/selinux: modernize mdp scripts/selinux: modernize mdp - - - --- 2019-02-21 Stephen Smalley Superseded
[v3] scripts/selinux: add basic mls support to mdp [v3] scripts/selinux: add basic mls support to mdp - - - --- 2019-02-15 Stephen Smalley Superseded
[v2] scripts/selinux: add basic mls support to mdp [v2] scripts/selinux: add basic mls support to mdp - - - --- 2019-02-15 Stephen Smalley Superseded
scripts/selinux: add basic mls support to mdp scripts/selinux: add basic mls support to mdp - - - --- 2019-02-14 Stephen Smalley Superseded
selinux-testsuite: fix userspace, refpolicy, and mailing list selinux-testsuite: fix userspace, refpolicy, and mailing list - - - --- 2019-02-14 Stephen Smalley Accepted
selinux: fix avc audit messages selinux: fix avc audit messages - - - --- 2019-02-05 Stephen Smalley Accepted
[v2] setsebool: support use of -P on SELinux-disabled hosts [v2] setsebool: support use of -P on SELinux-disabled hosts 1 - - --- 2019-01-10 Stephen Smalley Accepted
« 1 2 3 4 »