SELinux Development list

Show patches with: Submitter = Stephen Smalley | Archived = No | 331 patches

« 1 2 3 4 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
ip.7: Document IP_PASSSEC for UDP sockets	ip.7: Document IP_PASSSEC for UDP sockets	- 1 -	---	2020-09-17	Stephen Smalley	sds	Accepted
[RFC,v4,1/2] selinux: encapsulate policy state, refactor policy load	[RFC,v4,1/2] selinux: encapsulate policy state, refactor policy load	- - -	---	2020-08-05	Stephen Smalley	pcmoore	Superseded
[RFC,v2,2/2] selinux: move policy commit after updating selinuxfs	[RFC,v4,1/2] selinux: encapsulate policy state, refactor policy load	- - 1	---	2020-08-05	Stephen Smalley	pcmoore	Superseded
scripts/selinux,selinux: update mdp to enable policy capabilities	scripts/selinux,selinux: update mdp to enable policy capabilities	- - -	---	2020-08-06	Stephen Smalley	pcmoore	Accepted
[v5,1/2] selinux: encapsulate policy state, refactor policy load	[v5,1/2] selinux: encapsulate policy state, refactor policy load	- - -	---	2020-08-07	Stephen Smalley	pcmoore	Accepted
[v5,2/2] selinux: move policy commit after updating selinuxfs	[v5,1/2] selinux: encapsulate policy state, refactor policy load	- - -	---	2020-08-07	Stephen Smalley	pcmoore	Accepted
[v2] selinux: refactor changing booleans	[v2] selinux: refactor changing booleans	- - -	---	2020-08-11	Stephen Smalley	pcmoore	Accepted
[RFC,v4] selinux: convert policy read-write lock to RCU	[RFC,v4] selinux: convert policy read-write lock to RCU	- 1 -	---	2020-08-19	Stephen Smalley	pcmoore	Accepted
[RFC] selinux: enable proper lockdep checking for policy rcu access	[RFC] selinux: enable proper lockdep checking for policy rcu access	- - -	---	2020-08-20	Stephen Smalley	pcmoore	Rejected
selinux: move policy mutex to selinux_state, use in lockdep checks	selinux: move policy mutex to selinux_state, use in lockdep checks	- - -	---	2020-08-26	Stephen Smalley	pcmoore	Superseded
[RFC] selinux: cache access vector decisions in the inode security blob	[RFC] selinux: cache access vector decisions in the inode security blob	- - -	---	2023-03-10	Stephen Smalley	pcmoore	Superseded
[RFC,v2] selinux: cache access vector decisions in the inode security blob	[RFC,v2] selinux: cache access vector decisions in the inode security blob	- - -	---	2023-03-14	Stephen Smalley	pcmoore	RFC
selinux: stop returning node from avc_insert	selinux: stop returning node from avc_insert	- - -	---	2023-04-03	Stephen Smalley	pcmoore	Accepted
selinux: de-brand SELinux	selinux: de-brand SELinux	- - -	---	2023-07-18	Stephen Smalley	pcmoore	Accepted
selinux: update my email address	selinux: update my email address	- - -	---	2023-07-19	Stephen Smalley	pcmoore	Accepted
[v3,3/4] selinux: use vma_is_initial_stack() and vma_is_initial_heap()	Untitled series #771253	1 1 -	---	2023-07-31	Stephen Smalley	pcmoore	Handled Elsewhere
selinux-testsuite: update to work on Debian	selinux-testsuite: update to work on Debian	- - -	---	2020-05-06	Stephen Smalley	omos	Superseded
[v4,testsuite,01/15] test_capable_net.te: remove corenet_tcp/udp_sendrecv_all_ports()	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,02/15] test_execute_no_trans.te: stop using mmap_file_perms	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,03/15] test_ibendport.te: use dev_rw_infiniband_mgmt_dev()	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,04/15] test_global.te: allow test domains to statfs selinuxfs	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,05/15] test_inet_socket.te: switch from generic_port to _all_unreserved_ports()	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,06/15] test_sctp.te: make netlabel_peer_t a MCS-constrained type	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,08/15] test_overlayfs.te: allow test_overlay_mounter_t to read user tmp files	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,09/15] policy: Add MCS constraint on peer recv	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,10/15] policy: Add defaultrange rules for overlay tests	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,11/15] test_filesystem.te,tests/{fs_}filesystem: do not force user identity to system…	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,12/15] policy/Makefile: conditionalize setting of allow_domain_fd_use	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,13/15] tests/cap_userns: set /proc/sys/kernel/unprivileged_userns_clone if needed	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,14/15] tests/mmap: skip /dev/zero tests if /dev is noexec	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v4,testsuite,15/15] README.md: Add instructions for Debian	Update to work on Debian	- - -	---	2020-05-08	Stephen Smalley	omos	Accepted
[v2,testsuite] tests/filesystem: fix quotas_test	[v2,testsuite] tests/filesystem: fix quotas_test	1 - -	---	2020-05-11	Stephen Smalley	omos	Accepted
[v5,testsuite,07/15] test_policy.if: use term_use_all_ptys() instead of unconfined_devpts_t	Untitled series #286501	1 - -	---	2020-05-12	Stephen Smalley	omos	Accepted
[testsuite] policy/test_overlayfs.te: allow mounter to create whiteouts	[testsuite] policy/test_overlayfs.te: allow mounter to create whiteouts	1 - -	---	2020-06-02	Stephen Smalley	omos	Accepted
[testsuite] defconfig: add NETFILTER_XT_MATCH_STATE and NFS_V4_1	[testsuite] defconfig: add NETFILTER_XT_MATCH_STATE and NFS_V4_1	1 - -	---	2020-06-09	Stephen Smalley	omos	Accepted
[testsuite] defconfig: add FAT and GRE config options	[testsuite] defconfig: add FAT and GRE config options	- - -	---	2023-03-10	Stephen Smalley	omos	Accepted
[testsuite] policy: allow inet socket test domains to search user home content	[testsuite] policy: allow inet socket test domains to search user home content	- - -	---	2023-07-14	Stephen Smalley	omos	Rejected
[userspace] libselinux,policycoreutils,python,semodule-utils: de-brand SELinux	[userspace] libselinux,policycoreutils,python,semodule-utils: de-brand SELinux	2 - -	---	2023-07-19	Stephen Smalley	bachradsusi	Accepted
[userspace] checkpolicy,libselinux,libsepol,policycoreutils,semodule-utils: update my email	[userspace] checkpolicy,libselinux,libsepol,policycoreutils,semodule-utils: update my email	1 - -	---	2023-07-19	Stephen Smalley	bachradsusi	Accepted
selinux: fix bug in conditional rules handling		- - -	---	2015-11-23	Stephen Smalley		Accepted
libselinux: only mount /proc if necessary		- - -	---	2016-02-29	Stephen Smalley		Accepted
selinux: distinguish non-init user namespace capability checks		- - -	---	2016-04-08	Stephen Smalley		Accepted
selinux: apply execstack check on thread stacks		- - -	---	2016-04-08	Stephen Smalley		Accepted
selinux-testsuite: Update README		- - -	---	2016-04-12	Stephen Smalley		Accepted
[1/2] libsepol: Only apply bounds checking to source types in rules		- - -	---	2016-04-28	Stephen Smalley		Not Applicable
[2/2] libsepol: fix type bounds checking for attributes		- - -	---	2016-04-28	Stephen Smalley		Not Applicable
selinux: Only apply bounds checking to source types		- - -	---	2016-04-28	Stephen Smalley		Superseded
[v2] selinux: Only apply bounds checking to source types		- - -	---	2016-04-29	Stephen Smalley		Superseded
libsepol, checkpolicy, secilc: Replace #ifdef DARWIN with __APPLE__.		- - -	---	2016-05-03	Stephen Smalley		Not Applicable
[v3] selinux: Only apply bounds checking to source types		- - -	---	2016-05-03	Stephen Smalley		Superseded
Avoid mounting /proc outside of selinux_init_load_policy().		- - -	---	2016-05-13	Stephen Smalley		Not Applicable
[v4] selinux: Only apply bounds checking to source types		- - -	---	2016-05-23	Stephen Smalley		Accepted
libsepol: rewrite sepol_string_to_security_class to use hashtab_search		- - -	---	2016-06-20	Stephen Smalley		Not Applicable
Extend checkpolicy pathname matching.		- - -	---	2016-07-14	Stephen Smalley		Not Applicable
selinux-testsuite: Add test for execstack on thread stacks.		- - -	---	2016-07-28	Stephen Smalley		Accepted
selinux-testsuite: Add tests for non-init userns capability checks		- - -	---	2016-07-28	Stephen Smalley		Accepted
selinux-testsuite: mmap: add tests for hugetlb anon mappings		- - -	---	2016-08-11	Stephen Smalley		Not Applicable
selinux-testsuite: mmap: test personality(READ_IMPLIES_EXEC)		- - -	---	2016-08-11	Stephen Smalley		Not Applicable
libselinux, sefcontext_compile: handle NULL pcre study data		- - -	---	2016-08-17	Stephen Smalley		Not Applicable
libsemanage: validate and compile file contexts before installing		- - -	---	2016-08-17	Stephen Smalley		Not Applicable
semanage: Fix semanage fcontext -D		- - -	---	2016-08-18	Stephen Smalley		Not Applicable
selinux-testsuite: fix file/test failure		- - -	---	2016-09-13	Stephen Smalley		Not Applicable
libselinux: add support for pcre2		- - -	---	2016-09-15	Stephen Smalley		Not Applicable
sefcontext_compile: do not fail silently		- - -	---	2016-09-26	Stephen Smalley		Not Applicable
policycoreutils: setfiles: reverse the sense of -D		- - -	---	2016-09-30	Stephen Smalley		Not Applicable
policycoreutils: setfiles: make -I imply -D		- - -	---	2016-09-30	Stephen Smalley		Not Applicable
libselinux: selinux_restorecon: fix realpath logic		- - -	---	2016-10-05	Stephen Smalley		Not Applicable
[v2] libselinux: selinux_restorecon: fix realpath logic		- - -	---	2016-10-05	Stephen Smalley		Not Applicable
libsepol, libsemanage: fix linker scripts / map files		- - -	---	2016-10-05	Stephen Smalley		Not Applicable
libsemanage: genhomedircon: do not suppress logging from libsepol		- - -	---	2016-10-06	Stephen Smalley		Not Applicable
libsemanage: genhomedircon: only set MLS level if MLS is enabled		- - -	---	2016-10-14	Stephen Smalley		Not Applicable
selinux-testsuite: mmap: add shmat SHM_EXEC test		- - -	---	2016-10-27	Stephen Smalley		Accepted
[1/2] selinux-testsuite: mmap: fix shmat SHM_EXEC test for old kernels		- - -	---	2016-10-27	Stephen Smalley		Not Applicable
[2/2] selinux-testsuite: mmap: fix shmat SHM_EXEC test for old policies		- - -	---	2016-10-27	Stephen Smalley		Not Applicable
libselinux: avc_internal.c: allow building with clang		- - -	---	2016-11-01	Stephen Smalley		Not Applicable
libsemanage: fix kernel pathname in semanage_verify_kernel()		- - -	---	2016-11-02	Stephen Smalley		Not Applicable
libsepol: sepol_{bool\|iface\|user}_key_create: copy name		- - -	---	2016-11-08	Stephen Smalley		Rejected
libsepol: fix checkpolicy dontaudit compiler bug		- - -	---	2016-11-14	Stephen Smalley		Not Applicable
[v2] libsepol: fix checkpolicy dontaudit compiler bug		- - 1	---	2016-11-14	Stephen Smalley		Not Applicable
libselinux: fix subdir build and usage of cmdline CFLAGS		- - -	---	2016-11-14	Stephen Smalley		Not Applicable
libsepol: cil_lexer: make warnings non-fatal for building		- - -	---	2016-11-15	Stephen Smalley		Not Applicable
mcstrans: Fix signed/unsigned warnings		- - -	---	2016-11-16	Stephen Smalley		Not Applicable
selinux: normalize input to /sys/fs/selinux/enforce		- - -	---	2016-11-18	Stephen Smalley		Accepted
libselinux: normalize enforce values from the kernel		- - -	---	2016-11-18	Stephen Smalley		Not Applicable
selinux: keep SELinux in sync with new capability definitions		- - -	---	2016-11-18	Stephen Smalley		Accepted
checkpolicy: treat -self as an error		- - -	---	2016-11-18	Stephen Smalley		Not Applicable
[1/2] libsepol: do not write object_r types to policy file		- - -	---	2016-11-23	Stephen Smalley		Not Applicable
[2/2] libsepol, checkpolicy: convert rangetrans and filenametrans to hashtabs		- - -	---	2016-11-23	Stephen Smalley		Not Applicable
[1/2,v2] libsepol: do not write object_r types to policy file		- - -	---	2016-11-28	Stephen Smalley		Not Applicable
[2/2,v2] libsepol, checkpolicy: convert rangetrans and filenametrans to hashtabs		- - -	---	2016-11-28	Stephen Smalley		Not Applicable
libsepol: do not #include <sys/cdefs.h>		- - -	---	2016-11-29	Stephen Smalley		Not Applicable
libselinux: avcstat: Clean up redundant condition		- - -	---	2016-11-29	Stephen Smalley		Not Applicable
libsepol: sepol_av_to_string: clear static buffer		- - -	---	2016-11-29	Stephen Smalley		Not Applicable
libsepol, libselinux, audit2allow: teach audit2why about type bounds failures		- - -	---	2016-11-29	Stephen Smalley		Not Applicable
[RFC] selinux: support distinctions among all network address families		- - -	---	2016-12-01	Stephen Smalley		Superseded
[RFC] selinux: support distinctions among all network address families		- - -	---	2016-12-01	Stephen Smalley		Superseded
[v2] selinux: support distinctions among all network address families		- - -	---	2016-12-06	Stephen Smalley		Accepted
[RFC] selinux: allow context mounts on tmpfs, ramfs, devpts within user namespaces		- - -	---	2016-12-07	Stephen Smalley		Rejected
[v2] selinux: allow context mounts on tmpfs, ramfs, devpts within user namespaces		- - -	---	2016-12-08	Stephen Smalley		Accepted
libsepol: Define extended_socket_class policy capability		- - -	---	2016-12-08	Stephen Smalley		Not Applicable

« 1 2 3 4 »