Show patches with: Submitter = Stephen Smalley       |    Archived = No       |   273 patches
« 1 2 3 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,5/5] selinux-testsuite: add testing for unprivileged sandboxing capability [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,4/5] selinux-testsuite: add tests/sandbox/rxdir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,3/5] selinux-testsuite: add tests/sandbox/rxdir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,2/5] selinux-testsuite: add tests/sandbox/nodir_rx_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil [RFC,1/5] selinux-testsuite: add tests/sandbox/nodir_no_allow.cil - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability [RFC] libsepol,secilc,policycoreutils: add unprivileged sandboxing capability - - - 0 0 0 2020-03-13 Stephen Smalley New
[RFC] selinux: add unprivileged sandboxing capability [RFC] selinux: add unprivileged sandboxing capability - - - 0 0 0 2020-03-13 Stephen Smalley New
MAINTAINERS: Update my email address MAINTAINERS: Update my email address - - - 0 0 0 2020-03-11 Stephen Smalley Accepted
[RFC] libselinux: deprecate security_compute_user(), update man pages [RFC] libselinux: deprecate security_compute_user(), update man pages - - - 0 0 0 2020-02-18 Stephen Smalley RFC
[RFC] security,anon_inodes,kvm: enable security support for anon inodes [RFC] security,anon_inodes,kvm: enable security support for anon inodes - - - 0 0 0 2020-02-13 Stephen Smalley RFC
[v3,2/2] testsuite: add further nfs tests [v3,1/2] testsuite: provide support for testing labeled NFS - - - 0 0 0 2020-01-30 Stephen Smalley Accepted
[v3,1/2] testsuite: provide support for testing labeled NFS [v3,1/2] testsuite: provide support for testing labeled NFS - - - 0 0 0 2020-01-30 Stephen Smalley Accepted
[v2,2/2] testsuite: add further nfs tests [v2,1/2] testsuite: provide support for testing labeled NFS - - - 0 0 0 2020-01-30 Stephen Smalley Superseded
[v2,1/2] testsuite: provide support for testing labeled NFS [v2,1/2] testsuite: provide support for testing labeled NFS - - - 0 0 0 2020-01-30 Stephen Smalley Superseded
testsuite: add further nfs tests testsuite: add further nfs tests - - - 0 0 0 2020-01-30 Stephen Smalley Superseded
testsuite: provide support for testing labeled NFS testsuite: provide support for testing labeled NFS - - - 0 0 0 2020-01-30 Stephen Smalley Superseded
testsuite: enable running over labeled NFS testsuite: enable running over labeled NFS - - - 0 0 0 2020-01-29 Stephen Smalley Accepted
[v2] selinux: remove unused initial SIDs and improve handling [v2] selinux: remove unused initial SIDs and improve handling - - - 0 0 0 2020-01-29 Stephen Smalley Changes Requested
[v2] libsepol,checkpolicy: support omitting unused initial sid contexts [v2] libsepol,checkpolicy: support omitting unused initial sid contexts 1 - - 0 0 0 2020-01-29 Stephen Smalley Accepted
libsepol,checkpolicy: support omitting unused initial sid contexts libsepol,checkpolicy: support omitting unused initial sid contexts - - - 0 0 0 2020-01-28 Stephen Smalley Superseded
selinux: remove unused initial SIDs and improve handling selinux: remove unused initial SIDs and improve handling - - - 0 0 0 2020-01-27 Stephen Smalley Superseded
testsuite/policy: fixes for running on a labeled NFS mount testsuite/policy: fixes for running on a labeled NFS mount - - - 0 0 0 2020-01-23 Stephen Smalley Accepted
[v4] libsepol,checkpolicy: remove use of hardcoded security class values [v4] libsepol,checkpolicy: remove use of hardcoded security class values 1 - - 0 0 0 2020-01-21 Stephen Smalley Accepted
libselinux: export flush_class_cache(), call it on policyload libselinux: export flush_class_cache(), call it on policyload - - - 0 0 0 2020-01-21 Stephen Smalley Accepted
[v2] selinux: fix regression introduced by move_mount(2) syscall [v2] selinux: fix regression introduced by move_mount(2) syscall - 2 - 0 0 0 2020-01-17 Stephen Smalley Accepted
[v3] libsepol,checkpolicy: remove use of hardcoded security class values [v3] libsepol,checkpolicy: remove use of hardcoded security class values - - - 0 0 0 2020-01-17 Stephen Smalley Superseded
libselinux: update man pages for userspace policy enforcers libselinux: update man pages for userspace policy enforcers - - - 0 0 0 2020-01-17 Stephen Smalley Accepted
[v2] libsepol,checkpolicy: remove use of hardcoded security class values [v2] libsepol,checkpolicy: remove use of hardcoded security class values - - - 0 0 0 2020-01-16 Stephen Smalley Superseded
libsepol,checkpolicy: remove use of hardcoded security class values libsepol,checkpolicy: remove use of hardcoded security class values - - - 0 0 0 2020-01-16 Stephen Smalley Superseded
libselinux: remove flask.h and av_permissions.h libselinux: remove flask.h and av_permissions.h 1 - - 0 0 0 2020-01-15 Stephen Smalley Accepted
[RFC] selinux: implement move_mount hook [RFC] selinux: implement move_mount hook - - - 0 0 0 2020-01-13 Stephen Smalley Superseded
selinux: make default_noexec read-only after init selinux: make default_noexec read-only after init - - - 0 0 0 2020-01-08 Stephen Smalley Accepted
Documentation,selinux: deprecate setting checkreqprot to 1 Documentation,selinux: deprecate setting checkreqprot to 1 - - - 0 0 0 2020-01-08 Stephen Smalley Accepted
[RFC] selinux: deprecate setting checkreqprot to 1 [RFC] selinux: deprecate setting checkreqprot to 1 - - - 0 0 0 2020-01-07 Stephen Smalley RFC
Documentation,selinux: fix references to old selinuxfs mount point Documentation,selinux: fix references to old selinuxfs mount point - - - 0 0 0 2020-01-07 Stephen Smalley Accepted
Documentation,selinux: fix references to old selinuxfs mount point Documentation,selinux: fix references to old selinuxfs mount point - - - 0 0 0 2020-01-07 Stephen Smalley Changes Requested
[v2] selinux: clean up selinux_enabled/disabled/enforcing_boot [v2] selinux: clean up selinux_enabled/disabled/enforcing_boot - - - 0 0 0 2019-12-17 Stephen Smalley Accepted
[RFC] selinux: randomize layout of key structures [RFC] selinux: randomize layout of key structures - 1 - 0 0 0 2019-12-13 Stephen Smalley Accepted
[RFC] selinux: clean up selinux_enabled/disabled [RFC] selinux: clean up selinux_enabled/disabled - - - 0 0 0 2019-12-13 Stephen Smalley Superseded
security: only build lsm_audit if CONFIG_SECURITY=y security: only build lsm_audit if CONFIG_SECURITY=y - - - 0 0 0 2019-12-10 Stephen Smalley Accepted
[v4] selinux-testsuite: add lockdown tests [v4] selinux-testsuite: add lockdown tests - - - 0 0 0 2019-12-10 Stephen Smalley Accepted
[RFC,v3] selinux-testsuite: add lockdown tests [RFC,v3] selinux-testsuite: add lockdown tests - - - 0 0 0 2019-11-27 Stephen Smalley Superseded
[RFC,v2] selinux-testsuite: add lockdown tests [RFC,v2] selinux-testsuite: add lockdown tests - - - 0 0 0 2019-11-27 Stephen Smalley Superseded
[RFC,v2] security,lockdown,selinux: implement SELinux lockdown [RFC,v2] security,lockdown,selinux: implement SELinux lockdown - 1 - 0 0 0 2019-11-27 Stephen Smalley Accepted
selinux: clean up selinux_inode_permission MAY_NOT_BLOCK tests selinux: clean up selinux_inode_permission MAY_NOT_BLOCK tests - - - 0 0 0 2019-11-22 Stephen Smalley Accepted
[2/2] selinux: fall back to ref-walk if audit is required [1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" - - - 0 0 0 2019-11-22 Stephen Smalley Accepted
[1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" [1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" - - - 0 0 0 2019-11-22 Stephen Smalley Accepted
[RFC,2/2] selinux: fall back to ref-walk upon LSM_AUDIT_DATA_DENTRY too [RFC,1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" - - - 0 0 0 2019-11-21 Stephen Smalley Superseded
[RFC,1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" [RFC,1/2] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link" - - - 0 0 0 2019-11-21 Stephen Smalley Superseded
[v3] selinux-testsuite: add tests for fsnotify [v3] selinux-testsuite: add tests for fsnotify - - - 0 0 0 2019-10-31 Stephen Smalley Accepted
[RFC] selinux-testsuite: add lockdown tests [RFC] selinux-testsuite: add lockdown tests - - - 0 0 0 2019-10-30 Stephen Smalley Superseded
[RFC] selinux: add SELinux hooks for lockdown integrity and confidentiality [RFC] selinux: add SELinux hooks for lockdown integrity and confidentiality - - - 0 0 0 2019-10-30 Stephen Smalley Superseded
[RFC,11/10] selinux: fix support multiple selinuxfs instances Untitled series #188777 - - - 0 0 0 2019-10-16 Stephen Smalley Accepted
[RFC,10/10] selinuxfs: restrict write operations to the same selinux namespace SELinux namespace series, re-based - - - 0 0 0 2019-10-15 Stephen Smalley Accepted
[RFC,09/10] selinux: add a selinuxfs interface to unshare selinux namespace SELinux namespace series, re-based - - - 0 0 0 2019-10-15 Stephen Smalley Accepted
[RFC,08/10] selinux: introduce cred_selinux_ns() and use it SELinux namespace series, re-based - - - 0 0 0 2019-10-15 Stephen Smalley Accepted
[RFC,07/10] selinux: support per-task/cred selinux namespace SELinux namespace series, re-based - - - 0 0 0 2019-10-15 Stephen Smalley Accepted
[RFC,06/10] netns,selinux: create the selinux netlink socket per network namespace SELinux namespace series, re-based - - - 0 0 0 2019-10-15 Stephen Smalley Accepted
[RFC,05/10] selinux: Annotate lockdep for services locks SELinux namespace series, re-based - - - 0 0 0 2019-10-15 Stephen Smalley Accepted
[RFC,04/10] selinuxns: mark init_selinux_ns as __ro_after_init SELinux namespace series, re-based - - - 0 0 0 2019-10-15 Stephen Smalley Accepted
[RFC,03/10] selinux: dynamically allocate selinux namespace SELinux namespace series, re-based - - - 0 0 0 2019-10-15 Stephen Smalley Accepted
[RFC,02/10] selinux: support multiple selinuxfs instances SELinux namespace series, re-based - - - 0 0 0 2019-10-15 Stephen Smalley Accepted
[v2] python/sepolicy: call segenxml.py with python3 [v2] python/sepolicy: call segenxml.py with python3 1 - - 0 0 0 2019-10-09 Stephen Smalley Accepted
python/sepolicy: call segenxml.py with python3 python/sepolicy: call segenxml.py with python3 1 - - 0 0 0 2019-09-26 Stephen Smalley Superseded
selinux-testsuite: drop use of userdom_read_inherited_user_tmp_files selinux-testsuite: drop use of userdom_read_inherited_user_tmp_files - - 1 0 0 0 2019-09-18 Stephen Smalley Accepted
selinux-testsuite: apply perltidy to infiniband test scripts selinux-testsuite: apply perltidy to infiniband test scripts - - - 0 0 0 2019-09-18 Stephen Smalley Accepted
selinux-testsuite: fix test/file to avoid noise in test output selinux-testsuite: fix test/file to avoid noise in test output - - - 0 0 0 2019-09-18 Stephen Smalley Accepted
selinux: fix residual uses of current_security() for the SELinux blob selinux: fix residual uses of current_security() for the SELinux blob 1 1 - 0 0 0 2019-09-04 Stephen Smalley Accepted
selinux-testsuite: fix old python shebang in tests/overlay/access selinux-testsuite: fix old python shebang in tests/overlay/access - - - 0 0 0 2019-06-19 Stephen Smalley Accepted
scripts/selinux: fix build scripts/selinux: fix build - - - 0 0 0 2019-03-19 Stephen Smalley Accepted
[v3] libselinux: selinux_set_mapping: fix handling of unknown classes/perms [v3] libselinux: selinux_set_mapping: fix handling of unknown classes/perms 1 - - 0 0 0 2019-02-25 Stephen Smalley Accepted
[v2] libselinux: selinux_set_mapping: fix handling of unknown classes/perms [v2] libselinux: selinux_set_mapping: fix handling of unknown classes/perms - - - 0 0 0 2019-02-22 Stephen Smalley Superseded
libselinux: selinux_set_mapping: fix handling of unknown classes/perms libselinux: selinux_set_mapping: fix handling of unknown classes/perms - - - 0 0 0 2019-02-22 Stephen Smalley Superseded
[v6] scripts/selinux: modernize mdp [v6] scripts/selinux: modernize mdp 1 - - 0 0 0 2019-02-21 Stephen Smalley Accepted
scripts/selinux: modernize mdp scripts/selinux: modernize mdp - - - 0 0 0 2019-02-21 Stephen Smalley Superseded
[v3] scripts/selinux: add basic mls support to mdp [v3] scripts/selinux: add basic mls support to mdp - - - 0 0 0 2019-02-15 Stephen Smalley Superseded
[v2] scripts/selinux: add basic mls support to mdp [v2] scripts/selinux: add basic mls support to mdp - - - 0 0 0 2019-02-15 Stephen Smalley Superseded
scripts/selinux: add basic mls support to mdp scripts/selinux: add basic mls support to mdp - - - 0 0 0 2019-02-14 Stephen Smalley Superseded
selinux-testsuite: fix userspace, refpolicy, and mailing list selinux-testsuite: fix userspace, refpolicy, and mailing list - - - 0 0 0 2019-02-14 Stephen Smalley Accepted
selinux: fix avc audit messages selinux: fix avc audit messages - - - 0 0 0 2019-02-05 Stephen Smalley Accepted
[v2] setsebool: support use of -P on SELinux-disabled hosts [v2] setsebool: support use of -P on SELinux-disabled hosts 1 - - 0 0 0 2019-01-10 Stephen Smalley Accepted
setsebool: support use of -P on SELinux-disabled hosts setsebool: support use of -P on SELinux-disabled hosts - - - 0 0 0 2019-01-10 Stephen Smalley Not Applicable
[v2] libsemanage: set selinux policy root around calls to selinux_boolean_sub [v2] libsemanage: set selinux policy root around calls to selinux_boolean_sub 1 - - 0 0 0 2019-01-08 Stephen Smalley Not Applicable
libsemanage: set selinux policy root around calls to selinux_boolean_sub libsemanage: set selinux policy root around calls to selinux_boolean_sub - - - 0 0 0 2019-01-07 Stephen Smalley Not Applicable
[3/7] selinux: convert to kvmalloc Untitled series #57711 - - - 0 0 0 2018-12-17 Stephen Smalley Changes Requested
[2/2] selinux: stop passing MAY_NOT_BLOCK to the AVC upon follow_link [1/2] selinux: avoid silent denials in permissive mode under RCU walk - - - 0 0 0 2018-12-12 Stephen Smalley Accepted
[1/2] selinux: avoid silent denials in permissive mode under RCU walk [1/2] selinux: avoid silent denials in permissive mode under RCU walk - - - 0 0 0 2018-12-12 Stephen Smalley Accepted
[RFC,v2,2/2] selinux: stop passing MAY_NOT_BLOCK to the AVC upon follow_link [RFC,v2,1/2] selinux: avoid silent denials in permissive mode under RCU walk - - - 0 0 0 2018-12-07 Stephen Smalley Superseded
[RFC,v2,1/2] selinux: avoid silent denials in permissive mode under RCU walk [RFC,v2,1/2] selinux: avoid silent denials in permissive mode under RCU walk - - - 0 0 0 2018-12-07 Stephen Smalley Superseded
[RFC] selinux: avoid silent denials in permissive mode under RCU walk [RFC] selinux: avoid silent denials in permissive mode under RCU walk - - - 0 0 0 2018-12-04 Stephen Smalley Superseded
README: Update the SELinux mailing list location README: Update the SELinux mailing list location - - - 0 0 0 2018-10-10 Stephen Smalley Not Applicable
libselinux: fix selinux_restorecon() on non-SELinux hosts libselinux: fix selinux_restorecon() on non-SELinux hosts - - - 0 0 0 2018-09-26 Stephen Smalley Accepted
selinux: fix mounting of cgroup2 under older policies selinux: fix mounting of cgroup2 under older policies - - 1 0 0 0 2018-09-04 Stephen Smalley Accepted
[RFC,1/1] selinux-testsuite: Add binder tests - - - 0 0 0 2018-05-15 Stephen Smalley Superseded
libsepol: cil: prevent stack buffer overflow in cil_expr_to_string - - - 0 0 0 2018-05-09 Stephen Smalley Not Applicable
libsemanage: prevent string overflow on final paths - - - 0 0 0 2018-05-08 Stephen Smalley Not Applicable
[4/4] libselinux: audit2why: fix build warnings - - - 0 0 0 2018-05-03 Stephen Smalley Not Applicable
[3/4] libselinux: avcstat: fix build warning - - - 0 0 0 2018-05-03 Stephen Smalley Not Applicable
[2/4] libselinux: fix build warning in save_booleans() - - - 0 0 0 2018-05-03 Stephen Smalley Not Applicable
[1/4] libsepol: remove unused function and type - - - 0 0 0 2018-05-03 Stephen Smalley Not Applicable
« 1 2 3 »