Show patches with: Archived = No       |   9442 patches
« 1 2 3 494 95 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[RFC,02/44] selinux: introduce current_selinux_state SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[RFC,01/44] selinux: restore passing of selinux_state SELinux namespace support - - - --- 2025-01-02 Stephen Smalley pcmoore New
[1/2] libsepol: fix typos [1/2] libsepol: fix typos 1 - - --- 2024-12-30 Christian Göttsche bachradsusi Accepted
[2/2] python: fix typos [1/2] libsepol: fix typos - - - --- 2024-12-30 Christian Göttsche bachradsusi Accepted
libselinux: avoid quadratic complexity for many regex specs validation libselinux: avoid quadratic complexity for many regex specs validation - - - --- 2024-12-30 Christian Göttsche bachradsusi New
libselinux: update max node depth libselinux: update max node depth - - - --- 2024-12-30 Christian Göttsche bachradsusi New
semanage: improve -e documentation and fix delete operation semanage: improve -e documentation and fix delete operation - - - --- 2024-12-30 Christian Göttsche bachradsusi Superseded
[linux-next,2/2] perf: Return EACCESS when need perfmon capability Fix perf security check problem - - - --- 2024-12-23 Luo Gengkun pcmoore Under Review
[linux-next,1/2] perf: Remove unnecessary parameter of security check Fix perf security check problem - - - --- 2024-12-23 Luo Gengkun pcmoore Under Review
[v2] selinux: match extended permissions to their base permissions [v2] selinux: match extended permissions to their base permissions - - - --- 2024-12-20 Thiébaud Weksteen pcmoore Accepted
[1/2] lsm: add LSM hooks for io_uring_setup() [1/2] lsm: add LSM hooks for io_uring_setup() - - - --- 2024-12-19 Hamza Mahfooz pcmoore Handled Elsewhere
lsm,io_uring: add LSM hooks for io_uring_setup() lsm,io_uring: add LSM hooks for io_uring_setup() - - - --- 2024-12-19 Hamza Mahfooz pcmoore Handled Elsewhere
[GIT,PULL] selinux/selinux-pr-20241217 [GIT,PULL] selinux/selinux-pr-20241217 - - - --- 2024-12-18 Paul Moore pcmoore Accepted
[6/6] Audit: Add record for multiple object contexts [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore Handled Elsewhere
[5/6] Audit: multiple subject lsm values for netlabel [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore Handled Elsewhere
[4/6] Audit: Add record for multiple task security contexts [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore Handled Elsewhere
[3/6] LSM: security_lsmblob_to_secctx module selection [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore Handled Elsewhere
[2/6] Audit: Allow multiple records in an audit_buffer [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore Handled Elsewhere
[1/6] Audit: Create audit_stamp structure [1/6] Audit: Create audit_stamp structure - - - --- 2024-12-17 Casey Schaufler pcmoore Handled Elsewhere
libselinux/fuzz: readjust load_mmap() update libselinux/fuzz: readjust load_mmap() update 1 - - --- 2024-12-17 Christian Göttsche bachradsusi Accepted
[RFC,1/3] libsepol: update sort order for netifcon definitions [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC,3/3] secilc/test: add test for wildcard netifcon statement [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC,2/3] checkpolicy: add support for wildcard netifcon names [RFC,1/3] libsepol: update sort order for netifcon definitions - - - --- 2024-12-17 Christian Göttsche bachradsusi New
[RFC] selinux: support wildcard network interface names [RFC] selinux: support wildcard network interface names - - - --- 2024-12-17 Christian Göttsche pcmoore New
[RFC,v2,22/22] selinux: restrict policy strings [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,21/22] selinux: check for simple types [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,20/22] selinux: more strict bounds check [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,19/22] selinux: validate symbols [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,18/22] selinux: beef up isvalid checks [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,17/22] selinux: reorder policydb_index() [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,16/22] selinux: check type attr map overflows [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,15/22] selinux: introduce ebitmap_highest_set_bit() [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,14/22] selinux: pre-validate conditional expressions [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,13/22] selinux: validate constraints [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,12/22] selinux: check length fields in policies [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,11/22] selinux: more strict policy parsing [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,10/22] selinux: use u16 for security classes [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Under Review
[RFC,v2,09/22] selinux: make use of str_read() [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Accepted
[RFC,v2,08/22] selinux: avoid unnecessary indirection in struct level_datum [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Accepted
[RFC,v2,07/22] selinux: use known type instead of void pointer [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Accepted
[RFC,v2,06/22] selinux: rename comparison functions for clarity [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Accepted
[RFC,v2,05/22] selinux: avoid nontransitive comparison [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Changes Requested
[RFC,v2,04/22] selinux: rework match_ipv6_addrmask() [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Accepted
[RFC,v2,03/22] selinux: align and constify functions [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Accepted
[RFC,v2,02/22] selinux: avoid using types indicating user space interaction [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Accepted
[RFC,v2,01/22] selinux: supply missing field initializers [RFC,v2,01/22] selinux: supply missing field initializers - - - --- 2024-12-16 Christian Göttsche pcmoore Accepted
[RFC,v2] libselinux: restore previous regex spec ordering [RFC,v2] libselinux: restore previous regex spec ordering 1 - - --- 2024-12-12 Christian Göttsche bachradsusi Accepted
libsemanage: Mute error messages from selinux_restorecon libsemanage: Mute error messages from selinux_restorecon 1 - - --- 2024-12-12 Vit Mojzis bachradsusi Accepted
selinux: Read sk->sk_family once in selinux_socket_bind() selinux: Read sk->sk_family once in selinux_socket_bind() 1 - - --- 2024-12-12 Mikhail Ivanov pcmoore Under Review
[RFC] libselinux: restore previous regex spec ordering [RFC] libselinux: restore previous regex spec ordering - - - --- 2024-12-11 Christian Göttsche bachradsusi Superseded
[9/9] Revert "libselinux: rework selabel_file(5) database" [1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile" - - - --- 2024-12-11 James Carter bachradsusi Rejected
[8/9] Revert "libselinux: add selabel_file(5) fuzzer" [1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile" - - - --- 2024-12-11 James Carter bachradsusi Rejected
[7/9] Revert "libselinux: support parallel selabel_lookup(3)" [1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile" - - - --- 2024-12-11 James Carter bachradsusi Rejected
[6/9] Revert "libselinux: move functions out of header file" [1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile" - - - --- 2024-12-11 James Carter bachradsusi Rejected
[5/9] Revert "libselinux: avoid memory allocation in common file label lookup" [1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile" - - - --- 2024-12-11 James Carter bachradsusi Rejected
[4/9] Revert "libselinux: use vector instead of linked list for substitutions" [1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile" - - - --- 2024-12-11 James Carter bachradsusi Rejected
[3/9] Revert "libselinux: simplify string formatting" [1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile" - - - --- 2024-12-11 James Carter bachradsusi Rejected
[2/9] Revert "libselinux/utils: use correct error handling" [1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile" - - - --- 2024-12-11 James Carter bachradsusi Rejected
[1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile" [1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile" - - - --- 2024-12-11 James Carter bachradsusi Rejected
selinux: support wildcard match in genfscon selinux: support wildcard match in genfscon - - - --- 2024-12-10 Takaya Saeki pcmoore Under Review
selinux: KASAN; slab-out-of-bounds in avc_lookup selinux: KASAN; slab-out-of-bounds in avc_lookup - - - --- 2024-12-10 Joey Jiao pcmoore Under Review
libselinux/fuzz: update for lookup_all() change libselinux/fuzz: update for lookup_all() change 1 - - --- 2024-12-05 Christian Göttsche bachradsusi Accepted
[RFC] genfscon wildcard support for faster sysfs labeling [RFC] genfscon wildcard support for faster sysfs labeling - - - --- 2024-12-05 Takaya Saeki pcmoore Superseded
selinux: match extended permissions to their base permissions selinux: match extended permissions to their base permissions - - - --- 2024-12-05 Thiébaud Weksteen pcmoore Changes Requested
[v2] selinux: add netlink nlmsg_type audit message [v2] selinux: add netlink nlmsg_type audit message - - - --- 2024-12-05 Thiébaud Weksteen pcmoore Accepted
[v2] selinux: ignore unknown extended permissions [v2] selinux: ignore unknown extended permissions - - - --- 2024-12-05 Thiébaud Weksteen pcmoore Accepted
libsepol: add missing word separators in error message libsepol: add missing word separators in error message 1 - - --- 2024-12-04 Christian Göttsche bachradsusi Accepted
selinux: ignore unknown extended permissions selinux: ignore unknown extended permissions - - - --- 2024-12-03 Thiébaud Weksteen pcmoore Changes Requested
[v2] libselinux/utils: drop reachable assert in sefcontext_compile [v2] libselinux/utils: drop reachable assert in sefcontext_compile 1 - 1 --- 2024-12-03 Christian Göttsche bachradsusi Accepted
libselinux/utils: drop reachable assert in sefcontext_compile libselinux/utils: drop reachable assert in sefcontext_compile - - - --- 2024-12-03 Christian Göttsche Superseded
[RFC] Introduce POLICYDB_VERSION_KERNEL_MAX [RFC] Introduce POLICYDB_VERSION_KERNEL_MAX - - - --- 2024-12-02 Christian Göttsche Rejected
checkpolicy: drop host bits in IPv6 CIDR address checkpolicy: drop host bits in IPv6 CIDR address 1 - - --- 2024-12-02 Christian Göttsche bachradsusi Accepted
Always build for LFS mode on 32-bit archs. Always build for LFS mode on 32-bit archs. 1 - - --- 2024-11-28 Christian Göttsche bachradsusi Accepted
libsepol: avoid unnecessary memset(3) calls in hashtab libsepol: avoid unnecessary memset(3) calls in hashtab 1 - - --- 2024-11-28 Christian Göttsche bachradsusi Accepted
libselinux/utils: use correct error handling libselinux/utils: use correct error handling 1 - - --- 2024-11-28 Christian Göttsche bachradsusi Accepted
[RFC] ioctl: add test for conditional xperms [RFC] ioctl: add test for conditional xperms 1 - 1 --- 2024-11-28 Christian Göttsche omos Accepted
[v2] selinux: add generated av_permissions.h to targets [v2] selinux: add generated av_permissions.h to targets - 1 - --- 2024-11-27 Thomas Weißschuh pcmoore Accepted
[net] selinux: use sk_to_full_sk() in selinux_ip_output() [net] selinux: use sk_to_full_sk() in selinux_ip_output() 1 1 - --- 2024-11-26 Eric Dumazet pcmoore Handled Elsewhere
[v3,3/3] libselinux: simplify string formatting [v3,1/3] libselinux: avoid memory allocation in common file label lookup - - - --- 2024-11-26 Christian Göttsche bachradsusi Accepted
[v3,2/3] libselinux: use vector instead of linked list for substitutions [v3,1/3] libselinux: avoid memory allocation in common file label lookup - - - --- 2024-11-26 Christian Göttsche bachradsusi Accepted
[v3,1/3] libselinux: avoid memory allocation in common file label lookup [v3,1/3] libselinux: avoid memory allocation in common file label lookup 1 - - --- 2024-11-26 Christian Göttsche bachradsusi Accepted
[v2] bpf, lsm: Remove getlsmprop hooks BTF IDs [v2] bpf, lsm: Remove getlsmprop hooks BTF IDs - - - --- 2024-11-25 Thomas Weißschuh pcmoore Handled Elsewhere
[v2,3/3] libselinux: simplify string formatting [v2,1/3] libselinux: avoid memory allocation in common file label lookup - - - --- 2024-11-25 Christian Göttsche bachradsusi Superseded
[v2,2/3] libselinux: use vector instead of linked list for substitutions [v2,1/3] libselinux: avoid memory allocation in common file label lookup - - - --- 2024-11-25 Christian Göttsche bachradsusi Superseded
[v2,1/3] libselinux: avoid memory allocation in common file label lookup [v2,1/3] libselinux: avoid memory allocation in common file label lookup - - - --- 2024-11-25 Christian Göttsche bachradsusi Superseded
[v2,9/9] libsemanage: respect shell paths with /usr prefix [v2,1/9] libsemanage: set O_CLOEXEC flag for file descriptors 1 - - --- 2024-11-25 Christian Göttsche bachradsusi Accepted
[v2,8/9] libsemanage/man: add documentation for command overrides [v2,1/9] libsemanage: set O_CLOEXEC flag for file descriptors - - - --- 2024-11-25 Christian Göttsche bachradsusi Accepted
[v2,7/9] libsemanage: optimize policy by default [v2,1/9] libsemanage: set O_CLOEXEC flag for file descriptors - - - --- 2024-11-25 Christian Göttsche bachradsusi Accepted
[v2,6/9] libsemanage: simplify file deletion [v2,1/9] libsemanage: set O_CLOEXEC flag for file descriptors - - - --- 2024-11-25 Christian Göttsche bachradsusi Accepted
[v2,5/9] libsemanage: check closing written files [v2,1/9] libsemanage: set O_CLOEXEC flag for file descriptors - - - --- 2024-11-25 Christian Göttsche bachradsusi Accepted
[v2,4/9] libsemanage: drop duplicate newlines and error descriptions in error messages [v2,1/9] libsemanage: set O_CLOEXEC flag for file descriptors - - - --- 2024-11-25 Christian Göttsche bachradsusi Accepted
[v2,3/9] libsemanage: handle shell allocation failure [v2,1/9] libsemanage: set O_CLOEXEC flag for file descriptors - - - --- 2024-11-25 Christian Göttsche bachradsusi Accepted
[v2,2/9] libsemanage: handle cil_set_handle_unknown() failure [v2,1/9] libsemanage: set O_CLOEXEC flag for file descriptors - - - --- 2024-11-25 Christian Göttsche bachradsusi Accepted
[v2,1/9] libsemanage: set O_CLOEXEC flag for file descriptors [v2,1/9] libsemanage: set O_CLOEXEC flag for file descriptors - - - --- 2024-11-25 Christian Göttsche bachradsusi Accepted
selinux: use native iterator types selinux: use native iterator types - - - --- 2024-11-25 Christian Göttsche pcmoore Accepted
bpf, lsm: Fix getlsmprop hooks BTF IDs bpf, lsm: Fix getlsmprop hooks BTF IDs 1 - - --- 2024-11-23 Thomas Weißschuh pcmoore Handled Elsewhere
[2/2] selinux: use vector instead of linked list for substitutions [1/2] libselinux: avoid memory allocation in common file label lookup - - - --- 2024-11-22 Christian Göttsche bachradsusi Superseded
[1/2] libselinux: avoid memory allocation in common file label lookup [1/2] libselinux: avoid memory allocation in common file label lookup - - - --- 2024-11-22 Christian Göttsche bachradsusi Superseded
[2/2] libselinux: harden availability check against user CFLAGS [1/2] libsepol: harden availability check against user CFLAGS - - - --- 2024-11-20 Christian Göttsche bachradsusi Accepted
[1/2] libsepol: harden availability check against user CFLAGS [1/2] libsepol: harden availability check against user CFLAGS 1 - - --- 2024-11-20 Christian Göttsche bachradsusi Accepted
« 1 2 3 494 95 »