Show patches with: Archived = No       |   9250 patches
« 1 2 ... 21 22 2392 93 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v36,08/33] LSM: Use lsmblob in security_secctx_to_secid [v36,01/33] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2022-06-09 Casey Schaufler pcmoore Changes Requested
[v36,07/33] LSM: Use lsmblob in security_kernel_act_as [v36,01/33] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2022-06-09 Casey Schaufler pcmoore Changes Requested
[v36,06/33] LSM: Use lsmblob in security_audit_rule_match [v36,01/33] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2022-06-09 Casey Schaufler pcmoore Changes Requested
[v36,05/33] IMA: avoid label collisions with stacked LSMs [v36,01/33] integrity: disassociate ima_filter_rule from security_audit_rule - - - --- 2022-06-09 Casey Schaufler pcmoore Changes Requested
[v36,04/33] LSM: provide lsm name and id slot mappings [v36,01/33] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2022-06-09 Casey Schaufler pcmoore Changes Requested
[v36,03/33] LSM: Add the lsmblob data structure. [v36,01/33] integrity: disassociate ima_filter_rule from security_audit_rule - 2 - --- 2022-06-09 Casey Schaufler pcmoore Changes Requested
[v36,02/33] LSM: Infrastructure management of the sock security [v36,01/33] integrity: disassociate ima_filter_rule from security_audit_rule 2 2 - --- 2022-06-09 Casey Schaufler pcmoore Changes Requested
[v36,01/33] integrity: disassociate ima_filter_rule from security_audit_rule [v36,01/33] integrity: disassociate ima_filter_rule from security_audit_rule 1 1 - --- 2022-06-09 Casey Schaufler pcmoore Changes Requested
selinux: fix typos in comments selinux: fix typos in comments - - - --- 2022-06-08 Jonas Lindner pcmoore Accepted
[userspace,2/2] semodule: rename --rebuild-if-modules-changed to --refresh Refine semantics of libsemanage's check_ext_changes - - - --- 2022-06-08 Ondrej Mosnacek Accepted
[userspace,1/2] libsemanage: always write kernel policy when check_ext_changes is specified Refine semantics of libsemanage's check_ext_changes 1 - - --- 2022-06-08 Ondrej Mosnacek Accepted
[v3] cred: Propagate security_prepare_creds() error code [v3] cred: Propagate security_prepare_creds() error code 2 1 - --- 2022-06-08 Frederick Lawler pcmoore Handled Elsewhere
[v2,3/4] libselinux: name parameters in context.h Untitled series #648107 - - - --- 2022-06-07 Christian Göttsche Accepted
[v4,4/4] libselinux: check for truncations Untitled series #648106 - - - --- 2022-06-07 Christian Göttsche Accepted
[v2] libselinux: restorecon: avoid printing NULL pointer [v2] libselinux: restorecon: avoid printing NULL pointer 1 - - --- 2022-06-07 Christian Göttsche Accepted
[RFC] f*xattr: allow O_PATH descriptors [RFC] f*xattr: allow O_PATH descriptors - 1 - --- 2022-06-07 Christian Göttsche pcmoore Handled Elsewhere
libsepol: fix validation of user declarations in modules libsepol: fix validation of user declarations in modules 1 - - --- 2022-06-07 Christian Göttsche Accepted
libsepol: Drop unused assignment libsepol: Drop unused assignment 1 - - --- 2022-06-07 Petr Lautrbach Accepted
[testsuite] tests/sctp: temporarily disable ASCONF tests [testsuite] tests/sctp: temporarily disable ASCONF tests - - - --- 2022-06-02 Ondrej Mosnacek omos Accepted
Revert "libselinux: restorecon: pin file to avoid TOCTOU issues" Revert "libselinux: restorecon: pin file to avoid TOCTOU issues" 1 - - --- 2022-05-31 Petr Lautrbach Accepted
python: Split "semanage import" into two transactions python: Split "semanage import" into two transactions 1 - - --- 2022-05-30 Vit Mojzis Accepted
[1/1] libselinux: do not return the cached prev_current value when using getpidcon() [1/1] libselinux: do not return the cached prev_current value when using getpidcon() 1 - - --- 2022-05-29 Nicolas Iooss Accepted
[v2] network_support.md: clarify local port range and name_bind [v2] network_support.md: clarify local port range and name_bind - - - --- 2022-05-27 Dominick Grift pcmoore Accepted
[v2] cred: Propagate security_prepare_creds() error code [v2] cred: Propagate security_prepare_creds() error code 2 1 - --- 2022-05-25 Frederick Lawler pcmoore Handled Elsewhere
[GIT,PULL] SELinux patches for v5.19 [GIT,PULL] SELinux patches for v5.19 - - - --- 2022-05-23 Paul Moore pcmoore Accepted
[SELinux-notebook] network_support.md: clarify local port range and name_bind [SELinux-notebook] network_support.md: clarify local port range and name_bind - - - --- 2022-05-23 Dominick Grift pcmoore Changes Requested
cred: Propagate security_prepare_creds() error code cred: Propagate security_prepare_creds() error code - 1 - --- 2022-05-20 Frederick Lawler pcmoore Superseded
semodule: avoid toctou on output module semodule: avoid toctou on output module 1 - - --- 2022-05-20 Christian Göttsche Accepted
libselinux: declare return value of context_str(3) const libselinux: declare return value of context_str(3) const 1 - - --- 2022-05-20 Christian Göttsche Accepted
[4/4] libselinux: declare parameter of security_load_policy(3) const [1/4] libselinux: add man page redirections - - - --- 2022-05-20 Christian Göttsche Accepted
[3/4] libselinux: name parameters in context.h [1/4] libselinux: add man page redirections - - - --- 2022-05-20 Christian Göttsche Accepted
[2/4] libselinux: enclose macro definition in parenthesis [1/4] libselinux: add man page redirections - - - --- 2022-05-20 Christian Göttsche Accepted
python/audit2allow: close file stream on error python/audit2allow: close file stream on error 1 - - --- 2022-05-20 Christian Göttsche Accepted
[v3,4/4] libselinux: check for truncations Untitled series #643600 - - - --- 2022-05-20 Christian Göttsche Accepted
[GIT,PULL] SELinux fixes for v5.18 (#1) [GIT,PULL] SELinux fixes for v5.18 (#1) - - - --- 2022-05-18 Paul Moore pcmoore Accepted
selinux: add __randomize_layout to selinux_audit_data selinux: add __randomize_layout to selinux_audit_data - - - --- 2022-05-18 Gong Ruiqi pcmoore Accepted
[RFC,v2,4/4] libselinux: check for truncations Untitled series #642403 - - - --- 2022-05-17 Christian Göttsche Accepted
[2/2] libselinux: restorecon: avoid printing NULL pointer [1/2] libselinux: restorecon: add fallback for pre 3.6 Linux - - - --- 2022-05-17 Christian Göttsche Accepted
ci: declare git repository a safe directory ci: declare git repository a safe directory 1 - - --- 2022-05-17 Christian Göttsche Accepted
selinux: fix bad cleanup on error in hashtab_duplicate() selinux: fix bad cleanup on error in hashtab_duplicate() - - - --- 2022-05-17 Ondrej Mosnacek pcmoore Accepted
[userspace,v4,2/2] libsepol,checkpolicy: add support for self keyword in type transitions Support the 'self' keyword in type transitions - - - --- 2022-05-13 Ondrej Mosnacek Accepted
[userspace,v4,1/2] libsepol/cil: add support for self keyword in type transitions Support the 'self' keyword in type transitions - - - --- 2022-05-13 Ondrej Mosnacek Accepted
[RFC,4/4] libselinux: restorecon: pin file to avoid TOCTOU issues [RFC] libselinux: emulate O_PATH support in fgetfilecon/fsetfilecon 1 - - --- 2022-05-11 Christian Göttsche Accepted
[RFC,3/4] libselinux: restorecon: forward error if not ENOENT [RFC] libselinux: emulate O_PATH support in fgetfilecon/fsetfilecon 1 - - --- 2022-05-11 Christian Göttsche Accepted
[RFC,2/4] libselinux: restorecon: misc tweaks [RFC] libselinux: emulate O_PATH support in fgetfilecon/fsetfilecon 1 - - --- 2022-05-11 Christian Göttsche Accepted
libselinux: preserve errno in selinux_log() libselinux: preserve errno in selinux_log() 1 - - --- 2022-05-11 Christian Göttsche Accepted
[RFC,4/4] libselinux: check for truncations [RFC,1/4] libselinux: simplify policy path logic to avoid uninitialized read - - - --- 2022-05-10 Christian Göttsche Superseded
[RFC,3/4] libselinux: introduce strlcpy [RFC,1/4] libselinux: simplify policy path logic to avoid uninitialized read - - - --- 2022-05-10 Christian Göttsche Accepted
[RFC,2/4] libselinux: add header guard for internal header [RFC,1/4] libselinux: simplify policy path logic to avoid uninitialized read - - - --- 2022-05-10 Christian Göttsche Accepted
[RFC,1/4] libselinux: simplify policy path logic to avoid uninitialized read [RFC,1/4] libselinux: simplify policy path logic to avoid uninitialized read 1 - - --- 2022-05-10 Christian Göttsche Accepted
libselinux: free memory in error branch libselinux: free memory in error branch 1 - - --- 2022-05-10 Christian Göttsche Accepted
[userspace,v3,2/2] libsepol,checkpolicy: add support for self keyword in type transitions Support the 'self' keyword in type transitions - - - --- 2022-05-10 Ondrej Mosnacek Accepted
[userspace,v3,1/2] libsepol/cil: add support for self keyword in type transitions Support the 'self' keyword in type transitions - - - --- 2022-05-10 Ondrej Mosnacek Accepted
gettext: set _ on module level instead of builtins namespace gettext: set _ on module level instead of builtins namespace 1 - - --- 2022-05-06 Vit Mojzis Accepted
[RFC] libselinux: emulate O_PATH support in fgetfilecon/fsetfilecon [RFC] libselinux: emulate O_PATH support in fgetfilecon/fsetfilecon 1 - - --- 2022-05-05 Christian Göttsche Accepted
libselinux/utils: print errno on failure libselinux/utils: print errno on failure 1 - - --- 2022-05-05 Christian Göttsche Accepted
libselinux: update man page of setfilecon(3) family about context parameter libselinux: update man page of setfilecon(3) family about context parameter 1 - - --- 2022-05-05 Christian Göttsche Accepted
[32/32] esas2r: Use __mem_to_flex() with struct atto_ioctl Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[31/32] xenbus: Use mem_to_flex_dup() with struct read_buffer Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[30/32] usb: gadget: f_fs: Use mem_to_flex_dup() with struct ffs_buffer Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[29/32] xtensa: Use mem_to_flex_dup() with struct property Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[27/32] KEYS: Use mem_to_flex_dup() with struct user_key_payload Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[26/32] ima: Use mem_to_flex_dup() with struct modsig Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[25/32] Drivers: hv: utils: Use mem_to_flex_dup() with struct cn_msg Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[24/32] IB/hfi1: Use mem_to_flex_dup() for struct tid_rb_node Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[23/32] Bluetooth: Use mem_to_flex_dup() with struct hci_op_configure_data_path Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[22/32] atags_proc: Use mem_to_flex_dup() with struct buffer Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[21/32] soc: qcom: apr: Use mem_to_flex_dup() with struct apr_rx_buf Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[20/32] ASoC: sigmadsp: Use mem_to_flex_dup() with struct sigmadsp_data Introduce flexible array struct memcpy() helpers 1 - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[19/32] afs: Use mem_to_flex_dup() with struct afs_acl Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[18/32] firewire: Use __mem_to_flex_dup() with struct iso_interrupt_event Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[17/32] net/flow_offload: Use mem_to_flex_dup() with struct flow_action_cookie Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[16/32] 802/mrp: Use mem_to_flex_dup() with struct mrp_attr Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[15/32] 802/garp: Use mem_to_flex_dup() with struct garp_attr Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[14/32] af_unix: Use mem_to_flex_dup() with struct unix_address Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[13/32] mac80211: Use mem_to_flex_dup() with several structs Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[12/32] cfg80211: Use mem_to_flex_dup() with struct cfg80211_bss_ies Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[11/32] nl80211: Use mem_to_flex_dup() with struct cfg80211_cqm_config Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[10/32] wcn36xx: Use mem_to_flex_dup() with struct wcn36xx_hal_ind_msg Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[09/32] p54: Use mem_to_flex_dup() with struct p54_cal_database Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[08/32] iwlwifi: mvm: Use mem_to_flex_dup() with struct ieee80211_key_conf Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[07/32] iwlwifi: calib: Use mem_to_flex_dup() with struct iwl_calib_result Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[06/32] iwlwifi: calib: Prepare to use mem_to_flex_dup() Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[05/32] brcmfmac: Use mem_to_flex_dup() with struct brcmf_fweh_queue_item Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[04/32] fortify: Add run-time WARN for cross-field memcpy() Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[03/32] flex_array: Add Kunit tests Introduce flexible array struct memcpy() helpers - 1 - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[02/32] Introduce flexible array struct memcpy() helpers Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
[01/32] netlink: Avoid memcpy() across flexible array boundary Introduce flexible array struct memcpy() helpers - - - --- 2022-05-04 Kees Cook pcmoore Handled Elsewhere
fsnotify: add generic perm check for unlink/rmdir fsnotify: add generic perm check for unlink/rmdir - - - --- 2022-05-03 Guowei Du pcmoore Changes Requested
gui: Make sure sepolicy calls are translated properly gui: Make sure sepolicy calls are translated properly - - - --- 2022-05-03 Vit Mojzis Changes Requested
[v2,5/5] setfiles: introduce the -C option for distinguishing file tree walk errors selinux_restorecon(3), setfiles(8): skip relabeling errors - - - --- 2022-05-03 Laszlo Ersek Accepted
[v2,4/5] selinux_restorecon: introduce SELINUX_RESTORECON_COUNT_ERRORS selinux_restorecon(3), setfiles(8): skip relabeling errors - - - --- 2022-05-03 Laszlo Ersek Accepted
[v2,3/5] setfiles: remove useless "iamrestorecon" checks in option parsing selinux_restorecon(3), setfiles(8): skip relabeling errors - 1 - --- 2022-05-03 Laszlo Ersek Accepted
[v2,2/5] setfiles: remove useless assignment and comment (after RHBZ#1926386) selinux_restorecon(3), setfiles(8): skip relabeling errors - - - --- 2022-05-03 Laszlo Ersek Accepted
[v2,1/5] setfiles: fix up inconsistent indentation selinux_restorecon(3), setfiles(8): skip relabeling errors - - - --- 2022-05-03 Laszlo Ersek Accepted
[v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-05-02 Christian Göttsche pcmoore Superseded
[v2,8/8] net: use new capable_or functionality [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - 1 - --- 2022-05-02 Christian Göttsche pcmoore Superseded
[v2,7/8] kernel/bpf: use new capable_or functionality [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-05-02 Christian Göttsche pcmoore Superseded
[v2,6/8] kernel: use new capable_or functionality [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-05-02 Christian Göttsche pcmoore Superseded
[v2,5/8] fs: use new capable_or functionality [v2,1/8] capability: add capable_or to test for multiple caps with exactly one audit message - - - --- 2022-05-02 Christian Göttsche pcmoore Superseded
« 1 2 ... 21 22 2392 93 »