Show patches with: Archived = No       |   9273 patches
« 1 2 ... 28 29 3092 93 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[09/12] mcstrans: avoid missing prototypes [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[08/12] python: mark local functions static [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[07/12] sandbox: mark local functions static [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[06/12] policycoreutils: mark local functions static [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[05/12] checkpolicy: ignore possible string truncation [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[04/12] Enable extra global compiler warnings [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[03/12] policycoreutils: use string literal as format strings [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[02/12] libsepol: use string literals as format strings [01/12] checkpolicy: use correct unsigned format specifiers - - - --- 2021-11-12 Christian Göttsche Accepted
[01/12] checkpolicy: use correct unsigned format specifiers [01/12] checkpolicy: use correct unsigned format specifiers 1 - - --- 2021-11-12 Christian Göttsche Accepted
selinux-notebook: New chapter: Hardening SELinux selinux-notebook: New chapter: Hardening SELinux - - - --- 2021-11-12 Topi Miettinen pcmoore Superseded
Support static-only builds Support static-only builds - - - --- 2021-11-11 Alyssa Ross Superseded
[5.10,3/3] binder: use cred instead of task for getsecid [5.10,1/3] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[5.10,2/3] binder: use cred instead of task for selinux checks [5.10,1/3] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[5.10,1/3] binder: use euid from cred instead of using task [5.10,1/3] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[5.4,3/3] binder: use cred instead of task for getsecid [5.4,1/3] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[5.4,2/3] binder: use cred instead of task for selinux checks [5.4,1/3] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[5.4,1/3] binder: use euid from cred instead of using task [5.4,1/3] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[4.19,2/2] binder: use cred instead of task for selinux checks [4.19,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[4.19,1/2] binder: use euid from cred instead of using task [4.19,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[4.14,2/2] binder: use cred instead of task for selinux checks [4.14,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[4.14,1/2] binder: use euid from cred instead of using task [4.14,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[4.9,2/2] binder: use cred instead of task for selinux checks [4.9,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[4.9,1/2] binder: use euid from cred instead of using task [4.9,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[4.4,2/2] binder: use cred instead of task for selinux checks [4.4,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[4.4,1/2] binder: use euid from cred instead of using task [4.4,1/2] binder: use euid from cred instead of using task 1 - - --- 2021-11-10 Todd Kjos pcmoore Handled Elsewhere
[5/5] libsepol: Write out genfscon file type when writing out CIL policy Fix/add optional file type handling for genfscon rules - - - --- 2021-11-10 James Carter Accepted
[4/5,v2] secilc/docs: Document the optional file type for genfscon rules Fix/add optional file type handling for genfscon rules - - - --- 2021-11-10 James Carter Accepted
[3/5,v2] libsepol/cil: Allow optional file type in genfscon rules Fix/add optional file type handling for genfscon rules - - - --- 2021-11-10 James Carter Accepted
[2/5,v2] libsepol/cil: Refactor filecon file type handling Fix/add optional file type handling for genfscon rules - - - --- 2021-11-10 James Carter Accepted
[1/5,v2] libsepol: Add support for file types in writing out policy.conf Fix/add optional file type handling for genfscon rules - - - --- 2021-11-10 James Carter Accepted
[RFC] libsepol,checkpolicy: Add netlink xperm support [RFC] libsepol,checkpolicy: Add netlink xperm support - - - --- 2021-11-10 Bram Bonné Changes Requested
Use IANA-managed domain example.com in examples Use IANA-managed domain example.com in examples 1 - - --- 2021-11-09 Markus Linnala Accepted
[RFC,1/1] testsuite sctp: Add tests for sctp_socket transition rules selinux-testsuite: Add tests for sctp_socket transition rules - - - --- 2021-11-07 Richard Haines omos Superseded
[RFC,v2,40/40,CROSS-PATCH] libsepol: do not pass NULL to memcpy libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Not Applicable
[RFC,v2,39/40,CROSS-PATCH] libsepol: avoid passing NULL pointer to memcpy libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Not Applicable
[RFC,v2,38/40,WIP] checkpolicy: validate generated policies libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Not Applicable
[RFC,v2,37/40,WIP] libsepol: export policydb_validate libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Not Applicable
[RFC,v2,36/36] libsepol: validate class default targets libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,35/36] libsepol: validate fsuse types libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,34/36] libsepol: validate categories libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,33/36] libsepol: validate policy properties libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,32/36] libsepol: validate permissive types libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,31/36] libsepol: validate genfs contexts libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,30/36] libsepol: validate ocontexts libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,29/36] libsepol: validate type of avtab type rules libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,28/36] libsepol: validate constraint expression operators and attributes libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,27/36] libsepol: validate avtab and avrule types libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,26/36] libsepol: resolve log message mismatch libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,25/36] libsepol: validate permission count of classes libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,24/36] libsepol: validate expanded user range and level libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,23/36] libsepol: validate MLS levels libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,22/36] libsepol: split validation of datum array gaps and entries libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,21/36] libsepol: do not create a string list with initial size zero libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,20/36] libsepol: use correct size for initial string list libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,19/36] libsepol: do not crash on user gaps libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,18/36] libsepol: do not crash on class gaps libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,17/36] libsepol: do not underflow on short format arguments libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,16/36] libsepol: use size_t for indexes in strs helpers libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,15/36] libsepol: zero member before potential dereference libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,14/36] libsepol: reject invalid filetrans source type libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,13/36] libsepol: reject abnormal huge sid ids libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,12/36] libsepol: clean memory on conditional insertion failure libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,11/36] libsepol: enforce avtab item limit libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,10/36] libsepol: add checks for read sizes libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,09/36] libsepol: use reallocarray wrapper to avoid overflows libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,08/36] libsepol: use mallocarray wrapper to avoid overflows libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,07/36] libsepol: use logging framework in ebitmap.c libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,06/36] libsepol: use logging framework in conditional.c libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,05/36] libsepol/fuzz: limit element sizes for fuzzing libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,04/36] libsepol: add libfuzz based fuzzer for reading binary policies libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,03/36] libsepol/fuzz: silence secilc-fuzzer libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,02/36] cifuzz: use the default runtime of 600 seconds libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[RFC,v2,01/36] cifuzz: enable report-unreproducible-crashes libsepol: add fuzzer for reading binary policies - - - --- 2021-11-05 Christian Göttsche Superseded
[v2] libsepol: avoid passing NULL pointer to memcpy [v2] libsepol: avoid passing NULL pointer to memcpy 1 - - --- 2021-11-05 Christian Göttsche Accepted
[net] selinux: fix SCTP client peeloff socket labeling [net] selinux: fix SCTP client peeloff socket labeling - - - --- 2021-11-04 Ondrej Mosnacek pcmoore Superseded
[PATCHv2,net,4/4] security: implement sctp_assoc_established hook in selinux security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long pcmoore Superseded
[PATCHv2,net,3/4] security: add sctp_assoc_established hook security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long pcmoore Superseded
[PATCHv2,net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long pcmoore Superseded
[PATCHv2,net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone security: fixups for the security hooks in sctp - 1 1 --- 2021-11-02 Xin Long pcmoore Superseded
[GIT,PULL] SELinux patches for v5.16 [GIT,PULL] SELinux patches for v5.16 - - - --- 2021-11-01 Paul Moore Accepted
[4/4] libsepol: Write out genfscon file type when writing out CIL policy Fix/add optional file type handling for genfscon rules - - - --- 2021-10-27 James Carter Superseded
[3/4] secilc/docs: Document the optional file type for genfscon rules Fix/add optional file type handling for genfscon rules - - - --- 2021-10-27 James Carter Superseded
[2/4] libsepol/cil: Allow optional file type in genfscon rules Fix/add optional file type handling for genfscon rules - - - --- 2021-10-27 James Carter Superseded
[1/4] libsepol: Add support for file types in writing out policy.conf Fix/add optional file type handling for genfscon rules - - - --- 2021-10-27 James Carter Superseded
[userspace,v4,8/8] setfiles/restorecon: support parallel relabeling Parallel setfiles/restorecon - - - --- 2021-10-26 Ondrej Mosnacek Accepted
[userspace,v4,7/8] selinux_restorecon: introduce selinux_restorecon_parallel(3) Parallel setfiles/restorecon - - - --- 2021-10-26 Ondrej Mosnacek Accepted
[userspace,v4,6/8] selinux_restorecon: add a global mutex to synchronize progress output Parallel setfiles/restorecon - - - --- 2021-10-26 Ondrej Mosnacek Accepted
[userspace,v4,5/8] libselinux: make is_context_customizable() thread-safe Parallel setfiles/restorecon - - 1 --- 2021-10-26 Ondrej Mosnacek Accepted
[userspace,v4,4/8] libselinux: make selinux_log() thread-safe Parallel setfiles/restorecon - - - --- 2021-10-26 Ondrej Mosnacek Accepted
[userspace,v4,3/8] selinux_restorecon: protect file_spec list with a mutex Parallel setfiles/restorecon - - - --- 2021-10-26 Ondrej Mosnacek Accepted
[userspace,v4,2/8] selinux_restorecon: simplify fl_head allocation by using calloc() Parallel setfiles/restorecon - - - --- 2021-10-26 Ondrej Mosnacek Accepted
[userspace,v4,1/8] label_file: fix a data race Parallel setfiles/restorecon - - - --- 2021-10-26 Ondrej Mosnacek Accepted
[testsuite,v2] tests: make kernel iptables support optional [testsuite,v2] tests: make kernel iptables support optional - - - --- 2021-10-25 Ondrej Mosnacek omos Accepted
[testsuite] tests/inet_socket: make kernel iptables support optional [testsuite] tests/inet_socket: make kernel iptables support optional - - - --- 2021-10-25 Ondrej Mosnacek omos Superseded
[net,4/4] security: implement sctp_assoc_established hook in selinux security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long pcmoore Superseded
[net,3/4] security: add sctp_assoc_established hook security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long pcmoore Superseded
[net,2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long pcmoore Superseded
[net,1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone security: fixups for the security hooks in sctp - - - --- 2021-10-22 Xin Long pcmoore Superseded
sctp: initialize endpoint LSM labels also on the client side sctp: initialize endpoint LSM labels also on the client side - - - --- 2021-10-21 Ondrej Mosnacek Rejected
[testsuite] tests/sctp: add client peeloff tests [testsuite] tests/sctp: add client peeloff tests - - - --- 2021-10-21 Ondrej Mosnacek omos Superseded
« 1 2 ... 28 29 3092 93 »