SELinux Development list

Show patches with: Archived = No | 9273 patches

« 1 2 ... 29 30 31 … 92 93 »

Patch	Series	A/R/T	S/W/F	Date	Submitter	Delegate	State
libsepol: avoid passing NULL pointer to memcpy	libsepol: avoid passing NULL pointer to memcpy	- - -	---	2021-10-21	Christian Göttsche		Changes Requested
[v2] libselinux: use valid address to silence glibc 2.34 warnings	[v2] libselinux: use valid address to silence glibc 2.34 warnings	1 - -	---	2021-10-21	Christian Göttsche		Accepted
selinux: fix a sock regression in selinux_ip_postroute_compat()	selinux: fix a sock regression in selinux_ip_postroute_compat()	- - -	---	2021-10-19	Paul Moore	pcmoore	Accepted
[v2,3/3] libsemanage/tests: free memory	[v2,1/3] libsepol: do not pass NULL to memcpy	- - -	---	2021-10-19	Christian Göttsche		Accepted
[v2,2/3] libsemanage: do not sort empty records	[v2,1/3] libsepol: do not pass NULL to memcpy	- - -	---	2021-10-19	Christian Göttsche		Accepted
[v2,1/3] libsepol: do not pass NULL to memcpy	[v2,1/3] libsepol: do not pass NULL to memcpy	1 - -	---	2021-10-19	Christian Göttsche		Accepted
[userspace,v3,7/7] setfiles/restorecon: support parallel relabeling	Parallel setfiles/restorecon	- - -	---	2021-10-19	Ondrej Mosnacek		Changes Requested
[userspace,v3,6/7] selinux_restorecon: introduce selinux_restorecon_parallel(3)	Parallel setfiles/restorecon	- - -	---	2021-10-19	Ondrej Mosnacek		Changes Requested
[userspace,v3,5/7] selinux_restorecon: add a global mutex to synchronize progress output	Parallel setfiles/restorecon	- - -	---	2021-10-19	Ondrej Mosnacek		Changes Requested
[userspace,v3,4/7] libselinux: make selinux_log() thread-safe	Parallel setfiles/restorecon	- - -	---	2021-10-19	Ondrej Mosnacek		Changes Requested
[userspace,v3,3/7] selinux_restorecon: protect file_spec list with a mutex	Parallel setfiles/restorecon	- - -	---	2021-10-19	Ondrej Mosnacek		Changes Requested
[userspace,v3,2/7] selinux_restorecon: simplify fl_head allocation by using calloc()	Parallel setfiles/restorecon	- - -	---	2021-10-19	Ondrej Mosnacek		Changes Requested
[userspace,v3,1/7] label_file: fix a data race	Parallel setfiles/restorecon	- - -	---	2021-10-19	Ondrej Mosnacek		Changes Requested
libselinux: use dummy variable to silence glibc 2.34 warnings	libselinux: use dummy variable to silence glibc 2.34 warnings	- - -	---	2021-10-15	Christian Göttsche		Superseded
[userspace,v2,6/6] setfiles/restorecon: support parallel relabeling	Parallel setfiles/restorecon	- - -	---	2021-10-14	Ondrej Mosnacek		Superseded
[userspace,v2,5/6] selinux_restorecon: introduce selinux_restorecon_parallel(3)	Parallel setfiles/restorecon	- - -	---	2021-10-14	Ondrej Mosnacek		Superseded
[userspace,v2,4/6] selinux_restorecon: add a global mutex to synchronize progress output	Parallel setfiles/restorecon	- - -	---	2021-10-14	Ondrej Mosnacek		Superseded
[userspace,v2,3/6] libselinux: make selinux_log() thread-safe	Parallel setfiles/restorecon	- - -	---	2021-10-14	Ondrej Mosnacek		Superseded
[userspace,v2,2/6] selinux_restorecon: protect file_spec list with a mutex	Parallel setfiles/restorecon	- - -	---	2021-10-14	Ondrej Mosnacek		Superseded
[userspace,v2,1/6] selinux_restorecon: simplify fl_head allocation by using calloc()	Parallel setfiles/restorecon	- - -	---	2021-10-14	Ondrej Mosnacek		Superseded
selinux: fix all of the W=1 build warnings	selinux: fix all of the W=1 build warnings	- - -	---	2021-10-13	Paul Moore	pcmoore	Accepted
[3/3] libsemanage/tests: free memory	[1/3] libsepol: do not pass NULL to memcpy	- - -	---	2021-10-13	Christian Göttsche		Changes Requested
[2/3] libsemanage: do not sort empty records	[1/3] libsepol: do not pass NULL to memcpy	- - -	---	2021-10-13	Christian Göttsche		Changes Requested
[1/3] libsepol: do not pass NULL to memcpy	[1/3] libsepol: do not pass NULL to memcpy	- - -	---	2021-10-13	Christian Göttsche		Changes Requested
[v2] selinux: make better use of the nf_hook_state passed to the NF hooks	[v2] selinux: make better use of the nf_hook_state passed to the NF hooks	- - -	---	2021-10-12	Paul Moore	pcmoore	Accepted
[v2,2/2] fuse: Send security context of inode on file creation	fuse: Send file/inode security context during creation	- - -	---	2021-10-12	Vivek Goyal	pcmoore	Superseded
[v2,1/2] fuse: Add a flag FUSE_SECURITY_CTX	fuse: Send file/inode security context during creation	- - -	---	2021-10-12	Vivek Goyal	pcmoore	Superseded
[v5,3/3] binder: use cred instead of task for getsecid	binder: use cred instead of task for security context	- - -	---	2021-10-12	Todd Kjos	pcmoore	Accepted
[v5,2/3] binder: use cred instead of task for selinux checks	binder: use cred instead of task for security context	- - -	---	2021-10-12	Todd Kjos	pcmoore	Accepted
[v5,1/3] binder: use euid from cred instead of using task	binder: use cred instead of task for security context	- - -	---	2021-10-12	Todd Kjos	pcmoore	Accepted
[v2] security: Return xattr name from security_dentry_init_security()	[v2] security: Return xattr name from security_dentry_init_security()	1 2 -	---	2021-10-12	Vivek Goyal	pcmoore	Accepted
selinux: make better use of the nf_hook_state passed to the NF hooks	selinux: make better use of the nf_hook_state passed to the NF hooks	- - -	---	2021-10-11	Paul Moore	pcmoore	Superseded
[v3] selinux: remove unneeded ipv6 hook wrappers	[v3] selinux: remove unneeded ipv6 hook wrappers	- - -	---	2021-10-11	Florian Westphal	pcmoore	Accepted
selinux: consilidate comments from inode_doinit_with_dentry wrt !dentry	selinux: consilidate comments from inode_doinit_with_dentry wrt !dentry	- - -	---	2021-10-11	Davidlohr Bueso		Changes Requested
[RFC,35/35] libsepol: do not create a string list with initial size zero	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,34/35] libsepol: use correct size for initial string list	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,33/35] libsepol: validate categories	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,32/35] libsepol: do not underflow on short format arguments	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,31/35] libsepol: validate policy properties	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,30/35] libsepol: validate permissive types	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,29/35] libsepol: validate genfs contexts	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,28/35] libsepol: validate ocontexts	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,27/35] libsepol: validate type of avtab type rules	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,26/35] libsepol: validate constraint expression operators and attributes	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,25/35] libsepol: validate avtab types	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,24/35] libsepol: zero member before potential dereference	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,23/35] libsepol: resolve log message mismatch	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,22/35] libsepol: validate permission count of classes	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,21/35] libsepol: do not crash on user gaps	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,20/35] libsepol: do not crash on class gaps	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,19/35] libsepol: reject abnormal huge sid ids	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,18/35] libsepol: use size_t for indexes in strs helpers	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,17/35] libsepol: validate types	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,16/35] libsepol: validate expanded user range and level	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,15/35] libsepol: reject invalid default targets	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,14/35] libsepol: reject invalid fsuse types	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,13/35] libsepol: validate MLS levels	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,12/35] libsepol: clean memory on conditional read failure	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,11/35] libsepol: enforce avtab item limit	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,10/35] libsepol: add checks for read sizes	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,09/35] libsepol: use reallocarray wrapper to avoid overflows	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,08/35] libsepol: use mallocarray wrapper to avoid overflows	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,07/35] libsepol: use logging framework in ebitmap.c	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,06/35] libsepol: use logging framework in conditional.c	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,05/35] libsepol/fuzz: limit element sizes for fuzzing	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,04/35] libsepol: add libfuzz based fuzzer for reading binary policies	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,03/35] libsepol/fuzz: silence secilc-fuzzer	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,02/35] cifuzz: use the default runtime of 600 seconds	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[RFC,01/35] cifuzz: enable report-unreproducible-crashes	libsepol: add fuzzer for reading binary policies	- - -	---	2021-10-11	Christian Göttsche		Changes Requested
[v2] selinux: remove unneeded ipv6 hook wrappers	[v2] selinux: remove unneeded ipv6 hook wrappers	- - -	---	2021-10-11	Florian Westphal	pcmoore	Changes Requested
[security-next] selinux: remove ipv6 hook wrappers	[security-next] selinux: remove ipv6 hook wrappers	- - -	---	2021-10-11	Florian Westphal	pcmoore	Superseded
[4/4] libselinux: Fix potential undefined shifts	[1/4] libsepol: Fix potential undefined shifts	- - -	---	2021-10-08	James Carter		Accepted
[3/4] checkpolicy: Fix potential undefined shifts	[1/4] libsepol: Fix potential undefined shifts	- - -	---	2021-10-08	James Carter		Accepted
[2/4] libsepol/cil: Fix potential undefined shifts	[1/4] libsepol: Fix potential undefined shifts	1 - -	---	2021-10-08	James Carter		Accepted
[1/4] libsepol: Fix potential undefined shifts	[1/4] libsepol: Fix potential undefined shifts	- - -	---	2021-10-08	James Carter		Accepted
libsepol/cil: Fix potential undefined shifts	libsepol/cil: Fix potential undefined shifts	- - -	---	2021-10-08	James Carter		Changes Requested
[v4,3/3] binder: use euid from cred instead of using task	binder: use cred instead of task for security context	- - -	---	2021-10-07	Todd Kjos	pcmoore	Changes Requested
[v4,2/3] binder: use cred instead of task for getsecid	binder: use cred instead of task for security context	- - -	---	2021-10-07	Todd Kjos	pcmoore	Changes Requested
[v4,1/3] binder: use cred instead of task for selinux checks	binder: use cred instead of task for security context	1 - -	---	2021-10-07	Todd Kjos	pcmoore	Changes Requested
[v3,3/3] binder: use euid from cred instead of using task	binder: use cred instead of task for security context	- - -	---	2021-10-06	Todd Kjos	pcmoore	Superseded
[v3,2/3] binder: use cred instead of task for getsecid	binder: use cred instead of task for security context	- - -	---	2021-10-06	Todd Kjos	pcmoore	Superseded
[v3,1/3] binder: use cred instead of task for selinux checks	binder: use cred instead of task for security context	1 - -	---	2021-10-06	Todd Kjos	pcmoore	Superseded
libselinux/semodule: Improve extracting message	libselinux/semodule: Improve extracting message	1 - -	---	2021-10-04	Petr Lautrbach		Accepted
[v2] binder: use cred instead of task for selinux checks	[v2] binder: use cred instead of task for selinux checks	1 - -	---	2021-10-01	Todd Kjos	pcmoore	Superseded
binder: use cred instead of task for selinux checks	binder: use cred instead of task for selinux checks	- - -	---	2021-10-01	Todd Kjos	pcmoore	Superseded
security: Return xattr name from security_dentry_init_security()	security: Return xattr name from security_dentry_init_security()	- 1 -	---	2021-09-30	Vivek Goyal	pcmoore	Superseded
[testsuite] Remove the lockdown test	[testsuite] Remove the lockdown test	- - -	---	2021-09-30	Ondrej Mosnacek	omos	Accepted
libsepol/cil: Do not skip macros when resolving until later passes	libsepol/cil: Do not skip macros when resolving until later passes	1 - -	---	2021-09-29	James Carter		Accepted
lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()	lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()	- 2 -	---	2021-09-29	Paul Moore	pcmoore	Accepted
selinux: remove the SELinux lockdown implementation	selinux: remove the SELinux lockdown implementation	1 - -	---	2021-09-29	Paul Moore	pcmoore	Accepted
libsepol/cil: Limit the amount of reporting for bounds failures	libsepol/cil: Limit the amount of reporting for bounds failures	1 - -	---	2021-09-28	James Carter		Accepted
[9/9] checkpolicy: delay down-cast to avoid align warning	[1/9] libsepol: ebitmap: mark nodes of const ebitmaps const	- - -	---	2021-09-28	Christian Göttsche		Accepted
[8/9] checkpolicy: drop incorrect cast	[1/9] libsepol: ebitmap: mark nodes of const ebitmaps const	- - -	---	2021-09-28	Christian Göttsche		Accepted
[7/9] checkpolicy: update documentation	[1/9] libsepol: ebitmap: mark nodes of const ebitmaps const	- - -	---	2021-09-28	Christian Göttsche		Accepted
[6/9] checkpolicy: print reason of fopen failure	[1/9] libsepol: ebitmap: mark nodes of const ebitmaps const	- - -	---	2021-09-28	Christian Göttsche		Accepted
[5/9] checkpolicy: policy_define: cleanup declarations	[1/9] libsepol: ebitmap: mark nodes of const ebitmaps const	- - -	---	2021-09-28	Christian Göttsche		Accepted
[4/9] libsepol/cil: silence clang void-pointer-to-enum-cast warning	[1/9] libsepol: ebitmap: mark nodes of const ebitmaps const	- - -	---	2021-09-28	Christian Göttsche		Accepted
[3/9] libsepol: resolve GCC warning about null-dereference	[1/9] libsepol: ebitmap: mark nodes of const ebitmaps const	- - -	---	2021-09-28	Christian Göttsche		Accepted
[2/9] libsepol: use correct cast	[1/9] libsepol: ebitmap: mark nodes of const ebitmaps const	- - -	---	2021-09-28	Christian Göttsche		Accepted
[1/9] libsepol: ebitmap: mark nodes of const ebitmaps const	[1/9] libsepol: ebitmap: mark nodes of const ebitmaps const	1 - -	---	2021-09-28	Christian Göttsche		Accepted

« 1 2 ... 29 30 31 … 92 93 »