Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

[RFC PATCH 0/6] fs, lsm: mediate O_PATH fd creation in file_open hook, Ryan Lee
- [RFC PATCH 1/6] fs: invoke LSM file_open hook in do_dentry_open for O_PATH fds as well, Ryan Lee
  - Re: [RFC PATCH 1/6] fs: invoke LSM file_open hook in do_dentry_open for O_PATH fds as well, Al Viro
- [RFC PATCH 2/6] apparmor: explicitly skip mediation of O_PATH file descriptors, Ryan Lee
- [RFC PATCH 3/6] landlock: explicitly skip mediation of O_PATH file descriptors, Ryan Lee
- [RFC PATCH 4/6] selinux: explicitly skip mediation of O_PATH file descriptors, Ryan Lee
- [RFC PATCH 6/6] tomoyo: explicitly skip mediation of O_PATH file descriptors, Ryan Lee
- [RFC PATCH 5/6] smack: explicitly skip mediation of O_PATH file descriptors, Ryan Lee
  - Re: [RFC PATCH 5/6] smack: explicitly skip mediation of O_PATH file descriptors, Casey Schaufler
[PATCH] selinux: get netlabel_wildcard policycap from policy instead of cache, Christian Göttsche
- Re: [PATCH] selinux: get netlabel_wildcard policycap from policy instead of cache, Stephen Smalley
[PATCH v2] selinux: support wildcard match in genfscon, Takaya Saeki
- Re: [PATCH v2] selinux: support wildcard match in genfscon, Takaya Saeki
  - Re: [PATCH v2] selinux: support wildcard match in genfscon, Christian Göttsche
    - Re: [PATCH v2] selinux: support wildcard match in genfscon, Takaya Saeki
      - Re: [PATCH v2] selinux: support wildcard match in genfscon, Stephen Smalley
- Re: [PATCH v2] selinux: support wildcard match in genfscon, Christian Göttsche
  - Re: [PATCH v2] selinux: support wildcard match in genfscon, Stephen Smalley
    - Re: [PATCH v2] selinux: support wildcard match in genfscon, Christian Göttsche
      - Re: [PATCH v2] selinux: support wildcard match in genfscon, Stephen Smalley
[PATCH v7 bpf-next 0/2] security: Propagate caller information in bpf hooks, Blaise Boscaccy
- [PATCH v7 bpf-next 1/2] security: Propagate caller information in bpf hooks, Blaise Boscaccy
- [PATCH v7 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook, Blaise Boscaccy
  - Re: [PATCH v7 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook, Song Liu
    - Re: [PATCH v7 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook, Alexei Starovoitov
- Re: [PATCH v7 bpf-next 0/2] security: Propagate caller information in bpf hooks, patchwork-bot+netdevbpf
[PATCH] mailmap: map my old email addresses, Stephen Smalley
- Re: [PATCH] mailmap: map my old email addresses, Paul Moore
SeLinux, Heal thyself., Darvond
- Re: SeLinux, Heal thyself., Stephen Smalley
[PATCH v6 bpf-next 0/2] security: Propagate caller information in bpf hooks, Blaise Boscaccy
- [PATCH v6 bpf-next 1/2] security: Propagate caller information in bpf hooks, Blaise Boscaccy
  - Re: [PATCH v6 1/2] security: Propagate caller information in bpf hooks, Paul Moore
- [PATCH v6 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook, Blaise Boscaccy
  - Re: [PATCH v6 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook, Song Liu
    - Re: [PATCH v6 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook, Blaise Boscaccy
      - Re: [PATCH v6 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook, Song Liu
        
        Re: [PATCH v6 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook, Blaise Boscaccy
        
        Re: [PATCH v6 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook, Song Liu
[syzbot] [selinux?] KCSAN: data-race in selinux_socket_post_create / selinux_socket_sock_rcv_skb, syzbot
- [PATCH] selinux: read and write sid under lock, Edward Adam Davis
  - Re: [PATCH] selinux: read and write sid under lock, kernel test robot
  - Re: [PATCH] selinux: read and write sid under lock, kernel test robot
  - Re: [PATCH] selinux: read and write sid under lock, Stephen Smalley
    - Re: [PATCH] selinux: read and write sid under lock, Paul Moore
      - [PATCH V2] selinux: access sid under READ/WRITE_ONCE, Edward Adam Davis
        
        Re: [PATCH V2] selinux: access sid under READ/WRITE_ONCE, Stephen Smalley
        
        Re: [PATCH V2] selinux: access sid under READ/WRITE_ONCE, Edward Adam Davis
        
        Re: [PATCH V2] selinux: access sid under READ/WRITE_ONCE, Stephen Smalley
[PATCH v5 bpf-next 0/2] security: Propagate caller information in bpf hooks, Blaise Boscaccy
- [PATCH v5 bpf-next 1/2] security: Propagate caller information in bpf hooks, Blaise Boscaccy
- [PATCH v5 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook, Blaise Boscaccy
  - Re: [PATCH v5 bpf-next 2/2] selftests/bpf: Add a kernel flag test for LSM bpf hook, Song Liu
[PATCH v2 0/6] Audit: Records for multiple security contexts, Casey Schaufler
- [PATCH v2 3/6] LSM: security_lsmblob_to_secctx module selection, Casey Schaufler
  - Re: [PATCH v2 3/6] LSM: security_lsmblob_to_secctx module selection, kernel test robot
  - Re: [PATCH v2 3/6] LSM: security_lsmblob_to_secctx module selection, Paul Moore
- [PATCH v2 2/6] Audit: Allow multiple records in an audit_buffer, Casey Schaufler
  - Re: [PATCH v2 2/6] Audit: Allow multiple records in an audit_buffer, Paul Moore
- [PATCH v2 6/6] Audit: Add record for multiple object contexts, Casey Schaufler
  - Re: [PATCH v2 6/6] Audit: Add record for multiple object contexts, kernel test robot
  - Re: [PATCH v2 6/6] Audit: Add record for multiple object contexts, kernel test robot
  - Re: [PATCH v2 6/6] Audit: Add record for multiple object contexts, Dan Carpenter
  - Re: [PATCH v2 6/6] Audit: Add record for multiple object contexts, Paul Moore
- [PATCH v2 5/6] Audit: multiple subject lsm values for netlabel, Casey Schaufler
  - Re: [PATCH v2 5/6] Audit: multiple subject lsm values for netlabel, Paul Moore
- [PATCH v2 4/6] Audit: Add record for multiple task security contexts, Casey Schaufler
  - Re: [PATCH v2 4/6] Audit: Add record for multiple task security contexts, Paul Moore
- [PATCH v2 1/6] Audit: Create audit_stamp structure, Casey Schaufler
  - Re: [PATCH v2 1/6] Audit: Create audit_stamp structure, Paul Moore
[PATCH] selinux: Chain up tool resolving errors in install_policy.sh, Tim Schumacher
- Re: [PATCH] selinux: Chain up tool resolving errors in install_policy.sh, Paul Moore
ANN: SELinux userspace 3.8.1, Petr Lautrbach
[RFC PATCH 0/2] mm: introduce anon_vma flags, reduce kernel allocs, Lorenzo Stoakes
- [RFC PATCH 2/2] mm/madvise: utilise anon_vma unfaulted flag on guard region install, Lorenzo Stoakes
- [RFC PATCH 1/2] mm: introduce anon_vma flags and use wrapper functions, Lorenzo Stoakes
- Re: [RFC PATCH 0/2] mm: introduce anon_vma flags, reduce kernel allocs, Matthew Wilcox
  - Re: [RFC PATCH 0/2] mm: introduce anon_vma flags, reduce kernel allocs, Lorenzo Stoakes
[PATCH v4 bpf-next 0/2] security: Propagate caller information in bpf hooks, Blaise Boscaccy
- [PATCH v4 bpf-next 1/2] security: Propagate caller information in bpf hooks, Blaise Boscaccy
  - Re: [PATCH v4 bpf-next 1/2] security: Propagate caller information in bpf hooks, Paul Moore
- [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Blaise Boscaccy
  - Re: [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Song Liu
    - Re: [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Blaise Boscaccy
      - Re: [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Song Liu
  - Re: [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Paul Moore
    - Re: [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Blaise Boscaccy
      - Re: [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Paul Moore
        
        Re: [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Song Liu
        
        Re: [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Paul Moore
        
        Re: [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Alexei Starovoitov
        
        Re: [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Song Liu
        
        Re: [PATCH v4 bpf-next 2/2] selftests/bpf: Add is_kernel parameter to LSM/bpf test programs, Paul Moore
[PATCH 0/1 v3] security: Propagate caller information in bpf hooks, Blaise Boscaccy
- [PATCH 1/1] security: Propagate caller information in bpf hooks, Blaise Boscaccy
  - Re: [PATCH 1/1] security: Propagate caller information in bpf hooks, Song Liu
[PATCH v16 0/3] binder: report txn errors via generic netlink, Li Li
- [PATCH v16 1/3] lsm, selinux: Add setup_report permission to binder, Li Li
  - Re: [PATCH v16 1/3] lsm, selinux: Add setup_report permission to binder, Paul Moore
    - Re: [PATCH v16 1/3] lsm, selinux: Add setup_report permission to binder, Li Li
- [PATCH v16 2/3] binder: report txn errors via generic netlink, Li Li
  - Re: [PATCH v16 2/3] binder: report txn errors via generic netlink, Carlos Llamas
    - Message not available
      - Fwd: [PATCH v16 2/3] binder: report txn errors via generic netlink, Li Li
        
        Re: Fwd: [PATCH v16 2/3] binder: report txn errors via generic netlink, Carlos Llamas
        
        Re: Fwd: [PATCH v16 2/3] binder: report txn errors via generic netlink, Li Li
- [PATCH v16 3/3] binder: generic netlink binder_features flag, Li Li
  - Re: [PATCH v16 3/3] binder: generic netlink binder_features flag, Carlos Llamas
[PATCH] selinux: support wildcard network interface names, Christian Göttsche
- Re: [PATCH] selinux: support wildcard network interface names, Paul Moore
[PATCH 0/1] v2 security: Propagate caller information in bpf hooks, Blaise Boscaccy
- [PATCH 1/1] security: Propagate caller information in bpf hooks, Blaise Boscaccy
  - Re: [PATCH 1/1] security: Propagate caller information in bpf hooks, Song Liu
Userspace: 3.8.1 release next week?, Petr Lautrbach
- Re: Userspace: 3.8.1 release next week?, Paul Moore
[PATCH] Don't inject matchpathcon_filespec_add64() ifdef __x86_64__, наб
[PATCH] Insert -I../../libselinux/include and -L../../libselinux/src into subprograms where needed, наб
[PATCH v15 0/3] binder: report txn errors via generic netlink, Li Li
- [PATCH v15 1/3] lsm, selinux: Add setup_report permission to binder, Li Li
- [PATCH v15 2/3] binder: report txn errors via generic netlink, Li Li
  - Re: [PATCH v15 2/3] binder: report txn errors via generic netlink, kernel test robot
  - Re: [PATCH v15 2/3] binder: report txn errors via generic netlink, kernel test robot
- [PATCH v15 3/3] binder: generic netlink binder_features flag, Li Li
[PATCH 2/2] mcstrans: make use of context_to_str(3), Christian Göttsche
- [PATCH 1/2] libselinux: introduce context_to_str(3), Christian Göttsche
[PATCH 2/2] setfiles: add option to modify user and role portions, Christian Göttsche
- [PATCH 1/2] libselinux: add restore option to modify user and role portions, Christian Göttsche
[PATCH 0/1] security: Propagate universal pointer data in bpf hooks, Blaise Boscaccy
- [PATCH 1/1] security: Propagate universal pointer data in bpf hooks, Blaise Boscaccy
  - Re: [PATCH 1/1] security: Propagate universal pointer data in bpf hooks, Song Liu
    - Re: [PATCH 1/1] security: Propagate universal pointer data in bpf hooks, Paul Moore
      - Re: [PATCH 1/1] security: Propagate universal pointer data in bpf hooks, Blaise Boscaccy
    - Re: [PATCH 1/1] security: Propagate universal pointer data in bpf hooks, Alexei Starovoitov
      - Re: [PATCH 1/1] security: Propagate universal pointer data in bpf hooks, Blaise Boscaccy
      - Re: [PATCH 1/1] security: Propagate universal pointer data in bpf hooks, Song Liu
[PATCH 2/3] checkpolicy: abort on mismatched declarations, Christian Göttsche
- [PATCH 1/3] checkpolicy: free left hand conditional expression on error, Christian Göttsche
- [PATCH 3/3] checkpolicy: perform cleanup on error in define_filename_trans(), Christian Göttsche
[PATCH] libsemanage: improve performance of semanage store rebuild, Petr Lautrbach
- Re: [PATCH] libsemanage: improve performance of semanage store rebuild, Jason Zaman
  - Re: [PATCH] libsemanage: improve performance of semanage store rebuild, Petr Lautrbach
[PATCH] selinux: add FILE__WATCH_MOUNTNS, Miklos Szeredi
- Re: [PATCH] selinux: add FILE__WATCH_MOUNTNS, Paul Moore
  - Re: [PATCH] selinux: add FILE__WATCH_MOUNTNS, Stephen Smalley
    - Re: [PATCH] selinux: add FILE__WATCH_MOUNTNS, Paul Moore
- Re: [PATCH] selinux: add FILE__WATCH_MOUNTNS, Christian Brauner
[PATCH] checkpolicy: rework cleanup in define_te_avtab_xperms_helper(), Christian Göttsche
[PATCH] libsemanage: define basename macro for non-glibc systems, Rahul Sandhu
- Re: [PATCH] libsemanage: define basename macro for non-glibc systems, William Roberts
  - Re: [PATCH] libsemanage: define basename macro for non-glibc systems, William Roberts
    - Re: [PATCH] libsemanage: define basename macro for non-glibc systems, Rahul Sandhu
      - Re: [PATCH] libsemanage: define basename macro for non-glibc systems, Rahul Sandhu
        
        [PATCH v2] libsemanage: create semanage_basename to ensure posix compliance, Rahul Sandhu
        
        Re: [PATCH v2] libsemanage: create semanage_basename to ensure posix compliance, Rahul Sandhu
nfsd 6.14-rc1 __fh_verify NULL ptr deref, Stephen Smalley
- Re: nfsd 6.14-rc1 __fh_verify NULL ptr deref, Chuck Lever
  - Re: nfsd 6.14-rc1 __fh_verify NULL ptr deref, Chuck Lever
    - Re: nfsd 6.14-rc1 __fh_verify NULL ptr deref, Stephen Smalley
- Re: nfsd 6.14-rc1 __fh_verify NULL ptr deref, Jeff Layton
ANN: Reference Policy 2.20250213, Chris PeBenito
[PATCH] libselinux: warn on identical duplicate properties, Thiébaud Weksteen
- Re: [PATCH] libselinux: warn on identical duplicate properties, James Carter
[PATCH] Switch from bison name-prefix to api.prefix, Daniel Burgener
- Re: [PATCH] Switch from bison name-prefix to api.prefix, James Carter
[PATCH v3] Support static-only builds, Alyssa Ross
- Re: [PATCH v3] Support static-only builds, Daniel Burgener
  - Re: [PATCH v3] Support static-only builds, Alyssa Ross
    - Re: [PATCH v3] Support static-only builds, Daniel Burgener
      - Re: [PATCH v3] Support static-only builds, Daniel Burgener
        
        Re: [PATCH v3] Support static-only builds, Alyssa Ross
[PATCH v2] selinux: add permission checks for loading other kinds of kernel files, kippndavis . work
- Re: [PATCH v2] selinux: add permission checks for loading other kinds of kernel files, Christian Göttsche
  - Re: [PATCH v2] selinux: add permission checks for loading other kinds of kernel files, Stephen Smalley
    - Re: [PATCH v2] selinux: add permission checks for loading other kinds of kernel files, Stephen Smalley
      - Re: [PATCH v2] selinux: add permission checks for loading other kinds of kernel files, Stephen Smalley
        
        Re: [PATCH v2] selinux: add permission checks for loading other kinds of kernel files, Daniel Burgener
        
        Re: [PATCH v2] selinux: add permission checks for loading other kinds of kernel files, Stephen Smalley
- Re: [PATCH v2] selinux: add permission checks for loading other kinds of kernel files, Stephen Smalley
- Re: [PATCH v2] selinux: add permission checks for loading other kinds of kernel files, Paul Moore
A duo of annoying SEalert checks., Darvond
[PATCH] selinux: always check the file label in selinux_kernel_read_file(), Paul Moore
- Re: [PATCH] selinux: always check the file label in selinux_kernel_read_file(), Paul Moore
[PATCH testsuite] policy,tests: add tests for new permissions for loading files/data, kippndavis . work
- Re: [PATCH testsuite] policy,tests: add tests for new permissions for loading files/data, Stephen Smalley
  - Re: [PATCH testsuite] policy,tests: add tests for new permissions for loading files/data, Stephen Smalley
[PATCH] selinux: add permission checks for loading other kinds of kernel files, kippndavis . work
- Re: [PATCH] selinux: add permission checks for loading other kinds of kernel files, Paul Moore
  - Re: [PATCH] selinux: add permission checks for loading other kinds of kernel files, Daniel Burgener
[PATCH 1/4] libselinux: constify global strings, Christian Göttsche
- [PATCH 4/4] libselinux: limit fcontext regex path length, Christian Göttsche
  - Re: [PATCH 4/4] libselinux: limit fcontext regex path length, James Carter
- [PATCH 3/4] libselinux: initialize regex arch string in a thread safe way, Christian Göttsche
- [PATCH 2/4] libselinux: use local instead of global error buffer, Christian Göttsche
  - Re: [PATCH 2/4] libselinux: use local instead of global error buffer, James Carter
[PATCH testsuite] tests/inet_socket: enable MPTCP if it's disabled via sysctl, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/inet_socket: enable MPTCP if it's disabled via sysctl, Ondrej Mosnacek
ANN: SELinux userspace 3.8, Petr Lautrbach
[PATCH v5 0/3] mount notification, Miklos Szeredi
- [PATCH v5 1/3] fsnotify: add mount notification infrastructure, Miklos Szeredi
  - Re: [PATCH v5 1/3] fsnotify: add mount notification infrastructure, Jan Kara
- [PATCH v5 2/3] fanotify: notify on mount attach and detach, Miklos Szeredi
  - Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Paul Moore
    - Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Miklos Szeredi
      - Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Paul Moore
        
        Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Christian Brauner
      - Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Christian Brauner
    - Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Christian Brauner
      - Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Paul Moore
        
        Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Christian Brauner
        
        Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Paul Moore
  - Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Jan Kara
    - Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Miklos Szeredi
      - Re: [PATCH v5 2/3] fanotify: notify on mount attach and detach, Amir Goldstein
- [PATCH v5 3/3] vfs: add notifications for mount attach and detach, Miklos Szeredi
  - Re: [PATCH v5 3/3] vfs: add notifications for mount attach and detach, Jan Kara
- Re: [PATCH v5 0/3] mount notification, Christian Brauner
ls from coreutils 9.6 doesn't show labels of some files, Ondrej Mosnacek
- Re: ls from coreutils 9.6 doesn't show labels of some files, Stephen Smalley
  - Re: ls from coreutils 9.6 doesn't show labels of some files, Paul Moore
[PATCH v3 1/2] io_uring: refactor io_uring_allowed(), Hamza Mahfooz
- [PATCH v3 2/2] lsm,io_uring: add LSM hooks for io_uring_setup(), Hamza Mahfooz
  - Re: [PATCH v3 2/2] lsm,io_uring: add LSM hooks for io_uring_setup(), Casey Schaufler
    - Re: [PATCH v3 2/2] lsm,io_uring: add LSM hooks for io_uring_setup(), Paul Moore
      - Re: [PATCH v3 2/2] lsm,io_uring: add LSM hooks for io_uring_setup(), Casey Schaufler
        
        Re: [PATCH v3 2/2] lsm,io_uring: add LSM hooks for io_uring_setup(), Paul Moore
        
        Re: [PATCH v3 2/2] lsm,io_uring: add LSM hooks for io_uring_setup(), Casey Schaufler
        
        Re: [PATCH v3 2/2] lsm,io_uring: add LSM hooks for io_uring_setup(), Paul Moore
  - Re: [PATCH v3 2/2] lsm,io_uring: add LSM hooks for io_uring_setup(), Paul Moore
    - Re: [PATCH v3 2/2] lsm,io_uring: add LSM hooks for io_uring_setup(), Hamza Mahfooz
- Re: [PATCH v3 1/2] io_uring: refactor io_uring_allowed(), Paul Moore
  - Re: [PATCH v3 1/2] io_uring: refactor io_uring_allowed(), Jens Axboe
    - Re: [PATCH v3 1/2] io_uring: refactor io_uring_allowed(), Paul Moore
Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Ondrej Mosnacek
- Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), stsp
  - Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Willem de Bruijn
    - Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), stsp
    - Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Ondrej Mosnacek
      - Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), stsp
        
        Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), stsp
      - Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Willem de Bruijn
        
        Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), stsp
        
        Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Willem de Bruijn
        
        Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), stsp
        
        Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Willem de Bruijn
        
        Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), stsp
        
        Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Willem de Bruijn
        
        Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Paul Moore
        
        Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Ondrej Mosnacek
        
        Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Paul Moore
        
        Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Willem de Bruijn
      - Re: Possible mistake in commit 3ca459eaba1b ("tun: fix group permission check"), Willem de Bruijn
Re: [PATCH v4 2/4] fanotify: notify on mount attach and detach, Paul Moore
- Re: [PATCH v4 2/4] fanotify: notify on mount attach and detach, Russell Coker
  - Re: [PATCH v4 2/4] fanotify: notify on mount attach and detach, Miklos Szeredi
    - Re: [PATCH v4 2/4] fanotify: notify on mount attach and detach, Miklos Szeredi
- Re: [PATCH v4 2/4] fanotify: notify on mount attach and detach, Daniel Burgener
[PATCH] selinux: fix spelling error, Tanya Agarwal
- Re: [PATCH] selinux: fix spelling error, Paul Moore
3.8 postponed to the next week, Petr Lautrbach
[RFC PATCH 0/2] Possible solution to possible regression, James Carter
- [RFC PATCH 1/2] libselinux: Close old selabel handle when setting a new one, James Carter
- [RFC PATCH 2/2] libsemanage: Set new restorecon handle before doing restorecon, James Carter
- <Possible follow-ups>
- Re: [RFC PATCH 0/2] Possible solution to possible regression, Petr Lautrbach
  - Re: [RFC PATCH 0/2] Possible solution to possible regression, James Carter
[GIT PULL] selinux/selinux-pr-20250121, Paul Moore
- Re: [GIT PULL] selinux/selinux-pr-20250121, pr-tracker-bot
Possible regression by commit d96f27bf7cb9 ("libsemanage: Preserve file context and ownership in policy store"), Petr Lautrbach
[PATCH] selinux: Handle NULL return from selinux_inode in inode_security_rcu, Ingyu Jang
- Re: [PATCH] selinux: Handle NULL return from selinux_inode in inode_security_rcu, Stephen Smalley
[PATCH userspace] README: fix broken testsuite run status badge, Ondrej Mosnacek
- Re: [PATCH userspace] README: fix broken testsuite run status badge, Petr Lautrbach
[PATCH v2] libselinux: limit node depth while parsing compiled fcontexts, Christian Göttsche
- Re: [PATCH v2] libselinux: limit node depth while parsing compiled fcontexts, James Carter
ANN: SELinux userspace 3.8-rc4 release, Petr Lautrbach
[PATCH 2/5] checkpolicy: check identifier before copying, Christian Göttsche
- [PATCH 5/5] checkpolicy: clear queue between parser passes, Christian Göttsche
- [PATCH 3/5] checkpolicy: remove unneeded queue_head(), Christian Göttsche
- [PATCH 4/5] checkpolicy: do not consume unmatched identifiers, Christian Göttsche
- [PATCH 1/5] libselinux: set errno in failure case, Christian Göttsche
  - Re: [PATCH 1/5] libselinux: set errno in failure case, James Carter
    - Re: [PATCH 1/5] libselinux: set errno in failure case, Petr Lautrbach
[PATCH v2] semanage: improve -e documentation and fix delete operation, Christian Göttsche
[PATCH] CONTRIBUTING.md: Drop dependency and build instructions, Daniel Burgener
- Re: [PATCH] CONTRIBUTING.md: Drop dependency and build instructions, James Carter
  - Re: [PATCH] CONTRIBUTING.md: Drop dependency and build instructions, Petr Lautrbach
[PATCH] libselinux: limit node depth while parsing compiled fcontexts, Christian Göttsche
- Re: [PATCH] libselinux: limit node depth while parsing compiled fcontexts, James Carter
[PATCH] selinux: map RTM_DELNSID to nlmsg_write, Thiébaud Weksteen
- Re: [PATCH] selinux: map RTM_DELNSID to nlmsg_write, Nicolas Dichtel
  - Re: [PATCH] selinux: map RTM_DELNSID to nlmsg_write, Paul Moore
    - Re: [PATCH] selinux: map RTM_DELNSID to nlmsg_write, Thiébaud Weksteen
3.8-rc4 or 3.8 release next week, Petr Lautrbach
- Re: 3.8-rc4 or 3.8 release next week, James Carter
  - Re: 3.8-rc4 or 3.8 release next week, James Carter
    - Re: 3.8-rc4 or 3.8 release next week, Petr Lautrbach
[PATCH 2/2] libselinux/fuzz: handle inputs with trailing data, Christian Göttsche
- [PATCH 1/2] libsepol/cil: free nlmsg hashtable on error, Christian Göttsche
  - Re: [PATCH 1/2] libsepol/cil: free nlmsg hashtable on error, James Carter
    - Re: [PATCH 1/2] libsepol/cil: free nlmsg hashtable on error, Petr Lautrbach
selinux: error: ‘NETLINK_ROUTE_SOCKET__NLMSG’ undeclared, Sebastian Andrzej Siewior
- Re: selinux: error: ‘NETLINK_ROUTE_SOCKET__NLMSG’ undeclared, Thiébaud Weksteen
  - Re: selinux: error: ‘NETLINK_ROUTE_SOCKET__NLMSG’ undeclared, Sebastian Andrzej Siewior
    - Re: selinux: error: ‘NETLINK_ROUTE_SOCKET__NLMSG’ undeclared, Jeff Johnson
      - Re: selinux: error: ‘NETLINK_ROUTE_SOCKET__NLMSG’ undeclared, Paul Moore
[GIT PULL] selinux/selinux-pr-20250107, Paul Moore
- Re: [GIT PULL] selinux/selinux-pr-20250107, pr-tracker-bot
[RFC PATCH v2 01/17] Fix typos, Christian Göttsche
- [RFC PATCH v2 09/17] tests/extended_socket_class: work with CONFIG_CRYPTO_USER_API disabled, Christian Göttsche
- [RFC PATCH v2 15/17] tests: test code tweaks, Christian Göttsche
- [RFC PATCH v2 07/17] test: overlayfs related tweaks, Christian Göttsche
- [RFC PATCH v2 06/17] Makefile: add PHONY targets, Christian Göttsche
- [RFC PATCH v2 10/17] tests/tun_tap: skip if not supported, Christian Göttsche
- [RFC PATCH v2 11/17] tests/inet_socket: skip mptcp if not supported, Christian Göttsche
- [RFC PATCH v2 08/17] tests/notify: work with CONFIG_FANOTIFY disabled, Christian Göttsche
- [RFC PATCH v2 12/17] tests/filesystem: improve fsnotify check and preload loop module, Christian Göttsche
- [RFC PATCH v2 13/17] defconfig: enable CONFIG_XFRM_USER, Christian Göttsche
- [RFC PATCH v2 16/17] tests: fail on compiler warnings and enable Wextra, Christian Göttsche
- [RFC PATCH v2 14/17] defconfig: enable CONFIG_NETFILTER_NETLINK_LOG, Christian Göttsche
- [RFC PATCH v2 17/17] tests: drop headers from Makefile dependencies, Christian Göttsche
- [RFC PATCH v2 00/17] testsuite: misc fixes and virtme-ng support, Christian Göttsche
- [RFC PATCH v2 03/17] tools: quote command to prevent word splitting, Christian Göttsche
- [RFC PATCH v2 05/17] tests: enable strictness for perl scripts, Christian Göttsche
- [RFC PATCH v2 04/17] tests: port scripts to sh and please shellcheck, Christian Göttsche
- [RFC PATCH v2 02/17] Makefile: use $(MAKE) to pass options, Christian Göttsche
[PATCH userspace 0/4] ci: fix and migrate the testsuite part to Testing Farm, Ondrej Mosnacek
- [PATCH userspace 2/4] ci: update Python versions, Ondrej Mosnacek
- [PATCH userspace 1/4] ci: use Testing Farm for running the testsuite, Ondrej Mosnacek
  - Re: [PATCH userspace 1/4] ci: use Testing Farm for running the testsuite, James Carter
    - Re: [PATCH userspace 1/4] ci: use Testing Farm for running the testsuite, Petr Lautrbach
- [PATCH userspace 3/4] ci: add missing libbz2-dev dependency, Ondrej Mosnacek
- [PATCH userspace 4/4] ci: fix pypy conditional, Ondrej Mosnacek
[no subject], Unknown
[RFC PATCH 00/44] SELinux namespace support, Stephen Smalley
- [RFC PATCH 05/44] netstate,selinux: create the selinux netlink socket per network namespace, Stephen Smalley
  - Re: [RFC PATCH 05/44] netstate,selinux: create the selinux netlink socket per network namespace, sergeh
    - Re: [RFC PATCH 05/44] netstate,selinux: create the selinux netlink socket per network namespace, Stephen Smalley
- [RFC PATCH 04/44] selinux: dynamically allocate selinux namespace, Stephen Smalley
- [RFC PATCH 03/44] selinux: support multiple selinuxfs instances, Stephen Smalley
- [RFC PATCH 06/44] selinux: support per-task/cred selinux namespace, Stephen Smalley
  - Re: [RFC PATCH 06/44] selinux: support per-task/cred selinux namespace, sergeh
    - Re: [RFC PATCH 06/44] selinux: support per-task/cred selinux namespace, Stephen Smalley
- [RFC PATCH 08/44] selinux: add a selinuxfs interface to unshare selinux namespace, Stephen Smalley
- [RFC PATCH 02/44] selinux: introduce current_selinux_state, Stephen Smalley
- [RFC PATCH 09/44] selinuxfs: restrict write operations to the same selinux namespace, Stephen Smalley
- [RFC PATCH 07/44] selinux: introduce cred_selinux_state() and use it, Stephen Smalley
- [RFC PATCH 01/44] selinux: restore passing of selinux_state, Stephen Smalley
- [RFC PATCH 14/44] selinux: introduce cred_has_extended_perms(), Stephen Smalley
- [RFC PATCH 12/44] selinux: update hook functions to use correct selinux namespace, Stephen Smalley
- [RFC PATCH 17/44] selinux: introduce cred_ssid_has_perm() and cred_other_has_perm(), Stephen Smalley
- [RFC PATCH 15/44] selinux: introduce cred_self_has_perm(), Stephen Smalley
- [RFC PATCH 10/44] selinux: introduce a global SID table, Stephen Smalley
- [RFC PATCH 18/44] selinux: introduce task_obj_perm(), Stephen Smalley
- [RFC PATCH 13/44] selinux: introduce cred_task_has_perm(), Stephen Smalley
- [RFC PATCH 19/44] selinux: fix selinux_lsm_getattr() check, Stephen Smalley
- [RFC PATCH 20/44] selinux: update bprm hooks for selinux namespaces, Stephen Smalley
- [RFC PATCH 16/44] selinux: introduce cred_has_perm(), Stephen Smalley
- [RFC PATCH 11/44] selinux: wrap security server interfaces to use the global SID table, Stephen Smalley
- [RFC PATCH 22/44] selinux: convert selinux_file_send_sigiotask() to namespace-aware helper, Stephen Smalley
- [RFC PATCH 21/44] selinux: add kerneldoc to new permission checking functions, Stephen Smalley
- [RFC PATCH 26/44] selinux: annotate selinuxfs permission checks, Stephen Smalley
- [RFC PATCH 24/44] selinux: convert additional checks to cred_ssid_has_perm(), Stephen Smalley
- [RFC PATCH 23/44] selinux: rename cred_has_perm*() to cred_tsid_has_perm*(), Stephen Smalley
- [RFC PATCH 27/44] selinux: annotate process transition permission checks, Stephen Smalley
- [RFC PATCH 29/44] selinux: switch selinux_lsm_setattr() checks to current namespace, Stephen Smalley
- [RFC PATCH 31/44] selinux: fix namespace creation, Stephen Smalley
- [RFC PATCH 28/44] selinux: convert xfrm and netlabel permission checks, Stephen Smalley
- [RFC PATCH 25/44] selinux: introduce selinux_state_has_perm(), Stephen Smalley
- [RFC PATCH 30/44] selinux: add limits for SELinux namespaces, Stephen Smalley
- [RFC PATCH 32/44] selinux: limit selinux netlink notifications to init namespace, Stephen Smalley
- [RFC PATCH 33/44] selinux: refactor selinux_state_create(), Stephen Smalley
- [RFC PATCH 37/44] selinux: disallow writes to /sys/fs/selinux/user in non-init namespaces, Stephen Smalley
- [RFC PATCH 36/44] selinux: set initial SID context for init to "kernel" in global SID table, Stephen Smalley
- [RFC PATCH 38/44] selinux: convert nlmsg_sock_has_extended_perms() to namespace-aware, Stephen Smalley
- [RFC PATCH 34/44] selinux: make open_perms namespace-aware, Stephen Smalley
- [RFC PATCH 35/44] selinux: split cred_ssid_has_perm() into two cases, Stephen Smalley
- [RFC PATCH 39/44] selinux: defer inode init on current selinux state, Stephen Smalley
- [RFC PATCH 41/44] selinux: allow userspace to detect non-init SELinux namespace, Stephen Smalley
- [RFC PATCH 40/44] selinux: init inode from nearest initialized namespace, Stephen Smalley
- [RFC PATCH 42/44] selinux: exempt creation of init SELinux namespace from limits, Stephen Smalley
- [RFC PATCH 43/44] selinux: introduce a Kconfig option for SELinux namespaces, Stephen Smalley
- [RFC PATCH 44/44] selinux: fix inode initialization when no namespace is initialized, Stephen Smalley
  - Re: [RFC PATCH 44/44] selinux: fix inode initialization when no namespace is initialized, Stephen Smalley
- Re: [RFC PATCH 00/44] SELinux namespace support, Stephen Smalley
  - Re: [RFC PATCH 00/44] SELinux namespace support, Paul Moore
[PATCH 2/2] python: fix typos, Christian Göttsche
- [PATCH 1/2] libsepol: fix typos, Christian Göttsche
  - Re: [PATCH 1/2] libsepol: fix typos, James Carter
    - Re: [PATCH 1/2] libsepol: fix typos, Petr Lautrbach
[PATCH] libselinux: avoid quadratic complexity for many regex specs validation, Christian Göttsche
- Re: [PATCH] libselinux: avoid quadratic complexity for many regex specs validation, James Carter
  - Re: [PATCH] libselinux: avoid quadratic complexity for many regex specs validation, Christian Göttsche
[PATCH] semanage: improve -e documentation and fix delete operation, Christian Göttsche
- Re: [PATCH] semanage: improve -e documentation and fix delete operation, Petr Lautrbach
  - Re: [PATCH] semanage: improve -e documentation and fix delete operation, Christian Göttsche
[PATCH] libselinux: update max node depth, Christian Göttsche
- Re: [PATCH] libselinux: update max node depth, James Carter
  - Re: [PATCH] libselinux: update max node depth, Christian Göttsche
[PATCH linux-next 0/2] Fix perf security check problem, Luo Gengkun
- [PATCH linux-next 1/2] perf: Remove unnecessary parameter of security check, Luo Gengkun
  - Re: [PATCH linux-next 1/2] perf: Remove unnecessary parameter of security check, Paul Moore
    - Re: [PATCH linux-next 1/2] perf: Remove unnecessary parameter of security check, Luo Gengkun
    - Re: [PATCH linux-next 1/2] perf: Remove unnecessary parameter of security check, Ingo Molnar
  - Re: [PATCH 1/2] perf: Remove unnecessary parameter of security check, Paul Moore
- [PATCH linux-next 2/2] perf: Return EACCESS when need perfmon capability, Luo Gengkun
  - Re: [PATCH linux-next 2/2] perf: Return EACCESS when need perfmon capability, James Clark
    - Re: [PATCH linux-next 2/2] perf: Return EACCESS when need perfmon capability, Luo Gengkun
[PATCH v2] selinux: match extended permissions to their base permissions, Thiébaud Weksteen
- Re: [PATCH v2] selinux: match extended permissions to their base permissions, Paul Moore
[PATCH 1/2] lsm: add LSM hooks for io_uring_setup(), Hamza Mahfooz
[PATCH] lsm,io_uring: add LSM hooks for io_uring_setup(), Hamza Mahfooz
- Re: [PATCH] lsm,io_uring: add LSM hooks for io_uring_setup(), Jens Axboe
- Re: [PATCH] lsm,io_uring: add LSM hooks for io_uring_setup(), Casey Schaufler
  - Re: [PATCH] lsm,io_uring: add LSM hooks for io_uring_setup(), Paul Moore
selinux@xxxxxxxxxxxxxxx CDIF Comprobante 15:02, pago214
ANN: SELinux userspace 3.8-rc3 release, Petr Lautrbach
[GIT PULL] selinux/selinux-pr-20241217, Paul Moore
- Re: [GIT PULL] selinux/selinux-pr-20241217, pr-tracker-bot
[PATCH 0/6] Audit: Records for multiple security contexts, Casey Schaufler
- [PATCH 3/6] LSM: security_lsmblob_to_secctx module selection, Casey Schaufler
- [PATCH 1/6] Audit: Create audit_stamp structure, Casey Schaufler
- [PATCH 2/6] Audit: Allow multiple records in an audit_buffer, Casey Schaufler
- [PATCH 6/6] Audit: Add record for multiple object contexts, Casey Schaufler
- [PATCH 4/6] Audit: Add record for multiple task security contexts, Casey Schaufler
- [PATCH 5/6] Audit: multiple subject lsm values for netlabel, Casey Schaufler
[PATCH] libselinux/fuzz: readjust load_mmap() update, Christian Göttsche
- Re: [PATCH] libselinux/fuzz: readjust load_mmap() update, Christian Göttsche
- Re: [PATCH] libselinux/fuzz: readjust load_mmap() update, James Carter
  - Re: [PATCH] libselinux/fuzz: readjust load_mmap() update, James Carter
Re: kernel-secnext aarch64 builds missing?, Paul Moore
- Re: kernel-secnext aarch64 builds missing?, Paul Moore
  - Re: kernel-secnext aarch64 builds missing?, Paul Moore
    - Re: kernel-secnext aarch64 builds missing?, Ondrej Mosnacek
      - Re: kernel-secnext aarch64 builds missing?, Paul Moore
        
        Re: kernel-secnext aarch64 builds missing?, Ondrej Mosnacek
        
        Re: kernel-secnext aarch64 builds missing?, Paul Moore
        
        Re: kernel-secnext aarch64 builds missing?, Ondrej Mosnacek
[RFC PATCH 2/3] checkpolicy: add support for wildcard netifcon names, Christian Göttsche
- [RFC PATCH 3/3] secilc/test: add test for wildcard netifcon statement, Christian Göttsche
- [RFC PATCH 1/3] libsepol: update sort order for netifcon definitions, Christian Göttsche
[RFC PATCH] selinux: support wildcard network interface names, Christian Göttsche
- Re: [RFC PATCH] selinux: support wildcard network interface names, Christian Göttsche
- Re: [PATCH RFC] selinux: support wildcard network interface names, Paul Moore
[syzbot] [selinux?] [mm?] [overlayfs?] INFO: rcu detected stall in sys_mkdirat (2), syzbot
[RFC PATCH v2 01/22] selinux: supply missing field initializers, Christian Göttsche
- [RFC PATCH v2 04/22] selinux: rework match_ipv6_addrmask(), Christian Göttsche
  - Re: [PATCH RFC v2 4/22] selinux: rework match_ipv6_addrmask(), Paul Moore
- [RFC PATCH v2 02/22] selinux: avoid using types indicating user space interaction, Christian Göttsche
  - Re: [PATCH RFC v2 2/22] selinux: avoid using types indicating user space interaction, Paul Moore
- [RFC PATCH v2 05/22] selinux: avoid nontransitive comparison, Christian Göttsche
  - Re: [PATCH RFC v2 5/22] selinux: avoid nontransitive comparison, Paul Moore
    - Re: [PATCH RFC v2 5/22] selinux: avoid nontransitive comparison, Christian Göttsche
      - Re: [PATCH RFC v2 5/22] selinux: avoid nontransitive comparison, Christian Göttsche
- [RFC PATCH v2 03/22] selinux: align and constify functions, Christian Göttsche
  - Re: [PATCH RFC v2 3/22] selinux: align and constify functions, Paul Moore
- [RFC PATCH v2 06/22] selinux: rename comparison functions for clarity, Christian Göttsche
  - Re: [PATCH RFC v2 6/22] selinux: rename comparison functions for clarity, Paul Moore
- [RFC PATCH v2 07/22] selinux: use known type instead of void pointer, Christian Göttsche
  - Re: [PATCH RFC v2 7/22] selinux: use known type instead of void pointer, Paul Moore
- [RFC PATCH v2 08/22] selinux: avoid unnecessary indirection in struct level_datum, Christian Göttsche
  - Re: [PATCH RFC v2 8/22] selinux: avoid unnecessary indirection in struct level_datum, Paul Moore
- [RFC PATCH v2 10/22] selinux: use u16 for security classes, Christian Göttsche
  - Re: [PATCH RFC v2 10/22] selinux: use u16 for security classes, Paul Moore
- [RFC PATCH v2 09/22] selinux: make use of str_read(), Christian Göttsche
  - Re: [PATCH RFC v2 9/22] selinux: make use of str_read(), Paul Moore
- [RFC PATCH v2 12/22] selinux: check length fields in policies, Christian Göttsche
  - Re: [PATCH RFC v2 12/22] selinux: check length fields in policies, Paul Moore
- [RFC PATCH v2 13/22] selinux: validate constraints, Christian Göttsche
- [RFC PATCH v2 11/22] selinux: more strict policy parsing, Christian Göttsche
  - Re: [PATCH RFC v2 11/22] selinux: more strict policy parsing, Paul Moore
    - Re: [PATCH RFC v2 11/22] selinux: more strict policy parsing, Christian Göttsche
- [RFC PATCH v2 14/22] selinux: pre-validate conditional expressions, Christian Göttsche
- [RFC PATCH v2 16/22] selinux: check type attr map overflows, Christian Göttsche
- [RFC PATCH v2 15/22] selinux: introduce ebitmap_highest_set_bit(), Christian Göttsche
  - Re: [PATCH RFC v2 15/22] selinux: introduce ebitmap_highest_set_bit(), Paul Moore
- [RFC PATCH v2 17/22] selinux: reorder policydb_index(), Christian Göttsche
- [RFC PATCH v2 19/22] selinux: validate symbols, Christian Göttsche
  - Re: [PATCH RFC v2 19/22] selinux: validate symbols, Paul Moore
    - Re: [PATCH RFC v2 19/22] selinux: validate symbols, Christian Göttsche
- [RFC PATCH v2 18/22] selinux: beef up isvalid checks, Christian Göttsche
- [RFC PATCH v2 21/22] selinux: check for simple types, Christian Göttsche
- [RFC PATCH v2 20/22] selinux: more strict bounds check, Christian Göttsche
- [RFC PATCH v2 00/22] selinux: harden against malformed policies, Christian Göttsche
- [RFC PATCH v2 22/22] selinux: restrict policy strings, Christian Göttsche
  - Re: [RFC PATCH v2 22/22] selinux: restrict policy strings, Stephen Smalley
    - Re: [RFC PATCH v2 22/22] selinux: restrict policy strings, Joe Nall
      - Re: [RFC PATCH v2 22/22] selinux: restrict policy strings, Christian Göttsche
        
        Re: [RFC PATCH v2 22/22] selinux: restrict policy strings, Daniel Burgener
        
        Re: [RFC PATCH v2 22/22] selinux: restrict policy strings, James Carter
- Re: [PATCH RFC v2 1/22] selinux: supply missing field initializers, Paul Moore
[RFC PATCH v2] libselinux: restore previous regex spec ordering, Christian Göttsche
- Re: [RFC PATCH v2] libselinux: restore previous regex spec ordering, Takaya Saeki
- Re: [RFC PATCH v2] libselinux: restore previous regex spec ordering, James Carter
  - Re: [RFC PATCH v2] libselinux: restore previous regex spec ordering, James Carter
[PATCH] libsemanage: Mute error messages from selinux_restorecon, Vit Mojzis
- Re: [PATCH] libsemanage: Mute error messages from selinux_restorecon, James Carter
  - Re: [PATCH] libsemanage: Mute error messages from selinux_restorecon, James Carter
[PATCH] selinux: Read sk->sk_family once in selinux_socket_bind(), Mikhail Ivanov
- Re: [PATCH] selinux: Read sk->sk_family once in selinux_socket_bind(), Mickaël Salaün
  - Re: [PATCH] selinux: Read sk->sk_family once in selinux_socket_bind(), Mikhail Ivanov
    - Re: [PATCH] selinux: Read sk->sk_family once in selinux_socket_bind(), Stephen Smalley
      - Re: [PATCH] selinux: Read sk->sk_family once in selinux_socket_bind(), Mikhail Ivanov
        
        Re: [PATCH] selinux: Read sk->sk_family once in selinux_socket_bind(), Stephen Smalley
        
        Re: [PATCH] selinux: Read sk->sk_family once in selinux_socket_bind(), Paul Moore
        
        Re: [PATCH] selinux: Read sk->sk_family once in selinux_socket_bind(), Stephen Smalley
        
        Re: [PATCH] selinux: Read sk->sk_family once in selinux_socket_bind(), Paul Moore
        
        Re: [PATCH] selinux: Read sk->sk_family once in selinux_socket_bind(), Mikhail Ivanov
- Re: [PATCH] selinux: Read sk->sk_family once in selinux_socket_bind(), Stephen Smalley
3.8-rc2 will become rc3, Petr Lautrbach
The curious case of pidfs and pidfds, Paul Moore
- Re: The curious case of pidfs and pidfds, Stephen Smalley
  - Re: The curious case of pidfs and pidfds, Stephen Smalley
    - Re: The curious case of pidfs and pidfds, Paul Moore
      - Re: The curious case of pidfs and pidfds, Stephen Smalley
[RFC PATCH] libselinux: restore previous regex spec ordering, Christian Göttsche
- Re: [RFC PATCH] libselinux: restore previous regex spec ordering, Petr Lautrbach
  - Re: [RFC PATCH] libselinux: restore previous regex spec ordering, Takaya Saeki
[PATCH 1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile", James Carter
- [PATCH 3/9] Revert "libselinux: simplify string formatting", James Carter
- [PATCH 2/9] Revert "libselinux/utils: use correct error handling", James Carter
- [PATCH 4/9] Revert "libselinux: use vector instead of linked list for substitutions", James Carter
- [PATCH 5/9] Revert "libselinux: avoid memory allocation in common file label lookup", James Carter
- [PATCH 7/9] Revert "libselinux: support parallel selabel_lookup(3)", James Carter
- [PATCH 6/9] Revert "libselinux: move functions out of header file", James Carter
- [PATCH 8/9] Revert "libselinux: add selabel_file(5) fuzzer", James Carter
- [PATCH 9/9] Revert "libselinux: rework selabel_file(5) database", James Carter
- Re: [PATCH 1/9] Revert "libselinux/utils: drop reachable assert in sefcontext_compile", James Carter
[PATCH] selinux: support wildcard match in genfscon, Takaya Saeki
- Re: [PATCH] selinux: support wildcard match in genfscon, Paul Moore
  - Re: [PATCH] selinux: support wildcard match in genfscon, Takaya Saeki
    - Re: [PATCH] selinux: support wildcard match in genfscon, Paul Moore
      - Re: [PATCH] selinux: support wildcard match in genfscon, Takaya Saeki
        
        Re: [PATCH] selinux: support wildcard match in genfscon, Paul Moore
        
        Re: [PATCH] selinux: support wildcard match in genfscon, Takaya Saeki
        
        Re: [PATCH] selinux: support wildcard match in genfscon, Paul Moore
        
        Re: [PATCH] selinux: support wildcard match in genfscon, Takaya Saeki
        
        Re: [PATCH] selinux: support wildcard match in genfscon, Paul Moore
      - Re: [PATCH] selinux: support wildcard match in genfscon, Stephen Smalley
- Re: [PATCH] selinux: support wildcard match in genfscon, Daniel Burgener
  - Re: [PATCH] selinux: support wildcard match in genfscon, Takaya Saeki
Incompatible file_contexts precedence in 3.8-rc1, Takaya Saeki
- Re: Incompatible file_contexts precedence in 3.8-rc1, Christian Göttsche
  - Re: Incompatible file_contexts precedence in 3.8-rc1, Takaya Saeki
    - Re: Incompatible file_contexts precedence in 3.8-rc1, James Carter
[PATCH] selinux: KASAN; slab-out-of-bounds in avc_lookup, Joey Jiao
- Re: [PATCH] selinux: KASAN; slab-out-of-bounds in avc_lookup, Paul Moore
[PATCH] libselinux/fuzz: update for lookup_all() change, Christian Göttsche
- Re: [PATCH] libselinux/fuzz: update for lookup_all() change, James Carter
  - Re: [PATCH] libselinux/fuzz: update for lookup_all() change, James Carter
[RFC] genfscon wildcard support for faster sysfs labeling, Takaya Saeki
- Re: [RFC] genfscon wildcard support for faster sysfs labeling, Christian Göttsche
  - Re: [RFC] genfscon wildcard support for faster sysfs labeling, Takaya Saeki
    - Re: [RFC] genfscon wildcard support for faster sysfs labeling, Takaya Saeki
[PATCH] selinux: match extended permissions to their base permissions, Thiébaud Weksteen
- Re: [PATCH] selinux: match extended permissions to their base permissions, Paul Moore
  - Re: [PATCH] selinux: match extended permissions to their base permissions, Thiébaud Weksteen
[PATCH v2] selinux: add netlink nlmsg_type audit message, Thiébaud Weksteen
- Re: [PATCH v2] selinux: add netlink nlmsg_type audit message, Paul Moore
  - Re: [PATCH v2] selinux: add netlink nlmsg_type audit message, Thiébaud Weksteen
    - Re: [PATCH v2] selinux: add netlink nlmsg_type audit message, Paul Moore
[PATCH v2] selinux: ignore unknown extended permissions, Thiébaud Weksteen
- Message not available
  - Re: [PATCH v2] selinux: ignore unknown extended permissions, Thiébaud Weksteen
- Re: [PATCH v2] selinux: ignore unknown extended permissions, Paul Moore
[PATCH] libsepol: add missing word separators in error message, Christian Göttsche
- Re: [PATCH] libsepol: add missing word separators in error message, James Carter
  - Re: [PATCH] libsepol: add missing word separators in error message, James Carter
[PATCH] selinux: ignore unknown extended permissions, Thiébaud Weksteen
- Re: [PATCH] selinux: ignore unknown extended permissions, Paul Moore
Systemd socket labeling issue, Daniel Burgener
- Re: Systemd socket labeling issue, Daniel Burgener
[PATCH] libselinux/utils: drop reachable assert in sefcontext_compile, Christian Göttsche
[PATCH v2] libselinux/utils: drop reachable assert in sefcontext_compile, Christian Göttsche
- Re: [PATCH v2] libselinux/utils: drop reachable assert in sefcontext_compile, Petr Lautrbach
  - Re: [PATCH v2] libselinux/utils: drop reachable assert in sefcontext_compile, James Carter
    - Re: [PATCH v2] libselinux/utils: drop reachable assert in sefcontext_compile, James Carter
Regression in 92306daf5219 ("libselinux: rework selabel_file(5) database"), Petr Lautrbach
- Re: Regression in 92306daf5219 ("libselinux: rework selabel_file(5) database"), Petr Lautrbach
[RFC PATCH] Introduce POLICYDB_VERSION_KERNEL_MAX, Christian Göttsche
- Re: [RFC PATCH] Introduce POLICYDB_VERSION_KERNEL_MAX, Stephen Smalley
  - Re: [RFC PATCH] Introduce POLICYDB_VERSION_KERNEL_MAX, Christian Göttsche
[PATCH] checkpolicy: drop host bits in IPv6 CIDR address, Christian Göttsche
- Re: [PATCH] checkpolicy: drop host bits in IPv6 CIDR address, James Carter
  - Re: [PATCH] checkpolicy: drop host bits in IPv6 CIDR address, James Carter
[PATCH] libsepol: avoid unnecessary memset(3) calls in hashtab, Christian Göttsche
- Re: [PATCH] libsepol: avoid unnecessary memset(3) calls in hashtab, James Carter
  - Re: [PATCH] libsepol: avoid unnecessary memset(3) calls in hashtab, James Carter
[PATCH] libselinux/utils: use correct error handling, Christian Göttsche
- Re: [PATCH] libselinux/utils: use correct error handling, James Carter
  - Re: [PATCH] libselinux/utils: use correct error handling, James Carter
[RFC PATCH] ioctl: add test for conditional xperms, Christian Göttsche
- Re: [RFC PATCH] ioctl: add test for conditional xperms, Stephen Smalley
  - Re: [RFC PATCH] ioctl: add test for conditional xperms, Ondrej Mosnacek
ANN: SELinux userspace 3.8-rc1 release, Petr Lautrbach
[PATCH v2] selinux: add generated av_permissions.h to targets, Thomas Weißschuh
- Re: [PATCH v2] selinux: add generated av_permissions.h to targets, Masahiro Yamada
- Re: [PATCH v2] selinux: add generated av_permissions.h to targets, Paul Moore
[PATCH net] selinux: use sk_to_full_sk() in selinux_ip_output(), Eric Dumazet
- Re: [PATCH net] selinux: use sk_to_full_sk() in selinux_ip_output(), Paul Moore
- Re: [PATCH net] selinux: use sk_to_full_sk() in selinux_ip_output(), Kuniyuki Iwashima
- Re: [PATCH net] selinux: use sk_to_full_sk() in selinux_ip_output(), patchwork-bot+netdevbpf
  - Re: [PATCH net] selinux: use sk_to_full_sk() in selinux_ip_output(), Paul Moore
    - Re: [PATCH net] selinux: use sk_to_full_sk() in selinux_ip_output(), Jakub Kicinski
      - Re: [PATCH net] selinux: use sk_to_full_sk() in selinux_ip_output(), Paul Moore
[syzbot] [selinux?] KASAN: slab-out-of-bounds Read in selinux_ip_output, syzbot
[PATCH v3 1/3] libselinux: avoid memory allocation in common file label lookup, Christian Göttsche
- [PATCH v3 2/3] libselinux: use vector instead of linked list for substitutions, Christian Göttsche
- [PATCH v3 3/3] libselinux: simplify string formatting, Christian Göttsche
- Re: [PATCH v3 1/3] libselinux: avoid memory allocation in common file label lookup, James Carter
  - Re: [PATCH v3 1/3] libselinux: avoid memory allocation in common file label lookup, James Carter
[PATCH v2] bpf, lsm: Remove getlsmprop hooks BTF IDs, Thomas Weißschuh
- Re: [PATCH v2] bpf, lsm: Remove getlsmprop hooks BTF IDs, patchwork-bot+netdevbpf
[PATCH v2 1/9] libsemanage: set O_CLOEXEC flag for file descriptors, Christian Göttsche
- [PATCH v2 2/9] libsemanage: handle cil_set_handle_unknown() failure, Christian Göttsche
- [PATCH v2 5/9] libsemanage: check closing written files, Christian Göttsche
- [PATCH v2 3/9] libsemanage: handle shell allocation failure, Christian Göttsche
- [PATCH v2 4/9] libsemanage: drop duplicate newlines and error descriptions in error messages, Christian Göttsche
- [PATCH v2 6/9] libsemanage: simplify file deletion, Christian Göttsche
- [PATCH v2 7/9] libsemanage: optimize policy by default, Christian Göttsche
- [PATCH v2 9/9] libsemanage: respect shell paths with /usr prefix, Christian Göttsche
  - Re: [PATCH v2 9/9] libsemanage: respect shell paths with /usr prefix, James Carter
    - Re: [PATCH v2 9/9] libsemanage: respect shell paths with /usr prefix, Petr Lautrbach
- [PATCH v2 8/9] libsemanage/man: add documentation for command overrides, Christian Göttsche
[PATCH v2 1/3] libselinux: avoid memory allocation in common file label lookup, Christian Göttsche
- [PATCH v2 2/3] libselinux: use vector instead of linked list for substitutions, Christian Göttsche
  - Re: [PATCH v2 2/3] libselinux: use vector instead of linked list for substitutions, James Carter
    - Re: [PATCH v2 2/3] libselinux: use vector instead of linked list for substitutions, Christian Göttsche
      - Re: [PATCH v2 2/3] libselinux: use vector instead of linked list for substitutions, James Carter
- [PATCH v2 3/3] libselinux: simplify string formatting, Christian Göttsche
[PATCH] selinux: use native iterator types, Christian Göttsche
- Re: [PATCH] selinux: use native iterator types, Paul Moore
  - RE: [PATCH] selinux: use native iterator types, David Laight
    - Re: [PATCH] selinux: use native iterator types, Linus Torvalds
      - Re: [PATCH] selinux: use native iterator types, Paul Moore
        
        Re: [PATCH] selinux: use native iterator types, Christian Göttsche
[PATCH] bpf, lsm: Fix getlsmprop hooks BTF IDs, Thomas Weißschuh
- Re: [PATCH] bpf, lsm: Fix getlsmprop hooks BTF IDs, Jiri Olsa
- Re: [PATCH] bpf, lsm: Fix getlsmprop hooks BTF IDs, Alexei Starovoitov
  - Re: [PATCH] bpf, lsm: Fix getlsmprop hooks BTF IDs, Thomas Weißschuh
    - Re: [PATCH] bpf, lsm: Fix getlsmprop hooks BTF IDs, Matt Bobrowski
[PATCH 1/2] libselinux: avoid memory allocation in common file label lookup, Christian Göttsche
- [PATCH 2/2] selinux: use vector instead of linked list for substitutions, Christian Göttsche
Re: [PATCH] mm/kmemleak: Fix sleeping function called from invalid context in kmemleak_seq_show, Alessandro Carminati
[PATCH 1/2] libsepol: harden availability check against user CFLAGS, Christian Göttsche
- [PATCH 2/2] libselinux: harden availability check against user CFLAGS, Christian Göttsche
- Re: [PATCH 1/2] libsepol: harden availability check against user CFLAGS, James Carter
  - Re: [PATCH 1/2] libsepol: harden availability check against user CFLAGS, James Carter
[PATCH v3 2/3] libselinux: avoid dynamic allocation in openattr(), Christian Göttsche
[PATCH v2 1/3] libselinux: make use of calloc(3), Christian Göttsche
- [PATCH v2 2/3] libselinux: avoid dynamic allocation in openattr(), Christian Göttsche
- [PATCH v2 3/3] libselinux: move functions out of header file, Christian Göttsche
- Re: [PATCH v2 1/3] libselinux: make use of calloc(3), James Carter
  - Re: [PATCH v2 1/3] libselinux: make use of calloc(3), James Carter
[PATCH] selinux: explicitly clean generated av_permissions.h, Thomas Weißschuh
- Re: [PATCH] selinux: explicitly clean generated av_permissions.h, Masahiro Yamada
  - Re: [PATCH] selinux: explicitly clean generated av_permissions.h, Thomas Weißschuh
  - Re: [PATCH] selinux: explicitly clean generated av_permissions.h, Paul Moore
[PATCH 00/17] testsuite: misc fixes and virtme-ng support, Christian Göttsche
- [PATCH 03/17] tools: quote command to prevent word splitting, Christian Göttsche
- [PATCH 04/17] tests: port scripts to sh and please shellcheck, Christian Göttsche
- [PATCH 02/17] Makefile: use $(MAKE) to pass options, Christian Göttsche
- [PATCH 06/17] Makefile: add PHONY targets, Christian Göttsche
- [PATCH 08/17] tests/notify: work with CONFIG_FANOTIFY disabled, Christian Göttsche
- [PATCH 12/17] tests/filesystem: improve fsnotify check and preload loop module, Christian Göttsche
- [PATCH 07/17] test: overlayfs related tweaks, Christian Göttsche
- [PATCH 13/17] defconfig: enable CONFIG_XFRM_USER, Christian Göttsche
- [PATCH 14/17] defconfig: enable CONFIG_NETFILTER_NETLINK_LOG, Christian Göttsche
- [PATCH 15/17] tests: test code tweaks, Christian Göttsche
- [PATCH 16/17] tests: fail on compiler warnings and enable Wextra, Christian Göttsche

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]