SELinux - Date Index
[Prev Page][Next Page]
- Re: [GIT PULL] LSM fixes for v6.0 (#1)
- From: pr-tracker-bot@xxxxxxxxxx
- Re: [systemd-devel] socket activation selinux context on create
- From: Ted Toth <txtoth@xxxxxxxxx>
- Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v2] tests/secretmem: add test
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH] tests/secretmem: add test
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [systemd-devel] socket activation selinux context on create
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 1/3] secilc/docs: selinuxuser actually takes a string not identifier
- From: bauen1 <j2468h@xxxxxxxxxxxxxx>
- Re: [PATCH 1/3] secilc/docs: selinuxuser actually takes a string not identifier
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 3/3] secilc/docs: disable pandoc default css for html docs
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 2/3] secilc/docs: fix syntax highlighting
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [systemd-devel] socket activation selinux context on create
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [systemd-devel] socket activation selinux context on create
- From: Ted Toth <txtoth@xxxxxxxxx>
- Re: [PATCH] selinux: declare read-only parameters const
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux: use int arrays for boolean values
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 1/3] secilc/docs: selinuxuser actually takes a string not identifier
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH linux-next] selinux: remove redundant variables rc
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH linux-next] selinux: Remove the unneeded result variable
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH] libselinux: support objname in compute_create
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [RFC PATCH 1/2] fs/xattr: add *at family syscalls
- From: Christian Brauner <brauner@xxxxxxxxxx>
- Re: [RFC PATCH 2/2] fs/xattr: wire up syscalls
- From: Christian Brauner <brauner@xxxxxxxxxx>
- [PATCH] selinux: declare read-only parameters const
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH] selinux: use int arrays for boolean values
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [RFC PATCH 1/2] fs/xattr: add *at family syscalls
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [RFC PATCH 2/2] fs/xattr: wire up syscalls
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v3 1/8] capability: add any wrapper to test for multiple caps with exactly one audit message
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3 1/8] capability: add any wrapper to test for multiple caps with exactly one audit message
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH linux-next] selinux: remove redundant variables rc
- Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH testsuite] tests: remove more stray flag/temporary files with 'make clean'
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean'
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing
- From: David Howells <dhowells@xxxxxxxxxx>
- [PATCH linux-next] selinux: Remove the unneeded result variable
- Re: [systemd-devel] socket activation selinux context on create
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [GIT PULL] LSM fixes for v6.0 (#1)
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] checkpolicy: avoid passing NULL pointer to memset()
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] libsepol: fix missing double quotes in typetransition CIL rule
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Christian Brauner <brauner@xxxxxxxxxx>
- [PATCH] checkpolicy: avoid passing NULL pointer to memset()
- From: Juraj Marcin <juraj@xxxxxxxxxxxxxxx>
- [PATCH 3/3] secilc/docs: disable pandoc default css for html docs
- From: bauen1 <j2468h@xxxxxxxxxxxxxx>
- [PATCH 2/3] secilc/docs: fix syntax highlighting
- From: bauen1 <j2468h@xxxxxxxxxxxxxx>
- [PATCH 1/3] secilc/docs: selinuxuser actually takes a string not identifier
- From: bauen1 <j2468h@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Song Liu <songliubraving@xxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Song Liu <songliubraving@xxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Song Liu <songliubraving@xxxxxx>
- Re: [PATCH 0/3] LSM hooks for IORING_OP_URING_CMD
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean'
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Ignat Korchagin <ignat@xxxxxxxxxxxxxx>
- Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY
- From: Christian Brauner <brauner@xxxxxxxxxx>
- [PATCH testsuite] tests: remove more stray flag/temporary files with 'make clean'
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH testsuite 0/2] Prepare userfaultfd policy for Fedora policy changes
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing
- From: Christian Brauner <brauner@xxxxxxxxxx>
- Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean'
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Song Liu <songliubraving@xxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Song Liu <songliubraving@xxxxxx>
- Re: [systemd-devel] socket activation selinux context on create
- From: Ted Toth <txtoth@xxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean'
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH] libsepol: fix missing double quotes in typetransition CIL rule
- From: Juraj Marcin <juraj@xxxxxxxxxxxxxxx>
- Re: [PATCH testsuite 2/2] test_userfaultfd.te: adapt to upcoming Fedora policy changes
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [systemd-devel] socket activation selinux context on create
- From: Ted Toth <txtoth@xxxxxxxxx>
- Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean'
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Fwd: [systemd-devel] socket activation selinux context on create
- From: Ted Toth <txtoth@xxxxxxxxx>
- Re: [PATCH] tests/filesystem/xfs: use a 300M xfs filesystem image
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH] tests/filesystem/xfs: use a 300M xfs filesystem image
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH testsuite 2/2] test_userfaultfd.te: adapt to upcoming Fedora policy changes
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH testsuite 1/2] policy: remove CIL workarounds for missing anon_inode class
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 2/2] test_userfaultfd.te: adapt to upcoming Fedora policy changes
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 0/2] Prepare userfaultfd policy for Fedora policy changes
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] tests/sctp: allow both ENOSPC and EINPROGRESS for CIPSO tag space errors
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 2/3] selinux: implement the security_uring_cmd() LSM hook
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] tests/sctp: allow both ENOSPC and EINPROGRESS for CIPSO tag space errors
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH] selinux: SCTP fixes, including ASCONF
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH] selinux: add a new warn_on_audited debug flag to selinuxfs
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Jens Axboe <axboe@xxxxxxxxx>
- Re: [PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 2/3] selinux: implement the security_uring_cmd() LSM hook
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Jens Axboe <axboe@xxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Jens Axboe <axboe@xxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Jens Axboe <axboe@xxxxxxxxx>
- [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH 2/3] selinux: implement the security_uring_cmd() LSM hook
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH 0/3] LSM hooks for IORING_OP_URING_CMD
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 0/3] LSM hooks for IORING_OP_URING_CMD
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH 0/3] LSM hooks for IORING_OP_URING_CMD
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: SELinux testsuite on 6.0-rc2 binder BUG
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: SELinux testsuite on 6.0-rc2 binder BUG
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v1] selinux/ss/services.c: check the return value of audit_log_start() in security_sid_mls_copy()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH v1] selinux/ss/services.c: check the return value of audit_log_start() in security_sid_mls_copy()
- From: lily <floridsleeves@xxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Amir Goldstein <amir73il@xxxxxxxxx>
- Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules
- From: "Guozihua (Scott)" <guozihua@xxxxxxxxxx>
- RE: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Jonathan Chapman-Moore <jdm7dv@xxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules
- From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules
- From: "Guozihua (Scott)" <guozihua@xxxxxxxxxx>
- Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules
- From: "Guozihua (Scott)" <guozihua@xxxxxxxxxx>
- Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH] selinux: Variable type completion
- From: Xin Gao <gaoxin@xxxxxxxxxx>
- Re: [syzbot] KASAN: use-after-free Read in sock_has_perm
- From: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
- Re: [syzbot] KASAN: use-after-free Read in sock_has_perm
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [syzbot] KASAN: use-after-free Read in sock_has_perm
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [syzbot] KASAN: use-after-free Read in sock_has_perm
- From: syzbot <syzbot+2f2c6bea25b08dc06f86@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] selinux: add a new warn_on_audited debug flag to selinuxfs
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean'
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux: SCTP fixes, including ASCONF
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH v5 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v5 4/4] selinux: Implement userns_create hook
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v5 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v5 0/4] Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v5 1/4] security, lsm: Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH 1/4] ci: bump versions in GitHub Actions
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 1/2] checkpolicy: use strict function prototype for definitions
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] libselinux: avoid newline in avc message
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules
- From: Mimi Zohar <zohar@xxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 1/4] ci: bump versions in GitHub Actions
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] selinux: SCTP fixes, including ASCONF
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [BUG] (fsuse xattr "fuse" mycontext) causes deadlock for mount/sync syscall
- From: bauen1 <j2468h@xxxxxxxxxxxxxx>
- Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH] selinux: SCTP fixes, including ASCONF
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: KVM / virtual networking access control
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 1/2] checkpolicy: use strict function prototype for definitions
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] libselinux: avoid newline in avc message
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH] tests/sctp: reenable the SCTP ASCONF tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH] tests/sctp: allow both ENOSPC and EINPROGRESS for CIPSO tag space errors
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH] selinux: SCTP fixes, including ASCONF
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: KVM / virtual networking access control
- From: Karl MacMillan <karl@xxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: [PATCH v3 1/8] libsepol: refactor ebitmap conversion in link.c
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v2 1/5] libsepol: rename validate_policydb to policydb_validate
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v2 1/7] libsepol/tests: add ebitmap tests
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 1/3] libsepol: break circular include
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v2] libselinux: set errno to EBADF on O_PATH emulation ENOENT failure
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 2/2] restorecond: use strict function prototype for definition
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 1/2] checkpolicy: use strict function prototype for definitions
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] libselinux/utils: install into bin PATH
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH 4/4] Ignore egg-info directories and clean them
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 3/4] scripts: ignore Flake8 tag E275
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 2/4] scripts/ci: use F36 image instead of F34
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 1/4] ci: bump versions in GitHub Actions
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 2/2] restorecond: use strict function prototype for definition
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 1/2] checkpolicy: use strict function prototype for definitions
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH] libselinux/utils: install into bin PATH
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH] libselinux: avoid newline in avc message
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v3 6/8] libsepol/cil: add support for segregate attributes
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v3 4/8] checkpolicy: add front-end support for segregate attributes
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing
- From: Jeff Layton <jlayton@xxxxxxxxxx>
- Re: [PATCH v3 3/8] libsepol: add compile-time constraint for mutual exclusive attributes
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v3 7/8] secilc: run tests against development version of libsepol
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v3 2/8] libsepol: add ebitmap iterator wrapper with startnode
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v3 1/8] libsepol: refactor ebitmap conversion in link.c
- From: James Carter <jwcart2@xxxxxxxxx>
- [PATCH] selinux: add a new warn_on_audited debug flag to selinuxfs
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules
- From: "Guozihua (Scott)" <guozihua@xxxxxxxxxx>
- [PATCH AUTOSEL 4.9 8/8] selinux: Add boundary check in put_entry()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.14 12/12] selinux: Add boundary check in put_entry()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.4 23/23] selinux: Add boundary check in put_entry()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 4.19 16/16] selinux: Add boundary check in put_entry()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.15 42/45] selinux: fix memleak in security_read_state_kernel()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.10 29/29] selinux: Add boundary check in put_entry()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.15 43/45] selinux: Add boundary check in put_entry()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.18 51/53] selinux: Add boundary check in put_entry()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.18 50/53] selinux: fix memleak in security_read_state_kernel()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.19 53/58] selinux: fix memleak in security_read_state_kernel()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- [PATCH AUTOSEL 5.19 54/58] selinux: Add boundary check in put_entry()
- From: Sasha Levin <sashal@xxxxxxxxxx>
- Re: [PATCH v2] nfs: Fix automount superblock LSM init problem, preventing sb sharing
- From: David Howells <dhowells@xxxxxxxxxx>
- [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH v2] nfs: Fix automount superblock LSM init problem, preventing sb sharing
- From: Jeff Layton <jlayton@xxxxxxxxxx>
- Re: [PATCH] nfs: Fix automount superblock LSM init problem, preventing sb sharing
- From: David Howells <dhowells@xxxxxxxxxx>
- [PATCH v2] nfs: Fix automount superblock LSM init problem, preventing sb sharing
- From: David Howells <dhowells@xxxxxxxxxx>
- [PATCH] nfs: Fix automount superblock LSM init problem, preventing sb sharing
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH v4 1/4] security, lsm: Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH testsuite 11/24] test_general.te: move sysadm-related rules into an optional block
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH testsuite 21/24] tests/overlay: don't hard-code SELinux user of the caller
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: LSM stacking in next for 6.1?
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: LSM stacking in next for 6.1?
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
- Re: LSM stacking in next for 6.1?
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: LSM stacking in next for 6.1?
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: LSM stacking in next for 6.1?
- From: John Johansen <john.johansen@xxxxxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: LSM stacking in next for 6.1?
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- LSM stacking in next for 6.1?
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [GIT PULL] SELinux patches for v6.0
- From: pr-tracker-bot@xxxxxxxxxx
- Re: [PATCH v4 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook
- From: KP Singh <kpsingh@xxxxxxxxxx>
- Re: [PATCH v4 1/4] security, lsm: Introduce security_create_user_ns()
- From: KP Singh <kpsingh@xxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable
- From: KP Singh <kpsingh@xxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: KP Singh <kpsingh@xxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: KP Singh <kpsingh@xxxxxxxxxx>
- Re: [PATCH testsuite 21/24] tests/overlay: don't hard-code SELinux user of the caller
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH testsuite 11/24] test_general.te: move sysadm-related rules into an optional block
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH testsuite 09/24] policy: move miscfiles_domain_entry_test_files() to general policy
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH v4 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable
- From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
- [GIT PULL] SELinux patches for v6.0
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v2 1/5] libsepol: rename validate_policydb to policydb_validate
- From: James Carter <jwcart2@xxxxxxxxx>
- [PATCH v4 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v4 4/4] selinux: Implement userns_create hook
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v4 1/4] security, lsm: Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v4 0/4] Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH testsuite] tests/module_load: detect the linker to use for module build
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH testsuite 24/24] ci: add sysadm_t to the test matrix
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH 1/2] sepolgen: Update refparser to handle xperm
- From: chris.lindee@xxxxxxxxx
- [PATCH 2/2] sepolgen: Support named xperms
- From: chris.lindee@xxxxxxxxx
- Adjust sepolgen grammar to support allowxperm, et. al.
- From: chris.lindee@xxxxxxxxx
- Re: KVM / virtual networking access control
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH testsuite 24/24] ci: add sysadm_t to the test matrix
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
- KVM / virtual networking access control
- From: Karl MacMillan <karl@xxxxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 20/24] tests/binder: check only the type part of the context
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 21/24] tests/overlay: don't hard-code SELinux user of the caller
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 24/24] ci: add sysadm_t to the test matrix
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 23/24] tests/vsock_socket: use modprobe to check vsock availability
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 22/24] policy: give sysadm_t perms needed to run quotacheck(8)
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 19/24] ci: check for unconfined_t AVCs
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 16/24] policy: remove last hardcoded references to unconfined_t
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 18/24] policy: don't audit testsuite programs searching the caller's keys
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 17/24] test_general.te: generalize the dontaudit rule
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 15/24] tests/*filesystem: remove weird uses of unconfined_t
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 10/24] policy: substitute userdom_sysadm_entry_spec_domtrans_to()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 14/24] tests/nnp_nosuid: avoid hardcoding unconfined_t in the policy
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 13/24] test_filesystem.te: remove suspicious rules
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 12/24] test_filesystem.te: remove redundant dontaudit rules
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 11/24] test_general.te: move sysadm-related rules into an optional block
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 09/24] policy: move miscfiles_domain_entry_test_files() to general policy
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 07/24] policy: move unconfined_t-related dontaudit rule to where it fits better
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 06/24] test_policy.if: remove weird rule from testsuite_domain_type_minimal()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 03/24] test_global.te: don't add domains to system_r
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 02/24] test_global.te: remove unused role require
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 01/24] keys: change test_newcon_key_t to be just an object context
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Ignat Korchagin <ignat@xxxxxxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Djalal Harouni <tixxdz@xxxxxxxxx>
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3 1/4] security, lsm: Introduce security_create_user_ns()
- From: Christian Brauner <brauner@xxxxxxxxxx>
- Re: [PATCH v3 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable
- From: Christian Brauner <brauner@xxxxxxxxxx>
- Re: [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook
- From: Christian Brauner <brauner@xxxxxxxxxx>
- Re: [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Martin KaFai Lau <kafai@xxxxxx>
- Re: [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook
- From: Martin KaFai Lau <kafai@xxxxxx>
- [PATCH v3 4/4] selinux: Implement userns_create hook
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v3 0/4] Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v3 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v3 1/4] security, lsm: Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v2 5/5] libsepol: more strict validation
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 4/5] libsepol: rename parameter name
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 3/5] libsepol: operate on const pointers during validation
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 1/5] libsepol: rename validate_policydb to policydb_validate
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 2/5] libsepol: support const avtab_t pointer in avtab_map()
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 4/8] checkpolicy: add front-end support for segregate attributes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 6/8] libsepol/cil: add support for segregate attributes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 3/8] libsepol: add compile-time constraint for mutual exclusive attributes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 8/8] secilc: include segregate attributes in tests
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 2/8] libsepol: add ebitmap iterator wrapper with startnode
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 1/8] libsepol: refactor ebitmap conversion in link.c
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 7/8] secilc: run tests against development version of libsepol
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 5/8] libsepol/tests: add test for segregate attributes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH v2 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 5/5] libsepol: more strict validation
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v2 0/4] Introduce security_create_user_ns()
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH v2 1/7] libsepol/tests: add ebitmap tests
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 1/5] libsepol: rename validate_policydb to policydb_validate
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v2 4/4] selinux: Implement create_user_ns hook
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH v2 4/4] selinux: Implement create_user_ns hook
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH v2 0/4] Introduce security_create_user_ns()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v2 4/4] selinux: Implement create_user_ns hook
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v2 0/4] Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH 1/3] libsepol: break circular include
- From: James Carter <jwcart2@xxxxxxxxx>
- [PATCH v2 7/7] libsepol: skip superfluous memset calls in ebitmap operations
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 5/7] libsepol: optimize ebitmap_and
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 6/7] libsepol: optimize ebitmap_xor
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 4/7] libsepol: optimize ebitmap_not
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 3/7] libsepol/cil: use ebitmap_init_range
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 2/7] libsepol: add ebitmap_init_range
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 1/7] libsepol/tests: add ebitmap tests
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH] python: remove IOError in certain cases
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH] python: remove IOError in certain cases
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- [PATCH] tests/sctp: remove assumptions in the SCTP tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 7/7] libsepol: skip superfluous memset calls in ebitmap operations
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 6/7] libsepol: optimize ebitmap_xor
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 5/7] libsepol: optimize ebitmap_and
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 4/7] libsepol: optimize ebitmap_not
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 3/7] libsepol/cil: use ebitmap_init_range
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 2/7] libsepol: add ebitmap_init_range
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 1/7] libsepol/tests: add ebitmap tests
- From: James Carter <jwcart2@xxxxxxxxx>
- [PATCH testsuite] tests/module_load: detect the linker to use for module build
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH v2 0/4] Introduce security_create_user_ns()
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- [PATCH 5/5] libsepol: more strict validation
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 3/5] libsepol: operator on const pointers during validation
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 4/5] libsepol: rename parameter name
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 2/5] libsepol: support const avtab_t pointer in avtab_map()
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 1/5] libsepol: rename validate_policydb to policydb_validate
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 3/3] libsepol: enclose macro parameters and replacement lists in parentheses
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 1/3] libsepol: break circular include
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 2/3] libsepol: include necessary headers in headers
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v37 00/33] LSM: Module stacking for AppArmor
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH v37 00/33] LSM: Module stacking for AppArmor
- From: John Johansen <john.johansen@xxxxxxxxxxxxx>
- Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: Bug in SELinux SCTP ASCONF handling
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH 6/7] libsepol: optimize ebitmap_xor
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 7/7] libsepol: skip superfluous memset calls in ebitmap operations
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 4/7] libsepol: optimize ebitmap_not
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 5/7] libsepol: optimize ebitmap_and
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 1/7] libsepol/tests: add ebitmap tests
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 2/7] libsepol: add ebitmap_init_range
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 3/7] libsepol/cil: use ebitmap_init_range
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY
- From: Peter Xu <peterx@xxxxxxxxxx>
- Re: [PATCH v2 0/4] Introduce security_create_user_ns()
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH v2 0/4] Introduce security_create_user_ns()
- From: Christian Brauner <brauner@xxxxxxxxxx>
- Re: [PATCH v2 0/4] Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH v2 0/4] Introduce security_create_user_ns()
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH v2 4/4] selinux: Implement create_user_ns hook
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v2 3/4] selftests/bpf: Add tests verifying bpf lsm create_user_ns hook
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v2 1/4] security, lsm: Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v2 2/4] bpf-lsm: Make bpf_lsm_create_user_ns() sleepable
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [PATCH v2 0/4] Introduce security_create_user_ns()
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH v2] libselinux: set errno to EBADF on O_PATH emulation ENOENT failure
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] libsepol: do not modify policy during write
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] libsepol/utils: improve wording
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH userspace 1/1] CircleCI: do not add Debian-specific parameter when invoking setup.py
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] libsepol: avoid potential NULL dereference on optional parameter
- From: James Carter <jwcart2@xxxxxxxxx>
- [PATCH v2] libselinux: set errno to EBADF on O_PATH emulation ENOENT failure
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH] libselinux: set errno to EBADF on O_PATH emulation failure
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: What is "fscon" statement in a base policy?
- From: Karl MacMillan <karl@xxxxxxxxxxxxxxxxxxxxxx>
- Re: What is "fscon" statement in a base policy?
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v3 1/4] support Dash as default shell
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH testsuite 0/2] Make the keys test pass in FIPS mode
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: What is "fscon" statement in a base policy?
- From: Karl MacMillan <karl@xxxxxxxxxxxxxxxxxxxxxx>
- What is "fscon" statement in a base policy?
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
- Re: [PATCH userspace 1/2] libsemanage: always write kernel policy when check_ext_changes is specified
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
- Re: [PATCH v2] libselinux: restorecon: avoid printing NULL pointer
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
- Re: [PATCH] libsepol: do not modify policy during write
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] libsepol/utils: improve wording
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH userspace 1/1] CircleCI: do not add Debian-specific parameter when invoking setup.py
- From: James Carter <jwcart2@xxxxxxxxx>
- [PATCH] libsepol: do not modify policy during write
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v2] libselinux: restorecon: avoid printing NULL pointer
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] libsepol: avoid potential NULL dereference on optional parameter
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [syzbot] KASAN: use-after-free Read in selinux_socket_recvmsg
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH userspace 1/2] libsemanage: always write kernel policy when check_ext_changes is specified
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] gettext: handle unsupported languages properly
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- [syzbot] KASAN: use-after-free Read in selinux_socket_recvmsg
- From: syzbot <syzbot+04b20e641c99a5d99ac2@xxxxxxxxxxxxxxxxxxxxxxxxx>
- [PATCH] libsepol/utils: improve wording
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH userspace 1/1] CircleCI: do not add Debian-specific parameter when invoking setup.py
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
- [PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
- Re: [RFC PATCH 2/4] libsepol: add ebitmap iterator wrapper with startnode
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
- Re: [RFC PATCH 3/4] libsepol: add compile-time constraint for mutual exclusive attributes
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
- Re: [PATCH v2] libselinux: restorecon: avoid printing NULL pointer
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
- Re: [PATCH userspace 1/2] libsemanage: always write kernel policy when check_ext_changes is specified
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
- [PATCH v3 1/4] support Dash as default shell
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v3 5/8] fs: use new capable_any functionality
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v3 5/8] fs: use new capable_any functionality
- From: Christian Brauner <brauner@xxxxxxxxxx>
- Re: [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security
- From: kernel test robot <lkp@xxxxxxxxx>
- [PATCH testsuite 1/2] tests/keys: use a longer prime in DH params
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 2/2] tests/keys: fix Makefile dependencies
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH testsuite 0/2] Make the keys test pass in FIPS mode
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security
- From: kernel test robot <lkp@xxxxxxxxx>
- [PATCH v37 33/33] AppArmor: Remove the exclusive flag
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 32/33] LSM: Add /proc attr entry for full LSM context
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 30/33] netlabel: Use a struct lsmblob in audit data
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 31/33] LSM: Removed scaffolding function lsmcontext_init
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 28/33] audit: multiple subject lsm values for netlabel
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 27/33] Audit: Add record for multiple task security contexts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 29/33] Audit: Add record for multiple object contexts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 26/33] Audit: Allow multiple records in an audit_buffer
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 25/33] LSM: Add a function to report multiple LSMs
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 24/33] Audit: Create audit_stamp structure
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 21/33] binder: Pass LSM identifier for confirmation
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 23/33] Audit: Keep multiple LSM data in audit_names
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 22/33] LSM: security_secid_to_secctx module selection
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 19/33] LSM: security_secid_to_secctx in netlink netfilter
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 20/33] NET: Store LSM netlabel data in a lsmblob
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 17/33] LSM: Use lsmcontext in security_inode_getsecctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 16/33] LSM: Use lsmcontext in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 15/33] LSM: Ensure the correct LSM context releaser
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 14/33] LSM: Specify which LSM to display
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 13/33] LSM: Use lsmblob in security_cred_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 12/33] LSM: Use lsmblob in security_inode_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 11/33] LSM: Use lsmblob in security_current_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 10/33] LSM: Use lsmblob in security_ipc_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 09/33] LSM: Use lsmblob in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 08/33] LSM: Use lsmblob in security_secctx_to_secid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 07/33] LSM: Use lsmblob in security_kernel_act_as
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 06/33] LSM: Use lsmblob in security_audit_rule_match
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 03/33] LSM: Add the lsmblob data structure.
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 04/33] LSM: provide lsm name and id slot mappings
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 05/33] IMA: avoid label collisions with stacked LSMs
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 02/33] LSM: Infrastructure management of the sock security
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 00/33] LSM: Module stacking for AppArmor
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v37 01/33] integrity: disassociate ima_filter_rule from security_audit_rule
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH] gettext: handle unsupported languages properly
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH v3 1/8] capability: add any wrapper to test for multiple caps with exactly one audit message
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH] gettext: handle unsupported languages properly
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] gettext: handle unsupported languages properly
- From: Vit Mojzis <vmojzis@xxxxxxxxxx>
- Re: [PATCH] gettext: handle unsupported languages properly
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
- [PATCH] gettext: handle unsupported languages properly
- From: Vit Mojzis <vmojzis@xxxxxxxxxx>
- Re: [PATCH v36 18/33] LSM: Use lsmcontext in security_dentry_init_security
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Aleksa Sarai <cyphar@xxxxxxxxxx>
- Re: [PATCH -next] selinux: Cleanup the enum SEL_COMPAT_NET
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] checkpolicy: error out if required permission would exceed limit
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- [PATCH -next] selinux: Cleanup the enum SEL_COMPAT_NET
- From: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx>
- Re: [PATCH RESEND -next] selinux: Let the caller free the momory in *mnt_opts on error
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] python: remove IOError in certain cases
- From: Elijah Conners <business@xxxxxxxxxxxxxx>
- Re: [PATCH] python: remove IOError in certain cases
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Amir Goldstein <amir73il@xxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Aleksa Sarai <cyphar@xxxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Amir Goldstein <amir73il@xxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Amir Goldstein <amir73il@xxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Aleksa Sarai <cyphar@xxxxxxxxxx>
- [PATCH RESEND -next] selinux: Let the caller free the momory in *mnt_opts on error
- From: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx>
- Re: [GIT PULL] SELinux fixes for v5.19 (#1)
- From: pr-tracker-bot@xxxxxxxxxx
- Re: [GIT PULL] SELinux fixes for v5.19 (#1)
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [GIT PULL] SELinux fixes for v5.19 (#1)
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- PHP-FPM restriction bug
- From: Father Vlasie <fv@xxxxxxxxx>
- Re: [PATCH -next] selinux: Let the caller free the momory in *mnt_opts on error
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- [RFC PATCH 4/4] checkpolicy: add front-end support for segregate attributes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [RFC PATCH 1/4] libsepol: refactor ebitmap conversion in link.c
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [RFC PATCH 2/4] libsepol: add ebitmap iterator wrapper with startnode
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [RFC PATCH 3/4] libsepol: add compile-time constraint for mutual exclusive attributes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH -next] selinux: Let the caller free the momory in *mnt_opts on error
- From: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx>
- Re: [PATCH 1/4] support Dash as default shell
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH] python: remove IOError in certain cases
- From: Elijah Conners <business@xxxxxxxxxxxxxx>
- Re: [PATCH v3 3/8] block: use new capable_any functionality
- From: Bart Van Assche <bvanassche@xxxxxxx>
- Re: [PATCH] selinux: free contexts previously transferred in selinux_add_opt()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- hack
- From: Mikhail <nytimes@xxxxxxxxxx>
- Re: [PATCH -next] selinux: Fix memleak in security_read_policy
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] checkpolicy: error out if required permission would exceed limit
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH] checkpolicy: error out if required permission would exceed limit
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v2] libsepol: fix validation of user declarations in non-base modules
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH v3 4/8] drivers: use new capable_any functionality
- From: Laurent Pinchart <laurent.pinchart@xxxxxxxxxxxxxxxx>
- [PATCH] selinux: free contexts previously transferred in selinux_add_opt()
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v3 3/8] block: use new capable_any functionality
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 1/8] capability: add any wrapper to test for multiple caps with exactly one audit message
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 2/8] capability: use new capable_any functionality
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3] [RFC PATCH] sched: only perform capability check on privileged operation
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 5/8] fs: use new capable_any functionality
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 8/8] net: use new capable_any functionality
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 4/8] drivers: use new capable_any functionality
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 7/8] bpf: use new capable_any functionality
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v3 6/8] kernel: use new capable_any functionality
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Ignat Korchagin <ignat@xxxxxxxxxxxxxx>
- Re: [PATCH 1/4] support Dash as default shell
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] libsepol: Drop unused assignment
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] python/audit2allow: close file stream on error
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 1/4] libselinux: add man page redirections
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] libsepol: fix validation of user declarations in modules
- From: James Carter <jwcart2@xxxxxxxxx>
- [PATCH v2 3/4] filesystem: allow getfilecon(3) to pass test
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH 3/4] filesystem: allow getfilecon(3) to pass test
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 2/4] support perf_event_paranoid=3
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 4/4] watchkey: skip if CONFIG_WATCH_QUEUE not set
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 1/4] support Dash as default shell
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Christian Brauner <brauner@xxxxxxxxxx>
- Re: [PATCH -next] selinux: Fix memleak in security_read_policy
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH -next] selinux: Fix potential memory leak in selinux_add_opt
- From: xiujianfeng <xiujianfeng@xxxxxxxxxx>
- Re: [PATCH -next] selinux: Fix memleak in security_read_policy
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH -next] selinux: Add boundary check in put_entry()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH -next] selinux: Fix potential memory leak in selinux_add_opt
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH -next] selinux: Fix memleak in security_read_state_kernel
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH 1/4] support Dash as default shell
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH -next] selinux: Fix memleak in security_read_state_kernel
- From: xiujianfeng <xiujianfeng@xxxxxxxxxx>
- Re: [PATCH 4/4] watchkey: skip if CONFIG_WATCH_QUEUE not set
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH -next] selinux: Fix memleak in security_read_policy
- From: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx>
- Re: [PATCH 3/4] filesystem: allow getfilecon(3) to pass test
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH 2/4] support perf_event_paranoid=3
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [PATCH -next] selinux: Fix memleak in security_read_state_kernel
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: Bug in SELinux SCTP ASCONF handling
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH 1/4] support Dash as default shell
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 3/4] filesystem: allow getfilecon(3) to pass test
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 4/4] watchkey: skip if CONFIG_WATCH_QUEUE not set
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH 2/4] support perf_event_paranoid=3
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH -next] selinux: Add boundary check in put_entry()
- From: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx>
- Re: [PATCH -next] selinux: Fix potential memory leak in selinux_add_opt
- From: xiujianfeng <xiujianfeng@xxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH -next] selinux: Fix memleak in security_read_state_kernel
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH -next] selinux: Fix potential memory leak in selinux_add_opt
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] docs: selinux: add '=' signs to kernel boot options
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] docs: selinux: add '=' signs to kernel boot options
- From: Jonathan Corbet <corbet@xxxxxxx>
- Re: [PATCH] docs: selinux: add '=' signs to kernel boot options
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [RFC PATCH] mm: create security context for memfd_secret inodes
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
- [PATCH -next] selinux: Fix memleak in security_read_state_kernel
- From: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [PATCH v36 13/33] LSM: Use lsmblob in security_cred_getsecid
- From: kernel test robot <lkp@xxxxxxxxx>
- [PATCH -next] selinux: Fix potential memory leak in selinux_add_opt
- From: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx>
- Re: [PATCH v36 30/33] netlabel: Use a struct lsmblob in audit data
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v36 28/33] audit: multiple subject lsm values for netlabel
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v36 27/33] Audit: Add record for multiple task security contexts
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v36 26/33] Audit: Allow multiple records in an audit_buffer
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux: fix typos in comments
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH] checkpolicy: error out if required permission would exceed limit
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH] libsepol: avoid potential NULL dereference on optional parameter
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [PATCH v36 04/33] LSM: provide lsm name and id slot mappings
- From: kernel test robot <lkp@xxxxxxxxx>
- Re: [PATCH v36 18/33] LSM: Use lsmcontext in security_dentry_init_security
- From: kernel test robot <lkp@xxxxxxxxx>
- [PATCH v36 33/33] AppArmor: Remove the exclusive flag
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 32/33] LSM: Add /proc attr entry for full LSM context
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Eric Biggers <ebiggers@xxxxxxxxxx>
- [PATCH v36 30/33] netlabel: Use a struct lsmblob in audit data
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 31/33] LSM: Removed scaffolding function lsmcontext_init
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 28/33] audit: multiple subject lsm values for netlabel
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 29/33] Audit: Add record for multiple object contexts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 27/33] Audit: Add record for multiple task security contexts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 26/33] Audit: Allow multiple records in an audit_buffer
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 25/33] LSM: Add a function to report multiple LSMs
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 24/33] Audit: Create audit_stamp structure
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 21/33] binder: Pass LSM identifier for confirmation
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 23/33] Audit: Keep multiple LSM data in audit_names
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 22/33] LSM: Extend security_secid_to_secctx to include module selection
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 20/33] NET: Store LSM netlabel data in a lsmblob
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 19/33] LSM: security_secid_to_secctx in netlink netfilter
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 18/33] LSM: Use lsmcontext in security_dentry_init_security
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 16/33] LSM: Use lsmcontext in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 17/33] LSM: Use lsmcontext in security_inode_getsecctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 15/33] LSM: Ensure the correct LSM context releaser
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 14/33] LSM: Specify which LSM to display
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 13/33] LSM: Use lsmblob in security_cred_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 12/33] LSM: Use lsmblob in security_inode_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 10/33] LSM: Use lsmblob in security_ipc_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 11/33] LSM: Use lsmblob in security_current_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 09/33] LSM: Use lsmblob in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 07/33] LSM: Use lsmblob in security_kernel_act_as
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 08/33] LSM: Use lsmblob in security_secctx_to_secid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 06/33] LSM: Use lsmblob in security_audit_rule_match
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 05/33] IMA: avoid label collisions with stacked LSMs
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 03/33] LSM: Add the lsmblob data structure.
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 04/33] LSM: provide lsm name and id slot mappings
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 02/33] LSM: Infrastructure management of the sock security
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 00/33] LSM: Module stacking for AppArmor
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH v36 01/33] integrity: disassociate ima_filter_rule from security_audit_rule
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [RFC PATCH 3/3] checkpolicy: rework initial SID handling
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [RFC PATCH 1/3] libsepol: export initial SIDs
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Christian Brauner <brauner@xxxxxxxxxx>
- Re: [PATCH] libsepol: fix validation of user declarations in modules
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2] libsepol: fix validation of user declarations in non-base modules
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Amir Goldstein <amir73il@xxxxxxxxx>
- [PATCH] selinux: fix typos in comments
- From: Jonas Lindner <jolindner@xxxxxx>
- Re: [PATCH] libsepol: fix validation of user declarations in modules
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
- Re: [PATCH] libsepol: fix validation of user declarations in modules
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] libsepol: Drop unused assignment
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH] python/audit2allow: close file stream on error
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [PATCH 1/4] libselinux: add man page redirections
- From: James Carter <jwcart2@xxxxxxxxx>
- [PATCH userspace 1/2] libsemanage: always write kernel policy when check_ext_changes is specified
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH userspace 2/2] semodule: rename --rebuild-if-modules-changed to --refresh
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- [PATCH userspace 0/2] Refine semantics of libsemanage's check_ext_changes
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Andreas Dilger <adilger@xxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Amir Goldstein <amir73il@xxxxxxxxx>
- [PATCH v3] cred: Propagate security_prepare_creds() error code
- From: Frederick Lawler <fred@xxxxxxxxxxxxxx>
- Re: [RFC PATCH 1/4] libselinux: simplify policy path logic to avoid uninitialized read
- From: James Carter <jwcart2@xxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Christian Brauner <brauner@xxxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Amir Goldstein <amir73il@xxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Christian Brauner <brauner@xxxxxxxxxx>
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors
- From: Amir Goldstein <amir73il@xxxxxxxxx>
- Re: [PATCH 5/5] selinux: drop unnecessary NULL check
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 5/5] selinux: drop unnecessary NULL check
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- why arent we checking MS_BIND?
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
- Re: [PATCH 5/5] selinux: drop unnecessary NULL check
- From: Nick Desaulniers <ndesaulniers@xxxxxxxxxx>
- Re: [PATCH] selinux: add __randomize_layout to selinux_audit_data
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [RFC PATCH] mm: create security context for memfd_secret inodes
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [RFC PATCH 1/3] libsepol: export initial SIDs
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [RFC PATCH 3/3] checkpolicy: rework initial SID handling
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [RFC PATCH 2/3] libsepol: validate initial SIDs
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2 3/4] libselinux: name parameters in context.h
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v4 4/4] libselinux: check for truncations
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
- [PATCH v2] libselinux: restorecon: avoid printing NULL pointer
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Linux Kernel Development]
