SELinux - Date Index

Thread Index

[Prev Page][Next Page]

[PATCH v3 24/36] libsepol: validate expanded user range and level
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 17/36] libsepol: do not underflow on short format arguments
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 06/36] libsepol: use logging framework in conditional.c
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 16/36] libsepol: use size_t for indexes in strs helpers
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 27/36] libsepol: validate avtab and avrule types
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 11/36] libsepol: enforce avtab item limit
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 23/36] libsepol: validate MLS levels
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 05/36] libsepol/fuzz: limit element sizes for fuzzing
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 03/36] libsepol/fuzz: silence secilc-fuzzer
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 14/36] libsepol: reject invalid filetrans source type
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 21/36] libsepol: do not create a string list with initial size zero
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 01/36] cifuzz: enable report-unreproducible-crashes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 34/36] libsepol: validate categories
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 32/36] libsepol: validate permissive types
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 33/36] libsepol: validate policy properties
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 36/36] libsepol: validate class default targets
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 22/36] libsepol: split validation of datum array gaps and entries
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 26/36] libsepol: resolve log message mismatch
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 18/36] libsepol: do not crash on class gaps
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 28/36] libsepol: validate constraint expression operators and attributes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 20/36] libsepol: use correct size for initial string list
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 08/36] libsepol: use mallocarray wrapper to avoid overflows
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 12/36] libsepol: clean memory on conditional insertion failure
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 00/36] libsepol: add fuzzer for reading binary policies
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 02/36] cifuzz: use the default runtime of 600 seconds
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 07/36] libsepol: use logging framework in ebitmap.c
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 04/36] libsepol: add libfuzz based fuzzer for reading binary policies
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 29/36] libsepol: validate type of avtab type rules
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 15/36] libsepol: zero member before potential dereference
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 10/36] libsepol: add checks for read sizes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3 09/36] libsepol: use reallocarray wrapper to avoid overflows
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH v2] security/selinux: fix potential memleak in error branch
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v3] selinux-notebook: New chapter: Hardening SELinux
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
Re: [PATCH v3] selinux-notebook: New chapter: Hardening SELinux
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH v3] selinux-notebook: New chapter: Hardening SELinux
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH V2 7/7] title.md: Clarify example code location
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH V2 6/7] policy_config_files.md: Update snapperd_contexts contents
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH V2 5/7] policy_config_files.md: Update openssh_contexts contents
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH V2 4/7] policy_config_files.md: Update openrc_contexts contents
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH V2 3/7] object_classes_permissions.md: Deprecate lockdown class
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH V2 2/7] object_classes_permissions.md: Correct the context object class entry
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH V2 1/7] notebook: Minor formatting fixes
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused
- From: David Howells <dhowells@xxxxxxxxxx>
Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[RFC PATCH 2/2] security, nfs: Provide a hook for fs_context security initialisation
- From: David Howells <dhowells@xxxxxxxxxx>
[RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused
- From: David Howells <dhowells@xxxxxxxxxx>
[PATCH V2 5/7] policy_config_files.md: Update openssh_contexts contents
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH V2 3/7] object_classes_permissions.md: Deprecate lockdown class
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH V2 7/7] title.md: Clarify example code location
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH V2 2/7] object_classes_permissions.md: Correct the context object class entry
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH V2 0/7] Various SELinux Notebook updates
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH V2 6/7] policy_config_files.md: Update snapperd_contexts contents
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH V2 1/7] notebook: Minor formatting fixes
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH V2 4/7] policy_config_files.md: Update openrc_contexts contents
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
答复: [PATCH v2] security/selinux: fix potential memleak in error branch
- From: 赵军奎 <bernard@xxxxxxxx>
答复: [PATCH] security/selinux: fix potential memleak
- From: 赵军奎 <bernard@xxxxxxxx>
Re: [PATCH] security,selinux: remove security_add_mnt_opt()
- From: James Morris <jmorris@xxxxxxxxx>
Re: [PATCH 5/7] policy_config_files.md: Update openssh_contexts contents
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
Re: [PATCH] security,selinux: remove security_add_mnt_opt()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH v3 5/5] libsepol: pass avtab to report function
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] security,selinux: remove security_add_mnt_opt()
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH] security,selinux: remove security_add_mnt_opt()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] security/selinux: fix potential memleak
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2] security/selinux: fix potential memleak in error branch
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v2] security/selinux: fix potential memleak in error branch
- From: Bernard Zhao <bernard@xxxxxxxx>
答复: [PATCH] security/selinux: fix potential memleak in error branch
- From: 赵军奎 <bernard@xxxxxxxx>
Re: [PATCH] security/selinux: fix potential memleak in error branch
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] security/selinux: fix potential memleak
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH -next] selinux: Use struct_size() helper in kmalloc()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v30 26/28] Audit: Add record for multiple object security contexts
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v30 25/28] Audit: Add record for multiple task security contexts
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v30 24/28] Audit: Add framework for auxiliary records
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v30 23/28] Audit: Create audit_stamp structure
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v30 22/28] Audit: Keep multiple LSM data in audit_names
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v30 03/28] LSM: Add the lsmblob data structure.
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v30 01/28] integrity: disassociate ima_filter_rule from security_audit_rule
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH v2 3/4] checkpolicy: add not-self neverallow support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v3 5/5] libsepol: pass avtab to report function
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v3 3/5] checkpolicy: add not-self neverallow support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v3 4/5] libsepol: free ebitmap on end of function
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v3 2/5] libsepol: add not-self neverallow support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v3 1/5] libsepol: introduce ebitmap_relative_complement()
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [RFC PATCH v2 2/4] libsepol: add not-self neverallow support
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH v2 3/4] checkpolicy: add not-self neverallow support
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: Amir Goldstein <amir73il@xxxxxxxxx>
Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
[PATCH 6/7] policy_config_files.md: Update snapperd_contexts contents
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH 7/7] title.md: Clarify example code location
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH 4/7] policy_config_files.md: Update openrc_contexts contents
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH 5/7] policy_config_files.md: Update openssh_contexts contents
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH 0/7] Various SELinux Notebook updates
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH 2/7] object_classes_permissions.md: Correct the context object class entry
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH 3/7] object_classes_permissions.md: Deprecate lockdown class
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH 1/7] notebook: Minor formatting fixes
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH -next] selinux: Use struct_size() helper in kmalloc()
- From: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx>
[PATCH] security/selinux: fix potential memleak
- From: Bernard Zhao <bernard@xxxxxxxx>
[PATCH] security/selinux: fix potential memleak in error branch
- From: Bernard Zhao <bernard@xxxxxxxx>
Re: [RFC PATCH] selinux: Add netlink xperm support
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 3/3] Replace PCRE with PCRE2 build dependencies
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH 2/3] libselinux: use PCRE2 by default
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH v2 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract()
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract()
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v2 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 1/2] libsepol/cil: support IPv4/IPv6 address embedding
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 2/2] checkpolicy: warn on bogus IP address or netmask in nodecon statement
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract()
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] libselinux: Fix selinux_restorecon_parallel symbol version
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] semodule: Don't forget to munmap() data
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
[PATCH XSERVER 2/2] selinux: log events with appropriate audit type
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH XSERVER 1/2] selinux: remap security classes on policyload
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH] libsepol: free ebitmap on end of function
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH V2 testsuite] tests/inet_socket: Add socket transition tests
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
Re: [PATCH v30 14/28] LSM: Specify which LSM to display
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[RFC PATCH v2 4/4] libsepol: free ebitmap on end of function
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 3/4] checkpolicy: add not-self neverallow support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 2/4] libsepol: add not-self neverallow support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract()
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH V2] netlabel: Update man page to clarify SELinux labeling
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH V2] netlabel: Update man page to clarify SELinux labeling
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH v30 14/28] LSM: Specify which LSM to display
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
Re: [PATCH 2/3] libselinux: use PCRE2 by default
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Jari Ruusu <jariruusu@xxxxxxxxxxxxxxxxxxxxx>
[PATCH 5.15 222/279] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH v30 26/28] Audit: Add record for multiple object security contexts
- From: kernel test robot <lkp@xxxxxxxxx>
[PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH] binder: fix test regression due to sender_euid change
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH v30 26/28] Audit: Add record for multiple object security contexts
- From: kernel test robot <lkp@xxxxxxxxx>
[PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS
- From: Jacob M Cutright <cutrightjm@xxxxxx>
[PATCH v30 28/28] AppArmor: Remove the exclusive flag
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 27/28] LSM: Add /proc attr entry for full LSM context
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 26/28] Audit: Add record for multiple object security contexts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 25/28] Audit: Add record for multiple task security contexts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 24/28] Audit: Add framework for auxiliary records
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 23/28] Audit: Create audit_stamp structure
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 22/28] Audit: Keep multiple LSM data in audit_names
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 21/28] LSM: Extend security_secid_to_secctx to include module selection
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 20/28] binder: Pass LSM identifier for confirmation
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 19/28] NET: Store LSM netlabel data in a lsmblob
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 18/28] LSM: security_secid_to_secctx in netlink netfilter
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 17/28] LSM: Use lsmcontext in security_inode_getsecctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 16/28] LSM: Use lsmcontext in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 15/28] LSM: Ensure the correct LSM context releaser
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 14/28] LSM: Specify which LSM to display
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 13/28] LSM: Use lsmblob in security_cred_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 12/28] LSM: Use lsmblob in security_inode_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 11/28] LSM: Use lsmblob in security_task_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 10/28] LSM: Use lsmblob in security_ipc_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 09/28] LSM: Use lsmblob in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 08/28] LSM: Use lsmblob in security_secctx_to_secid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 07/28] LSM: Use lsmblob in security_kernel_act_as
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 05/28] IMA: avoid label collisions with stacked LSMs
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 04/28] LSM: provide lsm name and id slot mappings
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 03/28] LSM: Add the lsmblob data structure.
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 02/28] LSM: Infrastructure management of the sock security
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 01/28] integrity: disassociate ima_filter_rule from security_audit_rule
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v30 00/28] LSM: Module stacking for AppArmor
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [GIT PULL] SELinux fixes for v5.16 (#2)
- From: pr-tracker-bot@xxxxxxxxxx
[GIT PULL] SELinux fixes for v5.16 (#2)
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[RFC PATCH 3/3] checkpolicy: add not-self neverallow support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 2/3] libsepol: add not-self neverallow support
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 1/3] libsepol: introduce ebitmap_subtract()
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 3/3] Replace PCRE with PCRE2 build dependencies
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 2/3] libselinux: use PCRE2 by default
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH] semodule: Don't forget to munmap() data
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH] semodule: Don't forget to munmap() data
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] libselinux: Fix selinux_restorecon_parallel symbol version
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] libselinux: Fix selinux_restorecon_parallel symbol version
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] semodule: Fix lang_ext column index
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] semodule: add -m | --checksum option
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH userspace v4 0/8] Parallel setfiles/restorecon
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH userspace v4 0/8] Parallel setfiles/restorecon
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH userspace v4 0/8] Parallel setfiles/restorecon
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH 2/2] dbus: Add filetrans for /tmp/dbus-* session socket
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
[PATCH 1/2] selinux: Add map perms
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
- From: John Johansen <john.johansen@xxxxxxxxxxxxx>
Re: [PATCH] binder: fix test regression due to sender_euid change
- From: Todd Kjos <tkjos@xxxxxxxxxx>
Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
Re: [PATCH] binder: fix test regression due to sender_euid change
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] Kernel policy language is infix
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
Re: [PATCH] selinux: fix NULL-pointer dereference when hashtab allocation fails
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] Kernel policy language is infix
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
[PATCH] selinux: fix NULL-pointer dereference when hashtab allocation fails
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] semodule: Fix lang_ext column index
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] semodule: add -m | --checksum option
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: Amir Goldstein <amir73il@xxxxxxxxx>
Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: David Anderson <dvander@xxxxxxxxxx>
Re: [PATCH 01/12] checkpolicy: use correct unsigned format specifiers
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH] selinux: Add netlink xperm support
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: Amir Goldstein <amir73il@xxxxxxxxx>
Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: David Anderson <dvander@xxxxxxxxxx>
Re: [PATCH V2] netlabel: Update man page to clarify SELinux labeling
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: David Anderson <dvander@xxxxxxxxxx>
[PATCH testsuite] tests/inet_socket: Add socket transition tests
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: Amir Goldstein <amir73il@xxxxxxxxx>
Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v19 4/4] overlayfs: inode_owner_or_capable called during execv
- From: David Anderson <dvander@xxxxxxxxxx>
[PATCH v19 3/4] overlayfs: override_creds=off option bypass creator_cred
- From: David Anderson <dvander@xxxxxxxxxx>
[PATCH v19 2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method
- From: David Anderson <dvander@xxxxxxxxxx>
[PATCH v19 1/4] Add flags option to get xattr method paired to __vfs_getxattr
- From: David Anderson <dvander@xxxxxxxxxx>
[PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix
- From: David Anderson <dvander@xxxxxxxxxx>
Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH] selinux: Add netlink xperm support
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
[PATCH V2] netlabel: Update man page to clarify SELinux labeling
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH] selinux: Add netlink xperm support
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
[PATCH] netlabel: Update man page to clarify SELinux labeling
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH] semodule: Fix lang_ext column index
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
[PATCH] semodule: add -m | --checksum option
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
[PATCH] ci: run the tests under ASan/UBsan on GHActions
- From: Evgeny Vereshchagin <evvers@xxxxx>
[RFC PATCH] capability: add capable_or to test for multiple caps with exactly one audit message
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v3] selinux-notebook: New chapter: Hardening SELinux
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
Re: [PATCH] binder: fix test regression due to sender_euid change
- From: Christian Brauner <christian.brauner@xxxxxxxxxx>
RE: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: David Laight <David.Laight@xxxxxxxxxx>
Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support
- From: Bram Bonné <brambonne@xxxxxxxxxx>
Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Jens Axboe <axboe@xxxxxxxxx>
Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Alistair Delva <adelva@xxxxxxxxxx>
Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
Re: [PATCH 01/12] checkpolicy: use correct unsigned format specifiers
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Jens Axboe <axboe@xxxxxxxxx>
Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Alistair Delva <adelva@xxxxxxxxxx>
[PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Alistair Delva <adelva@xxxxxxxxxx>
Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Bart Van Assche <bvanassche@xxxxxxx>
[PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT
- From: Alistair Delva <adelva@xxxxxxxxxx>
Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH] Use IANA-managed domain example.com in examples
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] net,lsm,selinux: revert the security_sctp_assoc_established() hook
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [GIT PULL] SELinux fix / revert for v5.16 (#1)
- From: pr-tracker-bot@xxxxxxxxxx
[PATCH v2] Support static-only builds
- From: Alyssa Ross <hi@xxxxxxxxx>
Re: [PATCH] Support static-only builds
- From: Alyssa Ross <hi@xxxxxxxxx>
[PATCH v2] selinux-notebook: New chapter: Hardening SELinux
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
Re: [PATCH] selinux-notebook: New chapter: Hardening SELinux
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
[GIT PULL] SELinux fix / revert for v5.16 (#1)
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] net,lsm,selinux: revert the security_sctp_assoc_established() hook
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] binder: fix test regression due to sender_euid change
- From: Todd Kjos <tkjos@xxxxxxxxxx>
Re: [PATCH 4.4 2/2] binder: use cred instead of task for selinux checks
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 4.4 2/2] binder: use cred instead of task for selinux checks
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
[PATCH 12/12] libsemanage: add extern prototype for legacy function
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 11/12] libsemanage: include paired header for prototypes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 10/12] libsemanage: mark local functions static
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 09/12] mcstrans: avoid missing prototypes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 08/12] python: mark local functions static
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 07/12] sandbox: mark local functions static
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 06/12] policycoreutils: mark local functions static
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 05/12] checkpolicy: ignore possible string truncation
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 04/12] Enable extra global compiler warnings
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 03/12] policycoreutils: use string literal as format strings
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 02/12] libsepol: use string literals as format strings
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 01/12] checkpolicy: use correct unsigned format specifiers
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH] selinux-notebook: New chapter: Hardening SELinux
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
[PATCH] selinux-notebook: New chapter: Hardening SELinux
- From: Topi Miettinen <toiwoton@xxxxxxxxx>
Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] Support static-only builds
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH v2] libsepol: avoid passing NULL pointer to memcpy
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH v2] libselinux: use valid address to silence glibc 2.34 warnings
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH v2 1/3] libsepol: do not pass NULL to memcpy
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH] Support static-only builds
- From: Alyssa Ross <hi@xxxxxxxxx>
Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3 1/1] fuse: Send security context of inode on file creation
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH v3 1/1] fuse: Send security context of inode on file creation
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH] Use IANA-managed domain example.com in examples
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH 5.10 3/3] binder: use cred instead of task for getsecid
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 5.10 2/3] binder: use cred instead of task for selinux checks
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 5.10 1/3] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 5.4 3/3] binder: use cred instead of task for getsecid
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 5.4 2/3] binder: use cred instead of task for selinux checks
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 5.4 1/3] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 4.19 2/2] binder: use cred instead of task for selinux checks
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 4.19 1/2] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 4.14 2/2] binder: use cred instead of task for selinux checks
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 4.14 1/2] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 4.9 2/2] binder: use cred instead of task for selinux checks
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 4.9 1/2] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 4.4 2/2] binder: use cred instead of task for selinux checks
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH 4.4 1/2] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH v3 0/1] fuse: Send file/inode security context during creation
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
[PATCH v3 1/1] fuse: Send security context of inode on file creation
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
[PATCH 5/5] libsepol: Write out genfscon file type when writing out CIL policy
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 4/5 v2] secilc/docs: Document the optional file type for genfscon rules
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 3/5 v2] libsepol/cil: Allow optional file type in genfscon rules
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/5 v2] libsepol/cil: Refactor filecon file type handling
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/5 v2] libsepol: Add support for file types in writing out policy.conf
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 0/5 v2] Fix/add optional file type handling for genfscon rules
- From: James Carter <jwcart2@xxxxxxxxx>
[RFC PATCH] selinux: Add netlink xperm support
- From: Bram Bonne <brambonne@xxxxxxxxxx>
[RFC PATCH] libsepol,checkpolicy: Add netlink xperm support
- From: Bram Bonne <brambonne@xxxxxxxxxx>
Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 0/4] Fix/add optional file type handling for genfscon rules
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH v2 10/36] libsepol: add checks for read sizes
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH v2 30/36] libsepol: validate ocontexts
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH v2 10/36] libsepol: add checks for read sizes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [RFC PATCH v2 10/36] libsepol: add checks for read sizes
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH v2 00/36] libsepol: add fuzzer for reading binary policies
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH v2 00/36] libsepol: add fuzzer for reading binary policies
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC] Cascade: a high level SELinux policy language
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC] Cascade: a high level SELinux policy language
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
[PATCH] Use IANA-managed domain example.com in examples
- From: markus.linnala@xxxxxxxxx
Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
Re: [PATCH 0/4] Fix/add optional file type handling for genfscon rules
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH v2] libsepol: avoid passing NULL pointer to memcpy
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH v2] libselinux: use valid address to silence glibc 2.34 warnings
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH v2 1/3] libsepol: do not pass NULL to memcpy
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [RFC] Cascade: a high level SELinux policy language
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [RFC PATCH 0/1] selinux-testsuite: Add tests for sctp_socket transition rules
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling
- From: David Miller <davem@xxxxxxxxxxxxx>
[RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[RFC PATCH 0/1] selinux-testsuite: Add tests for sctp_socket transition rules
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC] Cascade: a high level SELinux policy language
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH v2 00/36] libsepol: add fuzzer for reading binary policies
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 39/40] [CROSS-PATCH] libsepol: avoid passing NULL pointer to memcpy
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 40/40] [CROSS-PATCH] libsepol: do not pass NULL to memcpy
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 38/40] [WIP] checkpolicy: validate generated policies
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 37/40] [WIP] libsepol: export policydb_validate
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 35/36] libsepol: validate fsuse types
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 36/36] libsepol: validate class default targets
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 33/36] libsepol: validate policy properties
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 34/36] libsepol: validate categories
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 32/36] libsepol: validate permissive types
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 31/36] libsepol: validate genfs contexts
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 30/36] libsepol: validate ocontexts
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 29/36] libsepol: validate type of avtab type rules
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 27/36] libsepol: validate avtab and avrule types
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 28/36] libsepol: validate constraint expression operators and attributes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 26/36] libsepol: resolve log message mismatch
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 24/36] libsepol: validate expanded user range and level
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 25/36] libsepol: validate permission count of classes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 18/36] libsepol: do not crash on class gaps
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 23/36] libsepol: validate MLS levels
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 22/36] libsepol: split validation of datum array gaps and entries
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 21/36] libsepol: do not create a string list with initial size zero
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 20/36] libsepol: use correct size for initial string list
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 19/36] libsepol: do not crash on user gaps
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 17/36] libsepol: do not underflow on short format arguments
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 15/36] libsepol: zero member before potential dereference
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 16/36] libsepol: use size_t for indexes in strs helpers
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 14/36] libsepol: reject invalid filetrans source type
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 12/36] libsepol: clean memory on conditional insertion failure
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 13/36] libsepol: reject abnormal huge sid ids
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 11/36] libsepol: enforce avtab item limit
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 09/36] libsepol: use reallocarray wrapper to avoid overflows
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 10/36] libsepol: add checks for read sizes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 08/36] libsepol: use mallocarray wrapper to avoid overflows
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 07/36] libsepol: use logging framework in ebitmap.c
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 06/36] libsepol: use logging framework in conditional.c
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 05/36] libsepol/fuzz: limit element sizes for fuzzing
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 04/36] libsepol: add libfuzz based fuzzer for reading binary policies
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 03/36] libsepol/fuzz: silence secilc-fuzzer
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 02/36] cifuzz: use the default runtime of 600 seconds
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 01/36] cifuzz: enable report-unreproducible-crashes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH v2 00/36] libsepol: add fuzzer for reading binary policies
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH userspace v4 5/8] libselinux: make is_context_customizable() thread-safe
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v2] libsepol: avoid passing NULL pointer to memcpy
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH 0/4] Fix/add optional file type handling for genfscon rules
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH net] selinux: fix SCTP client peeloff socket labeling
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[RFC] Cascade: a high level SELinux policy language
- From: Daniel Burgener <dburgener@xxxxxxxxxxxxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCHv2 net 0/4] security: fixups for the security hooks in sctp
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation
- From: Miklos Szeredi <miklos@xxxxxxxxxx>
Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation
- From: Miklos Szeredi <miklos@xxxxxxxxxx>
Re: [GIT PULL] SELinux patches for v5.16
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Xin Long <lucien.xin@xxxxxxxxx>
[PATCHv2 net 3/4] security: add sctp_assoc_established hook
- From: Xin Long <lucien.xin@xxxxxxxxx>
[PATCHv2 net 2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce
- From: Xin Long <lucien.xin@xxxxxxxxx>
[PATCHv2 net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone
- From: Xin Long <lucien.xin@xxxxxxxxx>
[PATCHv2 net 0/4] security: fixups for the security hooks in sctp
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [GIT PULL] SELinux patches for v5.16
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [GIT PULL] SELinux patches for v5.16
- From: pr-tracker-bot@xxxxxxxxxx
Re: [GIT PULL] SELinux patches for v5.16
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [GIT PULL] SELinux patches for v5.16
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [GIT PULL] SELinux patches for v5.16
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
[GIT PULL] SELinux patches for v5.16
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] libsepol: avoid passing NULL pointer to memcpy
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 4/4] libsepol: Write out genfscon file type when writing out CIL policy
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 3/4] secilc/docs: Document the optional file type for genfscon rules
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/4] libsepol/cil: Allow optional file type in genfscon rules
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/4] libsepol: Add support for file types in writing out policy.conf
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 0/4] Fix/add optional file type handling for genfscon rules
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH testsuite v2] tests: make kernel iptables support optional
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH userspace v3 0/7] Parallel setfiles/restorecon
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v4 7/8] selinux_restorecon: introduce selinux_restorecon_parallel(3)
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v4 8/8] setfiles/restorecon: support parallel relabeling
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v4 6/8] selinux_restorecon: add a global mutex to synchronize progress output
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v4 5/8] libselinux: make is_context_customizable() thread-safe
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v4 4/8] libselinux: make selinux_log() thread-safe
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v4 3/8] selinux_restorecon: protect file_spec list with a mutex
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v4 2/8] selinux_restorecon: simplify fl_head allocation by using calloc()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v4 1/8] label_file: fix a data race
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v4 0/8] Parallel setfiles/restorecon
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v2 0/2] fuse: Send file/inode security context during creation
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
[PATCH testsuite v2] tests: make kernel iptables support optional
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH testsuite] tests/inet_socket: make kernel iptables support optional
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH testsuite] tests/inet_socket: make kernel iptables support optional
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH net 3/4] security: add sctp_assoc_established hook
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH net 2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH net 3/4] security: add sctp_assoc_established hook
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH net 3/4] security: add sctp_assoc_established hook
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
Re: [PATCH net 0/4] security: fixups for the security hooks in sctp
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
Re: [PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone
- From: Jakub Kicinski <kuba@xxxxxxxxxx>
ANN: SELinux userspace 3.3 release
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
[PATCH net 4/4] security: implement sctp_assoc_established hook in selinux
- From: Xin Long <lucien.xin@xxxxxxxxx>
[PATCH net 3/4] security: add sctp_assoc_established hook
- From: Xin Long <lucien.xin@xxxxxxxxx>
[PATCH net 2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce
- From: Xin Long <lucien.xin@xxxxxxxxx>
[PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone
- From: Xin Long <lucien.xin@xxxxxxxxx>
[PATCH net 0/4] security: fixups for the security hooks in sctp
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side
- From: Xin Long <lucien.xin@xxxxxxxxx>
Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side
- From: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx>
Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH testsuite] tests/sctp: add client peeloff tests
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] sctp: initialize endpoint LSM labels also on the client side
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH testsuite] tests/sctp: add client peeloff tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH testsuite] tests/sctp: add client peeloff tests
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] libsepol: avoid passing NULL pointer to memcpy
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v2] libselinux: use valid address to silence glibc 2.34 warnings
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: Release 3.3 or not?
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v2] security: Return xattr name from security_dentry_init_security()
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH v2] security: Return xattr name from security_dentry_init_security()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Release 3.3 or not?
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v2] security: Return xattr name from security_dentry_init_security()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v2] security: Return xattr name from security_dentry_init_security()
- From: James Morris <jmorris@xxxxxxxxx>
Re: [PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
kernel NULL pointer dereference on selinux_ip_postroute
- From: Corentin Labbe <clabbe.montjoie@xxxxxxxxx>
[PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [next] BUG: kernel NULL pointer dereference, address:: selinux_ip_postroute_compat
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH userspace v3 0/7] Parallel setfiles/restorecon
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v2 2/3] libsemanage: do not sort empty records
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v2 3/3] libsemanage/tests: free memory
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v2 1/3] libsepol: do not pass NULL to memcpy
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH userspace v3 4/7] libselinux: make selinux_log() thread-safe
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v3 7/7] setfiles/restorecon: support parallel relabeling
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v3 6/7] selinux_restorecon: introduce selinux_restorecon_parallel(3)
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v3 5/7] selinux_restorecon: add a global mutex to synchronize progress output
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v3 3/7] selinux_restorecon: protect file_spec list with a mutex
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v3 2/7] selinux_restorecon: simplify fl_head allocation by using calloc()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v3 0/7] Parallel setfiles/restorecon
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v3 1/7] label_file: fix a data race
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [next] BUG: kernel NULL pointer dereference, address:: selinux_ip_postroute_compat
- From: Florian Westphal <fw@xxxxxxxxx>
[next] BUG: kernel NULL pointer dereference, address:: selinux_ip_postroute_compat
- From: Naresh Kamboju <naresh.kamboju@xxxxxxxxxx>
Re: [PATCH 1/3] libsepol: do not pass NULL to memcpy
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH] libselinux: use dummy variable to silence glibc 2.34 warnings
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [RFC PATCH 15/35] libsepol: reject invalid default targets
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH 14/35] libsepol: reject invalid fsuse types
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH 25/35] libsepol: validate avtab types
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v2] security: Return xattr name from security_dentry_init_security()
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH 3/3] libsemanage/tests: free memory
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 2/3] libsemanage: do not sort empty records
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 1/3] libsepol: do not pass NULL to memcpy
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libselinux: use dummy variable to silence glibc 2.34 warnings
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH] libselinux: use dummy variable to silence glibc 2.34 warnings
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset"
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset"
- From: Christian Brauner <christian.brauner@xxxxxxxxxx>
Re: [PATCH v2] security: Return xattr name from security_dentry_init_security()
- From: Christian Brauner <christian.brauner@xxxxxxxxxx>
Re: [PATCH v5 0/3] binder: use cred instead of task for security context
- From: Todd Kjos <tkjos@xxxxxxxxxx>
Re: [PATCH v5 0/3] binder: use cred instead of task for security context
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH userspace v2 0/6] Parallel setfiles/restorecon
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v2 5/6] selinux_restorecon: introduce selinux_restorecon_parallel(3)
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v2 6/6] setfiles/restorecon: support parallel relabeling
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v2 4/6] selinux_restorecon: add a global mutex to synchronize progress output
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v2 3/6] libselinux: make selinux_log() thread-safe
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v2 2/6] selinux_restorecon: protect file_spec list with a mutex
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace v2 1/6] selinux_restorecon: simplify fl_head allocation by using calloc()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [RFC PATCH 29/35] libsepol: validate genfs contexts
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH 28/35] libsepol: validate ocontexts
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v2] selinux: make better use of the nf_hook_state passed to the NF hooks
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] selinux: fix all of the W=1 build warnings
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] selinux: fix all of the W=1 build warnings
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset"
- From: Mickaël Salaün <mic@xxxxxxxxxxx>
Re: [RFC PATCH 27/35] libsepol: validate type of avtab type rules
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH 22/35] libsepol: validate permission count of classes
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH 33/35] libsepol: validate categories
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH 17/35] libsepol: validate types
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH 13/35] libsepol: validate MLS levels
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH 12/35] libsepol: clean memory on conditional read failure
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH 00/35] libsepol: add fuzzer for reading binary policies
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 3/3] libsemanage/tests: free memory
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 2/3] libsemanage: do not sort empty records
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 1/3] libsepol: do not pass NULL to memcpy
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH v2] selinux: make better use of the nf_hook_state passed to the NF hooks
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset"
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset"
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2 1/2] fuse: Add a flag FUSE_SECURITY_CTX
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH v2 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
Re: [PATCH v2 1/2] fuse: Add a flag FUSE_SECURITY_CTX
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset"
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH v2 1/2] fuse: Add a flag FUSE_SECURITY_CTX
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
[PATCH v2 2/2] fuse: Send security context of inode on file creation
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
[PATCH v2 0/2] fuse: Send file/inode security context during creation
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
Re: [PATCH 2/4] libsepol/cil: Fix potential undefined shifts
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v5 0/3] binder: use cred instead of task for security context
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v5 3/3] binder: use cred instead of task for getsecid
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH v5 2/3] binder: use cred instead of task for selinux checks
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH v5 1/3] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH v5 0/3] binder: use cred instead of task for security context
- From: Todd Kjos <tkjos@xxxxxxxxxx>
Re: [PATCH v4 3/3] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] selinux: fix race condition when computing ocontext SIDs
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] selinux: fix race condition when computing ocontext SIDs
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v4 2/3] binder: use cred instead of task for getsecid
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH v2] security: Return xattr name from security_dentry_init_security()
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH v4 3/3] binder: use euid from cred instead of using task
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
Re: [PATCH v4 2/3] binder: use cred instead of task for getsecid
- From: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Re: [PATCH v4 3/3] binder: use euid from cred instead of using task
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v4 3/3] binder: use euid from cred instead of using task
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v4 2/3] binder: use cred instead of task for getsecid
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH selinux v3] selinux: remove unneeded ipv6 hook wrappers
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH] selinux: consilidate comments from inode_doinit_with_dentry wrt !dentry
- From: Davidlohr Bueso <dave@xxxxxxxxxxxx>
Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[RFC PATCH 35/35] libsepol: do not create a string list with initial size zero
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 34/35] libsepol: use correct size for initial string list
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 33/35] libsepol: validate categories
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 32/35] libsepol: do not underflow on short format arguments
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 31/35] libsepol: validate policy properties
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 30/35] libsepol: validate permissive types
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 29/35] libsepol: validate genfs contexts
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 28/35] libsepol: validate ocontexts
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 27/35] libsepol: validate type of avtab type rules
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 26/35] libsepol: validate constraint expression operators and attributes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 25/35] libsepol: validate avtab types
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 23/35] libsepol: resolve log message mismatch
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 24/35] libsepol: zero member before potential dereference
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 21/35] libsepol: do not crash on user gaps
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 20/35] libsepol: do not crash on class gaps
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 22/35] libsepol: validate permission count of classes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 19/35] libsepol: reject abnormal huge sid ids
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 17/35] libsepol: validate types
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 18/35] libsepol: use size_t for indexes in strs helpers
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH v4 2/3] binder: use cred instead of task for getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[RFC PATCH 16/35] libsepol: validate expanded user range and level
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 15/35] libsepol: reject invalid default targets
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 14/35] libsepol: reject invalid fsuse types
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 13/35] libsepol: validate MLS levels
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 12/35] libsepol: clean memory on conditional read failure
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 11/35] libsepol: enforce avtab item limit
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 10/35] libsepol: add checks for read sizes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 09/35] libsepol: use reallocarray wrapper to avoid overflows
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[RFC PATCH 08/35] libsepol: use mallocarray wrapper to avoid overflows
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 06/35] libsepol: use logging framework in conditional.c
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 07/35] libsepol: use logging framework in ebitmap.c
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 05/35] libsepol/fuzz: limit element sizes for fuzzing
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 04/35] libsepol: add libfuzz based fuzzer for reading binary policies
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH selinux v3] selinux: remove unneeded ipv6 hook wrappers
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[RFC PATCH 03/35] libsepol/fuzz: silence secilc-fuzzer
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 02/35] cifuzz: use the default runtime of 600 seconds
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 01/35] cifuzz: enable report-unreproducible-crashes
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC PATCH 00/35] libsepol: add fuzzer for reading binary policies
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH v4 3/3] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
Re: [PATCH] selinux: fix race condition when computing ocontext SIDs
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] selinux: consilidate comments from inode_doinit_with_dentry wrt !dentry
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v4 2/3] binder: use cred instead of task for getsecid
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH security-next] selinux: remove ipv6 hook wrappers
- From: Florian Westphal <fw@xxxxxxxxx>
[PATCH security-next] selinux: remove ipv6 hook wrappers
- From: Florian Westphal <fw@xxxxxxxxx>
Re: [PATCH] selinux: fix race condition when computing ocontext SIDs
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH 2/4] libsepol/cil: Fix potential undefined shifts
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH v4 3/3] binder: use euid from cred instead of using task
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH v4 3/3] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
Re: [PATCH v4 3/3] binder: use euid from cred instead of using task
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH 4/4] libselinux: Fix potential undefined shifts
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 3/4] checkpolicy: Fix potential undefined shifts
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/4] libsepol/cil: Fix potential undefined shifts
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/4] libsepol: Fix potential undefined shifts
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] libsepol/cil: Fix potential undefined shifts
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] libsepol/cil: Fix potential undefined shifts
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH] libsepol/cil: Fix potential undefined shifts
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] selinux: fix race condition when computing ocontext SIDs
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH v4 3/3] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH v4 2/3] binder: use cred instead of task for getsecid
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH v4 1/3] binder: use cred instead of task for selinux checks
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH v4 0/3] binder: use cred instead of task for security context
- From: Todd Kjos <tkjos@xxxxxxxxxx>
Re: [PATCH v3 3/3] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
Re: [PATCH v3 3/3] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
Re: [PATCH v2] binder: use cred instead of task for selinux checks
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v3 2/3] binder: use cred instead of task for getsecid
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH v3 3/3] binder: use euid from cred instead of using task
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH v3 1/3] binder: use cred instead of task for selinux checks
- From: Todd Kjos <tkjos@xxxxxxxxxx>
[PATCH v3 0/3] binder: use cred instead of task for security context
- From: Todd Kjos <tkjos@xxxxxxxxxx>
ANN: SELinux userspace 3.3-rc3 release candidate
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] libselinux/semodule: Improve extracting message
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] libsepol/cil: Do not skip macros when resolving until later passes
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] libsepol/cil: Limit the amount of reporting for bounds failures
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH v2] binder: use cred instead of task for selinux checks
- From: Jann Horn <jannh@xxxxxxxxxx>

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Linux Kernel Development]