SELinux - Date Index

• Thread Index

• Re: [PATCH -next] selinux: Fix kernel-doc
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH v27 25/25] AppArmor: Remove the exclusive flag
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 24/25] LSM: Add /proc attr entry for full LSM context
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 23/25] Audit: Add record for multiple object LSM attributes
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 22/25] Audit: Add record for multiple process LSM attributes
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 21/25] audit: add support for non-syscall auxiliary records
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 20/25] LSM: Verify LSM display sanity in binder
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 19/25] NET: Store LSM netlabel data in a lsmblob
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 18/25] LSM: security_secid_to_secctx in netlink netfilter
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 17/25] LSM: Use lsmcontext in security_inode_getsecctx
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 16/25] LSM: Use lsmcontext in security_secid_to_secctx
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 15/25] LSM: Ensure the correct LSM context releaser
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 14/25] LSM: Specify which LSM to display
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 13/25] IMA: Change internal interfaces to use lsmblobs
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 12/25] LSM: Use lsmblob in security_cred_getsecid
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 11/25] LSM: Use lsmblob in security_inode_getsecid
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 10/25] LSM: Use lsmblob in security_task_getsecid
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 09/25] LSM: Use lsmblob in security_ipc_getsecid
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 08/25] LSM: Use lsmblob in security_secid_to_secctx
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 07/25] LSM: Use lsmblob in security_secctx_to_secid
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 06/25] LSM: Use lsmblob in security_kernel_act_as
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 05/25] LSM: Use lsmblob in security_audit_rule_match
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 04/25] IMA: avoid label collisions with stacked LSMs
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 03/25] LSM: provide lsm name and id slot mappings
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 02/25] LSM: Add the lsmblob data structure.
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 01/25] LSM: Infrastructure management of the sock security
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v27 00/25] LSM: Module stacking for AppArmor
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH] selinux: use __GFP_NOWARN with GFP_NOWAIT
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 1/2] selinux: slow_avc_audit has become non-blocking
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] selinux: use __GFP_NOWARN with GFP_NOWAIT
  • From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 2/2] kill unused 'flags' argument in avc_has_perm_flags() and avc_audit()
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH 2/2] kill unused 'flags' argument in avc_has_perm_flags() and avc_audit()
  • From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
• [PATCH 1/2] selinux: slow_avc_audit has become non-blocking
  • From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
• [PATCH -next] selinux: Fix kernel-doc
  • From: Yang Li <yang.lee@xxxxxxxxxxxxxxxxx>
• Re: [PATCH v2] checkpolicy: fix the leak memory when uses xperms
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH] libsepol: quote paths in CIL conversion
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH] selinux: use __GFP_NOWARN with GFP_NOWAIT
  • From: Minchan Kim <minchan@xxxxxxxxxx>
• Re: [PATCH 13/23] libsepol: assure string NUL-termination
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 04/23] libsepol: ignore UBSAN false-positives
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 05/23] libsepol: avoid implicit conversions
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH 04/23] libsepol: ignore UBSAN false-positives
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] libselinux: fix typo
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH v2] checkpolicy: fix the leak memory when uses xperms
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] libselinux: improve getcon(3) man page
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] libselinux: selinux_status_open: return 1 in fallback mode
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH 1/2] audit: add filtering for io_uring records, addendum
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH] libsepol: quote paths in CIL conversion
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 23/23] libsepol: declare read-only arrays const
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 22/23] libsepol: declare file local variable static
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 21/23] libsepol: drop unnecessary casts
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 19/23] libsepol/cil: avoid using maybe uninitialized variables
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 16/23] libsepol/cil: drop extra semicolon
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 12/23] libsepol: do not allocate memory of size 0
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 09/23] libsepol: remove dead stores
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 11/23] libsepol: mark read-only parameters of type_set_ interfaces const
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 07/23] libsepol: follow declaration-after-statement
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 06/23] libsepol: avoid unsigned integer overflow
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 04/23] libsepol: ignore UBSAN false-positives
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 14/23] libsepol: remove dead stores
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 08/23] libsepol/cil: follow declaration-after-statement
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 17/23] libsepol/cil: drop dead store
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 18/23] libsepol/cil: drop unnecessary casts
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 15/23] libsepol/cil: silence cast warning
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 05/23] libsepol: avoid implicit conversions
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 02/23] libsepol: resolve missing prototypes
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 01/23] libsepol: fix typos
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 20/23] libsepol: drop repeated semicolons
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 13/23] libsepol: assure string NUL-termination
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 10/23] libsepol: mark read-only parameters of ebitmap interfaces const
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 03/23] libsepol: remove unused functions
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 00/23] libsepol: miscellaneous cleanup
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH] libselinux: fix typo
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• RE: [PATCH v3 0/6] evm: Prepare for moving to the LSM infrastructure
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• Re: [PATCH 1/2] audit: add filtering for io_uring records, addendum
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH 1/2] audit: add filtering for io_uring records, addendum
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• SELinux IRC channel moved to Libera
  • From: Jason Zaman <jason@xxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: [PATCH 0/6] More secilc-fuzzer problems fixed
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 0/5 v2] secilc/cil: Fix name resolution for macro calls
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/5 v2] secilc/cil: Fix name resolution for macro calls
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 0/6] More secilc-fuzzer problems fixed
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Jens Axboe <axboe@xxxxxxxxx>
• Re: selinux_check_access is not thread-safe
  • From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
• Re: [PATCH] libselinux: improve getcon(3) man page
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] libselinux: selinux_status_open: return 1 in fallback mode
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Pavel Begunkov <asml.silence@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Pavel Begunkov <asml.silence@xxxxxxxxx>
• Re: [PATCH] selinux: remove duplicated LABEL_INITIALIZED check routine
  • From: Austin Kim <austindh.kim@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit, io_uring, io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit, io_uring, io-wq: add some basic audit support to io_uring
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [RFC PATCH 4/9] audit: add filtering for io_uring records
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [RFC PATCH 4/9] audit: add filtering for io_uring records
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] selinux: remove duplicated LABEL_INITIALIZED check routine
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Pavel Begunkov <asml.silence@xxxxxxxxx>
• [PATCH] selinux: remove duplicated LABEL_INITIALIZED check routine
  • From: Austin Kim <austindh.kim@xxxxxxxxx>
• Re: [RFC PATCH 4/9] audit: add filtering for io_uring records
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH] libselinux: improve getcon(3) man page
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH v2] checkpolicy: fix the leak memory when uses xperms
  • From: liwugang <liwugang@xxxxxxx>
• [PATCH] libselinux: selinux_status_open: return 1 in fallback mode
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• Re: [PATCH 3/3] libselinux: do not use status page fallback mode internally
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH 2/3] libselinux: make selinux_status_open(3) reentrant
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH 1/3] libselinux: avc_destroy(3) closes status page
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH 1/2] audit: add filtering for io_uring records, addendum
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH 1/2] audit: add filtering for io_uring records, addendum
  • From: kernel test robot <lkp@xxxxxxxxx>
• [PATCH 2/2] audit: block PERM fields being used with io_uring filtering
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• [PATCH 1/2] audit: add filtering for io_uring records, addendum
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [RFC PATCH 4/9] audit: add filtering for io_uring records
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH 2/2] secilc/docs: Document the order that inherited rules are resolved in
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] checkpolicy: fix the leak memory when uses xperms
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: [RFC PATCH 4/9] audit: add filtering for io_uring records
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 4/9] audit: add filtering for io_uring records
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Steven Rostedt <rostedt@xxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Jiri Olsa <jolsa@xxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Jiri Olsa <jolsa@xxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Jiri Olsa <jolsa@xxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [pcmoore-selinux:working-io_uring 9/9] security/smack/smack_lsm.c:4702:5: warning: no previous prototype for function 'smack_uring_override_creds'
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [pcmoore-selinux:working-io_uring 9/9] security/smack/smack_lsm.c:4702:5: warning: no previous prototype for function 'smack_uring_override_creds'
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [pcmoore-selinux:working-io_uring 9/9] security/smack/smack_lsm.c:4702:5: warning: no previous prototype for function 'smack_uring_override_creds'
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: James Morris <jmorris@xxxxxxxxx>
• [pcmoore-selinux:working-io_uring 9/9] security/smack/smack_lsm.c:4702:5: warning: no previous prototype for function 'smack_uring_override_creds'
  • From: kernel test robot <lkp@xxxxxxxxx>
• [pcmoore-selinux:working-io_uring 9/9] security/smack/smack_lsm.c:4702:5: warning: no previous prototype for 'smack_uring_override_creds'
  • From: kernel test robot <lkp@xxxxxxxxx>
• [pcmoore-selinux:working-io_uring 8/9] security/selinux/hooks.c:7146:5: warning: no previous prototype for function 'selinux_uring_override_creds'
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Jens Axboe <axboe@xxxxxxxxx>
• Re: [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
  • From: Jeff Moyer <jmoyer@xxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Pavel Begunkov <asml.silence@xxxxxxxxx>
• Re: [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Jens Axboe <axboe@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Jens Axboe <axboe@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Jens Axboe <axboe@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Jens Axboe <axboe@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Jens Axboe <axboe@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Victor Stewart <v@nametag.social>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Stefan Metzmacher <metze@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Steve Grubb <sgrubb@xxxxxxxxxx>
• Re: [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
  • From: Jeff Moyer <jmoyer@xxxxxxxxxx>
• Re: [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring
  • From: Stefan Metzmacher <metze@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Pavel Begunkov <asml.silence@xxxxxxxxx>
• Re: [PATCH v26 02/25] LSM: Add the lsmblob data structure.
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Jens Axboe <axboe@xxxxxxxxx>
• Re: [PATCH v26 02/25] LSM: Add the lsmblob data structure.
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [ANNOUNCE][CFP] Linux Security Summit 2021
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Pavel Begunkov <asml.silence@xxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• selinux_check_access is not thread-safe
  • From: Seth Moore <sethmo@xxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Pavel Begunkov <asml.silence@xxxxxxxxx>
• [pcmoore-selinux:working-io_uring 2/9] fs/io_uring.c:6110:3: error: implicit declaration of function 'audit_uring_entry'; did you mean 'audit_syscall_entry'?
  • From: kernel test robot <lkp@xxxxxxxxx>
• [pcmoore-selinux:working-io_uring 2/9] fs/io_uring.c:6110:3: error: implicit declaration of function 'audit_uring_entry'
  • From: kernel test robot <lkp@xxxxxxxxx>
• Re: [PATCH] checkpolicy: fix the leak memory when uses xperms
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• Re: [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH v26 02/25] LSM: Add the lsmblob data structure.
  • From: Mickaël Salaün <mic@xxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
  • From: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Pavel Begunkov <asml.silence@xxxxxxxxx>
• Re: [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [RFC PATCH 9/9] Smack: Brutalist io_uring support with debug
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [RFC PATCH 8/9] selinux: add support for the io_uring access controls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [RFC PATCH 6/9] io_uring: convert io_uring to the secure anon inode interface
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [RFC PATCH 5/9] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure()
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [RFC PATCH 4/9] audit: add filtering for io_uring records
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [RFC PATCH 3/9] audit: dev/test patch to force io_uring auditing
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [RFC PATCH 1/9] audit: prepare audit_context for use in calling contexts beyond syscalls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v26 21/25] audit: add support for non-syscall auxiliary records
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v26 18/25] LSM: security_secid_to_secctx in netlink netfilter
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v26 15/25] LSM: Ensure the correct LSM context releaser
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v26 14/25] LSM: Specify which LSM to display
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v26 03/25] LSM: provide lsm name and id slot mappings
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH RESEND v5] proc: Allow pid_revalidate() during LOOKUP_RCU
  • From: Stephen Brennan <stephen.s.brennan@xxxxxxxxxx>
• Re: [PATCH v2 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag
  • From: Olga Kornievskaia <aglo@xxxxxxxxx>
• Re: [PATCH userspace 1/2] libselinux: fix invalid free in store_stem()/load_mmap()
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH 00/25] libselinux: misc compiler and static analyzer findings
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH userspace 2/2] scripts/ci: use F34 image instead of F33
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH v26 14/25] LSM: Specify which LSM to display
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v2 2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v2 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v2 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Michael Ellerman <mpe@xxxxxxxxxxxxxx>
• [PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Relative filename in semanage args ?
  • From: Bill Dietrich <bill@xxxxxxxxxxxxxxx>
• Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH v2] lsm_audit,selinux: pass IB device name by reference
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v26 17/25] LSM: Use lsmcontext in security_inode_getsecctx
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v26 14/25] LSM: Specify which LSM to display
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v26 03/25] LSM: provide lsm name and id slot mappings
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH v26 04/25] IMA: avoid label collisions with stacked LSMs
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v26 25/25] AppArmor: Remove the exclusive flag
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 24/25] LSM: Add /proc attr entry for full LSM context
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 23/25] Audit: Add a new record for multiple object LSM attributes
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 21/25] audit: add support for non-syscall auxiliary records
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 20/25] LSM: Verify LSM display sanity in binder
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 19/25] NET: Store LSM netlabel data in a lsmblob
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 18/25] LSM: security_secid_to_secctx in netlink netfilter
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 17/25] LSM: Use lsmcontext in security_inode_getsecctx
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 16/25] LSM: Use lsmcontext in security_secid_to_secctx
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 15/25] LSM: Ensure the correct LSM context releaser
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 14/25] LSM: Specify which LSM to display
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 13/25] IMA: Change internal interfaces to use lsmblobs
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 12/25] LSM: Use lsmblob in security_cred_getsecid
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 11/25] LSM: Use lsmblob in security_inode_getsecid
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 10/25] LSM: Use lsmblob in security_task_getsecid
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 09/25] LSM: Use lsmblob in security_ipc_getsecid
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 06/25] LSM: Use lsmblob in security_kernel_act_as
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 05/25] LSM: Use lsmblob in security_audit_rule_match
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 04/25] IMA: avoid label collisions with stacked LSMs
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 03/25] LSM: provide lsm name and id slot mappings
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 02/25] LSM: Add the lsmblob data structure.
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 01/25] LSM: Infrastructure management of the sock security
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v26 00/25] LSM: Module stacking for AppArmor
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH 5/6] libsepol/cil: Pointers to datums should be set to NULL when resetting
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 6/6] libsepol/cil: Resolve anonymous levels only once
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 3/6] libsepol/cil: Limit the number of open parenthesis allowed
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 4/6] libsepol/cil: Resolve anonymous class permission sets only once
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 2/6] libsepol/cil: Destroy the permission nodes when exiting with an error
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 1/6] libsepol/cil: Handle disabled optional blocks in earlier passes
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 0/6] More secilc-fuzzer problems fixed
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH v2] libsepol/cil: Check for self-referential loops in sets
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH v2] lsm_audit,selinux: pass IB device name by reference
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH userspace 2/2] scripts/ci: use F34 image instead of F33
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH v2] lsm_audit,selinux: pass IB device name by reference
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] selinux: use strlcpy() when copying IB device name
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH userspace 1/2] libselinux: fix invalid free in store_stem()/load_mmap()
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH userspace 2/2] scripts/ci: use F34 image instead of F33
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH userspace 1/2] libselinux: fix invalid free in store_stem()/load_mmap()
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH userspace 0/2] Bump testsuite CI image to F34
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH v2] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] libselinux: silence -Wstringop-overflow warning from gcc 10.3.1
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• [PATCH 5/5 v2] secilc/docs: Relocate and reword macro call name resolution order
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 4/5 v2] libsepol/cil: Do not resolve arguments to declarations in the call
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 3/5 v2] libsepo/cil: Refactor macro call resolution
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 1/5 v2] libsepol/cil: Make name resolution in macros work as documented
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 2/5 v2] libsepol/cil: Do not add NULL node when inserting key into symtab
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 0/5 v2] secilc/cil: Fix name resolution for macro calls
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH] selinux: use strlcpy() when copying IB device name
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] selinux: Remove redundant assignment to rc
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] selinux: Corrected comment to match kernel-doc comment
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 2/2] selinux:Delete selinux_xfrm_policy_lookup() useless argument
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 3/3] selinux: constify some avtab function arguments
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 2/3] selinux: simplify duplicate_policydb_cond_list() by using kmemdup()
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] serial: core: fix suspicious security_locked_down() call
  • From: Kees Cook <keescook@xxxxxxxxxxxx>
• Re: [PATCH 2/3] libsepol/cil: Copy and resolve macro calls in one pass
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 2/3] libselinux: make selinux_status_open(3) reentrant
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 3/3] libselinux: do not use status page fallback mode internally
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 2/3] libselinux: make selinux_status_open(3) reentrant
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 1/3] libselinux: avc_destroy(3) closes status page
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 0/3] libselinux: quirks of the status page
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH] checkpolicy: fix the leak memory when uses xperms
  • From: liwugang <liwugang@xxxxxxx>
• [PATCH v2] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• Re: [PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests
  • From: David Brazdil <dbrazdil@xxxxxxxxxx>
• Re: [PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH 3/3] secilc/docs: Relocate and reword macro call name resolution order
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 2/3] libsepol/cil: Copy and resolve macro calls in one pass
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 1/3] libsepol/cil: Make name resolution in macros work as documented
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect
  • From: Steven Rostedt <rostedt@xxxxxxxxxxx>
• [PATCH] selinux: use strlcpy() when copying IB device name
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] serial: core: fix suspicious security_locked_down() call
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v2] debugfs: fix security_locked_down() call for SELinux
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] debugfs: fix security_locked_down() call for SELinux
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] serial: core: fix suspicious security_locked_down() call
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] debugfs: fix security_locked_down() call for SELinux
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH] debugfs: fix security_locked_down() call for SELinux
  • From: Matthew Wilcox <willy@xxxxxxxxxxxxx>
• Re: [PATCH] debugfs: fix security_locked_down() call for SELinux
  • From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH] serial: core: fix suspicious security_locked_down() call
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH] debugfs: fix security_locked_down() call for SELinux
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] libselinux: silence -Wstringop-overflow warning from gcc 10.3.1
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH 1/2] libsepol/cil: Fix name resolution involving inherited blocks
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 1/2] libsepol/cil: Fix name resolution involving inherited blocks
  • From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
• [PATCH 2/2] secilc/docs: Document the order that inherited rules are resolved in
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 1/2] libsepol/cil: Fix name resolution involving inherited blocks
  • From: James Carter <jwcart2@xxxxxxxxx>
• improvement of setfiles man page
  • From: clime <clime7@xxxxxxxxx>
• Re: Stable backport request - perf/core: Fix unconditional security_locked_down() call
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: Stable backport request - perf/core: Fix unconditional security_locked_down() call
  • From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
• Stable backport request - perf/core: Fix unconditional security_locked_down() call
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v2] libsepol/cil: Check for self-referential loops in sets
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 0/5] Fix bugs identified by the secilc-fuzzer
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH] libsepol/cil: Properly reset an anonymous classperm set
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 24/25] libselinux: regex: unify parameter names
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 21/25] libselinux: label_db::db_init(): open file with CLOEXEC mode
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 25/25] libselinux: label_file.c: fix indent
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 23/25] libselinux: sidtab_sid_stats(): unify parameter name
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 22/25] libselinux: drop redundant casts to the same type
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 20/25] libselinux: matchpathcon: free memory on realloc failure
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 19/25] libselinux: label_file::init(): do not pass NULL to strdup
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 16/25] libselinux: store_stem(): do not free possible non-heap object
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 13/25] libselinux: label_media::init(): drop dead assignment
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 17/25] libselinux: matchmediacon(): close file on error
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 18/25] libselinux: init_selinux_config(): free resources on error
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 11/25] libselinux: context_new(): drop dead assignment
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 15/25] libselinux: getdefaultcon: free memory on multiple same arguments
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 14/25] libselinux: setexecfilecon(): drop dead assignment
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 12/25] libselinux: label_x::init(): drop dead assignment
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 10/25] libselinux: exclude_non_seclabel_mounts(): drop unused variable
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 09/25] libselinux: getconlist: free memory on multiple level arguments
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 07/25] libselinux: selinux_restorecon: mark local variable static
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 08/25] libselinux: selabel_get_digests_all_partial_matches: free memory after FTS_D block
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 05/25] libselinux: sefcontext_compile: mark local variable static
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 06/25] libselinux: avcstat: use standard length modifier for unsigned long long
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 02/25] libselinux: selinux_file_context_cmp(): do not discard const qualifier
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 04/25] libselinux: Sha1Finalise(): do not discard const qualifier
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 03/25] libselinux: label_common(): do not discard const qualifier
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 00/25] libselinux: misc compiler and static analyzer findings
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH 01/25] libselinux: sidtab_hash(): do not discard const qualifier
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [PATCH] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• Re: [PATCH testsuite] ci: test also on F34 images
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH testsuite] tests/lockdown: use /sys/kernel/debug/fault_around_bytes for integrity test
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH 4/5] libsepol/cil: Check for self-referential loops in sets
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH] libsepol/cil: Properly reset an anonymous classperm set
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• Re: [PATCH 4/5] libsepol/cil: Check for self-referential loops in sets
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• [PATCH testsuite] ci: test also on F34 images
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH testsuite] tests/lockdown: use /sys/kernel/debug/fault_around_bytes for integrity test
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH testsuite] policy: only define anon_inode class if not defined in system policy
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH] libselinux: silence -Wstringop-overflow warning from gcc 10.3.1
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• Re: [PATCH] libselinux: do not duplicate make target when going into subdirectory
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• Re: [PATCH] libsepol: use checked arithmetic builtin to perform safe addition
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH testsuite] policy: only define anon_inode class if not defined in system policy
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH testsuite] policy: only define anon_inode class if not defined in system policy
  • From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
• [PATCH testsuite] policy: only define anon_inode class if not defined in system policy
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] libsepol: use checked arithmetic builtin to perform safe addition
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• [PATCH 5/5] libsepol/cil: Return an error if a call argument fails to resolve
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 4/5] libsepol/cil: Check for self-referential loops in sets
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 3/5] libsepol/cil: Check datum in ordered list for expected flavor
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 2/5] libsepol/cil: Detect degenerate inheritance and exit with an error
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 1/5] libsepol/cil: Fix instances where an error returns SEPOL_OK
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 0/5] Fix bugs identified by the secilc-fuzzer
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [bug report?] other unexpected behaviours in secilc and CIL semantics
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 2] testsuite: fix cap_userns for kernels >= v5.12
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH 2] testsuite: fix cap_userns for kernels >= v5.12
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC SHADOW PATCH 0/7] SELinux modernizations
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC SHADOW PATCH 0/7] SELinux modernizations
  • From: James Carter <jwcart2@xxxxxxxxx>
• [bug report?] other unexpected behaviours in secilc and CIL semantics
  • From: lorenzo ceragioli <lorenzo.ceragioli@xxxxxxxxxxxx>
• Re: [PATCH 2] testsuite: fix cap_userns for kernels >= v5.12
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH] selinux: Remove redundant assignment to rc
  • From: Jiapeng Chong <jiapeng.chong@xxxxxxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for v5.13
  • From: pr-tracker-bot@xxxxxxxxxx
• [PATCH] libsepol/cil: Properly reset an anonymous classperm set
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 2] testsuite: fix cap_userns for kernels >= v5.12
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] testsuite: fix cap_userns for kernels >= v5.12
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC SHADOW PATCH 0/7] SELinux modernizations
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH v3 6/6] evm: Support multiple LSMs providing an xattr
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v3 5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v3 0/6] evm: Prepare for moving to the LSM infrastructure
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v3 2/6] security: Rewrite security_old_inode_init_security()
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v3 1/6] reiserfs: Add missing calls to reiserfs_security_free()
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v3 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v3 4/6] security: Support multiple LSMs implementing the inode_init_security hook
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• Re: [PATCH] testsuite: fix cap_userns for kernels >= v5.12
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [GIT PULL] SELinux patches for v5.13
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH] testsuite: fix cap_userns for kernels >= v5.12
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] libselinux: do not duplicate make target when going into subdirectory
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH v2] selinux: Corrected comment to match kernel-doc comment
  • From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
• [PATCH v2] selinux: Corrected comment to match kernel-doc comment
  • From: Souptick Joarder <jrdr.linux@xxxxxxxxx>
• Re: [PATCH] selinux: Corrected comment to match kernel-doc comment
  • From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
• [PATCH] selinux: Corrected comment to match kernel-doc comment
  • From: Souptick Joarder <jrdr.linux@xxxxxxxxx>
• Re: [PATCH] libselinux android: Add keystore2_key label module.
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• [PATCH] libselinux android: Add keystore2_key label module.
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
  • From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
• Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
  • From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
• Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] selinux: add proper NULL termination to the secclass_map permissions
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH 0/3 v3] Create secil2tree to write CIL AST
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• Re: [PATCH userspace] policycoreutils/setfiles: do not create useless setfiles.8.man file
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• RE: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• Re: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH 1/4] LSM: Infrastructure management of the superblock
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• RE: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
  • From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
• Re: [RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH] libsepol: use checked arithmetic builtin to perform safe addition
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• [PATCH] libselinux: do not duplicate make target when going into subdirectory
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• [PATCH] selinux: add proper NULL termination to the secclass_map permissions
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2 4/6] security: Support multiple LSMs implementing the inode_init_security hook
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH 0/3 v3] Create secil2tree to write CIL AST
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• Re: [RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH 3/3 v3] secilc: Create the new program called secil2tree to write out CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 1/3 v3] libsepol/cil: Create functions to write the CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 2/3 v3] libsepol/cil: Add functions to make use of cil_write_ast()
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 0/3 v3] Create secil2tree to write CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [RFC PATCH testsuite] Add extended_anon_inode_class policy capability support
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [RFC PATCH 1/2] LSM,anon_inodes: explicitly distinguish anon inode types
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH 0/3 v2] Create secil2tree to write CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 3/3 v2] secilc: Create the new program called secil2tree to write out CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH v2 6/6] evm: Support multiple LSMs providing an xattr
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v2 5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v2 4/6] security: Support multiple LSMs implementing the inode_init_security hook
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v2 2/6] reiserfs: Add missing calls to reiserfs_security_free()
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v2 1/6] xattr: Complete constify ->name member of "struct xattr"
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH v2 0/6] evm: Prepare for moving to the LSM infrastructure
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• Re: [PATCH 0/3 v2] Create secil2tree to write CIL AST
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• Re: [PATCH 3/3 v2] secilc: Create the new program called secil2tree to write out CIL AST
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• Re: [PATCH userspace] policycoreutils/setfiles: do not create useless setfiles.8.man file
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• Re: [PATCH 0/3 v2] Create secil2tree to write CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• RE: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• Re: [PATCH 00/12] Update checks for invalid rules in blocks
  • From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
• Re: no SELinux common criteria?
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: no SELinux common criteria?
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• no SELinux common criteria?
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: [PATCH 00/12] Update checks for invalid rules in blocks
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 00/11 v2] Various CIL patches
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 00/11] Various CIL patches
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 00/11] Various CIL patches
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH 12/12] secilc/docs: Update the CIL documentation for various blocks
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 3/3 v2] secilc: Create the new program called secil2tree to write out CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 1/3 v2] libsepol/cil: Create functions to write the CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 2/3 v2] libsepol/cil: Add functions to make use of cil_write_ast()
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 0/3 v2] Create secil2tree to write CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 11/11 v2] libsepol/cil: Move check for the shadowing of macro parameters
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 10/11 v2] libsepol/cil: Create function cil_add_decl_to_symtab() and refactor
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 09/11 v2] libsepol/cil: Refactor helper function for cil_gen_node()
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 08/11 v2] libsepol/cil: Allow permission expressions when using map classes
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 07/11 v2] libsepol/cil: Exit with an error if declaration name is a reserved word
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 06/11 v2] libsepol/cil: More strict verification of constraint leaf expressions
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 05/11 v2] libsepol/cil: Set class field to NULL when resetting struct cil_classperms
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 04/11 v2] libsepol/cil: cil_reset_classperms_set() should not reset classpermission
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 03/11 v2] libsepol/cil: Destroy classperm list when resetting map perms
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 02/11 v2] libsepol/cil: Destroy classperms list when resetting classpermission
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 01/11 v2] libsepol/cil: Fix out-of-bound read of file context pattern ending with "\"
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 00/11 v2] Various CIL patches
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH] secilc.c: Don't fail if input file is empty
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: MCS NetLabel
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: MCS NetLabel
  • From: "Paul R. Tagliamonte" <paultag@xxxxxxxxx>
• Re: MCS NetLabel
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• MCS NetLabel
  • From: "Paul R. Tagliamonte" <paultag@xxxxxxxxx>
• Re: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• RE: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• Re: [PATCH 12/12] secilc/docs: Update the CIL documentation for various blocks
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• [PATCH RESEND v5] proc: Allow pid_revalidate() during LOOKUP_RCU
  • From: Stephen Brennan <stephen.s.brennan@xxxxxxxxxx>
• Re: [PATCH 00/11] Various CIL patches
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 00/12] Update checks for invalid rules in blocks
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• [PATCH 3/3] secilc: Create the new program called secil2tree to write out CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 2/3] libsepol/cil: Add functions to make use of cil_write_ast()
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 1/3] libsepol/cil: Create functions to write the CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 0/3] Create secil2tree to write CIL AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• RE: [PATCH 1/5] xattr: Complete constify ->name member of "struct xattr"
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• Re: [PATCH 1/5] xattr: Complete constify ->name member of "struct xattr"
  • From: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
• [PATCH 5/5] evm: Support multiple LSMs providing an xattr
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH 4/5] evm: Align evm_inode_init_security() definition with LSM infrastructure
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH 3/5] security: Pass xattrs allocated by LSMs to the inode_init_security hook
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH 2/5] security: Support multiple LSMs implementing the inode_init_security hook
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH 1/5] xattr: Complete constify ->name member of "struct xattr"
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure
  • From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
• Re: [PATCH] secilc.c: Don't fail if input file is empty
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH] secilc.c: Don't fail if input file is empty
  • From: Yi-Yo Chiang <yochiang@xxxxxxxxxx>
• [RFC SHADOW PATCH 7/7] selinux: only open selabel database once
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [RFC SHADOW PATCH 1/7] struct commonio_db[selinux]: do not use deprecated type security_context_t
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [RFC SHADOW PATCH 3/7] selinux.c: do not use deprecated typedef and skip context translation
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [RFC SHADOW PATCH 5/7] selinux.c: use modern selabel interface instead of deprecated matchpathcon
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [RFC SHADOW PATCH 6/7] set_selinux_file_context(): prepare context for actual file type
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [RFC SHADOW PATCH 4/7] selinux.c:reset_selinux_file_context(): do not fail in permissive mode
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [RFC SHADOW PATCH 2/7] vipw[selinux]: do not use deprecated typedef and skip context translation
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• [RFC SHADOW PATCH 0/7] SELinux modernizations
  • From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
• Re: [PATCH v6 24/40] fs: make helpers idmap mount aware
  • From: Christian Brauner <christian.brauner@xxxxxxxxxx>
• Re: [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH v6 24/40] fs: make helpers idmap mount aware
  • From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
• Re: [PATCH v6 24/40] fs: make helpers idmap mount aware
  • From: Anton Altaparmakov <anton@xxxxxxxxxx>
• Re: [GIT PULL] SELinux fixes for v5.12 (#2)
  • From: pr-tracker-bot@xxxxxxxxxx
• [GIT PULL] SELinux fixes for v5.12 (#2)
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
  • From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
• [PATCH 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH 2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH 2/2] selinux:Delete selinux_xfrm_policy_lookup() useless argument
  • From:  Zhongjun Tan <hbut_tan@xxxxxxx>
• Re: Detect SELinux by checking if policy is loaded
  • From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
• [PATCH 10/11] libsepol/cil: Create function cil_add_decl_to_symtab() and refactor
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 11/11] libsepol/cil: Move check for the shadowing of macro parameters
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 09/11] libsepol/cil: Refactor helper function for cil_gen_node()
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 08/11] libsepol/cil: Allow permission expressions when using map classes
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 07/11 v2] libsepol/cil: Exit with an error if declaration name is a reserved word
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 06/11] libsepol/cil: More strict verification of constraint leaf expressions
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 05/11] libsepol/cil: Set class field to NULL when resetting struct cil_classperms
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 04/11] libsepol/cil: cil_reset_classperms_set() should not reset classpermission
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 03/11] libsepol/cil: Destroy classperm list when resetting map perms
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 02/11] libsepol/cil: Destroy classperms list when resetting classpermission
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 01/11] libsepol/cil: Fix out-of-bound read of file context pattern ending with "\"
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 00/11] Various CIL patches
  • From: James Carter <jwcart2@xxxxxxxxx>
• Detect SELinux by checking if policy is loaded
  • From: Kai Lüke <kai@xxxxxxxxxx>
• Re: [PATCH] cil_conditional_statements.md: fix expr definition
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH] selinux:Delete selinux_xfrm_policy_lookup() useless argument
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH testsuite] Deactivate userfaultfd test policy if no xperm support
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH] selinux:Delete selinux_xfrm_policy_lookup() useless argument
  • From:  Zhongjun Tan <hbut_tan@xxxxxxx>
• [PATCH] selinux:Delete selinux_xfrm_policy_lookup() useless argument
  • From:  Zhongjun Tan <hbut_tan@xxxxxxx>
• Re: [PATCH] object_classes_permissions.md: Add anon_inode class
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v3] selinux: fix race between old and new sidtab
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2 4/4] selinux: add "mls" binary version of the policy
  • From: Vit Mojzis <vmojzis@xxxxxxxxxx>
• [PATCH v2 4/4] selinux: add "mls" binary version of the policy
  • From: Vit Mojzis <vmojzis@xxxxxxxxxx>
• [PATCH v2 3/4] selinux: Remove 'make' dependency
  • From: Vit Mojzis <vmojzis@xxxxxxxxxx>
• [PATCH v2 2/4] [DO NOT MERGE] Install selinux-policy-devel in test environment
  • From: Vit Mojzis <vmojzis@xxxxxxxxxx>
• [PATCH v3] selinux: fix race between old and new sidtab
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] selinux: fix race between old and new sidtab
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] selinux: fix race between old and new sidtab
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH testsuite] Deactivate userfaultfd test policy if no xperm support
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v2] selinux: fix race between old and new sidtab
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH] selinux: fix race between old and new sidtab
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [BUG] Oops in sidtab_context_to_sid
  • From: Vijay Balakrishna <vijayb@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH] selinux: fix race between old and new sidtab
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH] selinux: fix race between old and new sidtab
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [BUG] Oops in sidtab_context_to_sid
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [BUG] Oops in sidtab_context_to_sid
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [BUG] Oops in sidtab_context_to_sid
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [Request] CIL configurations
  • From: James Carter <jwcart2@xxxxxxxxx>
• [Request] CIL configurations
  • From: lorenzo ceragioli <lorenzo.ceragioli@xxxxxxxxxxxx>
• Re: [PATCH v3 2/2] selinux: fix cond_list corruption when changing booleans
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2 2/2] selinux: fix cond_list corruption when changing booleans
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v3 1/2] selinux: make nslot handling in avtab more robust
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v3 2/2] selinux: fix cond_list corruption when changing booleans
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v3 0/2] selinux: fix changing booleans
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH v2 2/2] selinux: fix cond_list corruption when changing booleans
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH v2 1/2] selinux: make nslot handling in avtab more robust
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v2 2/2] selinux: fix cond_list corruption when changing booleans
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH v2 0/2] selinux: fix changing booleans
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs
  • From: Christoph Hellwig <hch@xxxxxxxxxxxxx>
• Re: [PATCH 0/3] selinux: fix changing booleans
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH 0/3] selinux: fix changing booleans
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/3] selinux: fix changing booleans
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH 12/12] secilc/docs: Update the CIL documentation for various blocks
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 10/12] libsepol/cil: Make invalid statement error messages consistent
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 11/12] libsepol/cil: Use CIL_ERR for error messages in cil_compile()
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 08/12] libsepol/cil: Sync checks for invalid rules in macros
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 09/12] libsepol/cil: Do not allow tunable declarations in in-statements
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 06/12] libsepol/cil: Sync checks for invalid rules in booleanifs
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 07/12] libsepol/cil: Check for statements not allowed in optional blocks
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 05/12] libsepol/cil: Reorder checks for invalid rules when resolving AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 01/12] libsepol/cil: Reorder checks for invalid rules when building AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 02/12] libsepol/cil: Cleanup build AST helper functions
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 04/12] libsepol/cil: Use AST to track blocks and optionals when resolving
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 00/12] Update checks for invalid rules in blocks
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 03/12] libsepol/cil: Create new first child helper function for building AST
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 2/3] selinux: simplify duplicate_policydb_cond_list() by using kmemdup()
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH 3/3] selinux: constify some avtab function arguments
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH 0/3] selinux: fix changing booleans
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests
  • From: David Brazdil <dbrazdil@xxxxxxxxxx>
• Re: typechange silently dropped in some cases
  • From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
• Re: typechange silently dropped in some cases
  • From: James Carter <jwcart2@xxxxxxxxx>
• typechange silently dropped in some cases
  • From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
• Re: [PATCH] cil_conditional_statements.md: fix expr definition
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH testsuite] tests/userfaultfd: handle __NR_userfaultfd not being defined
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH] cil_conditional_statements.md: fix expr definition
  • From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
• Re: [PATCH testsuite] tests/userfaultfd: handle __NR_userfaultfd not being defined
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [PATCH testsuite] tests/userfaultfd: handle __NR_userfaultfd not being defined
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon
  • From: peter enderborg <peter.enderborg@xxxxxxxx>
• [RFC PATCH userspace 5/6] selinux_restorecon: introduce selinux_restorecon_parallel(3)
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [RFC PATCH userspace 6/6] setfiles/restorecon: support parallel relabeling
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [RFC PATCH userspace 0/6] Parallel setfiles/restorecon
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [RFC PATCH userspace 3/6] selinux_restorecon: introduce selinux_log_sync()
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [RFC PATCH userspace 2/6] selinux_restorecon: protect file_spec list with a mutex
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [RFC PATCH userspace 1/6] selinux_restorecon: simplify fl_head allocation by using calloc()
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• [RFC PATCH userspace 4/6] selinux_restorecon: add a global mutex to synchronize progress output
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH v2 0/3] Split security_task_getsecid() into subj and obj variants
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v3 3/3] NFSv4 account for selinux security context when deciding to share superblock
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v3 2/3] [NFS] cleanup: remove unneeded null check in nfs_fill_super()
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux fixes for v5.12 (#1)
  • From: pr-tracker-bot@xxxxxxxxxx
• [GIT PULL] SELinux fixes for v5.12 (#1)
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] libsepol/cil: Allow permission expressions when using map classes
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 3/3] libsepol/cil: Move check for the shadowing of macro parameters
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 2/3] libsepol/cil: Create function cil_add_decl_to_symtab() and refactor
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH 1/3] libsepol/cil: Refactor helper function for cil_gen_node()
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH] libsepol/cil: Allow permission expressions when using map classes
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH] libsepol/cil: Allow permission expressions when using map classes
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH V2] libsepol/cil: Exit with an error if declaration name is a reserved word
  • From: James Carter <jwcart2@xxxxxxxxx>
• [PATCH userspace] policycoreutils/setfiles: do not create useless setfiles.8.man file
  • From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
• Re: [PATCH v2] selinux: vsock: Set SID for socket returned by accept()
  • From: patchwork-bot+netdevbpf@xxxxxxxxxx
• Re: [PATCH] libsepol/cil: Exit with an error if declaration name is a reserved word
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH] libsepol/cil: Exit with an error if declaration name is a reserved word
  • From: James Carter <jwcart2@xxxxxxxxx>
• Re: [PATCH v2 2/3] selinux: clarify task subjective and objective credentials
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>
• Re: [PATCH v2 1/3] lsm: separate security_task_getsecid() into subjective and objective variants
  • From: Richard Guy Briggs <rgb@xxxxxxxxxx>