SELinux - Date Index

Thread Index

[Prev Page][Next Page]

[PATCH v26 12/25] LSM: Use lsmblob in security_cred_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 11/25] LSM: Use lsmblob in security_inode_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 10/25] LSM: Use lsmblob in security_task_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 09/25] LSM: Use lsmblob in security_ipc_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 06/25] LSM: Use lsmblob in security_kernel_act_as
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 05/25] LSM: Use lsmblob in security_audit_rule_match
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 04/25] IMA: avoid label collisions with stacked LSMs
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 03/25] LSM: provide lsm name and id slot mappings
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 02/25] LSM: Add the lsmblob data structure.
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 01/25] LSM: Infrastructure management of the sock security
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v26 00/25] LSM: Module stacking for AppArmor
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH 5/6] libsepol/cil: Pointers to datums should be set to NULL when resetting
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 6/6] libsepol/cil: Resolve anonymous levels only once
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 3/6] libsepol/cil: Limit the number of open parenthesis allowed
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 4/6] libsepol/cil: Resolve anonymous class permission sets only once
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/6] libsepol/cil: Destroy the permission nodes when exiting with an error
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/6] libsepol/cil: Handle disabled optional blocks in earlier passes
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 0/6] More secilc-fuzzer problems fixed
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v2] libsepol/cil: Check for self-referential loops in sets
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v2] lsm_audit,selinux: pass IB device name by reference
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH userspace 2/2] scripts/ci: use F34 image instead of F33
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v2] lsm_audit,selinux: pass IB device name by reference
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] selinux: use strlcpy() when copying IB device name
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH userspace 1/2] libselinux: fix invalid free in store_stem()/load_mmap()
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH userspace 2/2] scripts/ci: use F34 image instead of F33
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace 1/2] libselinux: fix invalid free in store_stem()/load_mmap()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH userspace 0/2] Bump testsuite CI image to F34
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] libselinux: silence -Wstringop-overflow warning from gcc 10.3.1
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
[PATCH 5/5 v2] secilc/docs: Relocate and reword macro call name resolution order
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 4/5 v2] libsepol/cil: Do not resolve arguments to declarations in the call
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 3/5 v2] libsepo/cil: Refactor macro call resolution
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/5 v2] libsepol/cil: Make name resolution in macros work as documented
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/5 v2] libsepol/cil: Do not add NULL node when inserting key into symtab
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 0/5 v2] secilc/cil: Fix name resolution for macro calls
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] selinux: use strlcpy() when copying IB device name
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] selinux: Remove redundant assignment to rc
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v2] selinux: Corrected comment to match kernel-doc comment
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 2/2] selinux:Delete selinux_xfrm_policy_lookup() useless argument
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 3/3] selinux: constify some avtab function arguments
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 2/3] selinux: simplify duplicate_policydb_cond_list() by using kmemdup()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] serial: core: fix suspicious security_locked_down() call
- From: Kees Cook <keescook@xxxxxxxxxxxx>
Re: [PATCH 2/3] libsepol/cil: Copy and resolve macro calls in one pass
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 2/3] libselinux: make selinux_status_open(3) reentrant
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 3/3] libselinux: do not use status page fallback mode internally
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 2/3] libselinux: make selinux_status_open(3) reentrant
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 1/3] libselinux: avc_destroy(3) closes status page
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 0/3] libselinux: quirks of the status page
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH] checkpolicy: fix the leak memory when uses xperms
- From: liwugang <liwugang@xxxxxxx>
[PATCH v2] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests
- From: David Brazdil <dbrazdil@xxxxxxxxxx>
Re: [PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH 3/3] secilc/docs: Relocate and reword macro call name resolution order
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/3] libsepol/cil: Copy and resolve macro calls in one pass
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/3] libsepol/cil: Make name resolution in macros work as documented
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect
- From: Steven Rostedt <rostedt@xxxxxxxxxxx>
[PATCH] selinux: use strlcpy() when copying IB device name
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] serial: core: fix suspicious security_locked_down() call
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v2] debugfs: fix security_locked_down() call for SELinux
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] debugfs: fix security_locked_down() call for SELinux
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] serial: core: fix suspicious security_locked_down() call
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] debugfs: fix security_locked_down() call for SELinux
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH] debugfs: fix security_locked_down() call for SELinux
- From: Matthew Wilcox <willy@xxxxxxxxxxxxx>
Re: [PATCH] debugfs: fix security_locked_down() call for SELinux
- From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] serial: core: fix suspicious security_locked_down() call
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] debugfs: fix security_locked_down() call for SELinux
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] libselinux: silence -Wstringop-overflow warning from gcc 10.3.1
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH 1/2] libsepol/cil: Fix name resolution involving inherited blocks
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 1/2] libsepol/cil: Fix name resolution involving inherited blocks
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
[PATCH 2/2] secilc/docs: Document the order that inherited rules are resolved in
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/2] libsepol/cil: Fix name resolution involving inherited blocks
- From: James Carter <jwcart2@xxxxxxxxx>
improvement of setfiles man page
- From: clime <clime7@xxxxxxxxx>
Re: Stable backport request - perf/core: Fix unconditional security_locked_down() call
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: Stable backport request - perf/core: Fix unconditional security_locked_down() call
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
Stable backport request - perf/core: Fix unconditional security_locked_down() call
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v2] libsepol/cil: Check for self-referential loops in sets
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 0/5] Fix bugs identified by the secilc-fuzzer
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] libsepol/cil: Properly reset an anonymous classperm set
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 24/25] libselinux: regex: unify parameter names
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 21/25] libselinux: label_db::db_init(): open file with CLOEXEC mode
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 25/25] libselinux: label_file.c: fix indent
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 23/25] libselinux: sidtab_sid_stats(): unify parameter name
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 22/25] libselinux: drop redundant casts to the same type
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 20/25] libselinux: matchpathcon: free memory on realloc failure
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 19/25] libselinux: label_file::init(): do not pass NULL to strdup
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 16/25] libselinux: store_stem(): do not free possible non-heap object
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 13/25] libselinux: label_media::init(): drop dead assignment
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 17/25] libselinux: matchmediacon(): close file on error
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 18/25] libselinux: init_selinux_config(): free resources on error
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 11/25] libselinux: context_new(): drop dead assignment
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 15/25] libselinux: getdefaultcon: free memory on multiple same arguments
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 14/25] libselinux: setexecfilecon(): drop dead assignment
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 12/25] libselinux: label_x::init(): drop dead assignment
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 10/25] libselinux: exclude_non_seclabel_mounts(): drop unused variable
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 09/25] libselinux: getconlist: free memory on multiple level arguments
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 07/25] libselinux: selinux_restorecon: mark local variable static
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 08/25] libselinux: selabel_get_digests_all_partial_matches: free memory after FTS_D block
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 05/25] libselinux: sefcontext_compile: mark local variable static
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 06/25] libselinux: avcstat: use standard length modifier for unsigned long long
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 02/25] libselinux: selinux_file_context_cmp(): do not discard const qualifier
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 04/25] libselinux: Sha1Finalise(): do not discard const qualifier
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 03/25] libselinux: label_common(): do not discard const qualifier
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 00/25] libselinux: misc compiler and static analyzer findings
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH 01/25] libselinux: sidtab_hash(): do not discard const qualifier
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH testsuite] ci: test also on F34 images
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH testsuite] tests/lockdown: use /sys/kernel/debug/fault_around_bytes for integrity test
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH 4/5] libsepol/cil: Check for self-referential loops in sets
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] libsepol/cil: Properly reset an anonymous classperm set
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 4/5] libsepol/cil: Check for self-referential loops in sets
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH testsuite] ci: test also on F34 images
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH testsuite] tests/lockdown: use /sys/kernel/debug/fault_around_bytes for integrity test
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH testsuite] policy: only define anon_inode class if not defined in system policy
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] libselinux: silence -Wstringop-overflow warning from gcc 10.3.1
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libselinux: do not duplicate make target when going into subdirectory
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol: use checked arithmetic builtin to perform safe addition
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH testsuite] policy: only define anon_inode class if not defined in system policy
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH testsuite] policy: only define anon_inode class if not defined in system policy
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
[PATCH testsuite] policy: only define anon_inode class if not defined in system policy
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] libsepol: use checked arithmetic builtin to perform safe addition
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH 5/5] libsepol/cil: Return an error if a call argument fails to resolve
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 4/5] libsepol/cil: Check for self-referential loops in sets
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 3/5] libsepol/cil: Check datum in ordered list for expected flavor
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/5] libsepol/cil: Detect degenerate inheritance and exit with an error
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/5] libsepol/cil: Fix instances where an error returns SEPOL_OK
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 0/5] Fix bugs identified by the secilc-fuzzer
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [bug report?] other unexpected behaviours in secilc and CIL semantics
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 2] testsuite: fix cap_userns for kernels >= v5.12
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH 2] testsuite: fix cap_userns for kernels >= v5.12
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC SHADOW PATCH 0/7] SELinux modernizations
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC SHADOW PATCH 0/7] SELinux modernizations
- From: James Carter <jwcart2@xxxxxxxxx>
[bug report?] other unexpected behaviours in secilc and CIL semantics
- From: lorenzo ceragioli <lorenzo.ceragioli@xxxxxxxxxxxx>
Re: [PATCH 2] testsuite: fix cap_userns for kernels >= v5.12
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] selinux: Remove redundant assignment to rc
- From: Jiapeng Chong <jiapeng.chong@xxxxxxxxxxxxxxxxx>
Re: [GIT PULL] SELinux patches for v5.13
- From: pr-tracker-bot@xxxxxxxxxx
[PATCH] libsepol/cil: Properly reset an anonymous classperm set
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2] testsuite: fix cap_userns for kernels >= v5.12
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] testsuite: fix cap_userns for kernels >= v5.12
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC SHADOW PATCH 0/7] SELinux modernizations
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH v3 6/6] evm: Support multiple LSMs providing an xattr
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v3 5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v3 0/6] evm: Prepare for moving to the LSM infrastructure
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v3 2/6] security: Rewrite security_old_inode_init_security()
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v3 1/6] reiserfs: Add missing calls to reiserfs_security_free()
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v3 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v3 4/6] security: Support multiple LSMs implementing the inode_init_security hook
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
Re: [PATCH] testsuite: fix cap_userns for kernels >= v5.12
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[GIT PULL] SELinux patches for v5.13
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] testsuite: fix cap_userns for kernels >= v5.12
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] libselinux: do not duplicate make target when going into subdirectory
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH v2] selinux: Corrected comment to match kernel-doc comment
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
[PATCH v2] selinux: Corrected comment to match kernel-doc comment
- From: Souptick Joarder <jrdr.linux@xxxxxxxxx>
Re: [PATCH] selinux: Corrected comment to match kernel-doc comment
- From: Randy Dunlap <rdunlap@xxxxxxxxxxxxx>
[PATCH] selinux: Corrected comment to match kernel-doc comment
- From: Souptick Joarder <jrdr.linux@xxxxxxxxx>
Re: [PATCH] libselinux android: Add keystore2_key label module.
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
[PATCH] libselinux android: Add keystore2_key label module.
- From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] selinux: add proper NULL termination to the secclass_map permissions
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH 0/3 v3] Create secil2tree to write CIL AST
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH userspace] policycoreutils/setfiles: do not create useless setfiles.8.man file
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
RE: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
Re: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH 1/4] LSM: Infrastructure management of the superblock
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
RE: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
Re: [RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] libsepol: use checked arithmetic builtin to perform safe addition
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH] libselinux: do not duplicate make target when going into subdirectory
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH] selinux: add proper NULL termination to the secclass_map permissions
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v2 4/6] security: Support multiple LSMs implementing the inode_init_security hook
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH 0/3 v3] Create secil2tree to write CIL AST
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH 3/3 v3] secilc: Create the new program called secil2tree to write out CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/3 v3] libsepol/cil: Create functions to write the CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/3 v3] libsepol/cil: Add functions to make use of cil_write_ast()
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 0/3 v3] Create secil2tree to write CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
[RFC PATCH testsuite] Add extended_anon_inode_class policy capability support
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[RFC PATCH 1/2] LSM,anon_inodes: explicitly distinguish anon inode types
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH 0/3 v2] Create secil2tree to write CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 3/3 v2] secilc: Create the new program called secil2tree to write out CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH v2 6/6] evm: Support multiple LSMs providing an xattr
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v2 5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v2 4/6] security: Support multiple LSMs implementing the inode_init_security hook
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v2 2/6] reiserfs: Add missing calls to reiserfs_security_free()
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v2 1/6] xattr: Complete constify ->name member of "struct xattr"
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH v2 0/6] evm: Prepare for moving to the LSM infrastructure
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
Re: [PATCH 0/3 v2] Create secil2tree to write CIL AST
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 3/3 v2] secilc: Create the new program called secil2tree to write out CIL AST
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH userspace] policycoreutils/setfiles: do not create useless setfiles.8.man file
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 0/3 v2] Create secil2tree to write CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
RE: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
Re: [PATCH 00/12] Update checks for invalid rules in blocks
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: no SELinux common criteria?
- From: Ted Toth <txtoth@xxxxxxxxx>
Re: no SELinux common criteria?
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
no SELinux common criteria?
- From: Ted Toth <txtoth@xxxxxxxxx>
Re: [PATCH 00/12] Update checks for invalid rules in blocks
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 00/11 v2] Various CIL patches
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 00/11] Various CIL patches
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 00/11] Various CIL patches
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH 12/12] secilc/docs: Update the CIL documentation for various blocks
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 3/3 v2] secilc: Create the new program called secil2tree to write out CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/3 v2] libsepol/cil: Create functions to write the CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/3 v2] libsepol/cil: Add functions to make use of cil_write_ast()
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 0/3 v2] Create secil2tree to write CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 11/11 v2] libsepol/cil: Move check for the shadowing of macro parameters
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 10/11 v2] libsepol/cil: Create function cil_add_decl_to_symtab() and refactor
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 09/11 v2] libsepol/cil: Refactor helper function for cil_gen_node()
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 08/11 v2] libsepol/cil: Allow permission expressions when using map classes
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 07/11 v2] libsepol/cil: Exit with an error if declaration name is a reserved word
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 06/11 v2] libsepol/cil: More strict verification of constraint leaf expressions
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 05/11 v2] libsepol/cil: Set class field to NULL when resetting struct cil_classperms
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 04/11 v2] libsepol/cil: cil_reset_classperms_set() should not reset classpermission
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 03/11 v2] libsepol/cil: Destroy classperm list when resetting map perms
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 02/11 v2] libsepol/cil: Destroy classperms list when resetting classpermission
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 01/11 v2] libsepol/cil: Fix out-of-bound read of file context pattern ending with "\"
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 00/11 v2] Various CIL patches
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] secilc.c: Don't fail if input file is empty
- From: James Carter <jwcart2@xxxxxxxxx>
Re: MCS NetLabel
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: MCS NetLabel
- From: "Paul R. Tagliamonte" <paultag@xxxxxxxxx>
Re: MCS NetLabel
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
MCS NetLabel
- From: "Paul R. Tagliamonte" <paultag@xxxxxxxxx>
Re: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
RE: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
Re: [PATCH 12/12] secilc/docs: Update the CIL documentation for various blocks
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
[PATCH RESEND v5] proc: Allow pid_revalidate() during LOOKUP_RCU
- From: Stephen Brennan <stephen.s.brennan@xxxxxxxxxx>
Re: [PATCH 00/11] Various CIL patches
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 00/12] Update checks for invalid rules in blocks
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH 3/3] secilc: Create the new program called secil2tree to write out CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/3] libsepol/cil: Add functions to make use of cil_write_ast()
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/3] libsepol/cil: Create functions to write the CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 0/3] Create secil2tree to write CIL AST
- From: James Carter <jwcart2@xxxxxxxxx>
RE: [PATCH 1/5] xattr: Complete constify ->name member of "struct xattr"
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
Re: [PATCH 1/5] xattr: Complete constify ->name member of "struct xattr"
- From: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
[PATCH 5/5] evm: Support multiple LSMs providing an xattr
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH 4/5] evm: Align evm_inode_init_security() definition with LSM infrastructure
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH 3/5] security: Pass xattrs allocated by LSMs to the inode_init_security hook
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH 2/5] security: Support multiple LSMs implementing the inode_init_security hook
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH 1/5] xattr: Complete constify ->name member of "struct xattr"
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
[PATCH 0/5] evm: Prepare for moving to the LSM infrastructure
- From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
Re: [PATCH] secilc.c: Don't fail if input file is empty
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH] secilc.c: Don't fail if input file is empty
- From: Yi-Yo Chiang <yochiang@xxxxxxxxxx>
[RFC SHADOW PATCH 7/7] selinux: only open selabel database once
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC SHADOW PATCH 1/7] struct commonio_db[selinux]: do not use deprecated type security_context_t
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC SHADOW PATCH 3/7] selinux.c: do not use deprecated typedef and skip context translation
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC SHADOW PATCH 5/7] selinux.c: use modern selabel interface instead of deprecated matchpathcon
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC SHADOW PATCH 6/7] set_selinux_file_context(): prepare context for actual file type
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC SHADOW PATCH 4/7] selinux.c:reset_selinux_file_context(): do not fail in permissive mode
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC SHADOW PATCH 2/7] vipw[selinux]: do not use deprecated typedef and skip context translation
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[RFC SHADOW PATCH 0/7] SELinux modernizations
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [PATCH v6 24/40] fs: make helpers idmap mount aware
- From: Christian Brauner <christian.brauner@xxxxxxxxxx>
Re: [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v6 24/40] fs: make helpers idmap mount aware
- From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH v6 24/40] fs: make helpers idmap mount aware
- From: Anton Altaparmakov <anton@xxxxxxxxxx>
Re: [GIT PULL] SELinux fixes for v5.12 (#2)
- From: pr-tracker-bot@xxxxxxxxxx
[GIT PULL] SELinux fixes for v5.12 (#2)
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
[PATCH 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH 2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH 2/2] selinux:Delete selinux_xfrm_policy_lookup() useless argument
- From: Zhongjun Tan <hbut_tan@xxxxxxx>
Re: Detect SELinux by checking if policy is loaded
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
[PATCH 10/11] libsepol/cil: Create function cil_add_decl_to_symtab() and refactor
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 11/11] libsepol/cil: Move check for the shadowing of macro parameters
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 09/11] libsepol/cil: Refactor helper function for cil_gen_node()
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 08/11] libsepol/cil: Allow permission expressions when using map classes
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 07/11 v2] libsepol/cil: Exit with an error if declaration name is a reserved word
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 06/11] libsepol/cil: More strict verification of constraint leaf expressions
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 05/11] libsepol/cil: Set class field to NULL when resetting struct cil_classperms
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 04/11] libsepol/cil: cil_reset_classperms_set() should not reset classpermission
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 03/11] libsepol/cil: Destroy classperm list when resetting map perms
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 02/11] libsepol/cil: Destroy classperms list when resetting classpermission
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 01/11] libsepol/cil: Fix out-of-bound read of file context pattern ending with "\"
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 00/11] Various CIL patches
- From: James Carter <jwcart2@xxxxxxxxx>
Detect SELinux by checking if policy is loaded
- From: Kai Lüke <kai@xxxxxxxxxx>
Re: [PATCH] cil_conditional_statements.md: fix expr definition
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] selinux:Delete selinux_xfrm_policy_lookup() useless argument
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH testsuite] Deactivate userfaultfd test policy if no xperm support
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] selinux:Delete selinux_xfrm_policy_lookup() useless argument
- From: Zhongjun Tan <hbut_tan@xxxxxxx>
[PATCH] selinux:Delete selinux_xfrm_policy_lookup() useless argument
- From: Zhongjun Tan <hbut_tan@xxxxxxx>
Re: [PATCH] object_classes_permissions.md: Add anon_inode class
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3] selinux: fix race between old and new sidtab
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v2 4/4] selinux: add "mls" binary version of the policy
- From: Vit Mojzis <vmojzis@xxxxxxxxxx>
[PATCH v2 4/4] selinux: add "mls" binary version of the policy
- From: Vit Mojzis <vmojzis@xxxxxxxxxx>
[PATCH v2 3/4] selinux: Remove 'make' dependency
- From: Vit Mojzis <vmojzis@xxxxxxxxxx>
[PATCH v2 2/4] [DO NOT MERGE] Install selinux-policy-devel in test environment
- From: Vit Mojzis <vmojzis@xxxxxxxxxx>
[PATCH v3] selinux: fix race between old and new sidtab
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] selinux: fix race between old and new sidtab
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] selinux: fix race between old and new sidtab
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH testsuite] Deactivate userfaultfd test policy if no xperm support
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v2] selinux: fix race between old and new sidtab
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] selinux: fix race between old and new sidtab
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [BUG] Oops in sidtab_context_to_sid
- From: Vijay Balakrishna <vijayb@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH] selinux: fix race between old and new sidtab
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] selinux: fix race between old and new sidtab
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [BUG] Oops in sidtab_context_to_sid
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [BUG] Oops in sidtab_context_to_sid
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [BUG] Oops in sidtab_context_to_sid
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [Request] CIL configurations
- From: James Carter <jwcart2@xxxxxxxxx>
[Request] CIL configurations
- From: lorenzo ceragioli <lorenzo.ceragioli@xxxxxxxxxxxx>
Re: [PATCH v3 2/2] selinux: fix cond_list corruption when changing booleans
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v2 2/2] selinux: fix cond_list corruption when changing booleans
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v3 1/2] selinux: make nslot handling in avtab more robust
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v3 2/2] selinux: fix cond_list corruption when changing booleans
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v3 0/2] selinux: fix changing booleans
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2 2/2] selinux: fix cond_list corruption when changing booleans
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH v2 1/2] selinux: make nslot handling in avtab more robust
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v2 2/2] selinux: fix cond_list corruption when changing booleans
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v2 0/2] selinux: fix changing booleans
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs
- From: Christoph Hellwig <hch@xxxxxxxxxxxxx>
Re: [PATCH 0/3] selinux: fix changing booleans
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH 0/3] selinux: fix changing booleans
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 0/3] selinux: fix changing booleans
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH 12/12] secilc/docs: Update the CIL documentation for various blocks
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 10/12] libsepol/cil: Make invalid statement error messages consistent
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 11/12] libsepol/cil: Use CIL_ERR for error messages in cil_compile()
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 08/12] libsepol/cil: Sync checks for invalid rules in macros
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 09/12] libsepol/cil: Do not allow tunable declarations in in-statements
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 06/12] libsepol/cil: Sync checks for invalid rules in booleanifs
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 07/12] libsepol/cil: Check for statements not allowed in optional blocks
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 05/12] libsepol/cil: Reorder checks for invalid rules when resolving AST
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 01/12] libsepol/cil: Reorder checks for invalid rules when building AST
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 02/12] libsepol/cil: Cleanup build AST helper functions
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 04/12] libsepol/cil: Use AST to track blocks and optionals when resolving
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 00/12] Update checks for invalid rules in blocks
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 03/12] libsepol/cil: Create new first child helper function for building AST
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/3] selinux: simplify duplicate_policydb_cond_list() by using kmemdup()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH 3/3] selinux: constify some avtab function arguments
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH 0/3] selinux: fix changing booleans
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH 1/3] selinux: fix cond_list corruption when changing booleans
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests
- From: David Brazdil <dbrazdil@xxxxxxxxxx>
Re: typechange silently dropped in some cases
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
Re: typechange silently dropped in some cases
- From: James Carter <jwcart2@xxxxxxxxx>
typechange silently dropped in some cases
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
Re: [PATCH] cil_conditional_statements.md: fix expr definition
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH testsuite] tests/userfaultfd: handle __NR_userfaultfd not being defined
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] cil_conditional_statements.md: fix expr definition
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
Re: [PATCH testsuite] tests/userfaultfd: handle __NR_userfaultfd not being defined
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH testsuite] tests/userfaultfd: handle __NR_userfaultfd not being defined
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon
- From: peter enderborg <peter.enderborg@xxxxxxxx>
[RFC PATCH userspace 5/6] selinux_restorecon: introduce selinux_restorecon_parallel(3)
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[RFC PATCH userspace 6/6] setfiles/restorecon: support parallel relabeling
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[RFC PATCH userspace 0/6] Parallel setfiles/restorecon
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[RFC PATCH userspace 3/6] selinux_restorecon: introduce selinux_log_sync()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[RFC PATCH userspace 2/6] selinux_restorecon: protect file_spec list with a mutex
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[RFC PATCH userspace 1/6] selinux_restorecon: simplify fl_head allocation by using calloc()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[RFC PATCH userspace 4/6] selinux_restorecon: add a global mutex to synchronize progress output
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2 0/3] Split security_task_getsecid() into subj and obj variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3 3/3] NFSv4 account for selinux security context when deciding to share superblock
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3 2/3] [NFS] cleanup: remove unneeded null check in nfs_fill_super()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [GIT PULL] SELinux fixes for v5.12 (#1)
- From: pr-tracker-bot@xxxxxxxxxx
[GIT PULL] SELinux fixes for v5.12 (#1)
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] libsepol/cil: Allow permission expressions when using map classes
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 3/3] libsepol/cil: Move check for the shadowing of macro parameters
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/3] libsepol/cil: Create function cil_add_decl_to_symtab() and refactor
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/3] libsepol/cil: Refactor helper function for cil_gen_node()
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH] libsepol/cil: Allow permission expressions when using map classes
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH] libsepol/cil: Allow permission expressions when using map classes
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH V2] libsepol/cil: Exit with an error if declaration name is a reserved word
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH userspace] policycoreutils/setfiles: do not create useless setfiles.8.man file
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2] selinux: vsock: Set SID for socket returned by accept()
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH] libsepol/cil: Exit with an error if declaration name is a reserved word
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] libsepol/cil: Exit with an error if declaration name is a reserved word
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v2 2/3] selinux: clarify task subjective and objective credentials
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH v2 1/3] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH] libsepol/cil: Destroy classperms list when resetting classpermission
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v2] selinux: vsock: Set SID for socket returned by accept()
- From: David Brazdil <dbrazdil@xxxxxxxxxx>
[PATCH v2] selinux: vsock: Set SID for socket returned by accept()
- From: David Brazdil <dbrazdil@xxxxxxxxxx>
Re: [PATCH] selinux: vsock: Set SID for socket returned by accept()
- From: David Brazdil <dbrazdil@xxxxxxxxxx>
Re: Weird bug in NFS/SELinux
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] xfs: use has_capability_noaudit() instead of capable() where appropriate
- From: Dave Chinner <david@xxxxxxxxxxxxx>
Re: [PATCH v2 1/3] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3 0/3] selinux: policy load fixes
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Olga Kornievskaia <olga.kornievskaia@xxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: James Morris <jmorris@xxxxxxxxx>
[PATCH v2] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\"
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol/cil: Exit with an error if declaration name is a reserved word
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol/cil: Destroy classperms list when resetting classpermission
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH v3 3/3] selinuxfs: unify policy load error reporting
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v3 1/3] selinux: don't log MAC_POLICY_LOAD record on failed policy load
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v3 2/3] selinux: fix variable scope issue in live sidtab conversion
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH v3 0/3] selinux: policy load fixes
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2 1/3] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v2 3/3] smack: differentiate between subjective and objective task credentials
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH v2 2/3] selinux: clarify task subjective and objective credentials
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH v2 1/3] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH v2 0/3] Split security_task_getsecid() into subj and obj variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] libsepol/cil: More strict verification of constraint leaf expressions
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] libsepol/cil: Exit with an error if declaration name is a reserved word
- From: James Carter <jwcart2@xxxxxxxxx>
Re: deadlock bug related to bpf,audit subsystems
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: deadlock bug related to bpf,audit subsystems
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
Re: [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] libsepol/cil: Check for duplicate blocks, optionals, and macros
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 1/4] libsepol/cil: Allow lists in constraint expressions
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 1/2] libsepol: Write "NO_IDENTIFIER" for empty constraint expression
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 1/1] libsepol: make num_* unsigned int in module_to_cil
- From: James Carter <jwcart2@xxxxxxxxx>
Re: Weird bug in NFS/SELinux
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] libsepol/cil: Set class field to NULL when resetting struct cil_classperms
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH] libsepol/cil: cil_reset_classperms_set() should not reset classpermission
- From: James Carter <jwcart2@xxxxxxxxx>
Re: Weird bug in NFS/SELinux
- From: Olga Kornievskaia <aglo@xxxxxxxxx>
Re: [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion
- From: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
Weird bug in NFS/SELinux
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] xfs: use has_capability_noaudit() instead of capable() where appropriate
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [RFC PATCH 2/4] selinux: clarify task subjective and objective credentials
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] libsepol/cil: Destroy classperm list when resetting map perms
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] selinux: vsock: Set SID for socket returned by accept()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] libsepol/cil: Destroy classperms list when resetting classpermission
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH] selinux: vsock: Set SID for socket returned by accept()
- From: David Brazdil <dbrazdil@xxxxxxxxxx>
Re: [PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\"
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 1/1] libsepol: make num_* unsigned int in module_to_cil
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 4/4] libsepol: Write "NO_IDENTIFIER" for empty CIL constraint expression
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 1/4] libsepol/cil: Allow lists in constraint expressions
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 1/2] libsepol: Write "NO_IDENTIFIER" for empty constraint expression
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
libsepol/cil: use after free with optional classpermissionset
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 2/6] libsepol/cil: make cil_post_fc_fill_data static
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 1/2 v2] checkpolicy: Do not automatically upgrade when using "-b" flag
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\"
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH 1/1] libsepol: make num_* unsigned int in module_to_cil
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 4/4] libsepol: Write "NO_IDENTIFIER" for empty CIL constraint expression
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] xfs: use has_capability_noaudit() instead of capable() where appropriate
- From: Dave Chinner <david@xxxxxxxxxxxxx>
Re: [PATCH] libsepol/cil: Check for duplicate blocks, optionals, and macros
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH 2/4] secilc/docs: Lists are now allowed in constraint expressions
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 3/4] libsepol: Enclose identifier lists in CIL constraint expressions
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 4/4] libsepol: Write "NO_IDENTIFIER" for empty CIL constraint expression
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/4] libsepol/cil: Allow lists in constraint expressions
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/2] libsepol: Enclose identifier lists in constraint expressions
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/2] libsepol: Write "NO_IDENTIFIER" for empty constraint expression
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs
- From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] xfs: use has_capability_noaudit() instead of capable() where appropriate
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH] libsepol/cil: Check for duplicate blocks, optionals, and macros
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] perf/core: fix unconditional security_locked_down() call
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] perf/core: fix unconditional security_locked_down() call
- From: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
[PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] perf/core: fix unconditional security_locked_down() call
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: libsepol/cil: type confusion between macro and optional leads to heap-buffer-overflow in cil_copy_macro
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\"
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH] IMA: Add test for selinux measurement
- From: Petr Vorel <pvorel@xxxxxxx>
libsepol/cil: type confusion between macro and optional leads to heap-buffer-overflow in cil_copy_macro
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\"
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 1/2 v2] checkpolicy: Do not automatically upgrade when using "-b" flag
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol/checkpolicy: Set user roles using role value instead of dominance
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol: Remove unnecessary copying of declarations from link.c
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol: Properly handle types associated to role attributes
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol: Expand role attributes in constraint expressions
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 6/6] libsepol/cil: do not leak avrulex_ioctl_table memory when an error occurs
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 5/6] libsepol/cil: fix NULL pointer dereference in __cil_insert_name
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 4/6] libsepol/cil: replace printf with proper cil_tree_log
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 3/6] libsepol/cil: remove stray printf
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 2/6] libsepol/cil: make cil_post_fc_fill_data static
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\"
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Olga Kornievskaia <olga.kornievskaia@xxxxxxxxx>
[PATCH 1/2 v2] checkpolicy: Do not automatically upgrade when using "-b" flag
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/2 v2] libsepol: Check kernel to CIL and Conf functions for supported versions
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH 1/2] checkpolicy: Do not automatically upgrade when using "-b" flag
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH 6/6] libsepol/cil: do not leak avrulex_ioctl_table memory when an error occurs
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH 2/6] libsepol/cil: make cil_post_fc_fill_data static
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH 5/6] libsepol/cil: fix NULL pointer dereference in __cil_insert_name
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH 4/6] libsepol/cil: replace printf with proper cil_tree_log
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH 3/6] libsepol/cil: remove stray printf
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\"
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol: Expand role attributes in constraint expressions
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol/checkpolicy: Set user roles using role value instead of dominance
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol: Remove unnecessary copying of declarations from link.c
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 2/2] libsepol: Check kernel to CIL and Conf functions for supported versions
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol: Properly handle types associated to role attributes
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH 1/2] checkpolicy: Do not automatically upgrade when using "-b" flag
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH v6 02/40] fs: add id translation helpers
- From: Vivek Goyal <vgoyal@xxxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Olga Kornievskaia <olga.kornievskaia@xxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v25 17/25] LSM: Use lsmcontext in security_inode_getsecctx
- From: Chuck Lever III <chuck.lever@xxxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Anna Schumaker <anna.schumaker@xxxxxxxxxx>
Re: [PATCH] NFSv4.2: fix return value of _nfs4_get_security_label()
- From: Anna Schumaker <anna.schumaker@xxxxxxxxxx>
[PATCH] libsepol: Remove unnecessary copying of declarations from link.c
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 1/2] checkpolicy: Do not automatically upgrade when using "-b" flag
- From: James Carter <jwcart2@xxxxxxxxx>
[PATCH 2/2] libsepol: Check kernel to CIL and Conf functions for supported versions
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH 2/4] selinux: clarify task subjective and objective credentials
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] libsepol: Expand role attributes in constraint expressions
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
[PATCH] libsepol: Expand role attributes in constraint expressions
- From: James Carter <jwcart2@xxxxxxxxx>
Re: Role attributes in traditional language constraints
- From: James Carter <jwcart2@xxxxxxxxx>
Role attributes in traditional language constraints
- From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants
- From: John Johansen <john.johansen@xxxxxxxxxxxxx>
Re: [RFC PATCH 2/4] selinux: clarify task subjective and objective credentials
- From: John Johansen <john.johansen@xxxxxxxxxxxxx>
Re: [RFC PATCH 3/4] smack: differentiate between subjective and objective task credentials
- From: John Johansen <john.johansen@xxxxxxxxxxxxx>
Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants
- From: John Johansen <john.johansen@xxxxxxxxxxxxx>
Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] libsepol: Properly handle types associated to role attributes
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [PATCH v25 12/25] LSM: Use lsmblob in security_cred_getsecid
- From: kernel test robot <lkp@xxxxxxxxx>
[RFC PATCH] LSM: audit_sig_lsm can be static
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH v25 21/25] audit: add support for non-syscall auxiliary records
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH v25 22/25] Audit: Add new record for multiple process LSM attributes
- From: kernel test robot <lkp@xxxxxxxxx>
Re: [PATCH v25 22/25] Audit: Add new record for multiple process LSM attributes
- From: kernel test robot <lkp@xxxxxxxxx>
[PATCH] object_classes_permissions.md: Add anon_inode class
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
[PATCH v25 25/25] AppArmor: Remove the exclusive flag
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 24/25] LSM: Add /proc attr entry for full LSM context
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 23/25] Audit: Add a new record for multiple object LSM attributes
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 22/25] Audit: Add new record for multiple process LSM attributes
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 21/25] audit: add support for non-syscall auxiliary records
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 20/25] LSM: Verify LSM display sanity in binder
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 19/25] NET: Store LSM netlabel data in a lsmblob
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 18/25] LSM: security_secid_to_secctx in netlink netfilter
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 17/25] LSM: Use lsmcontext in security_inode_getsecctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 16/25] LSM: Use lsmcontext in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 15/25] LSM: Ensure the correct LSM context releaser
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 14/25] LSM: Specify which LSM to display
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 13/25] IMA: Change internal interfaces to use lsmblobs
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 12/25] LSM: Use lsmblob in security_cred_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 11/25] LSM: Use lsmblob in security_inode_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 10/25] LSM: Use lsmblob in security_task_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 09/25] LSM: Use lsmblob in security_ipc_getsecid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 08/25] LSM: Use lsmblob in security_secid_to_secctx
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 07/25] LSM: Use lsmblob in security_secctx_to_secid
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 06/25] LSM: Use lsmblob in security_kernel_act_as
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 05/25] LSM: Use lsmblob in security_audit_rule_match
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 04/25] IMA: avoid label collisions with stacked LSMs
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 03/25] LSM: provide lsm name and id slot mappings
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 02/25] LSM: Add the lsmblob data structure.
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 01/25] LSM: Infrastructure management of the sock security
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
[PATCH v25 00/25] LSM: Module stacking for AppArmor
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH] NFSv4.2: fix return value of _nfs4_get_security_label()
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] security/selinux/include/: fix misspellings using codespell tool
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] security/selinux/ss: fix misspellings using codespell tool
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3] selinux: measure state and policy capabilities
- From: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH v3] selinux: measure state and policy capabilities
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] libsepol/checkpolicy: Set user roles using role value instead of dominance
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [RFC PATCH 3/4] smack: differentiate between subjective and objective task credentials
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [RFC PATCH 2/4] selinux: clarify task subjective and objective credentials
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
[PATCH] security/selinux/include/: fix misspellings using codespell tool
- From: menglong8.dong@xxxxxxxxx
[PATCH] security/selinux/ss: fix misspellings using codespell tool
- From: menglong8.dong@xxxxxxxxx
ANN: SPAN docker images
- From: Karl MacMillan <karl@xxxxxxxxxxxxxxxxxxxxxx>
Re: Quick announcement on the selinux/next and audit/next branches
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: Quick announcement on the selinux/next and audit/next branches
- From: Richard Guy Briggs <rgb@xxxxxxxxxx>
Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: David Hildenbrand <david@xxxxxxxxxx>
ANN: SETools 4.4.0
- From: Chris PeBenito <pebenito@xxxxxxxx>
Re: [PATCH v3] selinux: measure state and policy capabilities
- From: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH v3] selinux: measure state and policy capabilities
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Suren Baghdasaryan <surenb@xxxxxxxxxx>
Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: David Hildenbrand <david@xxxxxxxxxx>
Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Suren Baghdasaryan <surenb@xxxxxxxxxx>
Re: [PATCH v3] selinux: measure state and policy capabilities
- From: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>
Re: Quick announcement on the selinux/next and audit/next branches
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3] selinux: measure state and policy capabilities
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: David Hildenbrand <david@xxxxxxxxxx>
Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Shakeel Butt <shakeelb@xxxxxxxxxx>
Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: David Hildenbrand <david@xxxxxxxxxx>
Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3] selinux: measure state and policy capabilities
- From: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH][v2] selinux: Allow context mounts for unpriviliged overlayfs
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Quick announcement on the selinux/next and audit/next branches
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3] selinux: measure state and policy capabilities
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts
- From: patchwork-bot+netdevbpf@xxxxxxxxxx
Re: [PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts
- From: David Miller <davem@xxxxxxxxxxxxx>
Re: [PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH testsuite 0/3] perf_event: fixes and cleanups
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3] selinux: measure state and policy capabilities
- From: Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode
- From: Dominick Grift <dominick.grift@xxxxxxxxxxx>
ANN: SELinux userspace release 3.2
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH testsuite 0/3] perf_event: fixes and cleanups
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH testsuite] lockdown: use debugfs/tracefs to test lockdown permissions
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Suren Baghdasaryan <surenb@xxxxxxxxxx>
Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Shakeel Butt <shakeelb@xxxxxxxxxx>
Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Shakeel Butt <shakeelb@xxxxxxxxxx>
Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Suren Baghdasaryan <surenb@xxxxxxxxxx>
Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Suren Baghdasaryan <surenb@xxxxxxxxxx>
[PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Suren Baghdasaryan <surenb@xxxxxxxxxx>
Re: [PATCH 1/1] restorecond: invalidate local_lock_fd properly when closing it
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] libsepol: invalidate the pointer to the policydb if policydb_init fails
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH v6 39/40] xfs: support idmapped mounts
- From: Christoph Hellwig <hch@xxxxxx>
Re: [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion
- From: Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load
- From: Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxxx>
Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Suren Baghdasaryan <surenb@xxxxxxxxxx>
Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise
- From: Suren Baghdasaryan <surenb@xxxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Anna Schumaker <anna.schumaker@xxxxxxxxxx>
[PATCH testsuite 3/3] perf_event: fix CAP_SYS_ADMIN references
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH testsuite 1/3] perf_event: measure CPU 0 rather than CPU 1
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH testsuite 2/3] perf_event: fix wrong use of perf_event_open(2) API
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH testsuite 0/3] perf_event: fixes and cleanups
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
[PATCH testsuite] lockdown: use debugfs/tracefs to test lockdown permissions
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v6 39/40] xfs: support idmapped mounts
- From: "Darrick J. Wong" <djwong@xxxxxxxxxx>
Re: [PATCH v6 39/40] xfs: support idmapped mounts
- From: Christian Brauner <christian.brauner@xxxxxxxxxx>
[PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH] libsepol: invalidate the pointer to the policydb if policydb_init fails
- From: James Carter <jwcart2@xxxxxxxxx>
Re: [BUG] Race between policy reload sidtab conversion and live conversion
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [BUG] Race between policy reload sidtab conversion and live conversion
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [BUG] Race between policy reload sidtab conversion and live conversion
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [BUG] Race between policy reload sidtab conversion and live conversion
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c
- From: Alexey Dobriyan <adobriyan@xxxxxxxxx>
Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
Re: [PATCH 09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[PATCH 09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c
- From: Alexey Dobriyan <adobriyan@xxxxxxxxx>
[PATCH] libsepol: invalidate the pointer to the policydb if policydb_init fails
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH 1/1] restorecond: invalidate local_lock_fd properly when closing it
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] libsepol/cil: fix NULL pointer dereference in cil_fill_ipaddr
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: [PATCH] sepolicy: Do not try to load policy on import
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
Re: Rename 'master' branch to 'main'
- From: Nicolas Iooss <nicolas.iooss@xxxxxxx>
[PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount
- From: Olga Kornievskaia <olga.kornievskaia@xxxxxxxxx>
Re: [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>
Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load
- From: Ondrej Mosnacek <omosnace@xxxxxxxxxx>

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Linux Kernel Development]