Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

Re: [syzbot] KASAN: use-after-free Read in sock_has_perm, (continued)
[selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Paul Moore
- Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Ondrej Mosnacek
  - Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Paul Moore
    - Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Ondrej Mosnacek
      - Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Paul Moore
- Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Ondrej Mosnacek
[PATCH v5 0/4] Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v5 1/4] security, lsm: Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v5 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Frederick Lawler
- [PATCH v5 4/4] selinux: Implement userns_create hook, Frederick Lawler
- [PATCH v5 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Frederick Lawler
- Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
  - Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Eric W. Biederman
    - Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
      - Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        RE: [PATCH v5 0/4] Introduce security_create_user_ns(), Jonathan Chapman-Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Song Liu
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Song Liu
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Song Liu
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Song Liu
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Song Liu
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Christian Brauner
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Ignat Korchagin
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
[BUG] (fsuse xattr "fuse" mycontext) causes deadlock for mount/sync syscall, bauen1
[PATCH] tests/sctp: reenable the SCTP ASCONF tests, Paul Moore
[PATCH] tests/sctp: allow both ENOSPC and EINPROGRESS for CIPSO tag space errors, Paul Moore
- Re: [PATCH] tests/sctp: allow both ENOSPC and EINPROGRESS for CIPSO tag space errors, Ondrej Mosnacek
  - Re: [PATCH] tests/sctp: allow both ENOSPC and EINPROGRESS for CIPSO tag space errors, Paul Moore
[PATCH] selinux: SCTP fixes, including ASCONF, Paul Moore
- Re: [PATCH] selinux: SCTP fixes, including ASCONF, Ondrej Mosnacek
  - Re: [PATCH] selinux: SCTP fixes, including ASCONF, Paul Moore
    - Re: [PATCH] selinux: SCTP fixes, including ASCONF, Paul Moore
    - Re: [PATCH] selinux: SCTP fixes, including ASCONF, Ondrej Mosnacek
[PATCH 1/4] ci: bump versions in GitHub Actions, Christian Göttsche
- [PATCH 2/4] scripts/ci: use F36 image instead of F34, Christian Göttsche
- [PATCH 3/4] scripts: ignore Flake8 tag E275, Christian Göttsche
- [PATCH 4/4] Ignore egg-info directories and clean them, Christian Göttsche
- Re: [PATCH 1/4] ci: bump versions in GitHub Actions, James Carter
  - Re: [PATCH 1/4] ci: bump versions in GitHub Actions, James Carter
[PATCH 1/2] checkpolicy: use strict function prototype for definitions, Christian Göttsche
- [PATCH 2/2] restorecond: use strict function prototype for definition, Christian Göttsche
  - Re: [PATCH 2/2] restorecond: use strict function prototype for definition, Daniel Burgener
- Re: [PATCH 1/2] checkpolicy: use strict function prototype for definitions, Daniel Burgener
  - Re: [PATCH 1/2] checkpolicy: use strict function prototype for definitions, James Carter
    - Re: [PATCH 1/2] checkpolicy: use strict function prototype for definitions, James Carter
[PATCH] libselinux/utils: install into bin PATH, Christian Göttsche
- Re: [PATCH] libselinux/utils: install into bin PATH, Daniel Burgener
[PATCH] libselinux: avoid newline in avc message, Christian Göttsche
- Re: [PATCH] libselinux: avoid newline in avc message, James Carter
  - Re: [PATCH] libselinux: avoid newline in avc message, James Carter
[PATCH] selinux: add a new warn_on_audited debug flag to selinuxfs, Ondrej Mosnacek
- Re: [PATCH] selinux: add a new warn_on_audited debug flag to selinuxfs, Paul Moore
  - Re: [PATCH] selinux: add a new warn_on_audited debug flag to selinuxfs, Ondrej Mosnacek
Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Guozihua (Scott)
- Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Paul Moore
  - Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Mimi Zohar
    - Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Paul Moore
      - Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Guozihua (Scott)
        
        Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Guozihua (Scott)
        
        Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Mimi Zohar
        
        Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Paul Moore
        
        Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Guozihua (Scott)
[PATCH AUTOSEL 4.9 8/8] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 4.14 12/12] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 5.4 23/23] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 4.19 16/16] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 5.15 42/45] selinux: fix memleak in security_read_state_kernel(), Sasha Levin
[PATCH AUTOSEL 5.10 29/29] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 5.15 43/45] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 5.18 51/53] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 5.18 50/53] selinux: fix memleak in security_read_state_kernel(), Sasha Levin
[PATCH AUTOSEL 5.19 53/58] selinux: fix memleak in security_read_state_kernel(), Sasha Levin
[PATCH AUTOSEL 5.19 54/58] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
- Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, Jeff Layton
- Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, Ondrej Mosnacek
  - Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, Paul Moore
  - Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
    - Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, Paul Moore
[PATCH v2] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
- Re: [PATCH v2] nfs: Fix automount superblock LSM init problem, preventing sb sharing, Jeff Layton
- Re: [PATCH v2] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
[PATCH] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
- Re: [PATCH] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
LSM stacking in next for 6.1?, Casey Schaufler
- Re: LSM stacking in next for 6.1?, Paul Moore
  - Re: LSM stacking in next for 6.1?, John Johansen
  - Re: LSM stacking in next for 6.1?, Casey Schaufler
    - Re: LSM stacking in next for 6.1?, Paul Moore
  - Re: LSM stacking in next for 6.1?, Steve Grubb
    - Re: LSM stacking in next for 6.1?, Paul Moore
  - Re: LSM stacking in next for 6.1?, Paul Moore
    - Re: LSM stacking in next for 6.1?, Casey Schaufler
      - Re: LSM stacking in next for 6.1?, Casey Schaufler
      - Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Kees Cook
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Kees Cook
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
- Re: LSM stacking in next for 6.1?, Tetsuo Handa
  - Re: LSM stacking in next for 6.1?, Casey Schaufler
  - Re: LSM stacking in next for 6.1?, Paul Moore
    - Re: LSM stacking in next for 6.1?, Tetsuo Handa
      - Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
[GIT PULL] SELinux patches for v6.0, Paul Moore
- Re: [GIT PULL] SELinux patches for v6.0, pr-tracker-bot
[PATCH v4 0/4] Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v4 1/4] security, lsm: Introduce security_create_user_ns(), Frederick Lawler
  - Re: [PATCH v4 1/4] security, lsm: Introduce security_create_user_ns(), KP Singh
    - Re: [PATCH v4 1/4] security, lsm: Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Frederick Lawler
  - Re: [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Alexei Starovoitov
    - Re: [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Paul Moore
  - Re: [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, KP Singh
- [PATCH v4 4/4] selinux: Implement userns_create hook, Frederick Lawler
- [PATCH v4 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Frederick Lawler
  - Re: [PATCH v4 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, KP Singh
- Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
  - Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
    - Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
      - Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Alexei Starovoitov
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Casey Schaufler
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
Adjust sepolgen grammar to support allowxperm, et. al., chris . lindee
- [PATCH 2/2] sepolgen: Support named xperms, chris . lindee
- [PATCH 1/2] sepolgen: Update refparser to handle xperm, chris . lindee
  - Re: [PATCH 1/2] sepolgen: Update refparser to handle xperm, Christian Göttsche
- Re: Adjust sepolgen grammar to support allowxperm, et. al., James Carter
KVM / virtual networking access control, Karl MacMillan
- Re: KVM / virtual networking access control, Paul Moore
  - Re: KVM / virtual networking access control, Karl MacMillan
    - Re: KVM / virtual networking access control, Paul Moore
[PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t, Ondrej Mosnacek
- [PATCH testsuite 01/24] keys: change test_newcon_key_t to be just an object context, Ondrej Mosnacek
- [PATCH testsuite 02/24] test_global.te: remove unused role require, Ondrej Mosnacek
- [PATCH testsuite 03/24] test_global.te: don't add domains to system_r, Ondrej Mosnacek
- [PATCH testsuite 06/24] test_policy.if: remove weird rule from testsuite_domain_type_minimal(), Ondrej Mosnacek
- [PATCH testsuite 07/24] policy: move unconfined_t-related dontaudit rule to where it fits better, Ondrej Mosnacek
- [PATCH testsuite 09/24] policy: move miscfiles_domain_entry_test_files() to general policy, Ondrej Mosnacek
  - Re: [PATCH testsuite 09/24] policy: move miscfiles_domain_entry_test_files() to general policy, Daniel Burgener
- [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy, Ondrej Mosnacek
  - Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy, Daniel Burgener
    - Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy, Ondrej Mosnacek
      - Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy, Ondrej Mosnacek
        
        Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy, Daniel Burgener
- [PATCH testsuite 11/24] test_general.te: move sysadm-related rules into an optional block, Ondrej Mosnacek
  - Re: [PATCH testsuite 11/24] test_general.te: move sysadm-related rules into an optional block, Daniel Burgener
    - Re: [PATCH testsuite 11/24] test_general.te: move sysadm-related rules into an optional block, Ondrej Mosnacek
- [PATCH testsuite 12/24] test_filesystem.te: remove redundant dontaudit rules, Ondrej Mosnacek
- [PATCH testsuite 13/24] test_filesystem.te: remove suspicious rules, Ondrej Mosnacek
- [PATCH testsuite 14/24] tests/nnp_nosuid: avoid hardcoding unconfined_t in the policy, Ondrej Mosnacek
- [PATCH testsuite 10/24] policy: substitute userdom_sysadm_entry_spec_domtrans_to(), Ondrej Mosnacek
- [PATCH testsuite 15/24] tests/*filesystem: remove weird uses of unconfined_t, Ondrej Mosnacek
- [PATCH testsuite 17/24] test_general.te: generalize the dontaudit rule, Ondrej Mosnacek
- [PATCH testsuite 18/24] policy: don't audit testsuite programs searching the caller's keys, Ondrej Mosnacek
- [PATCH testsuite 16/24] policy: remove last hardcoded references to unconfined_t, Ondrej Mosnacek
- [PATCH testsuite 19/24] ci: check for unconfined_t AVCs, Ondrej Mosnacek
- [PATCH testsuite 22/24] policy: give sysadm_t perms needed to run quotacheck(8), Ondrej Mosnacek
- [PATCH testsuite 23/24] tests/vsock_socket: use modprobe to check vsock availability, Ondrej Mosnacek
- [PATCH testsuite 24/24] ci: add sysadm_t to the test matrix, Ondrej Mosnacek
  - Re: [PATCH testsuite 24/24] ci: add sysadm_t to the test matrix, Topi Miettinen
    - Re: [PATCH testsuite 24/24] ci: add sysadm_t to the test matrix, Ondrej Mosnacek
- [PATCH testsuite 21/24] tests/overlay: don't hard-code SELinux user of the caller, Ondrej Mosnacek
  - Re: [PATCH testsuite 21/24] tests/overlay: don't hard-code SELinux user of the caller, Daniel Burgener
    - Re: [PATCH testsuite 21/24] tests/overlay: don't hard-code SELinux user of the caller, Ondrej Mosnacek
- [PATCH testsuite 20/24] tests/binder: check only the type part of the context, Ondrej Mosnacek
- Re: [PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t, Ondrej Mosnacek
  - Re: [PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t, Ondrej Mosnacek
    - Re: [PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t, Ondrej Mosnacek
[PATCH v3 0/4] Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v3 1/4] security, lsm: Introduce security_create_user_ns(), Frederick Lawler
  - Re: [PATCH v3 1/4] security, lsm: Introduce security_create_user_ns(), Christian Brauner
- [PATCH v3 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Frederick Lawler
  - Re: [PATCH v3 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Christian Brauner
- [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Frederick Lawler
  - Re: [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Martin KaFai Lau
    - Re: [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Frederick Lawler
  - Re: [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Christian Brauner
- [PATCH v3 4/4] selinux: Implement userns_create hook, Frederick Lawler
- Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Martin KaFai Lau
  - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Paul Moore
    - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Frederick Lawler
      - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v3 0/4] Introduce security_create_user_ns(), KP Singh
        
        Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Paul Moore
      - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Casey Schaufler
        
        Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v3 0/4] Introduce security_create_user_ns(), KP Singh
    - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Eric W. Biederman
      - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Frederick Lawler
- Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Eric W. Biederman
  - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Paul Moore
  - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Djalal Harouni
  - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Ignat Korchagin
[PATCH v2 1/5] libsepol: rename validate_policydb to policydb_validate, Christian Göttsche
- [PATCH v2 2/5] libsepol: support const avtab_t pointer in avtab_map(), Christian Göttsche
- [PATCH v2 3/5] libsepol: operate on const pointers during validation, Christian Göttsche
- [PATCH v2 4/5] libsepol: rename parameter name, Christian Göttsche
- [PATCH v2 5/5] libsepol: more strict validation, Christian Göttsche
- Re: [PATCH v2 1/5] libsepol: rename validate_policydb to policydb_validate, James Carter
  - Re: [PATCH v2 1/5] libsepol: rename validate_policydb to policydb_validate, James Carter
[PATCH v3 1/8] libsepol: refactor ebitmap conversion in link.c, Christian Göttsche
- [PATCH v3 5/8] libsepol/tests: add test for segregate attributes, Christian Göttsche
- [PATCH v3 7/8] secilc: run tests against development version of libsepol, Christian Göttsche
  - Re: [PATCH v3 7/8] secilc: run tests against development version of libsepol, James Carter
- [PATCH v3 2/8] libsepol: add ebitmap iterator wrapper with startnode, Christian Göttsche
  - Re: [PATCH v3 2/8] libsepol: add ebitmap iterator wrapper with startnode, James Carter
- [PATCH v3 8/8] secilc: include segregate attributes in tests, Christian Göttsche
- [PATCH v3 3/8] libsepol: add compile-time constraint for mutual exclusive attributes, Christian Göttsche
  - Re: [PATCH v3 3/8] libsepol: add compile-time constraint for mutual exclusive attributes, James Carter
- [PATCH v3 6/8] libsepol/cil: add support for segregate attributes, Christian Göttsche
  - Re: [PATCH v3 6/8] libsepol/cil: add support for segregate attributes, James Carter
- [PATCH v3 4/8] checkpolicy: add front-end support for segregate attributes, Christian Göttsche
  - Re: [PATCH v3 4/8] checkpolicy: add front-end support for segregate attributes, James Carter
    - Re: [PATCH v3 4/8] checkpolicy: add front-end support for segregate attributes, Christian Göttsche
      - Re: [PATCH v3 4/8] checkpolicy: add front-end support for segregate attributes, James Carter
- Re: [PATCH v3 1/8] libsepol: refactor ebitmap conversion in link.c, James Carter
  - Re: [PATCH v3 1/8] libsepol: refactor ebitmap conversion in link.c, James Carter
[PATCH v2 1/7] libsepol/tests: add ebitmap tests, Christian Göttsche
- [PATCH v2 2/7] libsepol: add ebitmap_init_range, Christian Göttsche
- [PATCH v2 3/7] libsepol/cil: use ebitmap_init_range, Christian Göttsche
- [PATCH v2 4/7] libsepol: optimize ebitmap_not, Christian Göttsche
- [PATCH v2 6/7] libsepol: optimize ebitmap_xor, Christian Göttsche
- [PATCH v2 5/7] libsepol: optimize ebitmap_and, Christian Göttsche
- [PATCH v2 7/7] libsepol: skip superfluous memset calls in ebitmap operations, Christian Göttsche
- Re: [PATCH v2 1/7] libsepol/tests: add ebitmap tests, James Carter
  - Re: [PATCH v2 1/7] libsepol/tests: add ebitmap tests, James Carter
[PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Ondrej Mosnacek
  - Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
    - Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Ondrej Mosnacek
      - Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Ondrej Mosnacek
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Ondrej Mosnacek
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Ondrej Mosnacek
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
[PATCH testsuite] tests/module_load: detect the linker to use for module build, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/module_load: detect the linker to use for module build, Ondrej Mosnacek
[PATCH 1/5] libsepol: rename validate_policydb to policydb_validate, Christian Göttsche
- [PATCH 2/5] libsepol: support const avtab_t pointer in avtab_map(), Christian Göttsche
- [PATCH 4/5] libsepol: rename parameter name, Christian Göttsche
- [PATCH 3/5] libsepol: operator on const pointers during validation, Christian Göttsche
- [PATCH 5/5] libsepol: more strict validation, Christian Göttsche
  - Re: [PATCH 5/5] libsepol: more strict validation, James Carter
- Re: [PATCH 1/5] libsepol: rename validate_policydb to policydb_validate, James Carter
[PATCH 1/3] libsepol: break circular include, Christian Göttsche
- [PATCH 2/3] libsepol: include necessary headers in headers, Christian Göttsche
- [PATCH 3/3] libsepol: enclose macro parameters and replacement lists in parentheses, Christian Göttsche
- Re: [PATCH 1/3] libsepol: break circular include, James Carter
  - Re: [PATCH 1/3] libsepol: break circular include, James Carter
[PATCH 1/7] libsepol/tests: add ebitmap tests, Christian Göttsche
- [PATCH 3/7] libsepol/cil: use ebitmap_init_range, Christian Göttsche
  - Re: [PATCH 3/7] libsepol/cil: use ebitmap_init_range, James Carter
- [PATCH 2/7] libsepol: add ebitmap_init_range, Christian Göttsche
  - Re: [PATCH 2/7] libsepol: add ebitmap_init_range, James Carter
- [PATCH 5/7] libsepol: optimize ebitmap_and, Christian Göttsche
  - Re: [PATCH 5/7] libsepol: optimize ebitmap_and, James Carter
- [PATCH 4/7] libsepol: optimize ebitmap_not, Christian Göttsche
  - Re: [PATCH 4/7] libsepol: optimize ebitmap_not, James Carter
- [PATCH 7/7] libsepol: skip superfluous memset calls in ebitmap operations, Christian Göttsche
  - Re: [PATCH 7/7] libsepol: skip superfluous memset calls in ebitmap operations, James Carter
- [PATCH 6/7] libsepol: optimize ebitmap_xor, Christian Göttsche
  - Re: [PATCH 6/7] libsepol: optimize ebitmap_xor, James Carter
- Re: [PATCH 1/7] libsepol/tests: add ebitmap tests, James Carter
[RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Ondrej Mosnacek
- Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Peter Xu
  - Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Paul Moore
- Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Paul Moore
  - Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Paul Moore
    - Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Christian Brauner
      - Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Paul Moore
[PATCH v2 0/4] Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v2 2/4] bpf-lsm: Make bpf_lsm_create_user_ns() sleepable, Frederick Lawler
- [PATCH v2 1/4] security, lsm: Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v2 3/4] selftests/bpf: Add tests verifying bpf lsm create_user_ns hook, Frederick Lawler
- [PATCH v2 4/4] selinux: Implement create_user_ns hook, Frederick Lawler
  - Re: [PATCH v2 4/4] selinux: Implement create_user_ns hook, Paul Moore
    - Re: [PATCH v2 4/4] selinux: Implement create_user_ns hook, Frederick Lawler
  - Message not available
    - Re: [PATCH v2 4/4] selinux: Implement create_user_ns hook, Paul Moore
- Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Christian Göttsche
  - Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Frederick Lawler
    - Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Christian Brauner
    - Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Casey Schaufler
      - Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Frederick Lawler
      - Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Casey Schaufler
        
        Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Paul Moore
[PATCH] libselinux: set errno to EBADF on O_PATH emulation failure, Christian Göttsche
- [PATCH v2] libselinux: set errno to EBADF on O_PATH emulation ENOENT failure, Christian Göttsche
  - Re: [PATCH v2] libselinux: set errno to EBADF on O_PATH emulation ENOENT failure, James Carter
    - Re: [PATCH v2] libselinux: set errno to EBADF on O_PATH emulation ENOENT failure, James Carter
What is "fscon" statement in a base policy?, Nicolas Iooss
- Re: What is "fscon" statement in a base policy?, Karl MacMillan
  - Re: What is "fscon" statement in a base policy?, Christian Göttsche
    - Re: What is "fscon" statement in a base policy?, Karl MacMillan
[PATCH] libsepol: do not modify policy during write, Christian Göttsche
- Re: [PATCH] libsepol: do not modify policy during write, James Carter
  - Re: [PATCH] libsepol: do not modify policy during write, James Carter
[syzbot] KASAN: use-after-free Read in selinux_socket_recvmsg, syzbot
- Re: [syzbot] KASAN: use-after-free Read in selinux_socket_recvmsg, Paul Moore
[PATCH] libsepol/utils: improve wording, Christian Göttsche
- Re: [PATCH] libsepol/utils: improve wording, James Carter
  - Re: [PATCH] libsepol/utils: improve wording, James Carter
[PATCH userspace 1/1] CircleCI: do not add Debian-specific parameter when invoking setup.py, Nicolas Iooss
- Re: [PATCH userspace 1/1] CircleCI: do not add Debian-specific parameter when invoking setup.py, James Carter
  - Re: [PATCH userspace 1/1] CircleCI: do not add Debian-specific parameter when invoking setup.py, James Carter
[PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason, Nicolas Iooss
- Re: [PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason, James Carter
  - Re: [PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason, Christian Göttsche
  - Re: [PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason, James Carter
[PATCH testsuite 0/2] Make the keys test pass in FIPS mode, Ondrej Mosnacek
- [PATCH testsuite 2/2] tests/keys: fix Makefile dependencies, Ondrej Mosnacek
- [PATCH testsuite 1/2] tests/keys: use a longer prime in DH params, Ondrej Mosnacek
- Re: [PATCH testsuite 0/2] Make the keys test pass in FIPS mode, Ondrej Mosnacek
[PATCH v37 00/33] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v37 01/33] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
- [PATCH v37 02/33] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v37 05/33] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v37 04/33] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v37 03/33] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v37 06/33] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v37 07/33] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v37 08/33] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v37 09/33] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v37 10/33] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v37 11/33] LSM: Use lsmblob in security_current_getsecid, Casey Schaufler
- [PATCH v37 12/33] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v37 13/33] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v37 14/33] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v37 15/33] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v37 16/33] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v37 17/33] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v37 20/33] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security, Casey Schaufler
  - Re: [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security, kernel test robot
  - Re: [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security, kernel test robot
  - Re: [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security, kernel test robot
- [PATCH v37 19/33] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v37 22/33] LSM: security_secid_to_secctx module selection, Casey Schaufler
- [PATCH v37 23/33] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
- [PATCH v37 21/33] binder: Pass LSM identifier for confirmation, Casey Schaufler
- [PATCH v37 24/33] Audit: Create audit_stamp structure, Casey Schaufler
- [PATCH v37 25/33] LSM: Add a function to report multiple LSMs, Casey Schaufler
- [PATCH v37 26/33] Audit: Allow multiple records in an audit_buffer, Casey Schaufler
- [PATCH v37 29/33] Audit: Add record for multiple object contexts, Casey Schaufler
- [PATCH v37 27/33] Audit: Add record for multiple task security contexts, Casey Schaufler
- [PATCH v37 28/33] audit: multiple subject lsm values for netlabel, Casey Schaufler
- [PATCH v37 31/33] LSM: Removed scaffolding function lsmcontext_init, Casey Schaufler
- [PATCH v37 30/33] netlabel: Use a struct lsmblob in audit data, Casey Schaufler
- [PATCH v37 32/33] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v37 33/33] AppArmor: Remove the exclusive flag, Casey Schaufler
- Re: [PATCH v37 00/33] LSM: Module stacking for AppArmor, John Johansen
  - Re: [PATCH v37 00/33] LSM: Module stacking for AppArmor, Casey Schaufler
[PATCH] gettext: handle unsupported languages properly, Vit Mojzis
- Re: [PATCH] gettext: handle unsupported languages properly, Daniel Burgener
  - Re: [PATCH] gettext: handle unsupported languages properly, Vit Mojzis
    - Re: [PATCH] gettext: handle unsupported languages properly, Daniel Burgener
      - Re: [PATCH] gettext: handle unsupported languages properly, Petr Lautrbach
        
        Re: [PATCH] gettext: handle unsupported languages properly, Petr Lautrbach
[PATCH -next] selinux: Cleanup the enum SEL_COMPAT_NET, Xiu Jianfeng
- Re: [PATCH -next] selinux: Cleanup the enum SEL_COMPAT_NET, Paul Moore
[PATCH RESEND -next] selinux: Let the caller free the momory in *mnt_opts on error, Xiu Jianfeng
- Re: [PATCH RESEND -next] selinux: Let the caller free the momory in *mnt_opts on error, Paul Moore
[GIT PULL] SELinux fixes for v5.19 (#1), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.19 (#1), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.19 (#1), pr-tracker-bot
PHP-FPM restriction bug, Father Vlasie
[RFC PATCH 1/4] libsepol: refactor ebitmap conversion in link.c, Christian Göttsche
- [RFC PATCH 3/4] libsepol: add compile-time constraint for mutual exclusive attributes, Christian Göttsche
  - Re: [RFC PATCH 3/4] libsepol: add compile-time constraint for mutual exclusive attributes, Nicolas Iooss
- [RFC PATCH 2/4] libsepol: add ebitmap iterator wrapper with startnode, Christian Göttsche
  - Re: [RFC PATCH 2/4] libsepol: add ebitmap iterator wrapper with startnode, Nicolas Iooss
- [RFC PATCH 4/4] checkpolicy: add front-end support for segregate attributes, Christian Göttsche
[PATCH -next] selinux: Let the caller free the momory in *mnt_opts on error, Xiu Jianfeng
- Re: [PATCH -next] selinux: Let the caller free the momory in *mnt_opts on error, kernel test robot
[PATCH] python: remove IOError in certain cases, Elijah Conners
- Re: [PATCH] python: remove IOError in certain cases, Petr Lautrbach
  - Re: [PATCH] python: remove IOError in certain cases, Elijah Conners
- Re: [PATCH] python: remove IOError in certain cases, Petr Lautrbach
  - Re: [PATCH] python: remove IOError in certain cases, Petr Lautrbach
hack, Mikhail
[PATCH] selinux: free contexts previously transferred in selinux_add_opt(), Christian Göttsche
- Re: [PATCH] selinux: free contexts previously transferred in selinux_add_opt(), Paul Moore
[PATCH -next] selinux: Fix memleak in security_read_policy, Xiu Jianfeng
- Re: [PATCH -next] selinux: Fix memleak in security_read_policy, Paul Moore
  - Re: [PATCH -next] selinux: Fix memleak in security_read_policy, Ondrej Mosnacek
    - Re: [PATCH -next] selinux: Fix memleak in security_read_policy, Paul Moore
[PATCH 1/4] support Dash as default shell, Christian Göttsche
- [PATCH 2/4] support perf_event_paranoid=3, Christian Göttsche
  - Re: [PATCH 2/4] support perf_event_paranoid=3, Ondrej Mosnacek
- [PATCH 4/4] watchkey: skip if CONFIG_WATCH_QUEUE not set, Christian Göttsche
  - Re: [PATCH 4/4] watchkey: skip if CONFIG_WATCH_QUEUE not set, Ondrej Mosnacek
- [PATCH 3/4] filesystem: allow getfilecon(3) to pass test, Christian Göttsche
  - Re: [PATCH 3/4] filesystem: allow getfilecon(3) to pass test, Ondrej Mosnacek
    - Re: [PATCH 3/4] filesystem: allow getfilecon(3) to pass test, Christian Göttsche
- Re: [PATCH 1/4] support Dash as default shell, Ondrej Mosnacek
  - Re: [PATCH 1/4] support Dash as default shell, Christian Göttsche
    - Re: [PATCH 1/4] support Dash as default shell, Ondrej Mosnacek
- [PATCH v2 1/4] support Dash as default shell, Christian Göttsche
  - [PATCH v2 4/4] watchkey: skip if CONFIG_WATCH_QUEUE not set, Christian Göttsche
  - [PATCH v2 2/4] support perf_event_paranoid=3, Christian Göttsche
  - [PATCH v2 3/4] filesystem: allow getfilecon(3) to pass test, Christian Göttsche
  - [PATCH v3 1/4] support Dash as default shell, Christian Göttsche
    - Re: [PATCH v3 1/4] support Dash as default shell, Ondrej Mosnacek
[PATCH -next] selinux: Add boundary check in put_entry(), Xiu Jianfeng
- Re: [PATCH -next] selinux: Add boundary check in put_entry(), Paul Moore
[PATCH -next] selinux: Fix memleak in security_read_state_kernel, Xiu Jianfeng
- Re: [PATCH -next] selinux: Fix memleak in security_read_state_kernel, Paul Moore
- Re: [PATCH -next] selinux: Fix memleak in security_read_state_kernel, Ondrej Mosnacek
  - Re: [PATCH -next] selinux: Fix memleak in security_read_state_kernel, xiujianfeng
    - Re: [PATCH -next] selinux: Fix memleak in security_read_state_kernel, Ondrej Mosnacek
[PATCH -next] selinux: Fix potential memory leak in selinux_add_opt, Xiu Jianfeng
- Re: [PATCH -next] selinux: Fix potential memory leak in selinux_add_opt, Paul Moore
  - Re: [PATCH -next] selinux: Fix potential memory leak in selinux_add_opt, xiujianfeng
    - Re: [PATCH -next] selinux: Fix potential memory leak in selinux_add_opt, Paul Moore
      - Re: [PATCH -next] selinux: Fix potential memory leak in selinux_add_opt, xiujianfeng
[PATCH] checkpolicy: error out if required permission would exceed limit, Christian Göttsche
- Re: [PATCH] checkpolicy: error out if required permission would exceed limit, James Carter
  - Re: [PATCH] checkpolicy: error out if required permission would exceed limit, Christian Göttsche
    - Re: [PATCH] checkpolicy: error out if required permission would exceed limit, Petr Lautrbach
[PATCH] libsepol: avoid potential NULL dereference on optional parameter, Christian Göttsche
- Re: [PATCH] libsepol: avoid potential NULL dereference on optional parameter, James Carter
  - Re: [PATCH] libsepol: avoid potential NULL dereference on optional parameter, James Carter
[PATCH v36 00/33] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v36 01/33] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
- [PATCH v36 02/33] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v36 04/33] LSM: provide lsm name and id slot mappings, Casey Schaufler
  - Re: [PATCH v36 04/33] LSM: provide lsm name and id slot mappings, kernel test robot
- [PATCH v36 03/33] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v36 05/33] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v36 06/33] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v36 08/33] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v36 07/33] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v36 09/33] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v36 11/33] LSM: Use lsmblob in security_current_getsecid, Casey Schaufler
- [PATCH v36 10/33] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v36 12/33] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v36 13/33] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
  - Re: [PATCH v36 13/33] LSM: Use lsmblob in security_cred_getsecid, kernel test robot
- [PATCH v36 14/33] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v36 15/33] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v36 17/33] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v36 16/33] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v36 18/33] LSM: Use lsmcontext in security_dentry_init_security, Casey Schaufler
  - Re: [PATCH v36 18/33] LSM: Use lsmcontext in security_dentry_init_security, kernel test robot
  - Re: [PATCH v36 18/33] LSM: Use lsmcontext in security_dentry_init_security, Dan Carpenter
- [PATCH v36 19/33] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v36 20/33] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v36 22/33] LSM: Extend security_secid_to_secctx to include module selection, Casey Schaufler
- [PATCH v36 23/33] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
- [PATCH v36 21/33] binder: Pass LSM identifier for confirmation, Casey Schaufler
- [PATCH v36 24/33] Audit: Create audit_stamp structure, Casey Schaufler
- [PATCH v36 25/33] LSM: Add a function to report multiple LSMs, Casey Schaufler
- [PATCH v36 26/33] Audit: Allow multiple records in an audit_buffer, Casey Schaufler
  - Re: [PATCH v36 26/33] Audit: Allow multiple records in an audit_buffer, Paul Moore
- [PATCH v36 27/33] Audit: Add record for multiple task security contexts, Casey Schaufler
  - Re: [PATCH v36 27/33] Audit: Add record for multiple task security contexts, Paul Moore
- [PATCH v36 29/33] Audit: Add record for multiple object contexts, Casey Schaufler
- [PATCH v36 28/33] audit: multiple subject lsm values for netlabel, Casey Schaufler
  - Re: [PATCH v36 28/33] audit: multiple subject lsm values for netlabel, Paul Moore
- [PATCH v36 31/33] LSM: Removed scaffolding function lsmcontext_init, Casey Schaufler
- [PATCH v36 30/33] netlabel: Use a struct lsmblob in audit data, Casey Schaufler
  - Re: [PATCH v36 30/33] netlabel: Use a struct lsmblob in audit data, Paul Moore
- [PATCH v36 32/33] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v36 33/33] AppArmor: Remove the exclusive flag, Casey Schaufler
[PATCH] selinux: fix typos in comments, Jonas Lindner
- Re: [PATCH] selinux: fix typos in comments, Paul Moore
[PATCH userspace 0/2] Refine semantics of libsemanage's check_ext_changes, Ondrej Mosnacek
- [PATCH userspace 2/2] semodule: rename --rebuild-if-modules-changed to --refresh, Ondrej Mosnacek
- [PATCH userspace 1/2] libsemanage: always write kernel policy when check_ext_changes is specified, Ondrej Mosnacek
  - Re: [PATCH userspace 1/2] libsemanage: always write kernel policy when check_ext_changes is specified, Nicolas Iooss
    - Re: [PATCH userspace 1/2] libsemanage: always write kernel policy when check_ext_changes is specified, James Carter
      - Re: [PATCH userspace 1/2] libsemanage: always write kernel policy when check_ext_changes is specified, Nicolas Iooss
[PATCH v3] cred: Propagate security_prepare_creds() error code, Frederick Lawler
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Eric Biggers
  - Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Frederick Lawler
- Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Eric W. Biederman
  - Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Frederick Lawler
    - Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Eric W. Biederman
      - Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Casey Schaufler
      - Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Frederick Lawler
        
        Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Eric W. Biederman
        
        Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Frederick Lawler
        
        Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Christian Brauner
        
        Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Paul Moore
        
        Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Ignat Korchagin
        
        Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Paul Moore
        
        Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Casey Schaufler
        
        Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Frederick Lawler
        
        Re: [PATCH v3] cred: Propagate security_prepare_creds() error code, Casey Schaufler
why arent we checking MS_BIND?, Dominick Grift
[RFC PATCH 1/3] libsepol: export initial SIDs, Christian Göttsche
- [RFC PATCH 2/3] libsepol: validate initial SIDs, Christian Göttsche
- [RFC PATCH 3/3] checkpolicy: rework initial SID handling, Christian Göttsche
  - Re: [RFC PATCH 3/3] checkpolicy: rework initial SID handling, James Carter
- Re: [RFC PATCH 1/3] libsepol: export initial SIDs, James Carter
[RFC PATCH] f*xattr: allow O_PATH descriptors, Christian Göttsche
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Amir Goldstein
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Christian Brauner
  - Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Amir Goldstein
    - Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Christian Brauner
      - Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Amir Goldstein
        
        Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Christian Brauner
        
        Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Aleksa Sarai
        
        Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Amir Goldstein
        
        Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Christian Göttsche
        
        Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Amir Goldstein
        
        Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Aleksa Sarai
        
        Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Amir Goldstein
        
        Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Aleksa Sarai
        
        Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Christian Göttsche
        
        Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Amir Goldstein
- Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Andreas Dilger
  - Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Amir Goldstein
    - Re: [RFC PATCH] f*xattr: allow O_PATH descriptors, Christian Göttsche
[PATCH] libsepol: fix validation of user declarations in modules, Christian Göttsche
- Re: [PATCH] libsepol: fix validation of user declarations in modules, James Carter
  - Re: [PATCH] libsepol: fix validation of user declarations in modules, James Carter
- Re: [PATCH] libsepol: fix validation of user declarations in modules, Nicolas Iooss
  - Re: [PATCH] libsepol: fix validation of user declarations in modules, Christian Göttsche
- [PATCH v2] libsepol: fix validation of user declarations in non-base modules, Christian Göttsche
  - Re: [PATCH v2] libsepol: fix validation of user declarations in non-base modules, James Carter
[PATCH] libsepol: Drop unused assignment, Petr Lautrbach
- Re: [PATCH] libsepol: Drop unused assignment, James Carter
  - Re: [PATCH] libsepol: Drop unused assignment, James Carter
[PATCH testsuite] tests/sctp: temporarily disable ASCONF tests, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/sctp: temporarily disable ASCONF tests, Ondrej Mosnacek
Bug in SELinux SCTP ASCONF handling, Ondrej Mosnacek
- Re: Bug in SELinux SCTP ASCONF handling, Paul Moore
  - Re: Bug in SELinux SCTP ASCONF handling, Paul Moore
    - Re: Bug in SELinux SCTP ASCONF handling, Ondrej Mosnacek
      - Re: Bug in SELinux SCTP ASCONF handling, Paul Moore
        
        Re: Bug in SELinux SCTP ASCONF handling, Ondrej Mosnacek
        
        Re: Bug in SELinux SCTP ASCONF handling, Paul Moore
        
        Re: Bug in SELinux SCTP ASCONF handling, Ondrej Mosnacek
        
        Re: Bug in SELinux SCTP ASCONF handling, Paul Moore
  - Re: Bug in SELinux SCTP ASCONF handling, Ondrej Mosnacek
[PATCH] Revert "libselinux: restorecon: pin file to avoid TOCTOU issues", Petr Lautrbach
- Re: [PATCH] Revert "libselinux: restorecon: pin file to avoid TOCTOU issues", James Carter
  - Re: [PATCH] Revert "libselinux: restorecon: pin file to avoid TOCTOU issues", James Carter
[PATCH] python: Split "semanage import" into two transactions, Vit Mojzis
- Re: [PATCH] python: Split "semanage import" into two transactions, James Carter
  - Re: [PATCH] python: Split "semanage import" into two transactions, James Carter
[PATCH 1/1] libselinux: do not return the cached prev_current value when using getpidcon(), Nicolas Iooss
- Re: [PATCH 1/1] libselinux: do not return the cached prev_current value when using getpidcon(), James Carter
  - Re: [PATCH 1/1] libselinux: do not return the cached prev_current value when using getpidcon(), James Carter
[PATCH v2] cred: Propagate security_prepare_creds() error code, Frederick Lawler
- Re: [PATCH v2] cred: Propagate security_prepare_creds() error code, Jeff Moyer
- Re: [PATCH v2] cred: Propagate security_prepare_creds() error code, Paul Moore
- Re: [PATCH v2] cred: Propagate security_prepare_creds() error code, Serge E. Hallyn
[GIT PULL] SELinux patches for v5.19, Paul Moore
- Re: [GIT PULL] SELinux patches for v5.19, pr-tracker-bot
[SELinux-notebook PATCH] network_support.md: clarify local port range and name_bind, Dominick Grift
- <Possible follow-ups>
- Re: [SELinux-notebook PATCH] network_support.md: clarify local port range and name_bind, Paul Moore
  - Re: [SELinux-notebook PATCH] network_support.md: clarify local port range and name_bind, Dominick Grift
  - [PATCH v2] network_support.md: clarify local port range and name_bind, Dominick Grift
    - Re: [PATCH v2] network_support.md: clarify local port range and name_bind, Paul Moore
[PATCH] cred: Propagate security_prepare_creds() error code, Frederick Lawler
- Re: [PATCH] cred: Propagate security_prepare_creds() error code, Serge E. Hallyn
- Re: [PATCH] cred: Propagate security_prepare_creds() error code, Amir Goldstein
ANN: Reference Policy 2.20220520, Chris PeBenito
[PATCH] semodule: avoid toctou on output module, Christian Göttsche
- Re: [PATCH] semodule: avoid toctou on output module, Nicolas Iooss
  - Re: [PATCH] semodule: avoid toctou on output module, James Carter
[PATCH] libselinux: declare return value of context_str(3) const, Christian Göttsche
- Re: [PATCH] libselinux: declare return value of context_str(3) const, Nicolas Iooss
  - Re: [PATCH] libselinux: declare return value of context_str(3) const, James Carter
[PATCH 1/4] libselinux: add man page redirections, Christian Göttsche
- [PATCH 2/4] libselinux: enclose macro definition in parenthesis, Christian Göttsche
- [PATCH 4/4] libselinux: declare parameter of security_load_policy(3) const, Christian Göttsche
- [PATCH 3/4] libselinux: name parameters in context.h, Christian Göttsche
  - [PATCH v2 3/4] libselinux: name parameters in context.h, Christian Göttsche
- Re: [PATCH 1/4] libselinux: add man page redirections, James Carter
  - Re: [PATCH 1/4] libselinux: add man page redirections, James Carter
[PATCH] Makefile: always include and link with DESTDIR, Christian Göttsche

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]

Powered by Linux