Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

Re: [PATCH RFC] LSM: lsm_self_attr system call to get security module attributes, (continued)
- Re: [PATCH RFC] LSM: lsm_self_attr system call to get security module attributes, Serge E. Hallyn
- [PATCH v2 RFC] LSM: lsm_self_attr syscall for LSM self attributes, Casey Schaufler
Re: Does NFS support Linux Capabilities, Chuck Lever III
- Re: Does NFS support Linux Capabilities, Jeff Layton
  - Re: Does NFS support Linux Capabilities, Chuck Lever III
    - Re: Does NFS support Linux Capabilities, Jeff Layton
      - Message not available
        
        Re: Does NFS support Linux Capabilities, Jeff Layton
- Re: Does NFS support Linux Capabilities, Theodore Ts'o
  - Re: Does NFS support Linux Capabilities, J. Bruce Fields
    - Re: Does NFS support Linux Capabilities, Chuck Lever III
  - Re: Does NFS support Linux Capabilities, Casey Schaufler
    - Re: Does NFS support Linux Capabilities, battery dude
    - Re: Does NFS support Linux Capabilities, Theodore Ts'o
      - Re: Does NFS support Linux Capabilities, Casey Schaufler
context of socket passed between processes, Ted Toth
- Re: context of socket passed between processes, Dominick Grift
  - Re: context of socket passed between processes, Paul Moore
    - Re: context of socket passed between processes, Ted Toth
      - Re: context of socket passed between processes, Ted Toth
        
        Re: context of socket passed between processes, Ondrej Mosnacek
        
        Re: context of socket passed between processes, Dominick Grift
        
        Re: context of socket passed between processes, Ted Toth
- Re: context of socket passed between processes, Paul Moore
  - Re: context of socket passed between processes, Ted Toth
    - Re: context of socket passed between processes, Paul Moore
      - Re: context of socket passed between processes, Dominick Grift
      - Re: context of socket passed between processes, Ted Toth
        
        Re: context of socket passed between processes, Ted Toth
        
        Re: context of socket passed between processes, Paul Moore
        
        Re: context of socket passed between processes, Ted Toth
        
        Re: context of socket passed between processes, Paul Moore
[PATCH] Update translations, Vit Mojzis
- Re: [PATCH] Update translations, James Carter
  - Re: [PATCH] Update translations, James Carter
- <Possible follow-ups>
- [PATCH] Update translations, Petr Lautrbach
  - Re: [PATCH] Update translations, James Carter
    - Re: [PATCH] Update translations, Petr Lautrbach
- [PATCH] Update translations, Petr Lautrbach
  - Re: [PATCH] Update translations, James Carter
    - Re: [PATCH] Update translations, James Carter
[v5.19.y PATCH 0/3] Backport the io_uring/LSM CMD passthrough controls, Paul Moore
- [v5.19.y PATCH 3/3] Smack: Provide read control for io_uring_cmd, Paul Moore
  - Re: [v5.19.y PATCH 3/3] Smack: Provide read control for io_uring_cmd, Casey Schaufler
- [v5.19.y PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op, Paul Moore
- [v5.19.y PATCH 2/3] selinux: implement the security_uring_cmd() LSM hook, Paul Moore
- Re: [v5.19.y PATCH 0/3] Backport the io_uring/LSM CMD passthrough controls, Greg KH
[PATCH testsuite] tests/Makefile: add missing condition for userfaultfd test, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/Makefile: add missing condition for userfaultfd test, Ondrej Mosnacek
[PATCH 0/2] fs: fix capable() call in simple_xattr_list(), Ondrej Mosnacek
- [PATCH 2/2] fs: don't call capable() prematurely in simple_xattr_list(), Ondrej Mosnacek
- [PATCH 1/2] fs: convert simple_xattrs to RCU list, Ondrej Mosnacek
- Re: [PATCH 0/2] fs: fix capable() call in simple_xattr_list(), Christian Brauner
  - Re: [PATCH 0/2] fs: fix capable() call in simple_xattr_list(), Ondrej Mosnacek
    - Re: [PATCH 0/2] fs: fix capable() call in simple_xattr_list(), Christian Brauner
      - Re: [PATCH 0/2] fs: fix capable() call in simple_xattr_list(), Christian Brauner
        
        Re: [PATCH 0/2] fs: fix capable() call in simple_xattr_list(), Serge E. Hallyn
        
        Re: [PATCH 0/2] fs: fix capable() call in simple_xattr_list(), Ondrej Mosnacek
        
        Re: [PATCH 0/2] fs: fix capable() call in simple_xattr_list(), Christian Brauner
        
        Re: [PATCH 0/2] fs: fix capable() call in simple_xattr_list(), Ondrej Mosnacek
[PATCH v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, David Howells
- Re: [PATCH v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Christian Brauner
- Re: [PATCH v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Jeff Layton
- Re: [PATCH v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, David Howells
  - Re: [PATCH v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Jeff Layton
- <Possible follow-ups>
- [PATCH v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, David Howells
  - Re: [PATCH v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Paul Moore
    - Re: [PATCH v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Paul Moore
  - Re: [PATCH v5] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Al Viro
[PATCH v2] tests/secretmem: add test, Christian Göttsche
- Re: [PATCH v2] tests/secretmem: add test, Ondrej Mosnacek
  - Re: [PATCH v2] tests/secretmem: add test, Ondrej Mosnacek
    - Re: [PATCH v2] tests/secretmem: add test, Christian Göttsche
[PATCH] tests/secretmem: add test, Christian Göttsche
[PATCH] libselinux: support objname in compute_create, Christian Göttsche
- Re: [PATCH] libselinux: support objname in compute_create, Christian Göttsche
- Re: [PATCH] libselinux: support objname in compute_create, James Carter
  - Re: [PATCH] libselinux: support objname in compute_create, James Carter
[PATCH] selinux: declare read-only parameters const, Christian Göttsche
- Re: [PATCH] selinux: declare read-only parameters const, Paul Moore
[PATCH] selinux: use int arrays for boolean values, Christian Göttsche
- Re: [PATCH] selinux: use int arrays for boolean values, Paul Moore
[RFC PATCH 2/2] fs/xattr: wire up syscalls, Christian Göttsche
- [RFC PATCH 1/2] fs/xattr: add *at family syscalls, Christian Göttsche
  - Re: [RFC PATCH 1/2] fs/xattr: add *at family syscalls, Christian Brauner
  - Re: [RFC PATCH 1/2] fs/xattr: add *at family syscalls, Al Viro
    - Re: [RFC PATCH 1/2] fs/xattr: add *at family syscalls, Amir Goldstein
    - Re: [RFC PATCH 1/2] fs/xattr: add *at family syscalls, Casey Schaufler
- Re: [RFC PATCH 2/2] fs/xattr: wire up syscalls, Christian Brauner
- Re: [RFC PATCH 2/2] fs/xattr: wire up syscalls, Richard Guy Briggs
[PATCH linux-next] selinux: remove redundant variables rc, cgel . zte
- Re: [PATCH linux-next] selinux: remove redundant variables rc, Paul Moore
[PATCH linux-next] selinux: Remove the unneeded result variable, cgel . zte
- Re: [PATCH linux-next] selinux: Remove the unneeded result variable, Paul Moore
[GIT PULL] LSM fixes for v6.0 (#1), Paul Moore
- Re: [GIT PULL] LSM fixes for v6.0 (#1), pr-tracker-bot
[PATCH] checkpolicy: avoid passing NULL pointer to memset(), Juraj Marcin
- Re: [PATCH] checkpolicy: avoid passing NULL pointer to memset(), James Carter
  - Re: [PATCH] checkpolicy: avoid passing NULL pointer to memset(), James Carter
[PATCH 3/3] secilc/docs: disable pandoc default css for html docs, bauen1
- Re: [PATCH 3/3] secilc/docs: disable pandoc default css for html docs, James Carter
  - Re: [PATCH 3/3] secilc/docs: disable pandoc default css for html docs, James Carter
[PATCH 2/3] secilc/docs: fix syntax highlighting, bauen1
- Re: [PATCH 2/3] secilc/docs: fix syntax highlighting, James Carter
  - Re: [PATCH 2/3] secilc/docs: fix syntax highlighting, James Carter
[PATCH 1/3] secilc/docs: selinuxuser actually takes a string not identifier, bauen1
- Re: [PATCH 1/3] secilc/docs: selinuxuser actually takes a string not identifier, James Carter
  - Re: [PATCH 1/3] secilc/docs: selinuxuser actually takes a string not identifier, James Carter
    - Re: [PATCH 1/3] secilc/docs: selinuxuser actually takes a string not identifier, bauen1
[PATCH testsuite] tests: remove more stray flag/temporary files with 'make clean', Ondrej Mosnacek
- Re: [PATCH testsuite] tests: remove more stray flag/temporary files with 'make clean', Ondrej Mosnacek
[PATCH] libsepol: fix missing double quotes in typetransition CIL rule, Juraj Marcin
- Re: [PATCH] libsepol: fix missing double quotes in typetransition CIL rule, James Carter
  - Re: [PATCH] libsepol: fix missing double quotes in typetransition CIL rule, James Carter
Fwd: [systemd-devel] socket activation selinux context on create, Ted Toth
- Re: [systemd-devel] socket activation selinux context on create, Ted Toth
  - Re: [systemd-devel] socket activation selinux context on create, Ted Toth
- Re: [systemd-devel] socket activation selinux context on create, Paul Moore
  - Re: [systemd-devel] socket activation selinux context on create, Ted Toth
    - Re: [systemd-devel] socket activation selinux context on create, Paul Moore
      - Re: [systemd-devel] socket activation selinux context on create, Christian Göttsche
        
        Re: [systemd-devel] socket activation selinux context on create, Ted Toth
        
        Re: [systemd-devel] socket activation selinux context on create, Dominick Grift
        
        Re: [systemd-devel] socket activation selinux context on create, Ted Toth
        
        Re: [systemd-devel] socket activation selinux context on create, Dominick Grift
        
        Re: [systemd-devel] socket activation selinux context on create, Ted Toth
[PATCH] tests/filesystem/xfs: use a 300M xfs filesystem image, Paul Moore
- Re: [PATCH] tests/filesystem/xfs: use a 300M xfs filesystem image, Ondrej Mosnacek
[PATCH testsuite 0/2] Prepare userfaultfd policy for Fedora policy changes, Ondrej Mosnacek
- [PATCH testsuite 2/2] test_userfaultfd.te: adapt to upcoming Fedora policy changes, Ondrej Mosnacek
  - Re: [PATCH testsuite 2/2] test_userfaultfd.te: adapt to upcoming Fedora policy changes, Daniel Burgener
    - Re: [PATCH testsuite 2/2] test_userfaultfd.te: adapt to upcoming Fedora policy changes, Ondrej Mosnacek
- [PATCH testsuite 1/2] policy: remove CIL workarounds for missing anon_inode class, Ondrej Mosnacek
- Re: [PATCH testsuite 0/2] Prepare userfaultfd policy for Fedora policy changes, Ondrej Mosnacek
[PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, David Howells
- Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Christian Brauner
  - Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Casey Schaufler
  - Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, David Howells
    - Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Casey Schaufler
    - Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, David Howells
      - Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Casey Schaufler
- Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Al Viro
- Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, David Howells
- Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, Anna Schumaker
- Re: [PATCH v4] vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing, David Howells
[PATCH 0/3] LSM hooks for IORING_OP_URING_CMD, Paul Moore
- Re: [PATCH 0/3] LSM hooks for IORING_OP_URING_CMD, Paul Moore
- <Possible follow-ups>
- [PATCH 0/3] LSM hooks for IORING_OP_URING_CMD, Paul Moore
  - [PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op, Paul Moore
    - Re: [PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op, Greg Kroah-Hartman
      - Re: [PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op, Paul Moore
        
        Re: [PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op, Greg Kroah-Hartman
        
        Re: [PATCH 1/3] lsm,io_uring: add LSM hooks for the new uring_cmd file op, Paul Moore
  - [PATCH 2/3] selinux: implement the security_uring_cmd() LSM hook, Paul Moore
    - Re: [PATCH 2/3] selinux: implement the security_uring_cmd() LSM hook, Greg Kroah-Hartman
      - Re: [PATCH 2/3] selinux: implement the security_uring_cmd() LSM hook, Paul Moore
    - Message not available
      - Re: [PATCH 2/3] selinux: implement the security_uring_cmd() LSM hook, Joel Granados
        
        Re: [PATCH 2/3] selinux: implement the security_uring_cmd() LSM hook, Paul Moore
        
        Re: [PATCH 2/3] selinux: implement the security_uring_cmd() LSM hook, Joel Granados
        
        Re: [PATCH 2/3] selinux: implement the security_uring_cmd() LSM hook, Joel Granados
  - [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Paul Moore
    - Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Jens Axboe
      - Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Paul Moore
        
        Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Jens Axboe
        
        Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Paul Moore
        
        Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Jens Axboe
        
        Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Paul Moore
    - Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Greg Kroah-Hartman
      - Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Jens Axboe
        
        Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Paul Moore
    - Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Greg Kroah-Hartman
      - Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Paul Moore
        
        Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Greg Kroah-Hartman
        
        Re: [PATCH 3/3] /dev/null: add IORING_OP_URING_CMD support, Paul Moore
  - Re: [PATCH 0/3] LSM hooks for IORING_OP_URING_CMD, Paul Moore
Re: SELinux testsuite on 6.0-rc2 binder BUG, Paul Moore
- Re: SELinux testsuite on 6.0-rc2 binder BUG, Casey Schaufler
[PATCH v1] selinux/ss/services.c: check the return value of audit_log_start() in security_sid_mls_copy(), lily
- Re: [PATCH v1] selinux/ss/services.c: check the return value of audit_log_start() in security_sid_mls_copy(), Paul Moore
[PATCH] selinux: Variable type completion, Xin Gao
[syzbot] KASAN: use-after-free Read in sock_has_perm, syzbot
- Re: [syzbot] KASAN: use-after-free Read in sock_has_perm, Paul Moore
  - Re: [syzbot] KASAN: use-after-free Read in sock_has_perm, Casey Schaufler
  - Re: [syzbot] KASAN: use-after-free Read in sock_has_perm, Dmitry Vyukov
[selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Paul Moore
- Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Ondrej Mosnacek
  - Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Paul Moore
    - Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Ondrej Mosnacek
      - Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Paul Moore
- Re: [selinux-testsuite PATCH] tests/binder: remove stray flag files with 'make clean', Ondrej Mosnacek
[PATCH v5 0/4] Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v5 1/4] security, lsm: Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v5 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Frederick Lawler
- [PATCH v5 4/4] selinux: Implement userns_create hook, Frederick Lawler
- [PATCH v5 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Frederick Lawler
- Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
  - Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Eric W. Biederman
    - Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
      - Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        RE: [PATCH v5 0/4] Introduce security_create_user_ns(), Jonathan Chapman-Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Song Liu
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Song Liu
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Song Liu
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Song Liu
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Song Liu
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Christian Brauner
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Ignat Korchagin
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v5 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
[BUG] (fsuse xattr "fuse" mycontext) causes deadlock for mount/sync syscall, bauen1
[PATCH] tests/sctp: reenable the SCTP ASCONF tests, Paul Moore
[PATCH] tests/sctp: allow both ENOSPC and EINPROGRESS for CIPSO tag space errors, Paul Moore
- Re: [PATCH] tests/sctp: allow both ENOSPC and EINPROGRESS for CIPSO tag space errors, Ondrej Mosnacek
  - Re: [PATCH] tests/sctp: allow both ENOSPC and EINPROGRESS for CIPSO tag space errors, Paul Moore
[PATCH] selinux: SCTP fixes, including ASCONF, Paul Moore
- Re: [PATCH] selinux: SCTP fixes, including ASCONF, Ondrej Mosnacek
  - Re: [PATCH] selinux: SCTP fixes, including ASCONF, Paul Moore
    - Re: [PATCH] selinux: SCTP fixes, including ASCONF, Paul Moore
    - Re: [PATCH] selinux: SCTP fixes, including ASCONF, Ondrej Mosnacek
[PATCH 1/4] ci: bump versions in GitHub Actions, Christian Göttsche
- [PATCH 2/4] scripts/ci: use F36 image instead of F34, Christian Göttsche
- [PATCH 3/4] scripts: ignore Flake8 tag E275, Christian Göttsche
- [PATCH 4/4] Ignore egg-info directories and clean them, Christian Göttsche
- Re: [PATCH 1/4] ci: bump versions in GitHub Actions, James Carter
  - Re: [PATCH 1/4] ci: bump versions in GitHub Actions, James Carter
[PATCH 1/2] checkpolicy: use strict function prototype for definitions, Christian Göttsche
- [PATCH 2/2] restorecond: use strict function prototype for definition, Christian Göttsche
  - Re: [PATCH 2/2] restorecond: use strict function prototype for definition, Daniel Burgener
- Re: [PATCH 1/2] checkpolicy: use strict function prototype for definitions, Daniel Burgener
  - Re: [PATCH 1/2] checkpolicy: use strict function prototype for definitions, James Carter
    - Re: [PATCH 1/2] checkpolicy: use strict function prototype for definitions, James Carter
[PATCH] libselinux/utils: install into bin PATH, Christian Göttsche
- Re: [PATCH] libselinux/utils: install into bin PATH, Daniel Burgener
[PATCH] libselinux: avoid newline in avc message, Christian Göttsche
- Re: [PATCH] libselinux: avoid newline in avc message, James Carter
  - Re: [PATCH] libselinux: avoid newline in avc message, James Carter
[PATCH] selinux: add a new warn_on_audited debug flag to selinuxfs, Ondrej Mosnacek
- Re: [PATCH] selinux: add a new warn_on_audited debug flag to selinuxfs, Paul Moore
  - Re: [PATCH] selinux: add a new warn_on_audited debug flag to selinuxfs, Ondrej Mosnacek
Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Guozihua (Scott)
- Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Paul Moore
  - Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Mimi Zohar
    - Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Paul Moore
      - Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Guozihua (Scott)
        
        Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Guozihua (Scott)
        
        Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Mimi Zohar
        
        Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Paul Moore
        
        Re: Race conditioned discovered between ima_match_rules and ima_update_lsm_update_rules, Guozihua (Scott)
[PATCH AUTOSEL 4.9 8/8] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 4.14 12/12] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 5.4 23/23] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 4.19 16/16] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 5.15 42/45] selinux: fix memleak in security_read_state_kernel(), Sasha Levin
[PATCH AUTOSEL 5.10 29/29] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 5.15 43/45] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 5.18 51/53] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH AUTOSEL 5.18 50/53] selinux: fix memleak in security_read_state_kernel(), Sasha Levin
[PATCH AUTOSEL 5.19 53/58] selinux: fix memleak in security_read_state_kernel(), Sasha Levin
[PATCH AUTOSEL 5.19 54/58] selinux: Add boundary check in put_entry(), Sasha Levin
[PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
- Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, Jeff Layton
- Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, Ondrej Mosnacek
  - Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, Paul Moore
  - Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
    - Re: [PATCH v3] nfs: Fix automount superblock LSM init problem, preventing sb sharing, Paul Moore
[PATCH v2] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
- Re: [PATCH v2] nfs: Fix automount superblock LSM init problem, preventing sb sharing, Jeff Layton
- Re: [PATCH v2] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
[PATCH] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
- Re: [PATCH] nfs: Fix automount superblock LSM init problem, preventing sb sharing, David Howells
LSM stacking in next for 6.1?, Casey Schaufler
- Re: LSM stacking in next for 6.1?, Paul Moore
  - Re: LSM stacking in next for 6.1?, John Johansen
  - Re: LSM stacking in next for 6.1?, Casey Schaufler
    - Re: LSM stacking in next for 6.1?, Paul Moore
  - Re: LSM stacking in next for 6.1?, Steve Grubb
    - Re: LSM stacking in next for 6.1?, Paul Moore
  - Re: LSM stacking in next for 6.1?, Paul Moore
    - Re: LSM stacking in next for 6.1?, Casey Schaufler
      - Re: LSM stacking in next for 6.1?, Casey Schaufler
      - Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, John Johansen
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Kees Cook
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Kees Cook
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
- Re: LSM stacking in next for 6.1?, Tetsuo Handa
  - Re: LSM stacking in next for 6.1?, Casey Schaufler
  - Re: LSM stacking in next for 6.1?, Paul Moore
    - Re: LSM stacking in next for 6.1?, Tetsuo Handa
      - Re: LSM stacking in next for 6.1?, Paul Moore
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
        
        Re: LSM stacking in next for 6.1?, Casey Schaufler
        
        Re: LSM stacking in next for 6.1?, Tetsuo Handa
[GIT PULL] SELinux patches for v6.0, Paul Moore
- Re: [GIT PULL] SELinux patches for v6.0, pr-tracker-bot
[PATCH v4 0/4] Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v4 1/4] security, lsm: Introduce security_create_user_ns(), Frederick Lawler
  - Re: [PATCH v4 1/4] security, lsm: Introduce security_create_user_ns(), KP Singh
    - Re: [PATCH v4 1/4] security, lsm: Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Frederick Lawler
  - Re: [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Alexei Starovoitov
    - Re: [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Paul Moore
  - Re: [PATCH v4 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, KP Singh
- [PATCH v4 4/4] selinux: Implement userns_create hook, Frederick Lawler
- [PATCH v4 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Frederick Lawler
  - Re: [PATCH v4 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, KP Singh
- Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
  - Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
    - Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
      - Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Alexei Starovoitov
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Casey Schaufler
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Eric W. Biederman
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v4 0/4] Introduce security_create_user_ns(), Paul Moore
Adjust sepolgen grammar to support allowxperm, et. al., chris . lindee
- [PATCH 2/2] sepolgen: Support named xperms, chris . lindee
- [PATCH 1/2] sepolgen: Update refparser to handle xperm, chris . lindee
  - Re: [PATCH 1/2] sepolgen: Update refparser to handle xperm, Christian Göttsche
- Re: Adjust sepolgen grammar to support allowxperm, et. al., James Carter
KVM / virtual networking access control, Karl MacMillan
- Re: KVM / virtual networking access control, Paul Moore
  - Re: KVM / virtual networking access control, Karl MacMillan
    - Re: KVM / virtual networking access control, Paul Moore
[PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t, Ondrej Mosnacek
- [PATCH testsuite 01/24] keys: change test_newcon_key_t to be just an object context, Ondrej Mosnacek
- [PATCH testsuite 02/24] test_global.te: remove unused role require, Ondrej Mosnacek
- [PATCH testsuite 03/24] test_global.te: don't add domains to system_r, Ondrej Mosnacek
- [PATCH testsuite 06/24] test_policy.if: remove weird rule from testsuite_domain_type_minimal(), Ondrej Mosnacek
- [PATCH testsuite 07/24] policy: move unconfined_t-related dontaudit rule to where it fits better, Ondrej Mosnacek
- [PATCH testsuite 09/24] policy: move miscfiles_domain_entry_test_files() to general policy, Ondrej Mosnacek
  - Re: [PATCH testsuite 09/24] policy: move miscfiles_domain_entry_test_files() to general policy, Daniel Burgener
- [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy, Ondrej Mosnacek
  - Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy, Daniel Burgener
    - Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy, Ondrej Mosnacek
      - Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy, Ondrej Mosnacek
        
        Re: [PATCH testsuite 08/24] policy: move userdom_sysadm_entry_spec_domtrans_to() to general policy, Daniel Burgener
- [PATCH testsuite 11/24] test_general.te: move sysadm-related rules into an optional block, Ondrej Mosnacek
  - Re: [PATCH testsuite 11/24] test_general.te: move sysadm-related rules into an optional block, Daniel Burgener
    - Re: [PATCH testsuite 11/24] test_general.te: move sysadm-related rules into an optional block, Ondrej Mosnacek
- [PATCH testsuite 12/24] test_filesystem.te: remove redundant dontaudit rules, Ondrej Mosnacek
- [PATCH testsuite 13/24] test_filesystem.te: remove suspicious rules, Ondrej Mosnacek
- [PATCH testsuite 14/24] tests/nnp_nosuid: avoid hardcoding unconfined_t in the policy, Ondrej Mosnacek
- [PATCH testsuite 10/24] policy: substitute userdom_sysadm_entry_spec_domtrans_to(), Ondrej Mosnacek
- [PATCH testsuite 15/24] tests/*filesystem: remove weird uses of unconfined_t, Ondrej Mosnacek
- [PATCH testsuite 17/24] test_general.te: generalize the dontaudit rule, Ondrej Mosnacek
- [PATCH testsuite 18/24] policy: don't audit testsuite programs searching the caller's keys, Ondrej Mosnacek
- [PATCH testsuite 16/24] policy: remove last hardcoded references to unconfined_t, Ondrej Mosnacek
- [PATCH testsuite 19/24] ci: check for unconfined_t AVCs, Ondrej Mosnacek
- [PATCH testsuite 22/24] policy: give sysadm_t perms needed to run quotacheck(8), Ondrej Mosnacek
- [PATCH testsuite 23/24] tests/vsock_socket: use modprobe to check vsock availability, Ondrej Mosnacek
- [PATCH testsuite 24/24] ci: add sysadm_t to the test matrix, Ondrej Mosnacek
  - Re: [PATCH testsuite 24/24] ci: add sysadm_t to the test matrix, Topi Miettinen
    - Re: [PATCH testsuite 24/24] ci: add sysadm_t to the test matrix, Ondrej Mosnacek
- [PATCH testsuite 21/24] tests/overlay: don't hard-code SELinux user of the caller, Ondrej Mosnacek
  - Re: [PATCH testsuite 21/24] tests/overlay: don't hard-code SELinux user of the caller, Daniel Burgener
    - Re: [PATCH testsuite 21/24] tests/overlay: don't hard-code SELinux user of the caller, Ondrej Mosnacek
- [PATCH testsuite 20/24] tests/binder: check only the type part of the context, Ondrej Mosnacek
- Re: [PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t, Ondrej Mosnacek
  - Re: [PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t, Ondrej Mosnacek
    - Re: [PATCH testsuite 00/24] Clean up testsuite policy and support running as sysadm_t, Ondrej Mosnacek
[PATCH v3 0/4] Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v3 1/4] security, lsm: Introduce security_create_user_ns(), Frederick Lawler
  - Re: [PATCH v3 1/4] security, lsm: Introduce security_create_user_ns(), Christian Brauner
- [PATCH v3 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Frederick Lawler
  - Re: [PATCH v3 2/4] bpf-lsm: Make bpf_lsm_userns_create() sleepable, Christian Brauner
- [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Frederick Lawler
  - Re: [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Martin KaFai Lau
    - Re: [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Frederick Lawler
  - Re: [PATCH v3 3/4] selftests/bpf: Add tests verifying bpf lsm userns_create hook, Christian Brauner
- [PATCH v3 4/4] selinux: Implement userns_create hook, Frederick Lawler
- Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Martin KaFai Lau
  - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Paul Moore
    - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Frederick Lawler
      - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v3 0/4] Introduce security_create_user_ns(), KP Singh
        
        Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Paul Moore
      - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Casey Schaufler
        
        Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v3 0/4] Introduce security_create_user_ns(), KP Singh
    - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Eric W. Biederman
      - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Frederick Lawler
- Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Eric W. Biederman
  - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Paul Moore
  - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Djalal Harouni
  - Re: [PATCH v3 0/4] Introduce security_create_user_ns(), Ignat Korchagin
[PATCH v2 1/5] libsepol: rename validate_policydb to policydb_validate, Christian Göttsche
- [PATCH v2 2/5] libsepol: support const avtab_t pointer in avtab_map(), Christian Göttsche
- [PATCH v2 3/5] libsepol: operate on const pointers during validation, Christian Göttsche
- [PATCH v2 4/5] libsepol: rename parameter name, Christian Göttsche
- [PATCH v2 5/5] libsepol: more strict validation, Christian Göttsche
- Re: [PATCH v2 1/5] libsepol: rename validate_policydb to policydb_validate, James Carter
  - Re: [PATCH v2 1/5] libsepol: rename validate_policydb to policydb_validate, James Carter
[PATCH v3 1/8] libsepol: refactor ebitmap conversion in link.c, Christian Göttsche
- [PATCH v3 5/8] libsepol/tests: add test for segregate attributes, Christian Göttsche
- [PATCH v3 7/8] secilc: run tests against development version of libsepol, Christian Göttsche
  - Re: [PATCH v3 7/8] secilc: run tests against development version of libsepol, James Carter
- [PATCH v3 2/8] libsepol: add ebitmap iterator wrapper with startnode, Christian Göttsche
  - Re: [PATCH v3 2/8] libsepol: add ebitmap iterator wrapper with startnode, James Carter
- [PATCH v3 8/8] secilc: include segregate attributes in tests, Christian Göttsche
- [PATCH v3 3/8] libsepol: add compile-time constraint for mutual exclusive attributes, Christian Göttsche
  - Re: [PATCH v3 3/8] libsepol: add compile-time constraint for mutual exclusive attributes, James Carter
- [PATCH v3 6/8] libsepol/cil: add support for segregate attributes, Christian Göttsche
  - Re: [PATCH v3 6/8] libsepol/cil: add support for segregate attributes, James Carter
- [PATCH v3 4/8] checkpolicy: add front-end support for segregate attributes, Christian Göttsche
  - Re: [PATCH v3 4/8] checkpolicy: add front-end support for segregate attributes, James Carter
    - Re: [PATCH v3 4/8] checkpolicy: add front-end support for segregate attributes, Christian Göttsche
      - Re: [PATCH v3 4/8] checkpolicy: add front-end support for segregate attributes, James Carter
- Re: [PATCH v3 1/8] libsepol: refactor ebitmap conversion in link.c, James Carter
  - Re: [PATCH v3 1/8] libsepol: refactor ebitmap conversion in link.c, James Carter
[PATCH v2 1/7] libsepol/tests: add ebitmap tests, Christian Göttsche
- [PATCH v2 2/7] libsepol: add ebitmap_init_range, Christian Göttsche
- [PATCH v2 3/7] libsepol/cil: use ebitmap_init_range, Christian Göttsche
- [PATCH v2 4/7] libsepol: optimize ebitmap_not, Christian Göttsche
- [PATCH v2 6/7] libsepol: optimize ebitmap_xor, Christian Göttsche
- [PATCH v2 5/7] libsepol: optimize ebitmap_and, Christian Göttsche
- [PATCH v2 7/7] libsepol: skip superfluous memset calls in ebitmap operations, Christian Göttsche
- Re: [PATCH v2 1/7] libsepol/tests: add ebitmap tests, James Carter
  - Re: [PATCH v2 1/7] libsepol/tests: add ebitmap tests, James Carter
[PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
- Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Ondrej Mosnacek
  - Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
    - Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Ondrej Mosnacek
      - Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Ondrej Mosnacek
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Ondrej Mosnacek
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Ondrej Mosnacek
        
        Re: [PATCH] tests/sctp: remove assumptions in the SCTP tests, Paul Moore
[PATCH testsuite] tests/module_load: detect the linker to use for module build, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/module_load: detect the linker to use for module build, Ondrej Mosnacek
[PATCH 1/5] libsepol: rename validate_policydb to policydb_validate, Christian Göttsche
- [PATCH 2/5] libsepol: support const avtab_t pointer in avtab_map(), Christian Göttsche
- [PATCH 4/5] libsepol: rename parameter name, Christian Göttsche
- [PATCH 3/5] libsepol: operator on const pointers during validation, Christian Göttsche
- [PATCH 5/5] libsepol: more strict validation, Christian Göttsche
  - Re: [PATCH 5/5] libsepol: more strict validation, James Carter
- Re: [PATCH 1/5] libsepol: rename validate_policydb to policydb_validate, James Carter
[PATCH 1/3] libsepol: break circular include, Christian Göttsche
- [PATCH 2/3] libsepol: include necessary headers in headers, Christian Göttsche
- [PATCH 3/3] libsepol: enclose macro parameters and replacement lists in parentheses, Christian Göttsche
- Re: [PATCH 1/3] libsepol: break circular include, James Carter
  - Re: [PATCH 1/3] libsepol: break circular include, James Carter
[PATCH 1/7] libsepol/tests: add ebitmap tests, Christian Göttsche
- [PATCH 3/7] libsepol/cil: use ebitmap_init_range, Christian Göttsche
  - Re: [PATCH 3/7] libsepol/cil: use ebitmap_init_range, James Carter
- [PATCH 2/7] libsepol: add ebitmap_init_range, Christian Göttsche
  - Re: [PATCH 2/7] libsepol: add ebitmap_init_range, James Carter
- [PATCH 5/7] libsepol: optimize ebitmap_and, Christian Göttsche
  - Re: [PATCH 5/7] libsepol: optimize ebitmap_and, James Carter
- [PATCH 4/7] libsepol: optimize ebitmap_not, Christian Göttsche
  - Re: [PATCH 4/7] libsepol: optimize ebitmap_not, James Carter
- [PATCH 7/7] libsepol: skip superfluous memset calls in ebitmap operations, Christian Göttsche
  - Re: [PATCH 7/7] libsepol: skip superfluous memset calls in ebitmap operations, James Carter
- [PATCH 6/7] libsepol: optimize ebitmap_xor, Christian Göttsche
  - Re: [PATCH 6/7] libsepol: optimize ebitmap_xor, James Carter
- Re: [PATCH 1/7] libsepol/tests: add ebitmap tests, James Carter
[RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Ondrej Mosnacek
- Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Peter Xu
  - Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Paul Moore
- Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Paul Moore
  - Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Paul Moore
    - Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Christian Brauner
      - Re: [RFC PATCH RESEND] userfaultfd: open userfaultfds with O_RDONLY, Paul Moore
[PATCH v2 0/4] Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v2 2/4] bpf-lsm: Make bpf_lsm_create_user_ns() sleepable, Frederick Lawler
- [PATCH v2 1/4] security, lsm: Introduce security_create_user_ns(), Frederick Lawler
- [PATCH v2 3/4] selftests/bpf: Add tests verifying bpf lsm create_user_ns hook, Frederick Lawler
- [PATCH v2 4/4] selinux: Implement create_user_ns hook, Frederick Lawler
  - Re: [PATCH v2 4/4] selinux: Implement create_user_ns hook, Paul Moore
    - Re: [PATCH v2 4/4] selinux: Implement create_user_ns hook, Frederick Lawler
  - Message not available
    - Re: [PATCH v2 4/4] selinux: Implement create_user_ns hook, Paul Moore
- Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Christian Göttsche
  - Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Frederick Lawler
    - Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Christian Brauner
    - Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Casey Schaufler
      - Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Serge E. Hallyn
        
        Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Frederick Lawler
      - Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Paul Moore
        
        Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Casey Schaufler
        
        Re: [PATCH v2 0/4] Introduce security_create_user_ns(), Paul Moore
[PATCH] libselinux: set errno to EBADF on O_PATH emulation failure, Christian Göttsche
- [PATCH v2] libselinux: set errno to EBADF on O_PATH emulation ENOENT failure, Christian Göttsche
  - Re: [PATCH v2] libselinux: set errno to EBADF on O_PATH emulation ENOENT failure, James Carter
    - Re: [PATCH v2] libselinux: set errno to EBADF on O_PATH emulation ENOENT failure, James Carter
What is "fscon" statement in a base policy?, Nicolas Iooss
- Re: What is "fscon" statement in a base policy?, Karl MacMillan
  - Re: What is "fscon" statement in a base policy?, Christian Göttsche
    - Re: What is "fscon" statement in a base policy?, Karl MacMillan
[PATCH] libsepol: do not modify policy during write, Christian Göttsche
- Re: [PATCH] libsepol: do not modify policy during write, James Carter
  - Re: [PATCH] libsepol: do not modify policy during write, James Carter
[syzbot] KASAN: use-after-free Read in selinux_socket_recvmsg, syzbot
- Re: [syzbot] KASAN: use-after-free Read in selinux_socket_recvmsg, Paul Moore
[PATCH] libsepol/utils: improve wording, Christian Göttsche
- Re: [PATCH] libsepol/utils: improve wording, James Carter
  - Re: [PATCH] libsepol/utils: improve wording, James Carter
[PATCH userspace 1/1] CircleCI: do not add Debian-specific parameter when invoking setup.py, Nicolas Iooss
- Re: [PATCH userspace 1/1] CircleCI: do not add Debian-specific parameter when invoking setup.py, James Carter
  - Re: [PATCH userspace 1/1] CircleCI: do not add Debian-specific parameter when invoking setup.py, James Carter
[PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason, Nicolas Iooss
- Re: [PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason, James Carter
  - Re: [PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason, Christian Göttsche
  - Re: [PATCH userspace 1/1] libsepol: initialize s in constraint_expr_eval_reason, James Carter
[PATCH testsuite 0/2] Make the keys test pass in FIPS mode, Ondrej Mosnacek
- [PATCH testsuite 2/2] tests/keys: fix Makefile dependencies, Ondrej Mosnacek
- [PATCH testsuite 1/2] tests/keys: use a longer prime in DH params, Ondrej Mosnacek
- Re: [PATCH testsuite 0/2] Make the keys test pass in FIPS mode, Ondrej Mosnacek
[PATCH v37 00/33] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v37 01/33] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
- [PATCH v37 02/33] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v37 05/33] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v37 04/33] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v37 03/33] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v37 06/33] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v37 07/33] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v37 08/33] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v37 09/33] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v37 10/33] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v37 11/33] LSM: Use lsmblob in security_current_getsecid, Casey Schaufler
- [PATCH v37 12/33] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v37 13/33] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v37 14/33] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v37 15/33] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v37 16/33] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v37 17/33] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v37 20/33] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security, Casey Schaufler
  - Re: [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security, kernel test robot
  - Re: [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security, kernel test robot
  - Re: [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security, kernel test robot
- [PATCH v37 19/33] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v37 22/33] LSM: security_secid_to_secctx module selection, Casey Schaufler
- [PATCH v37 23/33] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
- [PATCH v37 21/33] binder: Pass LSM identifier for confirmation, Casey Schaufler
- [PATCH v37 24/33] Audit: Create audit_stamp structure, Casey Schaufler
- [PATCH v37 25/33] LSM: Add a function to report multiple LSMs, Casey Schaufler
- [PATCH v37 26/33] Audit: Allow multiple records in an audit_buffer, Casey Schaufler
- [PATCH v37 29/33] Audit: Add record for multiple object contexts, Casey Schaufler
- [PATCH v37 27/33] Audit: Add record for multiple task security contexts, Casey Schaufler
- [PATCH v37 28/33] audit: multiple subject lsm values for netlabel, Casey Schaufler
- [PATCH v37 31/33] LSM: Removed scaffolding function lsmcontext_init, Casey Schaufler
- [PATCH v37 30/33] netlabel: Use a struct lsmblob in audit data, Casey Schaufler
- [PATCH v37 32/33] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v37 33/33] AppArmor: Remove the exclusive flag, Casey Schaufler
- Re: [PATCH v37 00/33] LSM: Module stacking for AppArmor, John Johansen
  - Re: [PATCH v37 00/33] LSM: Module stacking for AppArmor, Casey Schaufler
[PATCH] gettext: handle unsupported languages properly, Vit Mojzis
- Re: [PATCH] gettext: handle unsupported languages properly, Daniel Burgener
  - Re: [PATCH] gettext: handle unsupported languages properly, Vit Mojzis
    - Re: [PATCH] gettext: handle unsupported languages properly, Daniel Burgener
      - Re: [PATCH] gettext: handle unsupported languages properly, Petr Lautrbach
        
        Re: [PATCH] gettext: handle unsupported languages properly, Petr Lautrbach
[PATCH -next] selinux: Cleanup the enum SEL_COMPAT_NET, Xiu Jianfeng
- Re: [PATCH -next] selinux: Cleanup the enum SEL_COMPAT_NET, Paul Moore
[PATCH RESEND -next] selinux: Let the caller free the momory in *mnt_opts on error, Xiu Jianfeng
- Re: [PATCH RESEND -next] selinux: Let the caller free the momory in *mnt_opts on error, Paul Moore
[GIT PULL] SELinux fixes for v5.19 (#1), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.19 (#1), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.19 (#1), pr-tracker-bot
PHP-FPM restriction bug, Father Vlasie
[RFC PATCH 1/4] libsepol: refactor ebitmap conversion in link.c, Christian Göttsche
- [RFC PATCH 3/4] libsepol: add compile-time constraint for mutual exclusive attributes, Christian Göttsche
  - Re: [RFC PATCH 3/4] libsepol: add compile-time constraint for mutual exclusive attributes, Nicolas Iooss
- [RFC PATCH 2/4] libsepol: add ebitmap iterator wrapper with startnode, Christian Göttsche
  - Re: [RFC PATCH 2/4] libsepol: add ebitmap iterator wrapper with startnode, Nicolas Iooss
- [RFC PATCH 4/4] checkpolicy: add front-end support for segregate attributes, Christian Göttsche
[PATCH -next] selinux: Let the caller free the momory in *mnt_opts on error, Xiu Jianfeng
- Re: [PATCH -next] selinux: Let the caller free the momory in *mnt_opts on error, kernel test robot
[PATCH] python: remove IOError in certain cases, Elijah Conners
- Re: [PATCH] python: remove IOError in certain cases, Petr Lautrbach
  - Re: [PATCH] python: remove IOError in certain cases, Elijah Conners
- Re: [PATCH] python: remove IOError in certain cases, Petr Lautrbach
  - Re: [PATCH] python: remove IOError in certain cases, Petr Lautrbach
hack, Mikhail
[PATCH] selinux: free contexts previously transferred in selinux_add_opt(), Christian Göttsche
- Re: [PATCH] selinux: free contexts previously transferred in selinux_add_opt(), Paul Moore
[PATCH -next] selinux: Fix memleak in security_read_policy, Xiu Jianfeng
- Re: [PATCH -next] selinux: Fix memleak in security_read_policy, Paul Moore
  - Re: [PATCH -next] selinux: Fix memleak in security_read_policy, Ondrej Mosnacek
    - Re: [PATCH -next] selinux: Fix memleak in security_read_policy, Paul Moore
[PATCH 1/4] support Dash as default shell, Christian Göttsche
- [PATCH 2/4] support perf_event_paranoid=3, Christian Göttsche
  - Re: [PATCH 2/4] support perf_event_paranoid=3, Ondrej Mosnacek
- [PATCH 4/4] watchkey: skip if CONFIG_WATCH_QUEUE not set, Christian Göttsche
  - Re: [PATCH 4/4] watchkey: skip if CONFIG_WATCH_QUEUE not set, Ondrej Mosnacek
- [PATCH 3/4] filesystem: allow getfilecon(3) to pass test, Christian Göttsche
  - Re: [PATCH 3/4] filesystem: allow getfilecon(3) to pass test, Ondrej Mosnacek

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]

Powered by Linux