Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

[PATCH 2/4] newrole: silence compiler warnings, (continued)
- [PATCH 2/4] newrole: silence compiler warnings, Christian Göttsche
- [PATCH 3/4] newrole: check for crypt(3) failure, Christian Göttsche
- [PATCH 4/4] newrole: ensure password memory erasure, Christian Göttsche
- Re: [PATCH 1/4] newrole: add Makefile target to test build options, James Carter
  - Re: [PATCH 1/4] newrole: add Makefile target to test build options, James Carter
[PATCH] libsepol: validate expressions by evaluating, Christian Göttsche
- [PATCH v2] libsepol: validate expressions by evaluating, Christian Göttsche
  - Re: [PATCH v2] libsepol: validate expressions by evaluating, James Carter
    - Re: [PATCH v2] libsepol: validate expressions by evaluating, Christian Göttsche
[PATCH] libsepol: NULL pointer offset fix, Christian Göttsche
- Re: [PATCH] libsepol: NULL pointer offset fix, James Carter
  - Re: [PATCH] libsepol: NULL pointer offset fix, James Carter
[PATCH] selinux: fix misuse of mutex_is_locked(), Ondrej Mosnacek
- Re: [PATCH] selinux: fix misuse of mutex_is_locked(), Paul Moore
[PATCH V2] security/selinux: Always allow FIOCLEX and FIONCLEX, Richard Haines
- Re: [PATCH V2] security/selinux: Always allow FIOCLEX and FIONCLEX, Paul Moore
  - Re: [PATCH V2] security/selinux: Always allow FIOCLEX and FIONCLEX, Richard Haines
    - Re: [PATCH V2] security/selinux: Always allow FIOCLEX and FIONCLEX, Ondrej Mosnacek
      - Re: [PATCH V2] security/selinux: Always allow FIOCLEX and FIONCLEX, Richard Haines
        
        Re: [PATCH V2] security/selinux: Always allow FIOCLEX and FIONCLEX, Paul Moore
        
        Re: [PATCH V2] security/selinux: Always allow FIOCLEX and FIONCLEX, Paul Moore
[PATCH testsuite] tests/bpf: use new API if version >= 0.6, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/bpf: use new API if version >= 0.6, Ondrej Mosnacek
[RFC PATCH 2/2] capability: use new capable_or functionality, Christian Göttsche
- [RFC PATCH 1/2] capability: add capable_or to test for multiple caps with exactly one audit message, Christian Göttsche
  - [PATCH v2 2/8] capability: use new capable_or functionality, Christian Göttsche
    - [PATCH v2 3/8] block: use new capable_or functionality, Christian Göttsche
    - [PATCH v2 5/8] fs: use new capable_or functionality, Christian Göttsche
    - [PATCH v2 4/8] drivers: use new capable_or functionality, Christian Göttsche
      - Re: [PATCH v2 4/8] drivers: use new capable_or functionality, Jiri Slaby
      - Re: [PATCH v2 4/8] drivers: use new capable_or functionality, Hans Verkuil
    - [PATCH v2 6/8] kernel: use new capable_or functionality, Christian Göttsche
    - [PATCH v2 7/8] kernel/bpf: use new capable_or functionality, Christian Göttsche
    - [PATCH v2 8/8] net: use new capable_or functionality, Christian Göttsche
      - Re: [PATCH v2 8/8] net: use new capable_or functionality, Serge E. Hallyn
        
        Re: [PATCH v2 8/8] net: use new capable_or functionality, Serge E. Hallyn
    - [PATCH v2 1/8] capability: add capable_or to test for multiple caps with exactly one audit message, Christian Göttsche
      - Re: [PATCH v2 1/8] capability: add capable_or to test for multiple caps with exactly one audit message, Serge E. Hallyn
      - [PATCH v3 2/8] capability: use new capable_any functionality, Christian Göttsche
        
        [PATCH v3 6/8] kernel: use new capable_any functionality, Christian Göttsche
        
        [PATCH v3 7/8] bpf: use new capable_any functionality, Christian Göttsche
        
        [PATCH v3 4/8] drivers: use new capable_any functionality, Christian Göttsche
        
        Re: [PATCH v3 4/8] drivers: use new capable_any functionality, Laurent Pinchart
        
        [PATCH v3 8/8] net: use new capable_any functionality, Christian Göttsche
        
        [PATCH v3 5/8] fs: use new capable_any functionality, Christian Göttsche
        
        Re: [PATCH v3 5/8] fs: use new capable_any functionality, Christian Brauner
        
        Re: [PATCH v3 5/8] fs: use new capable_any functionality, Christian Göttsche
        
        [PATCH v3 1/8] capability: add any wrapper to test for multiple caps with exactly one audit message, Christian Göttsche
        
        Re: [PATCH v3 1/8] capability: add any wrapper to test for multiple caps with exactly one audit message, Serge E. Hallyn
        
        Re: [PATCH v3 1/8] capability: add any wrapper to test for multiple caps with exactly one audit message, Christian Göttsche
        
        Re: [PATCH v3 1/8] capability: add any wrapper to test for multiple caps with exactly one audit message, Paul Moore
        
        Re: [PATCH v3 1/8] capability: add any wrapper to test for multiple caps with exactly one audit message, Paul Moore
        
        Re: [PATCH v3 1/8] capability: add any wrapper to test for multiple caps with exactly one audit message, Paul Moore
        
        [PATCH v3 3/8] block: use new capable_any functionality, Christian Göttsche
        
        Re: [PATCH v3 3/8] block: use new capable_any functionality, Bart Van Assche
- Re: [RFC PATCH 2/2] capability: use new capable_or functionality, Alexei Starovoitov
[PATCH] selinux: log anon inode class name, Christian Göttsche
- Re: [PATCH] selinux: log anon inode class name, Paul Moore
  - Re: [PATCH] selinux: log anon inode class name, Christian Göttsche
- [PATCH v2] selinux: log anon inode class name, Christian Göttsche
  - Re: [PATCH v2] selinux: log anon inode class name, Paul Moore
    - Re: [PATCH v2] selinux: log anon inode class name, Paul Moore
      - Re: [PATCH v2] selinux: log anon inode class name, Christian Göttsche
        
        Re: [PATCH v2] selinux: log anon inode class name, Paul Moore
[PATCH 2/5] selinux: use correct type for context length, Christian Göttsche
- [PATCH 5/5] selinux: drop unnecessary NULL check, Christian Göttsche
  - Re: [PATCH 5/5] selinux: drop unnecessary NULL check, Paul Moore
  - Re: [PATCH 5/5] selinux: drop unnecessary NULL check, Nick Desaulniers
    - Re: [PATCH 5/5] selinux: drop unnecessary NULL check, Christian Göttsche
      - Re: [PATCH 5/5] selinux: drop unnecessary NULL check, Christian Göttsche
        
        Re: [PATCH 5/5] selinux: drop unnecessary NULL check, Ondrej Mosnacek
  - Re: [PATCH 5/5] selinux: drop unnecessary NULL check, Paul Moore
    - Re: [PATCH 5/5] selinux: drop unnecessary NULL check, Nick Desaulniers
      - Re: [PATCH 5/5] selinux: drop unnecessary NULL check, Paul Moore
- [PATCH 3/5] selinux: use consistent pointer types for boolean arrays, Christian Göttsche
  - Re: [PATCH 3/5] selinux: use consistent pointer types for boolean arrays, Paul Moore
    - Re: [PATCH 3/5] selinux: use consistent pointer types for boolean arrays, Christian Göttsche
- [PATCH 4/5] selinux: declare data arrays const, Christian Göttsche
  - Re: [PATCH 4/5] selinux: declare data arrays const, Paul Moore
    - Re: [PATCH 4/5] selinux: declare data arrays const, Nick Desaulniers
      - Re: [PATCH 4/5] selinux: declare data arrays const, Paul Moore
  - [PATCH v2 4/5] selinux: declare data arrays const, Christian Göttsche
    - Re: [PATCH v2 4/5] selinux: declare data arrays const, Paul Moore
    - [PATCH v3] selinux: declare data arrays const, Christian Göttsche
      - Re: [PATCH v3] selinux: declare data arrays const, Paul Moore
- [PATCH 1/5] selinux: drop return statement at end of void functions, Christian Göttsche
  - Re: [PATCH 1/5] selinux: drop return statement at end of void functions, Paul Moore
- Re: [PATCH 2/5] selinux: use correct type for context length, Paul Moore
[PATCH] security: declare member holding string literal const, Christian Göttsche
- Re: [PATCH] security: declare member holding string literal const, Paul Moore
- Re: [PATCH] security: declare member holding string literal const, Casey Schaufler
  - Re: [PATCH] security: declare member holding string literal const, Christian Göttsche
    - Re: [PATCH] security: declare member holding string literal const, Paul Moore
      - Re: [PATCH] security: declare member holding string literal const, Christian Göttsche
        
        Re: [PATCH] security: declare member holding string literal const, Paul Moore
[PATCH] libsemanage: allow spaces in user/group names, Vit Mojzis
- Re: [PATCH] libsemanage: allow spaces in user/group names, James Carter
  - Re: [PATCH] libsemanage: allow spaces in user/group names, James Carter
[PATCH] policycoreutils/fixfiles: Use parallel relabeling, Petr Lautrbach
- Re: [PATCH] policycoreutils/fixfiles: Use parallel relabeling, Ondrej Mosnacek
  - [PATCH v2] policycoreutils/fixfiles: Use parallel relabeling, Petr Lautrbach
    - Re: [PATCH v2] policycoreutils/fixfiles: Use parallel relabeling, Ondrej Mosnacek
      - Re: [PATCH v2] policycoreutils/fixfiles: Use parallel relabeling, James Carter
[PATCH v2] libsepol: Populate and use policy name, Thiébaud Weksteen
- Re: [PATCH v2] libsepol: Populate and use policy name, James Carter
  - Re: [PATCH v2] libsepol: Populate and use policy name, James Carter
[PATCH] python/sepolgen: accept square brackets in FILENAME token, Christian Göttsche
- [PATCH] python/sepolgen: accept square brackets in FILENAME token, Christian Göttsche
  - Re: [PATCH] python/sepolgen: accept square brackets in FILENAME token, James Carter
    - Re: [PATCH] python/sepolgen: accept square brackets in FILENAME token, James Carter
[PATCH testsuite v3] tests/sctp: add client peeloff tests, Ondrej Mosnacek
[PATCH testsuite v2] tests/sctp: add client peeloff tests, Ondrej Mosnacek
[PATCH net v3 0/2] security: fixups for the security hooks in sctp, Ondrej Mosnacek
- [PATCH net v3 1/2] security: add sctp_assoc_established hook, Ondrej Mosnacek
- [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux, Ondrej Mosnacek
  - Re: [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux, Paul Moore
    - Re: [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux, Jakub Kicinski
      - Message not available
        
        Re: [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux, Ondrej Mosnacek
    - Re: [PATCH net v3 2/2] security: implement sctp_assoc_established hook in selinux, Ondrej Mosnacek
- Re: [PATCH net v3 0/2] security: fixups for the security hooks in sctp, Ondrej Mosnacek
- Re: [PATCH net v3 0/2] security: fixups for the security hooks in sctp, Xin Long
- Re: [PATCH net v3 0/2] security: fixups for the security hooks in sctp, Richard Haines
- Re: [PATCH net v3 0/2] security: fixups for the security hooks in sctp, Paul Moore
[PATCH 1/2] libsepol/cil: Don't add constraint if there are no permissions, James Carter
- [PATCH 2/2] libsepol: Don't write out constraint if it has no permissions, James Carter
- Re: [PATCH 1/2] libsepol/cil: Don't add constraint if there are no permissions, James Carter
[PATCH 1/3] libsepol: use correct error type to please UBSAN, Christian Göttsche
- [PATCH 2/3] libsepol: more strict constraint validation, Christian Göttsche
- [PATCH 3/3] libsepol: validate several flags, Christian Göttsche
- Re: [PATCH 1/3] libsepol: use correct error type to please UBSAN, James Carter
  - Re: [PATCH 1/3] libsepol: use correct error type to please UBSAN, James Carter
[PATCH testsuite] tests/binder: Adjust kernel uapi headers check for building, GONG, Ruiqi
- Re: [PATCH testsuite] tests/binder: Adjust kernel uapi headers check for building, Ondrej Mosnacek
[ANNOUNCE][CFP] Linux Security Summit North America 2022, James Morris
- Re: [ANNOUNCE][CFP] Linux Security Summit North America 2022, James Morris
Semantics vs. usage of mutex_is_locked(), Ondrej Mosnacek
- Re: Semantics vs. usage of mutex_is_locked(), Peter Zijlstra
  - Re: Semantics vs. usage of mutex_is_locked(), Ondrej Mosnacek
[PATCH] checkpolicy: allow wildcard permissions in constraints, Christian Göttsche
- Re: [PATCH] checkpolicy: allow wildcard permissions in constraints, James Carter
- [PATCH v2] checkpolicy: allow wildcard permissions in constraints, Christian Göttsche
  - Re: [PATCH v2] checkpolicy: allow wildcard permissions in constraints, James Carter
    - Re: [PATCH v2] checkpolicy: allow wildcard permissions in constraints, James Carter
[PATCH 1/2] libsepol: add sepol_av_perm_to_string, Christian Göttsche
- [PATCH 2/2] libsepol: add policy utilities, Christian Göttsche
  - Re: [PATCH 2/2] libsepol: add policy utilities, Chris PeBenito
- [RFC PATCH v2 1/4] libsepol: add sepol_av_perm_to_string, Christian Göttsche
  - [RFC PATCH v2 2/4] libsepol: introduce sepol_const_security_context_t typedef, Christian Göttsche
  - [RFC PATCH v2 3/4] libsepol: export functions for policy analysis, Christian Göttsche
    - Re: [RFC PATCH v2 3/4] libsepol: export functions for policy analysis, James Carter
  - [RFC PATCH v2 4/4] libsepol: add policy utilities, Christian Göttsche
  - Re: [RFC PATCH v2 1/4] libsepol: add sepol_av_perm_to_string, James Carter
    - Re: [RFC PATCH v2 1/4] libsepol: add sepol_av_perm_to_string, James Carter
[GIT PULL] SELinux fixes for v5.17 (#1), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.17 (#1), pr-tracker-bot
[PATCH userspace v2 0/6] Optionally rebuild policy store only if there were external changes to modules, Ondrej Mosnacek
- [PATCH userspace v2 1/6] libsemanage: add missing include to boolean_record.c, Ondrej Mosnacek
  - Re: [PATCH userspace v2 1/6] libsemanage: add missing include to boolean_record.c, James Carter
    - Re: [PATCH userspace v2 1/6] libsemanage: add missing include to boolean_record.c, James Carter
- [PATCH userspace v2 2/6] semodule,libsemanage: move module hashing into libsemanage, Ondrej Mosnacek
- [PATCH userspace v2 4/6] libsemanage: clean up semanage_direct_commit() a bit, Ondrej Mosnacek
- [PATCH userspace v2 3/6] libsemanage: move compressed file handling into a separate object, Ondrej Mosnacek
- [PATCH userspace v2 5/6] libsemanage: optionally rebuild policy when modules are changed externally, Ondrej Mosnacek
- [PATCH userspace v2 6/6] semodule: add command-line option to detect module changes, Ondrej Mosnacek
[PATCH v32 00/28] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v32 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
- [PATCH v32 02/28] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v32 03/28] LSM: Add the lsmblob data structure., Casey Schaufler
  - Re: [PATCH v32 03/28] LSM: Add the lsmblob data structure., Mickaël Salaün
    - Re: [PATCH v32 03/28] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v32 04/28] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v32 05/28] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v32 06/28] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v32 07/28] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v32 08/28] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v32 09/28] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v32 10/28] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v32 11/28] LSM: Use lsmblob in security_current_getsecid, Casey Schaufler
- [PATCH v32 12/28] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v32 13/28] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v32 14/28] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v32 15/28] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v32 16/28] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v32 17/28] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v32 18/28] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v32 19/28] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v32 20/28] binder: Pass LSM identifier for confirmation, Casey Schaufler
- [PATCH v32 21/28] LSM: Extend security_secid_to_secctx to include module selection, Casey Schaufler
- [PATCH v32 22/28] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
- [PATCH v32 23/28] Audit: Create audit_stamp structure, Casey Schaufler
- [PATCH v32 24/28] Audit: Add framework for auxiliary records, Casey Schaufler
  - Re: [PATCH v32 24/28] Audit: Add framework for auxiliary records, Casey Schaufler
    - Re: [PATCH v32 24/28] Audit: Add framework for auxiliary records, Paul Moore
      - Re: [PATCH v32 24/28] Audit: Add framework for auxiliary records, Casey Schaufler
        
        Re: [PATCH v32 24/28] Audit: Add framework for auxiliary records, Paul Moore
        
        Re: [PATCH v32 24/28] Audit: Add framework for auxiliary records, Casey Schaufler
  - Re: [PATCH v32 24/28] Audit: Add framework for auxiliary records, Paul Moore
    - Re: [PATCH v32 24/28] Audit: Add framework for auxiliary records, Casey Schaufler
      - Re: [PATCH v32 24/28] Audit: Add framework for auxiliary records, Paul Moore
- [PATCH v32 25/28] Audit: Add record for multiple task security contexts, Casey Schaufler
- [PATCH v32 26/28] Audit: Add record for multiple object security contexts, Casey Schaufler
  - Re: [PATCH v32 26/28] Audit: Add record for multiple object security contexts, Paul Moore
    - Re: [PATCH v32 26/28] Audit: Add record for multiple object security contexts, Casey Schaufler
- [PATCH v32 27/28] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v32 28/28] AppArmor: Remove the exclusive flag, Casey Schaufler
[PATCH] selinux: parse contexts for mount options early, Ondrej Mosnacek
- Re: [PATCH] selinux: parse contexts for mount options early, Paul Moore
[PATCH v2] selinux: fix double free of cond_list on error paths, vbendel
- Re: [PATCH v2] selinux: fix double free of cond_list on error paths, Paul Moore
kmod and unsigned modules, Russell Coker
- Re: kmod and unsigned modules, Chris PeBenito
[PATCH v3 0/2] selinux: parse sids earlier to avoid doing memory allocations under spinlock, Scott Mayhew
- [PATCH v3 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Scott Mayhew
- [PATCH v3 2/2] selinux: try to use preparsed sid before calling parse_sid(), Scott Mayhew
- Re: [PATCH v3 0/2] selinux: parse sids earlier to avoid doing memory allocations under spinlock, Paul Moore
[PATCH] libsepol: do not add gaps to string list, Christian Göttsche
- Re: [PATCH] libsepol: do not add gaps to string list, James Carter
  - Re: [PATCH] libsepol: do not add gaps to string list, James Carter
[PATCH] libsepol: Populate and use policy name, Thiébaud Weksteen
- Re: [PATCH] libsepol: Populate and use policy name, Christian Göttsche
[PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths, vbendel
- [PATCH 2/3] selinux: fix double free of cond_list on error paths, vbendel
- [PATCH 1/3] selinux: consistently clear cond_list on error paths, vbendel
  - Re: [PATCH 1/3] selinux: consistently clear cond_list on error paths, Paul Moore
    - Re: [PATCH 1/3] selinux: consistently clear cond_list on error paths, Paul Moore
      - Re: [PATCH 1/3] selinux: consistently clear cond_list on error paths, Vratislav Bendel
- [PATCH 3/3] selinux: remove duplicate cond_list clean up calls, vbendel
  - Re: [PATCH 3/3] selinux: remove duplicate cond_list clean up calls, Paul Moore
- Re: [PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths, Ondrej Mosnacek
[PATCH v2] selinux: various sparse fixes, Paul Moore
- Re: [PATCH v2] selinux: various sparse fixes, Ondrej Mosnacek
  - Re: [PATCH v2] selinux: various sparse fixes, Paul Moore
    - Re: [PATCH v2] selinux: various sparse fixes, Ondrej Mosnacek
      - Re: [PATCH v2] selinux: various sparse fixes, Paul Moore
        
        Re: [PATCH v2] selinux: various sparse fixes, Paul Moore
[PATCH v2] selinux: fix a type cast problem in cred_init_security(), Paul Moore
- Re: [PATCH v2] selinux: fix a type cast problem in cred_init_security(), Paul Moore
[PATCH] selinux: various sparse fixes, Paul Moore
- Re: [PATCH] selinux: various sparse fixes, Paul Moore
[PATCH] selinux: fix a type cast problem in cred_init_security(), Paul Moore
- Re: [PATCH] selinux: fix a type cast problem in cred_init_security(), Christian Göttsche
  - Re: [PATCH] selinux: fix a type cast problem in cred_init_security(), Paul Moore
- Re: [PATCH] selinux: fix a type cast problem in cred_init_security(), Ondrej Mosnacek
  - Re: [PATCH] selinux: fix a type cast problem in cred_init_security(), Paul Moore
    - Re: [PATCH] selinux: fix a type cast problem in cred_init_security(), Ondrej Mosnacek
[PATCH] libselinux: Prevent cached context giving wrong results, Johannes Segitz
- Re: [PATCH] libselinux: Prevent cached context giving wrong results, Nicolas Iooss
[PATCH] policycoreutils: handle argument counter of zero, Christian Göttsche
- Re: [PATCH] policycoreutils: handle argument counter of zero, James Carter
  - Re: [PATCH] policycoreutils: handle argument counter of zero, James Carter
Re: [PATCH] LSM: general protection fault in legacy_parse_param, Paul Moore
- Re: [PATCH] LSM: general protection fault in legacy_parse_param, Casey Schaufler
  - Re: [PATCH] LSM: general protection fault in legacy_parse_param, Paul Moore
- Re: [PATCH] LSM: general protection fault in legacy_parse_param, Christian Brauner
  - Re: [PATCH] LSM: general protection fault in legacy_parse_param, Paul Moore
- [PATCH v2] LSM: general protection fault in legacy_parse_param, Casey Schaufler
  - Re: [PATCH v2] LSM: general protection fault in legacy_parse_param, James Morris
    - Re: [PATCH v2] LSM: general protection fault in legacy_parse_param, Paul Moore
      - Re: [PATCH v2] LSM: general protection fault in legacy_parse_param, Casey Schaufler
  - Re: [PATCH v2] LSM: general protection fault in legacy_parse_param, Christian Brauner
[PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Demi Marie Obenour
- Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Paul Moore
  - Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Demi Marie Obenour
    - Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Paul Moore
      - Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Demi Marie Obenour
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Paul Moore
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Demi Marie Obenour
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Paul Moore
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Chris PeBenito
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Dominick Grift
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Demi Marie Obenour
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, William Roberts
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Chris PeBenito
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Dominick Grift
        
        RE: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, David Laight
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Jeffrey Vander Stoep
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Paul Moore
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Christian Göttsche
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Paul Moore
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Demi Marie Obenour
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Richard Haines
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Richard Haines
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Demi Marie Obenour
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, William Roberts
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Demi Marie Obenour
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, William Roberts
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Demi Marie Obenour
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, William Roberts
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, William Roberts
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Paul Moore
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, William Roberts
        
        Re: [PATCH] SELinux: Always allow FIOCLEX and FIONCLEX, Paul Moore
[RFC PATCH] selinux: split no transition execve check, Christian Göttsche
- Re: [RFC PATCH] selinux: split no transition execve check, Paul Moore
  - Re: [RFC PATCH] selinux: split no transition execve check, Chris PeBenito
    - Re: [RFC PATCH] selinux: split no transition execve check, Paul Moore
      - Re: [RFC PATCH] selinux: split no transition execve check, Christian Göttsche
[RFC PATCH] mm: create security context for memfd_secret inodes, Christian Göttsche
- Re: [RFC PATCH] mm: create security context for memfd_secret inodes, Paul Moore
  - Re: [RFC PATCH] mm: create security context for memfd_secret inodes, Christian Göttsche
    - Re: [RFC PATCH] mm: create security context for memfd_secret inodes, Paul Moore
      - Re: [RFC PATCH] mm: create security context for memfd_secret inodes, Christian Göttsche
        
        Re: [RFC PATCH] mm: create security context for memfd_secret inodes, Paul Moore
        
        Re: [RFC PATCH] mm: create security context for memfd_secret inodes, Paul Moore
[PATCH 2/9] selinux: declare path parameters of _genfs_sid const, Christian Göttsche
- [PATCH 3/9] selinux: declare name parameter of hash_eval const, Christian Göttsche
  - Re: [PATCH 3/9] selinux: declare name parameter of hash_eval const, Paul Moore
- [PATCH 7/9] selinux: do not discard const qualifier in cast, Christian Göttsche
  - Re: [PATCH 7/9] selinux: do not discard const qualifier in cast, Paul Moore
- [PATCH 8/9] selinux: simplify cred_init_security, Christian Göttsche
  - Re: [PATCH 8/9] selinux: simplify cred_init_security, Paul Moore
- [PATCH 9/9] selinux: drop unused macro, Christian Göttsche
  - Re: [PATCH 9/9] selinux: drop unused macro, Nick Desaulniers
  - Re: [PATCH 9/9] selinux: drop unused macro, Paul Moore
- [PATCH 4/9] selinux: enclose macro arguments in parenthesis, Christian Göttsche
  - Re: [PATCH 4/9] selinux: enclose macro arguments in parenthesis, Nick Desaulniers
  - Re: [PATCH 4/9] selinux: enclose macro arguments in parenthesis, Paul Moore
- [PATCH 5/9] selinux: drop cast to same type, Christian Göttsche
  - Re: [PATCH 5/9] selinux: drop cast to same type, Paul Moore
- [PATCH 6/9] selinux: drop unused parameter of avtab_insert_node, Christian Göttsche
  - Re: [PATCH 6/9] selinux: drop unused parameter of avtab_insert_node, Paul Moore
- [PATCH 1/9] selinux: check return value of sel_make_avc_files, Christian Göttsche
  - Re: [PATCH 1/9] selinux: check return value of sel_make_avc_files, Nick Desaulniers
  - Re: [PATCH 1/9] selinux: check return value of sel_make_avc_files, Paul Moore
- Re: [PATCH 2/9] selinux: declare path parameters of _genfs_sid const, Paul Moore
[PATCH] libsepol: invert only valid range of role bitmap, Christian Göttsche
- Re: [PATCH] libsepol: invert only valid range of role bitmap, James Carter
  - Re: [PATCH] libsepol: invert only valid range of role bitmap, James Carter
[PATCH -next] selinux: access superblock_security_struct in LSM blob way, GONG, Ruiqi
- Re: [PATCH -next] selinux: access superblock_security_struct in LSM blob way, Casey Schaufler
- Re: [PATCH -next] selinux: access superblock_security_struct in LSM blob way, Paul Moore
[PATCH] libselinux: Cached security context not accurate, Johannes Segitz
- Re: [PATCH] libselinux: Cached security context not accurate, Christian Göttsche
  - Re: [PATCH] libselinux: Cached security context not accurate, Johannes Segitz
    - Re: [PATCH] libselinux: Cached security context not accurate, Petr Lautrbach
[PATCH RFC v2 0/2] selinux: parse sids earlier to avoid doing memory allocations under spinlock, Scott Mayhew
- [PATCH RFC v2 2/2] selinux: try to use preparsed sid before calling parse_sid(), Scott Mayhew
- [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Scott Mayhew
  - Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Paul Moore
    - Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Scott Mayhew
      - Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Paul Moore
        
        Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Scott Mayhew
        
        Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Paul Moore
        
        Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Scott Mayhew
        
        Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Paul Moore
  - Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Ondrej Mosnacek
    - Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Paul Moore
      - Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Ondrej Mosnacek
        
        Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Paul Moore
        
        Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Ondrej Mosnacek
        
        Re: [PATCH RFC v2 1/2] selinux: Fix selinux_sb_mnt_opts_compat(), Paul Moore
[libselinux][PATCH] libselinux: make threadsafe for discover_class_cache, Purushottam Choudhary
[PATCH 0/4 v2] libsepol/cil: Limit certain error and warning reports, James Carter
- [PATCH 1/4 v2] libsepol/cil: Add cil_get_log_level() function, James Carter
- [PATCH 2/4 v2] libsepol/cil: Provide more control over reporting bounds failures, James Carter
- [PATCH 3/4 v2] libsepol/cil: Limit the neverallow violations reported, James Carter
- [PATCH 4/4 v2] libsepol/cil: Limit the amount of reporting for context rule conflicts, James Carter
- Re: [PATCH 0/4 v2] libsepol/cil: Limit certain error and warning reports, James Carter
  - Re: [PATCH 0/4 v2] libsepol/cil: Limit certain error and warning reports, James Carter
[PATCH] libsepol: drop trailing newlines in log messages, Christian Göttsche
- Re: [PATCH] libsepol: drop trailing newlines in log messages, James Carter
  - Re: [PATCH] libsepol: drop trailing newlines in log messages, James Carter
[PATCH] libsepol: return failure on saturated class name length, Christian Göttsche
- Re: [PATCH] libsepol: return failure on saturated class name length, James Carter
  - Re: [PATCH] libsepol: return failure on saturated class name length, James Carter
[PATCH RFC] selinux: Fix selinux_sb_mnt_opts_compat(), Scott Mayhew
[PATCH] libsepol: reject invalid roles before inverting, Christian Göttsche
- Re: [PATCH] libsepol: reject invalid roles before inverting, James Carter
  - Re: [PATCH] libsepol: reject invalid roles before inverting, Christian Göttsche
    - Re: [PATCH] libsepol: reject invalid roles before inverting, James Carter
[PATCH 1/2] libsepol/cil: Limit the amount of reporting for neverallow violations, James Carter
- [PATCH 2/2] libsepol/cil: Limit the amount of reporting for context rule conflicts, James Carter
- Re: [PATCH 1/2] libsepol/cil: Limit the amount of reporting for neverallow violations, bauen1
  - Re: [PATCH 1/2] libsepol/cil: Limit the amount of reporting for neverallow violations, James Carter
    - Re: [PATCH 1/2] libsepol/cil: Limit the amount of reporting for neverallow violations, bauen1
      - Re: [PATCH 1/2] libsepol/cil: Limit the amount of reporting for neverallow violations, bauen1
        
        Re: [PATCH 1/2] libsepol/cil: Limit the amount of reporting for neverallow violations, James Carter
[PATCH] libselinux: Strip spaces before values in config, Vit Mojzis
- Re: [PATCH] libselinux: Strip spaces before values in config, Christian Göttsche
  - Re: [PATCH] libselinux: Strip spaces before values in config, Vit Mojzis
    - [PATCH v2] libselinux: Strip spaces before values in config, Vit Mojzis
      - Re: [PATCH v2] libselinux: Strip spaces before values in config, Christian Göttsche
        
        Re: [PATCH v2] libselinux: Strip spaces before values in config, Vit Mojzis
        
        Re: [PATCH v2] libselinux: Strip spaces before values in config, James Carter
      - Re: [PATCH v2] libselinux: Strip spaces before values in config, James Carter
        
        Re: [PATCH v2] libselinux: Strip spaces before values in config, James Carter
[PATCH] libsepol/cil: Ensure that the class in a classcommon is a kernel class, James Carter
- Re: [PATCH] libsepol/cil: Ensure that the class in a classcommon is a kernel class, James Carter
  - Re: [PATCH] libsepol/cil: Ensure that the class in a classcommon is a kernel class, James Carter
[RFC PATCH userspace 0/5] Allow rebuilding policy store only if there were external changes to modules, Ondrej Mosnacek
- [RFC PATCH userspace 1/5] libsemanage: add missing include to boolean_record.c, Ondrej Mosnacek
- [RFC PATCH userspace 2/5] semodule,libsemanage: move module hashing into libsemanage, Ondrej Mosnacek
  - Re: [RFC PATCH userspace 2/5] semodule,libsemanage: move module hashing into libsemanage, James Carter
    - Re: [RFC PATCH userspace 2/5] semodule,libsemanage: move module hashing into libsemanage, Ondrej Mosnacek
      - Re: [RFC PATCH userspace 2/5] semodule,libsemanage: move module hashing into libsemanage, Petr Lautrbach
- [RFC PATCH userspace 3/5] libsemanage: move compressed file handling into a separate object, Ondrej Mosnacek
  - Re: [RFC PATCH userspace 3/5] libsemanage: move compressed file handling into a separate object, James Carter
- [RFC PATCH userspace 5/5] semodule: add command-line option to detect module changes, Ondrej Mosnacek
  - Re: [RFC PATCH userspace 5/5] semodule: add command-line option to detect module changes, Christian Göttsche
    - Re: [RFC PATCH userspace 5/5] semodule: add command-line option to detect module changes, James Carter
  - Re: [RFC PATCH userspace 5/5] semodule: add command-line option to detect module changes, James Carter
- [RFC PATCH userspace 4/5] libsemanage: optionally rebuild policy when modules are changed externally, Ondrej Mosnacek
  - Re: [RFC PATCH userspace 4/5] libsemanage: optionally rebuild policy when modules are changed externally, James Carter
    - Re: [RFC PATCH userspace 4/5] libsemanage: optionally rebuild policy when modules are changed externally, Ondrej Mosnacek
[PATCH testsuite] tests/binder: Build only for 4.11 and later kernels, GONG, Ruiqi
- Re: [PATCH testsuite] tests/binder: Build only for 4.11 and later kernels, Ondrej Mosnacek
  - Re: [PATCH testsuite] tests/binder: Build only for 4.11 and later kernels, Gong Ruiqi
[PATCH 0/2 RFC] libsepol: Adding support for not-self rules, James Carter
- [PATCH 1/2 RFC] libsepol: Add not self support for neverallow rules, James Carter
- [PATCH 2/2 RFC] libsepol/cil: Add notself and minusself support to CIL, James Carter
- Re: [PATCH 0/2 RFC] libsepol: Adding support for not-self rules, Christian Göttsche
[PATCH 00/16 v2] Refactor and fix assertion checking, James Carter
- [PATCH 01/16 v2] libsepol: Return an error if check_assertion() returns an error., James Carter
- [PATCH 02/16 v2] libsepol: Change label in check_assertion_avtab_match(), James Carter
- [PATCH 05/16 v2] libsepol: Use consistent return checking style, James Carter
- [PATCH 04/16 v2] libsepol: Check for error from check_assertion_extended_permissions(), James Carter
- [PATCH 03/16 v2] libsepol: Remove uneeded error messages in assertion checking, James Carter
- [PATCH 08/16 v2] libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions, James Carter
- [PATCH 07/16 v2] libsepol: Create function check_assertion_self_match() and use it, James Carter
- [PATCH 06/16 v2] libsepol: Move check of target types to before check for self, James Carter
- [PATCH 09/16 v2] libsepol: Remove unnessesary check for matching class, James Carter
- [PATCH 10/16 v2] libsepol: Move assigning outer loop index out of inner loop, James Carter
- [PATCH 11/16 v2] libsepol: Make use of previously created ebitmap when checking self, James Carter
- [PATCH 12/16 v2] libsepol: Refactor match_any_class_permissions() to be clearer, James Carter
- [PATCH 13/16 v2] libsepol: Make return value clearer when reporting neverallowx errors, James Carter
- [PATCH 14/16 v2] libsepol: The src and tgt must be the same if neverallow uses self, James Carter
- [PATCH 15/16 v2] libsepol: Set args avtab pointer when reporting assertion violations, James Carter
- [PATCH 16/16 v2] libsepol: Fix two problems with neverallowxperm reporting, James Carter
- Re: [PATCH 00/16 v2] Refactor and fix assertion checking, James Carter
  - Re: [PATCH 00/16 v2] Refactor and fix assertion checking, James Carter
[GIT PULL] SELinux patches for v5.17, Paul Moore
- Re: [GIT PULL] SELinux patches for v5.17, pr-tracker-bot
[PATCH] policycoreutils: Improve error message when selabel_open fails, Vit Mojzis
- Re: [PATCH] policycoreutils: Improve error message when selabel_open fails, William Roberts
  - Re: [PATCH] policycoreutils: Improve error message when selabel_open fails, William Roberts
[PATCH] libsepol: check for saturated class name length, Christian Göttsche
- Re: [PATCH] libsepol: check for saturated class name length, James Carter
  - Re: [PATCH] libsepol: check for saturated class name length, James Carter
ANN: Reference Policy 2.20220106, Chris PeBenito
[PATCH 1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block, James Carter
- [PATCH 2/3] libsepol/cil: Mark as abstract all sub-blocks of an abstract block, James Carter
- [PATCH 3/3] libsepol/cil: Do not resolve names to declarations in abstract blocks, James Carter
- Re: [PATCH 1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block, James Carter
  - Re: [PATCH 1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block, James Carter
[GIT PULL] SELinux fixes for v5.16 (#4), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.16 (#4), pr-tracker-bot
[PATCH] selinux: initialize proto variable in selinux_ip_postroute_compat(), trix
- Re: [PATCH] selinux: initialize proto variable in selinux_ip_postroute_compat(), Paul Moore
[PATCH] libsepol: handle type gaps when optimizing, Christian Göttsche
- Re: [PATCH] libsepol: handle type gaps when optimizing, James Carter
- [PATCH v2] libsepol: handle type gaps, Christian Göttsche
  - Re: [PATCH v2] libsepol: handle type gaps, James Carter
    - Re: [PATCH v2] libsepol: handle type gaps, Christian Göttsche
      - Re: [PATCH v2] libsepol: handle type gaps, James Carter
- [PATCH v3] libsepol: handle type gaps, Christian Göttsche
  - Re: [PATCH v3] libsepol: handle type gaps, James Carter
    - Re: [PATCH v3] libsepol: handle type gaps, James Carter
[PATCH v2] libsepol: check for valid sensitivity before lookup, Christian Göttsche
- Re: [PATCH v2] libsepol: check for valid sensitivity before lookup, James Carter
  - Re: [PATCH v2] libsepol: check for valid sensitivity before lookup, James Carter
[PATCH] libsepol: check for valid sensitivity before lookup, Christian Göttsche
[PATCH] selinux: minor tweaks to selinux_add_opt(), Paul Moore
- Re: [PATCH] selinux: minor tweaks to selinux_add_opt(), Paul Moore
Granting myself access on oss-fuzz issue reports, Christian Göttsche
- Re: Granting myself access on oss-fuzz issue reports, Petr Lautrbach
[PATCH] libsepol/cil: bail out on snprintf failure, Christian Göttsche
- Re: [PATCH] libsepol/cil: bail out on snprintf failure, James Carter
  - Re: [PATCH] libsepol/cil: bail out on snprintf failure, James Carter
[GIT PULL] SELinux fixes for v5.16 (#3), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.16 (#3), Linus Torvalds
  - Re: [GIT PULL] SELinux fixes for v5.16 (#3), Olga Kornievskaia
    - Re: [GIT PULL] SELinux fixes for v5.16 (#3), Linus Torvalds
      - Re: [GIT PULL] SELinux fixes for v5.16 (#3), Olga Kornievskaia
- Re: [GIT PULL] SELinux fixes for v5.16 (#3), pr-tracker-bot
[PATCH 00/16] Refactor and fix assertion checking, James Carter
- [PATCH 01/16] libsepol: Return an error if check_assertion() returns an error., James Carter
- [PATCH 02/16] libsepol: Change label in check_assertion_avtab_match(), James Carter
- [PATCH 03/16] libsepol: Remove uneeded error messages in assertion checking, James Carter
- [PATCH 04/16] libsepol: Check for error from check_assertion_extended_permissions(), James Carter
- [PATCH 05/16] libsepol: Use consistent return checking style, James Carter
- [PATCH 06/16] libsepol: Move check of target types to before check for self, James Carter
- [PATCH 07/16] libsepol: Create function check_assertion_self_match() and use it, James Carter
- [PATCH 09/16] libsepol: Remove unnessesary check for matching class, James Carter
- [PATCH 10/16] libsepol: Move assigning outer loop index out of inner loop, James Carter
- [PATCH 11/16] libsepol: Make use of previously created ebitmap when checking self, James Carter
- [PATCH 12/16] libsepol: Refactor match_any_class_permissions() to be clearer, James Carter
- [PATCH 13/16] libsepol: Make return value clearer when reporting neverallowx errors, James Carter
- [PATCH 14/16] libsepol: The src and tgt must be the same if neverallow uses self, James Carter
- [PATCH 15/16] libsepol: Set args avtab pointer when reporting assertion violations, James Carter
- [PATCH 16/16] libsepol: Fix two problems with neverallowxperm reporting, James Carter
- [PATCH 08/16] libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions, James Carter
- Re: [PATCH 00/16] Refactor and fix assertion checking, James Carter
[PATCH] selinux-notebook: Add epub build, Richard Haines
- Re: [PATCH] selinux-notebook: Add epub build, Paul Moore
[PATCH v2] selinux: Fix sleeping function called from invalid context, Scott Mayhew
- Re: [PATCH v2] selinux: Fix sleeping function called from invalid context, Paul Moore
[PATCH] selinux: Fix sleeping function called from invalid context, Scott Mayhew
- Re: [PATCH] selinux: Fix sleeping function called from invalid context, Paul Moore
[PATCH] selinux: fix a wrong check condition of strcmp(), xkernel . wang
- Re: [PATCH] selinux: fix a wrong check condition of strcmp(), Stephen Smalley
  - Re: [PATCH] selinux: fix a wrong check condition of strcmp(), Xiaoke Wang
[PATCH] selinux: check the return value of audit_log_start(), xkernel . wang
- Re: [PATCH] selinux: check the return value of audit_log_start(), Paul Moore
- <Possible follow-ups>
- [PATCH] selinux: check the return value of audit_log_start(), xkernel . wang
- Re:[PATCH] selinux: check the return value of audit_log_start(), Xiaoke Wang
[PATCH v31 00/28] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v31 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
  - Re: [PATCH v31 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, kernel test robot
- [PATCH v31 02/28] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v31 03/28] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v31 04/28] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v31 05/28] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v31 06/28] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v31 07/28] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v31 08/28] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v31 09/28] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v31 10/28] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v31 11/28] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v31 12/28] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v31 13/28] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
  - Re: [PATCH v31 13/28] LSM: Use lsmblob in security_cred_getsecid, kernel test robot
- [PATCH v31 14/28] LSM: Specify which LSM to display, Casey Schaufler
  - Re: [PATCH v31 14/28] LSM: Specify which LSM to display, Christian Göttsche
    - Re: [PATCH v31 14/28] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v31 15/28] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v31 16/28] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v31 17/28] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v31 18/28] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v31 19/28] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v31 20/28] binder: Pass LSM identifier for confirmation, Casey Schaufler
- [PATCH v31 21/28] LSM: Extend security_secid_to_secctx to include module selection, Casey Schaufler
- [PATCH v31 22/28] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
- [PATCH v31 23/28] Audit: Create audit_stamp structure, Casey Schaufler
- [PATCH v31 24/28] Audit: Add framework for auxiliary records, Casey Schaufler
- [PATCH v31 25/28] Audit: Add record for multiple task security contexts, Casey Schaufler
- [PATCH v31 26/28] Audit: Add record for multiple object security contexts, Casey Schaufler
  - Re: [PATCH v31 26/28] Audit: Add record for multiple object security contexts, kernel test robot
  - Re: [PATCH v31 26/28] Audit: Add record for multiple object security contexts, kernel test robot
- [PATCH v31 27/28] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v31 28/28] AppArmor: Remove the exclusive flag, Casey Schaufler
[PATCH V2 0/4] SELinux Notebook: Add eBook reader build, Richard Haines
- [PATCH V2 3/4] src/images: Add new SELinux penguin, Richard Haines
  - Re: [PATCH V2 3/4] src/images: Add new SELinux penguin, Paul Moore
- [PATCH V2 4/4] selinux-notebook: Add epub build, Richard Haines
  - Re: [PATCH V2 4/4] selinux-notebook: Add epub build, Paul Moore
    - Re: [PATCH V2 4/4] selinux-notebook: Add epub build, Richard Haines
      - Re: [PATCH V2 4/4] selinux-notebook: Add epub build, Paul Moore
- [PATCH V2 1/4] selinux-notebook: Make file links consistent, Richard Haines
  - Re: [PATCH V2 1/4] selinux-notebook: Make file links consistent, Paul Moore
- [PATCH V2 2/4] src/images: Remove current penguin, Richard Haines
[PATCH v2] secilc: kernel policy language is infix, Topi Miettinen
- Re: [PATCH v2] secilc: kernel policy language is infix, James Carter
  - Re: [PATCH v2] secilc: kernel policy language is infix, James Carter
[PATCH v4] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
- Re: [PATCH v4] selinux-notebook: New chapter: Hardening SELinux, Paul Moore
overlay userxattr seems to not adhere to defaultrole, Dominick Grift
[PATCH v3] security/selinux: fix potential memleak in error branch, Bernard Zhao
- Re: [PATCH v3] security/selinux: fix potential memleak in error branch, Paul Moore
[PATCH 0/4] SELinux Notebook: Add eBook reader build, Richard Haines
- [PATCH 1/4] selinux-notebook: Make file links consistent, Richard Haines
- [PATCH 2/4] src/images: Remove current penguin, Richard Haines
  - Re: [PATCH 2/4] src/images: Remove current penguin, Daniel Burgener
- [PATCH 4/4] selinux-notebook: Add epub build, Richard Haines
- Re: [PATCH 0/4] SELinux Notebook: Add eBook reader build, Daniel Burgener
  - Re: [PATCH 0/4] SELinux Notebook: Add eBook reader build, Richard Haines
[RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, David Howells
- [RFC PATCH 2/2] security, nfs: Provide a hook for fs_context security initialisation, David Howells
- Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, Paul Moore
- Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, David Howells
  - Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, Paul Moore
[PATCH V2 0/7] Various SELinux Notebook updates, Richard Haines
- [PATCH V2 4/7] policy_config_files.md: Update openrc_contexts contents, Richard Haines
  - Re: [PATCH V2 4/7] policy_config_files.md: Update openrc_contexts contents, Paul Moore
- [PATCH V2 1/7] notebook: Minor formatting fixes, Richard Haines
  - Re: [PATCH V2 1/7] notebook: Minor formatting fixes, Paul Moore
- [PATCH V2 6/7] policy_config_files.md: Update snapperd_contexts contents, Richard Haines
  - Re: [PATCH V2 6/7] policy_config_files.md: Update snapperd_contexts contents, Paul Moore
- [PATCH V2 2/7] object_classes_permissions.md: Correct the context object class entry, Richard Haines
  - Re: [PATCH V2 2/7] object_classes_permissions.md: Correct the context object class entry, Paul Moore
- [PATCH V2 7/7] title.md: Clarify example code location, Richard Haines
  - Re: [PATCH V2 7/7] title.md: Clarify example code location, Paul Moore
- [PATCH V2 3/7] object_classes_permissions.md: Deprecate lockdown class, Richard Haines
  - Re: [PATCH V2 3/7] object_classes_permissions.md: Deprecate lockdown class, Paul Moore
- [PATCH V2 5/7] policy_config_files.md: Update openssh_contexts contents, Richard Haines
  - Re: [PATCH V2 5/7] policy_config_files.md: Update openssh_contexts contents, Paul Moore
[PATCH] security,selinux: remove security_add_mnt_opt(), Ondrej Mosnacek
- Re: [PATCH] security,selinux: remove security_add_mnt_opt(), Casey Schaufler
- Re: [PATCH] security,selinux: remove security_add_mnt_opt(), Paul Moore
- Re: [PATCH] security,selinux: remove security_add_mnt_opt(), James Morris
[PATCH v2] security/selinux: fix potential memleak in error branch, Bernard Zhao
- Re: [PATCH v2] security/selinux: fix potential memleak in error branch, Ondrej Mosnacek
- Message not available
  - 答复: [PATCH v2] security/selinux: fix potential memleak in error branch, 赵军奎
    - Re: [PATCH v2] security/selinux: fix potential memleak in error branch, Ondrej Mosnacek
[PATCH 0/7] Various SELinux Notebook updates, Richard Haines
- [PATCH 1/7] notebook: Minor formatting fixes, Richard Haines
- [PATCH 3/7] object_classes_permissions.md: Deprecate lockdown class, Richard Haines
- [PATCH 2/7] object_classes_permissions.md: Correct the context object class entry, Richard Haines
- [PATCH 5/7] policy_config_files.md: Update openssh_contexts contents, Richard Haines
  - Re: [PATCH 5/7] policy_config_files.md: Update openssh_contexts contents, Dominick Grift
- [PATCH 4/7] policy_config_files.md: Update openrc_contexts contents, Richard Haines
- [PATCH 7/7] title.md: Clarify example code location, Richard Haines
- [PATCH 6/7] policy_config_files.md: Update snapperd_contexts contents, Richard Haines
[PATCH -next] selinux: Use struct_size() helper in kmalloc(), Xiu Jianfeng
- Re: [PATCH -next] selinux: Use struct_size() helper in kmalloc(), Paul Moore
[PATCH] security/selinux: fix potential memleak, Bernard Zhao
- Re: [PATCH] security/selinux: fix potential memleak, Paul Moore
  - Re: [PATCH] security/selinux: fix potential memleak, Ondrej Mosnacek
  - Message not available
    - 答复: [PATCH] security/selinux: fix potential memleak, 赵军奎
[PATCH] security/selinux: fix potential memleak in error branch, Bernard Zhao
- Re: [PATCH] security/selinux: fix potential memleak in error branch, Paul Moore
- Message not available
  - 答复: [PATCH] security/selinux: fix potential memleak in error branch, 赵军奎
[PATCH 1/2] libsepol/cil: support IPv4/IPv6 address embedding, Christian Göttsche
- [PATCH 2/2] checkpolicy: warn on bogus IP address or netmask in nodecon statement, Christian Göttsche
  - Re: [PATCH 2/2] checkpolicy: warn on bogus IP address or netmask in nodecon statement, James Carter
- Re: [PATCH 1/2] libsepol/cil: support IPv4/IPv6 address embedding, James Carter
  - Re: [PATCH 1/2] libsepol/cil: support IPv4/IPv6 address embedding, James Carter
[PATCH XSERVER 1/2] selinux: remap security classes on policyload, Christian Göttsche
- [PATCH XSERVER 2/2] selinux: log events with appropriate audit type, Christian Göttsche
[PATCH] libsepol: free ebitmap on end of function, Christian Göttsche
[PATCH V2 testsuite] tests/inet_socket: Add socket transition tests, Richard Haines
[PATCH 5.15 222/279] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
[PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
- Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Jari Ruusu
  - Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
    - Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
      - Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
        
        Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Christian Göttsche
        
        Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
        
        Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
[PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS, Jacob M Cutright
- Re: [PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS, Petr Lautrbach
  - Re: [PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS, Petr Lautrbach
[PATCH v30 00/28] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v30 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
  - Re: [PATCH v30 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, Paul Moore
- [PATCH v30 02/28] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v30 03/28] LSM: Add the lsmblob data structure., Casey Schaufler
  - Re: [PATCH v30 03/28] LSM: Add the lsmblob data structure., Paul Moore
- [PATCH v30 04/28] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v30 05/28] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
  - Re: [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match, kernel test robot
  - Re: [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match, Paul Moore
- [PATCH v30 07/28] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v30 08/28] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v30 09/28] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v30 10/28] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v30 11/28] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v30 12/28] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v30 13/28] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v30 14/28] LSM: Specify which LSM to display, Casey Schaufler
  - Re: [PATCH v30 14/28] LSM: Specify which LSM to display, Christian Göttsche
    - Re: [PATCH v30 14/28] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v30 15/28] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v30 16/28] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v30 17/28] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v30 18/28] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v30 19/28] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v30 20/28] binder: Pass LSM identifier for confirmation, Casey Schaufler
- [PATCH v30 21/28] LSM: Extend security_secid_to_secctx to include module selection, Casey Schaufler
- [PATCH v30 22/28] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
  - Re: [PATCH v30 22/28] Audit: Keep multiple LSM data in audit_names, Paul Moore
- [PATCH v30 23/28] Audit: Create audit_stamp structure, Casey Schaufler
  - Re: [PATCH v30 23/28] Audit: Create audit_stamp structure, Paul Moore

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]