Security Enhanced Linux (SELINUX)
[Prev Page][Next Page]
- Re: [PATCH] firmware_loader: use kernel credentials when reading firmware, (continued)
- [PATCH] sepolgen: Update permission map,
Petr Lautrbach
- [PATCH v2] libsepol: Replace calls to mallocarray() with calls to calloc(),
James Carter
- [PATCH 1/3] libsemanage: Fix USE_AFTER_FREE (CWE-672) in semanage_direct_get_module_info(),
Petr Lautrbach
- [PATCH] policycoreutils/setfiles: Improve description of -d switch,
Petr Lautrbach
- Translate or not?,
Petr Lautrbach
- [PATCH 4/5] selinux: Remove redundant assignments,
Michal Orzel
- [RFC PATCH 1/4] libsepol/cil: declare file local functions static,
Christian Göttsche
- [PATCH] libselinux/utils: check for valid contexts to improve error causes,
Christian Göttsche
- [PATCH 1/2] libsepol: mark immutable mls and context parameter const,
Christian Göttsche
- [PATCH] libsepol: add missing oom checks,
Christian Göttsche
- [PATCH] libsepol/cil: silence GCC 12 array-bounds false positive,
Christian Göttsche
- [PATCH] libsepol: Replace calls to mallocarray() with calls to calloc(), James Carter
- Lets start with 3.4 userspace release,
Petr Lautrbach
- [PATCH AUTOSEL 4.9 1/8] selinux: use correct type for context length, Sasha Levin
- [PATCH AUTOSEL 4.14 1/8] selinux: use correct type for context length, Sasha Levin
- [PATCH AUTOSEL 4.19 01/12] selinux: use correct type for context length, Sasha Levin
- [PATCH AUTOSEL 5.4 01/16] LSM: general protection fault in legacy_parse_param,
Sasha Levin
- [PATCH AUTOSEL 5.15 01/29] LSM: general protection fault in legacy_parse_param,
Sasha Levin
- [PATCH AUTOSEL 5.10 01/21] LSM: general protection fault in legacy_parse_param,
Sasha Levin
- [PATCH AUTOSEL 5.16 01/35] LSM: general protection fault in legacy_parse_param,
Sasha Levin
- [PATCH AUTOSEL 5.17 01/43] LSM: general protection fault in legacy_parse_param,
Sasha Levin
- [PATCH] Add a file describing the security vulnerability handling process,
James Carter
- [PATCH] libsemanage: Fallback to semanage_copy_dir when rename() failed,
Petr Lautrbach
- [GIT PULL] SELinux patches for v5.18,
Paul Moore
- [PATCH] optional statement is not valid in if and require statement,
Dominick Grift
- Pwnkit and SELinux,
Daniel Burgener
- [PATCH] libsepol: Validate conditional expressions,
James Carter
- [PATCH] libsepol: Use calloc when initializing bool_val_to_struct array,
James Carter
- Re: [PATCH 03/17] io_uring: add infra and support for IORING_OP_URING_CMD,
Paul Moore
- [PATCH] gui: do not recreate /etc/selinux/config,
Mikhail Novosyolov
- [PATCH] libselinux: Close leaked FILEs,
Petr Lautrbach
- [PATCH v33 00/29] LSM: Module stacking for AppArmor,
Casey Schaufler
- [PATCH v33 01/29] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
- [PATCH v33 02/29] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v33 03/29] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v33 04/29] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v33 05/29] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v33 07/29] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v33 08/29] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v33 06/29] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v33 10/29] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v33 11/29] LSM: Use lsmblob in security_current_getsecid, Casey Schaufler
- [PATCH v33 09/29] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v33 14/29] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v33 12/29] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v33 13/29] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v33 15/29] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v33 20/29] binder: Pass LSM identifier for confirmation, Casey Schaufler
- [PATCH v33 19/29] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v33 17/29] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v33 16/29] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v33 18/29] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v33 21/29] LSM: Extend security_secid_to_secctx to include module selection, Casey Schaufler
- [PATCH v33 22/29] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
- [PATCH v33 23/29] Audit: Create audit_stamp structure, Casey Schaufler
- [PATCH v33 24/29] LSM: Add a function to report multiple LSMs, Casey Schaufler
- [PATCH v33 26/29] Audit: Add record for multiple task security contexts, Casey Schaufler
- [PATCH v33 25/29] Audit: Allow multiple records in an audit_buffer, Casey Schaufler
- [PATCH v33 29/29] AppArmor: Remove the exclusive flag, Casey Schaufler
- [PATCH v33 28/29] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v33 27/29] Audit: Add record for multiple object security contexts, Casey Schaufler
- [PATCH] libsepol/cil: Write a message when a log message is truncated,
James Carter
- Re: [PATCH v1] fs: Fix inconsistent f_mode,
Paul Moore
- [RFC PATCH] selinux: checkreqprot is deprecated, add some ssleep() discomfort,
Paul Moore
- [PATCH 1/2] libsepol: reject xperm av rules in conditional statements,
Christian Göttsche
- libsemanage rename calls fail on containers, Joseph Marrero Corchado
- Recently fixed neverallowx checks report (range 0x),
bauen1
- [PATCH] libsepol: Shorten the policy capability enum names,
Richard Haines
- [PATCH] libsepol: Do a more thorough validation of constraints,
James Carter
- [PATCH] libsepol: fix reallocarray imports,
Thiébaud Weksteen
- [PATCH] semanage-fcontext.8: Drop extra )s after FILE_SPEC,
Petr Lautrbach
- [PATCH] selinux: shorten the policy capability enum names,
Paul Moore
- [PATCH] docs: selinux: add '=' signs to kernel boot options,
Randy Dunlap
- [PATCH RESEND] xfs: don't generate selinux audit messages for capability testing,
Darrick J. Wong
- Re: [PATCH] docs: fix 'make htmldocs' warning in SCTP.rst, Paul Moore
- [PATCH V2] libsepol: Add 'ioctl_skip_cloexec' policy capability,
Richard Haines
- [PATCH V4] security/selinux: Always allow FIOCLEX and FIONCLEX,
Richard Haines
- [PATCH] userfaultfd, capability: introduce CAP_USERFAULTFD,
Axel Rasmussen
- [PATCH Notebook] policy_config_statements.md: How to add a new capability,
Richard Haines
- [PATCH testsuite] tests/ioctl: Update ioctl tests,
Richard Haines
- [PATCH] libsepol: Add 'ioctl_skip_cloexec' policy capability, Richard Haines
- [PATCH V3] security/selinux: Always allow FIOCLEX and FIONCLEX,
Richard Haines
- [GIT PULL] SELinux fixes for v5.17 (#2),
Paul Moore
- [PATCH 1/4] newrole: add Makefile target to test build options,
Christian Göttsche
- [PATCH] libsepol: validate expressions by evaluating,
Christian Göttsche
- [PATCH] libsepol: NULL pointer offset fix,
Christian Göttsche
- [PATCH] selinux: fix misuse of mutex_is_locked(),
Ondrej Mosnacek
- [PATCH V2] security/selinux: Always allow FIOCLEX and FIONCLEX,
Richard Haines
- [PATCH testsuite] tests/bpf: use new API if version >= 0.6,
Ondrej Mosnacek
- [RFC PATCH 2/2] capability: use new capable_or functionality,
Christian Göttsche
- [PATCH] selinux: log anon inode class name,
Christian Göttsche
- [PATCH 2/5] selinux: use correct type for context length,
Christian Göttsche
- [PATCH] security: declare member holding string literal const,
Christian Göttsche
- [PATCH] libsemanage: allow spaces in user/group names,
Vit Mojzis
- [PATCH] policycoreutils/fixfiles: Use parallel relabeling,
Petr Lautrbach
- [PATCH v2] libsepol: Populate and use policy name,
Thiébaud Weksteen
- [PATCH] python/sepolgen: accept square brackets in FILENAME token,
Christian Göttsche
- [PATCH testsuite v3] tests/sctp: add client peeloff tests, Ondrej Mosnacek
- [PATCH testsuite v2] tests/sctp: add client peeloff tests, Ondrej Mosnacek
- [PATCH net v3 0/2] security: fixups for the security hooks in sctp,
Ondrej Mosnacek
- Re: [PATCH net v3 0/2] security: fixups for the security hooks in sctp, Ondrej Mosnacek
- Re: [PATCH net v3 0/2] security: fixups for the security hooks in sctp, Xin Long
- Re: [PATCH net v3 0/2] security: fixups for the security hooks in sctp, Richard Haines
- Re: [PATCH net v3 0/2] security: fixups for the security hooks in sctp, Paul Moore
[PATCH 1/2] libsepol/cil: Don't add constraint if there are no permissions,
James Carter
[PATCH 1/3] libsepol: use correct error type to please UBSAN,
Christian Göttsche
[PATCH testsuite] tests/binder: Adjust kernel uapi headers check for building,
GONG, Ruiqi
[ANNOUNCE][CFP] Linux Security Summit North America 2022,
James Morris
Semantics vs. usage of mutex_is_locked(),
Ondrej Mosnacek
[PATCH] checkpolicy: allow wildcard permissions in constraints,
Christian Göttsche
[PATCH 1/2] libsepol: add sepol_av_perm_to_string,
Christian Göttsche
[GIT PULL] SELinux fixes for v5.17 (#1),
Paul Moore
[PATCH userspace v2 0/6] Optionally rebuild policy store only if there were external changes to modules,
Ondrej Mosnacek
[PATCH v32 00/28] LSM: Module stacking for AppArmor,
Casey Schaufler
- [PATCH v32 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
- [PATCH v32 02/28] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v32 03/28] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v32 04/28] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v32 05/28] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v32 06/28] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v32 07/28] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v32 08/28] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v32 09/28] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v32 10/28] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v32 11/28] LSM: Use lsmblob in security_current_getsecid, Casey Schaufler
- [PATCH v32 12/28] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v32 13/28] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v32 14/28] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v32 15/28] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v32 16/28] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v32 17/28] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v32 18/28] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v32 19/28] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v32 20/28] binder: Pass LSM identifier for confirmation, Casey Schaufler
- [PATCH v32 21/28] LSM: Extend security_secid_to_secctx to include module selection, Casey Schaufler
- [PATCH v32 22/28] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
- [PATCH v32 23/28] Audit: Create audit_stamp structure, Casey Schaufler
- [PATCH v32 24/28] Audit: Add framework for auxiliary records, Casey Schaufler
- [PATCH v32 25/28] Audit: Add record for multiple task security contexts, Casey Schaufler
- [PATCH v32 26/28] Audit: Add record for multiple object security contexts, Casey Schaufler
- [PATCH v32 27/28] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v32 28/28] AppArmor: Remove the exclusive flag, Casey Schaufler
[PATCH] selinux: parse contexts for mount options early,
Ondrej Mosnacek
[PATCH v2] selinux: fix double free of cond_list on error paths,
vbendel
kmod and unsigned modules,
Russell Coker
[PATCH v3 0/2] selinux: parse sids earlier to avoid doing memory allocations under spinlock,
Scott Mayhew
[PATCH] libsepol: do not add gaps to string list,
Christian Göttsche
[PATCH] libsepol: Populate and use policy name,
Thiébaud Weksteen
[PATCH 0/3] selinux: Fix and clean policydb->cond_list error paths,
vbendel
[PATCH v2] selinux: various sparse fixes,
Paul Moore
[PATCH v2] selinux: fix a type cast problem in cred_init_security(),
Paul Moore
[PATCH] selinux: various sparse fixes,
Paul Moore
[PATCH] selinux: fix a type cast problem in cred_init_security(),
Paul Moore
[PATCH] libselinux: Prevent cached context giving wrong results,
Johannes Segitz
[PATCH] policycoreutils: handle argument counter of zero,
Christian Göttsche
Re: [PATCH] LSM: general protection fault in legacy_parse_param,
Paul Moore
[PATCH] SELinux: Always allow FIOCLEX and FIONCLEX,
Demi Marie Obenour
[RFC PATCH] selinux: split no transition execve check,
Christian Göttsche
[RFC PATCH] mm: create security context for memfd_secret inodes,
Christian Göttsche
[PATCH 2/9] selinux: declare path parameters of _genfs_sid const,
Christian Göttsche
[PATCH] libsepol: invert only valid range of role bitmap,
Christian Göttsche
[PATCH -next] selinux: access superblock_security_struct in LSM blob way,
GONG, Ruiqi
[PATCH] libselinux: Cached security context not accurate,
Johannes Segitz
[PATCH RFC v2 0/2] selinux: parse sids earlier to avoid doing memory allocations under spinlock,
Scott Mayhew
[libselinux][PATCH] libselinux: make threadsafe for discover_class_cache, Purushottam Choudhary
[PATCH 0/4 v2] libsepol/cil: Limit certain error and warning reports,
James Carter
[PATCH] libsepol: drop trailing newlines in log messages,
Christian Göttsche
[PATCH] libsepol: return failure on saturated class name length,
Christian Göttsche
[PATCH RFC] selinux: Fix selinux_sb_mnt_opts_compat(), Scott Mayhew
[PATCH] libsepol: reject invalid roles before inverting,
Christian Göttsche
[PATCH 1/2] libsepol/cil: Limit the amount of reporting for neverallow violations,
James Carter
[PATCH] libselinux: Strip spaces before values in config,
Vit Mojzis
[PATCH] libsepol/cil: Ensure that the class in a classcommon is a kernel class,
James Carter
[RFC PATCH userspace 0/5] Allow rebuilding policy store only if there were external changes to modules,
Ondrej Mosnacek
[PATCH testsuite] tests/binder: Build only for 4.11 and later kernels,
GONG, Ruiqi
[PATCH 0/2 RFC] libsepol: Adding support for not-self rules,
James Carter
[PATCH 00/16 v2] Refactor and fix assertion checking,
James Carter
- [PATCH 01/16 v2] libsepol: Return an error if check_assertion() returns an error., James Carter
- [PATCH 02/16 v2] libsepol: Change label in check_assertion_avtab_match(), James Carter
- [PATCH 05/16 v2] libsepol: Use consistent return checking style, James Carter
- [PATCH 04/16 v2] libsepol: Check for error from check_assertion_extended_permissions(), James Carter
- [PATCH 03/16 v2] libsepol: Remove uneeded error messages in assertion checking, James Carter
- [PATCH 08/16 v2] libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions, James Carter
- [PATCH 07/16 v2] libsepol: Create function check_assertion_self_match() and use it, James Carter
- [PATCH 06/16 v2] libsepol: Move check of target types to before check for self, James Carter
- [PATCH 09/16 v2] libsepol: Remove unnessesary check for matching class, James Carter
- [PATCH 10/16 v2] libsepol: Move assigning outer loop index out of inner loop, James Carter
- [PATCH 11/16 v2] libsepol: Make use of previously created ebitmap when checking self, James Carter
- [PATCH 12/16 v2] libsepol: Refactor match_any_class_permissions() to be clearer, James Carter
- [PATCH 13/16 v2] libsepol: Make return value clearer when reporting neverallowx errors, James Carter
- [PATCH 14/16 v2] libsepol: The src and tgt must be the same if neverallow uses self, James Carter
- [PATCH 15/16 v2] libsepol: Set args avtab pointer when reporting assertion violations, James Carter
- [PATCH 16/16 v2] libsepol: Fix two problems with neverallowxperm reporting, James Carter
- Re: [PATCH 00/16 v2] Refactor and fix assertion checking, James Carter
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Fedora Desktop]
[Kernel]
[KDE Users]
[Gnome Users]