Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

Re: [PATCH v2] secilc: kernel policy language is infix, (continued)
[PATCH v4] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
- Re: [PATCH v4] selinux-notebook: New chapter: Hardening SELinux, Paul Moore
overlay userxattr seems to not adhere to defaultrole, Dominick Grift
[PATCH v3] security/selinux: fix potential memleak in error branch, Bernard Zhao
- Re: [PATCH v3] security/selinux: fix potential memleak in error branch, Paul Moore
[PATCH 0/4] SELinux Notebook: Add eBook reader build, Richard Haines
- [PATCH 1/4] selinux-notebook: Make file links consistent, Richard Haines
- [PATCH 2/4] src/images: Remove current penguin, Richard Haines
  - Re: [PATCH 2/4] src/images: Remove current penguin, Daniel Burgener
- [PATCH 4/4] selinux-notebook: Add epub build, Richard Haines
- Re: [PATCH 0/4] SELinux Notebook: Add eBook reader build, Daniel Burgener
  - Re: [PATCH 0/4] SELinux Notebook: Add eBook reader build, Richard Haines
[RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, David Howells
- [RFC PATCH 2/2] security, nfs: Provide a hook for fs_context security initialisation, David Howells
- Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, Paul Moore
- Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, David Howells
  - Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, Paul Moore
[PATCH V2 0/7] Various SELinux Notebook updates, Richard Haines
- [PATCH V2 4/7] policy_config_files.md: Update openrc_contexts contents, Richard Haines
  - Re: [PATCH V2 4/7] policy_config_files.md: Update openrc_contexts contents, Paul Moore
- [PATCH V2 1/7] notebook: Minor formatting fixes, Richard Haines
  - Re: [PATCH V2 1/7] notebook: Minor formatting fixes, Paul Moore
- [PATCH V2 6/7] policy_config_files.md: Update snapperd_contexts contents, Richard Haines
  - Re: [PATCH V2 6/7] policy_config_files.md: Update snapperd_contexts contents, Paul Moore
- [PATCH V2 2/7] object_classes_permissions.md: Correct the context object class entry, Richard Haines
  - Re: [PATCH V2 2/7] object_classes_permissions.md: Correct the context object class entry, Paul Moore
- [PATCH V2 7/7] title.md: Clarify example code location, Richard Haines
  - Re: [PATCH V2 7/7] title.md: Clarify example code location, Paul Moore
- [PATCH V2 3/7] object_classes_permissions.md: Deprecate lockdown class, Richard Haines
  - Re: [PATCH V2 3/7] object_classes_permissions.md: Deprecate lockdown class, Paul Moore
- [PATCH V2 5/7] policy_config_files.md: Update openssh_contexts contents, Richard Haines
  - Re: [PATCH V2 5/7] policy_config_files.md: Update openssh_contexts contents, Paul Moore
[PATCH] security,selinux: remove security_add_mnt_opt(), Ondrej Mosnacek
- Re: [PATCH] security,selinux: remove security_add_mnt_opt(), Casey Schaufler
- Re: [PATCH] security,selinux: remove security_add_mnt_opt(), Paul Moore
- Re: [PATCH] security,selinux: remove security_add_mnt_opt(), James Morris
[PATCH v2] security/selinux: fix potential memleak in error branch, Bernard Zhao
- Re: [PATCH v2] security/selinux: fix potential memleak in error branch, Ondrej Mosnacek
- Message not available
  - 答复: [PATCH v2] security/selinux: fix potential memleak in error branch, 赵军奎
    - Re: [PATCH v2] security/selinux: fix potential memleak in error branch, Ondrej Mosnacek
[PATCH 0/7] Various SELinux Notebook updates, Richard Haines
- [PATCH 1/7] notebook: Minor formatting fixes, Richard Haines
- [PATCH 3/7] object_classes_permissions.md: Deprecate lockdown class, Richard Haines
- [PATCH 2/7] object_classes_permissions.md: Correct the context object class entry, Richard Haines
- [PATCH 5/7] policy_config_files.md: Update openssh_contexts contents, Richard Haines
  - Re: [PATCH 5/7] policy_config_files.md: Update openssh_contexts contents, Dominick Grift
- [PATCH 4/7] policy_config_files.md: Update openrc_contexts contents, Richard Haines
- [PATCH 7/7] title.md: Clarify example code location, Richard Haines
- [PATCH 6/7] policy_config_files.md: Update snapperd_contexts contents, Richard Haines
[PATCH -next] selinux: Use struct_size() helper in kmalloc(), Xiu Jianfeng
- Re: [PATCH -next] selinux: Use struct_size() helper in kmalloc(), Paul Moore
[PATCH] security/selinux: fix potential memleak, Bernard Zhao
- Re: [PATCH] security/selinux: fix potential memleak, Paul Moore
  - Re: [PATCH] security/selinux: fix potential memleak, Ondrej Mosnacek
  - Message not available
    - 答复: [PATCH] security/selinux: fix potential memleak, 赵军奎
[PATCH] security/selinux: fix potential memleak in error branch, Bernard Zhao
- Re: [PATCH] security/selinux: fix potential memleak in error branch, Paul Moore
- Message not available
  - 答复: [PATCH] security/selinux: fix potential memleak in error branch, 赵军奎
[PATCH 1/2] libsepol/cil: support IPv4/IPv6 address embedding, Christian Göttsche
- [PATCH 2/2] checkpolicy: warn on bogus IP address or netmask in nodecon statement, Christian Göttsche
  - Re: [PATCH 2/2] checkpolicy: warn on bogus IP address or netmask in nodecon statement, James Carter
- Re: [PATCH 1/2] libsepol/cil: support IPv4/IPv6 address embedding, James Carter
  - Re: [PATCH 1/2] libsepol/cil: support IPv4/IPv6 address embedding, James Carter
[PATCH XSERVER 1/2] selinux: remap security classes on policyload, Christian Göttsche
- [PATCH XSERVER 2/2] selinux: log events with appropriate audit type, Christian Göttsche
[PATCH] libsepol: free ebitmap on end of function, Christian Göttsche
[PATCH V2 testsuite] tests/inet_socket: Add socket transition tests, Richard Haines
[PATCH 5.15 222/279] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
[PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
- Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Jari Ruusu
  - Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
    - Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
      - Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
        
        Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Christian Göttsche
        
        Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
        
        Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
[PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS, Jacob M Cutright
- Re: [PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS, Petr Lautrbach
  - Re: [PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS, Petr Lautrbach
[PATCH v30 00/28] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v30 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
  - Re: [PATCH v30 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, Paul Moore
- [PATCH v30 02/28] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v30 03/28] LSM: Add the lsmblob data structure., Casey Schaufler
  - Re: [PATCH v30 03/28] LSM: Add the lsmblob data structure., Paul Moore
- [PATCH v30 04/28] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v30 05/28] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
  - Re: [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match, kernel test robot
  - Re: [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match, Paul Moore
- [PATCH v30 07/28] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v30 08/28] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v30 09/28] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v30 10/28] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v30 11/28] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v30 12/28] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v30 13/28] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v30 14/28] LSM: Specify which LSM to display, Casey Schaufler
  - Re: [PATCH v30 14/28] LSM: Specify which LSM to display, Christian Göttsche
    - Re: [PATCH v30 14/28] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v30 15/28] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v30 16/28] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v30 17/28] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v30 18/28] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v30 19/28] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v30 20/28] binder: Pass LSM identifier for confirmation, Casey Schaufler
- [PATCH v30 21/28] LSM: Extend security_secid_to_secctx to include module selection, Casey Schaufler
- [PATCH v30 22/28] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
  - Re: [PATCH v30 22/28] Audit: Keep multiple LSM data in audit_names, Paul Moore
- [PATCH v30 23/28] Audit: Create audit_stamp structure, Casey Schaufler
  - Re: [PATCH v30 23/28] Audit: Create audit_stamp structure, Paul Moore
- [PATCH v30 24/28] Audit: Add framework for auxiliary records, Casey Schaufler
  - Re: [PATCH v30 24/28] Audit: Add framework for auxiliary records, Paul Moore
- [PATCH v30 25/28] Audit: Add record for multiple task security contexts, Casey Schaufler
  - Re: [PATCH v30 25/28] Audit: Add record for multiple task security contexts, Paul Moore
- [PATCH v30 26/28] Audit: Add record for multiple object security contexts, Casey Schaufler
  - Re: [PATCH v30 26/28] Audit: Add record for multiple object security contexts, kernel test robot
  - Re: [PATCH v30 26/28] Audit: Add record for multiple object security contexts, kernel test robot
  - Re: [PATCH v30 26/28] Audit: Add record for multiple object security contexts, Paul Moore
- [PATCH v30 27/28] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v30 28/28] AppArmor: Remove the exclusive flag, Casey Schaufler
[GIT PULL] SELinux fixes for v5.16 (#2), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.16 (#2), pr-tracker-bot
[RFC PATCH 1/3] libsepol: introduce ebitmap_subtract(), Christian Göttsche
- [RFC PATCH 2/3] libsepol: add not-self neverallow support, Christian Göttsche
- [RFC PATCH 3/3] checkpolicy: add not-self neverallow support, Christian Göttsche
- [RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract(), Christian Göttsche
  - [RFC PATCH v2 2/4] libsepol: add not-self neverallow support, Christian Göttsche
    - Re: [RFC PATCH v2 2/4] libsepol: add not-self neverallow support, James Carter
  - [RFC PATCH v2 3/4] checkpolicy: add not-self neverallow support, Christian Göttsche
    - Re: [RFC PATCH v2 3/4] checkpolicy: add not-self neverallow support, James Carter
      - Re: [RFC PATCH v2 3/4] checkpolicy: add not-self neverallow support, Christian Göttsche
  - [RFC PATCH v2 4/4] libsepol: free ebitmap on end of function, Christian Göttsche
  - Re: [RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract(), James Carter
    - Re: [RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract(), Christian Göttsche
      - Re: [RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract(), James Carter
  - [RFC PATCH v3 1/5] libsepol: introduce ebitmap_relative_complement(), Christian Göttsche
    - [RFC PATCH v3 2/5] libsepol: add not-self neverallow support, Christian Göttsche
    - [RFC PATCH v3 4/5] libsepol: free ebitmap on end of function, Christian Göttsche
    - [RFC PATCH v3 3/5] checkpolicy: add not-self neverallow support, Christian Göttsche
    - [RFC PATCH v3 5/5] libsepol: pass avtab to report function, Christian Göttsche
      - Re: [RFC PATCH v3 5/5] libsepol: pass avtab to report function, James Carter
[PATCH 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE, Christian Göttsche
- [PATCH 2/3] libselinux: use PCRE2 by default, Christian Göttsche
  - Re: [PATCH 2/3] libselinux: use PCRE2 by default, Petr Lautrbach
  - Re: [PATCH 2/3] libselinux: use PCRE2 by default, Petr Lautrbach
- [PATCH 3/3] Replace PCRE with PCRE2 build dependencies, Christian Göttsche
  - Re: [PATCH 3/3] Replace PCRE with PCRE2 build dependencies, Petr Lautrbach
- Re: [PATCH 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE, Petr Lautrbach
- [PATCH v2 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE, Christian Göttsche
  - Re: [PATCH v2 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE, Petr Lautrbach
    - Re: [PATCH v2 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE, James Carter
[PATCH] semodule: Don't forget to munmap() data, Petr Lautrbach
- Re: [PATCH] semodule: Don't forget to munmap() data, James Carter
  - Re: [PATCH] semodule: Don't forget to munmap() data, Petr Lautrbach
[PATCH] libselinux: Fix selinux_restorecon_parallel symbol version, Petr Lautrbach
- Re: [PATCH] libselinux: Fix selinux_restorecon_parallel symbol version, Ondrej Mosnacek
  - Re: [PATCH] libselinux: Fix selinux_restorecon_parallel symbol version, Petr Lautrbach
[PATCH 1/2] selinux: Add map perms, Jason Zaman
- [PATCH 2/2] dbus: Add filetrans for /tmp/dbus-* session socket, Jason Zaman
[PATCH] Kernel policy language is infix, Topi Miettinen
- <Possible follow-ups>
- [PATCH] Kernel policy language is infix, Topi Miettinen
[PATCH] selinux: fix NULL-pointer dereference when hashtab allocation fails, Ondrej Mosnacek
- Re: [PATCH] selinux: fix NULL-pointer dereference when hashtab allocation fails, Paul Moore
[PATCH testsuite] tests/inet_socket: Add socket transition tests, Richard Haines
[PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, David Anderson
- [PATCH v19 1/4] Add flags option to get xattr method paired to __vfs_getxattr, David Anderson
  - Re: [PATCH v19 1/4] Add flags option to get xattr method paired to __vfs_getxattr, Luca Weiss
    - Re: [PATCH v19 1/4] Add flags option to get xattr method paired to __vfs_getxattr, Paul Moore
- [PATCH v19 2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method, David Anderson
- [PATCH v19 3/4] overlayfs: override_creds=off option bypass creator_cred, David Anderson
- [PATCH v19 4/4] overlayfs: inode_owner_or_capable called during execv, David Anderson
- Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Casey Schaufler
  - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, David Anderson
- Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
  - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, David Anderson
    - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
      - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, David Anderson
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
  - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Vivek Goyal
    - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
    - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
      - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Vivek Goyal
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
        
        Message not available
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Vivek Goyal
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Johannes Segitz
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
[PATCH V2] netlabel: Update man page to clarify SELinux labeling, Richard Haines
- Re: [PATCH V2] netlabel: Update man page to clarify SELinux labeling, Richard Haines
  - Re: [PATCH V2] netlabel: Update man page to clarify SELinux labeling, Paul Moore
- Re: [PATCH V2] netlabel: Update man page to clarify SELinux labeling, Paul Moore
[PATCH] netlabel: Update man page to clarify SELinux labeling, Richard Haines
[PATCH] semodule: Fix lang_ext column index, Petr Lautrbach
- Re: [PATCH] semodule: Fix lang_ext column index, James Carter
  - Re: [PATCH] semodule: Fix lang_ext column index, Petr Lautrbach
[PATCH] semodule: add -m | --checksum option, Petr Lautrbach
- Re: [PATCH] semodule: add -m | --checksum option, James Carter
  - Re: [PATCH] semodule: add -m | --checksum option, Petr Lautrbach
[PATCH] ci: run the tests under ASan/UBsan on GHActions, Evgeny Vereshchagin
- Re: [PATCH] ci: run the tests under ASan/UBsan on GHActions, Christian Göttsche
- Re: [PATCH] ci: run the tests under ASan/UBsan on GHActions, James Carter
  - Re: [PATCH] ci: run the tests under ASan/UBsan on GHActions, James Carter
[RFC PATCH] capability: add capable_or to test for multiple caps with exactly one audit message, Christian Göttsche
[PATCH v3] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
- Re: [PATCH v3] selinux-notebook: New chapter: Hardening SELinux, Paul Moore
  - Re: [PATCH v3] selinux-notebook: New chapter: Hardening SELinux, Dominick Grift
- Re: [PATCH v3] selinux-notebook: New chapter: Hardening SELinux, Daniel Burgener
[PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Alistair Delva
- Re: [PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Bart Van Assche
- Re: [PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
- Re: [PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Jens Axboe
[PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Alistair Delva
- Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Ondrej Mosnacek
  - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Alistair Delva
    - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Casey Schaufler
      - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
    - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Dominick Grift
    - RE: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, David Laight
      - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
  - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
- Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Jens Axboe
  - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Alistair Delva
[PATCH v2] Support static-only builds, Alyssa Ross
[PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
- Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Daniel Burgener
  - Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Dominick Grift
    - Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
      - Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Dominick Grift
        
        Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
[GIT PULL] SELinux fix / revert for v5.16 (#1), Paul Moore
- Re: [GIT PULL] SELinux fix / revert for v5.16 (#1), pr-tracker-bot
[PATCH] net,lsm,selinux: revert the security_sctp_assoc_established() hook, Paul Moore
- Re: [PATCH] net,lsm,selinux: revert the security_sctp_assoc_established() hook, patchwork-bot+netdevbpf
[PATCH] binder: fix test regression due to sender_euid change, Todd Kjos
- Re: [PATCH] binder: fix test regression due to sender_euid change, Christian Brauner
- Re: [PATCH] binder: fix test regression due to sender_euid change, Paul Moore
  - Re: [PATCH] binder: fix test regression due to sender_euid change, Todd Kjos
    - Re: [PATCH] binder: fix test regression due to sender_euid change, Greg KH
[PATCH 01/12] checkpolicy: use correct unsigned format specifiers, Christian Göttsche
- [PATCH 02/12] libsepol: use string literals as format strings, Christian Göttsche
- [PATCH 03/12] policycoreutils: use string literal as format strings, Christian Göttsche
- [PATCH 04/12] Enable extra global compiler warnings, Christian Göttsche
- [PATCH 05/12] checkpolicy: ignore possible string truncation, Christian Göttsche
- [PATCH 06/12] policycoreutils: mark local functions static, Christian Göttsche
- [PATCH 07/12] sandbox: mark local functions static, Christian Göttsche
- [PATCH 08/12] python: mark local functions static, Christian Göttsche
- [PATCH 09/12] mcstrans: avoid missing prototypes, Christian Göttsche
- [PATCH 10/12] libsemanage: mark local functions static, Christian Göttsche
- [PATCH 11/12] libsemanage: include paired header for prototypes, Christian Göttsche
- [PATCH 12/12] libsemanage: add extern prototype for legacy function, Christian Göttsche
- Re: [PATCH 01/12] checkpolicy: use correct unsigned format specifiers, James Carter
  - Re: [PATCH 01/12] checkpolicy: use correct unsigned format specifiers, James Carter
[PATCH] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
- Re: [PATCH] selinux-notebook: New chapter: Hardening SELinux, Daniel Burgener
  - Re: [PATCH] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
[PATCH] Support static-only builds, Alyssa Ross
- Re: [PATCH] Support static-only builds, Nicolas Iooss
  - Re: [PATCH] Support static-only builds, Alyssa Ross
[PATCH 5.10 1/3] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 5.10 2/3] binder: use cred instead of task for selinux checks, Todd Kjos
- [PATCH 5.10 3/3] binder: use cred instead of task for getsecid, Todd Kjos
[PATCH 5.4 1/3] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 5.4 2/3] binder: use cred instead of task for selinux checks, Todd Kjos
- [PATCH 5.4 3/3] binder: use cred instead of task for getsecid, Todd Kjos
[PATCH 4.19 1/2] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 4.19 2/2] binder: use cred instead of task for selinux checks, Todd Kjos
[PATCH 4.14 1/2] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 4.14 2/2] binder: use cred instead of task for selinux checks, Todd Kjos
[PATCH 4.9 1/2] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 4.9 2/2] binder: use cred instead of task for selinux checks, Todd Kjos
[PATCH 4.4 1/2] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 4.4 2/2] binder: use cred instead of task for selinux checks, Todd Kjos
  - Re: [PATCH 4.4 2/2] binder: use cred instead of task for selinux checks, Greg KH
    - Re: [PATCH 4.4 2/2] binder: use cred instead of task for selinux checks, Greg KH
[PATCH v3 0/1] fuse: Send file/inode security context during creation, Vivek Goyal
- [PATCH v3 1/1] fuse: Send security context of inode on file creation, Vivek Goyal
  - Re: [PATCH v3 1/1] fuse: Send security context of inode on file creation, Vivek Goyal
  - Re: [PATCH v3 1/1] fuse: Send security context of inode on file creation, Vivek Goyal
[PATCH 0/5 v2] Fix/add optional file type handling for genfscon rules, James Carter
- [PATCH 1/5 v2] libsepol: Add support for file types in writing out policy.conf, James Carter
  - Message not available
    - Re: [PATCH 1/5 v2] libsepol: Add support for file types in writing out policy.conf, James Carter
- [PATCH 2/5 v2] libsepol/cil: Refactor filecon file type handling, James Carter
- [PATCH 3/5 v2] libsepol/cil: Allow optional file type in genfscon rules, James Carter
- [PATCH 4/5 v2] secilc/docs: Document the optional file type for genfscon rules, James Carter
- [PATCH 5/5] libsepol: Write out genfscon file type when writing out CIL policy, James Carter
[RFC PATCH] selinux: Add netlink xperm support, Bram Bonne
- Re: [RFC PATCH] selinux: Add netlink xperm support, Stephen Smalley
  - Re: [RFC PATCH] selinux: Add netlink xperm support, Stephen Smalley
  - Re: [RFC PATCH] selinux: Add netlink xperm support, Stephen Smalley
    - Re: [RFC PATCH] selinux: Add netlink xperm support, Paul Moore
      - Re: [RFC PATCH] selinux: Add netlink xperm support, Thiébaud Weksteen
        
        Re: [RFC PATCH] selinux: Add netlink xperm support, Paul Moore
[RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, Bram Bonne
- Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, James Carter
  - Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, Bram Bonné
    - Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, Jeffrey Vander Stoep
- Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, James Carter
  - Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, James Carter
[PATCH] Use IANA-managed domain example.com in examples, markus . linnala
- Re: [PATCH] Use IANA-managed domain example.com in examples, Petr Lautrbach
  - Re: [PATCH] Use IANA-managed domain example.com in examples, Petr Lautrbach
[RFC PATCH 0/1] selinux-testsuite: Add tests for sctp_socket transition rules, Richard Haines
- [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules, Richard Haines
  - Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules, Ondrej Mosnacek
    - Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules, Paul Moore
    - Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules, Richard Haines
      - Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules, Paul Moore
- Re: [RFC PATCH 0/1] selinux-testsuite: Add tests for sctp_socket transition rules, Paul Moore
Re: [RFC PATCH v2 00/36] libsepol: add fuzzer for reading binary policies, Christian Göttsche
[PATCH net] selinux: fix SCTP client peeloff socket labeling, Ondrej Mosnacek
- Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Paul Moore
  - Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, David Miller
    - Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Paul Moore
- Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Jakub Kicinski
  - Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Paul Moore
    - Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Ondrej Mosnacek
      - Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Paul Moore
        
        Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Ondrej Mosnacek
        
        Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Paul Moore
[RFC] Cascade: a high level SELinux policy language, Daniel Burgener
- Re: [RFC] Cascade: a high level SELinux policy language, James Carter
  - Re: [RFC] Cascade: a high level SELinux policy language, Daniel Burgener
    - Message not available
      - Re: [RFC] Cascade: a high level SELinux policy language, Daniel Burgener
        
        Re: [RFC] Cascade: a high level SELinux policy language, James Carter
[PATCHv2 net 0/4] security: fixups for the security hooks in sctp, Xin Long
- [PATCHv2 net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone, Xin Long
- [PATCHv2 net 2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce, Xin Long
- [PATCHv2 net 3/4] security: add sctp_assoc_established hook, Xin Long
- [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
  - Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Ondrej Mosnacek
    - Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
      - Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Richard Haines
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Ondrej Mosnacek
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, David Miller
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
- Re: [PATCHv2 net 0/4] security: fixups for the security hooks in sctp, patchwork-bot+netdevbpf
[GIT PULL] SELinux patches for v5.16, Paul Moore
- Re: [GIT PULL] SELinux patches for v5.16, Linus Torvalds
  - Re: [GIT PULL] SELinux patches for v5.16, Paul Moore
    - Re: [GIT PULL] SELinux patches for v5.16, Linus Torvalds
      - Re: [GIT PULL] SELinux patches for v5.16, Linus Torvalds
        
        Re: [GIT PULL] SELinux patches for v5.16, Paul Moore
- Re: [GIT PULL] SELinux patches for v5.16, pr-tracker-bot
[PATCH 0/4] Fix/add optional file type handling for genfscon rules, James Carter
- [PATCH 1/4] libsepol: Add support for file types in writing out policy.conf, James Carter
- [PATCH 2/4] libsepol/cil: Allow optional file type in genfscon rules, James Carter
- [PATCH 3/4] secilc/docs: Document the optional file type for genfscon rules, James Carter
- [PATCH 4/4] libsepol: Write out genfscon file type when writing out CIL policy, James Carter
- Re: [PATCH 0/4] Fix/add optional file type handling for genfscon rules, Stephen Smalley
  - Re: [PATCH 0/4] Fix/add optional file type handling for genfscon rules, Nicolas Iooss
    - Re: [PATCH 0/4] Fix/add optional file type handling for genfscon rules, James Carter
[PATCH userspace v4 0/8] Parallel setfiles/restorecon, Ondrej Mosnacek
- [PATCH userspace v4 1/8] label_file: fix a data race, Ondrej Mosnacek
- [PATCH userspace v4 2/8] selinux_restorecon: simplify fl_head allocation by using calloc(), Ondrej Mosnacek
- [PATCH userspace v4 3/8] selinux_restorecon: protect file_spec list with a mutex, Ondrej Mosnacek
- [PATCH userspace v4 4/8] libselinux: make selinux_log() thread-safe, Ondrej Mosnacek
- [PATCH userspace v4 5/8] libselinux: make is_context_customizable() thread-safe, Ondrej Mosnacek
  - Re: [PATCH userspace v4 5/8] libselinux: make is_context_customizable() thread-safe, Christian Göttsche
- [PATCH userspace v4 6/8] selinux_restorecon: add a global mutex to synchronize progress output, Ondrej Mosnacek
- [PATCH userspace v4 8/8] setfiles/restorecon: support parallel relabeling, Ondrej Mosnacek
- [PATCH userspace v4 7/8] selinux_restorecon: introduce selinux_restorecon_parallel(3), Ondrej Mosnacek
- Re: [PATCH userspace v4 0/8] Parallel setfiles/restorecon, Ondrej Mosnacek
  - Re: [PATCH userspace v4 0/8] Parallel setfiles/restorecon, Petr Lautrbach
    - Re: [PATCH userspace v4 0/8] Parallel setfiles/restorecon, Petr Lautrbach
[PATCH testsuite v2] tests: make kernel iptables support optional, Ondrej Mosnacek
- Re: [PATCH testsuite v2] tests: make kernel iptables support optional, Ondrej Mosnacek
[PATCH testsuite] tests/inet_socket: make kernel iptables support optional, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/inet_socket: make kernel iptables support optional, Ondrej Mosnacek
ANN: SELinux userspace 3.3 release, Petr Lautrbach
[PATCH net 0/4] security: fixups for the security hooks in sctp, Xin Long
- [PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone, Xin Long
  - Re: [PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone, Jakub Kicinski
    - Re: [PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone, Xin Long
  - Re: [PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone, Richard Haines
- [PATCH net 2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce, Xin Long
  - Re: [PATCH net 2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce, Ondrej Mosnacek
- [PATCH net 3/4] security: add sctp_assoc_established hook, Xin Long
  - Re: [PATCH net 3/4] security: add sctp_assoc_established hook, kernel test robot
  - Re: [PATCH net 3/4] security: add sctp_assoc_established hook, kernel test robot
  - Re: [PATCH net 3/4] security: add sctp_assoc_established hook, Ondrej Mosnacek
- [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
  - Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Ondrej Mosnacek
    - Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
      - Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Ondrej Mosnacek
        
        Message not available
        
        Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
- Re: [PATCH net 0/4] security: fixups for the security hooks in sctp, Richard Haines
[PATCH] sctp: initialize endpoint LSM labels also on the client side, Ondrej Mosnacek
- Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side, Ondrej Mosnacek
- Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side, Marcelo Ricardo Leitner
  - Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side, Xin Long
    - Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side, Ondrej Mosnacek
[PATCH testsuite] tests/sctp: add client peeloff tests, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/sctp: add client peeloff tests, Paul Moore
  - Re: [PATCH testsuite] tests/sctp: add client peeloff tests, Ondrej Mosnacek
[PATCH] libsepol: avoid passing NULL pointer to memcpy, Christian Göttsche
- Re: [PATCH] libsepol: avoid passing NULL pointer to memcpy, James Carter
- [PATCH v2] libsepol: avoid passing NULL pointer to memcpy, Christian Göttsche
  - Re: [PATCH v2] libsepol: avoid passing NULL pointer to memcpy, Nicolas Iooss
    - Re: [PATCH v2] libsepol: avoid passing NULL pointer to memcpy, Nicolas Iooss
Release 3.3 or not?, Petr Lautrbach
- Re: Release 3.3 or not?, James Carter
kernel NULL pointer dereference on selinux_ip_postroute, Corentin Labbe
[PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat(), Paul Moore
- Re: [PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat(), Ondrej Mosnacek
  - Re: [PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat(), Paul Moore
- Re: [PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat(), Paul Moore
[PATCH userspace v3 0/7] Parallel setfiles/restorecon, Ondrej Mosnacek
- [PATCH userspace v3 1/7] label_file: fix a data race, Ondrej Mosnacek
- [PATCH userspace v3 2/7] selinux_restorecon: simplify fl_head allocation by using calloc(), Ondrej Mosnacek
- [PATCH userspace v3 3/7] selinux_restorecon: protect file_spec list with a mutex, Ondrej Mosnacek
- [PATCH userspace v3 5/7] selinux_restorecon: add a global mutex to synchronize progress output, Ondrej Mosnacek
- [PATCH userspace v3 6/7] selinux_restorecon: introduce selinux_restorecon_parallel(3), Ondrej Mosnacek
- [PATCH userspace v3 7/7] setfiles/restorecon: support parallel relabeling, Ondrej Mosnacek
- [PATCH userspace v3 4/7] libselinux: make selinux_log() thread-safe, Ondrej Mosnacek
- Re: [PATCH userspace v3 0/7] Parallel setfiles/restorecon, Christian Göttsche
  - Re: [PATCH userspace v3 0/7] Parallel setfiles/restorecon, Ondrej Mosnacek
[next] BUG: kernel NULL pointer dereference, address:: selinux_ip_postroute_compat, Naresh Kamboju
- Re: [next] BUG: kernel NULL pointer dereference, address:: selinux_ip_postroute_compat, Florian Westphal
  - Re: [next] BUG: kernel NULL pointer dereference, address:: selinux_ip_postroute_compat, Paul Moore
[PATCH] libselinux: use dummy variable to silence glibc 2.34 warnings, Christian Göttsche
- Re: [PATCH] libselinux: use dummy variable to silence glibc 2.34 warnings, Nicolas Iooss
  - Re: [PATCH] libselinux: use dummy variable to silence glibc 2.34 warnings, Christian Göttsche
- [PATCH v2] libselinux: use valid address to silence glibc 2.34 warnings, Christian Göttsche
  - Re: [PATCH v2] libselinux: use valid address to silence glibc 2.34 warnings, Nicolas Iooss
    - Re: [PATCH v2] libselinux: use valid address to silence glibc 2.34 warnings, Nicolas Iooss
[PATCH userspace v2 0/6] Parallel setfiles/restorecon, Ondrej Mosnacek
- [PATCH userspace v2 1/6] selinux_restorecon: simplify fl_head allocation by using calloc(), Ondrej Mosnacek
- [PATCH userspace v2 2/6] selinux_restorecon: protect file_spec list with a mutex, Ondrej Mosnacek
- [PATCH userspace v2 3/6] libselinux: make selinux_log() thread-safe, Ondrej Mosnacek
- [PATCH userspace v2 4/6] selinux_restorecon: add a global mutex to synchronize progress output, Ondrej Mosnacek
- [PATCH userspace v2 6/6] setfiles/restorecon: support parallel relabeling, Ondrej Mosnacek
- [PATCH userspace v2 5/6] selinux_restorecon: introduce selinux_restorecon_parallel(3), Ondrej Mosnacek
- Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon, Christian Göttsche
  - Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon, Ondrej Mosnacek
    - Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon, Ondrej Mosnacek
      - Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon, Ondrej Mosnacek
[PATCH] selinux: fix all of the W=1 build warnings, Paul Moore
- Re: [PATCH] selinux: fix all of the W=1 build warnings, Paul Moore
[PATCH 1/3] libsepol: do not pass NULL to memcpy, Christian Göttsche
- [PATCH 2/3] libsemanage: do not sort empty records, Christian Göttsche
  - Re: [PATCH 2/3] libsemanage: do not sort empty records, Nicolas Iooss
- [PATCH 3/3] libsemanage/tests: free memory, Christian Göttsche
  - Re: [PATCH 3/3] libsemanage/tests: free memory, Nicolas Iooss
- Re: [PATCH 1/3] libsepol: do not pass NULL to memcpy, Nicolas Iooss
  - Re: [PATCH 1/3] libsepol: do not pass NULL to memcpy, Christian Göttsche
- [PATCH v2 1/3] libsepol: do not pass NULL to memcpy, Christian Göttsche
  - [PATCH v2 3/3] libsemanage/tests: free memory, Christian Göttsche
  - [PATCH v2 2/3] libsemanage: do not sort empty records, Christian Göttsche
  - Re: [PATCH v2 1/3] libsepol: do not pass NULL to memcpy, Nicolas Iooss
    - Re: [PATCH v2 1/3] libsepol: do not pass NULL to memcpy, Nicolas Iooss
[PATCH v2] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
- Re: [PATCH v2] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Paul Moore
- Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Ondrej Mosnacek
  - Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Paul Moore
    - Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Mickaël Salaün
      - Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Christian Brauner
        
        Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Mickaël Salaün
[PATCH v2 0/2] fuse: Send file/inode security context during creation, Vivek Goyal
- [PATCH v2 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
  - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
    - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
      - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
  - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Miklos Szeredi
    - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
      - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Miklos Szeredi
        
        Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
- [PATCH v2 1/2] fuse: Add a flag FUSE_SECURITY_CTX, Vivek Goyal
  - Re: [PATCH v2 1/2] fuse: Add a flag FUSE_SECURITY_CTX, Casey Schaufler
    - Re: [PATCH v2 1/2] fuse: Add a flag FUSE_SECURITY_CTX, Vivek Goyal
- Re: [PATCH v2 0/2] fuse: Send file/inode security context during creation, Vivek Goyal
[PATCH v5 0/3] binder: use cred instead of task for security context, Todd Kjos
- [PATCH v5 1/3] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH v5 2/3] binder: use cred instead of task for selinux checks, Todd Kjos
- [PATCH v5 3/3] binder: use cred instead of task for getsecid, Todd Kjos
- Re: [PATCH v5 0/3] binder: use cred instead of task for security context, Casey Schaufler
- Re: [PATCH v5 0/3] binder: use cred instead of task for security context, Paul Moore
  - Re: [PATCH v5 0/3] binder: use cred instead of task for security context, Todd Kjos
[PATCH v2] security: Return xattr name from security_dentry_init_security(), Vivek Goyal
- Re: [PATCH v2] security: Return xattr name from security_dentry_init_security(), Christian Brauner
- Re: [PATCH v2] security: Return xattr name from security_dentry_init_security(), Vivek Goyal
  - Re: [PATCH v2] security: Return xattr name from security_dentry_init_security(), James Morris
    - Re: [PATCH v2] security: Return xattr name from security_dentry_init_security(), Paul Moore
- Re: [PATCH v2] security: Return xattr name from security_dentry_init_security(), Paul Moore
  - Re: [PATCH v2] security: Return xattr name from security_dentry_init_security(), Vivek Goyal
[PATCH selinux v3] selinux: remove unneeded ipv6 hook wrappers, Florian Westphal
- Re: [PATCH selinux v3] selinux: remove unneeded ipv6 hook wrappers, Paul Moore
[PATCH] selinux: consilidate comments from inode_doinit_with_dentry wrt !dentry, Davidlohr Bueso
- Re: [PATCH] selinux: consilidate comments from inode_doinit_with_dentry wrt !dentry, Paul Moore
[RFC PATCH 00/35] libsepol: add fuzzer for reading binary policies, Christian Göttsche
- [RFC PATCH 01/35] cifuzz: enable report-unreproducible-crashes, Christian Göttsche
- [RFC PATCH 02/35] cifuzz: use the default runtime of 600 seconds, Christian Göttsche
- [RFC PATCH 03/35] libsepol/fuzz: silence secilc-fuzzer, Christian Göttsche
- [RFC PATCH 04/35] libsepol: add libfuzz based fuzzer for reading binary policies, Christian Göttsche
- [RFC PATCH 05/35] libsepol/fuzz: limit element sizes for fuzzing, Christian Göttsche
- [RFC PATCH 07/35] libsepol: use logging framework in ebitmap.c, Christian Göttsche
- [RFC PATCH 06/35] libsepol: use logging framework in conditional.c, Christian Göttsche
- [RFC PATCH 08/35] libsepol: use mallocarray wrapper to avoid overflows, Christian Göttsche
- [RFC PATCH 09/35] libsepol: use reallocarray wrapper to avoid overflows, Christian Göttsche
- [RFC PATCH 10/35] libsepol: add checks for read sizes, Christian Göttsche
- [RFC PATCH 11/35] libsepol: enforce avtab item limit, Christian Göttsche
- [RFC PATCH 12/35] libsepol: clean memory on conditional read failure, Christian Göttsche
  - Re: [RFC PATCH 12/35] libsepol: clean memory on conditional read failure, James Carter
- [RFC PATCH 13/35] libsepol: validate MLS levels, Christian Göttsche
  - Re: [RFC PATCH 13/35] libsepol: validate MLS levels, James Carter
- [RFC PATCH 14/35] libsepol: reject invalid fsuse types, Christian Göttsche
  - Re: [RFC PATCH 14/35] libsepol: reject invalid fsuse types, James Carter
- [RFC PATCH 15/35] libsepol: reject invalid default targets, Christian Göttsche
  - Re: [RFC PATCH 15/35] libsepol: reject invalid default targets, James Carter
- [RFC PATCH 16/35] libsepol: validate expanded user range and level, Christian Göttsche
- [RFC PATCH 18/35] libsepol: use size_t for indexes in strs helpers, Christian Göttsche
- [RFC PATCH 17/35] libsepol: validate types, Christian Göttsche
  - Re: [RFC PATCH 17/35] libsepol: validate types, James Carter
- [RFC PATCH 19/35] libsepol: reject abnormal huge sid ids, Christian Göttsche
- [RFC PATCH 22/35] libsepol: validate permission count of classes, Christian Göttsche
  - Re: [RFC PATCH 22/35] libsepol: validate permission count of classes, James Carter
- [RFC PATCH 20/35] libsepol: do not crash on class gaps, Christian Göttsche
- [RFC PATCH 21/35] libsepol: do not crash on user gaps, Christian Göttsche
- [RFC PATCH 24/35] libsepol: zero member before potential dereference, Christian Göttsche
- [RFC PATCH 23/35] libsepol: resolve log message mismatch, Christian Göttsche
- [RFC PATCH 25/35] libsepol: validate avtab types, Christian Göttsche
  - Re: [RFC PATCH 25/35] libsepol: validate avtab types, James Carter
- [RFC PATCH 26/35] libsepol: validate constraint expression operators and attributes, Christian Göttsche
- [RFC PATCH 27/35] libsepol: validate type of avtab type rules, Christian Göttsche
  - Re: [RFC PATCH 27/35] libsepol: validate type of avtab type rules, James Carter
- [RFC PATCH 28/35] libsepol: validate ocontexts, Christian Göttsche
  - Re: [RFC PATCH 28/35] libsepol: validate ocontexts, James Carter
- [RFC PATCH 29/35] libsepol: validate genfs contexts, Christian Göttsche
  - Re: [RFC PATCH 29/35] libsepol: validate genfs contexts, James Carter
- [RFC PATCH 30/35] libsepol: validate permissive types, Christian Göttsche
- [RFC PATCH 31/35] libsepol: validate policy properties, Christian Göttsche
- [RFC PATCH 32/35] libsepol: do not underflow on short format arguments, Christian Göttsche
- [RFC PATCH 33/35] libsepol: validate categories, Christian Göttsche
  - Re: [RFC PATCH 33/35] libsepol: validate categories, James Carter
- [RFC PATCH 34/35] libsepol: use correct size for initial string list, Christian Göttsche
- [RFC PATCH 35/35] libsepol: do not create a string list with initial size zero, Christian Göttsche
- Re: [RFC PATCH 00/35] libsepol: add fuzzer for reading binary policies, James Carter
- [RFC PATCH v2 00/36] libsepol: add fuzzer for reading binary policies, Christian Göttsche
  - [RFC PATCH v2 01/36] cifuzz: enable report-unreproducible-crashes, Christian Göttsche
  - [RFC PATCH v2 02/36] cifuzz: use the default runtime of 600 seconds, Christian Göttsche
  - [RFC PATCH v2 03/36] libsepol/fuzz: silence secilc-fuzzer, Christian Göttsche
  - [RFC PATCH v2 04/36] libsepol: add libfuzz based fuzzer for reading binary policies, Christian Göttsche
  - [RFC PATCH v2 05/36] libsepol/fuzz: limit element sizes for fuzzing, Christian Göttsche
  - [RFC PATCH v2 06/36] libsepol: use logging framework in conditional.c, Christian Göttsche
  - [RFC PATCH v2 07/36] libsepol: use logging framework in ebitmap.c, Christian Göttsche
  - [RFC PATCH v2 08/36] libsepol: use mallocarray wrapper to avoid overflows, Christian Göttsche
  - [RFC PATCH v2 10/36] libsepol: add checks for read sizes, Christian Göttsche
    - Re: [RFC PATCH v2 10/36] libsepol: add checks for read sizes, James Carter
      - Re: [RFC PATCH v2 10/36] libsepol: add checks for read sizes, Christian Göttsche
        
        Re: [RFC PATCH v2 10/36] libsepol: add checks for read sizes, James Carter
  - [RFC PATCH v2 09/36] libsepol: use reallocarray wrapper to avoid overflows, Christian Göttsche
  - [RFC PATCH v2 11/36] libsepol: enforce avtab item limit, Christian Göttsche
  - [RFC PATCH v2 13/36] libsepol: reject abnormal huge sid ids, Christian Göttsche
  - [RFC PATCH v2 12/36] libsepol: clean memory on conditional insertion failure, Christian Göttsche
  - [RFC PATCH v2 14/36] libsepol: reject invalid filetrans source type, Christian Göttsche
  - [RFC PATCH v2 16/36] libsepol: use size_t for indexes in strs helpers, Christian Göttsche
  - [RFC PATCH v2 15/36] libsepol: zero member before potential dereference, Christian Göttsche
  - [RFC PATCH v2 17/36] libsepol: do not underflow on short format arguments, Christian Göttsche
  - [RFC PATCH v2 19/36] libsepol: do not crash on user gaps, Christian Göttsche
  - [RFC PATCH v2 20/36] libsepol: use correct size for initial string list, Christian Göttsche
  - [RFC PATCH v2 21/36] libsepol: do not create a string list with initial size zero, Christian Göttsche
  - [RFC PATCH v2 22/36] libsepol: split validation of datum array gaps and entries, Christian Göttsche
  - [RFC PATCH v2 23/36] libsepol: validate MLS levels, Christian Göttsche
  - [RFC PATCH v2 18/36] libsepol: do not crash on class gaps, Christian Göttsche
  - [RFC PATCH v2 25/36] libsepol: validate permission count of classes, Christian Göttsche
  - [RFC PATCH v2 24/36] libsepol: validate expanded user range and level, Christian Göttsche
  - [RFC PATCH v2 26/36] libsepol: resolve log message mismatch, Christian Göttsche
  - [RFC PATCH v2 28/36] libsepol: validate constraint expression operators and attributes, Christian Göttsche
  - [RFC PATCH v2 27/36] libsepol: validate avtab and avrule types, Christian Göttsche
  - [RFC PATCH v2 29/36] libsepol: validate type of avtab type rules, Christian Göttsche
  - [RFC PATCH v2 30/36] libsepol: validate ocontexts, Christian Göttsche
    - Re: [RFC PATCH v2 30/36] libsepol: validate ocontexts, James Carter
  - [RFC PATCH v2 31/36] libsepol: validate genfs contexts, Christian Göttsche
  - [RFC PATCH v2 32/36] libsepol: validate permissive types, Christian Göttsche
  - [RFC PATCH v2 34/36] libsepol: validate categories, Christian Göttsche
  - [RFC PATCH v2 33/36] libsepol: validate policy properties, Christian Göttsche
  - [RFC PATCH v2 36/36] libsepol: validate class default targets, Christian Göttsche
  - [RFC PATCH v2 35/36] libsepol: validate fsuse types, Christian Göttsche
  - [RFC PATCH v2 37/40] [WIP] libsepol: export policydb_validate, Christian Göttsche
  - [RFC PATCH v2 38/40] [WIP] checkpolicy: validate generated policies, Christian Göttsche
  - [RFC PATCH v2 40/40] [CROSS-PATCH] libsepol: do not pass NULL to memcpy, Christian Göttsche
  - [RFC PATCH v2 39/40] [CROSS-PATCH] libsepol: avoid passing NULL pointer to memcpy, Christian Göttsche
  - Re: [RFC PATCH v2 00/36] libsepol: add fuzzer for reading binary policies, James Carter
    - Re: [RFC PATCH v2 00/36] libsepol: add fuzzer for reading binary policies, James Carter
  - [PATCH v3 00/36] libsepol: add fuzzer for reading binary policies, Christian Göttsche
    - [PATCH v3 09/36] libsepol: use reallocarray wrapper to avoid overflows, Christian Göttsche
    - [PATCH v3 10/36] libsepol: add checks for read sizes, Christian Göttsche
    - [PATCH v3 15/36] libsepol: zero member before potential dereference, Christian Göttsche
    - [PATCH v3 29/36] libsepol: validate type of avtab type rules, Christian Göttsche
    - [PATCH v3 04/36] libsepol: add libfuzz based fuzzer for reading binary policies, Christian Göttsche
    - [PATCH v3 07/36] libsepol: use logging framework in ebitmap.c, Christian Göttsche
    - [PATCH v3 02/36] cifuzz: use the default runtime of 600 seconds, Christian Göttsche
    - [PATCH v3 12/36] libsepol: clean memory on conditional insertion failure, Christian Göttsche
    - [PATCH v3 08/36] libsepol: use mallocarray wrapper to avoid overflows, Christian Göttsche
    - [PATCH v3 20/36] libsepol: use correct size for initial string list, Christian Göttsche
    - [PATCH v3 28/36] libsepol: validate constraint expression operators and attributes, Christian Göttsche
    - [PATCH v3 18/36] libsepol: do not crash on class gaps, Christian Göttsche
    - [PATCH v3 26/36] libsepol: resolve log message mismatch, Christian Göttsche
    - [PATCH v3 22/36] libsepol: split validation of datum array gaps and entries, Christian Göttsche
    - [PATCH v3 36/36] libsepol: validate class default targets, Christian Göttsche
    - [PATCH v3 33/36] libsepol: validate policy properties, Christian Göttsche
    - [PATCH v3 32/36] libsepol: validate permissive types, Christian Göttsche
    - [PATCH v3 34/36] libsepol: validate categories, Christian Göttsche
    - [PATCH v3 01/36] cifuzz: enable report-unreproducible-crashes, Christian Göttsche
    - [PATCH v3 21/36] libsepol: do not create a string list with initial size zero, Christian Göttsche
    - [PATCH v3 14/36] libsepol: reject invalid filetrans source type, Christian Göttsche
    - [PATCH v3 03/36] libsepol/fuzz: silence secilc-fuzzer, Christian Göttsche
    - [PATCH v3 05/36] libsepol/fuzz: limit element sizes for fuzzing, Christian Göttsche
    - [PATCH v3 23/36] libsepol: validate MLS levels, Christian Göttsche
    - [PATCH v3 11/36] libsepol: enforce avtab item limit, Christian Göttsche
      - Re: [PATCH v3 11/36] libsepol: enforce avtab item limit, James Carter
    - [PATCH v3 27/36] libsepol: validate avtab and avrule types, Christian Göttsche
    - [PATCH v3 16/36] libsepol: use size_t for indexes in strs helpers, Christian Göttsche
    - [PATCH v3 06/36] libsepol: use logging framework in conditional.c, Christian Göttsche
    - [PATCH v3 17/36] libsepol: do not underflow on short format arguments, Christian Göttsche
    - [PATCH v3 24/36] libsepol: validate expanded user range and level, Christian Göttsche
    - [PATCH v3 30/36] libsepol: validate ocontexts, Christian Göttsche
    - [PATCH v3 31/36] libsepol: validate genfs contexts, Christian Göttsche
    - [PATCH v3 19/36] libsepol: do not crash on user gaps, Christian Göttsche
    - [PATCH v3 13/36] libsepol: reject abnormal huge sid ids, Christian Göttsche
    - [PATCH v3 25/36] libsepol: validate permission count of classes, Christian Göttsche
    - [PATCH v3 35/36] libsepol: validate fsuse types, Christian Göttsche
    - Re: [PATCH v3 00/36] libsepol: add fuzzer for reading binary policies, James Carter
      - Re: [PATCH v3 00/36] libsepol: add fuzzer for reading binary policies, James Carter
[PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
- Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
  - Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks, Stephen Smalley
    - Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
      - Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
[PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers, Florian Westphal
- Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers, Paul Moore
  - Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers, Ondrej Mosnacek
    - Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers, Paul Moore
      - Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers, Florian Westphal
[PATCH security-next] selinux: remove ipv6 hook wrappers, Florian Westphal
- Re: [PATCH security-next] selinux: remove ipv6 hook wrappers, Florian Westphal
[PATCH 1/4] libsepol: Fix potential undefined shifts, James Carter
- [PATCH 2/4] libsepol/cil: Fix potential undefined shifts, James Carter
  - Re: [PATCH 2/4] libsepol/cil: Fix potential undefined shifts, Nicolas Iooss
    - Re: [PATCH 2/4] libsepol/cil: Fix potential undefined shifts, James Carter
- [PATCH 3/4] checkpolicy: Fix potential undefined shifts, James Carter
- [PATCH 4/4] libselinux: Fix potential undefined shifts, James Carter
[PATCH] libsepol/cil: Fix potential undefined shifts, James Carter
- Re: [PATCH] libsepol/cil: Fix potential undefined shifts, Christian Göttsche
  - Re: [PATCH] libsepol/cil: Fix potential undefined shifts, James Carter
[PATCH v4 0/3] binder: use cred instead of task for security context, Todd Kjos
- [PATCH v4 1/3] binder: use cred instead of task for selinux checks, Todd Kjos

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]

Powered by Linux