Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

Re: [PATCH] libsepol/cil: Ensure that the class in a classcommon is a kernel class, (continued)
[RFC PATCH userspace 0/5] Allow rebuilding policy store only if there were external changes to modules, Ondrej Mosnacek
- [RFC PATCH userspace 1/5] libsemanage: add missing include to boolean_record.c, Ondrej Mosnacek
- [RFC PATCH userspace 2/5] semodule,libsemanage: move module hashing into libsemanage, Ondrej Mosnacek
  - Re: [RFC PATCH userspace 2/5] semodule,libsemanage: move module hashing into libsemanage, James Carter
    - Re: [RFC PATCH userspace 2/5] semodule,libsemanage: move module hashing into libsemanage, Ondrej Mosnacek
      - Re: [RFC PATCH userspace 2/5] semodule,libsemanage: move module hashing into libsemanage, Petr Lautrbach
- [RFC PATCH userspace 3/5] libsemanage: move compressed file handling into a separate object, Ondrej Mosnacek
  - Re: [RFC PATCH userspace 3/5] libsemanage: move compressed file handling into a separate object, James Carter
- [RFC PATCH userspace 5/5] semodule: add command-line option to detect module changes, Ondrej Mosnacek
  - Re: [RFC PATCH userspace 5/5] semodule: add command-line option to detect module changes, Christian Göttsche
    - Re: [RFC PATCH userspace 5/5] semodule: add command-line option to detect module changes, James Carter
  - Re: [RFC PATCH userspace 5/5] semodule: add command-line option to detect module changes, James Carter
- [RFC PATCH userspace 4/5] libsemanage: optionally rebuild policy when modules are changed externally, Ondrej Mosnacek
  - Re: [RFC PATCH userspace 4/5] libsemanage: optionally rebuild policy when modules are changed externally, James Carter
    - Re: [RFC PATCH userspace 4/5] libsemanage: optionally rebuild policy when modules are changed externally, Ondrej Mosnacek
[PATCH testsuite] tests/binder: Build only for 4.11 and later kernels, GONG, Ruiqi
- Re: [PATCH testsuite] tests/binder: Build only for 4.11 and later kernels, Ondrej Mosnacek
  - Re: [PATCH testsuite] tests/binder: Build only for 4.11 and later kernels, Gong Ruiqi
[PATCH 0/2 RFC] libsepol: Adding support for not-self rules, James Carter
- [PATCH 1/2 RFC] libsepol: Add not self support for neverallow rules, James Carter
- [PATCH 2/2 RFC] libsepol/cil: Add notself and minusself support to CIL, James Carter
- Re: [PATCH 0/2 RFC] libsepol: Adding support for not-self rules, Christian Göttsche
[PATCH 00/16 v2] Refactor and fix assertion checking, James Carter
- [PATCH 01/16 v2] libsepol: Return an error if check_assertion() returns an error., James Carter
- [PATCH 02/16 v2] libsepol: Change label in check_assertion_avtab_match(), James Carter
- [PATCH 05/16 v2] libsepol: Use consistent return checking style, James Carter
- [PATCH 04/16 v2] libsepol: Check for error from check_assertion_extended_permissions(), James Carter
- [PATCH 03/16 v2] libsepol: Remove uneeded error messages in assertion checking, James Carter
- [PATCH 08/16 v2] libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions, James Carter
- [PATCH 07/16 v2] libsepol: Create function check_assertion_self_match() and use it, James Carter
- [PATCH 06/16 v2] libsepol: Move check of target types to before check for self, James Carter
- [PATCH 09/16 v2] libsepol: Remove unnessesary check for matching class, James Carter
- [PATCH 10/16 v2] libsepol: Move assigning outer loop index out of inner loop, James Carter
- [PATCH 11/16 v2] libsepol: Make use of previously created ebitmap when checking self, James Carter
- [PATCH 12/16 v2] libsepol: Refactor match_any_class_permissions() to be clearer, James Carter
- [PATCH 13/16 v2] libsepol: Make return value clearer when reporting neverallowx errors, James Carter
- [PATCH 14/16 v2] libsepol: The src and tgt must be the same if neverallow uses self, James Carter
- [PATCH 15/16 v2] libsepol: Set args avtab pointer when reporting assertion violations, James Carter
- [PATCH 16/16 v2] libsepol: Fix two problems with neverallowxperm reporting, James Carter
- Re: [PATCH 00/16 v2] Refactor and fix assertion checking, James Carter
  - Re: [PATCH 00/16 v2] Refactor and fix assertion checking, James Carter
[GIT PULL] SELinux patches for v5.17, Paul Moore
- Re: [GIT PULL] SELinux patches for v5.17, pr-tracker-bot
[PATCH] policycoreutils: Improve error message when selabel_open fails, Vit Mojzis
- Re: [PATCH] policycoreutils: Improve error message when selabel_open fails, William Roberts
  - Re: [PATCH] policycoreutils: Improve error message when selabel_open fails, William Roberts
[PATCH] libsepol: check for saturated class name length, Christian Göttsche
- Re: [PATCH] libsepol: check for saturated class name length, James Carter
  - Re: [PATCH] libsepol: check for saturated class name length, James Carter
ANN: Reference Policy 2.20220106, Chris PeBenito
[PATCH 1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block, James Carter
- [PATCH 2/3] libsepol/cil: Mark as abstract all sub-blocks of an abstract block, James Carter
- [PATCH 3/3] libsepol/cil: Do not resolve names to declarations in abstract blocks, James Carter
- Re: [PATCH 1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block, James Carter
  - Re: [PATCH 1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block, James Carter
[GIT PULL] SELinux fixes for v5.16 (#4), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.16 (#4), pr-tracker-bot
[PATCH] selinux: initialize proto variable in selinux_ip_postroute_compat(), trix
- Re: [PATCH] selinux: initialize proto variable in selinux_ip_postroute_compat(), Paul Moore
[PATCH] libsepol: handle type gaps when optimizing, Christian Göttsche
- Re: [PATCH] libsepol: handle type gaps when optimizing, James Carter
- [PATCH v2] libsepol: handle type gaps, Christian Göttsche
  - Re: [PATCH v2] libsepol: handle type gaps, James Carter
    - Re: [PATCH v2] libsepol: handle type gaps, Christian Göttsche
      - Re: [PATCH v2] libsepol: handle type gaps, James Carter
- [PATCH v3] libsepol: handle type gaps, Christian Göttsche
  - Re: [PATCH v3] libsepol: handle type gaps, James Carter
    - Re: [PATCH v3] libsepol: handle type gaps, James Carter
[PATCH v2] libsepol: check for valid sensitivity before lookup, Christian Göttsche
- Re: [PATCH v2] libsepol: check for valid sensitivity before lookup, James Carter
  - Re: [PATCH v2] libsepol: check for valid sensitivity before lookup, James Carter
[PATCH] libsepol: check for valid sensitivity before lookup, Christian Göttsche
[PATCH] selinux: minor tweaks to selinux_add_opt(), Paul Moore
- Re: [PATCH] selinux: minor tweaks to selinux_add_opt(), Paul Moore
Granting myself access on oss-fuzz issue reports, Christian Göttsche
- Re: Granting myself access on oss-fuzz issue reports, Petr Lautrbach
[PATCH] libsepol/cil: bail out on snprintf failure, Christian Göttsche
- Re: [PATCH] libsepol/cil: bail out on snprintf failure, James Carter
  - Re: [PATCH] libsepol/cil: bail out on snprintf failure, James Carter
[GIT PULL] SELinux fixes for v5.16 (#3), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.16 (#3), Linus Torvalds
  - Re: [GIT PULL] SELinux fixes for v5.16 (#3), Olga Kornievskaia
    - Re: [GIT PULL] SELinux fixes for v5.16 (#3), Linus Torvalds
      - Re: [GIT PULL] SELinux fixes for v5.16 (#3), Olga Kornievskaia
- Re: [GIT PULL] SELinux fixes for v5.16 (#3), pr-tracker-bot
[PATCH 00/16] Refactor and fix assertion checking, James Carter
- [PATCH 01/16] libsepol: Return an error if check_assertion() returns an error., James Carter
- [PATCH 02/16] libsepol: Change label in check_assertion_avtab_match(), James Carter
- [PATCH 03/16] libsepol: Remove uneeded error messages in assertion checking, James Carter
- [PATCH 04/16] libsepol: Check for error from check_assertion_extended_permissions(), James Carter
- [PATCH 05/16] libsepol: Use consistent return checking style, James Carter
- [PATCH 06/16] libsepol: Move check of target types to before check for self, James Carter
- [PATCH 07/16] libsepol: Create function check_assertion_self_match() and use it, James Carter
- [PATCH 09/16] libsepol: Remove unnessesary check for matching class, James Carter
- [PATCH 10/16] libsepol: Move assigning outer loop index out of inner loop, James Carter
- [PATCH 11/16] libsepol: Make use of previously created ebitmap when checking self, James Carter
- [PATCH 12/16] libsepol: Refactor match_any_class_permissions() to be clearer, James Carter
- [PATCH 13/16] libsepol: Make return value clearer when reporting neverallowx errors, James Carter
- [PATCH 14/16] libsepol: The src and tgt must be the same if neverallow uses self, James Carter
- [PATCH 15/16] libsepol: Set args avtab pointer when reporting assertion violations, James Carter
- [PATCH 16/16] libsepol: Fix two problems with neverallowxperm reporting, James Carter
- [PATCH 08/16] libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions, James Carter
- Re: [PATCH 00/16] Refactor and fix assertion checking, James Carter
[PATCH] selinux-notebook: Add epub build, Richard Haines
- Re: [PATCH] selinux-notebook: Add epub build, Paul Moore
[PATCH v2] selinux: Fix sleeping function called from invalid context, Scott Mayhew
- Re: [PATCH v2] selinux: Fix sleeping function called from invalid context, Paul Moore
[PATCH] selinux: Fix sleeping function called from invalid context, Scott Mayhew
- Re: [PATCH] selinux: Fix sleeping function called from invalid context, Paul Moore
[PATCH] selinux: fix a wrong check condition of strcmp(), xkernel . wang
- Re: [PATCH] selinux: fix a wrong check condition of strcmp(), Stephen Smalley
  - Re: [PATCH] selinux: fix a wrong check condition of strcmp(), Xiaoke Wang
[PATCH] selinux: check the return value of audit_log_start(), xkernel . wang
- Re: [PATCH] selinux: check the return value of audit_log_start(), Paul Moore
- <Possible follow-ups>
- [PATCH] selinux: check the return value of audit_log_start(), xkernel . wang
- Re:[PATCH] selinux: check the return value of audit_log_start(), Xiaoke Wang
[PATCH v31 00/28] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v31 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
  - Re: [PATCH v31 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, kernel test robot
- [PATCH v31 02/28] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v31 03/28] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v31 04/28] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v31 05/28] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v31 06/28] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v31 07/28] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v31 08/28] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v31 09/28] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v31 10/28] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v31 11/28] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v31 12/28] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v31 13/28] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
  - Re: [PATCH v31 13/28] LSM: Use lsmblob in security_cred_getsecid, kernel test robot
- [PATCH v31 14/28] LSM: Specify which LSM to display, Casey Schaufler
  - Re: [PATCH v31 14/28] LSM: Specify which LSM to display, Christian Göttsche
    - Re: [PATCH v31 14/28] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v31 15/28] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v31 16/28] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v31 17/28] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v31 18/28] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v31 19/28] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v31 20/28] binder: Pass LSM identifier for confirmation, Casey Schaufler
- [PATCH v31 21/28] LSM: Extend security_secid_to_secctx to include module selection, Casey Schaufler
- [PATCH v31 22/28] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
- [PATCH v31 23/28] Audit: Create audit_stamp structure, Casey Schaufler
- [PATCH v31 24/28] Audit: Add framework for auxiliary records, Casey Schaufler
- [PATCH v31 25/28] Audit: Add record for multiple task security contexts, Casey Schaufler
- [PATCH v31 26/28] Audit: Add record for multiple object security contexts, Casey Schaufler
  - Re: [PATCH v31 26/28] Audit: Add record for multiple object security contexts, kernel test robot
  - Re: [PATCH v31 26/28] Audit: Add record for multiple object security contexts, kernel test robot
- [PATCH v31 27/28] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v31 28/28] AppArmor: Remove the exclusive flag, Casey Schaufler
[PATCH V2 0/4] SELinux Notebook: Add eBook reader build, Richard Haines
- [PATCH V2 3/4] src/images: Add new SELinux penguin, Richard Haines
  - Re: [PATCH V2 3/4] src/images: Add new SELinux penguin, Paul Moore
- [PATCH V2 4/4] selinux-notebook: Add epub build, Richard Haines
  - Re: [PATCH V2 4/4] selinux-notebook: Add epub build, Paul Moore
    - Re: [PATCH V2 4/4] selinux-notebook: Add epub build, Richard Haines
      - Re: [PATCH V2 4/4] selinux-notebook: Add epub build, Paul Moore
- [PATCH V2 1/4] selinux-notebook: Make file links consistent, Richard Haines
  - Re: [PATCH V2 1/4] selinux-notebook: Make file links consistent, Paul Moore
- [PATCH V2 2/4] src/images: Remove current penguin, Richard Haines
[PATCH v2] secilc: kernel policy language is infix, Topi Miettinen
- Re: [PATCH v2] secilc: kernel policy language is infix, James Carter
  - Re: [PATCH v2] secilc: kernel policy language is infix, James Carter
[PATCH v4] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
- Re: [PATCH v4] selinux-notebook: New chapter: Hardening SELinux, Paul Moore
overlay userxattr seems to not adhere to defaultrole, Dominick Grift
[PATCH v3] security/selinux: fix potential memleak in error branch, Bernard Zhao
- Re: [PATCH v3] security/selinux: fix potential memleak in error branch, Paul Moore
[PATCH 0/4] SELinux Notebook: Add eBook reader build, Richard Haines
- [PATCH 1/4] selinux-notebook: Make file links consistent, Richard Haines
- [PATCH 2/4] src/images: Remove current penguin, Richard Haines
  - Re: [PATCH 2/4] src/images: Remove current penguin, Daniel Burgener
- [PATCH 4/4] selinux-notebook: Add epub build, Richard Haines
- Re: [PATCH 0/4] SELinux Notebook: Add eBook reader build, Daniel Burgener
  - Re: [PATCH 0/4] SELinux Notebook: Add eBook reader build, Richard Haines
[RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, David Howells
- [RFC PATCH 2/2] security, nfs: Provide a hook for fs_context security initialisation, David Howells
- Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, Paul Moore
- Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, David Howells
  - Re: [RFC PATCH 1/2] security: Remove security_add_mnt_opt() as it's unused, Paul Moore
[PATCH V2 0/7] Various SELinux Notebook updates, Richard Haines
- [PATCH V2 4/7] policy_config_files.md: Update openrc_contexts contents, Richard Haines
  - Re: [PATCH V2 4/7] policy_config_files.md: Update openrc_contexts contents, Paul Moore
- [PATCH V2 1/7] notebook: Minor formatting fixes, Richard Haines
  - Re: [PATCH V2 1/7] notebook: Minor formatting fixes, Paul Moore
- [PATCH V2 6/7] policy_config_files.md: Update snapperd_contexts contents, Richard Haines
  - Re: [PATCH V2 6/7] policy_config_files.md: Update snapperd_contexts contents, Paul Moore
- [PATCH V2 2/7] object_classes_permissions.md: Correct the context object class entry, Richard Haines
  - Re: [PATCH V2 2/7] object_classes_permissions.md: Correct the context object class entry, Paul Moore
- [PATCH V2 7/7] title.md: Clarify example code location, Richard Haines
  - Re: [PATCH V2 7/7] title.md: Clarify example code location, Paul Moore
- [PATCH V2 3/7] object_classes_permissions.md: Deprecate lockdown class, Richard Haines
  - Re: [PATCH V2 3/7] object_classes_permissions.md: Deprecate lockdown class, Paul Moore
- [PATCH V2 5/7] policy_config_files.md: Update openssh_contexts contents, Richard Haines
  - Re: [PATCH V2 5/7] policy_config_files.md: Update openssh_contexts contents, Paul Moore
[PATCH] security,selinux: remove security_add_mnt_opt(), Ondrej Mosnacek
- Re: [PATCH] security,selinux: remove security_add_mnt_opt(), Casey Schaufler
- Re: [PATCH] security,selinux: remove security_add_mnt_opt(), Paul Moore
- Re: [PATCH] security,selinux: remove security_add_mnt_opt(), James Morris
[PATCH v2] security/selinux: fix potential memleak in error branch, Bernard Zhao
- Re: [PATCH v2] security/selinux: fix potential memleak in error branch, Ondrej Mosnacek
- Message not available
  - 答复: [PATCH v2] security/selinux: fix potential memleak in error branch, 赵军奎
    - Re: [PATCH v2] security/selinux: fix potential memleak in error branch, Ondrej Mosnacek
[PATCH 0/7] Various SELinux Notebook updates, Richard Haines
- [PATCH 1/7] notebook: Minor formatting fixes, Richard Haines
- [PATCH 3/7] object_classes_permissions.md: Deprecate lockdown class, Richard Haines
- [PATCH 2/7] object_classes_permissions.md: Correct the context object class entry, Richard Haines
- [PATCH 5/7] policy_config_files.md: Update openssh_contexts contents, Richard Haines
  - Re: [PATCH 5/7] policy_config_files.md: Update openssh_contexts contents, Dominick Grift
- [PATCH 4/7] policy_config_files.md: Update openrc_contexts contents, Richard Haines
- [PATCH 7/7] title.md: Clarify example code location, Richard Haines
- [PATCH 6/7] policy_config_files.md: Update snapperd_contexts contents, Richard Haines
[PATCH -next] selinux: Use struct_size() helper in kmalloc(), Xiu Jianfeng
- Re: [PATCH -next] selinux: Use struct_size() helper in kmalloc(), Paul Moore
[PATCH] security/selinux: fix potential memleak, Bernard Zhao
- Re: [PATCH] security/selinux: fix potential memleak, Paul Moore
  - Re: [PATCH] security/selinux: fix potential memleak, Ondrej Mosnacek
  - Message not available
    - 答复: [PATCH] security/selinux: fix potential memleak, 赵军奎
[PATCH] security/selinux: fix potential memleak in error branch, Bernard Zhao
- Re: [PATCH] security/selinux: fix potential memleak in error branch, Paul Moore
- Message not available
  - 答复: [PATCH] security/selinux: fix potential memleak in error branch, 赵军奎
[PATCH 1/2] libsepol/cil: support IPv4/IPv6 address embedding, Christian Göttsche
- [PATCH 2/2] checkpolicy: warn on bogus IP address or netmask in nodecon statement, Christian Göttsche
  - Re: [PATCH 2/2] checkpolicy: warn on bogus IP address or netmask in nodecon statement, James Carter
- Re: [PATCH 1/2] libsepol/cil: support IPv4/IPv6 address embedding, James Carter
  - Re: [PATCH 1/2] libsepol/cil: support IPv4/IPv6 address embedding, James Carter
[PATCH XSERVER 1/2] selinux: remap security classes on policyload, Christian Göttsche
- [PATCH XSERVER 2/2] selinux: log events with appropriate audit type, Christian Göttsche
[PATCH] libsepol: free ebitmap on end of function, Christian Göttsche
[PATCH V2 testsuite] tests/inet_socket: Add socket transition tests, Richard Haines
[PATCH 5.15 222/279] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
[PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
- Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Jari Ruusu
  - Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
    - Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
      - Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
        
        Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Christian Göttsche
        
        Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
        
        Re: [PATCH 5.10 130/154] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
[PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS, Jacob M Cutright
- Re: [PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS, Petr Lautrbach
  - Re: [PATCH] Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS, Petr Lautrbach
[PATCH v30 00/28] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v30 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, Casey Schaufler
  - Re: [PATCH v30 01/28] integrity: disassociate ima_filter_rule from security_audit_rule, Paul Moore
- [PATCH v30 02/28] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v30 03/28] LSM: Add the lsmblob data structure., Casey Schaufler
  - Re: [PATCH v30 03/28] LSM: Add the lsmblob data structure., Paul Moore
- [PATCH v30 04/28] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v30 05/28] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
  - Re: [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match, kernel test robot
  - Re: [PATCH v30 06/28] LSM: Use lsmblob in security_audit_rule_match, Paul Moore
- [PATCH v30 07/28] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v30 08/28] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v30 09/28] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v30 10/28] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v30 11/28] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v30 12/28] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v30 13/28] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v30 14/28] LSM: Specify which LSM to display, Casey Schaufler
  - Re: [PATCH v30 14/28] LSM: Specify which LSM to display, Christian Göttsche
    - Re: [PATCH v30 14/28] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v30 15/28] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v30 16/28] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v30 17/28] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v30 18/28] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v30 19/28] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v30 20/28] binder: Pass LSM identifier for confirmation, Casey Schaufler
- [PATCH v30 21/28] LSM: Extend security_secid_to_secctx to include module selection, Casey Schaufler
- [PATCH v30 22/28] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
  - Re: [PATCH v30 22/28] Audit: Keep multiple LSM data in audit_names, Paul Moore
- [PATCH v30 23/28] Audit: Create audit_stamp structure, Casey Schaufler
  - Re: [PATCH v30 23/28] Audit: Create audit_stamp structure, Paul Moore
- [PATCH v30 24/28] Audit: Add framework for auxiliary records, Casey Schaufler
  - Re: [PATCH v30 24/28] Audit: Add framework for auxiliary records, Paul Moore
- [PATCH v30 25/28] Audit: Add record for multiple task security contexts, Casey Schaufler
  - Re: [PATCH v30 25/28] Audit: Add record for multiple task security contexts, Paul Moore
- [PATCH v30 26/28] Audit: Add record for multiple object security contexts, Casey Schaufler
  - Re: [PATCH v30 26/28] Audit: Add record for multiple object security contexts, kernel test robot
  - Re: [PATCH v30 26/28] Audit: Add record for multiple object security contexts, kernel test robot
  - Re: [PATCH v30 26/28] Audit: Add record for multiple object security contexts, Paul Moore
- [PATCH v30 27/28] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v30 28/28] AppArmor: Remove the exclusive flag, Casey Schaufler
[GIT PULL] SELinux fixes for v5.16 (#2), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.16 (#2), pr-tracker-bot
[RFC PATCH 1/3] libsepol: introduce ebitmap_subtract(), Christian Göttsche
- [RFC PATCH 2/3] libsepol: add not-self neverallow support, Christian Göttsche
- [RFC PATCH 3/3] checkpolicy: add not-self neverallow support, Christian Göttsche
- [RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract(), Christian Göttsche
  - [RFC PATCH v2 2/4] libsepol: add not-self neverallow support, Christian Göttsche
    - Re: [RFC PATCH v2 2/4] libsepol: add not-self neverallow support, James Carter
  - [RFC PATCH v2 3/4] checkpolicy: add not-self neverallow support, Christian Göttsche
    - Re: [RFC PATCH v2 3/4] checkpolicy: add not-self neverallow support, James Carter
      - Re: [RFC PATCH v2 3/4] checkpolicy: add not-self neverallow support, Christian Göttsche
  - [RFC PATCH v2 4/4] libsepol: free ebitmap on end of function, Christian Göttsche
  - Re: [RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract(), James Carter
    - Re: [RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract(), Christian Göttsche
      - Re: [RFC PATCH v2 1/4] libsepol: introduce ebitmap_subtract(), James Carter
  - [RFC PATCH v3 1/5] libsepol: introduce ebitmap_relative_complement(), Christian Göttsche
    - [RFC PATCH v3 2/5] libsepol: add not-self neverallow support, Christian Göttsche
    - [RFC PATCH v3 4/5] libsepol: free ebitmap on end of function, Christian Göttsche
    - [RFC PATCH v3 3/5] checkpolicy: add not-self neverallow support, Christian Göttsche
    - [RFC PATCH v3 5/5] libsepol: pass avtab to report function, Christian Göttsche
      - Re: [RFC PATCH v3 5/5] libsepol: pass avtab to report function, James Carter
[PATCH 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE, Christian Göttsche
- [PATCH 2/3] libselinux: use PCRE2 by default, Christian Göttsche
  - Re: [PATCH 2/3] libselinux: use PCRE2 by default, Petr Lautrbach
  - Re: [PATCH 2/3] libselinux: use PCRE2 by default, Petr Lautrbach
- [PATCH 3/3] Replace PCRE with PCRE2 build dependencies, Christian Göttsche
  - Re: [PATCH 3/3] Replace PCRE with PCRE2 build dependencies, Petr Lautrbach
- Re: [PATCH 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE, Petr Lautrbach
- [PATCH v2 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE, Christian Göttsche
  - Re: [PATCH v2 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE, Petr Lautrbach
    - Re: [PATCH v2 1/3] mcstrans: port to new PCRE2 from end-of-life PCRE, James Carter
[PATCH] semodule: Don't forget to munmap() data, Petr Lautrbach
- Re: [PATCH] semodule: Don't forget to munmap() data, James Carter
  - Re: [PATCH] semodule: Don't forget to munmap() data, Petr Lautrbach
[PATCH] libselinux: Fix selinux_restorecon_parallel symbol version, Petr Lautrbach
- Re: [PATCH] libselinux: Fix selinux_restorecon_parallel symbol version, Ondrej Mosnacek
  - Re: [PATCH] libselinux: Fix selinux_restorecon_parallel symbol version, Petr Lautrbach
[PATCH 1/2] selinux: Add map perms, Jason Zaman
- [PATCH 2/2] dbus: Add filetrans for /tmp/dbus-* session socket, Jason Zaman
[PATCH] Kernel policy language is infix, Topi Miettinen
- <Possible follow-ups>
- [PATCH] Kernel policy language is infix, Topi Miettinen
[PATCH] selinux: fix NULL-pointer dereference when hashtab allocation fails, Ondrej Mosnacek
- Re: [PATCH] selinux: fix NULL-pointer dereference when hashtab allocation fails, Paul Moore
[PATCH testsuite] tests/inet_socket: Add socket transition tests, Richard Haines
[PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, David Anderson
- [PATCH v19 1/4] Add flags option to get xattr method paired to __vfs_getxattr, David Anderson
  - Re: [PATCH v19 1/4] Add flags option to get xattr method paired to __vfs_getxattr, Luca Weiss
    - Re: [PATCH v19 1/4] Add flags option to get xattr method paired to __vfs_getxattr, Paul Moore
- [PATCH v19 2/4] overlayfs: handle XATTR_NOSECURITY flag for get xattr method, David Anderson
- [PATCH v19 3/4] overlayfs: override_creds=off option bypass creator_cred, David Anderson
- [PATCH v19 4/4] overlayfs: inode_owner_or_capable called during execv, David Anderson
- Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Casey Schaufler
  - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, David Anderson
- Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
  - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, David Anderson
    - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
      - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, David Anderson
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Lawrence
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
  - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Vivek Goyal
    - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
    - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
      - Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Vivek Goyal
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
        
        Message not available
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Vivek Goyal
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Johannes Segitz
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Amir Goldstein
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
        
        Re: [PATCH v19 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
[PATCH V2] netlabel: Update man page to clarify SELinux labeling, Richard Haines
- Re: [PATCH V2] netlabel: Update man page to clarify SELinux labeling, Richard Haines
  - Re: [PATCH V2] netlabel: Update man page to clarify SELinux labeling, Paul Moore
- Re: [PATCH V2] netlabel: Update man page to clarify SELinux labeling, Paul Moore
[PATCH] netlabel: Update man page to clarify SELinux labeling, Richard Haines
[PATCH] semodule: Fix lang_ext column index, Petr Lautrbach
- Re: [PATCH] semodule: Fix lang_ext column index, James Carter
  - Re: [PATCH] semodule: Fix lang_ext column index, Petr Lautrbach
[PATCH] semodule: add -m | --checksum option, Petr Lautrbach
- Re: [PATCH] semodule: add -m | --checksum option, James Carter
  - Re: [PATCH] semodule: add -m | --checksum option, Petr Lautrbach
[PATCH] ci: run the tests under ASan/UBsan on GHActions, Evgeny Vereshchagin
- Re: [PATCH] ci: run the tests under ASan/UBsan on GHActions, Christian Göttsche
- Re: [PATCH] ci: run the tests under ASan/UBsan on GHActions, James Carter
  - Re: [PATCH] ci: run the tests under ASan/UBsan on GHActions, James Carter
[RFC PATCH] capability: add capable_or to test for multiple caps with exactly one audit message, Christian Göttsche
[PATCH v3] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
- Re: [PATCH v3] selinux-notebook: New chapter: Hardening SELinux, Paul Moore
  - Re: [PATCH v3] selinux-notebook: New chapter: Hardening SELinux, Dominick Grift
- Re: [PATCH v3] selinux-notebook: New chapter: Hardening SELinux, Daniel Burgener
[PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Alistair Delva
- Re: [PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Bart Van Assche
- Re: [PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
- Re: [PATCH v2] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Jens Axboe
[PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Alistair Delva
- Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Ondrej Mosnacek
  - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Alistair Delva
    - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Casey Schaufler
      - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
    - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Dominick Grift
    - RE: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, David Laight
      - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Serge E. Hallyn
  - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Greg Kroah-Hartman
- Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Jens Axboe
  - Re: [PATCH] block: Check ADMIN before NICE for IOPRIO_CLASS_RT, Alistair Delva
[PATCH v2] Support static-only builds, Alyssa Ross
[PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
- Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Daniel Burgener
  - Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Dominick Grift
    - Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
      - Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Dominick Grift
        
        Re: [PATCH v2] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
[GIT PULL] SELinux fix / revert for v5.16 (#1), Paul Moore
- Re: [GIT PULL] SELinux fix / revert for v5.16 (#1), pr-tracker-bot
[PATCH] net,lsm,selinux: revert the security_sctp_assoc_established() hook, Paul Moore
- Re: [PATCH] net,lsm,selinux: revert the security_sctp_assoc_established() hook, patchwork-bot+netdevbpf
[PATCH] binder: fix test regression due to sender_euid change, Todd Kjos
- Re: [PATCH] binder: fix test regression due to sender_euid change, Christian Brauner
- Re: [PATCH] binder: fix test regression due to sender_euid change, Paul Moore
  - Re: [PATCH] binder: fix test regression due to sender_euid change, Todd Kjos
    - Re: [PATCH] binder: fix test regression due to sender_euid change, Greg KH
[PATCH 01/12] checkpolicy: use correct unsigned format specifiers, Christian Göttsche
- [PATCH 02/12] libsepol: use string literals as format strings, Christian Göttsche
- [PATCH 03/12] policycoreutils: use string literal as format strings, Christian Göttsche
- [PATCH 04/12] Enable extra global compiler warnings, Christian Göttsche
- [PATCH 05/12] checkpolicy: ignore possible string truncation, Christian Göttsche
- [PATCH 06/12] policycoreutils: mark local functions static, Christian Göttsche
- [PATCH 07/12] sandbox: mark local functions static, Christian Göttsche
- [PATCH 08/12] python: mark local functions static, Christian Göttsche
- [PATCH 09/12] mcstrans: avoid missing prototypes, Christian Göttsche
- [PATCH 10/12] libsemanage: mark local functions static, Christian Göttsche
- [PATCH 11/12] libsemanage: include paired header for prototypes, Christian Göttsche
- [PATCH 12/12] libsemanage: add extern prototype for legacy function, Christian Göttsche
- Re: [PATCH 01/12] checkpolicy: use correct unsigned format specifiers, James Carter
  - Re: [PATCH 01/12] checkpolicy: use correct unsigned format specifiers, James Carter
[PATCH] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
- Re: [PATCH] selinux-notebook: New chapter: Hardening SELinux, Daniel Burgener
  - Re: [PATCH] selinux-notebook: New chapter: Hardening SELinux, Topi Miettinen
[PATCH] Support static-only builds, Alyssa Ross
- Re: [PATCH] Support static-only builds, Nicolas Iooss
  - Re: [PATCH] Support static-only builds, Alyssa Ross
[PATCH 5.10 1/3] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 5.10 2/3] binder: use cred instead of task for selinux checks, Todd Kjos
- [PATCH 5.10 3/3] binder: use cred instead of task for getsecid, Todd Kjos
[PATCH 5.4 1/3] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 5.4 2/3] binder: use cred instead of task for selinux checks, Todd Kjos
- [PATCH 5.4 3/3] binder: use cred instead of task for getsecid, Todd Kjos
[PATCH 4.19 1/2] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 4.19 2/2] binder: use cred instead of task for selinux checks, Todd Kjos
[PATCH 4.14 1/2] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 4.14 2/2] binder: use cred instead of task for selinux checks, Todd Kjos
[PATCH 4.9 1/2] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 4.9 2/2] binder: use cred instead of task for selinux checks, Todd Kjos
[PATCH 4.4 1/2] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH 4.4 2/2] binder: use cred instead of task for selinux checks, Todd Kjos
  - Re: [PATCH 4.4 2/2] binder: use cred instead of task for selinux checks, Greg KH
    - Re: [PATCH 4.4 2/2] binder: use cred instead of task for selinux checks, Greg KH
[PATCH v3 0/1] fuse: Send file/inode security context during creation, Vivek Goyal
- [PATCH v3 1/1] fuse: Send security context of inode on file creation, Vivek Goyal
  - Re: [PATCH v3 1/1] fuse: Send security context of inode on file creation, Vivek Goyal
  - Re: [PATCH v3 1/1] fuse: Send security context of inode on file creation, Vivek Goyal
[PATCH 0/5 v2] Fix/add optional file type handling for genfscon rules, James Carter
- [PATCH 1/5 v2] libsepol: Add support for file types in writing out policy.conf, James Carter
  - Message not available
    - Re: [PATCH 1/5 v2] libsepol: Add support for file types in writing out policy.conf, James Carter
- [PATCH 2/5 v2] libsepol/cil: Refactor filecon file type handling, James Carter
- [PATCH 3/5 v2] libsepol/cil: Allow optional file type in genfscon rules, James Carter
- [PATCH 4/5 v2] secilc/docs: Document the optional file type for genfscon rules, James Carter
- [PATCH 5/5] libsepol: Write out genfscon file type when writing out CIL policy, James Carter
[RFC PATCH] selinux: Add netlink xperm support, Bram Bonne
- Re: [RFC PATCH] selinux: Add netlink xperm support, Stephen Smalley
  - Re: [RFC PATCH] selinux: Add netlink xperm support, Stephen Smalley
  - Re: [RFC PATCH] selinux: Add netlink xperm support, Stephen Smalley
    - Re: [RFC PATCH] selinux: Add netlink xperm support, Paul Moore
      - Re: [RFC PATCH] selinux: Add netlink xperm support, Thiébaud Weksteen
        
        Re: [RFC PATCH] selinux: Add netlink xperm support, Paul Moore
[RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, Bram Bonne
- Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, James Carter
  - Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, Bram Bonné
    - Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, Jeffrey Vander Stoep
- Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, James Carter
  - Re: [RFC PATCH] libsepol,checkpolicy: Add netlink xperm support, James Carter
[PATCH] Use IANA-managed domain example.com in examples, markus . linnala
- Re: [PATCH] Use IANA-managed domain example.com in examples, Petr Lautrbach
  - Re: [PATCH] Use IANA-managed domain example.com in examples, Petr Lautrbach
[RFC PATCH 0/1] selinux-testsuite: Add tests for sctp_socket transition rules, Richard Haines
- [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules, Richard Haines
  - Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules, Ondrej Mosnacek
    - Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules, Paul Moore
    - Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules, Richard Haines
      - Re: [RFC PATCH 1/1] testsuite sctp: Add tests for sctp_socket transition rules, Paul Moore
- Re: [RFC PATCH 0/1] selinux-testsuite: Add tests for sctp_socket transition rules, Paul Moore
Re: [RFC PATCH v2 00/36] libsepol: add fuzzer for reading binary policies, Christian Göttsche
[PATCH net] selinux: fix SCTP client peeloff socket labeling, Ondrej Mosnacek
- Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Paul Moore
  - Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, David Miller
    - Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Paul Moore
- Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Jakub Kicinski
  - Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Paul Moore
    - Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Ondrej Mosnacek
      - Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Paul Moore
        
        Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Ondrej Mosnacek
        
        Re: [PATCH net] selinux: fix SCTP client peeloff socket labeling, Paul Moore
[RFC] Cascade: a high level SELinux policy language, Daniel Burgener
- Re: [RFC] Cascade: a high level SELinux policy language, James Carter
  - Re: [RFC] Cascade: a high level SELinux policy language, Daniel Burgener
    - Message not available
      - Re: [RFC] Cascade: a high level SELinux policy language, Daniel Burgener
        
        Re: [RFC] Cascade: a high level SELinux policy language, James Carter
[PATCHv2 net 0/4] security: fixups for the security hooks in sctp, Xin Long
- [PATCHv2 net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone, Xin Long
- [PATCHv2 net 2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce, Xin Long
- [PATCHv2 net 3/4] security: add sctp_assoc_established hook, Xin Long
- [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
  - Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Ondrej Mosnacek
    - Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
      - Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Richard Haines
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Ondrej Mosnacek
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, David Miller
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCHv2 net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
- Re: [PATCHv2 net 0/4] security: fixups for the security hooks in sctp, patchwork-bot+netdevbpf
[GIT PULL] SELinux patches for v5.16, Paul Moore
- Re: [GIT PULL] SELinux patches for v5.16, Linus Torvalds
  - Re: [GIT PULL] SELinux patches for v5.16, Paul Moore
    - Re: [GIT PULL] SELinux patches for v5.16, Linus Torvalds
      - Re: [GIT PULL] SELinux patches for v5.16, Linus Torvalds
        
        Re: [GIT PULL] SELinux patches for v5.16, Paul Moore
- Re: [GIT PULL] SELinux patches for v5.16, pr-tracker-bot
[PATCH 0/4] Fix/add optional file type handling for genfscon rules, James Carter
- [PATCH 1/4] libsepol: Add support for file types in writing out policy.conf, James Carter
- [PATCH 2/4] libsepol/cil: Allow optional file type in genfscon rules, James Carter
- [PATCH 3/4] secilc/docs: Document the optional file type for genfscon rules, James Carter
- [PATCH 4/4] libsepol: Write out genfscon file type when writing out CIL policy, James Carter
- Re: [PATCH 0/4] Fix/add optional file type handling for genfscon rules, Stephen Smalley
  - Re: [PATCH 0/4] Fix/add optional file type handling for genfscon rules, Nicolas Iooss
    - Re: [PATCH 0/4] Fix/add optional file type handling for genfscon rules, James Carter
[PATCH userspace v4 0/8] Parallel setfiles/restorecon, Ondrej Mosnacek
- [PATCH userspace v4 1/8] label_file: fix a data race, Ondrej Mosnacek
- [PATCH userspace v4 2/8] selinux_restorecon: simplify fl_head allocation by using calloc(), Ondrej Mosnacek
- [PATCH userspace v4 3/8] selinux_restorecon: protect file_spec list with a mutex, Ondrej Mosnacek
- [PATCH userspace v4 4/8] libselinux: make selinux_log() thread-safe, Ondrej Mosnacek
- [PATCH userspace v4 5/8] libselinux: make is_context_customizable() thread-safe, Ondrej Mosnacek
  - Re: [PATCH userspace v4 5/8] libselinux: make is_context_customizable() thread-safe, Christian Göttsche
- [PATCH userspace v4 6/8] selinux_restorecon: add a global mutex to synchronize progress output, Ondrej Mosnacek
- [PATCH userspace v4 8/8] setfiles/restorecon: support parallel relabeling, Ondrej Mosnacek
- [PATCH userspace v4 7/8] selinux_restorecon: introduce selinux_restorecon_parallel(3), Ondrej Mosnacek
- Re: [PATCH userspace v4 0/8] Parallel setfiles/restorecon, Ondrej Mosnacek
  - Re: [PATCH userspace v4 0/8] Parallel setfiles/restorecon, Petr Lautrbach
    - Re: [PATCH userspace v4 0/8] Parallel setfiles/restorecon, Petr Lautrbach
[PATCH testsuite v2] tests: make kernel iptables support optional, Ondrej Mosnacek
- Re: [PATCH testsuite v2] tests: make kernel iptables support optional, Ondrej Mosnacek
[PATCH testsuite] tests/inet_socket: make kernel iptables support optional, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/inet_socket: make kernel iptables support optional, Ondrej Mosnacek
ANN: SELinux userspace 3.3 release, Petr Lautrbach
[PATCH net 0/4] security: fixups for the security hooks in sctp, Xin Long
- [PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone, Xin Long
  - Re: [PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone, Jakub Kicinski
    - Re: [PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone, Xin Long
  - Re: [PATCH net 1/4] security: pass asoc to sctp_assoc_request and sctp_sk_clone, Richard Haines
- [PATCH net 2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce, Xin Long
  - Re: [PATCH net 2/4] security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce, Ondrej Mosnacek
- [PATCH net 3/4] security: add sctp_assoc_established hook, Xin Long
  - Re: [PATCH net 3/4] security: add sctp_assoc_established hook, kernel test robot
  - Re: [PATCH net 3/4] security: add sctp_assoc_established hook, kernel test robot
  - Re: [PATCH net 3/4] security: add sctp_assoc_established hook, Ondrej Mosnacek
- [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
  - Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Ondrej Mosnacek
    - Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
      - Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Ondrej Mosnacek
        
        Message not available
        
        Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
        
        Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Xin Long
        
        Re: [PATCH net 4/4] security: implement sctp_assoc_established hook in selinux, Paul Moore
- Re: [PATCH net 0/4] security: fixups for the security hooks in sctp, Richard Haines
[PATCH] sctp: initialize endpoint LSM labels also on the client side, Ondrej Mosnacek
- Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side, Ondrej Mosnacek
- Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side, Marcelo Ricardo Leitner
  - Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side, Xin Long
    - Re: [PATCH] sctp: initialize endpoint LSM labels also on the client side, Ondrej Mosnacek
[PATCH testsuite] tests/sctp: add client peeloff tests, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/sctp: add client peeloff tests, Paul Moore
  - Re: [PATCH testsuite] tests/sctp: add client peeloff tests, Ondrej Mosnacek
[PATCH] libsepol: avoid passing NULL pointer to memcpy, Christian Göttsche
- Re: [PATCH] libsepol: avoid passing NULL pointer to memcpy, James Carter
- [PATCH v2] libsepol: avoid passing NULL pointer to memcpy, Christian Göttsche
  - Re: [PATCH v2] libsepol: avoid passing NULL pointer to memcpy, Nicolas Iooss
    - Re: [PATCH v2] libsepol: avoid passing NULL pointer to memcpy, Nicolas Iooss
Release 3.3 or not?, Petr Lautrbach
- Re: Release 3.3 or not?, James Carter
kernel NULL pointer dereference on selinux_ip_postroute, Corentin Labbe
[PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat(), Paul Moore
- Re: [PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat(), Ondrej Mosnacek
  - Re: [PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat(), Paul Moore
- Re: [PATCH] selinux: fix a sock regression in selinux_ip_postroute_compat(), Paul Moore
[PATCH userspace v3 0/7] Parallel setfiles/restorecon, Ondrej Mosnacek
- [PATCH userspace v3 1/7] label_file: fix a data race, Ondrej Mosnacek
- [PATCH userspace v3 2/7] selinux_restorecon: simplify fl_head allocation by using calloc(), Ondrej Mosnacek
- [PATCH userspace v3 3/7] selinux_restorecon: protect file_spec list with a mutex, Ondrej Mosnacek
- [PATCH userspace v3 5/7] selinux_restorecon: add a global mutex to synchronize progress output, Ondrej Mosnacek
- [PATCH userspace v3 6/7] selinux_restorecon: introduce selinux_restorecon_parallel(3), Ondrej Mosnacek
- [PATCH userspace v3 7/7] setfiles/restorecon: support parallel relabeling, Ondrej Mosnacek
- [PATCH userspace v3 4/7] libselinux: make selinux_log() thread-safe, Ondrej Mosnacek
- Re: [PATCH userspace v3 0/7] Parallel setfiles/restorecon, Christian Göttsche
  - Re: [PATCH userspace v3 0/7] Parallel setfiles/restorecon, Ondrej Mosnacek
[next] BUG: kernel NULL pointer dereference, address:: selinux_ip_postroute_compat, Naresh Kamboju
- Re: [next] BUG: kernel NULL pointer dereference, address:: selinux_ip_postroute_compat, Florian Westphal
  - Re: [next] BUG: kernel NULL pointer dereference, address:: selinux_ip_postroute_compat, Paul Moore
[PATCH] libselinux: use dummy variable to silence glibc 2.34 warnings, Christian Göttsche
- Re: [PATCH] libselinux: use dummy variable to silence glibc 2.34 warnings, Nicolas Iooss
  - Re: [PATCH] libselinux: use dummy variable to silence glibc 2.34 warnings, Christian Göttsche
- [PATCH v2] libselinux: use valid address to silence glibc 2.34 warnings, Christian Göttsche
  - Re: [PATCH v2] libselinux: use valid address to silence glibc 2.34 warnings, Nicolas Iooss
    - Re: [PATCH v2] libselinux: use valid address to silence glibc 2.34 warnings, Nicolas Iooss
[PATCH userspace v2 0/6] Parallel setfiles/restorecon, Ondrej Mosnacek
- [PATCH userspace v2 1/6] selinux_restorecon: simplify fl_head allocation by using calloc(), Ondrej Mosnacek
- [PATCH userspace v2 2/6] selinux_restorecon: protect file_spec list with a mutex, Ondrej Mosnacek
- [PATCH userspace v2 3/6] libselinux: make selinux_log() thread-safe, Ondrej Mosnacek
- [PATCH userspace v2 4/6] selinux_restorecon: add a global mutex to synchronize progress output, Ondrej Mosnacek
- [PATCH userspace v2 6/6] setfiles/restorecon: support parallel relabeling, Ondrej Mosnacek
- [PATCH userspace v2 5/6] selinux_restorecon: introduce selinux_restorecon_parallel(3), Ondrej Mosnacek
- Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon, Christian Göttsche
  - Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon, Ondrej Mosnacek
    - Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon, Ondrej Mosnacek
      - Re: [PATCH userspace v2 0/6] Parallel setfiles/restorecon, Ondrej Mosnacek
[PATCH] selinux: fix all of the W=1 build warnings, Paul Moore
- Re: [PATCH] selinux: fix all of the W=1 build warnings, Paul Moore
[PATCH 1/3] libsepol: do not pass NULL to memcpy, Christian Göttsche
- [PATCH 2/3] libsemanage: do not sort empty records, Christian Göttsche
  - Re: [PATCH 2/3] libsemanage: do not sort empty records, Nicolas Iooss
- [PATCH 3/3] libsemanage/tests: free memory, Christian Göttsche
  - Re: [PATCH 3/3] libsemanage/tests: free memory, Nicolas Iooss
- Re: [PATCH 1/3] libsepol: do not pass NULL to memcpy, Nicolas Iooss
  - Re: [PATCH 1/3] libsepol: do not pass NULL to memcpy, Christian Göttsche
- [PATCH v2 1/3] libsepol: do not pass NULL to memcpy, Christian Göttsche
  - [PATCH v2 3/3] libsemanage/tests: free memory, Christian Göttsche
  - [PATCH v2 2/3] libsemanage: do not sort empty records, Christian Göttsche
  - Re: [PATCH v2 1/3] libsepol: do not pass NULL to memcpy, Nicolas Iooss
    - Re: [PATCH v2 1/3] libsepol: do not pass NULL to memcpy, Nicolas Iooss
[PATCH v2] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
- Re: [PATCH v2] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Paul Moore
- Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Ondrej Mosnacek
  - Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Paul Moore
    - Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Mickaël Salaün
      - Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Christian Brauner
        
        Re: [PATCH] security/landlock: use square brackets around "landlock-ruleset", Mickaël Salaün
[PATCH v2 0/2] fuse: Send file/inode security context during creation, Vivek Goyal
- [PATCH v2 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
  - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
    - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
      - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
  - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Miklos Szeredi
    - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
      - Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Miklos Szeredi
        
        Re: [PATCH v2 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
- [PATCH v2 1/2] fuse: Add a flag FUSE_SECURITY_CTX, Vivek Goyal
  - Re: [PATCH v2 1/2] fuse: Add a flag FUSE_SECURITY_CTX, Casey Schaufler
    - Re: [PATCH v2 1/2] fuse: Add a flag FUSE_SECURITY_CTX, Vivek Goyal
- Re: [PATCH v2 0/2] fuse: Send file/inode security context during creation, Vivek Goyal
[PATCH v5 0/3] binder: use cred instead of task for security context, Todd Kjos
- [PATCH v5 1/3] binder: use euid from cred instead of using task, Todd Kjos
- [PATCH v5 2/3] binder: use cred instead of task for selinux checks, Todd Kjos
- [PATCH v5 3/3] binder: use cred instead of task for getsecid, Todd Kjos
- Re: [PATCH v5 0/3] binder: use cred instead of task for security context, Casey Schaufler
- Re: [PATCH v5 0/3] binder: use cred instead of task for security context, Paul Moore
  - Re: [PATCH v5 0/3] binder: use cred instead of task for security context, Todd Kjos
[PATCH v2] security: Return xattr name from security_dentry_init_security(), Vivek Goyal
- Re: [PATCH v2] security: Return xattr name from security_dentry_init_security(), Christian Brauner
- Re: [PATCH v2] security: Return xattr name from security_dentry_init_security(), Vivek Goyal

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]