Security Enhanced Linux (SELINUX)

• Date Index

• [PATCH v3 31/36] libsepol: validate genfs contexts, (continued)
  • [PATCH v3 31/36] libsepol: validate genfs contexts, Christian Göttsche
  • [PATCH v3 19/36] libsepol: do not crash on user gaps, Christian Göttsche
  • [PATCH v3 13/36] libsepol: reject abnormal huge sid ids, Christian Göttsche
  • [PATCH v3 25/36] libsepol: validate permission count of classes, Christian Göttsche
  • [PATCH v3 35/36] libsepol: validate fsuse types, Christian Göttsche
  • Re: [PATCH v3 00/36] libsepol: add fuzzer for reading binary policies, James Carter
    • Re: [PATCH v3 00/36] libsepol: add fuzzer for reading binary policies, James Carter
• [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
  • Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
    • Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks, Stephen Smalley
      • Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
        • Re: [PATCH] selinux: make better use of the nf_hook_state passed to the NF hooks, Paul Moore
• [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers, Florian Westphal
  • Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers, Paul Moore
    • Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers, Ondrej Mosnacek
      • Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers, Paul Moore
        • Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers, Florian Westphal
• [PATCH security-next] selinux: remove ipv6 hook wrappers, Florian Westphal
  • Re: [PATCH security-next] selinux: remove ipv6 hook wrappers, Florian Westphal
• [PATCH 1/4] libsepol: Fix potential undefined shifts, James Carter
  • [PATCH 2/4] libsepol/cil: Fix potential undefined shifts, James Carter
    • Re: [PATCH 2/4] libsepol/cil: Fix potential undefined shifts, Nicolas Iooss
      • Re: [PATCH 2/4] libsepol/cil: Fix potential undefined shifts, James Carter
  • [PATCH 3/4] checkpolicy: Fix potential undefined shifts, James Carter
  • [PATCH 4/4] libselinux: Fix potential undefined shifts, James Carter
• [PATCH] libsepol/cil: Fix potential undefined shifts, James Carter
  • Re: [PATCH] libsepol/cil: Fix potential undefined shifts, Christian Göttsche
    • Re: [PATCH] libsepol/cil: Fix potential undefined shifts, James Carter
• [PATCH v4 0/3] binder: use cred instead of task for security context, Todd Kjos
  • [PATCH v4 1/3] binder: use cred instead of task for selinux checks, Todd Kjos
  • [PATCH v4 2/3] binder: use cred instead of task for getsecid, Todd Kjos
    • Re: [PATCH v4 2/3] binder: use cred instead of task for getsecid, Paul Moore
      • Re: [PATCH v4 2/3] binder: use cred instead of task for getsecid, Casey Schaufler
        • Re: [PATCH v4 2/3] binder: use cred instead of task for getsecid, Paul Moore
        • Re: [PATCH v4 2/3] binder: use cred instead of task for getsecid, Dan Carpenter
          • Re: [PATCH v4 2/3] binder: use cred instead of task for getsecid, Paul Moore
  • [PATCH v4 3/3] binder: use euid from cred instead of using task, Todd Kjos
    • Re: [PATCH v4 3/3] binder: use euid from cred instead of using task, Paul Moore
      • Re: [PATCH v4 3/3] binder: use euid from cred instead of using task, Todd Kjos
        • Re: [PATCH v4 3/3] binder: use euid from cred instead of using task, Paul Moore
          • Re: [PATCH v4 3/3] binder: use euid from cred instead of using task, Todd Kjos
            • Re: [PATCH v4 3/3] binder: use euid from cred instead of using task, Stephen Smalley
              • Re: [PATCH v4 3/3] binder: use euid from cred instead of using task, Todd Kjos
      • Re: [PATCH v4 3/3] binder: use euid from cred instead of using task, Casey Schaufler
        • Re: [PATCH v4 3/3] binder: use euid from cred instead of using task, Paul Moore
• [PATCH v3 0/3] binder: use cred instead of task for security context, Todd Kjos
  • [PATCH v3 1/3] binder: use cred instead of task for selinux checks, Todd Kjos
  • [PATCH v3 3/3] binder: use euid from cred instead of using task, Todd Kjos
    • Re: [PATCH v3 3/3] binder: use euid from cred instead of using task, Todd Kjos
      • Re: [PATCH v3 3/3] binder: use euid from cred instead of using task, Todd Kjos
  • [PATCH v3 2/3] binder: use cred instead of task for getsecid, Todd Kjos
• ANN: SELinux userspace 3.3-rc3 release candidate, Petr Lautrbach
• [PATCH] libselinux/semodule: Improve extracting message, Petr Lautrbach
  • Re: [PATCH] libselinux/semodule: Improve extracting message, James Carter
    • Re: [PATCH] libselinux/semodule: Improve extracting message, Petr Lautrbach
• [PATCH v2] binder: use cred instead of task for selinux checks, Todd Kjos
  • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Casey Schaufler
    • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Jann Horn
      • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Jann Horn
        • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Casey Schaufler
          • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Jann Horn
            • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Casey Schaufler
              • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Jann Horn
                • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Casey Schaufler
                  • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Jann Horn
                    • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Stephen Smalley
                      • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Todd Kjos
                        • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Stephen Smalley
                          • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Paul Moore
                      • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Casey Schaufler
                        • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Jann Horn
                          • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Casey Schaufler
                      • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Jann Horn
  • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Greg KH
    • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Paul Moore
      • Re: [PATCH v2] binder: use cred instead of task for selinux checks, Greg KH
• [PATCH] binder: use cred instead of task for selinux checks, Todd Kjos
  • Re: [PATCH] binder: use cred instead of task for selinux checks, Paul Moore
    • Re: [PATCH] binder: use cred instead of task for selinux checks, Paul Moore
    • Re: [PATCH] binder: use cred instead of task for selinux checks, Todd Kjos
• [PATCH] security: Return xattr name from security_dentry_init_security(), Vivek Goyal
  • Re: [PATCH] security: Return xattr name from security_dentry_init_security(), Casey Schaufler
  • Re: [PATCH] security: Return xattr name from security_dentry_init_security(), Al Viro
    • Re: [PATCH] security: Return xattr name from security_dentry_init_security(), Vivek Goyal
  • Re: [PATCH] security: Return xattr name from security_dentry_init_security(), Jeff Layton
    • Re: [PATCH] security: Return xattr name from security_dentry_init_security(), Casey Schaufler
      • Re: [PATCH] security: Return xattr name from security_dentry_init_security(), Jeff Layton
        • Re: [PATCH] security: Return xattr name from security_dentry_init_security(), Casey Schaufler
          • Re: [PATCH] security: Return xattr name from security_dentry_init_security(), Vivek Goyal
          • Re: [PATCH] security: Return xattr name from security_dentry_init_security(), Vivek Goyal
            • Re: [PATCH] security: Return xattr name from security_dentry_init_security(), Casey Schaufler
• [PATCH testsuite] Remove the lockdown test, Ondrej Mosnacek
  • Re: [PATCH testsuite] Remove the lockdown test, Ondrej Mosnacek
• [PATCH] libsepol/cil: Do not skip macros when resolving until later passes, James Carter
  • Re: [PATCH] libsepol/cil: Do not skip macros when resolving until later passes, Nicolas Iooss
    • Re: [PATCH] libsepol/cil: Do not skip macros when resolving until later passes, Petr Lautrbach
• [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Paul Moore
  • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Paul Moore
  • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Paul Moore
    • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Serge E. Hallyn
      • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), John Johansen
        • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Paul Moore
    • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Casey Schaufler
      • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Paul Moore
        • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Casey Schaufler
    • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Paul Moore
      • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Serge E. Hallyn
      • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Casey Schaufler
        • Re: [PATCH] lsm: security_task_getsecid_subj() -> security_current_getsecid_subj(), Paul Moore
• [PATCH] selinux: remove the SELinux lockdown implementation, Paul Moore
  • Re: [PATCH] selinux: remove the SELinux lockdown implementation, Paul Moore
  • Re: [PATCH] selinux: remove the SELinux lockdown implementation, Ondrej Mosnacek
    • Re: [PATCH] selinux: remove the SELinux lockdown implementation, Paul Moore
• [PATCH] libsepol/cil: Limit the amount of reporting for bounds failures, James Carter
  • Re: [PATCH] libsepol/cil: Limit the amount of reporting for bounds failures, Nicolas Iooss
    • Re: [PATCH] libsepol/cil: Limit the amount of reporting for bounds failures, James Carter
    • Re: [PATCH] libsepol/cil: Limit the amount of reporting for bounds failures, Petr Lautrbach
• [PATCH 1/9] libsepol: ebitmap: mark nodes of const ebitmaps const, Christian Göttsche
  • [PATCH 2/9] libsepol: use correct cast, Christian Göttsche
  • [PATCH 5/9] checkpolicy: policy_define: cleanup declarations, Christian Göttsche
  • [PATCH 3/9] libsepol: resolve GCC warning about null-dereference, Christian Göttsche
  • [PATCH 4/9] libsepol/cil: silence clang void-pointer-to-enum-cast warning, Christian Göttsche
  • [PATCH 7/9] checkpolicy: update documentation, Christian Göttsche
  • [PATCH 8/9] checkpolicy: drop incorrect cast, Christian Göttsche
  • [PATCH 6/9] checkpolicy: print reason of fopen failure, Christian Göttsche
  • [PATCH 9/9] checkpolicy: delay down-cast to avoid align warning, Christian Göttsche
  • Re: [PATCH 1/9] libsepol: ebitmap: mark nodes of const ebitmaps const, James Carter
    • Re: [PATCH 1/9] libsepol: ebitmap: mark nodes of const ebitmaps const, James Carter
• [PATCH] Correct some typos, Christian Göttsche
  • Re: [PATCH] Correct some typos, Petr Lautrbach
    • Re: [PATCH] Correct some typos, James Carter
• [PATCH userspace] README: update continuous integration badges, Nicolas Iooss
  • Re: [PATCH userspace] README: update continuous integration badges, Ondrej Mosnacek
    • Re: [PATCH userspace] README: update continuous integration badges, James Carter
• [PATCH userspace] GitHub Actions: do not use macOS latest runner for now, Nicolas Iooss
  • Re: [PATCH userspace] GitHub Actions: do not use macOS latest runner for now, Ondrej Mosnacek
    • Re: [PATCH userspace] GitHub Actions: do not use macOS latest runner for now, Nicolas Iooss
      • Re: [PATCH userspace] GitHub Actions: do not use macOS latest runner for now, Ondrej Mosnacek
    • Re: [PATCH userspace] GitHub Actions: do not use macOS latest runner for now, James Carter
• [PATCH 0/2] fuse: Send file/inode security context during creation, Vivek Goyal
  • [PATCH 1/2] fuse: Add a flag FUSE_SECURITY_CTX, Vivek Goyal
  • [PATCH 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
    • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
      • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
        • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
          • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
            • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
    • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Colin Walters
      • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
        • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
          • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
            • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
              • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
                • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
                  • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
                    • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
                      • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
                        • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
                          • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Vivek Goyal
                            • Re: [PATCH 2/2] fuse: Send security context of inode on file creation, Casey Schaufler
• [PATCH v29 00/28] LSM: Module stacking for AppArmor, Casey Schaufler
  • [PATCH v29 01/28] LSM: Infrastructure management of the sock security, Casey Schaufler
  • [PATCH v29 02/28] LSM: Add the lsmblob data structure., Casey Schaufler
  • [PATCH v29 03/28] LSM: provide lsm name and id slot mappings, Casey Schaufler
  • [PATCH v29 04/28] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
  • [PATCH v29 05/28] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
  • [PATCH v29 06/28] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
  • [PATCH v29 07/28] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
  • [PATCH v29 08/28] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
  • [PATCH v29 09/28] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
  • [PATCH v29 10/28] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
  • [PATCH v29 11/28] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
  • [PATCH v29 12/28] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
  • [PATCH v29 13/28] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
  • [PATCH v29 14/28] LSM: Specify which LSM to display, Casey Schaufler
  • [PATCH v29 15/28] LSM: Ensure the correct LSM context releaser, Casey Schaufler
  • [PATCH v29 16/28] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
  • [PATCH v29 17/28] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
  • [PATCH v29 18/28] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
  • [PATCH v29 19/28] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
  • [PATCH v29 20/28] LSM: Verify LSM display sanity in binder, Casey Schaufler
  • [PATCH v29 21/28] LSM: Extend security_secid_to_secctx to include module selection, Casey Schaufler
  • [PATCH v29 22/28] Audit: Keep multiple LSM data in audit_names, Casey Schaufler
  • [PATCH v29 23/28] Audit: Create audit_stamp structure, Casey Schaufler
  • [PATCH v29 24/28] Audit: Add framework for auxiliary records, Casey Schaufler
  • [PATCH v29 25/28] Audit: Add record for multiple task security contexts, Casey Schaufler
  • [PATCH v29 26/28] Audit: Add record for multiple object security contexts, Casey Schaufler
  • [PATCH v29 27/28] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
  • [PATCH v29 28/28] AppArmor: Remove the exclusive flag, Casey Schaufler
• [RFC PATCH] selinux: use SECINITSID_KERNEL as the subj/obj in the lockdown hook, Paul Moore
  • Re: [RFC PATCH] selinux: use SECINITSID_KERNEL as the subj/obj in the lockdown hook, Stephen Smalley
    • Re: [RFC PATCH] selinux: use SECINITSID_KERNEL as the subj/obj in the lockdown hook, Paul Moore
      • Re: [RFC PATCH] selinux: use SECINITSID_KERNEL as the subj/obj in the lockdown hook, Stephen Smalley
        • Re: [RFC PATCH] selinux: use SECINITSID_KERNEL as the subj/obj in the lockdown hook, Ondrej Mosnacek
          • Re: [RFC PATCH] selinux: use SECINITSID_KERNEL as the subj/obj in the lockdown hook, Paul Moore
        • Re: [RFC PATCH] selinux: use SECINITSID_KERNEL as the subj/obj in the lockdown hook, Paul Moore
        • Re: [RFC PATCH] selinux: use SECINITSID_KERNEL as the subj/obj in the lockdown hook, Chris PeBenito
          • Re: [RFC PATCH] selinux: use SECINITSID_KERNEL as the subj/obj in the lockdown hook, Paul Moore
• [GIT PULL] SELinux/Smack fixes for v5.15 (#2), Paul Moore
  • Re: [GIT PULL] SELinux/Smack fixes for v5.15 (#2), pr-tracker-bot
• [PATCH] selinux,smack: fix subjective/objective credential use mixups, Paul Moore
  • Re: [PATCH] selinux,smack: fix subjective/objective credential use mixups, Casey Schaufler
    • Re: [PATCH] selinux,smack: fix subjective/objective credential use mixups, Paul Moore
  • Re: [PATCH] selinux,smack: fix subjective/objective credential use mixups, Paul Moore
• [PATCH testsuite] tests/perf_event: don't assume CPU#0 is online, Ondrej Mosnacek
  • Re: [PATCH testsuite] tests/perf_event: don't assume CPU#0 is online, Ondrej Mosnacek
• ANN: SELinux userspace 3.3-rc2 release candidate, Petr Lautrbach
  • Re: ANN: SELinux userspace 3.3-rc2 release candidate, Nicolas Iooss
• [PATCH setools] __init__.py: Make NetworkX dep optional, Jason Zaman
  • Re: [PATCH setools] __init__.py: Make NetworkX dep optional, Chris PeBenito
• [GIT PULL] SELinux fixes for v5.15 (#1), Paul Moore
  • Re: [GIT PULL] SELinux fixes for v5.15 (#1), Paul Moore
    • Re: [GIT PULL] SELinux fixes for v5.15 (#1), Linus Torvalds
      • Re: [GIT PULL] SELinux fixes for v5.15 (#1), Linus Torvalds
        • Re: [GIT PULL] SELinux fixes for v5.15 (#1), Paul Moore
          • Re: [GIT PULL] SELinux fixes for v5.15 (#1), Linus Torvalds
            • Re: [GIT PULL] SELinux fixes for v5.15 (#1), Paul Moore
              • Re: [GIT PULL] SELinux fixes for v5.15 (#1), Linus Torvalds
                • Re: [GIT PULL] SELinux fixes for v5.15 (#1), Paul Moore
                  • Re: [GIT PULL] SELinux fixes for v5.15 (#1), Linus Torvalds
• [PATCH] libsepol/cil: Handle operations in a class mapping when verifying, James Carter
  • Re: [PATCH] libsepol/cil: Handle operations in a class mapping when verifying, Petr Lautrbach
• Re: [selinuxproject-selinux:stable-5.15 1/1] include/linux/rcupdate.h:395:2: warning: passing argument 1 of 'security_locked_down' discards 'const' qualifier from pointer target type, Paul Moore
• [PATCH v4 0/8] Add LSM access controls and auditing to io_uring, Paul Moore
  • [PATCH v4 1/8] audit: prepare audit_context for use in calling contexts beyond syscalls, Paul Moore
  • [PATCH v4 2/8] audit,io_uring,io-wq: add some basic audit support to io_uring, Paul Moore
    • Re: [PATCH v4 2/8] audit,io_uring,io-wq: add some basic audit support to io_uring, Richard Guy Briggs
      • Re: [PATCH v4 2/8] audit,io_uring,io-wq: add some basic audit support to io_uring, Paul Moore
        • Re: [PATCH v4 2/8] audit,io_uring,io-wq: add some basic audit support to io_uring, Richard Guy Briggs
          • Re: [PATCH v4 2/8] audit,io_uring,io-wq: add some basic audit support to io_uring, Paul Moore
  • [PATCH v4 3/8] audit: add filtering for io_uring records, Paul Moore
    • Re: [PATCH v4 3/8] audit: add filtering for io_uring records, Richard Guy Briggs
  • [PATCH v4 4/8] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure(), Paul Moore
  • [PATCH v4 5/8] io_uring: convert io_uring to the secure anon inode interface, Paul Moore
  • [PATCH v4 6/8] lsm,io_uring: add LSM hooks to io_uring, Paul Moore
  • [PATCH v4 7/8] selinux: add support for the io_uring access controls, Paul Moore
  • [PATCH v4 8/8] Smack: Brutalist io_uring support, Paul Moore
  • Re: [PATCH v4 0/8] Add LSM access controls and auditing to io_uring, Paul Moore
• [PATCH] selinux: enable genfscon labeling for securityfs, Christian Göttsche
  • Re: [PATCH] selinux: enable genfscon labeling for securityfs, Paul Moore
    • Re: [PATCH] selinux: enable genfscon labeling for securityfs, Christian Göttsche
      • Re: [PATCH] selinux: enable genfscon labeling for securityfs, Paul Moore
        • Re: [PATCH] selinux: enable genfscon labeling for securityfs, Christian Göttsche
          • Re: [PATCH] selinux: enable genfscon labeling for securityfs, Stephen Smalley
        • Re: [PATCH] selinux: enable genfscon labeling for securityfs, Paul Moore
  • [PATCH v2] selinux: enable genfscon labeling for securityfs, Christian Göttsche
    • Re: [PATCH v2] selinux: enable genfscon labeling for securityfs, Paul Moore
• [PATCH 00/13] checkpolicy improvements, Christian Göttsche
  • [PATCH 01/13] libsepol: avoid implicit conversions, Christian Göttsche
  • [PATCH 02/13] libsepol: free memory after policy validation, Christian Göttsche
    • [PATCH v2 02/13] libsepol: free memory after policy validation, Christian Göttsche
      • [PATCH v3 02/13] libsepol: free memory after policy validation, Christian Göttsche
  • [PATCH 03/13] checkpolicy: enclose macro argument in parentheses, Christian Göttsche
  • [PATCH 04/13] checkpolicy: misc checkmodule tweaks, Christian Göttsche
  • [PATCH 05/13] checkpolicy: misc checkpolicy tweaks, Christian Göttsche
  • [PATCH 06/13] checkpolicy: mark read-only parameters in module compiler const, Christian Göttsche
  • [PATCH 07/13] checkpolicy: mark file local functions in policy_define static, Christian Göttsche
  • [PATCH 08/13] checkpolicy: add missing function declarations, Christian Göttsche
  • [PATCH 09/13] checkpolicy: resolve dismod memory leaks, Christian Göttsche
    • Re: [PATCH 09/13] checkpolicy: resolve dismod memory leaks, James Carter
    • [PATCH v2 09/13] checkpolicy: resolve dismod memory leaks, Christian Göttsche
  • [PATCH 10/13] checkpolicy: avoid implicit conversion, Christian Göttsche
  • [PATCH 11/13] checkpolicy: error out on parsing too big integers, Christian Göttsche
    • Re: [PATCH 11/13] checkpolicy: error out on parsing too big integers, James Carter
    • [PATCH v2 11/13] checkpolicy: error out on parsing too big integers, Christian Göttsche
  • [PATCH 12/13] checkpolicy: print warning on source line overflow, Christian Göttsche
  • [PATCH 13/13] checkpolicy: free extended permission memory, Christian Göttsche
  • Re: [PATCH 00/13] checkpolicy improvements, James Carter
    • Re: [PATCH 00/13] checkpolicy improvements, James Carter
• [PATCH v3 0/8] Add LSM access controls and auditing to io_uring, Paul Moore
  • [PATCH v3 1/8] audit: prepare audit_context for use in calling contexts beyond syscalls, Paul Moore
  • [PATCH v3 2/8] audit,io_uring,io-wq: add some basic audit support to io_uring, Paul Moore
  • [PATCH v3 3/8] audit: add filtering for io_uring records, Paul Moore
  • [PATCH v3 4/8] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure(), Paul Moore
  • [PATCH v3 5/8] io_uring: convert io_uring to the secure anon inode interface, Paul Moore
  • [PATCH v3 6/8] lsm,io_uring: add LSM hooks to io_uring, Paul Moore
  • [PATCH v3 7/8] selinux: add support for the io_uring access controls, Paul Moore
  • [PATCH v3 8/8] Smack: Brutalist io_uring support with debug, Paul Moore
• [RFC] Signals upon avc denial, Josh Gao
  • Re: [RFC] Signals upon avc denial, Stephen Smalley
    • Re: [RFC] Signals upon avc denial, Josh Gao
      • Re: [RFC] Signals upon avc denial, Stephen Smalley
• [PATCH] libsepol/cil: Do not use original type and typeattribute datums, James Carter
  • Re: [PATCH] libsepol/cil: Do not use original type and typeattribute datums, Petr Lautrbach
• [PATCH v4] lockdown,selinux: fix wrong subject in some SELinux lockdown checks, Ondrej Mosnacek
  • Re: [PATCH v4] lockdown,selinux: fix wrong subject in some SELinux lockdown checks, Rafael J. Wysocki
  • Re: [PATCH v4] lockdown,selinux: fix wrong subject in some SELinux lockdown checks, Paul Moore
    • Re: [PATCH v4] lockdown,selinux: fix wrong subject in some SELinux lockdown checks, Paul Moore
      • Re: [PATCH v4] lockdown,selinux: fix wrong subject in some SELinux lockdown checks, Ondrej Mosnacek
      • Re: [PATCH v4] lockdown,selinux: fix wrong subject in some SELinux lockdown checks, Paul Moore
• [PATCH v2] include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage, Eugene Syromiatnikov
  • Re: [PATCH v2] include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage, Antony Antony
  • Re: [PATCH v2] include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage, Ondrej Mosnacek
    • Re: [PATCH v2] include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage, Eugene Syromiatnikov
      • Re: [PATCH v2] include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage, Ondrej Mosnacek
  • Re: [PATCH v2] include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage, Nicolas Dichtel
  • Re: [PATCH v2] include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage, Steffen Klassert
• [PATCH] libsepol: fix typo, Topi Miettinen
  • Re: [PATCH] libsepol: fix typo, James Carter
    • Re: [PATCH] libsepol: fix typo, Petr Lautrbach
• [PATCH] libsepol/cil: Free duplicate datums in original calling function, James Carter
  • Re: [PATCH] libsepol/cil: Free duplicate datums in original calling function, Petr Lautrbach
    • Re: [PATCH] libsepol/cil: Free duplicate datums in original calling function, Petr Lautrbach
• Another libsepol USE_AFTER_FREE defects detected, Petr Lautrbach
  • Re: Another libsepol USE_AFTER_FREE defects detected, James Carter
    • Re: Another libsepol USE_AFTER_FREE defects detected, Petr Lautrbach
• [PATCH] libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772), Petr Lautrbach
  • Re: [PATCH] libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772), James Carter
    • Re: [PATCH] libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772), Petr Lautrbach
  • <Possible follow-ups>
  • [PATCH] libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772), Vit Mojzis
    • Re: [PATCH] libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772), James Carter
      • Re: [PATCH] libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772), James Carter
• ANN: Reference Policy 2.20210908, Chris PeBenito
• [PATCH testsuite v2] tests: exclude vsock_socket test where it wouldn't build, Ondrej Mosnacek
  • Re: [PATCH testsuite v2] tests: exclude vsock_socket test where it wouldn't build, Ondrej Mosnacek
• ANN: SELinux userspace 3.3-rc1 release candidate, Petr Lautrbach
• [PATCH 1/2] libsepol/cil: Add function to get number of items in a stack, James Carter
  • [PATCH 2/2] libsepol/cil: Limit the number of active line marks, James Carter
    • Re: [PATCH 2/2] libsepol/cil: Limit the number of active line marks, Nicolas Iooss
• [PATCH testsuite] tests: exclude vsock_socket test where it wouldn't build, Ondrej Mosnacek
• [PATCH] libsepol: Fix detected RESOURCE_LEAKs, Petr Lautrbach
  • Re: [PATCH] libsepol: Fix detected RESOURCE_LEAKs, James Carter
• PATH_MAX + 1 in realpath_not_final(), Petr Lautrbach
• [PATCH testsuite 1/2] tests/module_load: simplify the clean target, Ondrej Mosnacek
  • [PATCH testsuite 2/2] tests/module_load: use the right compiler to build kernel modules, Ondrej Mosnacek
  • Re: [PATCH testsuite 1/2] tests/module_load: simplify the clean target, Ondrej Mosnacek
• [PATCH v3 0/1] Relax restrictions on user.* xattr, Vivek Goyal
  • [PATCH v3 1/1] xattr: Allow user.* xattr on symlink and special files, Vivek Goyal
  • [PATCH 2/1] man-pages: xattr.7: Update text for user extended xattr behavior change, Vivek Goyal
  • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Casey Schaufler
    • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Vivek Goyal
      • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Vivek Goyal
        • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Casey Schaufler
          • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Vivek Goyal
            • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Casey Schaufler
              • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Vivek Goyal
                • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Casey Schaufler
              • Re: [Virtio-fs] [PATCH v3 0/1] Relax restrictions on user.* xattr, Sergio Lopez
              • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Dr. David Alan Gilbert
                • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Casey Schaufler
                  • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Vivek Goyal
                    • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Casey Schaufler
                    • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Bruce Fields
                      • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Vivek Goyal
                        • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Bruce Fields
                        • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Dr. Greg
  • [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels, Vivek Goyal
    • Re: [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels, Dave Chinner
    • Re: [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels, Zorro Lang
    • Re: [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels, Andreas Gruenbacher
      • Re: [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels, Andreas Gruenbacher
        • Re: [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels, Bruce Fields
          • Re: [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels, Vivek Goyal
            • Re: [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels, Bruce Fields
              • Re: [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels, Casey Schaufler
              • Re: [PATCH 3/1] xfstests: generic/062: Do not run on newer kernels, Vivek Goyal
  • [PATCH 4/1] xfstest: Add a new test to test xattr operations, Vivek Goyal
  • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Andreas Gruenbacher
    • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Vivek Goyal
      • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Casey Schaufler
    • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Dr. David Alan Gilbert
      • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Miklos Szeredi
        • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Vivek Goyal
          • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Miklos Szeredi
            • Re: [PATCH v3 0/1] Relax restrictions on user.* xattr, Eric W. Biederman
• [PATCH 1/3 v2] libsepol/cil: Remove redundant syntax checking, James Carter
  • [PATCH 2/3 v2] libsepol/cil: Use size_t for len in __cil_verify_syntax(), James Carter
  • [PATCH 3/3 v2] libsepol/cil: Fix syntax checking in __cil_verify_syntax(), James Carter
  • Re: [PATCH 1/3 v2] libsepol/cil: Remove redundant syntax checking, Nicolas Iooss
    • Re: [PATCH 1/3 v2] libsepol/cil: Remove redundant syntax checking, James Carter
• libselinux issue, Dominick Grift
  • Re: libselinux issue, Dominick Grift
    • Re: libselinux issue, Christian Göttsche
      • Re: libselinux issue, Petr Lautrbach
• [PATCH 1/3] libsepol/cil: Don't destroy optionals whose parent will be destroyed, James Carter
  • [PATCH 2/3] libsepol/cil: Refactor the function __cil_build_ast_node_helper(), James Carter
  • [PATCH 3/3] libsepol/cil: Simplify cil_tree_children_destroy(), James Carter
  • Re: [PATCH 1/3] libsepol/cil: Don't destroy optionals whose parent will be destroyed, Nicolas Iooss
    • Re: [PATCH 1/3] libsepol/cil: Don't destroy optionals whose parent will be destroyed, James Carter
      • Re: [PATCH 1/3] libsepol/cil: Don't destroy optionals whose parent will be destroyed, Nicolas Iooss
        • Re: [PATCH 1/3] libsepol/cil: Don't destroy optionals whose parent will be destroyed, James Carter
• [GIT PULL] SELinux patches for v5.15, Paul Moore
  • Re: [GIT PULL] SELinux patches for v5.15, pr-tracker-bot
• [PATCH 1/3] libsepol/cil: Properly check parse tree when printing error messages, James Carter
  • [PATCH 2/3] libsepol/cil: Reset expandtypeattribute rules when resetting AST, James Carter
  • [PATCH 3/3] libsepol/cil: Properly check for parameter when inserting name, James Carter
  • Re: [PATCH 1/3] libsepol/cil: Properly check parse tree when printing error messages, Nicolas Iooss
    • Re: [PATCH 1/3] libsepol/cil: Properly check parse tree when printing error messages, James Carter
• Cil block inheritance, Vit Mojzis
  • Re: Cil block inheritance, Dominick Grift
    • Re: Cil block inheritance, Vit Mojzis
      • Re: Cil block inheritance, Dominick Grift
        • Re: Cil block inheritance, Vit Mojzis
        • Re: Cil block inheritance, James Carter
      • Re: Cil block inheritance, Dominick Grift
• Re: There is an interesting conversation going on about virtiofsd and SELinux, Stephen Smalley
  • Re: There is an interesting conversation going on about virtiofsd and SELinux, Casey Schaufler
    • Re: There is an interesting conversation going on about virtiofsd and SELinux, Stephen Smalley
      • Re: There is an interesting conversation going on about virtiofsd and SELinux, Casey Schaufler
        • Re: There is an interesting conversation going on about virtiofsd and SELinux, Stephen Smalley
          • Re: There is an interesting conversation going on about virtiofsd and SELinux, Casey Schaufler
            • Re: There is an interesting conversation going on about virtiofsd and SELinux, Stephen Smalley
• [PATCH] python: Import specific modules from setools for less deps, Michał Górny
  • Re: [PATCH] python: Import specific modules from setools for less deps, James Carter
    • Re: [PATCH] python: Import specific modules from setools for less deps, James Carter
• security/selinux/hooks.c: FILE__ perms used as DIR__ perms, Topi Miettinen
  • Re: security/selinux/hooks.c: FILE__ perms used as DIR__ perms, Stephen Smalley
    • Re: security/selinux/hooks.c: FILE__ perms used as DIR__ perms, Topi Miettinen
      • Re: security/selinux/hooks.c: FILE__ perms used as DIR__ perms, Stephen Smalley
• [PATCH] selinux: remove duplicated initialization of 'i' for clean-up, Austin Kim
  • Re: [PATCH] selinux: remove duplicated initialization of 'i' for clean-up, Ondrej Mosnacek
    • Re: [PATCH] selinux: remove duplicated initialization of 'i' for clean-up, Austin Kim
  • Re: [PATCH] selinux: remove duplicated initialization of 'i' for clean-up, Paul Moore
• [PATCH] libsepol/cil: Properly check parse tree when printing error messages, James Carter
  • Re: [PATCH] libsepol/cil: Properly check parse tree when printing error messages, James Carter
• [PATCH 1/2] libsepol/cil: Remove redundant syntax checking, James Carter
  • [PATCH 2/2] libsepol/cil: Fix syntax checking in __cil_verify_syntax(), James Carter
    • Re: [PATCH 2/2] libsepol/cil: Fix syntax checking in __cil_verify_syntax(), Nicolas Iooss
• [PATCH 8/8 v2] libsepol/cil: When writing AST use line marks for src_info nodes, James Carter
• [PATCH v2] libsepol/cil: Allow some duplicate macro and block declarations, James Carter
  • Re: [PATCH v2] libsepol/cil: Allow some duplicate macro and block declarations, Nicolas Iooss
    • Re: [PATCH v2] libsepol/cil: Allow some duplicate macro and block declarations, James Carter
• [PATCH 0/7 v2] libsepol/cil: Line mark cleanup and fix, James Carter
  • [PATCH 1/7 v2] libsepol/cil: Check syntax of src_info statement, James Carter
  • [PATCH 3/7 v2] libsepol/cil: Check for valid line mark type immediately, James Carter
  • [PATCH 2/7 v2] libsepol/cil: Check the token type after getting the next token, James Carter
  • [PATCH 4/7 v4] libsepol/cil: Push line mark state first when processing a line mark, James Carter
  • [PATCH 5/7 v2] libsepol/cil: Create common string-to-unsigned-integer functions, James Carter
  • [PATCH 6/7 v2] libsepol/cil: Add line mark kind and line number to src info, James Carter
  • [PATCH 7/7 v2] libsepol/cil: Report correct high-level language line numbers, James Carter
  • Re: [PATCH 0/7 v2] libsepol/cil: Line mark cleanup and fix, Nicolas Iooss
    • Re: [PATCH 0/7 v2] libsepol/cil: Line mark cleanup and fix, James Carter
      • Re: [PATCH 0/7 v2] libsepol/cil: Line mark cleanup and fix, Nicolas Iooss
        • Re: [PATCH 0/7 v2] libsepol/cil: Line mark cleanup and fix, James Carter
• [PATCH] Improve error message for label file validation, Kelvin Zhang
  • Re: [PATCH] Improve error message for label file validation, James Carter
    • Re: [PATCH] Improve error message for label file validation, James Carter
• [PATCH] cil_container_statements.md: clarify in-statement limitations, Dominick Grift
  • Re: [PATCH] cil_container_statements.md: clarify in-statement limitations, James Carter
• [PATCH] libsepol/cil: Allow some duplicate macro and block declarations, James Carter
  • Re: [PATCH] libsepol/cil: Allow some duplicate macro and block declarations, Dominick Grift
    • Re: [PATCH] libsepol/cil: Allow some duplicate macro and block declarations, James Carter
  • Re: [PATCH] libsepol/cil: Allow some duplicate macro and block declarations, Nicolas Iooss
  • <Possible follow-ups>
  • [PATCH] libsepol/cil: Allow some duplicate macro and block declarations, James Carter
    • [PATCH 1/2] libsepol/cil: Improve in-statement to allow use after inheritance, James Carter
      • Re: [PATCH 1/2] libsepol/cil: Improve in-statement to allow use after inheritance, Dominick Grift
      • Re: [PATCH 1/2] libsepol/cil: Improve in-statement to allow use after inheritance, Nicolas Iooss
        • Re: [PATCH 1/2] libsepol/cil: Improve in-statement to allow use after inheritance, James Carter
          • Re: [PATCH 1/2] libsepol/cil: Improve in-statement to allow use after inheritance, James Carter
    • [PATCH 2/2] libsepol/secilc/docs: Update the CIL documentation, James Carter
    • Re: [PATCH] libsepol/cil: Allow some duplicate macro and block declarations, James Carter
• [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Paul Moore
  • [RFC PATCH v2 1/9] audit: prepare audit_context for use in calling contexts beyond syscalls, Paul Moore
  • [RFC PATCH v2 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring, Paul Moore
  • [RFC PATCH v2 4/9] audit: add filtering for io_uring records, Paul Moore
  • [RFC PATCH v2 5/9] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure(), Paul Moore
    • Re: [RFC PATCH v2 5/9] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure(), Mickaël Salaün
      • Re: [RFC PATCH v2 5/9] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure(), Paul Moore
        • Re: [RFC PATCH v2 5/9] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure(), Mickaël Salaün
  • [RFC PATCH v2 6/9] io_uring: convert io_uring to the secure anon inode interface, Paul Moore
  • [RFC PATCH v2 7/9] lsm,io_uring: add LSM hooks to io_uring, Paul Moore
  • [RFC PATCH v2 8/9] selinux: add support for the io_uring access controls, Paul Moore
  • [RFC PATCH v2 9/9] Smack: Brutalist io_uring support with debug, Paul Moore
    • Re: [RFC PATCH v2 9/9] Smack: Brutalist io_uring support with debug, Paul Moore
      • Re: [RFC PATCH v2 9/9] Smack: Brutalist io_uring support with debug, Casey Schaufler
        • Re: [RFC PATCH v2 9/9] Smack: Brutalist io_uring support with debug, Paul Moore
  • [RFC PATCH v2 3/9] audit: dev/test patch to force io_uring auditing, Paul Moore
  • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Richard Guy Briggs
    • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Paul Moore
      • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Richard Guy Briggs
    • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Richard Guy Briggs
      • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Paul Moore
        • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Richard Guy Briggs
          • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Paul Moore
            • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Richard Guy Briggs
              • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Paul Moore
                • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Richard Guy Briggs
                  • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Paul Moore
                    • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Paul Moore
                      • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Richard Guy Briggs
                        • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Paul Moore
                          • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Paul Moore
                            • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Paul Moore
                              • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Richard Guy Briggs
                                • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Steve Grubb
                                • Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Paul Moore
• [PATCH 0/8] libsepol/cil: Line mark cleanup and fix, James Carter
  • [PATCH 1/8] libsepol/cil: Check syntax of src_info statement, James Carter
  • [PATCH 2/8] libsepol/cil: Check the token type after getting the next token, James Carter
  • [PATCH 4/8] libsepol/cil: Push line mark state first when processing a line mark, James Carter
  • [PATCH 3/8] libsepol/cil: Check for valid line mark type immediately, James Carter
  • [PATCH 5/8] libsepol/cil: Create common string-to-unsigned-integer functions, James Carter
  • [PATCH 7/8] libsepol/cil: Report correct high-level language line numbers, James Carter
    • Re: [PATCH 7/8] libsepol/cil: Report correct high-level language line numbers, Nicolas Iooss
      • Re: [PATCH 7/8] libsepol/cil: Report correct high-level language line numbers, James Carter
  • [PATCH 6/8] libsepol/cil: Add line mark kind and line number to src info, James Carter
    • Re: [PATCH 6/8] libsepol/cil: Add line mark kind and line number to src info, Nicolas Iooss
      • Re: [PATCH 6/8] libsepol/cil: Add line mark kind and line number to src info, James Carter
  • [PATCH 8/8] libsepol/cil: When writing AST use line marks for src_info nodes, James Carter
• [RFC PATCH 1/2] libselinux: replace strerror by %m, Christian Göttsche
  • [RFC PATCH 2/2] libsepol: replace strerror by %m, Christian Göttsche
    • Re: [RFC PATCH 2/2] libsepol: replace strerror by %m, James Carter
  • Re: [RFC PATCH 1/2] libselinux: replace strerror by %m, Stephen Smalley
  • Re: [RFC PATCH 1/2] libselinux: replace strerror by %m, James Carter
    • Re: [RFC PATCH 1/2] libselinux: replace strerror by %m, James Carter
• lets think about 3.3 release, Petr Lautrbach
  • Re: lets think about 3.3 release, James Carter
    • Re: lets think about 3.3 release, Dominick Grift
      • Re: lets think about 3.3 release, Nicolas Iooss
        • Re: lets think about 3.3 release, Petr Lautrbach
  • Re: lets think about 3.3 release, Petr Lautrbach
    • Re: lets think about 3.3 release, Dominick Grift
      • Re: lets think about 3.3 release, James Carter
        • Re: lets think about 3.3 release, Petr Lautrbach
    • Re: lets think about 3.3 release, Petr Lautrbach
      • Re: lets think about 3.3 - 3.3-rc1 release release notes draft, Petr Lautrbach
• [PATCH] mcstrans: Improve mlstrans-test output, Petr Lautrbach
  • Re: [PATCH] mcstrans: Improve mlstrans-test output, James Carter
    • Re: [PATCH] mcstrans: Improve mlstrans-test output, James Carter
• [GIT PULL] SELinux fixes for v5.14 (#1), Paul Moore
  • Re: [GIT PULL] SELinux fixes for v5.14 (#1), pr-tracker-bot
• [PATCH SYSTEMD 0/7] Re-add SELinux checks for unit install operations, Christian Göttsche
  • [PATCH SYSTEMD 1/7] selinux: add function name to audit data, Christian Göttsche
  • [PATCH SYSTEMD 2/7] selinux: improve debug log format, Christian Göttsche
  • [PATCH SYSTEMD 3/7] selinux: mark _mac_selinux_generic_access_check with leading underscore, Christian Göttsche
  • [PATCH SYSTEMD 6/7] core: avoid bypasses in D-BUS SELinux filter, Christian Göttsche
  • [PATCH SYSTEMD 5/7] core: implement the sd-bus generic callback for SELinux, Christian Göttsche
  • [PATCH SYSTEMD 7/7] core: tweak job_type_to_access_method SELinux permissions, Christian Göttsche
  • [PATCH SYSTEMD 4/7] core: add support for MAC checks on unit install operations, Christian Göttsche
  • Re: [PATCH SYSTEMD 0/7] Re-add SELinux checks for unit install operations, Dominick Grift
• [PATCH userspace] libsepol/cil: remove obsolete comment, Ondrej Mosnacek
  • Re: [PATCH userspace] libsepol/cil: remove obsolete comment, James Carter
    • Re: [PATCH userspace] libsepol/cil: remove obsolete comment, James Carter
• [PATCH testsuite] tests/capable_sys: skip test_rawio on BTRFS, Ondrej Mosnacek
  • Re: [PATCH testsuite] tests/capable_sys: skip test_rawio on BTRFS, Ondrej Mosnacek
• LSM policy options for new GPIO kernel driver interface, Weber, Matthew L Collins
  • Re: LSM policy options for new GPIO kernel driver interface, Dominick Grift
    • Re: [External] Re: LSM policy options for new GPIO kernel driver interface, Weber, Matthew L Collins
      • Re: [External] Re: LSM policy options for new GPIO kernel driver interface, Stephen Smalley
• libsepol regressions, Dominick Grift
  • Re: libsepol regressions, Dominick Grift
    • Re: libsepol regressions, Dominick Grift
      • Re: libsepol regressions, Dominick Grift
  • Re: libsepol regressions, James Carter
    • Re: libsepol regressions, Dominick Grift
      • Re: libsepol regressions, Dominick Grift
        • Re: libsepol regressions, James Carter
          • Re: libsepol regressions, Dominick Grift
    • Re: libsepol regressions, Dominick Grift
      • Re: libsepol regressions, James Carter
        • Re: libsepol regressions, Dominick Grift
• [PATCH] python/sepolicy: Fix COPY_PASTE_ERROR (CWE-398), Petr Lautrbach
  • Re: [PATCH] python/sepolicy: Fix COPY_PASTE_ERROR (CWE-398), James Carter
    • Re: [PATCH] python/sepolicy: Fix COPY_PASTE_ERROR (CWE-398), James Carter
• [PATCH -next, v2] selinux: correct the return value when loads initial sids, Xiu Jianfeng
  • Re: [PATCH -next, v2] selinux: correct the return value when loads initial sids, Paul Moore
• [PATCH net-next v4 00/15] Add Management Component Transport Protocol support, Jeremy Kerr
  • [PATCH net-next v4 01/15] mctp: Add MCTP base, Jeremy Kerr
  • Re: [PATCH net-next v4 00/15] Add Management Component Transport Protocol support, patchwork-bot+netdevbpf
• [PATCH] dbus: Use GLib.MainLoop(), Petr Lautrbach
  • Re: [PATCH] dbus: Use GLib.MainLoop(), James Carter
    • Re: [PATCH] dbus: Use GLib.MainLoop(), James Carter
• [PATCH] Do not use Python slip, Petr Lautrbach
  • Re: [PATCH] Do not use Python slip, James Carter
    • Re: [PATCH] Do not use Python slip, James Carter
• [PATCH] selinux: fix race condition when computing ocontext SIDs, Ondrej Mosnacek
  • Re: [PATCH] selinux: fix race condition when computing ocontext SIDs, Paul Moore
    • Re: [PATCH] selinux: fix race condition when computing ocontext SIDs, Ondrej Mosnacek
      • Re: [PATCH] selinux: fix race condition when computing ocontext SIDs, Paul Moore
        • Re: [PATCH] selinux: fix race condition when computing ocontext SIDs, Paul Moore
          • Re: [PATCH] selinux: fix race condition when computing ocontext SIDs, Ondrej Mosnacek
            • Re: [PATCH] selinux: fix race condition when computing ocontext SIDs, Paul Moore
              • Re: [PATCH] selinux: fix race condition when computing ocontext SIDs, Ondrej Mosnacek
                • Re: [PATCH] selinux: fix race condition when computing ocontext SIDs, Paul Moore
• [PATCH] libsemanage: Fix USE_AFTER_FREE (CWE-672) in semanage_direct_write_langext(), Petr Lautrbach
  • Re: [PATCH] libsemanage: Fix USE_AFTER_FREE (CWE-672) in semanage_direct_write_langext(), James Carter
    • Re: [PATCH] libsemanage: Fix USE_AFTER_FREE (CWE-672) in semanage_direct_write_langext(), James Carter
• [PATCH -next] selinux: correct the return value when loads initial sids, Xiu Jianfeng
  • Re: [PATCH -next] selinux: correct the return value when loads initial sids, Paul Moore
    • Re: [PATCH -next] selinux: correct the return value when loads initial sids, xiujianfeng
• libsepol CVE patch issue, Garrett Tucker
  • Re: libsepol CVE patch issue, James Carter
    • Re: libsepol CVE patch issue, Garrett Tucker
• [PATCH v4 0/3] ima: Provide more info about buffer measurement, Roberto Sassu
  • [PATCH v4 1/3] ima: Introduce ima_get_current_hash_algo(), Roberto Sassu
    • Re: [PATCH v4 1/3] ima: Introduce ima_get_current_hash_algo(), Mimi Zohar
      • RE: [PATCH v4 1/3] ima: Introduce ima_get_current_hash_algo(), Roberto Sassu
  • [PATCH v4 3/3] ima: Add digest and digest_len params to the functions to measure a buffer, Roberto Sassu
  • [PATCH v4 2/3] ima: Return int in the functions to measure a buffer, Roberto Sassu
• [PATCH v28 00/25] LSM: Module stacking for AppArmor, Casey Schaufler
  • [PATCH v28 01/25] LSM: Infrastructure management of the sock security, Casey Schaufler
  • <Possible follow-ups>
  • [PATCH v28 00/25] LSM: Module stacking for AppArmor, Casey Schaufler
    • [PATCH v28 01/25] LSM: Infrastructure management of the sock security, Casey Schaufler
    • [PATCH v28 02/25] LSM: Add the lsmblob data structure., Casey Schaufler
    • [PATCH v28 03/25] LSM: provide lsm name and id slot mappings, Casey Schaufler
    • [PATCH v28 04/25] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
    • [PATCH v28 05/25] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
    • [PATCH v28 06/25] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
    • [PATCH v28 07/25] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
    • [PATCH v28 08/25] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
    • [PATCH v28 09/25] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
    • [PATCH v28 10/25] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
    • [PATCH v28 11/25] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
    • [PATCH v28 12/25] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
      • Re: [PATCH v28 12/25] LSM: Use lsmblob in security_cred_getsecid, kernel test robot
    • [PATCH v28 13/25] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
    • [PATCH v28 14/25] LSM: Specify which LSM to display, Casey Schaufler
    • [PATCH v28 15/25] LSM: Ensure the correct LSM context releaser, Casey Schaufler
    • [PATCH v28 16/25] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
    • [PATCH v28 17/25] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
    • [PATCH v28 18/25] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
    • [PATCH v28 19/25] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
    • [PATCH v28 20/25] LSM: Verify LSM display sanity in binder, Casey Schaufler
    • [PATCH v28 21/25] audit: support non-syscall auxiliary records, Casey Schaufler
      • Re: [PATCH v28 21/25] audit: support non-syscall auxiliary records, kernel test robot
    • [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
      • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Paul Moore
        • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
          • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Paul Moore
            • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
              • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Paul Moore
                • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
                  • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Paul Moore
                    • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
                      • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Paul Moore
                        • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
                          • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
                            • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Paul Moore
                              • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
                                • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
                                  • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Paul Moore
                                    • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
                                      • Re: [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Paul Moore
    • [PATCH v28 23/25] Audit: Add record for multiple object LSM attributes, Casey Schaufler
    • [PATCH v28 24/25] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
    • [PATCH v28 25/25] AppArmor: Remove the exclusive flag, Casey Schaufler
• AVC denied for docker while trying to set labels for tmpfs mounts, Sujithra P
  • Re: AVC denied for docker while trying to set labels for tmpfs mounts, Paul Moore
    • Re: AVC denied for docker while trying to set labels for tmpfs mounts, Sujithra P
      • Re: AVC denied for docker while trying to set labels for tmpfs mounts, Daniel Walsh
        • Re: AVC denied for docker while trying to set labels for tmpfs mounts, Sujithra P
• [PATCH RFC 6/9] veth: use skb_prepare_for_gro(), Paolo Abeni
• [PATCH RFC 5/9] skbuff: introduce has_sk state bit., Paolo Abeni
• [PATCH RFC 9/9] sk_buff: access secmark via getter/setter, Paolo Abeni
• [PATCH RFC 8/9] sk_buff: move vlan field after tail., Paolo Abeni
• [PATCH RFC 7/9] sk_buff: move inner header fields after tail, Paolo Abeni
• [PATCH RFC 4/9] net: optimize GRO for the common case., Paolo Abeni
• [PATCH RFC 2/9] sk_buff: track dst status in skb->_state, Paolo Abeni
• [PATCH RFC 3/9] sk_buff: move the active_extensions into the state bitfield, Paolo Abeni
• [PATCH RFC 1/9] sk_buff: track nfct status in newly added skb->_state, Paolo Abeni
• [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Paolo Abeni
  • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Casey Schaufler
    • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Paolo Abeni
      • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Casey Schaufler
        • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Paolo Abeni
          • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Paul Moore
            • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Florian Westphal
              • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Paul Moore
                • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Florian Westphal
                  • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Casey Schaufler
                    • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Florian Westphal
                      • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Casey Schaufler
                        • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Paul Moore
                          • Re: [PATCH RFC 0/9] sk_buff: optimize layout for GRO, Paolo Abeni
• Re: issues about selinux namespace, xiujianfeng
  • Re: issues about selinux namespace, Paul Moore