Security Enhanced Linux (SELINUX)
[Prev Page][Next Page]
- Re: [PATCH v2] include/uapi/linux/xfrm.h: Fix XFRM_MSG_MAPPING ABI breakage, (continued)
- [PATCH] libsepol: fix typo,
Topi Miettinen
- [PATCH] libsepol/cil: Free duplicate datums in original calling function,
James Carter
- Another libsepol USE_AFTER_FREE defects detected,
Petr Lautrbach
- [PATCH] libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772),
Petr Lautrbach
- ANN: Reference Policy 2.20210908, Chris PeBenito
- [PATCH testsuite v2] tests: exclude vsock_socket test where it wouldn't build,
Ondrej Mosnacek
- ANN: SELinux userspace 3.3-rc1 release candidate, Petr Lautrbach
- [PATCH 1/2] libsepol/cil: Add function to get number of items in a stack,
James Carter
- [PATCH testsuite] tests: exclude vsock_socket test where it wouldn't build, Ondrej Mosnacek
- [PATCH] libsepol: Fix detected RESOURCE_LEAKs,
Petr Lautrbach
- PATH_MAX + 1 in realpath_not_final(), Petr Lautrbach
- [PATCH testsuite 1/2] tests/module_load: simplify the clean target,
Ondrej Mosnacek
- [PATCH v3 0/1] Relax restrictions on user.* xattr,
Vivek Goyal
- [PATCH 1/3 v2] libsepol/cil: Remove redundant syntax checking,
James Carter
- libselinux issue,
Dominick Grift
- [PATCH 1/3] libsepol/cil: Don't destroy optionals whose parent will be destroyed,
James Carter
- [GIT PULL] SELinux patches for v5.15,
Paul Moore
- [PATCH 1/3] libsepol/cil: Properly check parse tree when printing error messages,
James Carter
- Cil block inheritance,
Vit Mojzis
- Re: There is an interesting conversation going on about virtiofsd and SELinux,
Stephen Smalley
- [PATCH] python: Import specific modules from setools for less deps,
Michał Górny
- security/selinux/hooks.c: FILE__ perms used as DIR__ perms,
Topi Miettinen
- [PATCH] selinux: remove duplicated initialization of 'i' for clean-up,
Austin Kim
- [PATCH] libsepol/cil: Properly check parse tree when printing error messages,
James Carter
- [PATCH 1/2] libsepol/cil: Remove redundant syntax checking,
James Carter
- [PATCH 8/8 v2] libsepol/cil: When writing AST use line marks for src_info nodes, James Carter
- [PATCH v2] libsepol/cil: Allow some duplicate macro and block declarations,
James Carter
- [PATCH 0/7 v2] libsepol/cil: Line mark cleanup and fix,
James Carter
- [PATCH] Improve error message for label file validation,
Kelvin Zhang
- [PATCH] cil_container_statements.md: clarify in-statement limitations,
Dominick Grift
- [PATCH] libsepol/cil: Allow some duplicate macro and block declarations,
James Carter
- [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring,
Paul Moore
- [RFC PATCH v2 1/9] audit: prepare audit_context for use in calling contexts beyond syscalls, Paul Moore
- [RFC PATCH v2 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring, Paul Moore
- [RFC PATCH v2 4/9] audit: add filtering for io_uring records, Paul Moore
- [RFC PATCH v2 5/9] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure(), Paul Moore
- [RFC PATCH v2 6/9] io_uring: convert io_uring to the secure anon inode interface, Paul Moore
- [RFC PATCH v2 7/9] lsm,io_uring: add LSM hooks to io_uring, Paul Moore
- [RFC PATCH v2 8/9] selinux: add support for the io_uring access controls, Paul Moore
- [RFC PATCH v2 9/9] Smack: Brutalist io_uring support with debug, Paul Moore
- [RFC PATCH v2 3/9] audit: dev/test patch to force io_uring auditing, Paul Moore
- Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring, Richard Guy Briggs
- [PATCH 0/8] libsepol/cil: Line mark cleanup and fix,
James Carter
- [RFC PATCH 1/2] libselinux: replace strerror by %m,
Christian Göttsche
- lets think about 3.3 release,
Petr Lautrbach
- [PATCH] mcstrans: Improve mlstrans-test output,
Petr Lautrbach
- [GIT PULL] SELinux fixes for v5.14 (#1),
Paul Moore
- [PATCH SYSTEMD 0/7] Re-add SELinux checks for unit install operations,
Christian Göttsche
- [PATCH userspace] libsepol/cil: remove obsolete comment,
Ondrej Mosnacek
- [PATCH testsuite] tests/capable_sys: skip test_rawio on BTRFS,
Ondrej Mosnacek
- LSM policy options for new GPIO kernel driver interface,
Weber, Matthew L Collins
- libsepol regressions,
Dominick Grift
- [PATCH] python/sepolicy: Fix COPY_PASTE_ERROR (CWE-398),
Petr Lautrbach
- [PATCH -next, v2] selinux: correct the return value when loads initial sids,
Xiu Jianfeng
- [PATCH net-next v4 00/15] Add Management Component Transport Protocol support,
Jeremy Kerr
- [PATCH] dbus: Use GLib.MainLoop(),
Petr Lautrbach
- [PATCH] Do not use Python slip,
Petr Lautrbach
- [PATCH] selinux: fix race condition when computing ocontext SIDs,
Ondrej Mosnacek
- [PATCH] libsemanage: Fix USE_AFTER_FREE (CWE-672) in semanage_direct_write_langext(),
Petr Lautrbach
- [PATCH -next] selinux: correct the return value when loads initial sids,
Xiu Jianfeng
- libsepol CVE patch issue,
Garrett Tucker
- [PATCH v4 0/3] ima: Provide more info about buffer measurement,
Roberto Sassu
- [PATCH v28 00/25] LSM: Module stacking for AppArmor,
Casey Schaufler
- [PATCH v28 01/25] LSM: Infrastructure management of the sock security, Casey Schaufler
- <Possible follow-ups>
- [PATCH v28 00/25] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v28 01/25] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v28 02/25] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v28 03/25] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v28 04/25] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v28 05/25] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v28 06/25] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v28 07/25] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v28 08/25] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v28 09/25] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v28 10/25] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v28 11/25] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v28 12/25] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v28 13/25] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
- [PATCH v28 14/25] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v28 15/25] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v28 16/25] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v28 17/25] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v28 18/25] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v28 19/25] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v28 20/25] LSM: Verify LSM display sanity in binder, Casey Schaufler
- [PATCH v28 21/25] audit: support non-syscall auxiliary records, Casey Schaufler
- [PATCH v28 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
- [PATCH v28 23/25] Audit: Add record for multiple object LSM attributes, Casey Schaufler
- [PATCH v28 24/25] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v28 25/25] AppArmor: Remove the exclusive flag, Casey Schaufler
- AVC denied for docker while trying to set labels for tmpfs mounts,
Sujithra P
- [PATCH RFC 6/9] veth: use skb_prepare_for_gro(), Paolo Abeni
- [PATCH RFC 5/9] skbuff: introduce has_sk state bit., Paolo Abeni
- [PATCH RFC 9/9] sk_buff: access secmark via getter/setter, Paolo Abeni
- [PATCH RFC 8/9] sk_buff: move vlan field after tail., Paolo Abeni
- [PATCH RFC 7/9] sk_buff: move inner header fields after tail, Paolo Abeni
- [PATCH RFC 4/9] net: optimize GRO for the common case., Paolo Abeni
- [PATCH RFC 2/9] sk_buff: track dst status in skb->_state, Paolo Abeni
- [PATCH RFC 3/9] sk_buff: move the active_extensions into the state bitfield, Paolo Abeni
- [PATCH RFC 1/9] sk_buff: track nfct status in newly added skb->_state, Paolo Abeni
- [PATCH RFC 0/9] sk_buff: optimize layout for GRO,
Paolo Abeni
- Re: issues about selinux namespace,
xiujianfeng
- [PATCH 1/6] scripts/run-scan-build: update,
Christian Göttsche
- [PATCH] libselinux/utils: drop requirement to combine compiling and linking,
Christian Göttsche
- [PATCH v2] lsm_audit,selinux: return early for possible NULL audit buffers,
Austin Kim
- [PATCH] libsepol/cil: move the fuzz target and build script to the selinux repository,
Evgeny Vereshchagin
- [PATCH] lsm_audit,selinux: add exception handling for possible NULL audit buffers,
Austin Kim
- [PATCH v2] libselinux: add lock callbacks,
Seth Moore
- [PATCH v2] libsepol/cil: Fix handling category sets in an expression,
James Carter
- [PATCH] libsepol/cil: do not allow \0 in quoted strings,
Nicolas Iooss
- [PATCH 1/2] ci: turn on CIFuzz,
Evgeny Vereshchagin
- [PATCH] libselinux: add lock callbacks,
Seth Moore
- [PATCH] libsepol/cil: Fix handling category sets in an expression,
James Carter
- [RFC PATCH v2 0/1] Relax restrictions on user.* xattr,
Vivek Goyal
- [PATCH] libsepol/cil: Only expand anonymous category sets in an expression,
James Carter
- [PATCH 01/13] checkpolicy: pass CFLAGS at link stage,
Christian Göttsche
- [PATCH 03/13] checkpolicy: simplify assignment, Christian Göttsche
- [PATCH 02/13] checkpolicy: drop -pipe compile option, Christian Göttsche
- [PATCH 04/13] checkpolicy: drop dead condition, Christian Göttsche
- [PATCH 05/13] checkpolicy: use correct format specifier for unsigned, Christian Göttsche
- [PATCH 06/13] checkpolicy: follow declaration-after-statement, Christian Göttsche
- [PATCH 08/13] checkpolicy: check before potential NULL dereference, Christian Göttsche
- [PATCH 07/13] checkpolicy: remove dead assignments, Christian Göttsche
- [PATCH 09/13] checkpolicy: avoid potential use of uninitialized variable, Christian Göttsche
- [PATCH 10/13] checkpolicy: drop redundant cast to the same type, Christian Göttsche
- [PATCH 11/13] checkpolicy: parse_util drop unused declaration, Christian Göttsche
- [PATCH 12/13] checkpolicy/test: mark file local functions static, Christian Göttsche
- [PATCH 13/13] checkpolicy: mark read-only parameters in policy define const, Christian Göttsche
- [PATCH AUTOSEL 4.4 17/31] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 5.10 077/137] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 4.9 19/35] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 4.14 26/45] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 4.19 30/55] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 5.4 40/74] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 5.12 086/160] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 5.13 101/189] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH v3 0/3] ima: Provide more info about buffer measurement,
Roberto Sassu
- [PATCH 1/6] libsepol: silence -Wextra-semi-stmt warning,
Nicolas Iooss
- Re: [syzbot] general protection fault in legacy_parse_param,
Dmitry Vyukov
- [PATCH] libsepol/cil: do not override previous results of __cil_verify_classperms,
Nicolas Iooss
- [PATCH] libsepol: avoid unsigned integer overflow,
Christian Göttsche
- [PATCH] libselinux/utils/getseuser.c: fix build with gcc 4.8,
Fabrice Fontaine
- [PATCH v2 0/3] ima: Provide more info about buffer measurement,
Roberto Sassu
- [PATCH] libsepol/cil: Improve checking for bad inheritance patterns,
James Carter
- [PATCH 0/3] ima: Provide more info about buffer measurement,
Roberto Sassu
- [GIT PULL] SELinux patches for v5.14,
Paul Moore
- [PATCH 1/4 v2] libsepol/cil: Provide option to allow qualified names in declarations,
James Carter
- [PATCH v2] selinux-notebook: describe nosuid and NNP transitions,
Topi Miettinen
- [PATCH] libsepol/cil: make array cil_sym_sizes const,
Nicolas Iooss
- RE: [RFC PATCH 0/1] xattr: Allow user.* xattr on symlink/special files if caller has CAP_SYS_RESOURCE,
Schaufler, Casey
- [RFC][PATCH 01/12] ima: Add digest, algo, measured parameters to ima_measure_critical_data(),
Roberto Sassu
- [PATCH 1/4] libsepol/cil: Provide option to allow qualified names in declarations,
James Carter
- [PATCH 1/2] libsepol/cil: Add function to determine if a subtree has a declaration,
James Carter
- [RFC PATCH] userfaultfd: open userfaultfds with O_RDONLY,
Ondrej Mosnacek
- [PATCH 0/5 v2] Another round of secilc-fuzzer problems fixed,
James Carter
- [SELinux-notebook PATCH] computing_security_contexts.md: clarify mount options with comma,
Dominick Grift
- [PATCH v2] evm: Check xattr size discrepancy between kernel and user,
Roberto Sassu
- [PATCH] evm: Check xattr size misalignment between kernel and user,
Roberto Sassu
- [PATCH] libsepol/cil: Allow duplicate optional blocks in most cases,
James Carter
- [PATCH] libsepol: Quote paths when generating policy.conf from binary policy,
James Carter
- [PATCH v3] lockdown,selinux: fix wrong subject in some SELinux lockdown checks,
Ondrej Mosnacek
- [PATCH 0/3] Fix problems with CIL's handling of anonymous call arguments,
James Carter
- Re: [PATCH] proc: Track /proc/$pid/attr/ opener mm_struct,
Kees Cook
- Re: [PATCH] proc: Track /proc/$pid/attr/ opener mm_struct, Casey Schaufler
[PATCH 0/5] Another round of secilc-fuzzer problems fixed,
James Carter
[PATCH] libsemanage: fix use-after-free in parse_module_store(),
HuaxinLu
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Fedora Desktop]
[Kernel]
[KDE Users]
[Gnome Users]
