Security Enhanced Linux (SELINUX)
[Prev Page][Next Page]
- Re: [PATCH v2 1/1] xattr: Allow user.* xattr on symlink and special files, (continued)
- [PATCH] libsepol/cil: Only expand anonymous category sets in an expression,
James Carter
- [PATCH 01/13] checkpolicy: pass CFLAGS at link stage,
Christian Göttsche
- [PATCH 03/13] checkpolicy: simplify assignment, Christian Göttsche
- [PATCH 02/13] checkpolicy: drop -pipe compile option, Christian Göttsche
- [PATCH 04/13] checkpolicy: drop dead condition, Christian Göttsche
- [PATCH 05/13] checkpolicy: use correct format specifier for unsigned, Christian Göttsche
- [PATCH 06/13] checkpolicy: follow declaration-after-statement, Christian Göttsche
- [PATCH 08/13] checkpolicy: check before potential NULL dereference, Christian Göttsche
- [PATCH 07/13] checkpolicy: remove dead assignments, Christian Göttsche
- [PATCH 09/13] checkpolicy: avoid potential use of uninitialized variable, Christian Göttsche
- [PATCH 10/13] checkpolicy: drop redundant cast to the same type, Christian Göttsche
- [PATCH 11/13] checkpolicy: parse_util drop unused declaration, Christian Göttsche
- [PATCH 12/13] checkpolicy/test: mark file local functions static, Christian Göttsche
- [PATCH 13/13] checkpolicy: mark read-only parameters in policy define const, Christian Göttsche
- [PATCH AUTOSEL 4.4 17/31] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 5.10 077/137] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 4.9 19/35] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 4.14 26/45] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 4.19 30/55] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 5.4 40/74] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 5.12 086/160] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH AUTOSEL 5.13 101/189] selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC, Sasha Levin
- [PATCH v3 0/3] ima: Provide more info about buffer measurement,
Roberto Sassu
- [PATCH 1/6] libsepol: silence -Wextra-semi-stmt warning,
Nicolas Iooss
- Re: [syzbot] general protection fault in legacy_parse_param,
Dmitry Vyukov
- [PATCH] libsepol/cil: do not override previous results of __cil_verify_classperms,
Nicolas Iooss
- [PATCH] libsepol: avoid unsigned integer overflow,
Christian Göttsche
- [PATCH] libselinux/utils/getseuser.c: fix build with gcc 4.8,
Fabrice Fontaine
- [PATCH v2 0/3] ima: Provide more info about buffer measurement,
Roberto Sassu
- [PATCH] libsepol/cil: Improve checking for bad inheritance patterns,
James Carter
- [PATCH 0/3] ima: Provide more info about buffer measurement,
Roberto Sassu
- [GIT PULL] SELinux patches for v5.14,
Paul Moore
- [PATCH 1/4 v2] libsepol/cil: Provide option to allow qualified names in declarations,
James Carter
- [PATCH v2] selinux-notebook: describe nosuid and NNP transitions,
Topi Miettinen
- [PATCH] libsepol/cil: make array cil_sym_sizes const,
Nicolas Iooss
- RE: [RFC PATCH 0/1] xattr: Allow user.* xattr on symlink/special files if caller has CAP_SYS_RESOURCE,
Schaufler, Casey
- [RFC][PATCH 01/12] ima: Add digest, algo, measured parameters to ima_measure_critical_data(),
Roberto Sassu
- [PATCH 1/4] libsepol/cil: Provide option to allow qualified names in declarations,
James Carter
- [PATCH 1/2] libsepol/cil: Add function to determine if a subtree has a declaration,
James Carter
- [RFC PATCH] userfaultfd: open userfaultfds with O_RDONLY,
Ondrej Mosnacek
- [PATCH 0/5 v2] Another round of secilc-fuzzer problems fixed,
James Carter
- [SELinux-notebook PATCH] computing_security_contexts.md: clarify mount options with comma,
Dominick Grift
- [PATCH v2] evm: Check xattr size discrepancy between kernel and user,
Roberto Sassu
- [PATCH] evm: Check xattr size misalignment between kernel and user,
Roberto Sassu
- [PATCH] libsepol/cil: Allow duplicate optional blocks in most cases,
James Carter
- [PATCH] libsepol: Quote paths when generating policy.conf from binary policy,
James Carter
- [PATCH v3] lockdown,selinux: fix wrong subject in some SELinux lockdown checks,
Ondrej Mosnacek
- [PATCH 0/3] Fix problems with CIL's handling of anonymous call arguments,
James Carter
- Re: [PATCH] proc: Track /proc/$pid/attr/ opener mm_struct,
Kees Cook
- Re: [PATCH] proc: Track /proc/$pid/attr/ opener mm_struct, Casey Schaufler
[PATCH 0/5] Another round of secilc-fuzzer problems fixed,
James Carter
[PATCH] libsemanage: fix use-after-free in parse_module_store(),
HuaxinLu
[PATCH] selinux.8: document how mount flag nosuid affects SELinux,
Topi Miettinen
[patch] mount.2: document SELinux use of MS_NOSUID mount flag,
Topi Miettinen
[PATCH] selinux-notebook: describe nosuid and NNP transitions,
Topi Miettinen
[PATCH -next v2] selinux: Fix kernel-doc,
Yang Li
Size mismatch between vfs_getxattr_alloc() and vfs_getxattr(),
Roberto Sassu
[PATCH v27 00/25] LSM: Module stacking for AppArmor,
Casey Schaufler
- [PATCH v27 01/25] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v27 02/25] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v27 03/25] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v27 04/25] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v27 05/25] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v27 06/25] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v27 07/25] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v27 08/25] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v27 09/25] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v27 10/25] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v27 11/25] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v27 12/25] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v27 13/25] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
- [PATCH v27 14/25] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v27 15/25] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v27 16/25] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v27 17/25] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v27 18/25] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v27 19/25] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v27 20/25] LSM: Verify LSM display sanity in binder, Casey Schaufler
- [PATCH v27 21/25] audit: add support for non-syscall auxiliary records, Casey Schaufler
- [PATCH v27 22/25] Audit: Add record for multiple process LSM attributes, Casey Schaufler
- [PATCH v27 23/25] Audit: Add record for multiple object LSM attributes, Casey Schaufler
- [PATCH v27 24/25] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v27 25/25] AppArmor: Remove the exclusive flag, Casey Schaufler
[PATCH 1/2] selinux: slow_avc_audit has become non-blocking,
Al Viro
[PATCH -next] selinux: Fix kernel-doc,
Yang Li
[PATCH] selinux: use __GFP_NOWARN with GFP_NOWAIT,
Minchan Kim
[PATCH] libsepol: quote paths in CIL conversion,
Christian Göttsche
[PATCH 00/23] libsepol: miscellaneous cleanup,
Christian Göttsche
- [PATCH 03/23] libsepol: remove unused functions, Christian Göttsche
- [PATCH 10/23] libsepol: mark read-only parameters of ebitmap interfaces const, Christian Göttsche
- [PATCH 13/23] libsepol: assure string NUL-termination, Christian Göttsche
- [PATCH 20/23] libsepol: drop repeated semicolons, Christian Göttsche
- [PATCH 01/23] libsepol: fix typos, Christian Göttsche
- [PATCH 02/23] libsepol: resolve missing prototypes, Christian Göttsche
- [PATCH 05/23] libsepol: avoid implicit conversions, Christian Göttsche
- [PATCH 15/23] libsepol/cil: silence cast warning, Christian Göttsche
- [PATCH 18/23] libsepol/cil: drop unnecessary casts, Christian Göttsche
- [PATCH 17/23] libsepol/cil: drop dead store, Christian Göttsche
- [PATCH 08/23] libsepol/cil: follow declaration-after-statement, Christian Göttsche
- [PATCH 14/23] libsepol: remove dead stores, Christian Göttsche
- [PATCH 04/23] libsepol: ignore UBSAN false-positives, Christian Göttsche
- [PATCH 06/23] libsepol: avoid unsigned integer overflow, Christian Göttsche
- [PATCH 07/23] libsepol: follow declaration-after-statement, Christian Göttsche
- [PATCH 11/23] libsepol: mark read-only parameters of type_set_ interfaces const, Christian Göttsche
- [PATCH 09/23] libsepol: remove dead stores, Christian Göttsche
- [PATCH 12/23] libsepol: do not allocate memory of size 0, Christian Göttsche
- [PATCH 16/23] libsepol/cil: drop extra semicolon, Christian Göttsche
- [PATCH 19/23] libsepol/cil: avoid using maybe uninitialized variables, Christian Göttsche
- [PATCH 21/23] libsepol: drop unnecessary casts, Christian Göttsche
- [PATCH 22/23] libsepol: declare file local variable static, Christian Göttsche
- [PATCH 23/23] libsepol: declare read-only arrays const, Christian Göttsche
- Re: [PATCH 00/23] libsepol: miscellaneous cleanup, James Carter
[PATCH] libselinux: fix typo,
Christian Göttsche
SELinux IRC channel moved to Libera, Jason Zaman
[PATCH] selinux: remove duplicated LABEL_INITIALIZED check routine,
Austin Kim
[PATCH] libselinux: improve getcon(3) man page,
Christian Göttsche
[PATCH] libselinux: selinux_status_open: return 1 in fallback mode,
Christian Göttsche
[pcmoore-selinux:working-io_uring 9/9] security/smack/smack_lsm.c:4702:5: warning: no previous prototype for function 'smack_uring_override_creds',
kernel test robot
[pcmoore-selinux:working-io_uring 9/9] security/smack/smack_lsm.c:4702:5: warning: no previous prototype for 'smack_uring_override_creds', kernel test robot
[pcmoore-selinux:working-io_uring 8/9] security/selinux/hooks.c:7146:5: warning: no previous prototype for function 'selinux_uring_override_creds', kernel test robot
selinux_check_access is not thread-safe,
Seth Moore
[pcmoore-selinux:working-io_uring 2/9] fs/io_uring.c:6110:3: error: implicit declaration of function 'audit_uring_entry'; did you mean 'audit_syscall_entry'?, kernel test robot
[pcmoore-selinux:working-io_uring 2/9] fs/io_uring.c:6110:3: error: implicit declaration of function 'audit_uring_entry', kernel test robot
[RFC PATCH 0/9] Add LSM access controls and auditing to io_uring,
Paul Moore
- [RFC PATCH 1/9] audit: prepare audit_context for use in calling contexts beyond syscalls, Paul Moore
- [RFC PATCH 2/9] audit,io_uring,io-wq: add some basic audit support to io_uring, Paul Moore
- [RFC PATCH 3/9] audit: dev/test patch to force io_uring auditing, Paul Moore
- [RFC PATCH 4/9] audit: add filtering for io_uring records, Paul Moore
- [RFC PATCH 5/9] fs: add anon_inode_getfile_secure() similar to anon_inode_getfd_secure(), Paul Moore
- [RFC PATCH 6/9] io_uring: convert io_uring to the secure anon inode interface, Paul Moore
- [RFC PATCH 7/9] lsm,io_uring: add LSM hooks to io_uring, Paul Moore
- [RFC PATCH 8/9] selinux: add support for the io_uring access controls, Paul Moore
- [RFC PATCH 9/9] Smack: Brutalist io_uring support with debug, Paul Moore
- Re: [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring, Tetsuo Handa
- Re: [RFC PATCH 0/9] Add LSM access controls and auditing to io_uring, Jeff Moyer
[PATCH v2 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling,
Ondrej Mosnacek
[PATCH v2] lockdown,selinux: avoid bogus SELinux lockdown permission checks,
Ondrej Mosnacek
Relative filename in semanage args ?, Bill Dietrich
[PATCH v26 00/25] LSM: Module stacking for AppArmor,
Casey Schaufler
- [PATCH v26 01/25] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v26 02/25] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v26 03/25] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v26 04/25] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v26 05/25] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v26 06/25] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v26 07/25] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v26 08/25] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v26 09/25] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v26 10/25] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v26 11/25] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v26 12/25] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v26 13/25] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
- [PATCH v26 14/25] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v26 15/25] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v26 16/25] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v26 17/25] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v26 18/25] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v26 19/25] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v26 20/25] LSM: Verify LSM display sanity in binder, Casey Schaufler
- [PATCH v26 21/25] audit: add support for non-syscall auxiliary records, Casey Schaufler
- [PATCH v26 22/25] Audit: Add new record for multiple process LSM attributes, Casey Schaufler
- [PATCH v26 23/25] Audit: Add a new record for multiple object LSM attributes, Casey Schaufler
- [PATCH v26 24/25] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v26 25/25] AppArmor: Remove the exclusive flag, Casey Schaufler
[PATCH 0/6] More secilc-fuzzer problems fixed,
James Carter
[PATCH v2] lsm_audit,selinux: pass IB device name by reference,
Ondrej Mosnacek
[PATCH userspace 0/2] Bump testsuite CI image to F34,
Ondrej Mosnacek
[PATCH 0/5 v2] secilc/cil: Fix name resolution for macro calls,
James Carter
Re: [PATCH 2/3] libselinux: make selinux_status_open(3) reentrant, Christian Göttsche
[PATCH 0/3] libselinux: quirks of the status page,
Christian Göttsche
[PATCH] checkpolicy: fix the leak memory when uses xperms,
liwugang
[PATCH 1/3] libsepol/cil: Make name resolution in macros work as documented,
James Carter
[PATCH] selinux: use strlcpy() when copying IB device name,
Ondrej Mosnacek
[PATCH v2] debugfs: fix security_locked_down() call for SELinux, Ondrej Mosnacek
Re: [PATCH] vfio: Lock down no-IOMMU mode when kernel is locked down, Ondrej Mosnacek
[PATCH] serial: core: fix suspicious security_locked_down() call,
Ondrej Mosnacek
[PATCH] debugfs: fix security_locked_down() call for SELinux,
Ondrej Mosnacek
[PATCH] lockdown,selinux: fix bogus SELinux lockdown permission checks,
Ondrej Mosnacek
[PATCH 1/2] libsepol/cil: Fix name resolution involving inherited blocks,
James Carter
improvement of setfiles man page, clime
Stable backport request - perf/core: Fix unconditional security_locked_down() call,
Ondrej Mosnacek
[PATCH v2] libsepol/cil: Check for self-referential loops in sets,
James Carter
[PATCH 00/25] libselinux: misc compiler and static analyzer findings,
Christian Göttsche
- [PATCH 01/25] libselinux: sidtab_hash(): do not discard const qualifier, Christian Göttsche
- [PATCH 03/25] libselinux: label_common(): do not discard const qualifier, Christian Göttsche
- [PATCH 04/25] libselinux: Sha1Finalise(): do not discard const qualifier, Christian Göttsche
- [PATCH 02/25] libselinux: selinux_file_context_cmp(): do not discard const qualifier, Christian Göttsche
- [PATCH 06/25] libselinux: avcstat: use standard length modifier for unsigned long long, Christian Göttsche
- [PATCH 05/25] libselinux: sefcontext_compile: mark local variable static, Christian Göttsche
- [PATCH 08/25] libselinux: selabel_get_digests_all_partial_matches: free memory after FTS_D block, Christian Göttsche
- [PATCH 07/25] libselinux: selinux_restorecon: mark local variable static, Christian Göttsche
- [PATCH 09/25] libselinux: getconlist: free memory on multiple level arguments, Christian Göttsche
- [PATCH 10/25] libselinux: exclude_non_seclabel_mounts(): drop unused variable, Christian Göttsche
- [PATCH 12/25] libselinux: label_x::init(): drop dead assignment, Christian Göttsche
- [PATCH 14/25] libselinux: setexecfilecon(): drop dead assignment, Christian Göttsche
- [PATCH 15/25] libselinux: getdefaultcon: free memory on multiple same arguments, Christian Göttsche
- [PATCH 11/25] libselinux: context_new(): drop dead assignment, Christian Göttsche
- [PATCH 18/25] libselinux: init_selinux_config(): free resources on error, Christian Göttsche
- [PATCH 17/25] libselinux: matchmediacon(): close file on error, Christian Göttsche
- [PATCH 13/25] libselinux: label_media::init(): drop dead assignment, Christian Göttsche
- [PATCH 16/25] libselinux: store_stem(): do not free possible non-heap object, Christian Göttsche
- [PATCH 19/25] libselinux: label_file::init(): do not pass NULL to strdup, Christian Göttsche
- [PATCH 20/25] libselinux: matchpathcon: free memory on realloc failure, Christian Göttsche
- [PATCH 22/25] libselinux: drop redundant casts to the same type, Christian Göttsche
- [PATCH 23/25] libselinux: sidtab_sid_stats(): unify parameter name, Christian Göttsche
- [PATCH 25/25] libselinux: label_file.c: fix indent, Christian Göttsche
- [PATCH 21/25] libselinux: label_db::db_init(): open file with CLOEXEC mode, Christian Göttsche
- [PATCH 24/25] libselinux: regex: unify parameter names, Christian Göttsche
- Re: [PATCH 00/25] libselinux: misc compiler and static analyzer findings, Petr Lautrbach
[PATCH] libselinux: selinux_check_passwd_access_internal(): respect deny_unknown,
Christian Göttsche
[PATCH testsuite] ci: test also on F34 images,
Ondrej Mosnacek
[PATCH testsuite] tests/lockdown: use /sys/kernel/debug/fault_around_bytes for integrity test,
Ondrej Mosnacek
[PATCH] libselinux: silence -Wstringop-overflow warning from gcc 10.3.1,
Nicolas Iooss
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Fedora Desktop]
[Kernel]
[KDE Users]
[Gnome Users]
