Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

[PATCH testsuite] policy: only define anon_inode class if not defined in system policy, Ondrej Mosnacek
- Re: [PATCH testsuite] policy: only define anon_inode class if not defined in system policy, Dominick Grift
  - Re: [PATCH testsuite] policy: only define anon_inode class if not defined in system policy, Ondrej Mosnacek
- Re: [PATCH testsuite] policy: only define anon_inode class if not defined in system policy, Ondrej Mosnacek
[PATCH 0/5] Fix bugs identified by the secilc-fuzzer, James Carter
- [PATCH 1/5] libsepol/cil: Fix instances where an error returns SEPOL_OK, James Carter
- [PATCH 2/5] libsepol/cil: Detect degenerate inheritance and exit with an error, James Carter
- [PATCH 3/5] libsepol/cil: Check datum in ordered list for expected flavor, James Carter
- [PATCH 4/5] libsepol/cil: Check for self-referential loops in sets, James Carter
  - Re: [PATCH 4/5] libsepol/cil: Check for self-referential loops in sets, Nicolas Iooss
    - Re: [PATCH 4/5] libsepol/cil: Check for self-referential loops in sets, James Carter
- [PATCH 5/5] libsepol/cil: Return an error if a call argument fails to resolve, James Carter
- Re: [PATCH 0/5] Fix bugs identified by the secilc-fuzzer, James Carter
[bug report?] other unexpected behaviours in secilc and CIL semantics, lorenzo ceragioli
- Re: [bug report?] other unexpected behaviours in secilc and CIL semantics, James Carter
[PATCH] selinux: Remove redundant assignment to rc, Jiapeng Chong
- Re: [PATCH] selinux: Remove redundant assignment to rc, Paul Moore
[PATCH] libsepol/cil: Properly reset an anonymous classperm set, James Carter
- Re: [PATCH] libsepol/cil: Properly reset an anonymous classperm set, Nicolas Iooss
  - Re: [PATCH] libsepol/cil: Properly reset an anonymous classperm set, James Carter
[PATCH 2] testsuite: fix cap_userns for kernels >= v5.12, Paul Moore
- Re: [PATCH 2] testsuite: fix cap_userns for kernels >= v5.12, Ondrej Mosnacek
  - Re: [PATCH 2] testsuite: fix cap_userns for kernels >= v5.12, Paul Moore
    - Re: [PATCH 2] testsuite: fix cap_userns for kernels >= v5.12, Ondrej Mosnacek
[PATCH v3 0/6] evm: Prepare for moving to the LSM infrastructure, Roberto Sassu
- [PATCH v3 4/6] security: Support multiple LSMs implementing the inode_init_security hook, Roberto Sassu
- [PATCH v3 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook, Roberto Sassu
- [PATCH v3 1/6] reiserfs: Add missing calls to reiserfs_security_free(), Roberto Sassu
- [PATCH v3 2/6] security: Rewrite security_old_inode_init_security(), Roberto Sassu
- [PATCH v3 5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure, Roberto Sassu
- [PATCH v3 6/6] evm: Support multiple LSMs providing an xattr, Roberto Sassu
- RE: [PATCH v3 0/6] evm: Prepare for moving to the LSM infrastructure, Roberto Sassu
[GIT PULL] SELinux patches for v5.13, Paul Moore
- Re: [GIT PULL] SELinux patches for v5.13, pr-tracker-bot
[PATCH] testsuite: fix cap_userns for kernels >= v5.12, Paul Moore
- Re: [PATCH] testsuite: fix cap_userns for kernels >= v5.12, Ondrej Mosnacek
  - Re: [PATCH] testsuite: fix cap_userns for kernels >= v5.12, Paul Moore
[PATCH v2] selinux: Corrected comment to match kernel-doc comment, Souptick Joarder
- Re: [PATCH v2] selinux: Corrected comment to match kernel-doc comment, Randy Dunlap
- Re: [PATCH v2] selinux: Corrected comment to match kernel-doc comment, Paul Moore
[PATCH] selinux: Corrected comment to match kernel-doc comment, Souptick Joarder
- Re: [PATCH] selinux: Corrected comment to match kernel-doc comment, Randy Dunlap
[PATCH] libselinux android: Add keystore2_key label module., Jeff Vander Stoep
- Re: [PATCH] libselinux android: Add keystore2_key label module., Jeffrey Vander Stoep
[PATCH 1/4] LSM: Infrastructure management of the superblock, Casey Schaufler
[PATCH] libsepol: use checked arithmetic builtin to perform safe addition, Nicolas Iooss
- Re: [PATCH] libsepol: use checked arithmetic builtin to perform safe addition, James Carter
  - Re: [PATCH] libsepol: use checked arithmetic builtin to perform safe addition, Nicolas Iooss
[PATCH] libselinux: do not duplicate make target when going into subdirectory, Nicolas Iooss
- Re: [PATCH] libselinux: do not duplicate make target when going into subdirectory, Petr Lautrbach
  - Re: [PATCH] libselinux: do not duplicate make target when going into subdirectory, Nicolas Iooss
[PATCH] selinux: add proper NULL termination to the secclass_map permissions, Paul Moore
- Re: [PATCH] selinux: add proper NULL termination to the secclass_map permissions, Paul Moore
[PATCH 0/3 v3] Create secil2tree to write CIL AST, James Carter
- [PATCH 2/3 v3] libsepol/cil: Add functions to make use of cil_write_ast(), James Carter
- [PATCH 1/3 v3] libsepol/cil: Create functions to write the CIL AST, James Carter
- [PATCH 3/3 v3] secilc: Create the new program called secil2tree to write out CIL AST, James Carter
- Re: [PATCH 0/3 v3] Create secil2tree to write CIL AST, Nicolas Iooss
  - Re: [PATCH 0/3 v3] Create secil2tree to write CIL AST, Nicolas Iooss
[RFC PATCH testsuite] Add extended_anon_inode_class policy capability support, Ondrej Mosnacek
[RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode, Ondrej Mosnacek
- [RFC PATCH 1/2] LSM,anon_inodes: explicitly distinguish anon inode types, Ondrej Mosnacek
- [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes, Ondrej Mosnacek
  - Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes, Stephen Smalley
    - Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes, Ondrej Mosnacek
      - Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes, Stephen Smalley
        
        Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes, Stephen Smalley
        
        Re: [RFC PATCH 2/2] selinux: add capability to map anon inode types to separate classes, Ondrej Mosnacek
- Re: [RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode, Paul Moore
  - Re: [RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode, Ondrej Mosnacek
    - Re: [RFC PATCH 0/2] selinux,anon_inodes: Use a separate SELinux class for each type of anon inode, Paul Moore
[PATCH v2 0/6] evm: Prepare for moving to the LSM infrastructure, Roberto Sassu
- [PATCH v2 1/6] xattr: Complete constify ->name member of "struct xattr", Roberto Sassu
- [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook, Roberto Sassu
  - Re: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook, Casey Schaufler
    - RE: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook, Roberto Sassu
      - Re: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook, Casey Schaufler
        
        RE: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook, Roberto Sassu
        
        Re: [PATCH v2 3/6] security: Pass xattrs allocated by LSMs to the inode_init_security hook, Casey Schaufler
- [PATCH v2 2/6] reiserfs: Add missing calls to reiserfs_security_free(), Roberto Sassu
- [PATCH v2 4/6] security: Support multiple LSMs implementing the inode_init_security hook, Roberto Sassu
  - Re: [PATCH v2 4/6] security: Support multiple LSMs implementing the inode_init_security hook, Casey Schaufler
- [PATCH v2 5/6] evm: Align evm_inode_init_security() definition with LSM infrastructure, Roberto Sassu
- [PATCH v2 6/6] evm: Support multiple LSMs providing an xattr, Roberto Sassu
no SELinux common criteria?, Ted Toth
- <Possible follow-ups>
- Re: no SELinux common criteria?, Paul Moore
  - Re: no SELinux common criteria?, Ted Toth
[PATCH 0/3 v2] Create secil2tree to write CIL AST, James Carter
- [PATCH 2/3 v2] libsepol/cil: Add functions to make use of cil_write_ast(), James Carter
- [PATCH 1/3 v2] libsepol/cil: Create functions to write the CIL AST, James Carter
- [PATCH 3/3 v2] secilc: Create the new program called secil2tree to write out CIL AST, James Carter
  - Re: [PATCH 3/3 v2] secilc: Create the new program called secil2tree to write out CIL AST, Nicolas Iooss
    - Re: [PATCH 3/3 v2] secilc: Create the new program called secil2tree to write out CIL AST, James Carter
- Re: [PATCH 0/3 v2] Create secil2tree to write CIL AST, James Carter
  - Re: [PATCH 0/3 v2] Create secil2tree to write CIL AST, Nicolas Iooss
    - Re: [PATCH 0/3 v2] Create secil2tree to write CIL AST, James Carter
[PATCH 00/11 v2] Various CIL patches, James Carter
- [PATCH 01/11 v2] libsepol/cil: Fix out-of-bound read of file context pattern ending with "\", James Carter
- [PATCH 02/11 v2] libsepol/cil: Destroy classperms list when resetting classpermission, James Carter
- [PATCH 03/11 v2] libsepol/cil: Destroy classperm list when resetting map perms, James Carter
- [PATCH 04/11 v2] libsepol/cil: cil_reset_classperms_set() should not reset classpermission, James Carter
- [PATCH 05/11 v2] libsepol/cil: Set class field to NULL when resetting struct cil_classperms, James Carter
- [PATCH 06/11 v2] libsepol/cil: More strict verification of constraint leaf expressions, James Carter
- [PATCH 07/11 v2] libsepol/cil: Exit with an error if declaration name is a reserved word, James Carter
- [PATCH 08/11 v2] libsepol/cil: Allow permission expressions when using map classes, James Carter
- [PATCH 09/11 v2] libsepol/cil: Refactor helper function for cil_gen_node(), James Carter
- [PATCH 10/11 v2] libsepol/cil: Create function cil_add_decl_to_symtab() and refactor, James Carter
- [PATCH 11/11 v2] libsepol/cil: Move check for the shadowing of macro parameters, James Carter
- Re: [PATCH 00/11 v2] Various CIL patches, James Carter
MCS NetLabel, Paul R. Tagliamonte
- Re: MCS NetLabel, Paul Moore
  - Re: MCS NetLabel, Paul R. Tagliamonte
    - Re: MCS NetLabel, Paul Moore
[PATCH 0/3] Create secil2tree to write CIL AST, James Carter
- [PATCH 1/3] libsepol/cil: Create functions to write the CIL AST, James Carter
- [PATCH 2/3] libsepol/cil: Add functions to make use of cil_write_ast(), James Carter
- [PATCH 3/3] secilc: Create the new program called secil2tree to write out CIL AST, James Carter
[PATCH 0/5] evm: Prepare for moving to the LSM infrastructure, Roberto Sassu
- [PATCH 1/5] xattr: Complete constify ->name member of "struct xattr", Roberto Sassu
  - Re: [PATCH 1/5] xattr: Complete constify ->name member of "struct xattr", Tetsuo Handa
    - RE: [PATCH 1/5] xattr: Complete constify ->name member of "struct xattr", Roberto Sassu
- [PATCH 2/5] security: Support multiple LSMs implementing the inode_init_security hook, Roberto Sassu
- [PATCH 3/5] security: Pass xattrs allocated by LSMs to the inode_init_security hook, Roberto Sassu
- [PATCH 4/5] evm: Align evm_inode_init_security() definition with LSM infrastructure, Roberto Sassu
- [PATCH 5/5] evm: Support multiple LSMs providing an xattr, Roberto Sassu
- Re: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure, Casey Schaufler
  - RE: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure, Roberto Sassu
    - Re: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure, Casey Schaufler
      - RE: [PATCH 0/5] evm: Prepare for moving to the LSM infrastructure, Roberto Sassu
[PATCH] secilc.c: Don't fail if input file is empty, Yi-Yo Chiang
- Re: [PATCH] secilc.c: Don't fail if input file is empty, James Carter
  - Re: [PATCH] secilc.c: Don't fail if input file is empty, James Carter
[RFC SHADOW PATCH 0/7] SELinux modernizations, Christian Göttsche
- [RFC SHADOW PATCH 2/7] vipw[selinux]: do not use deprecated typedef and skip context translation, Christian Göttsche
- [RFC SHADOW PATCH 4/7] selinux.c:reset_selinux_file_context(): do not fail in permissive mode, Christian Göttsche
- [RFC SHADOW PATCH 6/7] set_selinux_file_context(): prepare context for actual file type, Christian Göttsche
- [RFC SHADOW PATCH 5/7] selinux.c: use modern selabel interface instead of deprecated matchpathcon, Christian Göttsche
- [RFC SHADOW PATCH 3/7] selinux.c: do not use deprecated typedef and skip context translation, Christian Göttsche
- [RFC SHADOW PATCH 1/7] struct commonio_db[selinux]: do not use deprecated type security_context_t, Christian Göttsche
- [RFC SHADOW PATCH 7/7] selinux: only open selabel database once, Christian Göttsche
- Re: [RFC SHADOW PATCH 0/7] SELinux modernizations, Paul Moore
- Re: [RFC SHADOW PATCH 0/7] SELinux modernizations, James Carter
  - Re: [RFC SHADOW PATCH 0/7] SELinux modernizations, Paul Moore
Re: [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect, Ondrej Mosnacek
- Re: [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect, Ondrej Mosnacek
- Re: [PATCH 7/7 v2] tracing: Do not create tracefs files if tracefs lockdown is in effect, Steven Rostedt
Re: [PATCH v6 24/40] fs: make helpers idmap mount aware, Anton Altaparmakov
- Re: [PATCH v6 24/40] fs: make helpers idmap mount aware, Linus Torvalds
  - Re: [PATCH v6 24/40] fs: make helpers idmap mount aware, Christian Brauner
[GIT PULL] SELinux fixes for v5.12 (#2), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.12 (#2), pr-tracker-bot
[PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling, Ondrej Mosnacek
- [PATCH 2/2] selinux: fix SECURITY_LSM_NATIVE_LABELS flag handling on double mount, Ondrej Mosnacek
- [PATCH 1/2] vfs,LSM: introduce the FS_HANDLES_LSM_OPTS flag, Ondrej Mosnacek
- Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling, Al Viro
  - Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling, Ondrej Mosnacek
    - Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling, Ondrej Mosnacek
- Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling, Casey Schaufler
  - Re: [PATCH 0/2] vfs/security/NFS/btrfs: clean up and fix LSM option handling, Ondrej Mosnacek
[PATCH 2/2] selinux:Delete selinux_xfrm_policy_lookup() useless argument, Zhongjun Tan
- Re: [PATCH 2/2] selinux:Delete selinux_xfrm_policy_lookup() useless argument, Paul Moore
[PATCH 00/11] Various CIL patches, James Carter
- [PATCH 01/11] libsepol/cil: Fix out-of-bound read of file context pattern ending with "\", James Carter
- [PATCH 02/11] libsepol/cil: Destroy classperms list when resetting classpermission, James Carter
- [PATCH 03/11] libsepol/cil: Destroy classperm list when resetting map perms, James Carter
- [PATCH 04/11] libsepol/cil: cil_reset_classperms_set() should not reset classpermission, James Carter
- [PATCH 05/11] libsepol/cil: Set class field to NULL when resetting struct cil_classperms, James Carter
- [PATCH 06/11] libsepol/cil: More strict verification of constraint leaf expressions, James Carter
- [PATCH 07/11 v2] libsepol/cil: Exit with an error if declaration name is a reserved word, James Carter
- [PATCH 08/11] libsepol/cil: Allow permission expressions when using map classes, James Carter
- [PATCH 09/11] libsepol/cil: Refactor helper function for cil_gen_node(), James Carter
- [PATCH 11/11] libsepol/cil: Move check for the shadowing of macro parameters, James Carter
- [PATCH 10/11] libsepol/cil: Create function cil_add_decl_to_symtab() and refactor, James Carter
- Re: [PATCH 00/11] Various CIL patches, James Carter
  - Re: [PATCH 00/11] Various CIL patches, Petr Lautrbach
    - Re: [PATCH 00/11] Various CIL patches, James Carter
Detect SELinux by checking if policy is loaded, Kai Lüke
- Re: Detect SELinux by checking if policy is loaded, Stephen Smalley
[PATCH] selinux:Delete selinux_xfrm_policy_lookup() useless argument, Zhongjun Tan
- <Possible follow-ups>
- [PATCH] selinux:Delete selinux_xfrm_policy_lookup() useless argument, Zhongjun Tan
  - Re: [PATCH] selinux:Delete selinux_xfrm_policy_lookup() useless argument, Casey Schaufler
[PATCH v2 4/4] selinux: add "mls" binary version of the policy, Vit Mojzis
- Re: [PATCH v2 4/4] selinux: add "mls" binary version of the policy, Vit Mojzis
[PATCH v2 3/4] selinux: Remove 'make' dependency, Vit Mojzis
[PATCH v2 2/4] [DO NOT MERGE] Install selinux-policy-devel in test environment, Vit Mojzis
[PATCH v3] selinux: fix race between old and new sidtab, Ondrej Mosnacek
- Re: [PATCH v3] selinux: fix race between old and new sidtab, Paul Moore
[PATCH testsuite] Deactivate userfaultfd test policy if no xperm support, Ondrej Mosnacek
- Message not available
  - Re: [PATCH testsuite] Deactivate userfaultfd test policy if no xperm support, Ondrej Mosnacek
[PATCH v2] selinux: fix race between old and new sidtab, Ondrej Mosnacek
[PATCH] selinux: fix race between old and new sidtab, Ondrej Mosnacek
- Re: [PATCH] selinux: fix race between old and new sidtab, Paul Moore
  - Re: [PATCH] selinux: fix race between old and new sidtab, Ondrej Mosnacek
    - Re: [PATCH] selinux: fix race between old and new sidtab, Paul Moore
      - Re: [PATCH] selinux: fix race between old and new sidtab, Ondrej Mosnacek
Re: [BUG] Oops in sidtab_context_to_sid, Paul Moore
- Re: [BUG] Oops in sidtab_context_to_sid, Ondrej Mosnacek
  - Re: [BUG] Oops in sidtab_context_to_sid, Paul Moore
  - Re: [BUG] Oops in sidtab_context_to_sid, Vijay Balakrishna
[Request] CIL configurations, lorenzo ceragioli
- Re: [Request] CIL configurations, James Carter
[PATCH v3 0/2] selinux: fix changing booleans, Ondrej Mosnacek
- [PATCH v3 2/2] selinux: fix cond_list corruption when changing booleans, Ondrej Mosnacek
  - Re: [PATCH v3 2/2] selinux: fix cond_list corruption when changing booleans, Paul Moore
- [PATCH v3 1/2] selinux: make nslot handling in avtab more robust, Ondrej Mosnacek
[PATCH v2 0/2] selinux: fix changing booleans, Ondrej Mosnacek
- [PATCH v2 2/2] selinux: fix cond_list corruption when changing booleans, Ondrej Mosnacek
  - Re: [PATCH v2 2/2] selinux: fix cond_list corruption when changing booleans, Paul Moore
    - Re: [PATCH v2 2/2] selinux: fix cond_list corruption when changing booleans, Ondrej Mosnacek
- [PATCH v2 1/2] selinux: make nslot handling in avtab more robust, Ondrej Mosnacek
[PATCH 10/12] libsepol/cil: Make invalid statement error messages consistent, James Carter
- [PATCH 11/12] libsepol/cil: Use CIL_ERR for error messages in cil_compile(), James Carter
- [PATCH 12/12] secilc/docs: Update the CIL documentation for various blocks, James Carter
  - Re: [PATCH 12/12] secilc/docs: Update the CIL documentation for various blocks, Petr Lautrbach
    - Re: [PATCH 12/12] secilc/docs: Update the CIL documentation for various blocks, James Carter
[PATCH 00/12] Update checks for invalid rules in blocks, James Carter
- [PATCH 03/12] libsepol/cil: Create new first child helper function for building AST, James Carter
- [PATCH 04/12] libsepol/cil: Use AST to track blocks and optionals when resolving, James Carter
- [PATCH 02/12] libsepol/cil: Cleanup build AST helper functions, James Carter
- [PATCH 01/12] libsepol/cil: Reorder checks for invalid rules when building AST, James Carter
- [PATCH 05/12] libsepol/cil: Reorder checks for invalid rules when resolving AST, James Carter
- [PATCH 07/12] libsepol/cil: Check for statements not allowed in optional blocks, James Carter
- [PATCH 06/12] libsepol/cil: Sync checks for invalid rules in booleanifs, James Carter
- [PATCH 09/12] libsepol/cil: Do not allow tunable declarations in in-statements, James Carter
- [PATCH 08/12] libsepol/cil: Sync checks for invalid rules in macros, James Carter
- Re: [PATCH 00/12] Update checks for invalid rules in blocks, James Carter
- Re: [PATCH 00/12] Update checks for invalid rules in blocks, James Carter
  - Re: [PATCH 00/12] Update checks for invalid rules in blocks, Nicolas Iooss
[PATCH 0/3] selinux: fix changing booleans, Ondrej Mosnacek
- [PATCH 1/3] selinux: fix cond_list corruption when changing booleans, Ondrej Mosnacek
  - Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans, Paul Moore
    - Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans, Ondrej Mosnacek
      - Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans, Paul Moore
        
        Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans, Ondrej Mosnacek
        
        Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans, Paul Moore
        
        Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans, Ondrej Mosnacek
        
        Re: [PATCH 1/3] selinux: fix cond_list corruption when changing booleans, Paul Moore
- [PATCH 3/3] selinux: constify some avtab function arguments, Ondrej Mosnacek
  - Re: [PATCH 3/3] selinux: constify some avtab function arguments, Paul Moore
- [PATCH 2/3] selinux: simplify duplicate_policydb_cond_list() by using kmemdup(), Ondrej Mosnacek
  - Re: [PATCH 2/3] selinux: simplify duplicate_policydb_cond_list() by using kmemdup(), Paul Moore
- Re: [PATCH 0/3] selinux: fix changing booleans, Paul Moore
  - Re: [PATCH 0/3] selinux: fix changing booleans, Ondrej Mosnacek
    - Re: [PATCH 0/3] selinux: fix changing booleans, Paul Moore
[PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests, David Brazdil
- Re: [PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests, Ondrej Mosnacek
  - Re: [PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests, Ondrej Mosnacek
    - Re: [PATCH testsuite] Add AF_VSOCK SOCK_STREAM client/server tests, David Brazdil
typechange silently dropped in some cases, Dominick Grift
- Re: typechange silently dropped in some cases, James Carter
  - Re: typechange silently dropped in some cases, Dominick Grift
[PATCH] cil_conditional_statements.md: fix expr definition, Dominick Grift
- Re: [PATCH] cil_conditional_statements.md: fix expr definition, James Carter
  - Re: [PATCH] cil_conditional_statements.md: fix expr definition, James Carter
[PATCH testsuite] tests/userfaultfd: handle __NR_userfaultfd not being defined, Ondrej Mosnacek
- Message not available
  - Re: [PATCH testsuite] tests/userfaultfd: handle __NR_userfaultfd not being defined, Ondrej Mosnacek
    - Re: [PATCH testsuite] tests/userfaultfd: handle __NR_userfaultfd not being defined, Ondrej Mosnacek
[RFC PATCH userspace 0/6] Parallel setfiles/restorecon, Ondrej Mosnacek
- [RFC PATCH userspace 4/6] selinux_restorecon: add a global mutex to synchronize progress output, Ondrej Mosnacek
- [RFC PATCH userspace 1/6] selinux_restorecon: simplify fl_head allocation by using calloc(), Ondrej Mosnacek
- [RFC PATCH userspace 2/6] selinux_restorecon: protect file_spec list with a mutex, Ondrej Mosnacek
- [RFC PATCH userspace 3/6] selinux_restorecon: introduce selinux_log_sync(), Ondrej Mosnacek
- [RFC PATCH userspace 6/6] setfiles/restorecon: support parallel relabeling, Ondrej Mosnacek
- [RFC PATCH userspace 5/6] selinux_restorecon: introduce selinux_restorecon_parallel(3), Ondrej Mosnacek
- Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon, peter enderborg
  - Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon, Ondrej Mosnacek
    - Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon, Nicolas Iooss
      - Re: [RFC PATCH userspace 0/6] Parallel setfiles/restorecon, Ondrej Mosnacek
[GIT PULL] SELinux fixes for v5.12 (#1), Paul Moore
- Re: [GIT PULL] SELinux fixes for v5.12 (#1), pr-tracker-bot
[PATCH] libsepol/cil: Allow permission expressions when using map classes, James Carter
- <Possible follow-ups>
- [PATCH] libsepol/cil: Allow permission expressions when using map classes, James Carter
  - [PATCH 1/3] libsepol/cil: Refactor helper function for cil_gen_node(), James Carter
  - [PATCH 2/3] libsepol/cil: Create function cil_add_decl_to_symtab() and refactor, James Carter
  - [PATCH 3/3] libsepol/cil: Move check for the shadowing of macro parameters, James Carter
  - Re: [PATCH] libsepol/cil: Allow permission expressions when using map classes, James Carter
[PATCH V2] libsepol/cil: Exit with an error if declaration name is a reserved word, James Carter
[PATCH userspace] policycoreutils/setfiles: do not create useless setfiles.8.man file, Ondrej Mosnacek
- Re: [PATCH userspace] policycoreutils/setfiles: do not create useless setfiles.8.man file, Nicolas Iooss
  - Re: [PATCH userspace] policycoreutils/setfiles: do not create useless setfiles.8.man file, Nicolas Iooss
[PATCH v2] selinux: vsock: Set SID for socket returned by accept(), David Brazdil
- Re: [PATCH v2] selinux: vsock: Set SID for socket returned by accept(), David Brazdil
- Re: [PATCH v2] selinux: vsock: Set SID for socket returned by accept(), patchwork-bot+netdevbpf
[PATCH v2] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\", Nicolas Iooss
[PATCH v3 0/3] selinux: policy load fixes, Ondrej Mosnacek
- [PATCH v3 2/3] selinux: fix variable scope issue in live sidtab conversion, Ondrej Mosnacek
- [PATCH v3 1/3] selinux: don't log MAC_POLICY_LOAD record on failed policy load, Ondrej Mosnacek
- [PATCH v3 3/3] selinuxfs: unify policy load error reporting, Ondrej Mosnacek
- Re: [PATCH v3 0/3] selinux: policy load fixes, Paul Moore
[PATCH v2 0/3] Split security_task_getsecid() into subj and obj variants, Paul Moore
- [PATCH v2 1/3] lsm: separate security_task_getsecid() into subjective and objective variants, Paul Moore
  - Re: [PATCH v2 1/3] lsm: separate security_task_getsecid() into subjective and objective variants, Casey Schaufler
    - Re: [PATCH v2 1/3] lsm: separate security_task_getsecid() into subjective and objective variants, Paul Moore
  - Re: [PATCH v2 1/3] lsm: separate security_task_getsecid() into subjective and objective variants, Richard Guy Briggs
- [PATCH v2 2/3] selinux: clarify task subjective and objective credentials, Paul Moore
  - Re: [PATCH v2 2/3] selinux: clarify task subjective and objective credentials, Richard Guy Briggs
- [PATCH v2 3/3] smack: differentiate between subjective and objective task credentials, Paul Moore
- Re: [PATCH v2 0/3] Split security_task_getsecid() into subj and obj variants, Paul Moore
[PATCH] libsepol/cil: More strict verification of constraint leaf expressions, James Carter
[PATCH] libsepol/cil: Exit with an error if declaration name is a reserved word, James Carter
- Re: [PATCH] libsepol/cil: Exit with an error if declaration name is a reserved word, Nicolas Iooss
  - Re: [PATCH] libsepol/cil: Exit with an error if declaration name is a reserved word, James Carter
    - Re: [PATCH] libsepol/cil: Exit with an error if declaration name is a reserved word, James Carter
Re: deadlock bug related to bpf,audit subsystems, Paul Moore
- Re: deadlock bug related to bpf,audit subsystems, Paul Moore
[PATCH] libsepol/cil: Set class field to NULL when resetting struct cil_classperms, James Carter
[PATCH] libsepol/cil: cil_reset_classperms_set() should not reset classpermission, James Carter
Weird bug in NFS/SELinux, Ondrej Mosnacek
- Re: Weird bug in NFS/SELinux, Olga Kornievskaia
  - Re: Weird bug in NFS/SELinux, Ondrej Mosnacek
    - Re: Weird bug in NFS/SELinux, Ondrej Mosnacek
[PATCH] libsepol/cil: Destroy classperm list when resetting map perms, James Carter
[PATCH] libsepol/cil: Destroy classperms list when resetting classpermission, James Carter
- Re: [PATCH] libsepol/cil: Destroy classperms list when resetting classpermission, Nicolas Iooss
  - Re: [PATCH] libsepol/cil: Destroy classperms list when resetting classpermission, James Carter
[PATCH] selinux: vsock: Set SID for socket returned by accept(), David Brazdil
- Re: [PATCH] selinux: vsock: Set SID for socket returned by accept(), Paul Moore
  - Re: [PATCH] selinux: vsock: Set SID for socket returned by accept(), David Brazdil
libsepol/cil: use after free with optional classpermissionset, Nicolas Iooss
[PATCH 1/1] libsepol: make num_* unsigned int in module_to_cil, Nicolas Iooss
- Re: [PATCH 1/1] libsepol: make num_* unsigned int in module_to_cil, James Carter
  - Re: [PATCH 1/1] libsepol: make num_* unsigned int in module_to_cil, James Carter
[PATCH 1/4] libsepol/cil: Allow lists in constraint expressions, James Carter
- [PATCH 4/4] libsepol: Write "NO_IDENTIFIER" for empty CIL constraint expression, James Carter
  - Re: [PATCH 4/4] libsepol: Write "NO_IDENTIFIER" for empty CIL constraint expression, Nicolas Iooss
    - Re: [PATCH 4/4] libsepol: Write "NO_IDENTIFIER" for empty CIL constraint expression, James Carter
- [PATCH 3/4] libsepol: Enclose identifier lists in CIL constraint expressions, James Carter
- [PATCH 2/4] secilc/docs: Lists are now allowed in constraint expressions, James Carter
- Re: [PATCH 1/4] libsepol/cil: Allow lists in constraint expressions, Nicolas Iooss
  - Re: [PATCH 1/4] libsepol/cil: Allow lists in constraint expressions, James Carter
[PATCH 1/2] libsepol: Write "NO_IDENTIFIER" for empty constraint expression, James Carter
- [PATCH 2/2] libsepol: Enclose identifier lists in constraint expressions, James Carter
- Re: [PATCH 1/2] libsepol: Write "NO_IDENTIFIER" for empty constraint expression, Nicolas Iooss
  - Re: [PATCH 1/2] libsepol: Write "NO_IDENTIFIER" for empty constraint expression, James Carter
[PATCH] xfs: use has_capability_noaudit() instead of capable() where appropriate, Ondrej Mosnacek
- Re: [PATCH] xfs: use has_capability_noaudit() instead of capable() where appropriate, Dave Chinner
  - Re: [PATCH] xfs: use has_capability_noaudit() instead of capable() where appropriate, Ondrej Mosnacek
    - Re: [PATCH] xfs: use has_capability_noaudit() instead of capable() where appropriate, Dave Chinner
[PATCH] libsepol/cil: Check for duplicate blocks, optionals, and macros, James Carter
- Re: [PATCH] libsepol/cil: Check for duplicate blocks, optionals, and macros, Nicolas Iooss
  - Re: [PATCH] libsepol/cil: Check for duplicate blocks, optionals, and macros, James Carter
[PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs, Ondrej Mosnacek
- Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs, Paul Moore
  - Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs, Al Viro
    - Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs, Ondrej Mosnacek
      - Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs, Ondrej Mosnacek
        
        Re: [PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs, Christoph Hellwig
libsepol/cil: type confusion between macro and optional leads to heap-buffer-overflow in cil_copy_macro, Nicolas Iooss
- Re: libsepol/cil: type confusion between macro and optional leads to heap-buffer-overflow in cil_copy_macro, James Carter
[PATCH 1/2 v2] checkpolicy: Do not automatically upgrade when using "-b" flag, James Carter
- [PATCH 2/2 v2] libsepol: Check kernel to CIL and Conf functions for supported versions, James Carter
- Re: [PATCH 1/2 v2] checkpolicy: Do not automatically upgrade when using "-b" flag, Nicolas Iooss
  - Re: [PATCH 1/2 v2] checkpolicy: Do not automatically upgrade when using "-b" flag, Nicolas Iooss
[PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\", Nicolas Iooss
- [PATCH 3/6] libsepol/cil: remove stray printf, Nicolas Iooss
  - Re: [PATCH 3/6] libsepol/cil: remove stray printf, James Carter
- [PATCH 4/6] libsepol/cil: replace printf with proper cil_tree_log, Nicolas Iooss
  - Re: [PATCH 4/6] libsepol/cil: replace printf with proper cil_tree_log, James Carter
- [PATCH 5/6] libsepol/cil: fix NULL pointer dereference in __cil_insert_name, Nicolas Iooss
  - Re: [PATCH 5/6] libsepol/cil: fix NULL pointer dereference in __cil_insert_name, James Carter
- [PATCH 2/6] libsepol/cil: make cil_post_fc_fill_data static, Nicolas Iooss
  - Re: [PATCH 2/6] libsepol/cil: make cil_post_fc_fill_data static, James Carter
    - Re: [PATCH 2/6] libsepol/cil: make cil_post_fc_fill_data static, Nicolas Iooss
- [PATCH 6/6] libsepol/cil: do not leak avrulex_ioctl_table memory when an error occurs, Nicolas Iooss
  - Re: [PATCH 6/6] libsepol/cil: do not leak avrulex_ioctl_table memory when an error occurs, James Carter
- Re: [PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\", James Carter
  - Re: [PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\", Nicolas Iooss
    - Re: [PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\", James Carter
      - Re: [PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\", Nicolas Iooss
        
        Re: [PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\", James Carter
[PATCH] libsepol: Remove unnecessary copying of declarations from link.c, James Carter
- Re: [PATCH] libsepol: Remove unnecessary copying of declarations from link.c, Nicolas Iooss
  - Re: [PATCH] libsepol: Remove unnecessary copying of declarations from link.c, Nicolas Iooss
[PATCH 1/2] checkpolicy: Do not automatically upgrade when using "-b" flag, James Carter
- [PATCH 2/2] libsepol: Check kernel to CIL and Conf functions for supported versions, James Carter
  - Re: [PATCH 2/2] libsepol: Check kernel to CIL and Conf functions for supported versions, Nicolas Iooss
- Re: [PATCH 1/2] checkpolicy: Do not automatically upgrade when using "-b" flag, Nicolas Iooss
  - Re: [PATCH 1/2] checkpolicy: Do not automatically upgrade when using "-b" flag, James Carter
[PATCH] libsepol: Expand role attributes in constraint expressions, James Carter
- Re: [PATCH] libsepol: Expand role attributes in constraint expressions, Christian Göttsche
  - Re: [PATCH] libsepol: Expand role attributes in constraint expressions, Nicolas Iooss
    - Re: [PATCH] libsepol: Expand role attributes in constraint expressions, Nicolas Iooss
Role attributes in traditional language constraints, Christian Göttsche
- Re: Role attributes in traditional language constraints, James Carter
[PATCH] libsepol: Properly handle types associated to role attributes, James Carter
- Re: [PATCH] libsepol: Properly handle types associated to role attributes, Nicolas Iooss
  - Re: [PATCH] libsepol: Properly handle types associated to role attributes, Nicolas Iooss
[PATCH] object_classes_permissions.md: Add anon_inode class, Richard Haines
- Re: [PATCH] object_classes_permissions.md: Add anon_inode class, Paul Moore
[PATCH v25 00/25] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v25 01/25] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v25 02/25] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v25 03/25] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v25 04/25] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v25 05/25] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v25 06/25] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v25 07/25] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v25 08/25] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v25 09/25] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v25 10/25] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v25 11/25] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v25 12/25] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
  - [RFC PATCH] LSM: audit_sig_lsm can be static, kernel test robot
  - Re: [PATCH v25 12/25] LSM: Use lsmblob in security_cred_getsecid, kernel test robot
- [PATCH v25 13/25] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
- [PATCH v25 14/25] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v25 15/25] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v25 16/25] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v25 17/25] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
  - Re: [PATCH v25 17/25] LSM: Use lsmcontext in security_inode_getsecctx, Chuck Lever III
- [PATCH v25 18/25] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v25 19/25] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v25 20/25] LSM: Verify LSM display sanity in binder, Casey Schaufler
- [PATCH v25 21/25] audit: add support for non-syscall auxiliary records, Casey Schaufler
  - Re: [PATCH v25 21/25] audit: add support for non-syscall auxiliary records, kernel test robot
- [PATCH v25 22/25] Audit: Add new record for multiple process LSM attributes, Casey Schaufler
  - Re: [PATCH v25 22/25] Audit: Add new record for multiple process LSM attributes, kernel test robot
  - Re: [PATCH v25 22/25] Audit: Add new record for multiple process LSM attributes, kernel test robot
- [PATCH v25 23/25] Audit: Add a new record for multiple object LSM attributes, Casey Schaufler
- [PATCH v25 24/25] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v25 25/25] AppArmor: Remove the exclusive flag, Casey Schaufler
[PATCH] libsepol/checkpolicy: Set user roles using role value instead of dominance, James Carter
- Re: [PATCH] libsepol/checkpolicy: Set user roles using role value instead of dominance, Nicolas Iooss
  - Re: [PATCH] libsepol/checkpolicy: Set user roles using role value instead of dominance, Nicolas Iooss
[PATCH] security/selinux/include/: fix misspellings using codespell tool, menglong8 . dong
- Re: [PATCH] security/selinux/include/: fix misspellings using codespell tool, Paul Moore
[PATCH] security/selinux/ss: fix misspellings using codespell tool, menglong8 . dong
- Re: [PATCH] security/selinux/ss: fix misspellings using codespell tool, Paul Moore
ANN: SPAN docker images, Karl MacMillan
ANN: SETools 4.4.0, Chris PeBenito
Quick announcement on the selinux/next and audit/next branches, Paul Moore
- Re: Quick announcement on the selinux/next and audit/next branches, Paul Moore
  - Re: Quick announcement on the selinux/next and audit/next branches, Richard Guy Briggs
    - Re: Quick announcement on the selinux/next and audit/next branches, Paul Moore
[PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts, Paul Moore
- Re: [PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts, Paul Moore
- Re: [PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts, David Miller
  - Re: [PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts, Paul Moore
    - Re: [PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts, David Miller
- Re: [PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts, patchwork-bot+netdevbpf
ANN: SELinux userspace release 3.2, Petr Lautrbach
[PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, Suren Baghdasaryan
- Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, Shakeel Butt
  - Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, Suren Baghdasaryan
    - Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, Shakeel Butt
      - Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, Suren Baghdasaryan
      - Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, David Hildenbrand
        
        Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, Shakeel Butt
        
        Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, David Hildenbrand
        
        Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, Suren Baghdasaryan
        
        Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, David Hildenbrand
        
        Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, Suren Baghdasaryan
        
        Re: [PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise, David Hildenbrand
[PATCH testsuite 0/3] perf_event: fixes and cleanups, Ondrej Mosnacek
- [PATCH testsuite 2/3] perf_event: fix wrong use of perf_event_open(2) API, Ondrej Mosnacek
- [PATCH testsuite 1/3] perf_event: measure CPU 0 rather than CPU 1, Ondrej Mosnacek
- [PATCH testsuite 3/3] perf_event: fix CAP_SYS_ADMIN references, Ondrej Mosnacek
- Re: [PATCH testsuite 0/3] perf_event: fixes and cleanups, Ondrej Mosnacek
  - Re: [PATCH testsuite 0/3] perf_event: fixes and cleanups, Paul Moore
[PATCH testsuite] lockdown: use debugfs/tracefs to test lockdown permissions, Ondrej Mosnacek
- Re: [PATCH testsuite] lockdown: use debugfs/tracefs to test lockdown permissions, Ondrej Mosnacek
[PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode, Ondrej Mosnacek
- Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode, Petr Lautrbach
  - Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode, Ondrej Mosnacek
    - Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode, Petr Lautrbach
    - Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode, Dominick Grift
- Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode, Petr Lautrbach
  - Re: [PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode, Petr Lautrbach
[PATCH 09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c, Alexey Dobriyan
- Re: [PATCH 09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c, Paul Moore
  - Re: [PATCH 09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c, Alexey Dobriyan
[PATCH] libsepol: invalidate the pointer to the policydb if policydb_init fails, Nicolas Iooss
- Re: [PATCH] libsepol: invalidate the pointer to the policydb if policydb_init fails, James Carter
  - Re: [PATCH] libsepol: invalidate the pointer to the policydb if policydb_init fails, Nicolas Iooss
[PATCH 1/1] restorecond: invalidate local_lock_fd properly when closing it, Nicolas Iooss
- Re: [PATCH 1/1] restorecond: invalidate local_lock_fd properly when closing it, Petr Lautrbach
[PATCH] libsepol/cil: fix NULL pointer dereference in cil_fill_ipaddr, lutianxiong
- Re: [PATCH] libsepol/cil: fix NULL pointer dereference in cil_fill_ipaddr, James Carter
  - Re: [PATCH] libsepol/cil: fix NULL pointer dereference in cil_fill_ipaddr, Nicolas Iooss
[PATCH] perf/core: fix unconditional security_locked_down() call, Ondrej Mosnacek
- Re: [PATCH] perf/core: fix unconditional security_locked_down() call, Paul Moore
  - Re: [PATCH] perf/core: fix unconditional security_locked_down() call, Peter Zijlstra
    - Re: [PATCH] perf/core: fix unconditional security_locked_down() call, Paul Moore
Rename 'master' branch to 'main', Petr Lautrbach
- Re: Rename 'master' branch to 'main', James Carter
  - Re: Rename 'master' branch to 'main', Nicolas Iooss
ANN: SELinux userspace 3.2-rc3 release candidate, Petr Lautrbach
- Re: ANN: SELinux userspace 3.2-rc3 release candidate - the last one, Petr Lautrbach
[BUG] Race between policy reload sidtab conversion and live conversion, Tyler Hicks
- Re: [BUG] Race between policy reload sidtab conversion and live conversion, Tyler Hicks
  - Re: [BUG] Race between policy reload sidtab conversion and live conversion, Tyler Hicks
    - Re: [BUG] Race between policy reload sidtab conversion and live conversion, Paul Moore
    - Re: [BUG] Race between policy reload sidtab conversion and live conversion, Ondrej Mosnacek
      - Re: [BUG] Race between policy reload sidtab conversion and live conversion, Tyler Hicks
        
        Re: [BUG] Race between policy reload sidtab conversion and live conversion, Ondrej Mosnacek
        
        Re: [BUG] Race between policy reload sidtab conversion and live conversion, Tyler Hicks
        
        Re: [BUG] Race between policy reload sidtab conversion and live conversion, Paul Moore
      - Re: [BUG] Race between policy reload sidtab conversion and live conversion, Paul Moore
        
        Re: [BUG] Race between policy reload sidtab conversion and live conversion, Ondrej Mosnacek
        
        Re: [BUG] Race between policy reload sidtab conversion and live conversion, Paul Moore
        
        Re: [BUG] Race between policy reload sidtab conversion and live conversion, Ondrej Mosnacek
        
        Re: [BUG] Race between policy reload sidtab conversion and live conversion, Paul Moore
        
        Message not available
        
        Re: [BUG] Race between policy reload sidtab conversion and live conversion, Ondrej Mosnacek
        
        Message not available
        
        Re: [BUG] Race between policy reload sidtab conversion and live conversion, Ondrej Mosnacek
[PATCH] sepolicy: Do not try to load policy on import, Petr Lautrbach
- Re: [PATCH] sepolicy: Do not try to load policy on import, Nicolas Iooss
Re: [PATCH] powerpc/perf: Fix handling of privilege level checks in perf interrupt context, Ondrej Mosnacek
[PATCH] IMA: Add test for selinux measurement, Lakshmi Ramasubramanian
- Re: [PATCH] IMA: Add test for selinux measurement, Petr Vorel
  - Re: [PATCH] IMA: Add test for selinux measurement, Lakshmi Ramasubramanian
    - Re: [PATCH] IMA: Add test for selinux measurement, Petr Vorel
      - Re: [PATCH] IMA: Add test for selinux measurement, Lakshmi Ramasubramanian
- Re: [PATCH] IMA: Add test for selinux measurement, Petr Vorel
[PATCH v3] policycoreutils: sestatus belongs to bin not sbin, bauen1
- Re: [PATCH v3] policycoreutils: sestatus belongs to bin not sbin, Nicolas Iooss
  - Re: [PATCH v3] policycoreutils: sestatus belongs to bin not sbin, Petr Lautrbach
[PATCH] libsepol/cil: handle SID without assigned context when writing policy.conf, Christian Göttsche
- Re: [PATCH] libsepol/cil: handle SID without assigned context when writing policy.conf, James Carter
- [PATCH v2] libsepol/cil: handle SID without assigned context when writing policy.conf, Christian Göttsche
  - Re: [PATCH v2] libsepol/cil: handle SID without assigned context when writing policy.conf, James Carter
    - Re: [PATCH v2] libsepol/cil: handle SID without assigned context when writing policy.conf, Petr Lautrbach
[RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants, Paul Moore
- [RFC PATCH 2/4] selinux: clarify task subjective and objective credentials, Paul Moore
  - Re: [RFC PATCH 2/4] selinux: clarify task subjective and objective credentials, John Johansen
  - Re: [RFC PATCH 2/4] selinux: clarify task subjective and objective credentials, Richard Guy Briggs
  - Re: [RFC PATCH 2/4] selinux: clarify task subjective and objective credentials, John Johansen
    - Re: [RFC PATCH 2/4] selinux: clarify task subjective and objective credentials, Paul Moore
      - Re: [RFC PATCH 2/4] selinux: clarify task subjective and objective credentials, Paul Moore
- [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Paul Moore
  - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, James Morris
    - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Paul Moore
      - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Jeffrey Vander Stoep
        
        Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Paul Moore
        
        Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Jeffrey Vander Stoep
        
        Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Paul Moore
  - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, John Johansen
    - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Paul Moore
    - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Paul Moore
      - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Paul Moore
        
        Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, John Johansen
  - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Mimi Zohar
  - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Richard Guy Briggs
    - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Paul Moore
  - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, John Johansen
    - Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants, Paul Moore
- [RFC PATCH 3/4] smack: differentiate between subjective and objective task credentials, Paul Moore
  - Re: [RFC PATCH 3/4] smack: differentiate between subjective and objective task credentials, John Johansen
  - Re: [RFC PATCH 3/4] smack: differentiate between subjective and objective task credentials, Richard Guy Briggs
  - Re: [RFC PATCH 3/4] smack: differentiate between subjective and objective task credentials, John Johansen
- [RFC PATCH 4/4] apparmor: differentiate between subjective and objective task credentials, Paul Moore
  - Re: [RFC PATCH 4/4] apparmor: differentiate between subjective and objective task credentials, John Johansen
    - Re: [RFC PATCH 4/4] apparmor: differentiate between subjective and objective task credentials, Paul Moore
- Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants, Casey Schaufler
  - Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants, Paul Moore
    - Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants, Casey Schaufler
      - Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants, Mimi Zohar
        
        Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants, Paul Moore
      - Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants, Paul Moore
        
        Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants, Casey Schaufler
        
        Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants, Paul Moore
[PATCH v3 1/3] [security] Add new hook to compare new mount to an existing mount, Olga Kornievskaia
- [PATCH v3 2/3] [NFS] cleanup: remove unneeded null check in nfs_fill_super(), Olga Kornievskaia
  - Re: [PATCH v3 2/3] [NFS] cleanup: remove unneeded null check in nfs_fill_super(), Paul Moore
- [PATCH v3 3/3] NFSv4 account for selinux security context when deciding to share superblock, Olga Kornievskaia
  - Re: [PATCH v3 3/3] NFSv4 account for selinux security context when deciding to share superblock, Paul Moore
- Re: [PATCH v3 1/3] [security] Add new hook to compare new mount to an existing mount, Paul Moore
  - Re: [PATCH v3 1/3] [security] Add new hook to compare new mount to an existing mount, Olga Kornievskaia
    - Re: [PATCH v3 1/3] [security] Add new hook to compare new mount to an existing mount, Casey Schaufler
    - Re: [PATCH v3 1/3] [security] Add new hook to compare new mount to an existing mount, Paul Moore
    - [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Olga Kornievskaia
      - Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Anna Schumaker
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Casey Schaufler
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Paul Moore
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Anna Schumaker
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Paul Moore
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Olga Kornievskaia
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Paul Moore
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Olga Kornievskaia
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Paul Moore
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Paul Moore
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Casey Schaufler
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, James Morris
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Olga Kornievskaia
        
        Re: [PATCH v4 1/3] [security] Add new hook to compare new mount to an existing mount, Paul Moore
[PATCH v3 1/2] [security] Add new hook to compare new mount to an existing mount, Olga Kornievskaia
- [PATCH v3 2/2] NFSv4 account for selinux security context when deciding to share superblock, Olga Kornievskaia
- Re: [PATCH v3 1/2] [security] Add new hook to compare new mount to an existing mount, Casey Schaufler
[PATCH v2 1/2] [security] Add new hook to compare new mount to an existing mount, Olga Kornievskaia
- [PATCH v2 2/2] NFSv4 account for selinux security context when deciding to share superblock, Olga Kornievskaia
  - Re: [PATCH v2 2/2] NFSv4 account for selinux security context when deciding to share superblock, Casey Schaufler
    - Re: [PATCH v2 2/2] NFSv4 account for selinux security context when deciding to share superblock, Olga Kornievskaia
      - Re: [PATCH v2 2/2] NFSv4 account for selinux security context when deciding to share superblock, Casey Schaufler
        
        Re: [PATCH v2 2/2] NFSv4 account for selinux security context when deciding to share superblock, Olga Kornievskaia
  - Re: [PATCH v2 2/2] NFSv4 account for selinux security context when deciding to share superblock, Dan Carpenter
    - Re: [PATCH v2 2/2] NFSv4 account for selinux security context when deciding to share superblock, Olga Kornievskaia
      - Re: [PATCH v2 2/2] NFSv4 account for selinux security context when deciding to share superblock, Trond Myklebust
- Re: [PATCH v2 1/2] [security] Add new hook to compare new mount to an existing mount, Casey Schaufler
  - Re: [PATCH v2 1/2] [security] Add new hook to compare new mount to an existing mount, Olga Kornievskaia
    - Re: [PATCH v2 1/2] [security] Add new hook to compare new mount to an existing mount, Casey Schaufler
security_task_getsecid() and subjective vs objective task creds, Paul Moore
- Re: security_task_getsecid() and subjective vs objective task creds, Casey Schaufler
  - Re: security_task_getsecid() and subjective vs objective task creds, Paul Moore
- Re: security_task_getsecid() and subjective vs objective task creds, Casey Schaufler
  - Re: security_task_getsecid() and subjective vs objective task creds, Steve Grubb
- Re: security_task_getsecid() and subjective vs objective task creds, James Morris
  - Re: security_task_getsecid() and subjective vs objective task creds, Paul Moore
[PATCH] secilc: fixes cil_role_statements.md example, Dominick Grift
- Re: [PATCH] secilc: fixes cil_role_statements.md example, James Carter
  - Re: [PATCH] secilc: fixes cil_role_statements.md example, Petr Lautrbach
[PATCH] libselinux: rename gettid() to something which never conflicts with the libc, Nicolas Iooss
- Re: [PATCH] libselinux: rename gettid() to something which never conflicts with the libc, Petr Lautrbach
  - Re: [PATCH] libselinux: rename gettid() to something which never conflicts with the libc, Petr Lautrbach
[PATCH] gui: fix "file type" selection in fcontextPage, Vit Mojzis
- Re: [PATCH] gui: fix "file type" selection in fcontextPage, Ondrej Mosnacek
  - [PATCH v2] gui: fix "file type" selection in fcontextPage, Vit Mojzis
    - Re: [PATCH v2] gui: fix "file type" selection in fcontextPage, Petr Lautrbach
[PATCH 1/2] libselinux: fix segfault in add_xattr_entry(), Petr Lautrbach
- [PATCH 2/2] policycoreutils: Resolve path in restorecon_xattr, Petr Lautrbach
- Re: [PATCH 1/2] libselinux: fix segfault in add_xattr_entry(), Nicolas Iooss
  - Re: [PATCH 1/2] libselinux: fix segfault in add_xattr_entry(), Petr Lautrbach
[PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, Preeti Nagar
- Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, Nick Desaulniers
  - Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, pnagar
- Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, Miguel Ojeda
  - Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, pnagar
- Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, Will Deacon
  - Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, Ard Biesheuvel
    - Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, pnagar
  - Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, Marc Zyngier
    - Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, pnagar
      - Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, Marc Zyngier
  - Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, peter enderborg
- Re: [PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page, Paul Moore
[GIT PULL] SELinux patches for v5.12, Paul Moore
- Re: [GIT PULL] SELinux patches for v5.12, Linus Torvalds
  - Re: [GIT PULL] SELinux patches for v5.12, Paul Moore
- Re: [GIT PULL] SELinux patches for v5.12, pr-tracker-bot
selinux-testsuite failures with selinux-policy-3.14.8-1, Paul Moore
- Re: selinux-testsuite failures with selinux-policy-3.14.8-1, Ondrej Mosnacek
[PATCH] policycoretuils: sestatus belongs to bin not sbin, bauen1
- Re: [PATCH] policycoretuils: sestatus belongs to bin not sbin, Nicolas Iooss
  - Re: [PATCH] policycoretuils: sestatus belongs to bin not sbin, bauen1
  - Re: [PATCH] policycoretuils: sestatus belongs to bin not sbin, Petr Lautrbach
  - [PATCH v2] policycoreutils: sestatus belongs to bin not sbin, bauen1
    - Re: [PATCH v2] policycoreutils: sestatus belongs to bin not sbin, Nicolas Iooss
[PATCH 1/2] [security] Add new hook to compare new mount to an existing mount, Olga Kornievskaia
- [PATCH 2/2] NFSv4 account for selinux security context when deciding to share superblock, Olga Kornievskaia
  - Re: [PATCH 2/2] NFSv4 account for selinux security context when deciding to share superblock, kernel test robot
  - Re: [PATCH 2/2] NFSv4 account for selinux security context when deciding to share superblock, kernel test robot
- Re: [PATCH 1/2] [security] Add new hook to compare new mount to an existing mount, Casey Schaufler
  - Re: [PATCH 1/2] [security] Add new hook to compare new mount to an existing mount, Olga Kornievskaia
    - Re: [PATCH 1/2] [security] Add new hook to compare new mount to an existing mount, Casey Schaufler
[PATCH v2 0/2] selinux: policy load fixes, Ondrej Mosnacek
- [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load, Ondrej Mosnacek
  - Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load, Paul Moore
    - Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load, Ondrej Mosnacek
      - Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load, Paul Moore
        
        Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load, Tyler Hicks
        
        Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load, Ondrej Mosnacek
        
        Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load, Paul Moore
        
        Re: [PATCH v2 1/2] selinux: don't log MAC_POLICY_LOAD record on failed policy load, Stephen Smalley
- [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion, Ondrej Mosnacek
  - Re: [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion, Paul Moore
    - Re: [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion, Ondrej Mosnacek
  - Re: [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion, Tyler Hicks
    - Re: [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion, Ondrej Mosnacek

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]