Security Enhanced Linux (SELINUX)
[Prev Page][Next Page]
- Re: [PATCH v2 2/2] selinux: fix variable scope issue in live sidtab conversion, (continued)
- [PATCH v3] selinux: measure state and policy capabilities,
Lakshmi Ramasubramanian
- Defining SELinux users, "Unable to get valid context...". Help!,
Peter Whittaker
- [PATCH][v2] selinux: Allow context mounts for unpriviliged overlayfs,
Vivek Goyal
- alternative to glblub defaultrange, bauen1
- [PATCH] selinux(8,5): Describe fcontext regular expressions,
Vit Mojzis
- [PATCH] selinux: Allow context mounts for unpriviliged overlayfs,
Vivek Goyal
- Recommended value in CONFIG_LSM option on SELinux system?,
Nicolas Iooss
- [ANNOUNCE][CFP] Linux Security Summit 2021,
James Morris
- [PATCH] libsepol/cil: Destroy disabled optional blocks after pass is complete,
James Carter
- [PATCH] selinux: fix variable scope issue in live sidtab conversion,
Ondrej Mosnacek
- [PATCH 0/2] libsepol: Validate policydb values when reading binary,
James Carter
- [PATCH] libsepol: Eliminate gaps in the policydb role arrays,
James Carter
- [PATCH 1/3] libsepol/cil: fix NULL pointer dereference with empty macro argument,
Nicolas Iooss
- [PATCH] libsepol/cil: Fix integer overflow in the handling of hll line marks,
James Carter
- [PATCH 1/2] secilc/docs: use fenced code blocks for cil examples, bauen1
- [RFC][PATCH 0/2] keys: request_key() interception in containers,
David Howells
- [PATCH RESEND v5] proc: Allow pid_revalidate() during LOOKUP_RCU,
Stephen Brennan
- [PATCH 2/2] secilc/docs: add syntax highlighting for secil, bauen1
- [PATCH 0/2] secilc/docs: add syntax highlighting for cil examples,
bauen1
- [PATCH 1/2] libselinux/getconlist: report failures,
Christian Göttsche
- ANN: Reference Policy 2.20210203, Chris PeBenito
- ANN: SELinux userspace 3.2-rc2 release candidate, Petr Lautrbach
- [PATCH 1/3] libsepol: remove unused files,
Nicolas Iooss
- libsepol/cil: use-after-free with optional+class common,
Nicolas Iooss
- [PATCH V2] libsepol/cil: Fix heap-use-after-free when using optional blockinherit,
James Carter
- libsepol: signed integer overflow in the HLL line counter of CIL compiler,
Nicolas Iooss
- [PATCH v3 1/1] process_madvise.2: Add process_madvise man page,
Suren Baghdasaryan
- [PATCH 1/1] libsepol/cil: unlink blockinherit->block link when destroying a block,
Nicolas Iooss
- [PATCH v2 1/1] scripts/release: make the script more robust, and release a source repository snapshot,
Nicolas Iooss
- [PATCH] setfiles: drop now unused static variable,
Christian Göttsche
- [PATCH] policycoreutils/setfiles: Drop unused nerr variable,
Petr Lautrbach
- [PATCH] libsepol/cil: fix memory leak when a constraint expression is too deep,
Nicolas Iooss
- [PATCH] libsepol/cil: fix heap-use-after-free when using optional blockinherit,
Nicolas Iooss
- [PATCH v3] libsemanage: sync filesystem with sandbox,
Petr Lautrbach
- [PATCH 1/1] scripts/release: make the script more robust and direct, Nicolas Iooss
- [PATCH 0/3] support for duplicate measurement of integrity critical data,
Tushar Sugandhi
- [PATCH] scripts/release: Release also tarball with everything,
Petr Lautrbach
- [PATCH v2] selinux: measure state and policy capabilities,
Lakshmi Ramasubramanian
- [PATCH v2 1/1] process_madvise.2: Add process_madvise man page,
Suren Baghdasaryan
- Re: [PATCH v2 1/1] process_madvise.2: Add process_madvise man page, Michael Kerrisk (man-pages)
[PATCH] libsemanage: sync filesystem with sandbox,
Petr Lautrbach
[PATCH] selinux-notebook: Add policy version 33 requirements,
Richard Haines
[PATCH] selinux-notebook: Add new section for Embedded Systems,
Richard Haines
[PATCH v24 00/25] LSM: Module stacking for AppArmor,
Casey Schaufler
- [PATCH v24 05/25] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v24 12/25] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v24 03/25] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v24 13/25] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
- [PATCH v24 04/25] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v24 14/25] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v24 07/25] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v24 08/25] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v24 17/25] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v24 18/25] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v24 01/25] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v24 19/25] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v24 02/25] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v24 20/25] LSM: Verify LSM display sanity in binder, Casey Schaufler
- [PATCH v24 24/25] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v24 25/25] AppArmor: Remove the exclusive flag, Casey Schaufler
- [PATCH v24 23/25] Audit: Add a new record for multiple object LSM attributes, Casey Schaufler
- [PATCH v24 22/25] Audit: Add new record for multiple process LSM attributes, Casey Schaufler
- [PATCH v24 21/25] audit: add support for non-syscall auxiliary records, Casey Schaufler
- [PATCH v24 15/25] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v24 16/25] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v24 11/25] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v24 10/25] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v24 09/25] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v24 06/25] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- Re: [PATCH v24 00/25] LSM: Module stacking for AppArmor, Topi Miettinen
[PATCH] selinux-notebook: Fix document links,
Richard Haines
[PATCH testsuite] ci: run testsuite also against the secnext kernel,
Ondrej Mosnacek
[PATCH testsuite] test_userfaultfd.te: grant test_uffd_domain CAP_SYS_PTRACE,
Ondrej Mosnacek
[PATCH v5] proc: Allow pid_revalidate() during LOOKUP_RCU, Stephen Brennan
[PATCH testsuite 0/2] Migrate CI to GH Actions,
Ondrej Mosnacek
[PATCH] selinux: measure state and policy capabilities,
Lakshmi Ramasubramanian
[PATCH v6 00/40] idmapped mounts,
Christian Brauner
- [PATCH v6 10/40] commoncap: handle idmapped mounts, Christian Brauner
- [PATCH v6 08/40] acl: handle idmapped mounts, Christian Brauner
- [PATCH v6 04/40] capability: handle idmapped mounts, Christian Brauner
- [PATCH v6 03/40] fs: add file and path permissions helpers, Christian Brauner
- [PATCH v6 11/40] stat: handle idmapped mounts, Christian Brauner
- [PATCH v6 17/40] af_unix: handle idmapped mounts, Christian Brauner
- [PATCH v6 12/40] namei: handle idmapped mounts in may_*() helpers, Christian Brauner
- [PATCH v6 14/40] namei: prepare for idmapped mounts, Christian Brauner
- [PATCH v6 19/40] fcntl: handle idmapped mounts, Christian Brauner
- [PATCH v6 18/40] utimes: handle idmapped mounts, Christian Brauner
- [PATCH v6 13/40] namei: introduce struct renamedata, Christian Brauner
- [PATCH v6 27/40] ecryptfs: do not mount on top of idmapped mounts, Christian Brauner
- [PATCH v6 37/40] fat: handle idmapped mounts, Christian Brauner
- [PATCH v6 36/40] tests: add mount_setattr() selftests, Christian Brauner
- [PATCH v6 22/40] would_dump: handle idmapped mounts, Christian Brauner
- [PATCH v6 23/40] exec: handle idmapped mounts, Christian Brauner
- [PATCH v6 34/40] fs: add mount_setattr(), Christian Brauner
- [PATCH v6 35/40] fs: introduce MOUNT_ATTR_IDMAP, Christian Brauner
- [PATCH v6 29/40] namespace: take lock_mount_hash() directly when changing flags, Christian Brauner
- [PATCH v6 39/40] xfs: support idmapped mounts, Christian Brauner
- [PATCH v6 21/40] ioctl: handle idmapped mounts, Christian Brauner
- [PATCH v6 25/40] apparmor: handle idmapped mounts, Christian Brauner
- [PATCH v6 33/40] fs: add attr_flags_to_mnt_flags helper, Christian Brauner
- [PATCH v6 28/40] overlayfs: do not mount on top of idmapped mounts, Christian Brauner
- [PATCH v6 32/40] fs: split out functions to hold writers, Christian Brauner
- [PATCH v6 26/39] ima: handle idmapped mounts, Christian Brauner
- [PATCH v6 31/40] namespace: only take read lock in do_reconfigure_mnt(), Christian Brauner
- [PATCH v6 38/40] ext4: support idmapped mounts, Christian Brauner
- [PATCH v6 20/40] init: handle idmapped mounts, Christian Brauner
- [PATCH v6 30/40] mount: make {lock,unlock}_mount_hash() static, Christian Brauner
- [PATCH v6 15/40] open: handle idmapped mounts in do_truncate(), Christian Brauner
- [PATCH v6 16/40] open: handle idmapped mounts, Christian Brauner
- [PATCH v6 07/40] attr: handle idmapped mounts, Christian Brauner
- [PATCH v6 06/40] inode: make init and permission helpers idmapped mount aware, Christian Brauner
- [PATCH v6 09/40] xattr: handle idmapped mounts, Christian Brauner
- [PATCH v6 01/40] mount: attach mappings to mounts, Christian Brauner
- [PATCH v6 02/40] fs: add id translation helpers, Christian Brauner
- [PATCH v6 05/39] namei: make permission helpers idmapped mount aware, Christian Brauner
- Re: [PATCH v6 00/40] idmapped mounts, Serge E. Hallyn
[PATCH 1/1] process_madvise.2: Add process_madvise man page,
Suren Baghdasaryan
[PATCH v2 1/1] libsepol: do not decode out-of-bound rolebounds,
Nicolas Iooss
ANN: SELinux userspace 3.2-rc1 release candidate, Petr Lautrbach
[RFC PATCH 0/1] selinux-notebook: Add new section for Embedded Systems,
Richard Haines
[PATCH testsuite] Makefile: unload policy when testsuite fails,
Ondrej Mosnacek
VSOCK & getpeercon(),
Marc-André Lureau
[PATCH] NFSv4.2: fix return value of _nfs4_get_security_label(),
Ondrej Mosnacek
[PATCH] fs: anon_inodes: rephrase to appropriate kernel-doc,
Lukas Bulwahn
[PATCH] selinux: include a consumer of the new IMA critical data hook,
Lakshmi Ramasubramanian
[PATCH v2] libselinux: Always close status page fd,
Petr Lautrbach
[PATCH] libselinux: Always close status page fd,
Petr Lautrbach
can't unmount /sys/fs/selinux,
Petr Lautrbach
[PATCH v2 1/2] setfiles: Do not abort on labeling error,
Petr Lautrbach
[PATCH v2] selinux: fall back to SECURITY_FS_USE_GENFS if no xattr support,
Ondrej Mosnacek
[PATCH testsuite] tests/sysctl: use vm.swappiness instead of kernel.modprobe,
Ondrej Mosnacek
[PATCH] setfiles: Do not abort on labeling error,
Petr Lautrbach
[PATCH testsuite v2] perf_event: update perf_event test for the new CAP_PERFMON capability,
Ondrej Mosnacek
Why every file context is "system_u:object_r",
Ashish Mishra
[PATCH v5 00/42] idmapped mounts,
Christian Brauner
- [PATCH v5 02/42] mount: make {lock,unlock}_mount_hash() static, Christian Brauner
- [PATCH v5 03/42] namespace: only take read lock in do_reconfigure_mnt(), Christian Brauner
- [PATCH v5 04/42] fs: split out functions to hold writers, Christian Brauner
- [PATCH v5 05/42] fs: add attr_flags_to_mnt_flags helper, Christian Brauner
- [PATCH v5 06/42] fs: add mount_setattr(), Christian Brauner
- [PATCH v5 09/42] mount: attach mappings to mounts, Christian Brauner
- [PATCH v5 10/42] capability: handle idmapped mounts, Christian Brauner
- [PATCH v5 07/42] tests: add mount_setattr() selftests, Christian Brauner
- [PATCH v5 12/42] inode: make init and permission helpers idmapped mount aware, Christian Brauner
- [PATCH v5 11/42] namei: make permission helpers idmapped mount aware, Christian Brauner
- [PATCH v5 08/42] fs: add id translation helpers, Christian Brauner
- [PATCH v5 14/42] acl: handle idmapped mounts, Christian Brauner
- [PATCH v5 17/42] commoncap: handle idmapped mounts, Christian Brauner
- [PATCH v5 19/42] namei: handle idmapped mounts in may_*() helpers, Christian Brauner
- [PATCH v5 28/42] init: handle idmapped mounts, Christian Brauner
- [PATCH v5 25/42] utimes: handle idmapped mounts, Christian Brauner
- [PATCH v5 18/42] stat: handle idmapped mounts, Christian Brauner
- [PATCH v5 16/42] xattr: handle idmapped mounts, Christian Brauner
- [PATCH v5 31/42] exec: handle idmapped mounts, Christian Brauner
- [PATCH v5 37/42] xfs: support idmapped mounts, Christian Brauner
- [PATCH v5 36/42] ext4: support idmapped mounts, Christian Brauner
- [PATCH v5 01/42] namespace: take lock_mount_hash() directly when changing flags, Christian Brauner
- [PATCH v5 15/42] fs: add file_user_ns() helper, Christian Brauner
- [PATCH v5 13/42] attr: handle idmapped mounts, Christian Brauner
- [PATCH v5 40/42] fs: introduce MOUNT_ATTR_IDMAP, Christian Brauner
- [PATCH v5 20/42] namei: introduce struct renamedata, Christian Brauner
- [PATCH v5 24/42] af_unix: handle idmapped mounts, Christian Brauner
- [PATCH v5 27/42] notify: handle idmapped mounts, Christian Brauner
- [PATCH v5 39/42] overlayfs: do not mount on top of idmapped mounts, Christian Brauner
- [PATCH v5 41/42] tests: extend mount_setattr tests, Christian Brauner
- [PATCH v5 21/42] namei: prepare for idmapped mounts, Christian Brauner
- [PATCH v5 34/42] ima: handle idmapped mounts, Christian Brauner
- [PATCH v5 30/42] would_dump: handle idmapped mounts, Christian Brauner
- [PATCH v5 35/42] fat: handle idmapped mounts, Christian Brauner
- [PATCH v5 22/42] open: handle idmapped mounts in do_truncate(), Christian Brauner
- [PATCH v5 38/42] ecryptfs: do not mount on top of idmapped mounts, Christian Brauner
- [PATCH v5 23/42] open: handle idmapped mounts, Christian Brauner
- [PATCH v5 26/42] fcntl: handle idmapped mounts, Christian Brauner
- [PATCH v5 33/42] apparmor: handle idmapped mounts, Christian Brauner
- [PATCH v5 29/42] ioctl: handle idmapped mounts, Christian Brauner
- Re: [PATCH v5 00/42] idmapped mounts, Darrick J. Wong
- Message not available
[PATCH testsuite] perf_event: update perf_event test for the new CAP_PERFMON capability, Ondrej Mosnacek
[PATCH] python/sepolgen: allow any policy statement in ifndef,
Vit Mojzis
[PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise,
Suren Baghdasaryan
[PATCH v15 0/4] SELinux support for anonymous inodes and UFFD,
Lokesh Gidra
[PATCH 1/1] mm/madvise: replace ptrace attach requirement for process_madvise,
Suren Baghdasaryan
[PATCH 1/2] libselinux: accept const fromcon in get_context API,
Christian Göttsche
[RFC PATCH v2] selinux: security: Move selinux_state to a separate page,
Preeti Nagar
[RFC PATCH] selinux: ARM64: Move selinux_state to a separate page, Preeti Nagar
[PATCH v14 0/4] SELinux support for anonymous inodes and UFFD,
Lokesh Gidra
[PATCH v10 0/8] IMA: support for measuring kernel integrity critical data,
Tushar Sugandhi
[PATCH v3 1/1] selinux-testsuite: Add userfaultfd test,
Lokesh Gidra
[PATCH 1/2] libsepol/cil: Update symtab nprim field when adding or removing datums,
James Carter
Git link to get semanage , sesearch source code,
Ashish Mishra
[PATCH] newrole: preserve environment variable XDG_RUNTIME_DIR,
Christian Göttsche
[PATCH 0/5] Clean up SELinux global variables,
Ondrej Mosnacek
[PATCH] libsepol: destroy filename_trans list properly,
Nicolas Iooss
[PATCH v2] libsepol/cil: fix NULL pointer dereference when parsing an improper integer,
Nicolas Iooss
[PATCH v2] libsepol: ensure that decls hold consistent symbols when loading a binary policy,
Nicolas Iooss
[PATCH] libsepol/cil: Fix heap-use-after-free in __class_reset_perm_values(),
James Carter
[PATCH] selinux: fall back to SECURITY_FS_USE_GENFS if no xattr support,
Ondrej Mosnacek
[PATCH] python/semanage: empty stdout before exiting on BrokenPipeError,
Vit Mojzis
Intent to release 3.2-rc1,
Petr Lautrbach
[PATCH v4] proc: Allow pid_revalidate() during LOOKUP_RCU,
Stephen Brennan
Selinux context type is same for root & normal user both,
Ashish Mishra
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Fedora Desktop]
[Kernel]
[KDE Users]
[Gnome Users]
