Security Enhanced Linux (SELINUX)
[Prev Page][Next Page]
- [PATCH 16/34] namei: handle idmapped mounts in may_*() helpers, (continued)
- [PATCH 16/34] namei: handle idmapped mounts in may_*() helpers, Christian Brauner
- [PATCH 10/34] attr: handle idmapped mounts, Christian Brauner
- [PATCH 21/34] open: handle idmapped mounts, Christian Brauner
- [PATCH 34/34] fat: handle idmapped mounts, Christian Brauner
- [PATCH 29/34] ima: handle idmapped mounts, Christian Brauner
- [PATCH 33/34] overlayfs: handle idmapped merged mounts, Christian Brauner
- [PATCH 26/34] fs: add helpers for idmap mounts, Christian Brauner
- [PATCH 30/34] ext4: support idmapped mounts, Christian Brauner
- [PATCH 14/34] commoncap: handle idmapped mounts, Christian Brauner
- [PATCH 12/34] xattr: handle idmapped mounts, Christian Brauner
- [PATCH 15/34] stat: add mapped_generic_fillattr(), Christian Brauner
- [PATCH 05/34] fs: introduce MOUNT_ATTR_IDMAP, Christian Brauner
- [PATCH 08/34] namei: add idmapped mount aware permission helpers, Christian Brauner
- [PATCH 09/34] inode: add idmapped mount aware init and permission helpers, Christian Brauner
- [PATCH 06/34] fs: add id translation helpers, Christian Brauner
- Re: [PATCH 00/34] fs: idmapped mounts, Sargun Dhillon
- Re: [PATCH 00/34] fs: idmapped mounts, Dave Chinner
- Re: [PATCH 00/34] fs: idmapped mounts, Eric W. Biederman
- Message not available
Re: [PATCH 00/34] fs: idmapped mounts, Andy Lutomirski
selinux_file_permission() on pipes/pseudo-files - performance issue,
Ondrej Mosnacek
[PATCH] libsemanage/genhomedircon: check usepasswd in add_user,
Vit Mojzis
[PATCH AUTOSEL 5.9 068/147] selinux: access policycaps with READ_ONCE/WRITE_ONCE, Sasha Levin
[PATCH AUTOSEL 5.8 060/132] selinux: access policycaps with READ_ONCE/WRITE_ONCE, Sasha Levin
[Travis/GitHub] Migrating SELinuxProject projects to travis-ci.com (vs. travis-ci.org),
Ondrej Mosnacek
How to avoid relabeling rootfs at every boot,
Ian M
[RESEND PATCH v18 4/4] overlayfs: inode_owner_or_capable called during execv, Mark Salyzyn
[PATCH 0/2] Fix ASCONF test and ensure it can be always run,
Ondrej Mosnacek
[PATCH testsuite] travis: update the kernel and reboot before running the suite,
Ondrej Mosnacek
[RESEND PATCH v18 0/4] overlayfs override_creds=off & nested get xattr fix,
Mark Salyzyn
[PATCH v18 0/4] overlayfs override_creds=off & nested get xattr fix,
Mark Salyzyn
Re: [PATCH v17 1/4] Add flags option to get xattr method paired to __vfs_getxattr,
Paul Moore
Re: [PATCH v17 0/4] overlayfs override_creds=off & nested get xattr fix, Paul Moore
[PATCH V2] libsepol/cil: Give error for more than one true or false block,
James Carter
[PATCH] libselinux: Add build option to disable X11 backend,
Björn Bidar
[PATCH] libselinux: LABEL_BACKEND_ANDROID add option to enable it,
Björn Bidar
[PATCH v5.4 v2 0/4] Update SELinuxfs out of tree and then swapover,
Daniel Burgener
[PATCH] libsepol/cil: Give error for more than one true or false block,
James Carter
[PATCH v5.4 0/3] Update SELinuxfs out of tree and then swapover,
Daniel Burgener
[PATCH] lsm_selinux: Convert to Markdown,
Richard Haines
[PATCH testsuite 0/1],
Ondrej Mosnacek
[PATCH 0/1] selinux-testsuite: Add btrfs support for filesystem tests,
Richard Haines
[GIT PULL] SELinux patches for v5.10,
Paul Moore
[PATCH 00/22] SELinux Notebook: Convert batch 3 to markdown/tidy up,
Richard Haines
- [PATCH 11/22] subjects: Convert to markdown, Richard Haines
- [PATCH 03/22] object_classes_permissions: : Tidy up formatting, Richard Haines
- [PATCH 08/22] selinux_cmds: Convert to markdown, Richard Haines
- [PATCH 09/22] selinux_overview: Convert to markdown, Richard Haines
- [PATCH 15/22] types_of_policy: Convert to markdown, Richard Haines
- [PATCH 22/22] xperm_rules: Tidy up formatting, Richard Haines
- [PATCH 18/22] userspace_libraries: Tidy up formatting, add toc, Richard Haines
- [PATCH 21/22] xen_statements: Tidy up formatting, Richard Haines
- [PATCH 19/22] vm_support: Tidy up formatting, Richard Haines
- [PATCH 01/22] kernel_policy_language: Tidy up formatting, Richard Haines
- [PATCH 06/22] postgresql: Tidy up formatting, Richard Haines
- [PATCH 12/22] toc: Tidy up formatting, Richard Haines
- [PATCH 13/22] type_enforcement: Convert to markdown, Richard Haines
- [PATCH 07/22] security_context: Convert to markdown, Richard Haines
- [PATCH 02/22] mls_statements: Convert to markdown, Richard Haines
- [PATCH 04/22] policy_config_files: Tidy up formatting, Richard Haines
- Re: [PATCH 00/22] SELinux Notebook: Convert batch 3 to markdown/tidy up, Paul Moore
- [PATCH 16/22] user_statements:: Tidy up formatting, Richard Haines
- [PATCH 20/22] x_windows: Tidy up formatting, Richard Haines
- [PATCH 14/22] type_statements: Add toc, tidy up formatting, Richard Haines
- [PATCH 05/22] policy_validation_example: Tidy up formatting, Richard Haines
- [PATCH 17/22] users: Tidy up formatting, Richard Haines
- [PATCH 10/22] sid_statement: Convert to markdown, Richard Haines
[PATCH v21 00/23] LSM: Module stacking for AppArmor,
Casey Schaufler
- [PATCH v21 01/23] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v21 02/23] LSM: Create and manage the lsmblob data structure., Casey Schaufler
- [PATCH v21 03/23] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v21 04/23] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v21 05/23] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v21 06/23] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v21 07/23] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v21 08/23] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v21 09/23] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v21 10/23] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v21 11/23] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
- [PATCH v21 12/23] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v21 13/23] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v21 14/23] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v21 15/23] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v21 16/23] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v21 17/23] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v21 18/23] LSM: Verify LSM display sanity in binder, Casey Schaufler
- [PATCH v21 19/23] audit: add support for non-syscall auxiliary records, Casey Schaufler
- [PATCH v21 20/23] Audit: Add new record for multiple process LSM attributes, Casey Schaufler
- [PATCH v21 21/23] Audit: Add a new record for multiple object LSM attributes, Casey Schaufler
- [PATCH v21 22/23] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v21 23/23] AppArmor: Remove the exclusive flag, Casey Schaufler
- Re: [PATCH v21 00/23] LSM: Module stacking for AppArmor, John Johansen
[PATCH v10 0/3] SELinux support for anonymous inodes and UFFD,
Lokesh Gidra
libsepol, libsemanage: drop duplicate and deprecated symbols,
Petr Lautrbach
Re: selinux: how to query if selinux is enabled,
Paul Moore
Re: [PATCH 4/4] libsemanage: Bump libsemanage.so version,
Petr Lautrbach
[PATCH 1/1] libselinux: convert matchpathcon to selabel_lookup(),
Nicolas Iooss
[PATCH 1/2] libsepol: drop confusing BUG_ON macro,
Nicolas Iooss
[PATCH userspace] libsepol/cil: fix signed overflow caused by using (1 << 31) - 1,
Nicolas Iooss
[PATCH v5 00/16] Introduce partial kernel_read_file() support,
Kees Cook
- [PATCH v5 01/16] fs/kernel_read_file: Remove FIRMWARE_PREALLOC_BUFFER enum, Kees Cook
- [PATCH v5 03/16] fs/kernel_read_file: Split into separate include file, Kees Cook
- [PATCH v5 05/16] fs/kernel_read_file: Remove redundant size argument, Kees Cook
- [PATCH v5 10/16] module: Call security_kernel_post_load_data(), Kees Cook
- [PATCH v5 09/16] firmware_loader: Use security_post_load_data(), Kees Cook
- [PATCH v5 15/16] firmware: Add request_partial_firmware_into_buf(), Kees Cook
- [PATCH v5 13/16] fs/kernel_file_read: Add "offset" arg for partial reads, Kees Cook
- [PATCH v5 14/16] firmware: Store opt_flags in fw_priv, Kees Cook
- [PATCH v5 11/16] LSM: Add "contents" flag to kernel_read_file hook, Kees Cook
- [PATCH v5 04/16] fs/kernel_read_file: Split into separate source file, Kees Cook
- [PATCH v5 12/16] IMA: Add support for file reads without contents, Kees Cook
- [PATCH v5 07/16] fs/kernel_read_file: Add file_size output argument, Kees Cook
- [PATCH v5 08/16] LSM: Introduce kernel_post_load_data() hook, Kees Cook
- [PATCH v5 06/16] fs/kernel_read_file: Switch buffer size arg to size_t, Kees Cook
- [PATCH v5 02/16] fs/kernel_read_file: Remove FIRMWARE_EFI_EMBEDDED enum, Kees Cook
- [PATCH v5 16/16] test_firmware: Test partial read support, Kees Cook
[PATCH][selinux-notebook] Link to Reference policy,
Topi Miettinen
[PATCH 1/4] libsepol: Get rid of the old and duplicated symbols,
Petr Lautrbach
[PATCH 0/3] Add LSM/SELinux support for GPRS Tunneling Protocol (GTP),
Richard Haines
[PATCH v2 0/1] selinux: fix error initialization in inode_doinit_with_dentry(), rentianyue
[RFC PATCH] lsm,selinux: pass the family information along with xfrm flow,
Paul Moore
Re: [PATCH v1 1/1] selinux: fix error initialization in inode_doinit_with_dentry(),
Stephen Smalley
Re: [PATCH v1 0/1] selinux: fix error initialization in inode_doinit_with_dentry(),
Paul Moore
[PATCH] selinux: provide a "no sooner than" date for the checkreqprot removal,
Paul Moore
[PATCH v2 0/1] selinux: Measure state and hash of policy using IMA,
Lakshmi Ramasubramanian
[RFC PATCH 0/1] selinux-testsuite: Add GTP tests,
Richard Haines
[RFC PATCH 0/3] Add LSM/SELinux support for GPRS Tunneling Protocol (GTP),
Richard Haines
[PATCH v9 0/3] SELinux support for anonymous inodes and UFFD,
Lokesh Gidra
[PATCH v4 0/6] IMA: Infrastructure for measurement of critical kernel data,
Tushar Sugandhi
[PATCH V2 1/1] selinux-testsuite: Update SCTP asconf client/server,
Richard Haines
Commit 13c164b1a186 - regression for LSMs/SELinux?,
Ondrej Mosnacek
[PATCH] ip.7: Document IP_PASSSEC for UDP sockets,
Stephen Smalley
`fixfiles -C` does not apply to all paths,
Cedric Buissart
[PATCH] socket.7,ip.7: Document SO_PEERSEC for AF_INET sockets,
Stephen Smalley
[PATCH] libsepol/cil: Fix neverallow checking involving classmaps,
James Carter
[PATCH 1/2] libselinux: Add additional log callback details in man page for auditing.,
Chris PeBenito
[RFC PATCH 1/1] libselinux: Revise userspace AVC avc_log() for auditable events.,
Chris PeBenito
secilc compiles invalid policy, Dominick Grift
[PATCH v2] socket.7,unix.7: add initial description for SO_PEERSEC,
Stephen Smalley
[PATCH v4] selinux: Add helper functions to get and set checkreqprot,
Lakshmi Ramasubramanian
classmapping with empty permissionset and neverallow leads to invalid policy,
bauen1
[PATCH v2 1/1] libselinux: Fix selabel_lookup() for the root dir.,
Chris PeBenito
[PATCH 1/1] libselinux: Fix selabel_lookup() for the root dir.,
Chris PeBenito
Re: [PATCH] reference_policy: Tidy up formatting, Paul Moore
[PATCH v3] selinux: Add helper functions to get and set checkreqprot,
Lakshmi Ramasubramanian
Behavior of extended permissions,
bauen1
[PATCH] socket.7,unix.7: add initial description for SO_PEERSEC,
Stephen Smalley
[PATCH] selinux: access policycaps with READ_ONCE/WRITE_ONCE,
Stephen Smalley
[PATCH] cil_access_vector_rules: fixes a typo,
Dominick Grift
[PATCH v2] selinux: Add helper functions to get and set checkreqprot,
Lakshmi Ramasubramanian
[PATCH v2] libsepol/cil: Validate constraint expressions before adding to binary policy,
James Carter
[PATCH v2] libsepol/cil: Validate conditional expressions before adding to binary policy,
James Carter
[PATCH] libsepol/cil: Validate conditional expressions before adding to binary policy,
James Carter
[PATCH] libsepol/cil: Validate constraint expressions before adding to binary policy,
James Carter
[PATCH] selinux: Add helper functions to get and set checkreqprot,
Lakshmi Ramasubramanian
[PATCH v2] libsepol/cil: Give an error when constraint expressions exceed max depth,
James Carter
[PATCH V2] network_support: Update LibreSwan configuration,
Richard Haines
[PATCH] cil_network_labeling_statements: fixes nodecon examples,
Dominick Grift
[PATCH] network_support: Update LibreSwan configuration,
Richard Haines
[RFC PATCH] xperm_rules: add two notes,
Christian Göttsche
[RFC PATCH] sched: only issue an audit on privileged operation,
Christian Göttsche
[PATCH] libsepol/cil: Give an error when constraint expressions exceed max depth,
James Carter
[PATCH testsuite] tests/Makefile: add kernel version check for watchkey,
Ondrej Mosnacek
Options to audit2allow and manpage phrasing,
Peter Whittaker
[PATCH 00/13] SELinux Notebook: Convert batch 2 to markdown,
Richard Haines
- [PATCH 01/13] libselinux_functions: Convert to markdown, Richard Haines
- Re: [PATCH 00/13] SELinux Notebook: Convert batch 2 to markdown, Paul Moore
- [PATCH 02/13] mac: Tidy formatting, Richard Haines
- [PATCH 03/13] modular_policy_statements: Convert to markdown, Richard Haines
- [PATCH 12/13] rbac: Minor format fix, Richard Haines
- [PATCH 11/13] polyinstantiation: Convert to markdown, Richard Haines
- [PATCH 06/13] objects: Convert to markdown, Richard Haines
- [PATCH 08/13] policy_config_statements: Convert to markdown, Richard Haines
- [PATCH 04/13] network_statements: Convert to markdown, Richard Haines
- [PATCH 09/13] policy_languages: Tidy up, Richard Haines
- [PATCH 05/13] network_support: Convert to markdown, Richard Haines
- [PATCH 10/13] policy_store_config_files: Add TOC and tidy up formatting, Richard Haines
- [PATCH 07/13] pam_login: Convert to markdown, Richard Haines
- [PATCH 13/13] role_statements: Convert to markdown, Richard Haines
[RFC PATCH] sched: do not issue an audit on unprivileged operation,
Christian Göttsche
[RFC PATCH] newrole: do not rely on hard-coded audith and pamh paths,
Dominick Grift
[PATCH] Optimize the calculation of security.sehash,
liwugang
Hiding names of unreadable files,
Mikhail Novosyolov
[PATCH v2 0/3] IMA: Generalize early boot data measurement,
Lakshmi Ramasubramanian
[PATCH v3 0/6] IMA: Infrastructure for measurement of critical kernel data,
Tushar Sugandhi
[PATCH v3] selinux: simplify away security_policydb_len(),
Ondrej Mosnacek
[PATCH 1/1] libselinux: Add new log callback levels for enforcing and policy load notices.,
Chris PeBenito
[PATCH testsuite] travis: add nftables to dependencies to run more tests,
Ondrej Mosnacek
[PATCH testsuite] tests/sctp: bump connect timeout to 4 seconds,
Ondrej Mosnacek
[PATCH v8 0/3] SELinux support for anonymous inodes and UFFD,
Lokesh Gidra
[PATCH v2] selinux: move policy mutex to selinux_state, use in lockdep checks,
Stephen Smalley
[PATCH v20 00/23] LSM: Module stacking for AppArmor,
Casey Schaufler
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Fedora Desktop]
[Kernel]
[KDE Users]
[Gnome Users]
