Security Enhanced Linux (SELINUX)
[Prev Page][Next Page]
- Re: [PATCH] selinux: reduce the use of hard-coded hash sizes, (continued)
- [PATCH v7 00/12] Introduce CAP_PERFMON to secure system performance monitoring and observability,
Alexey Budankov
- [PATCH v7 01/12] capabilities: introduce CAP_PERFMON to kernel and user space, Alexey Budankov
- [PATCH v7 02/12] perf/core: open access to the core for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v7 03/12] perf/core: open access to probes for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v7 04/12] perf tool: extend Perf tool with CAP_PERFMON capability support, Alexey Budankov
- [PATCH v7 05/12] drm/i915/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v7 06/12] trace/bpf_trace: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v7 07/12] powerpc/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v7 08/12] parisc/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v7 09/12] drivers/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v7 10/12] drivers/oprofile: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v7 11/12] doc/admin-guide: update perf-security.rst with CAP_PERFMON information, Alexey Budankov
- [PATCH v7 12/12] doc/admin-guide: update kernel.rst with CAP_PERFMON information, Alexey Budankov
- Re: [PATCH v7 00/12] Introduce CAP_PERFMON to secure system performance monitoring and observability, Alexey Budankov
- Duplicate hashtab code in libsepol vs. policycoreutils/newrole?,
Ondrej Mosnacek
- [PATCH v15 00/23] LSM: Module stacking for AppArmor,
Casey Schaufler
- [PATCH v15 01/23] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v15 03/23] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v15 02/23] LSM: Create and manage the lsmblob data structure., Casey Schaufler
- [PATCH v15 04/23] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v15 05/23] net: Prepare UDS for security module stacking, Casey Schaufler
- [PATCH v15 06/23] Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v15 07/23] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v15 08/23] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v15 09/23] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v15 10/23] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v15 11/23] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v15 12/23] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
- [PATCH v15 13/23] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v15 14/23] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v15 15/23] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v15 17/23] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v15 16/23] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v15 19/23] LSM: Verify LSM display sanity in binder, Casey Schaufler
- [PATCH v15 18/23] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v15 20/23] Audit: Add subj_LSM fields when necessary, Casey Schaufler
- [PATCH v15 21/23] Audit: Include object data for all security modules, Casey Schaufler
- [PATCH v15 23/23] AppArmor: Remove the exclusive flag, Casey Schaufler
- [PATCH v15 22/23] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- <Possible follow-ups>
- [PATCH v15 00/23] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v15 00/23] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v15 00/23] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v15 00/23] LSM: Module stacking for AppArmor, Casey Schaufler
- [PATCH v15 00/23] LSM: Module stacking for AppArmor, Casey Schaufler
- Re: [RFC PATCH 1/1] selinux-testsuite: Use native filesystem for fs tests,
Stephen Smalley
- [PATCH AUTOSEL 5.5 182/542] selinux: fall back to ref-walk if audit is required, Sasha Levin
- [PATCH AUTOSEL 5.5 181/542] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link", Sasha Levin
- [PATCH AUTOSEL 5.5 190/542] selinux: ensure we cleanup the internal AVC counters on error in avc_insert(),
Sasha Levin
- [PATCH AUTOSEL 5.5 249/542] selinux: ensure we cleanup the internal AVC counters on error in avc_update(), Sasha Levin
- [PATCH AUTOSEL 5.5 417/542] selinux: fix regression introduced by move_mount(2) syscall, Sasha Levin
- [PATCH AUTOSEL 5.4 157/459] selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon follow_link", Sasha Levin
- [PATCH AUTOSEL 5.4 158/459] selinux: fall back to ref-walk if audit is required, Sasha Levin
- [PATCH AUTOSEL 5.4 216/459] selinux: ensure we cleanup the internal AVC counters on error in avc_update(), Sasha Levin
- [PATCH AUTOSEL 5.4 357/459] selinux: fix regression introduced by move_mount(2) syscall, Sasha Levin
- [PATCH AUTOSEL 4.19 080/252] selinux: fall back to ref-walk if audit is required, Sasha Levin
- [PATCH AUTOSEL 4.19 085/252] selinux: ensure we cleanup the internal AVC counters on error in avc_insert(), Sasha Levin
- [PATCH AUTOSEL 4.19 115/252] selinux: ensure we cleanup the internal AVC counters on error in avc_update(), Sasha Levin
- [PATCH AUTOSEL 5.4 166/459] selinux: ensure we cleanup the internal AVC counters on error in avc_insert(), Sasha Levin
- [RFC PATCH] security,anon_inodes,kvm: enable security support for anon inodes,
Stephen Smalley
- [RFC PATCH 0/1] selinux-testsuite: Use native filesystem for fs tests,
Richard Haines
- [PATCH userspace v2] libsepol: cache ebitmap cardinality value,
Ondrej Mosnacek
- FYI: selinux/working-selinuxns branch has been updated, Paul Moore
- [PATCH userspace] libsepol: cache ebitmap cardinality value,
Ondrej Mosnacek
- [PATCH v2 0/2] Optimize storage of filename transitions,
Ondrej Mosnacek
- [PATCH v2 0/6] Harden userfaultfd,
Daniel Colascione
- [PATCH 0/2] Optimize storage of filename transitions,
Ondrej Mosnacek
- [PATCH] selinux-testsuite: add the quota package to the list of deps in README.md,
Paul Moore
- [PATCH v5] libselinux: Eliminate use of security_compute_user(),
Petr Lautrbach
- [GIT PULL] SELinux fixes for v5.6 (#1),
Paul Moore
- [PATCH v4] libselinux: Eliminate use of security_compute_user(),
Petr Lautrbach
- [PATCH v3] libselinux: Eliminate use of security_compute_user(),
Petr Lautrbach
- [PATCH] label_file.c: Fix MAC build,
Nick Kralevich
- [PATCH v3] security: selinux: allow per-file labeling for bpffs,
Steven Moreland
- [PATCH userspace] libsepol/cil: remove unnecessary hash tables,
Ondrej Mosnacek
- [PATCH] libselinux: drop error return from is_selinux_enabled.3,
Christian Göttsche
- [PATCH v2] security: selinux: allow per-file labeling for bpffs,
Steven Moreland
- [PATCH] security: selinux: allow per-file labeling for bpffs,
Steven Moreland
- [PATCH 0/2] userspace: Fix DEBUG=1 build,
Ondrej Mosnacek
- [RFC PATCH 0/2] userspace: Allow changing version of kernel policy built by semodule,
Ondrej Mosnacek
- Test to trace kernel bug in fsconfig(2) with nfs,
Richard Haines
- Test to trace kernel bug in fsconfig(2) with btrfs, Richard Haines
- IPv6 netmask in nodecon statement,
Christian Göttsche
- [PATCH v2] libselinux: Eliminate use of security_compute_user(),
Petr Lautrbach
- [RFC PATCH 0/1] selinux-testsuite: Test all mount option context types,
Richard Haines
- [ANNOUNCE][CFP] Linux Security Summit North America 2020,
James Morris
security/selinux: Add support for new key permissions,
Richard Haines
rangetranstion in cil fails and doesn't produce explanatory output,
Denis Obrezkov
[PATCH v3 0/5] selinux: Assorted simplifications and cleanups,
Ondrej Mosnacek
[PATCH] selinux: fix sidtab string cache locking,
Ondrej Mosnacek
[RFC PATCH] libsepol: Add 'key_perms' policy capability,
Richard Haines
[RFC PATCH 0/1] selinux-testsuite: Add additional key permission tests,
Richard Haines
[PATCH] selinux: Fix typo in filesystem name,
Hridya Valsaraju
[PATCH] selinux-testsuite: Binder goto brexit fix,
Richard Haines
[PATCH] libsepol/cil: Rewrite verification of map classes and classpermissionsets,
James Carter
[PATCH] libsepol: add support for new polcap genfs_seclabel_symlinks,
Christian Göttsche
[PATCH v3 1/2] testsuite: provide support for testing labeled NFS,
Stephen Smalley
[PATCH v2 1/2] testsuite: provide support for testing labeled NFS,
Stephen Smalley
[PATCH] testsuite: add further nfs tests,
Stephen Smalley
[PATCH 0/1] selinux-testsuite: Add watch_sb and watch_mount checks,
Richard Haines
[PATCH] testsuite: provide support for testing labeled NFS,
Stephen Smalley
[PATCH] testsuite: enable running over labeled NFS,
Stephen Smalley
[PATCH v2] selinux: remove unused initial SIDs and improve handling,
Stephen Smalley
[PATCH v2] libsepol,checkpolicy: support omitting unused initial sid contexts,
Stephen Smalley
[PATCH] libsepol,checkpolicy: support omitting unused initial sid contexts,
Stephen Smalley
CIL: another segfault producer,
Dominick Grift
[PATCH v6 00/10] Introduce CAP_PERFMON to secure system performance monitoring and observability,
Alexey Budankov
- [PATCH v6 01/10] capabilities: introduce CAP_PERFMON to kernel and user space, Alexey Budankov
- [PATCH v6 02/10] perf/core: open access to the core for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 03/10] perf/core: open access to probes for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 04/10] perf tool: extend Perf tool with CAP_PERFMON capability support, Alexey Budankov
- [PATCH v6 05/10] drm/i915/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 06/10] trace/bpf_trace: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 07/10] powerpc/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 08/10] parisc/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 09/10] drivers/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 10/10] drivers/oprofile: open access for CAP_PERFMON privileged process, Alexey Budankov
- <Possible follow-ups>
- [PATCH v6 00/10] Introduce CAP_PERFMON to secure system performance monitoring and observability, Alexey Budankov
- [PATCH v6 01/10] capabilities: introduce CAP_PERFMON to kernel and user space, Alexey Budankov
- [PATCH v6 02/10] perf/core: open access to the core for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 03/10] perf/core: open access to probes for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 04/10] perf tool: extend Perf tool with CAP_PERFMON capability support, Alexey Budankov
- [PATCH v6 05/10] drm/i915/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 06/10] trace/bpf_trace: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 07/10] powerpc/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 08/10] parisc/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 09/10] drivers/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v6 10/10] drivers/oprofile: open access for CAP_PERFMON privileged process, Alexey Budankov
possible deadlock in sidtab_sid2str_put,
syzbot
Re: possible deadlock in sidtab_sid2str_put, syzbot
[GIT PULL] SELinux patches for v5.6,
Paul Moore
[PATCH] selinux: remove unused initial SIDs and improve handling,
Stephen Smalley
question about fs sid,
Dominick Grift
[PATCH V2 0/2] selinux-testsuite: Add fs*(2) API filesystem tests,
Richard Haines
[PATCH] selinux: allow kernfs symlinks to inherit parent directory context,
Christian Göttsche
[PATCH 1/1] sel_avc_get_stat_idx should increase position index,
Vasily Averin
[PATCH] selinux: seq_file .next functions should increase position index, Vasily Averin
[PATCH v14 00/23] LSM: Module stacking for AppArmor,
Casey Schaufler
- [PATCH v14 01/23] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v14 03/23] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v14 02/23] LSM: Create and manage the lsmblob data structure., Casey Schaufler
- [PATCH v14 04/23] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v14 05/23] net: Prepare UDS for security module stacking, Casey Schaufler
- [PATCH v14 06/23] Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v14 07/23] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v14 08/23] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v14 09/23] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v14 10/23] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v14 11/23] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v14 13/23] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v14 12/23] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
- [PATCH v14 14/23] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v14 15/23] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v14 16/23] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v14 17/23] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v14 18/23] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v14 19/23] LSM: Verify LSM display sanity in binder, Casey Schaufler
- [PATCH v14 21/23] Audit: Include object data for all security modules, Casey Schaufler
- [PATCH v14 20/23] Audit: Add subj_LSM fields when necessary, Casey Schaufler
- [PATCH v14 22/23] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v14 23/23] AppArmor: Remove the exclusive flag, Casey Schaufler
- Re: [PATCH v14 00/23] LSM: Module stacking for AppArmor, Stephen Smalley
- Re: [PATCH v14 00/23] LSM: Module stacking for AppArmor, Stephen Smalley
[PATCH] selinux-testsuite: move variable definitions out of binder_common.h,
Paul Moore
Problems with the selinux-testsuite and GCC v10?,
Paul Moore
[PATCH] libsepol/cil: Fix bug in cil_copy_avrule() in extended permission handling,
James Carter
[PATCH] testsuite/policy: fixes for running on a labeled NFS mount,
Stephen Smalley
[PATCH userspace v2 0/4] Fix build with -fno-common,
Ondrej Mosnacek
SELinux issue with 'keys-acl' patch in kernel.org's 'linux-next' tree,
Richard Haines
[PATCH userspace 0/4] Fix build with -fno-common,
Ondrej Mosnacek
[PATCH v4] libsepol,checkpolicy: remove use of hardcoded security class values,
Stephen Smalley
[PATCH] libselinux: export flush_class_cache(), call it on policyload,
Stephen Smalley
[PATCH v5 0/10] Introduce CAP_PERFMON to secure system performance monitoring and observability,
Alexey Budankov
- [PATCH v5 01/10] capabilities: introduce CAP_PERFMON to kernel and user space, Alexey Budankov
- [PATCH v5 02/10] perf/core: open access to the core for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v5 03/10] perf/core: open access to anon probes for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v5 04/10] perf tool: extend Perf tool with CAP_PERFMON capability support, Alexey Budankov
- [PATCH v5 05/10] drm/i915/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v5 06/10] trace/bpf_trace: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v5 07/10] powerpc/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v5 08/10] parisc/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v5 09/10] drivers/perf: open access for CAP_PERFMON privileged process, Alexey Budankov
- [PATCH v5 10/10] drivers/oprofile: open access for CAP_PERFMON privileged process, Alexey Budankov
[PATCH 0/2] selinux-testsuite: Add fs*(2) API filesystem tests,
Richard Haines
[PATCH V7 0/1] selinux-testsuite: Add filesystem tests,
Richard Haines
[PATCH v2] selinux: fix regression introduced by move_mount(2) syscall,
Stephen Smalley
[PATCH v3] libsepol,checkpolicy: remove use of hardcoded security class values, Stephen Smalley
any reason why a class mapping is not able to solve permissionx?,
Dominick Grift
[PATCH] libselinux: update man pages for userspace policy enforcers,
Stephen Smalley
[PATCH] selinux: move status variables out of selinux_ss,
Ondrej Mosnacek
[PATCH v3] selinux: map RTM_GETLINK to a privileged permission, Jeff Vander Stoep
[PATCH v2 0/5] selinux: Assorted simplifications and cleanups,
Ondrej Mosnacek
[PATCH RFC] selinux: policydb - convert filename trans hash to rhashtable,
Lucas Stach
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Fedora Desktop]
[Kernel]
[KDE Users]
[Gnome Users]
