Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

[PATCH v3 11/11] drm: Replace strcpy() with __get_task_comm(), (continued)
- [PATCH v3 11/11] drm: Replace strcpy() with __get_task_comm(), Yafang Shao
  - Re: [PATCH v3 11/11] drm: Replace strcpy() with __get_task_comm(), Daniel Vetter
Re: [PATCH v2 0/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options, Paul Moore
- Re: [PATCH v2 0/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options, Ondrej Mosnacek
  - Re: [PATCH v2 0/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options, Paul Moore
ANN: SELinux userspace 3.7-rc3 release, Petr Lautrbach
[PATCH] libsepol: check scope permissions refer to valid class, Christian Göttsche
- Message not available
  - Re: [PATCH] libsepol: check scope permissions refer to valid class, Christian Göttsche
    - Re: [PATCH] libsepol: check scope permissions refer to valid class, James Carter
- Re: [PATCH] libsepol: check scope permissions refer to valid class, James Carter
  - Re: [PATCH] libsepol: check scope permissions refer to valid class, James Carter
[PATCH] libsepol: Do not reject all type rules in conditionals when validating, James Carter
- Re: [PATCH] libsepol: Do not reject all type rules in conditionals when validating, Christian Göttsche
  - Re: [PATCH] libsepol: Do not reject all type rules in conditionals when validating, Petr Lautrbach
    - Re: [PATCH] libsepol: Do not reject all type rules in conditionals when validating, James Carter
[PATCH v2 00/10] Improve the copy of task comm, Yafang Shao
- [PATCH v2 01/10] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
- [PATCH v2 02/10] auditsc: Replace memcpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 03/10] security: Replace memcpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 04/10] bpftool: Ensure task comm is always NUL-terminated, Yafang Shao
- [PATCH v2 05/10] mm/util: Fix possible race condition in kstrdup(), Yafang Shao
  - Re: [PATCH v2 05/10] mm/util: Fix possible race condition in kstrdup(), Andrew Morton
    - Re: [PATCH v2 05/10] mm/util: Fix possible race condition in kstrdup(), Linus Torvalds
      - Re: [PATCH v2 05/10] mm/util: Fix possible race condition in kstrdup(), Yafang Shao
    - Re: [PATCH v2 05/10] mm/util: Fix possible race condition in kstrdup(), Yafang Shao
- [PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm(), Yafang Shao
  - Re: [PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm(), Catalin Marinas
    - Re: [PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm(), Yafang Shao
      - Re: [PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm(), Catalin Marinas
        
        Re: [PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 07/10] tsacct: Replace strncpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 08/10] tracing: Replace strncpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 09/10] net: Replace strcpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 10/10] drm: Replace strcpy() with __get_task_comm(), Yafang Shao
[PATCH v2 0/4] Introduce user namespace capabilities, Jonathan Calmels
- [PATCH v2 1/4] capabilities: Add user namespace capabilities, Jonathan Calmels
  - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Serge E. Hallyn
    - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Jonathan Calmels
      - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Serge E. Hallyn
  - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Serge E. Hallyn
    - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Jonathan Calmels
      - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Serge E. Hallyn
- [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Jonathan Calmels
  - Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Serge E. Hallyn
    - Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Jonathan Calmels
      - Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Serge E. Hallyn
  - Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Jarkko Sakkinen
    - Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Jarkko Sakkinen
- [PATCH v2 3/4] capabilities: Add sysctl to mask off userns caps, Jonathan Calmels
- [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Jonathan Calmels
  - Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
    - Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Jonathan Calmels
      - Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, John Johansen
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Jonathan Calmels
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Jonathan Calmels
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, John Johansen
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Jonathan Calmels
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Serge E. Hallyn
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Dr. Greg
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
- Re: [PATCH v2 0/4] Introduce user namespace capabilities, Josef Bacik
  - Re: [PATCH v2 0/4] Introduce user namespace capabilities, Jonathan Calmels
[PATCH] libsepol: contify function pointer arrays, Christian Göttsche
- Re: [PATCH] libsepol: contify function pointer arrays, James Carter
  - Re: [PATCH] libsepol: contify function pointer arrays, James Carter
[PATCH] tree-wide: fix misc typos, Christian Göttsche
- Re: [PATCH] tree-wide: fix misc typos, James Carter
  - Re: [PATCH] tree-wide: fix misc typos, James Carter
[PATCH] checkpolicy: reject duplicate nodecon statements, Christian Göttsche
- Re: [PATCH] checkpolicy: reject duplicate nodecon statements, James Carter
  - Re: [PATCH] checkpolicy: reject duplicate nodecon statements, James Carter
[PATCH 1/2] libsepol: move unchanged data out of loop, Christian Göttsche
- [PATCH 2/2] libsepol: rework permission enabled check, Christian Göttsche
  - Re: [PATCH 2/2] libsepol: rework permission enabled check, James Carter
    - Re: [PATCH 2/2] libsepol: rework permission enabled check, James Carter
- Re: [PATCH 1/2] libsepol: move unchanged data out of loop, James Carter
  - Re: [PATCH 1/2] libsepol: move unchanged data out of loop, James Carter
[PATCH 1/2] libselinux: deprecate security_disable(3), Christian Göttsche
- [PATCH 2/2] libselinux: constify avc_open(3) parameter, Christian Göttsche
  - Re: [PATCH 2/2] libselinux: constify avc_open(3) parameter, James Carter
    - Re: [PATCH 2/2] libselinux: constify avc_open(3) parameter, James Carter
- Re: [PATCH 1/2] libselinux: deprecate security_disable(3), James Carter
  - Re: [PATCH 1/2] libselinux: deprecate security_disable(3), Christian Göttsche
    - Re: [PATCH 1/2] libselinux: deprecate security_disable(3), James Carter
[PATCH] libsepol: hashtab: save one comparison on hit, Christian Göttsche
- Re: [PATCH] libsepol: hashtab: save one comparison on hit, James Carter
  - Re: [PATCH] libsepol: hashtab: save one comparison on hit, James Carter
[PATCH] libsepol: validate attribute-type maps, Christian Göttsche
- Re: [PATCH] libsepol: validate attribute-type maps, James Carter
  - Re: [PATCH] libsepol: validate attribute-type maps, James Carter
[PATCH] fixfiles: drop unnecessary \ line endings, Petr Lautrbach
- Re: [PATCH] fixfiles: drop unnecessary \ line endings, James Carter
  - Re: [PATCH] fixfiles: drop unnecessary \ line endings, James Carter
ANN: SELinux userspace 3.7-rc2 release, Petr Lautrbach
[PATCH 0/6] kernel: Avoid memcpy of task comm, Yafang Shao
- [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
  - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Eric W. Biederman
    - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
      - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Alexei Starovoitov
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Eric W. Biederman
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Alexei Starovoitov
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Eric W. Biederman
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Alexei Starovoitov
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Linus Torvalds
      - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Eric W. Biederman
  - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Matus Jokay
  - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Matus Jokay
    - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
- [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Yafang Shao
  - Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Steven Rostedt
    - Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Linus Torvalds
      - Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Steven Rostedt
        
        Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Linus Torvalds
        
        Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Steven Rostedt
        
        Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Linus Torvalds
        
        Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Steven Rostedt
        
        Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Yafang Shao
- [PATCH 3/6] auditsc: Replace memcpy() with __get_task_comm(), Yafang Shao
  - Re: [PATCH 3/6] auditsc: Replace memcpy() with __get_task_comm(), Paul Moore
- [PATCH 4/6] security: Replace memcpy() with __get_task_comm(), Yafang Shao
  - Re: [PATCH 4/6] security: Replace memcpy() with __get_task_comm(), Paul Moore
- [PATCH 5/6] bpftool: Make task comm always be NUL-terminated, Yafang Shao
  - Re: [PATCH 5/6] bpftool: Make task comm always be NUL-terminated, Quentin Monnet
- [PATCH 6/6] selftests/bpf: Replace memcpy() with __get_task_comm(), Yafang Shao
[PATCH v3 1/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
- [PATCH v3 2/2 testsuite] tests/nfs_filesystem: comment out failing mount, Stephen Smalley
- Re: [PATCH v3 1/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Ondrej Mosnacek
  - Re: [PATCH v3 1/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
[PATCH v2 1/2] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
- [PATCH v2 2/2] tests/nfs_filesystem: remove failing mount, Stephen Smalley
- Re: [PATCH v2 1/2] tools/nfs.sh: comment out the fscontext= tests for now, Paul Moore
  - Re: [PATCH v2 1/2] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
  - Re: [PATCH v2 1/2] tools/nfs.sh: comment out the fscontext= tests for now, Ondrej Mosnacek
ANN: SELinux userspace 3.7-rc1 release, Petr Lautrbach
[PATCH PR #134] sesearch: CIL output, Topi Miettinen
[PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Christian König
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Thomas Hellström
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Rafael J. Wysocki
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Takashi Iwai
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Darrick J. Wong
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Guenter Roeck
  - Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
    - Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Guenter Roeck
      - Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Guenter Roeck
- Re: [f2fs-dev] [PATCH] tracing/treewide: Remove second parameter of __assign_str(), patchwork-bot+f2fs
Intent to release 3.7, Petr Lautrbach
- <Possible follow-ups>
- Intent to release 3.7, Petr Lautrbach
  - Re: Intent to release 3.7, Christian Göttsche
[PATCH 1/4] sandbox: do not fail without xmodmap, Petr Lautrbach
- [PATCH 4/4] sandbox: Add support for Wayland, Petr Lautrbach
- [PATCH 2/4] sandbox: do not run window manager if it's not a session, Petr Lautrbach
- [PATCH 3/4] seunshare: Add [ -P pipewiresocket ] [ -W waylandsocket ] options, Petr Lautrbach
- Re: [PATCH 1/4] sandbox: do not fail without xmodmap, James Carter
  - Re: [PATCH 1/4] sandbox: do not fail without xmodmap, Petr Lautrbach
[GIT PULL] selinux/selinux-pr-20240513, Paul Moore
- Re: [GIT PULL] selinux/selinux-pr-20240513, pr-tracker-bot
[PATCH 1/2] checkpolicy: perform contiguous check in host byte order, Christian Göttsche
- [PATCH 2/2] checkpolicy: support CIDR notation for nodecon statements, Christian Göttsche
- Re: [PATCH 1/2] checkpolicy: perform contiguous check in host byte order, James Carter
  - Re: [PATCH 1/2] checkpolicy: perform contiguous check in host byte order, James Carter
[RFC][PATCH] ima: Use sequence number to wait for policy updates, Roberto Sassu
- Re: [RFC][PATCH] ima: Use sequence number to wait for policy updates, Roberto Sassu
  - Re: [RFC][PATCH] ima: Use sequence number to wait for policy updates, Mimi Zohar
[PATCH v3] ima: Avoid blocking in RCU read-side critical section, GUO Zihua
- Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Mimi Zohar
- Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Casey Schaufler
  - Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Mimi Zohar
- Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, John Johansen
- Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Paul Moore
  - Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Paul Moore
    - Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Roberto Sassu
      - Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Paul Moore
[PATCH 1/2 testsuite] tests/nfs_filesystem: remove failing mount, Stephen Smalley
- [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
  - Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
    - Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
      - Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Paul Moore
        
        Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
        
        Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
        
        Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
[PATCH 1/4] libsepol: reject self flag in type rules in old policies, Christian Göttsche
- [PATCH 3/4] libsepol: validate type-attribute-map for old policies, Christian Göttsche
- [PATCH 4/4] libsepol: include prefix for module policy versions, Christian Göttsche
- [PATCH 2/4] libsepol: only exempt gaps checking for kernel policies, Christian Göttsche
- Re: [PATCH 1/4] libsepol: reject self flag in type rules in old policies, James Carter
  - Re: [PATCH 1/4] libsepol: reject self flag in type rules in old policies, James Carter
NFS context mount failures, Stephen Smalley
- Re: NFS context mount failures, Stephen Smalley
[PATCH v3] nfsd: set security label during create operations, Stephen Smalley
- Re: [PATCH v3] nfsd: set security label during create operations, Jeffrey Layton
- Re: [PATCH v3] nfsd: set security label during create operations, Chuck Lever
- Re: [PATCH v3] nfsd: set security label during create operations, NeilBrown
  - Re: [PATCH v3] nfsd: set security label during create operations, Stephen Smalley
    - Re: [PATCH v3] nfsd: set security label during create operations, NeilBrown
  - Re: [PATCH v3] nfsd: set security label during create operations, Stephen Smalley
    - Re: [PATCH v3] nfsd: set security label during create operations, Stephen Smalley
      - Re: [PATCH v3] nfsd: set security label during create operations, Stephen Smalley
[RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
- Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Casey Schaufler
  - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
    - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Casey Schaufler
      - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
        
        Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Casey Schaufler
        
        Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
        
        Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
        
        Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
- Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Serge Hallyn
  - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
    - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Serge E. Hallyn
- Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, KP Singh
  - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
[PATCH v2] nfsd: set security label during create operations, Stephen Smalley
- Re: [PATCH v2] nfsd: set security label during create operations, Chuck Lever
- Re: [PATCH v2] nfsd: set security label during create operations, Jeffrey Layton
  - Re: [PATCH v2] nfsd: set security label during create operations, Stephen Smalley
- Re: [PATCH v2] nfsd: set security label during create operations, kernel test robot
cgroup2 labeling status, Chris PeBenito
- Re: cgroup2 labeling status, Stephen Smalley
  - Re: cgroup2 labeling status, Chris PeBenito
    - Re: cgroup2 labeling status, Stephen Smalley
      - Re: cgroup2 labeling status, Chris PeBenito
[RFC][PATCH] nfsd: set security label during create operations, Stephen Smalley
- Re: [RFC][PATCH] nfsd: set security label during create operations, Jeffrey Layton
ANN: SETools 4.5.1, Chris PeBenito
ANN: new release of The SELinux Notebook, Paul Moore
[PATCH 1/3] libselinux: free empty scandir(3) result, Christian Göttsche
- [PATCH 2/3] libselinux: avoid pointer dereference before check, Christian Göttsche
  - Re: [PATCH 2/3] libselinux: avoid pointer dereference before check, William Roberts
- [PATCH 3/3] mcstrans: free constraint in error branch, Christian Göttsche
  - Re: [PATCH 3/3] mcstrans: free constraint in error branch, William Roberts
- Re: [PATCH 1/3] libselinux: free empty scandir(3) result, William Roberts
  - Re: [PATCH 1/3] libselinux: free empty scandir(3) result, Christian Göttsche
    - Re: [PATCH 1/3] libselinux: free empty scandir(3) result, William Roberts
      - Re: [PATCH 1/3] libselinux: free empty scandir(3) result, James Carter
- Re: [PATCH 1/3] libselinux: free empty scandir(3) result, James Carter
  - Re: [PATCH 1/3] libselinux: free empty scandir(3) result, James Carter
[PATCH 1/5] libselinux/man: correct file extension of man pages, Christian Göttsche
- [PATCH 2/5] libselinux/man: sync const qualifiers, Christian Göttsche
- [PATCH 4/5] libselinux/man: add format attribute for set_matchpathcon_printf(3), Christian Göttsche
- [PATCH 3/5] libselinux/man: use void in synopses, Christian Göttsche
- [PATCH 5/5] libselinux: constify selinux_set_mapping(3) parameter, Christian Göttsche
- Re: [PATCH 1/5] libselinux/man: correct file extension of man pages, James Carter
  - Re: [PATCH 1/5] libselinux/man: correct file extension of man pages, James Carter
[PATCH v2] ima: Avoid blocking in RCU read-side critical section, GUO Zihua
- Re: [PATCH v2] ima: Avoid blocking in RCU read-side critical section, Casey Schaufler
- Re: [PATCH v2] ima: Avoid blocking in RCU read-side critical section, Mimi Zohar
[PATCH v3 2/2] fs/xattr: add *at family syscalls, Christian Göttsche
- Re: [PATCH v3 2/2] fs/xattr: add *at family syscalls, Arnd Bergmann
- Re: [PATCH v3 2/2] fs/xattr: add *at family syscalls, Jan Kara
[PATCH] ima: Avoid blocking in RCU read-side critical section, GUO Zihua
- Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Stephen Smalley
  - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Guozihua (Scott)
    - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Stephen Smalley
      - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Guozihua (Scott)
  - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Roberto Sassu
    - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Mimi Zohar
    - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Stephen Smalley
      - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Stephen Smalley
[PATCH v2] libsepol: validate class permissions, Christian Göttsche
- Re: [PATCH v2] libsepol: validate class permissions, James Carter
  - Re: [PATCH v2] libsepol: validate class permissions, James Carter
[PATCH] github: bump Python and Ruby versions, Christian Göttsche
- Re: [PATCH] github: bump Python and Ruby versions, James Carter
  - Re: [PATCH] github: bump Python and Ruby versions, James Carter
[RFC PATCH 1/3] newrole: constant time password comparison, Christian Göttsche
- [RFC PATCH 2/3] newrole: cleanse shadow data hold by libc, Christian Göttsche
- [RFC PATCH 3/3] newrole: use ROWHAMMER resistant values, Christian Göttsche
- Re: [RFC PATCH 1/3] newrole: constant time password comparison, Stephen Smalley
  - Re: [RFC PATCH 1/3] newrole: constant time password comparison, Christian Göttsche
[PATCH 1/4] libsepol: improve policy lookup failure message, Christian Göttsche
- [PATCH 3/4] checkpolicy: declare file local variable static, Christian Göttsche
- [PATCH 2/4] checkpolicy/tests: add test for splitting xperm rule, Christian Göttsche
- [PATCH 4/4] checkpolicy: drop global policyvers variable, Christian Göttsche
- Re: [PATCH 1/4] libsepol: improve policy lookup failure message, James Carter
  - Re: [PATCH 1/4] libsepol: improve policy lookup failure message, James Carter
[PATCH] libsepol: validate class permissions, Christian Göttsche
- Re: [PATCH] libsepol: validate class permissions, James Carter
[PATCH 2/2] selinux: add support for xperms in conditional policies, Christian Göttsche
- [PATCH 1/2] selinux: constify source policy in cond_policydb_dup(), Christian Göttsche
  - Re: [PATCH 1/2] selinux: constify source policy in cond_policydb_dup(), Paul Moore
- Re: [PATCH 2/2] selinux: add support for xperms in conditional policies, Christian Göttsche
  - Re: [PATCH 2/2] selinux: add support for xperms in conditional policies, Stephen Smalley
    - Re: [PATCH 2/2] selinux: add support for xperms in conditional policies, Stephen Smalley
- [PATCH v2] selinux: add support for xperms in conditional policies, Christian Göttsche
  - Re: [PATCH v2] selinux: add support for xperms in conditional policies, Paul Moore
    - Re: [PATCH v2] selinux: add support for xperms in conditional policies, Christian Göttsche
      - Re: [PATCH v2] selinux: add support for xperms in conditional policies, Paul Moore
  - Re: [PATCH v2] selinux: add support for xperms in conditional policies, Stephen Smalley
  - Re: [PATCH v2] selinux: add support for xperms in conditional policies, Paul Moore
[PATCH v2] selinux: pre-allocate the status page, Christian Göttsche
- Re: [PATCH v2] selinux: pre-allocate the status page, Paul Moore
[PATCH] selinux: avoid printk_ratelimit(), Christian Göttsche
- Re: [PATCH] selinux: avoid printk_ratelimit(), Paul Moore
[PATCH] netlink: Remove the include of files doesn't exist, I Hsin Cheng
- Re: [PATCH] netlink: Remove the include of files doesn't exist, Stephen Smalley
[PATCH] selinux: clarify return code in filename_trans_read_helper_compat(), Ondrej Mosnacek
- Re: [PATCH] selinux: clarify return code in filename_trans_read_helper_compat(), Paul Moore
[bug report] selinux: optimize storage of filename transitions, Dan Carpenter
- Re: [bug report] selinux: optimize storage of filename transitions, Paul Moore
  - Re: [bug report] selinux: optimize storage of filename transitions, Ondrej Mosnacek
[GIT PULL] selinux/selinux-pr-20240402, Paul Moore
- Re: [GIT PULL] selinux/selinux-pr-20240402, pr-tracker-bot
[PATCH] libsepol: constify function pointer arrays, Christian Göttsche
- Re: [PATCH] libsepol: constify function pointer arrays, James Carter
  - Re: [PATCH] libsepol: constify function pointer arrays, James Carter
[PATCH 1/6] checkpolicy: include <ctype.h> for isprint(3), Christian Göttsche
- [PATCH 4/6] checkpolicy: drop never read member, Christian Göttsche
- [PATCH 5/6] checkpolicy: drop union stack_item_u, Christian Göttsche
- [PATCH 6/6] checkpolicy: free complete role_allow_rule on error, Christian Göttsche
- [PATCH 3/6] libsepol: validate access vector permissions, Christian Göttsche
- [PATCH 2/6] checkpolicy/fuzz: override YY_FATAL_ERROR, Christian Göttsche
- Re: [PATCH 1/6] checkpolicy: include <ctype.h> for isprint(3), James Carter
  - Re: [PATCH 1/6] checkpolicy: include <ctype.h> for isprint(3), James Carter
[PATCH] libsepol/cil: Check common perms when verifiying "all", James Carter
- Re: [PATCH] libsepol/cil: Check common perms when verifiying "all", James Carter
[PATCH 1/2] checkpolicy: free identifiers on invalid typebounds, Christian Göttsche
- [PATCH 2/2] checkpolicy: update error diagnostic, Christian Göttsche
- Re: [PATCH 1/2] checkpolicy: free identifiers on invalid typebounds, James Carter
  - Re: [PATCH 1/2] checkpolicy: free identifiers on invalid typebounds, James Carter
Re: Job Offer, Beckie Varnadore
[PATCH] selinux: pre-allocate the status page, Christian Göttsche
- Re: [PATCH] selinux: pre-allocate the status page, Paul Moore
[PATCH] selinux: avoid dereference of garbage after mount failure, Christian Göttsche
- Re: [PATCH] selinux: avoid dereference of garbage after mount failure, Casey Schaufler
- Re: [PATCH] selinux: avoid dereference of garbage after mount failure, Paul Moore
  - Re: [PATCH] selinux: avoid dereference of garbage after mount failure, Christian Göttsche
[PATCH] selinux: update numeric format specifiers for ebitmaps, Christian Göttsche
- Re: [PATCH] selinux: update numeric format specifiers for ebitmaps, Paul Moore
[PATCH] selinux: fix pr_err() format specifier in ebitmap_read(), Paul Moore
- Re: [PATCH] selinux: fix pr_err() format specifier in ebitmap_read(), Christian Göttsche
  - Re: [PATCH] selinux: fix pr_err() format specifier in ebitmap_read(), Paul Moore
Re: linux-next: build failure after merge of the selinux tree, Paul Moore
[PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, Christian Göttsche
- <Possible follow-ups>
- [PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, Christian Göttsche
  - Re: [PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, James Carter
    - Re: [PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, James Carter
[PATCH 1/2] checkpolicy: use YYerror only when available, Christian Göttsche
- [PATCH 2/2] checkpolicy: handle unprintable token, Christian Göttsche
- Re: [PATCH 1/2] checkpolicy: use YYerror only when available, James Carter
  - Re: [PATCH 1/2] checkpolicy: use YYerror only when available, James Carter
ANN: SETools 4.5.0, Chris PeBenito
Where to look for system services modified for SELinux, Casey Schaufler
- Re: Where to look for system services modified for SELinux, Stephen Smalley
  - Re: Where to look for system services modified for SELinux, Casey Schaufler
    - Re: Where to look for system services modified for SELinux, Petr Lautrbach
      - Re: Where to look for system services modified for SELinux, Petr Lautrbach
[PATCH PR#420 v4] audit2allow: CIL output mode, Topi Miettinen
- Re: [PATCH PR#420 v4] audit2allow: CIL output mode, James Carter
  - Re: [PATCH PR#420 v4] audit2allow: CIL output mode, James Carter
[PATCH v2 2/2] selinux: improve symtab string hashing, Christian Göttsche
- [PATCH v2 1/2] selinux: dump statistics for more hash tables, Christian Göttsche
  - Re: [PATCH v2 1/2] selinux: dump statistics for more hash tables, Paul Moore
- Re: [PATCH v2 2/2] selinux: improve symtab string hashing, Paul Moore
[PATCH v3] selinux: optimize ebitmap_and(), Christian Göttsche
- Re: [PATCH v3] selinux: optimize ebitmap_and(), Paul Moore
[RFC PATCH 2/2] selinux: wire up new execstack LSM hook, Christian Göttsche
[PATCH] selinux: use u32 as bit type in ebitmap code, Christian Göttsche
- Re: [PATCH] selinux: use u32 as bit type in ebitmap code, Paul Moore
[PATCH 2/2] selinux: make more use of current_sid(), Christian Göttsche
- [PATCH 1/2] selinux: avoid identifier using reserved name, Christian Göttsche
  - Re: [PATCH 1/2] selinux: avoid identifier using reserved name, Paul Moore
- Re: [PATCH 2/2] selinux: make more use of current_sid(), Paul Moore
[PATCH v2] selinux: reject invalid ebitmaps, Christian Göttsche
- Re: [PATCH v2] selinux: reject invalid ebitmaps, Paul Moore
[PATCH] libselinux: avoid logs in get_ordered_context_list() without policy, Christian Göttsche
- Re: [PATCH] libselinux: avoid logs in get_ordered_context_list() without policy, James Carter
[PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, Christian Göttsche
- Re: [PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, Serge Hallyn
- Re: [PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, Paul Moore
- Re: [PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, John Johansen
nfs client uses different MAC policy or model, Daniel Walker (danielwa)
- Re: nfs client uses different MAC policy or model, Jeff Layton
  - Re: nfs client uses different MAC policy or model, Daniel Walker (danielwa)
[PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, James Carter
- Re: [PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, Jordan Williams
  - Re: [PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, Winfried
- Re: [PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, James Carter
[PATCH 1/5] libselinux/utils/selabel_digest: drop unsupported option -d, Christian Göttsche
- [PATCH 2/5] libselinux/utils/selabel_digest: cleanup, Christian Göttsche
- [PATCH 4/5] libselinux: free data on selabel open failure, Christian Göttsche
- [PATCH 5/5] libselinux/utils/selabel_digest: pass BASEONLY only for file backend, Christian Göttsche
- [PATCH 3/5] libselinux/utils/selabel_digest: avoid buffer overflow, Christian Göttsche
- Re: [PATCH 1/5] libselinux/utils/selabel_digest: drop unsupported option -d, James Carter
  - Re: [PATCH 1/5] libselinux/utils/selabel_digest: drop unsupported option -d, James Carter
[GIT PULL] selinux/selinux-pr-20240312, Paul Moore
- Re: [GIT PULL] selinux/selinux-pr-20240312, pr-tracker-bot
[PATCH v2] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
- Re: [PATCH v2] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
[PATCH 1/5] checkpolicy/fuzz: drop redundant notdefined check, Christian Göttsche
- [PATCH 2/5] checkpolicy: clone level only once, Christian Göttsche
- [PATCH 3/5] checkpolicy: return YYerror on invalid character, Christian Göttsche
- [PATCH 5/5] checkpolicy/fuzz: scan Xen policies, Christian Göttsche
- [PATCH 4/5] libsepol: reject MLS support in pre-MLS policies, Christian Göttsche
- Re: [PATCH 1/5] checkpolicy/fuzz: drop redundant notdefined check, James Carter
  - Re: [PATCH 1/5] checkpolicy/fuzz: drop redundant notdefined check, James Carter
[PATCH] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
- Re: [PATCH] libsepol: Fix buffer overflow when using sepol_av_to_string(), Christian Göttsche
  - Re: [PATCH] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
[PATCH] checkpolicy/fuzz: Update check_level() to use notdefined field, James Carter
- Re: [PATCH] checkpolicy/fuzz: Update check_level() to use notdefined field, Christian Göttsche
  - Re: [PATCH] checkpolicy/fuzz: Update check_level() to use notdefined field, James Carter
[PATCH] selinux: improve error checking in sel_write_load(), Paul Moore
- Re: [PATCH] selinux: improve error checking in sel_write_load(), Paul Moore
- Re: [PATCH] selinux: improve error checking in sel_write_load(), Paul Moore
[Bug] WARNING: zero-size vmalloc in sel_write_load, Sam Sun
- Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Paul Moore
  - Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Christian Göttsche
    - Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Paul Moore
      - Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Sam Sun
        
        Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Paul Moore
        
        Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Sam Sun
[PATCH PR#420 v3] audit2allow: CIL output mode, Topi Miettinen
- Re: [PATCH PR#420 v3] audit2allow: CIL output mode, James Carter
[PATCH] libselinux/src/Makefile: fix reallocarray strlcpy detection, Jordan Williams
- Re: [PATCH] libselinux/src/Makefile: fix reallocarray strlcpy detection, James Carter
[PATCH] libsepoll/src/Makefile: Fix reallocarray detection when cross-compiling, Winfried Dobbe
- Re: [PATCH] libsepoll/src/Makefile: Fix reallocarray detection when cross-compiling, James Carter
[PATCH v3] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
- Re: [PATCH v3] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
ANN: Reference Policy 2.20240226, Chris PeBenito
[PATCH] selinux: cleanup selinux_lsm_getattr(), Paul Moore
- Re: [PATCH] selinux: cleanup selinux_lsm_getattr(), Paul Moore
Re: [PATCH 1/2] SELinux: Fix lsm_get_self_attr(), Paul Moore
- Re: [PATCH 1/2] SELinux: Fix lsm_get_self_attr(), Mickaël Salaün
  - Re: [PATCH 1/2] SELinux: Fix lsm_get_self_attr(), Paul Moore
[FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
- Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
- Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Jeff Johnson
  - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
    - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Kent Overstreet
      - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
    - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
- Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Alison Schofield
  - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
[PATCH 00/21] selinux: fix style issues in security/selinux/ss, Paul Moore
- [PATCH 03/21] selinux: fix style issues in security/selinux/ss/conditional.h, Paul Moore
- [PATCH 01/21] selinux: fix style issues in security/selinux/ss/avtab.h, Paul Moore
- [PATCH 02/21] selinux: fix style issues in security/selinux/ss/avtab.c, Paul Moore
- [PATCH 04/21] selinux: fix style issues in security/selinux/ss/conditional.c, Paul Moore
- [PATCH 05/21] selinux: fix style issues in security/selinux/ss/constraint.h, Paul Moore
- [PATCH 07/21] selinux: fix style issues in security/selinux/ss/context.h, Paul Moore
- [PATCH 08/21] selinux: fix style issues in security/selinux/ss/ebitmap.h, Paul Moore
- [PATCH 06/21] selinux: fix style issues in security/selinux/ss/context.h, Paul Moore
- [PATCH 10/21] selinux: fix style issues in security/selinux/ss/hashtab.h, Paul Moore
- [PATCH 09/21] selinux: fix style issues in security/selinux/ss/ebitmap.c, Paul Moore
- [PATCH 12/21] selinux: fix style issues in security/selinux/ss/mls.h, Paul Moore
- [PATCH 11/21] selinux: fix style issues in security/selinux/ss/hashtab.c, Paul Moore
- [PATCH 14/21] selinux: fix style issues in security/selinux/ss/mls_types.h, Paul Moore
- [PATCH 13/21] selinux: fix style issues in security/selinux/ss/mls.c, Paul Moore
- [PATCH 17/21] selinux: fix style issues in security/selinux/ss/services.h, Paul Moore
- [PATCH 16/21] selinux: fix style issues in security/selinux/ss/policydb.c, Paul Moore
- [PATCH 15/21] selinux: fix style issues in security/selinux/ss/policydb.h, Paul Moore
- [PATCH 18/21] selinux: fix style issues in security/selinux/ss/sidtab.h, Paul Moore
- [PATCH 19/21] selinux: fix style issues in security/selinux/ss/sidtab.c, Paul Moore
- [PATCH 20/21] selinux: fix style issues in security/selinux/ss/symtab.h, Paul Moore
- [PATCH 21/21] selinux: fix style issues in security/selinux/ss/symtab.c, Paul Moore
- Re: [PATCH 0/21] selinux: fix style issues in security/selinux/ss, Paul Moore
[PATCH] sepolgen: adjust parse for refpolicy, Christian Göttsche
- Re: [PATCH] sepolgen: adjust parse for refpolicy, James Carter
  - Re: [PATCH] sepolgen: adjust parse for refpolicy, James Carter
[PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities, Seth Forshee (DigitalOcean)
- [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h, Christian Brauner
- [PATCH v2 04/25] capability: rename cpu_vfs_cap_data to vfs_caps, Seth Forshee (DigitalOcean)
- [PATCH v2 02/25] mnt_idmapping: include cred.h, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 02/25] mnt_idmapping: include cred.h, Christian Brauner
- [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data, Christian Brauner
- [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Christian Brauner
    - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Christian Brauner
  - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Roberto Sassu
    - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Roberto Sassu
        
        Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
- [PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids, Christian Brauner
- [PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace, Christian Brauner
- [PATCH v2 12/25] selinux: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations, Paul Moore
    - Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations, Paul Moore
        
        Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
- [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Paul Moore
    - Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Christian Brauner
  - Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Roberto Sassu
    - Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Seth Forshee (DigitalOcean)
- [PATCH v2 14/25] evm: add support for fscaps security hooks, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Roberto Sassu
    - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Christian Brauner
      - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Roberto Sassu
        
        Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Christian Brauner
    - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Roberto Sassu
  - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Roberto Sassu
- [PATCH v2 13/25] smack: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 13/25] smack: add hooks for fscaps operations, Casey Schaufler
    - Re: [PATCH v2 13/25] smack: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
- [PATCH v2 08/25] xattr: add is_fscaps_xattr() helper, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 08/25] xattr: add is_fscaps_xattr() helper, Christian Brauner
- [PATCH v2 10/25] xattr: use is_fscaps_xattr(), Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 10/25] xattr: use is_fscaps_xattr(), Christian Brauner
- [PATCH v2 09/25] commoncap: use is_fscaps_xattr(), Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 09/25] commoncap: use is_fscaps_xattr(), Christian Brauner
- [PATCH v2 22/25] fs: use vfs interfaces for capabilities xattrs, Seth Forshee (DigitalOcean)
- [PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps, Christian Brauner
- [PATCH v2 17/25] fs: add vfs_get_fscaps(), Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 17/25] fs: add vfs_get_fscaps(), Christian Brauner
- [PATCH v2 20/25] ovl: add fscaps handlers, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 20/25] ovl: add fscaps handlers, Christian Brauner
  - Re: [PATCH v2 20/25] ovl: add fscaps handlers, Amir Goldstein
    - Re: [PATCH v2 20/25] ovl: add fscaps handlers, Seth Forshee (DigitalOcean)
- [PATCH v2 21/25] ovl: use vfs_{get,set}_fscaps() for copy-up, Seth Forshee (DigitalOcean)
- [PATCH v2 19/25] fs: add vfs_remove_fscaps(), Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 19/25] fs: add vfs_remove_fscaps(), Christian Brauner
- [PATCH v2 18/25] fs: add vfs_set_fscaps(), Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 18/25] fs: add vfs_set_fscaps(), Christian Brauner
- [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks, Paul Moore
    - Re: [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks, Paul Moore
- [PATCH v2 23/25] commoncap: remove cap_inode_getsecurity(), Seth Forshee (DigitalOcean)
- [PATCH v2 25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr(), Seth Forshee (DigitalOcean)
- [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
    - Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Christian Brauner
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Christian Brauner
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Mimi Zohar
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Mimi Zohar
- Re: [PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities, Christian Brauner
  - Re: [PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities, Seth Forshee (DigitalOcean)
[PATCH v2] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
- Re: [PATCH v2] checkpolicy, libsepol: Fix potential double free of mls_level_t, Christian Göttsche
  - Re: [PATCH v2] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
[PATCH PR#420 v2] audit2allow: CIL output mode, Topi Miettinen
[PATCH PR#420] audit2allow: CIL output mode, Topi Miettinen
- Re: [PATCH PR#420] audit2allow: CIL output mode, James Carter
[PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
- <Possible follow-ups>
- [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
  - Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
    - Re: [PATCH] Always build for LFS mode on 32-bit archs., Kees Cook
      - Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Christian Göttsche
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Christian Göttsche
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Petr Lautrbach
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Chris Hofstaedtler
- [PATCH] Always build for LFS mode on 32-bit archs., Christian Göttsche
  - Re: [PATCH] Always build for LFS mode on 32-bit archs., James Carter
    - Re: [PATCH] Always build for LFS mode on 32-bit archs., James Carter
[PATCH v7 0/4] per-vma locks in userfaultfd, Lokesh Gidra
- [PATCH v7 1/4] userfaultfd: move userfaultfd_ctx struct to header file, Lokesh Gidra
- [PATCH v7 3/4] mm: add vma_assert_locked() for !CONFIG_PER_VMA_LOCK, Lokesh Gidra
  - Re: [PATCH v7 3/4] mm: add vma_assert_locked() for !CONFIG_PER_VMA_LOCK, Suren Baghdasaryan
- [PATCH v7 4/4] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
- [PATCH v7 2/4] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
[PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure, Roberto Sassu
- [PATCH v10 01/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 02/25] ima: Align ima_file_mprotect() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 03/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 04/25] ima: Align ima_inode_removexattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 05/25] ima: Align ima_post_read_file() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 09/25] security: Align inode_setattr hook definition with EVM, Roberto Sassu
- [PATCH v10 10/25] security: Introduce inode_post_setattr hook, Roberto Sassu
- [PATCH v10 11/25] security: Introduce inode_post_removexattr hook, Roberto Sassu
- [PATCH v10 12/25] security: Introduce file_post_open hook, Roberto Sassu
- [PATCH v10 13/25] security: Introduce file_release hook, Roberto Sassu
- [PATCH v10 14/25] security: Introduce path_post_mknod hook, Roberto Sassu
- [PATCH v10 15/25] security: Introduce inode_post_create_tmpfile hook, Roberto Sassu
- [PATCH v10 16/25] security: Introduce inode_post_set_acl hook, Roberto Sassu
- [PATCH v10 17/25] security: Introduce inode_post_remove_acl hook, Roberto Sassu
- [PATCH v10 18/25] security: Introduce key_post_create_or_update hook, Roberto Sassu
- [PATCH v10 19/25] integrity: Move integrity_kernel_module_request() to IMA, Roberto Sassu
  - Re: [PATCH v10 19/25] integrity: Move integrity_kernel_module_request() to IMA, Roberto Sassu
    - Re: [PATCH v10 19/25] integrity: Move integrity_kernel_module_request() to IMA, Mimi Zohar
- [PATCH v10 20/25] ima: Move to LSM infrastructure, Roberto Sassu
- [PATCH v10 21/25] ima: Move IMA-Appraisal to LSM infrastructure, Roberto Sassu
- [PATCH v10 23/25] evm: Make it independent from 'integrity' LSM, Roberto Sassu
- [PATCH v10 24/25] ima: Make it independent from 'integrity' LSM, Roberto Sassu
- [PATCH v10 25/25] integrity: Remove LSM, Roberto Sassu
- [PATCH v10 22/25] evm: Move to LSM infrastructure, Roberto Sassu
- Re: [PATCH v10 0/25] security: Move IMA and EVM to the LSM infrastructure, Paul Moore
  - Re: [PATCH v10 0/25] security: Move IMA and EVM to the LSM infrastructure, Roberto Sassu
- Re: [PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure, Eric Snowberg
[PATCH v6 0/3] per-vma locks in userfaultfd, Lokesh Gidra
- [PATCH v6 1/3] userfaultfd: move userfaultfd_ctx struct to header file, Lokesh Gidra
- [PATCH v6 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
- [PATCH v6 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
  - Re: [PATCH v6 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Ryan Roberts
    - Re: [PATCH v6 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Suren Baghdasaryan
      - Re: [PATCH v6 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v6 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Ryan Roberts
- Re: [PATCH v6 0/3] per-vma locks in userfaultfd, Liam R. Howlett
[PATCH] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
- Re: [PATCH] checkpolicy, libsepol: Fix potential double free of mls_level_t, Christian Göttsche
  - Re: [PATCH] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
[PATCH v5 0/3] per-vma locks in userfaultfd, Lokesh Gidra
- [PATCH v5 1/3] userfaultfd: move userfaultfd_ctx struct to header file, Lokesh Gidra
- [PATCH v5 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
- [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
  - Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
    - Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
      - Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Suren Baghdasaryan
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Suren Baghdasaryan
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Suren Baghdasaryan
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
[PATCH testsuite] tests/inet_socket: test CALIPSO also with datagram protocols, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/inet_socket: test CALIPSO also with datagram protocols, Ondrej Mosnacek
[PATCH v4 0/3] per-vma locks in userfaultfd, Lokesh Gidra
- [PATCH v4 1/3] userfaultfd: move userfaultfd_ctx struct to header file, Lokesh Gidra
- [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
  - Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
    - Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
      - Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
- [PATCH v4 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
[PATCH testsuite] policy: fix testsuite_domain_type_minimal() to work with rpm-ostree, Ondrej Mosnacek
- Re: [PATCH testsuite] policy: fix testsuite_domain_type_minimal() to work with rpm-ostree, Ondrej Mosnacek
[PATCH] python/semanage: Do not sort local fcontext definitions, Vit Mojzis
- Re: [PATCH] python/semanage: Do not sort local fcontext definitions, Petr Lautrbach
  - Re: [PATCH] python/semanage: Do not sort local fcontext definitions, Vit Mojzis
    - Re: [PATCH] python/semanage: Do not sort local fcontext definitions, James Carter

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]