Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

Re: [PATCH v2] libsemanage: Preserve file context and ownership in policy store, (continued)
[PATCH bpf-next v4 13/20] bpf, lsm: Add check for BPF LSM return value, Xu Kuohai
- [PATCH bpf-next v4 14/20] bpf: Prevent tail call between progs attached to different hooks, Xu Kuohai
- [PATCH bpf-next v4 16/20] bpf: Add a special case for bitwise AND on range [-1, 0], Xu Kuohai
- [PATCH bpf-next v4 17/20] selftests/bpf: Avoid load failure for token_lsm.c, Xu Kuohai
- [PATCH bpf-next v4 18/20] selftests/bpf: Add return value checks for failed tests, Xu Kuohai
- [PATCH bpf-next v4 19/20] selftests/bpf: Add test for lsm tail call, Xu Kuohai
- [PATCH bpf-next v4 20/20] selftests/bpf: Add verifier tests for bpf lsm, Xu Kuohai
- [PATCH bpf-next v4 15/20] bpf: Fix compare error in function retval_range_within, Xu Kuohai
[PATCH bpf-next v4 00/20] Add return value range check for BPF LSM, Xu Kuohai
- [PATCH bpf-next v4 02/20] lsm: Refactor return value of LSM hook inode_need_killpriv, Xu Kuohai
  - Re: [PATCH bpf-next v4 02/20] lsm: Refactor return value of LSM hook inode_need_killpriv, Serge Hallyn
    - Re: [PATCH bpf-next v4 02/20] lsm: Refactor return value of LSM hook inode_need_killpriv, Xu Kuohai
  - Re: [PATCH v4 2/20] lsm: Refactor return value of LSM hook inode_need_killpriv, Paul Moore
    - Re: [PATCH v4 2/20] lsm: Refactor return value of LSM hook inode_need_killpriv, Xu Kuohai
- [PATCH bpf-next v4 05/20] lsm: Refactor return value of LSM hook inode_copy_up_xattr, Xu Kuohai
  - Re: [PATCH v4 5/20] lsm: Refactor return value of LSM hook inode_copy_up_xattr, Paul Moore
    - Re: [PATCH v4 5/20] lsm: Refactor return value of LSM hook inode_copy_up_xattr, Xu Kuohai
- [PATCH bpf-next v4 08/20] lsm: Refactor return value of LSM hook getprocattr, Xu Kuohai
  - Re: [PATCH v4 8/20] lsm: Refactor return value of LSM hook getprocattr, Paul Moore
    - Re: [PATCH v4 8/20] lsm: Refactor return value of LSM hook getprocattr, Xu Kuohai
- [PATCH bpf-next v4 11/20] bpf, lsm: Add disabled BPF LSM hook list, Xu Kuohai
  - Re: [PATCH bpf-next v4 11/20] bpf, lsm: Add disabled BPF LSM hook list, Alexei Starovoitov
    - Re: [PATCH bpf-next v4 11/20] bpf, lsm: Add disabled BPF LSM hook list, Xu Kuohai
- [PATCH bpf-next v4 04/20] lsm: Refactor return value of LSM hook inode_listsecurity, Xu Kuohai
  - Re: [PATCH v4 4/20] lsm: Refactor return value of LSM hook inode_listsecurity, Paul Moore
    - Re: [PATCH v4 4/20] lsm: Refactor return value of LSM hook inode_listsecurity, Xu Kuohai
- [PATCH bpf-next v4 03/20] lsm: Refactor return value of LSM hook inode_getsecurity, Xu Kuohai
  - Re: [PATCH bpf-next v4 03/20] lsm: Refactor return value of LSM hook inode_getsecurity, Simon Horman
    - Re: [PATCH bpf-next v4 03/20] lsm: Refactor return value of LSM hook inode_getsecurity, Xu Kuohai
  - Re: [PATCH v4 3/20] lsm: Refactor return value of LSM hook inode_getsecurity, Paul Moore
    - Re: [PATCH v4 3/20] lsm: Refactor return value of LSM hook inode_getsecurity, Xu Kuohai
- [PATCH bpf-next v4 01/20] lsm: Refactor return value of LSM hook vm_enough_memory, Xu Kuohai
  - Re: [PATCH bpf-next v4 01/20] lsm: Refactor return value of LSM hook vm_enough_memory, Serge Hallyn
  - Re: [PATCH v4 1/20] lsm: Refactor return value of LSM hook vm_enough_memory, Paul Moore
- [PATCH bpf-next v4 07/20] lsm: Refactor return value of LSM hook setprocattr, Xu Kuohai
  - Re: [PATCH v4 7/20] lsm: Refactor return value of LSM hook setprocattr, Paul Moore
    - Re: [PATCH v4 7/20] lsm: Refactor return value of LSM hook setprocattr, Xu Kuohai
- [PATCH bpf-next v4 06/20] lsm: Refactor return value of LSM hook getselfattr, Xu Kuohai
  - Re: [PATCH v4 6/20] lsm: Refactor return value of LSM hook getselfattr, Paul Moore
    - Re: [PATCH v4 6/20] lsm: Refactor return value of LSM hook getselfattr, Xu Kuohai
- [PATCH bpf-next v4 09/20] lsm: Refactor return value of LSM hook key_getsecurity, Xu Kuohai
  - Re: [PATCH v4 9/20] lsm: Refactor return value of LSM hook key_getsecurity, Paul Moore
    - Re: [PATCH v4 9/20] lsm: Refactor return value of LSM hook key_getsecurity, Xu Kuohai
      - Re: [PATCH v4 9/20] lsm: Refactor return value of LSM hook key_getsecurity, Paul Moore
        
        Re: [PATCH v4 9/20] lsm: Refactor return value of LSM hook key_getsecurity, Xu Kuohai
        
        Re: [PATCH v4 9/20] lsm: Refactor return value of LSM hook key_getsecurity, Paul Moore
- [PATCH bpf-next v4 10/20] lsm: Refactor return value of LSM hook audit_rule_match, Xu Kuohai
  - Re: [PATCH v4 10/20] lsm: Refactor return value of LSM hook audit_rule_match, Paul Moore
    - Re: [PATCH v4 10/20] lsm: Refactor return value of LSM hook audit_rule_match, Xu Kuohai
- [PATCH bpf-next v4 12/20] bpf, lsm: Enable BPF LSM prog to read/write return value parameters, Xu Kuohai
- Re: [PATCH bpf-next v4 00/20] Add return value range check for BPF LSM, Paul Moore
  - Re: [PATCH bpf-next v4 00/20] Add return value range check for BPF LSM, Paul Moore
- Re: [PATCH bpf-next v4 00/20] Add return value range check for BPF LSM, Paul Moore
  - Re: [PATCH bpf-next v4 00/20] Add return value range check for BPF LSM, Paul Moore
    - Re: [PATCH bpf-next v4 00/20] Add return value range check for BPF LSM, Xu Kuohai
[PATCH -next] selinux: refactor code to return the correct errno, Gaosheng Cui
- Re: [PATCH] selinux: refactor code to return the correct errno, Paul Moore
  - Re: [PATCH] selinux: refactor code to return the correct errno, cuigaosheng
In permissive setting labels that are not in host policy when running unprivileged fails with EINVAL, Petr Lautrbach
- Re: In permissive setting labels that are not in host policy when running unprivileged fails with EINVAL, Stephen Smalley
  - Re: In permissive setting labels that are not in host policy when running unprivileged fails with EINVAL, Paul Moore
    - Re: In permissive setting labels that are not in host policy when running unprivileged fails with EINVAL, Petr Lautrbach
  - Re: In permissive setting labels that are not in host policy when running unprivileged fails with EINVAL, Dominick Grift
    - Re: In permissive setting labels that are not in host policy when running unprivileged fails with EINVAL, Stephen Smalley
      - Re: In permissive setting labels that are not in host policy when running unprivileged fails with EINVAL, Dominick Grift
[RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Paul Moore
- Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Paul Moore
  - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Mickaël Salaün
    - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Paul Moore
      - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Mickaël Salaün
        
        Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Paul Moore
- Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Mickaël Salaün
  - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Paul Moore
    - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Casey Schaufler
      - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Paul Moore
    - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Mickaël Salaün
      - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Paul Moore
  - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Matus Jokay
    - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Paul Moore
      - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Dave Chinner
        
        Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Matus Jokay
        
        Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Christian Brauner
        
        Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Paul Moore
        
        Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Dave Chinner
        
        Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Christian Brauner
      - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Matus Jokay
        
        Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Paul Moore
        
        Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Matus Jokay
- Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Roberto Sassu
  - Re: [RFC PATCH] lsm: add the inode_free_security_rcu() LSM implementation hook, Paul Moore
[PATCH] libselinux: set free'd data to NULL, Petr Lautrbach
- Re: [PATCH] libselinux: set free'd data to NULL, James Carter
  - Re: [PATCH] libselinux: set free'd data to NULL, Petr Lautrbach
Regression in 5876aca0484f ("libselinux: free data on selabel open failure"), Petr Lautrbach
- Re: Regression in 5876aca0484f ("libselinux: free data on selabel open failure"), Petr Lautrbach
[PATCH] checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix, James Carter
- Re: [PATCH] checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix, Stephen Smalley
  - Re: [PATCH] checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix, Stephen Smalley
    - Re: [PATCH] checkpolicy: Check the right bits of an ibpkeycon rule subnet prefix, Stephen Smalley
[PATCH] selinux,smack: remove the capability checks in the removexattr hooks, Paul Moore
- Re: [PATCH] selinux,smack: remove the capability checks in the removexattr hooks, Paul Moore
  - Re: [PATCH] selinux,smack: remove the capability checks in the removexattr hooks, Casey Schaufler
    - Re: [PATCH] selinux,smack: remove the capability checks in the removexattr hooks, Paul Moore
- Re: [PATCH] selinux,smack: remove the capability checks in the removexattr hooks, Casey Schaufler
  - Re: [PATCH] selinux,smack: remove the capability checks in the removexattr hooks, Paul Moore
[PATCH testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup, GONG, Ruiqi
- Re: [PATCH testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup, Gong Ruiqi
  - Re: [PATCH testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup, Paul Moore
    - Re: [PATCH testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup, Gong Ruiqi
      - Re: [PATCH testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup, Ondrej Mosnacek
        
        Re: [PATCH testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup, Gong Ruiqi
        
        Re: [PATCH testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup, Ondrej Mosnacek
        
        Re: [PATCH testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup, Stephen Smalley
        
        Re: [PATCH testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup, Ondrej Mosnacek
        
        Re: [PATCH testsuite] tests/task_setscheduler: add cgroup v2 case for moving proc to root cgroup, Stephen Smalley
[PATCH] libselinux: Fix integer comparison issues when compiling for 32-bit, James Carter
- Re: [PATCH] libselinux: Fix integer comparison issues when compiling for 32-bit, Christian Göttsche
  - Re: [PATCH] libselinux: Fix integer comparison issues when compiling for 32-bit, Stephen Smalley
    - Re: [PATCH] libselinux: Fix integer comparison issues when compiling for 32-bit, James Carter
- Re: [PATCH] libselinux: Fix integer comparison issues when compiling for 32-bit, Stephen Smalley
  - Re: [PATCH] libselinux: Fix integer comparison issues when compiling for 32-bit, Stephen Smalley
UnicodeDecodeError: utf-8 on python semanage -i import, Allan Oepping
- Re: UnicodeDecodeError: utf-8 on python semanage -i import, Stephen Smalley
  - Re: UnicodeDecodeError: utf-8 on python semanage -i import, Stephen Smalley
[PATCH] selinux: Streamline type determination in security_compute_sid, Canfeng Guo
- Re: [PATCH] selinux: Streamline type determination in security_compute_sid, Paul Moore
- <Possible follow-ups>
- [PATCH] selinux: Streamline type determination in security_compute_sid, Canfeng Guo
  - Re: [PATCH] selinux: Streamline type determination in security_compute_sid, Paul Moore
    - Re: [PATCH] selinux: Streamline type determination in security_compute_sid, Paul Moore
[PATCH] selinux: Use 1UL for EBITMAP_BIT to match maps type, Canfeng Guo
- Re: [PATCH] selinux: Use 1UL for EBITMAP_BIT to match maps type, Paul Moore
[PATCH v4 00/11] Improve the copy of task comm, Yafang Shao
- [PATCH v4 01/11] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
  - [PATCH v4 02/11] auditsc: Replace memcpy() with __get_task_comm(), Yafang Shao
  - [PATCH v4 03/11] security: Replace memcpy() with __get_task_comm(), Yafang Shao
  - [PATCH v4 04/11] bpftool: Ensure task comm is always NUL-terminated, Yafang Shao
  - [PATCH v4 05/11] mm/util: Fix possible race condition in kstrdup(), Yafang Shao
  - [PATCH v4 06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul}, Yafang Shao
  - [PATCH v4 07/11] mm/kmemleak: Replace strncpy() with __get_task_comm(), Yafang Shao
  - [PATCH v4 08/11] tsacct: Replace strncpy() with __get_task_comm(), Yafang Shao
  - [PATCH v4 09/11] tracing: Replace strncpy() with __get_task_comm(), Yafang Shao
  - [PATCH v4 10/11] net: Replace strcpy() with __get_task_comm(), Yafang Shao
  - [PATCH v4 11/11] drm: Replace strcpy() with __get_task_comm(), Yafang Shao
ANN: SELinux userspace 3.7, Petr Lautrbach
[PATCH v2] libselinux: deprecate security_disable(3), Christian Göttsche
- Re: [PATCH v2] libselinux: deprecate security_disable(3), James Carter
  - Re: [PATCH v2] libselinux: deprecate security_disable(3), James Carter
[PATCH v3 00/11] Improve the copy of task comm, Yafang Shao
- [PATCH v3 01/11] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
- [PATCH v3 02/11] auditsc: Replace memcpy() with __get_task_comm(), Yafang Shao
- [PATCH v3 03/11] security: Replace memcpy() with __get_task_comm(), Yafang Shao
- [PATCH v3 04/11] bpftool: Ensure task comm is always NUL-terminated, Yafang Shao
- [PATCH v3 05/11] mm/util: Fix possible race condition in kstrdup(), Yafang Shao
- [PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul}, Yafang Shao
  - Re: [PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul}, Simon Horman
    - Re: [PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul}, Yafang Shao
  - Re: [PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul}, Matthew Wilcox
    - Re: [PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul}, Yafang Shao
      - Re: [PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul}, Matthew Wilcox
        
        Re: [PATCH v3 06/11] mm/util: Deduplicate code in {kstrdup,kstrndup,kmemdup_nul}, Yafang Shao
- [PATCH v3 07/11] mm/kmemleak: Replace strncpy() with __get_task_comm(), Yafang Shao
- [PATCH v3 08/11] tsacct: Replace strncpy() with __get_task_comm(), Yafang Shao
- [PATCH v3 09/11] tracing: Replace strncpy() with __get_task_comm(), Yafang Shao
  - Re: [PATCH v3 09/11] tracing: Replace strncpy() with __get_task_comm(), Google
- [PATCH v3 10/11] net: Replace strcpy() with __get_task_comm(), Yafang Shao
- [PATCH v3 11/11] drm: Replace strcpy() with __get_task_comm(), Yafang Shao
  - Re: [PATCH v3 11/11] drm: Replace strcpy() with __get_task_comm(), Daniel Vetter
Re: [PATCH v2 0/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options, Paul Moore
- Re: [PATCH v2 0/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options, Ondrej Mosnacek
  - Re: [PATCH v2 0/2] cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options, Paul Moore
ANN: SELinux userspace 3.7-rc3 release, Petr Lautrbach
[PATCH] libsepol: check scope permissions refer to valid class, Christian Göttsche
- Message not available
  - Re: [PATCH] libsepol: check scope permissions refer to valid class, Christian Göttsche
    - Re: [PATCH] libsepol: check scope permissions refer to valid class, James Carter
- Re: [PATCH] libsepol: check scope permissions refer to valid class, James Carter
  - Re: [PATCH] libsepol: check scope permissions refer to valid class, James Carter
[PATCH] libsepol: Do not reject all type rules in conditionals when validating, James Carter
- Re: [PATCH] libsepol: Do not reject all type rules in conditionals when validating, Christian Göttsche
  - Re: [PATCH] libsepol: Do not reject all type rules in conditionals when validating, Petr Lautrbach
    - Re: [PATCH] libsepol: Do not reject all type rules in conditionals when validating, James Carter
[PATCH v2 00/10] Improve the copy of task comm, Yafang Shao
- [PATCH v2 01/10] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
- [PATCH v2 02/10] auditsc: Replace memcpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 03/10] security: Replace memcpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 04/10] bpftool: Ensure task comm is always NUL-terminated, Yafang Shao
- [PATCH v2 05/10] mm/util: Fix possible race condition in kstrdup(), Yafang Shao
  - Re: [PATCH v2 05/10] mm/util: Fix possible race condition in kstrdup(), Andrew Morton
    - Re: [PATCH v2 05/10] mm/util: Fix possible race condition in kstrdup(), Linus Torvalds
      - Re: [PATCH v2 05/10] mm/util: Fix possible race condition in kstrdup(), Yafang Shao
    - Re: [PATCH v2 05/10] mm/util: Fix possible race condition in kstrdup(), Yafang Shao
- [PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm(), Yafang Shao
  - Re: [PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm(), Catalin Marinas
    - Re: [PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm(), Yafang Shao
      - Re: [PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm(), Catalin Marinas
        
        Re: [PATCH v2 06/10] mm/kmemleak: Replace strncpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 07/10] tsacct: Replace strncpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 08/10] tracing: Replace strncpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 09/10] net: Replace strcpy() with __get_task_comm(), Yafang Shao
- [PATCH v2 10/10] drm: Replace strcpy() with __get_task_comm(), Yafang Shao
[PATCH v2 0/4] Introduce user namespace capabilities, Jonathan Calmels
- [PATCH v2 1/4] capabilities: Add user namespace capabilities, Jonathan Calmels
  - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Serge E. Hallyn
    - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Jonathan Calmels
      - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Serge E. Hallyn
  - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Serge E. Hallyn
    - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Jonathan Calmels
      - Re: [PATCH v2 1/4] capabilities: Add user namespace capabilities, Serge E. Hallyn
- [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Jonathan Calmels
  - Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Serge E. Hallyn
    - Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Jonathan Calmels
      - Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Serge E. Hallyn
  - Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Jarkko Sakkinen
    - Re: [PATCH v2 2/4] capabilities: Add securebit to restrict userns caps, Jarkko Sakkinen
- [PATCH v2 3/4] capabilities: Add sysctl to mask off userns caps, Jonathan Calmels
- [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Jonathan Calmels
  - Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
    - Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Jonathan Calmels
      - Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, John Johansen
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Jonathan Calmels
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Jonathan Calmels
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, John Johansen
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Jonathan Calmels
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Serge E. Hallyn
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Dr. Greg
        
        Re: [PATCH v2 4/4] bpf,lsm: Allow editing capabilities in BPF-LSM hooks, Paul Moore
- Re: [PATCH v2 0/4] Introduce user namespace capabilities, Josef Bacik
  - Re: [PATCH v2 0/4] Introduce user namespace capabilities, Jonathan Calmels
[PATCH] libsepol: contify function pointer arrays, Christian Göttsche
- Re: [PATCH] libsepol: contify function pointer arrays, James Carter
  - Re: [PATCH] libsepol: contify function pointer arrays, James Carter
[PATCH] tree-wide: fix misc typos, Christian Göttsche
- Re: [PATCH] tree-wide: fix misc typos, James Carter
  - Re: [PATCH] tree-wide: fix misc typos, James Carter
[PATCH] checkpolicy: reject duplicate nodecon statements, Christian Göttsche
- Re: [PATCH] checkpolicy: reject duplicate nodecon statements, James Carter
  - Re: [PATCH] checkpolicy: reject duplicate nodecon statements, James Carter
[PATCH 1/2] libsepol: move unchanged data out of loop, Christian Göttsche
- [PATCH 2/2] libsepol: rework permission enabled check, Christian Göttsche
  - Re: [PATCH 2/2] libsepol: rework permission enabled check, James Carter
    - Re: [PATCH 2/2] libsepol: rework permission enabled check, James Carter
- Re: [PATCH 1/2] libsepol: move unchanged data out of loop, James Carter
  - Re: [PATCH 1/2] libsepol: move unchanged data out of loop, James Carter
[PATCH 1/2] libselinux: deprecate security_disable(3), Christian Göttsche
- [PATCH 2/2] libselinux: constify avc_open(3) parameter, Christian Göttsche
  - Re: [PATCH 2/2] libselinux: constify avc_open(3) parameter, James Carter
    - Re: [PATCH 2/2] libselinux: constify avc_open(3) parameter, James Carter
- Re: [PATCH 1/2] libselinux: deprecate security_disable(3), James Carter
  - Re: [PATCH 1/2] libselinux: deprecate security_disable(3), Christian Göttsche
    - Re: [PATCH 1/2] libselinux: deprecate security_disable(3), James Carter
[PATCH] libsepol: hashtab: save one comparison on hit, Christian Göttsche
- Re: [PATCH] libsepol: hashtab: save one comparison on hit, James Carter
  - Re: [PATCH] libsepol: hashtab: save one comparison on hit, James Carter
[PATCH] libsepol: validate attribute-type maps, Christian Göttsche
- Re: [PATCH] libsepol: validate attribute-type maps, James Carter
  - Re: [PATCH] libsepol: validate attribute-type maps, James Carter
[PATCH] fixfiles: drop unnecessary \ line endings, Petr Lautrbach
- Re: [PATCH] fixfiles: drop unnecessary \ line endings, James Carter
  - Re: [PATCH] fixfiles: drop unnecessary \ line endings, James Carter
ANN: SELinux userspace 3.7-rc2 release, Petr Lautrbach
[PATCH 0/6] kernel: Avoid memcpy of task comm, Yafang Shao
- [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
  - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Eric W. Biederman
    - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
      - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Alexei Starovoitov
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Eric W. Biederman
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Alexei Starovoitov
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Eric W. Biederman
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Alexei Starovoitov
        
        Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Linus Torvalds
      - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Eric W. Biederman
  - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Matus Jokay
  - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Matus Jokay
    - Re: [PATCH 1/6] fs/exec: Drop task_lock() inside __get_task_comm(), Yafang Shao
- [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Yafang Shao
  - Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Steven Rostedt
    - Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Linus Torvalds
      - Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Steven Rostedt
        
        Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Linus Torvalds
        
        Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Steven Rostedt
        
        Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Linus Torvalds
        
        Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Steven Rostedt
        
        Re: [PATCH 2/6] tracing: Replace memcpy() with __get_task_comm(), Yafang Shao
- [PATCH 3/6] auditsc: Replace memcpy() with __get_task_comm(), Yafang Shao
  - Re: [PATCH 3/6] auditsc: Replace memcpy() with __get_task_comm(), Paul Moore
- [PATCH 4/6] security: Replace memcpy() with __get_task_comm(), Yafang Shao
  - Re: [PATCH 4/6] security: Replace memcpy() with __get_task_comm(), Paul Moore
- [PATCH 5/6] bpftool: Make task comm always be NUL-terminated, Yafang Shao
  - Re: [PATCH 5/6] bpftool: Make task comm always be NUL-terminated, Quentin Monnet
- [PATCH 6/6] selftests/bpf: Replace memcpy() with __get_task_comm(), Yafang Shao
[PATCH v3 1/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
- [PATCH v3 2/2 testsuite] tests/nfs_filesystem: comment out failing mount, Stephen Smalley
- Re: [PATCH v3 1/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Ondrej Mosnacek
  - Re: [PATCH v3 1/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
[PATCH v2 1/2] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
- [PATCH v2 2/2] tests/nfs_filesystem: remove failing mount, Stephen Smalley
- Re: [PATCH v2 1/2] tools/nfs.sh: comment out the fscontext= tests for now, Paul Moore
  - Re: [PATCH v2 1/2] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
  - Re: [PATCH v2 1/2] tools/nfs.sh: comment out the fscontext= tests for now, Ondrej Mosnacek
ANN: SELinux userspace 3.7-rc1 release, Petr Lautrbach
[PATCH PR #134] sesearch: CIL output, Topi Miettinen
[PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Christian König
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Thomas Hellström
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Rafael J. Wysocki
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Takashi Iwai
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Darrick J. Wong
- Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Guenter Roeck
  - Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
    - Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Guenter Roeck
      - Re: [PATCH] tracing/treewide: Remove second parameter of __assign_str(), Guenter Roeck
- Re: [f2fs-dev] [PATCH] tracing/treewide: Remove second parameter of __assign_str(), patchwork-bot+f2fs
Intent to release 3.7, Petr Lautrbach
- <Possible follow-ups>
- Intent to release 3.7, Petr Lautrbach
  - Re: Intent to release 3.7, Christian Göttsche
[PATCH 1/4] sandbox: do not fail without xmodmap, Petr Lautrbach
- [PATCH 4/4] sandbox: Add support for Wayland, Petr Lautrbach
- [PATCH 2/4] sandbox: do not run window manager if it's not a session, Petr Lautrbach
- [PATCH 3/4] seunshare: Add [ -P pipewiresocket ] [ -W waylandsocket ] options, Petr Lautrbach
- Re: [PATCH 1/4] sandbox: do not fail without xmodmap, James Carter
  - Re: [PATCH 1/4] sandbox: do not fail without xmodmap, Petr Lautrbach
[GIT PULL] selinux/selinux-pr-20240513, Paul Moore
- Re: [GIT PULL] selinux/selinux-pr-20240513, pr-tracker-bot
[PATCH 1/2] checkpolicy: perform contiguous check in host byte order, Christian Göttsche
- [PATCH 2/2] checkpolicy: support CIDR notation for nodecon statements, Christian Göttsche
- Re: [PATCH 1/2] checkpolicy: perform contiguous check in host byte order, James Carter
  - Re: [PATCH 1/2] checkpolicy: perform contiguous check in host byte order, James Carter
[RFC][PATCH] ima: Use sequence number to wait for policy updates, Roberto Sassu
- Re: [RFC][PATCH] ima: Use sequence number to wait for policy updates, Roberto Sassu
  - Re: [RFC][PATCH] ima: Use sequence number to wait for policy updates, Mimi Zohar
[PATCH v3] ima: Avoid blocking in RCU read-side critical section, GUO Zihua
- Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Mimi Zohar
- Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Casey Schaufler
  - Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Mimi Zohar
- Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, John Johansen
- Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Paul Moore
  - Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Paul Moore
    - Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Roberto Sassu
      - Re: [PATCH v3] ima: Avoid blocking in RCU read-side critical section, Paul Moore
[PATCH 1/2 testsuite] tests/nfs_filesystem: remove failing mount, Stephen Smalley
- [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
  - Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
    - Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
      - Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Paul Moore
        
        Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
        
        Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
        
        Re: [PATCH 2/2 testsuite] tools/nfs.sh: comment out the fscontext= tests for now, Stephen Smalley
[PATCH 1/4] libsepol: reject self flag in type rules in old policies, Christian Göttsche
- [PATCH 3/4] libsepol: validate type-attribute-map for old policies, Christian Göttsche
- [PATCH 4/4] libsepol: include prefix for module policy versions, Christian Göttsche
- [PATCH 2/4] libsepol: only exempt gaps checking for kernel policies, Christian Göttsche
- Re: [PATCH 1/4] libsepol: reject self flag in type rules in old policies, James Carter
  - Re: [PATCH 1/4] libsepol: reject self flag in type rules in old policies, James Carter
NFS context mount failures, Stephen Smalley
- Re: NFS context mount failures, Stephen Smalley
[PATCH v3] nfsd: set security label during create operations, Stephen Smalley
- Re: [PATCH v3] nfsd: set security label during create operations, Jeffrey Layton
- Re: [PATCH v3] nfsd: set security label during create operations, Chuck Lever
- Re: [PATCH v3] nfsd: set security label during create operations, NeilBrown
  - Re: [PATCH v3] nfsd: set security label during create operations, Stephen Smalley
    - Re: [PATCH v3] nfsd: set security label during create operations, NeilBrown
  - Re: [PATCH v3] nfsd: set security label during create operations, Stephen Smalley
    - Re: [PATCH v3] nfsd: set security label during create operations, Stephen Smalley
      - Re: [PATCH v3] nfsd: set security label during create operations, Stephen Smalley
[RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
- Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Casey Schaufler
  - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
    - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Casey Schaufler
      - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
        
        Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Casey Schaufler
        
        Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
        
        Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
        
        Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
- Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Serge Hallyn
  - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
    - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Serge E. Hallyn
- Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, KP Singh
  - Re: [RFC PATCH] lsm: fixup the inode xattr capability handling, Paul Moore
[PATCH v2] nfsd: set security label during create operations, Stephen Smalley
- Re: [PATCH v2] nfsd: set security label during create operations, Chuck Lever
- Re: [PATCH v2] nfsd: set security label during create operations, Jeffrey Layton
  - Re: [PATCH v2] nfsd: set security label during create operations, Stephen Smalley
- Re: [PATCH v2] nfsd: set security label during create operations, kernel test robot
cgroup2 labeling status, Chris PeBenito
- Re: cgroup2 labeling status, Stephen Smalley
  - Re: cgroup2 labeling status, Chris PeBenito
    - Re: cgroup2 labeling status, Stephen Smalley
      - Re: cgroup2 labeling status, Chris PeBenito
[RFC][PATCH] nfsd: set security label during create operations, Stephen Smalley
- Re: [RFC][PATCH] nfsd: set security label during create operations, Jeffrey Layton
ANN: SETools 4.5.1, Chris PeBenito
ANN: new release of The SELinux Notebook, Paul Moore
[PATCH 1/3] libselinux: free empty scandir(3) result, Christian Göttsche
- [PATCH 2/3] libselinux: avoid pointer dereference before check, Christian Göttsche
  - Re: [PATCH 2/3] libselinux: avoid pointer dereference before check, William Roberts
- [PATCH 3/3] mcstrans: free constraint in error branch, Christian Göttsche
  - Re: [PATCH 3/3] mcstrans: free constraint in error branch, William Roberts
- Re: [PATCH 1/3] libselinux: free empty scandir(3) result, William Roberts
  - Re: [PATCH 1/3] libselinux: free empty scandir(3) result, Christian Göttsche
    - Re: [PATCH 1/3] libselinux: free empty scandir(3) result, William Roberts
      - Re: [PATCH 1/3] libselinux: free empty scandir(3) result, James Carter
- Re: [PATCH 1/3] libselinux: free empty scandir(3) result, James Carter
  - Re: [PATCH 1/3] libselinux: free empty scandir(3) result, James Carter
[PATCH 1/5] libselinux/man: correct file extension of man pages, Christian Göttsche
- [PATCH 2/5] libselinux/man: sync const qualifiers, Christian Göttsche
- [PATCH 4/5] libselinux/man: add format attribute for set_matchpathcon_printf(3), Christian Göttsche
- [PATCH 3/5] libselinux/man: use void in synopses, Christian Göttsche
- [PATCH 5/5] libselinux: constify selinux_set_mapping(3) parameter, Christian Göttsche
- Re: [PATCH 1/5] libselinux/man: correct file extension of man pages, James Carter
  - Re: [PATCH 1/5] libselinux/man: correct file extension of man pages, James Carter
[PATCH v2] ima: Avoid blocking in RCU read-side critical section, GUO Zihua
- Re: [PATCH v2] ima: Avoid blocking in RCU read-side critical section, Casey Schaufler
- Re: [PATCH v2] ima: Avoid blocking in RCU read-side critical section, Mimi Zohar
[PATCH v3 2/2] fs/xattr: add *at family syscalls, Christian Göttsche
- Re: [PATCH v3 2/2] fs/xattr: add *at family syscalls, Arnd Bergmann
- Re: [PATCH v3 2/2] fs/xattr: add *at family syscalls, Jan Kara
[PATCH] ima: Avoid blocking in RCU read-side critical section, GUO Zihua
- Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Stephen Smalley
  - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Guozihua (Scott)
    - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Stephen Smalley
      - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Guozihua (Scott)
  - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Roberto Sassu
    - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Mimi Zohar
    - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Stephen Smalley
      - Re: [PATCH] ima: Avoid blocking in RCU read-side critical section, Stephen Smalley
[PATCH v2] libsepol: validate class permissions, Christian Göttsche
- Re: [PATCH v2] libsepol: validate class permissions, James Carter
  - Re: [PATCH v2] libsepol: validate class permissions, James Carter
[PATCH] github: bump Python and Ruby versions, Christian Göttsche
- Re: [PATCH] github: bump Python and Ruby versions, James Carter
  - Re: [PATCH] github: bump Python and Ruby versions, James Carter
[RFC PATCH 1/3] newrole: constant time password comparison, Christian Göttsche
- [RFC PATCH 2/3] newrole: cleanse shadow data hold by libc, Christian Göttsche
- [RFC PATCH 3/3] newrole: use ROWHAMMER resistant values, Christian Göttsche
- Re: [RFC PATCH 1/3] newrole: constant time password comparison, Stephen Smalley
  - Re: [RFC PATCH 1/3] newrole: constant time password comparison, Christian Göttsche
[PATCH 1/4] libsepol: improve policy lookup failure message, Christian Göttsche
- [PATCH 3/4] checkpolicy: declare file local variable static, Christian Göttsche
- [PATCH 2/4] checkpolicy/tests: add test for splitting xperm rule, Christian Göttsche
- [PATCH 4/4] checkpolicy: drop global policyvers variable, Christian Göttsche
- Re: [PATCH 1/4] libsepol: improve policy lookup failure message, James Carter
  - Re: [PATCH 1/4] libsepol: improve policy lookup failure message, James Carter
[PATCH] libsepol: validate class permissions, Christian Göttsche
- Re: [PATCH] libsepol: validate class permissions, James Carter
[PATCH 2/2] selinux: add support for xperms in conditional policies, Christian Göttsche
- [PATCH 1/2] selinux: constify source policy in cond_policydb_dup(), Christian Göttsche
  - Re: [PATCH 1/2] selinux: constify source policy in cond_policydb_dup(), Paul Moore
- Re: [PATCH 2/2] selinux: add support for xperms in conditional policies, Christian Göttsche
  - Re: [PATCH 2/2] selinux: add support for xperms in conditional policies, Stephen Smalley
    - Re: [PATCH 2/2] selinux: add support for xperms in conditional policies, Stephen Smalley
- [PATCH v2] selinux: add support for xperms in conditional policies, Christian Göttsche
  - Re: [PATCH v2] selinux: add support for xperms in conditional policies, Paul Moore
    - Re: [PATCH v2] selinux: add support for xperms in conditional policies, Christian Göttsche
      - Re: [PATCH v2] selinux: add support for xperms in conditional policies, Paul Moore
  - Re: [PATCH v2] selinux: add support for xperms in conditional policies, Stephen Smalley
  - Re: [PATCH v2] selinux: add support for xperms in conditional policies, Paul Moore
[PATCH v2] selinux: pre-allocate the status page, Christian Göttsche
- Re: [PATCH v2] selinux: pre-allocate the status page, Paul Moore
[PATCH] selinux: avoid printk_ratelimit(), Christian Göttsche
- Re: [PATCH] selinux: avoid printk_ratelimit(), Paul Moore
[PATCH] netlink: Remove the include of files doesn't exist, I Hsin Cheng
- Re: [PATCH] netlink: Remove the include of files doesn't exist, Stephen Smalley
[PATCH] selinux: clarify return code in filename_trans_read_helper_compat(), Ondrej Mosnacek
- Re: [PATCH] selinux: clarify return code in filename_trans_read_helper_compat(), Paul Moore
[bug report] selinux: optimize storage of filename transitions, Dan Carpenter
- Re: [bug report] selinux: optimize storage of filename transitions, Paul Moore
  - Re: [bug report] selinux: optimize storage of filename transitions, Ondrej Mosnacek
[GIT PULL] selinux/selinux-pr-20240402, Paul Moore
- Re: [GIT PULL] selinux/selinux-pr-20240402, pr-tracker-bot
[PATCH] libsepol: constify function pointer arrays, Christian Göttsche
- Re: [PATCH] libsepol: constify function pointer arrays, James Carter
  - Re: [PATCH] libsepol: constify function pointer arrays, James Carter
[PATCH 1/6] checkpolicy: include <ctype.h> for isprint(3), Christian Göttsche
- [PATCH 4/6] checkpolicy: drop never read member, Christian Göttsche
- [PATCH 5/6] checkpolicy: drop union stack_item_u, Christian Göttsche
- [PATCH 6/6] checkpolicy: free complete role_allow_rule on error, Christian Göttsche
- [PATCH 3/6] libsepol: validate access vector permissions, Christian Göttsche
- [PATCH 2/6] checkpolicy/fuzz: override YY_FATAL_ERROR, Christian Göttsche
- Re: [PATCH 1/6] checkpolicy: include <ctype.h> for isprint(3), James Carter
  - Re: [PATCH 1/6] checkpolicy: include <ctype.h> for isprint(3), James Carter
[PATCH] libsepol/cil: Check common perms when verifiying "all", James Carter
- Re: [PATCH] libsepol/cil: Check common perms when verifiying "all", James Carter
[PATCH 1/2] checkpolicy: free identifiers on invalid typebounds, Christian Göttsche
- [PATCH 2/2] checkpolicy: update error diagnostic, Christian Göttsche
- Re: [PATCH 1/2] checkpolicy: free identifiers on invalid typebounds, James Carter
  - Re: [PATCH 1/2] checkpolicy: free identifiers on invalid typebounds, James Carter
Re: Job Offer, Beckie Varnadore
[PATCH] selinux: pre-allocate the status page, Christian Göttsche
- Re: [PATCH] selinux: pre-allocate the status page, Paul Moore
[PATCH] selinux: avoid dereference of garbage after mount failure, Christian Göttsche
- Re: [PATCH] selinux: avoid dereference of garbage after mount failure, Casey Schaufler
- Re: [PATCH] selinux: avoid dereference of garbage after mount failure, Paul Moore
  - Re: [PATCH] selinux: avoid dereference of garbage after mount failure, Christian Göttsche
[PATCH] selinux: update numeric format specifiers for ebitmaps, Christian Göttsche
- Re: [PATCH] selinux: update numeric format specifiers for ebitmaps, Paul Moore
[PATCH] selinux: fix pr_err() format specifier in ebitmap_read(), Paul Moore
- Re: [PATCH] selinux: fix pr_err() format specifier in ebitmap_read(), Christian Göttsche
  - Re: [PATCH] selinux: fix pr_err() format specifier in ebitmap_read(), Paul Moore
Re: linux-next: build failure after merge of the selinux tree, Paul Moore
[PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, Christian Göttsche
- <Possible follow-ups>
- [PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, Christian Göttsche
  - Re: [PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, James Carter
    - Re: [PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, James Carter
[PATCH 1/2] checkpolicy: use YYerror only when available, Christian Göttsche
- [PATCH 2/2] checkpolicy: handle unprintable token, Christian Göttsche
- Re: [PATCH 1/2] checkpolicy: use YYerror only when available, James Carter
  - Re: [PATCH 1/2] checkpolicy: use YYerror only when available, James Carter
ANN: SETools 4.5.0, Chris PeBenito
Where to look for system services modified for SELinux, Casey Schaufler
- Re: Where to look for system services modified for SELinux, Stephen Smalley
  - Re: Where to look for system services modified for SELinux, Casey Schaufler
    - Re: Where to look for system services modified for SELinux, Petr Lautrbach
      - Re: Where to look for system services modified for SELinux, Petr Lautrbach
[PATCH PR#420 v4] audit2allow: CIL output mode, Topi Miettinen
- Re: [PATCH PR#420 v4] audit2allow: CIL output mode, James Carter
  - Re: [PATCH PR#420 v4] audit2allow: CIL output mode, James Carter
[PATCH v2 2/2] selinux: improve symtab string hashing, Christian Göttsche
- [PATCH v2 1/2] selinux: dump statistics for more hash tables, Christian Göttsche
  - Re: [PATCH v2 1/2] selinux: dump statistics for more hash tables, Paul Moore
- Re: [PATCH v2 2/2] selinux: improve symtab string hashing, Paul Moore
[PATCH v3] selinux: optimize ebitmap_and(), Christian Göttsche
- Re: [PATCH v3] selinux: optimize ebitmap_and(), Paul Moore
[RFC PATCH 2/2] selinux: wire up new execstack LSM hook, Christian Göttsche
[PATCH] selinux: use u32 as bit type in ebitmap code, Christian Göttsche
- Re: [PATCH] selinux: use u32 as bit type in ebitmap code, Paul Moore
[PATCH 2/2] selinux: make more use of current_sid(), Christian Göttsche
- [PATCH 1/2] selinux: avoid identifier using reserved name, Christian Göttsche
  - Re: [PATCH 1/2] selinux: avoid identifier using reserved name, Paul Moore
- Re: [PATCH 2/2] selinux: make more use of current_sid(), Paul Moore
[PATCH v2] selinux: reject invalid ebitmaps, Christian Göttsche
- Re: [PATCH v2] selinux: reject invalid ebitmaps, Paul Moore
[PATCH] libselinux: avoid logs in get_ordered_context_list() without policy, Christian Göttsche
- Re: [PATCH] libselinux: avoid logs in get_ordered_context_list() without policy, James Carter
[PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, Christian Göttsche
- Re: [PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, Serge Hallyn
- Re: [PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, Paul Moore
- Re: [PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, John Johansen
nfs client uses different MAC policy or model, Daniel Walker (danielwa)
- Re: nfs client uses different MAC policy or model, Jeff Layton
  - Re: nfs client uses different MAC policy or model, Daniel Walker (danielwa)
[PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, James Carter
- Re: [PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, Jordan Williams
  - Re: [PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, Winfried
- Re: [PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, James Carter
[PATCH 1/5] libselinux/utils/selabel_digest: drop unsupported option -d, Christian Göttsche
- [PATCH 2/5] libselinux/utils/selabel_digest: cleanup, Christian Göttsche
- [PATCH 4/5] libselinux: free data on selabel open failure, Christian Göttsche
- [PATCH 5/5] libselinux/utils/selabel_digest: pass BASEONLY only for file backend, Christian Göttsche
- [PATCH 3/5] libselinux/utils/selabel_digest: avoid buffer overflow, Christian Göttsche
- Re: [PATCH 1/5] libselinux/utils/selabel_digest: drop unsupported option -d, James Carter
  - Re: [PATCH 1/5] libselinux/utils/selabel_digest: drop unsupported option -d, James Carter
[GIT PULL] selinux/selinux-pr-20240312, Paul Moore
- Re: [GIT PULL] selinux/selinux-pr-20240312, pr-tracker-bot
[PATCH v2] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
- Re: [PATCH v2] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
[PATCH 1/5] checkpolicy/fuzz: drop redundant notdefined check, Christian Göttsche
- [PATCH 2/5] checkpolicy: clone level only once, Christian Göttsche
- [PATCH 3/5] checkpolicy: return YYerror on invalid character, Christian Göttsche
- [PATCH 5/5] checkpolicy/fuzz: scan Xen policies, Christian Göttsche
- [PATCH 4/5] libsepol: reject MLS support in pre-MLS policies, Christian Göttsche
- Re: [PATCH 1/5] checkpolicy/fuzz: drop redundant notdefined check, James Carter
  - Re: [PATCH 1/5] checkpolicy/fuzz: drop redundant notdefined check, James Carter
[PATCH] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
- Re: [PATCH] libsepol: Fix buffer overflow when using sepol_av_to_string(), Christian Göttsche
  - Re: [PATCH] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
[PATCH] checkpolicy/fuzz: Update check_level() to use notdefined field, James Carter
- Re: [PATCH] checkpolicy/fuzz: Update check_level() to use notdefined field, Christian Göttsche
  - Re: [PATCH] checkpolicy/fuzz: Update check_level() to use notdefined field, James Carter
[PATCH] selinux: improve error checking in sel_write_load(), Paul Moore
- Re: [PATCH] selinux: improve error checking in sel_write_load(), Paul Moore
- Re: [PATCH] selinux: improve error checking in sel_write_load(), Paul Moore
[Bug] WARNING: zero-size vmalloc in sel_write_load, Sam Sun
- Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Paul Moore
  - Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Christian Göttsche
    - Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Paul Moore
      - Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Sam Sun
        
        Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Paul Moore
        
        Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Sam Sun
[PATCH PR#420 v3] audit2allow: CIL output mode, Topi Miettinen
- Re: [PATCH PR#420 v3] audit2allow: CIL output mode, James Carter
[PATCH] libselinux/src/Makefile: fix reallocarray strlcpy detection, Jordan Williams
- Re: [PATCH] libselinux/src/Makefile: fix reallocarray strlcpy detection, James Carter
[PATCH] libsepoll/src/Makefile: Fix reallocarray detection when cross-compiling, Winfried Dobbe
- Re: [PATCH] libsepoll/src/Makefile: Fix reallocarray detection when cross-compiling, James Carter
[PATCH v3] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
- Re: [PATCH v3] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
ANN: Reference Policy 2.20240226, Chris PeBenito
[PATCH] selinux: cleanup selinux_lsm_getattr(), Paul Moore
- Re: [PATCH] selinux: cleanup selinux_lsm_getattr(), Paul Moore
Re: [PATCH 1/2] SELinux: Fix lsm_get_self_attr(), Paul Moore
- Re: [PATCH 1/2] SELinux: Fix lsm_get_self_attr(), Mickaël Salaün
  - Re: [PATCH 1/2] SELinux: Fix lsm_get_self_attr(), Paul Moore
[FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
- Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
- Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Jeff Johnson
  - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
    - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Kent Overstreet
      - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
    - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
- Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Alison Schofield
  - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
[PATCH 00/21] selinux: fix style issues in security/selinux/ss, Paul Moore
- [PATCH 03/21] selinux: fix style issues in security/selinux/ss/conditional.h, Paul Moore
- [PATCH 01/21] selinux: fix style issues in security/selinux/ss/avtab.h, Paul Moore
- [PATCH 02/21] selinux: fix style issues in security/selinux/ss/avtab.c, Paul Moore
- [PATCH 04/21] selinux: fix style issues in security/selinux/ss/conditional.c, Paul Moore
- [PATCH 05/21] selinux: fix style issues in security/selinux/ss/constraint.h, Paul Moore
- [PATCH 07/21] selinux: fix style issues in security/selinux/ss/context.h, Paul Moore
- [PATCH 08/21] selinux: fix style issues in security/selinux/ss/ebitmap.h, Paul Moore
- [PATCH 06/21] selinux: fix style issues in security/selinux/ss/context.h, Paul Moore
- [PATCH 10/21] selinux: fix style issues in security/selinux/ss/hashtab.h, Paul Moore
- [PATCH 09/21] selinux: fix style issues in security/selinux/ss/ebitmap.c, Paul Moore
- [PATCH 12/21] selinux: fix style issues in security/selinux/ss/mls.h, Paul Moore
- [PATCH 11/21] selinux: fix style issues in security/selinux/ss/hashtab.c, Paul Moore
- [PATCH 14/21] selinux: fix style issues in security/selinux/ss/mls_types.h, Paul Moore
- [PATCH 13/21] selinux: fix style issues in security/selinux/ss/mls.c, Paul Moore
- [PATCH 17/21] selinux: fix style issues in security/selinux/ss/services.h, Paul Moore
- [PATCH 16/21] selinux: fix style issues in security/selinux/ss/policydb.c, Paul Moore
- [PATCH 15/21] selinux: fix style issues in security/selinux/ss/policydb.h, Paul Moore
- [PATCH 18/21] selinux: fix style issues in security/selinux/ss/sidtab.h, Paul Moore
- [PATCH 19/21] selinux: fix style issues in security/selinux/ss/sidtab.c, Paul Moore
- [PATCH 20/21] selinux: fix style issues in security/selinux/ss/symtab.h, Paul Moore
- [PATCH 21/21] selinux: fix style issues in security/selinux/ss/symtab.c, Paul Moore
- Re: [PATCH 0/21] selinux: fix style issues in security/selinux/ss, Paul Moore
[PATCH] sepolgen: adjust parse for refpolicy, Christian Göttsche
- Re: [PATCH] sepolgen: adjust parse for refpolicy, James Carter
  - Re: [PATCH] sepolgen: adjust parse for refpolicy, James Carter
[PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities, Seth Forshee (DigitalOcean)
- [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h, Christian Brauner
- [PATCH v2 04/25] capability: rename cpu_vfs_cap_data to vfs_caps, Seth Forshee (DigitalOcean)
- [PATCH v2 02/25] mnt_idmapping: include cred.h, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 02/25] mnt_idmapping: include cred.h, Christian Brauner
- [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data, Christian Brauner
- [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Christian Brauner
    - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Christian Brauner
  - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Roberto Sassu
    - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Roberto Sassu

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]