Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

Re: [RFC PATCH 1/3] newrole: constant time password comparison, (continued)
[PATCH 1/4] libsepol: improve policy lookup failure message, Christian Göttsche
- [PATCH 3/4] checkpolicy: declare file local variable static, Christian Göttsche
- [PATCH 2/4] checkpolicy/tests: add test for splitting xperm rule, Christian Göttsche
- [PATCH 4/4] checkpolicy: drop global policyvers variable, Christian Göttsche
- Re: [PATCH 1/4] libsepol: improve policy lookup failure message, James Carter
  - Re: [PATCH 1/4] libsepol: improve policy lookup failure message, James Carter
[PATCH] libsepol: validate class permissions, Christian Göttsche
- Re: [PATCH] libsepol: validate class permissions, James Carter
[PATCH 2/2] selinux: add support for xperms in conditional policies, Christian Göttsche
- [PATCH 1/2] selinux: constify source policy in cond_policydb_dup(), Christian Göttsche
  - Re: [PATCH 1/2] selinux: constify source policy in cond_policydb_dup(), Paul Moore
- Re: [PATCH 2/2] selinux: add support for xperms in conditional policies, Christian Göttsche
  - Re: [PATCH 2/2] selinux: add support for xperms in conditional policies, Stephen Smalley
    - Re: [PATCH 2/2] selinux: add support for xperms in conditional policies, Stephen Smalley
- [PATCH v2] selinux: add support for xperms in conditional policies, Christian Göttsche
  - Re: [PATCH v2] selinux: add support for xperms in conditional policies, Paul Moore
[PATCH v2] selinux: pre-allocate the status page, Christian Göttsche
- Re: [PATCH v2] selinux: pre-allocate the status page, Paul Moore
[PATCH] selinux: avoid printk_ratelimit(), Christian Göttsche
- Re: [PATCH] selinux: avoid printk_ratelimit(), Paul Moore
[PATCH] netlink: Remove the include of files doesn't exist, I Hsin Cheng
- Re: [PATCH] netlink: Remove the include of files doesn't exist, Stephen Smalley
[PATCH] selinux: clarify return code in filename_trans_read_helper_compat(), Ondrej Mosnacek
- Re: [PATCH] selinux: clarify return code in filename_trans_read_helper_compat(), Paul Moore
[bug report] selinux: optimize storage of filename transitions, Dan Carpenter
- Re: [bug report] selinux: optimize storage of filename transitions, Paul Moore
  - Re: [bug report] selinux: optimize storage of filename transitions, Ondrej Mosnacek
[GIT PULL] selinux/selinux-pr-20240402, Paul Moore
- Re: [GIT PULL] selinux/selinux-pr-20240402, pr-tracker-bot
[PATCH] libsepol: constify function pointer arrays, Christian Göttsche
- Re: [PATCH] libsepol: constify function pointer arrays, James Carter
  - Re: [PATCH] libsepol: constify function pointer arrays, James Carter
[PATCH 1/6] checkpolicy: include <ctype.h> for isprint(3), Christian Göttsche
- [PATCH 4/6] checkpolicy: drop never read member, Christian Göttsche
- [PATCH 5/6] checkpolicy: drop union stack_item_u, Christian Göttsche
- [PATCH 6/6] checkpolicy: free complete role_allow_rule on error, Christian Göttsche
- [PATCH 3/6] libsepol: validate access vector permissions, Christian Göttsche
- [PATCH 2/6] checkpolicy/fuzz: override YY_FATAL_ERROR, Christian Göttsche
- Re: [PATCH 1/6] checkpolicy: include <ctype.h> for isprint(3), James Carter
  - Re: [PATCH 1/6] checkpolicy: include <ctype.h> for isprint(3), James Carter
[PATCH] libsepol/cil: Check common perms when verifiying "all", James Carter
- Re: [PATCH] libsepol/cil: Check common perms when verifiying "all", James Carter
[PATCH 1/2] checkpolicy: free identifiers on invalid typebounds, Christian Göttsche
- [PATCH 2/2] checkpolicy: update error diagnostic, Christian Göttsche
- Re: [PATCH 1/2] checkpolicy: free identifiers on invalid typebounds, James Carter
  - Re: [PATCH 1/2] checkpolicy: free identifiers on invalid typebounds, James Carter
Re: Job Offer, Beckie Varnadore
[PATCH] selinux: pre-allocate the status page, Christian Göttsche
- Re: [PATCH] selinux: pre-allocate the status page, Paul Moore
[PATCH] selinux: avoid dereference of garbage after mount failure, Christian Göttsche
- Re: [PATCH] selinux: avoid dereference of garbage after mount failure, Casey Schaufler
- Re: [PATCH] selinux: avoid dereference of garbage after mount failure, Paul Moore
  - Re: [PATCH] selinux: avoid dereference of garbage after mount failure, Christian Göttsche
[PATCH] selinux: update numeric format specifiers for ebitmaps, Christian Göttsche
- Re: [PATCH] selinux: update numeric format specifiers for ebitmaps, Paul Moore
[PATCH] selinux: fix pr_err() format specifier in ebitmap_read(), Paul Moore
- Re: [PATCH] selinux: fix pr_err() format specifier in ebitmap_read(), Christian Göttsche
  - Re: [PATCH] selinux: fix pr_err() format specifier in ebitmap_read(), Paul Moore
Re: linux-next: build failure after merge of the selinux tree, Paul Moore
[PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, Christian Göttsche
- <Possible follow-ups>
- [PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, Christian Göttsche
  - Re: [PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, James Carter
    - Re: [PATCH v2] libselinux: avoid logs in get_ordered_context_list() without policy, James Carter
[PATCH 1/2] checkpolicy: use YYerror only when available, Christian Göttsche
- [PATCH 2/2] checkpolicy: handle unprintable token, Christian Göttsche
- Re: [PATCH 1/2] checkpolicy: use YYerror only when available, James Carter
  - Re: [PATCH 1/2] checkpolicy: use YYerror only when available, James Carter
ANN: SETools 4.5.0, Chris PeBenito
Where to look for system services modified for SELinux, Casey Schaufler
- Re: Where to look for system services modified for SELinux, Stephen Smalley
  - Re: Where to look for system services modified for SELinux, Casey Schaufler
    - Re: Where to look for system services modified for SELinux, Petr Lautrbach
      - Re: Where to look for system services modified for SELinux, Petr Lautrbach
[PATCH PR#420 v4] audit2allow: CIL output mode, Topi Miettinen
- Re: [PATCH PR#420 v4] audit2allow: CIL output mode, James Carter
  - Re: [PATCH PR#420 v4] audit2allow: CIL output mode, James Carter
[PATCH v2 2/2] selinux: improve symtab string hashing, Christian Göttsche
- [PATCH v2 1/2] selinux: dump statistics for more hash tables, Christian Göttsche
  - Re: [PATCH v2 1/2] selinux: dump statistics for more hash tables, Paul Moore
- Re: [PATCH v2 2/2] selinux: improve symtab string hashing, Paul Moore
[PATCH v3] selinux: optimize ebitmap_and(), Christian Göttsche
- Re: [PATCH v3] selinux: optimize ebitmap_and(), Paul Moore
[RFC PATCH 2/2] selinux: wire up new execstack LSM hook, Christian Göttsche
[PATCH] selinux: use u32 as bit type in ebitmap code, Christian Göttsche
- Re: [PATCH] selinux: use u32 as bit type in ebitmap code, Paul Moore
[PATCH 2/2] selinux: make more use of current_sid(), Christian Göttsche
- [PATCH 1/2] selinux: avoid identifier using reserved name, Christian Göttsche
  - Re: [PATCH 1/2] selinux: avoid identifier using reserved name, Paul Moore
- Re: [PATCH 2/2] selinux: make more use of current_sid(), Paul Moore
[PATCH v2] selinux: reject invalid ebitmaps, Christian Göttsche
- Re: [PATCH v2] selinux: reject invalid ebitmaps, Paul Moore
[PATCH] libselinux: avoid logs in get_ordered_context_list() without policy, Christian Göttsche
- Re: [PATCH] libselinux: avoid logs in get_ordered_context_list() without policy, James Carter
[PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, Christian Göttsche
- Re: [PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, Serge Hallyn
- Re: [PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, Paul Moore
- Re: [PATCH 01/10] capability: introduce new capable flag CAP_OPT_NOAUDIT_ONDENY, John Johansen
nfs client uses different MAC policy or model, Daniel Walker (danielwa)
- Re: nfs client uses different MAC policy or model, Jeff Layton
  - Re: nfs client uses different MAC policy or model, Daniel Walker (danielwa)
[PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, James Carter
- Re: [PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, Jordan Williams
  - Re: [PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, Winfried
- Re: [PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks, James Carter
[PATCH 1/5] libselinux/utils/selabel_digest: drop unsupported option -d, Christian Göttsche
- [PATCH 2/5] libselinux/utils/selabel_digest: cleanup, Christian Göttsche
- [PATCH 4/5] libselinux: free data on selabel open failure, Christian Göttsche
- [PATCH 5/5] libselinux/utils/selabel_digest: pass BASEONLY only for file backend, Christian Göttsche
- [PATCH 3/5] libselinux/utils/selabel_digest: avoid buffer overflow, Christian Göttsche
- Re: [PATCH 1/5] libselinux/utils/selabel_digest: drop unsupported option -d, James Carter
  - Re: [PATCH 1/5] libselinux/utils/selabel_digest: drop unsupported option -d, James Carter
[GIT PULL] selinux/selinux-pr-20240312, Paul Moore
- Re: [GIT PULL] selinux/selinux-pr-20240312, pr-tracker-bot
[PATCH v2] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
- Re: [PATCH v2] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
[PATCH 1/5] checkpolicy/fuzz: drop redundant notdefined check, Christian Göttsche
- [PATCH 2/5] checkpolicy: clone level only once, Christian Göttsche
- [PATCH 3/5] checkpolicy: return YYerror on invalid character, Christian Göttsche
- [PATCH 5/5] checkpolicy/fuzz: scan Xen policies, Christian Göttsche
- [PATCH 4/5] libsepol: reject MLS support in pre-MLS policies, Christian Göttsche
- Re: [PATCH 1/5] checkpolicy/fuzz: drop redundant notdefined check, James Carter
  - Re: [PATCH 1/5] checkpolicy/fuzz: drop redundant notdefined check, James Carter
[PATCH] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
- Re: [PATCH] libsepol: Fix buffer overflow when using sepol_av_to_string(), Christian Göttsche
  - Re: [PATCH] libsepol: Fix buffer overflow when using sepol_av_to_string(), James Carter
[PATCH] checkpolicy/fuzz: Update check_level() to use notdefined field, James Carter
- Re: [PATCH] checkpolicy/fuzz: Update check_level() to use notdefined field, Christian Göttsche
  - Re: [PATCH] checkpolicy/fuzz: Update check_level() to use notdefined field, James Carter
[PATCH] selinux: improve error checking in sel_write_load(), Paul Moore
- Re: [PATCH] selinux: improve error checking in sel_write_load(), Paul Moore
- Re: [PATCH] selinux: improve error checking in sel_write_load(), Paul Moore
[Bug] WARNING: zero-size vmalloc in sel_write_load, Sam Sun
- Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Paul Moore
  - Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Christian Göttsche
    - Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Paul Moore
      - Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Sam Sun
        
        Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Paul Moore
        
        Re: [Bug] WARNING: zero-size vmalloc in sel_write_load, Sam Sun
[PATCH PR#420 v3] audit2allow: CIL output mode, Topi Miettinen
- Re: [PATCH PR#420 v3] audit2allow: CIL output mode, James Carter
[PATCH] libselinux/src/Makefile: fix reallocarray strlcpy detection, Jordan Williams
- Re: [PATCH] libselinux/src/Makefile: fix reallocarray strlcpy detection, James Carter
[PATCH] libsepoll/src/Makefile: Fix reallocarray detection when cross-compiling, Winfried Dobbe
- Re: [PATCH] libsepoll/src/Makefile: Fix reallocarray detection when cross-compiling, James Carter
[PATCH v3] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
- Re: [PATCH v3] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
ANN: Reference Policy 2.20240226, Chris PeBenito
[PATCH] selinux: cleanup selinux_lsm_getattr(), Paul Moore
- Re: [PATCH] selinux: cleanup selinux_lsm_getattr(), Paul Moore
Re: [PATCH 1/2] SELinux: Fix lsm_get_self_attr(), Paul Moore
- Re: [PATCH 1/2] SELinux: Fix lsm_get_self_attr(), Mickaël Salaün
  - Re: [PATCH 1/2] SELinux: Fix lsm_get_self_attr(), Paul Moore
[FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
- Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
- Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Jeff Johnson
  - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
    - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Kent Overstreet
      - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
    - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
- Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Alison Schofield
  - Re: [FYI][PATCH] tracing/treewide: Remove second parameter of __assign_str(), Steven Rostedt
[PATCH 00/21] selinux: fix style issues in security/selinux/ss, Paul Moore
- [PATCH 03/21] selinux: fix style issues in security/selinux/ss/conditional.h, Paul Moore
- [PATCH 01/21] selinux: fix style issues in security/selinux/ss/avtab.h, Paul Moore
- [PATCH 02/21] selinux: fix style issues in security/selinux/ss/avtab.c, Paul Moore
- [PATCH 04/21] selinux: fix style issues in security/selinux/ss/conditional.c, Paul Moore
- [PATCH 05/21] selinux: fix style issues in security/selinux/ss/constraint.h, Paul Moore
- [PATCH 07/21] selinux: fix style issues in security/selinux/ss/context.h, Paul Moore
- [PATCH 08/21] selinux: fix style issues in security/selinux/ss/ebitmap.h, Paul Moore
- [PATCH 06/21] selinux: fix style issues in security/selinux/ss/context.h, Paul Moore
- [PATCH 10/21] selinux: fix style issues in security/selinux/ss/hashtab.h, Paul Moore
- [PATCH 09/21] selinux: fix style issues in security/selinux/ss/ebitmap.c, Paul Moore
- [PATCH 12/21] selinux: fix style issues in security/selinux/ss/mls.h, Paul Moore
- [PATCH 11/21] selinux: fix style issues in security/selinux/ss/hashtab.c, Paul Moore
- [PATCH 14/21] selinux: fix style issues in security/selinux/ss/mls_types.h, Paul Moore
- [PATCH 13/21] selinux: fix style issues in security/selinux/ss/mls.c, Paul Moore
- [PATCH 17/21] selinux: fix style issues in security/selinux/ss/services.h, Paul Moore
- [PATCH 16/21] selinux: fix style issues in security/selinux/ss/policydb.c, Paul Moore
- [PATCH 15/21] selinux: fix style issues in security/selinux/ss/policydb.h, Paul Moore
- [PATCH 18/21] selinux: fix style issues in security/selinux/ss/sidtab.h, Paul Moore
- [PATCH 19/21] selinux: fix style issues in security/selinux/ss/sidtab.c, Paul Moore
- [PATCH 20/21] selinux: fix style issues in security/selinux/ss/symtab.h, Paul Moore
- [PATCH 21/21] selinux: fix style issues in security/selinux/ss/symtab.c, Paul Moore
- Re: [PATCH 0/21] selinux: fix style issues in security/selinux/ss, Paul Moore
[PATCH] sepolgen: adjust parse for refpolicy, Christian Göttsche
- Re: [PATCH] sepolgen: adjust parse for refpolicy, James Carter
  - Re: [PATCH] sepolgen: adjust parse for refpolicy, James Carter
[PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities, Seth Forshee (DigitalOcean)
- [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 01/25] mnt_idmapping: split out core vfs[ug]id_t definitions into vfsid.h, Christian Brauner
- [PATCH v2 04/25] capability: rename cpu_vfs_cap_data to vfs_caps, Seth Forshee (DigitalOcean)
- [PATCH v2 02/25] mnt_idmapping: include cred.h, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 02/25] mnt_idmapping: include cred.h, Christian Brauner
- [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 03/25] capability: add static asserts for comapatibility of vfs_cap_data and vfs_ns_cap_data, Christian Brauner
- [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Christian Brauner
    - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Christian Brauner
  - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Roberto Sassu
    - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Roberto Sassu
        
        Re: [PATCH v2 06/25] capability: provide helpers for converting between xattrs and vfs_caps, Seth Forshee (DigitalOcean)
- [PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 05/25] capability: use vfsuid_t for vfs_caps rootids, Christian Brauner
- [PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 07/25] capability: provide a helper for converting vfs_caps to xattr for userspace, Christian Brauner
- [PATCH v2 12/25] selinux: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations, Paul Moore
    - Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations, Paul Moore
        
        Re: [PATCH v2 12/25] selinux: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
- [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Paul Moore
    - Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Christian Brauner
  - Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Roberto Sassu
    - Re: [PATCH v2 11/25] security: add hooks for set/get/remove of fscaps, Seth Forshee (DigitalOcean)
- [PATCH v2 14/25] evm: add support for fscaps security hooks, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Roberto Sassu
    - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Christian Brauner
      - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Roberto Sassu
        
        Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Christian Brauner
    - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Roberto Sassu
  - Re: [PATCH v2 14/25] evm: add support for fscaps security hooks, Roberto Sassu
- [PATCH v2 13/25] smack: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 13/25] smack: add hooks for fscaps operations, Casey Schaufler
    - Re: [PATCH v2 13/25] smack: add hooks for fscaps operations, Seth Forshee (DigitalOcean)
- [PATCH v2 08/25] xattr: add is_fscaps_xattr() helper, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 08/25] xattr: add is_fscaps_xattr() helper, Christian Brauner
- [PATCH v2 10/25] xattr: use is_fscaps_xattr(), Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 10/25] xattr: use is_fscaps_xattr(), Christian Brauner
- [PATCH v2 09/25] commoncap: use is_fscaps_xattr(), Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 09/25] commoncap: use is_fscaps_xattr(), Christian Brauner
- [PATCH v2 22/25] fs: use vfs interfaces for capabilities xattrs, Seth Forshee (DigitalOcean)
- [PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 16/25] fs: add inode operations to get/set/remove fscaps, Christian Brauner
- [PATCH v2 17/25] fs: add vfs_get_fscaps(), Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 17/25] fs: add vfs_get_fscaps(), Christian Brauner
- [PATCH v2 20/25] ovl: add fscaps handlers, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 20/25] ovl: add fscaps handlers, Christian Brauner
  - Re: [PATCH v2 20/25] ovl: add fscaps handlers, Amir Goldstein
    - Re: [PATCH v2 20/25] ovl: add fscaps handlers, Seth Forshee (DigitalOcean)
- [PATCH v2 21/25] ovl: use vfs_{get,set}_fscaps() for copy-up, Seth Forshee (DigitalOcean)
- [PATCH v2 19/25] fs: add vfs_remove_fscaps(), Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 19/25] fs: add vfs_remove_fscaps(), Christian Brauner
- [PATCH v2 18/25] fs: add vfs_set_fscaps(), Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 18/25] fs: add vfs_set_fscaps(), Christian Brauner
- [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks, Paul Moore
    - Re: [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 15/25] security: call evm fscaps hooks from generic security hooks, Paul Moore
- [PATCH v2 23/25] commoncap: remove cap_inode_getsecurity(), Seth Forshee (DigitalOcean)
- [PATCH v2 25/25] vfs: return -EOPNOTSUPP for fscaps from vfs_*xattr(), Seth Forshee (DigitalOcean)
- [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
  - Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
    - Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
      - Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Christian Brauner
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Christian Brauner
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Seth Forshee (DigitalOcean)
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Mimi Zohar
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Roberto Sassu
        
        Re: [PATCH v2 24/25] commoncap: use vfs fscaps interfaces, Mimi Zohar
- Re: [PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities, Christian Brauner
  - Re: [PATCH v2 00/25] fs: use type-safe uid representation for filesystem capabilities, Seth Forshee (DigitalOcean)
[PATCH v2] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
- Re: [PATCH v2] checkpolicy, libsepol: Fix potential double free of mls_level_t, Christian Göttsche
  - Re: [PATCH v2] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
[PATCH PR#420 v2] audit2allow: CIL output mode, Topi Miettinen
[PATCH PR#420] audit2allow: CIL output mode, Topi Miettinen
- Re: [PATCH PR#420] audit2allow: CIL output mode, James Carter
[PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
- <Possible follow-ups>
- [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
  - Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
    - Re: [PATCH] Always build for LFS mode on 32-bit archs., Kees Cook
      - Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Christian Göttsche
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Christian Göttsche
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Petr Lautrbach
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Steve Langasek
        
        Re: [PATCH] Always build for LFS mode on 32-bit archs., Chris Hofstaedtler
[PATCH v7 0/4] per-vma locks in userfaultfd, Lokesh Gidra
- [PATCH v7 1/4] userfaultfd: move userfaultfd_ctx struct to header file, Lokesh Gidra
- [PATCH v7 3/4] mm: add vma_assert_locked() for !CONFIG_PER_VMA_LOCK, Lokesh Gidra
  - Re: [PATCH v7 3/4] mm: add vma_assert_locked() for !CONFIG_PER_VMA_LOCK, Suren Baghdasaryan
- [PATCH v7 4/4] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
- [PATCH v7 2/4] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
[PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure, Roberto Sassu
- [PATCH v10 01/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 02/25] ima: Align ima_file_mprotect() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 03/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 04/25] ima: Align ima_inode_removexattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 05/25] ima: Align ima_post_read_file() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure, Roberto Sassu
- [PATCH v10 09/25] security: Align inode_setattr hook definition with EVM, Roberto Sassu
- [PATCH v10 10/25] security: Introduce inode_post_setattr hook, Roberto Sassu
- [PATCH v10 11/25] security: Introduce inode_post_removexattr hook, Roberto Sassu
- [PATCH v10 12/25] security: Introduce file_post_open hook, Roberto Sassu
- [PATCH v10 13/25] security: Introduce file_release hook, Roberto Sassu
- [PATCH v10 14/25] security: Introduce path_post_mknod hook, Roberto Sassu
- [PATCH v10 15/25] security: Introduce inode_post_create_tmpfile hook, Roberto Sassu
- [PATCH v10 16/25] security: Introduce inode_post_set_acl hook, Roberto Sassu
- [PATCH v10 17/25] security: Introduce inode_post_remove_acl hook, Roberto Sassu
- [PATCH v10 18/25] security: Introduce key_post_create_or_update hook, Roberto Sassu
- [PATCH v10 19/25] integrity: Move integrity_kernel_module_request() to IMA, Roberto Sassu
  - Re: [PATCH v10 19/25] integrity: Move integrity_kernel_module_request() to IMA, Roberto Sassu
    - Re: [PATCH v10 19/25] integrity: Move integrity_kernel_module_request() to IMA, Mimi Zohar
- [PATCH v10 20/25] ima: Move to LSM infrastructure, Roberto Sassu
- [PATCH v10 21/25] ima: Move IMA-Appraisal to LSM infrastructure, Roberto Sassu
- [PATCH v10 23/25] evm: Make it independent from 'integrity' LSM, Roberto Sassu
- [PATCH v10 24/25] ima: Make it independent from 'integrity' LSM, Roberto Sassu
- [PATCH v10 25/25] integrity: Remove LSM, Roberto Sassu
- [PATCH v10 22/25] evm: Move to LSM infrastructure, Roberto Sassu
- Re: [PATCH v10 0/25] security: Move IMA and EVM to the LSM infrastructure, Paul Moore
  - Re: [PATCH v10 0/25] security: Move IMA and EVM to the LSM infrastructure, Roberto Sassu
- Re: [PATCH v10 00/25] security: Move IMA and EVM to the LSM infrastructure, Eric Snowberg
[PATCH v6 0/3] per-vma locks in userfaultfd, Lokesh Gidra
- [PATCH v6 1/3] userfaultfd: move userfaultfd_ctx struct to header file, Lokesh Gidra
- [PATCH v6 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
- [PATCH v6 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
  - Re: [PATCH v6 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Ryan Roberts
    - Re: [PATCH v6 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Suren Baghdasaryan
      - Re: [PATCH v6 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v6 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Ryan Roberts
- Re: [PATCH v6 0/3] per-vma locks in userfaultfd, Liam R. Howlett
[PATCH] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
- Re: [PATCH] checkpolicy, libsepol: Fix potential double free of mls_level_t, Christian Göttsche
  - Re: [PATCH] checkpolicy, libsepol: Fix potential double free of mls_level_t, James Carter
[PATCH v5 0/3] per-vma locks in userfaultfd, Lokesh Gidra
- [PATCH v5 1/3] userfaultfd: move userfaultfd_ctx struct to header file, Lokesh Gidra
- [PATCH v5 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
- [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
  - Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
    - Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
      - Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Suren Baghdasaryan
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Suren Baghdasaryan
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Suren Baghdasaryan
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v5 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
[PATCH testsuite] tests/inet_socket: test CALIPSO also with datagram protocols, Ondrej Mosnacek
- Re: [PATCH testsuite] tests/inet_socket: test CALIPSO also with datagram protocols, Ondrej Mosnacek
[PATCH v4 0/3] per-vma locks in userfaultfd, Lokesh Gidra
- [PATCH v4 1/3] userfaultfd: move userfaultfd_ctx struct to header file, Lokesh Gidra
- [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
  - Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
    - Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
      - Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v4 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
- [PATCH v4 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
[PATCH testsuite] policy: fix testsuite_domain_type_minimal() to work with rpm-ostree, Ondrej Mosnacek
- Re: [PATCH testsuite] policy: fix testsuite_domain_type_minimal() to work with rpm-ostree, Ondrej Mosnacek
[PATCH] python/semanage: Do not sort local fcontext definitions, Vit Mojzis
- Re: [PATCH] python/semanage: Do not sort local fcontext definitions, Petr Lautrbach
  - Re: [PATCH] python/semanage: Do not sort local fcontext definitions, Vit Mojzis
    - Re: [PATCH] python/semanage: Do not sort local fcontext definitions, James Carter
- Re: [PATCH] python/semanage: Do not sort local fcontext definitions, James Carter
  - Re: [PATCH] python/semanage: Do not sort local fcontext definitions, James Carter
[PATCH 5.4,4.19] lsm: new security_file_ioctl_compat() hook, Eric Biggers
- Re: [PATCH 5.4,4.19] lsm: new security_file_ioctl_compat() hook, Greg KH
[PATCH v3 0/3] per-vma locks in userfaultfd, Lokesh Gidra
- [PATCH v3 1/3] userfaultfd: move userfaultfd_ctx struct to header file, Lokesh Gidra
- [PATCH v3 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
- [PATCH v3 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
  - Re: [PATCH v3 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
    - Re: [PATCH v3 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
      - Re: [PATCH v3 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
  - Re: [PATCH v3 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Jann Horn
    - Re: [PATCH v3 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
      - Re: [PATCH v3 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Jann Horn
Calls to vfs_setlease() from NFSD code cause unnecessary CAP_LEASE security checks, Ondrej Mosnacek
- Re: Calls to vfs_setlease() from NFSD code cause unnecessary CAP_LEASE security checks, Jeff Layton
  - Re: Calls to vfs_setlease() from NFSD code cause unnecessary CAP_LEASE security checks, Ondrej Mosnacek
    - Re: Calls to vfs_setlease() from NFSD code cause unnecessary CAP_LEASE security checks, Ondrej Mosnacek
[PATCH v2] selinux: only filter copy-up xattrs following initialization, David Disseldorp
- Re: [PATCH v2] selinux: only filter copy-up xattrs following initialization, Paul Moore
[RFC PATCH v2 0/9] libselinux: rework selabel_file(5) database, Christian Göttsche
- [RFC PATCH v2 3/9] libselinux: use more appropriate types in sidtab, Christian Göttsche
- [RFC PATCH v2 4/9] libselinux: add unique id to sidtab entries, Christian Göttsche
- [RFC PATCH v2 7/9] libselinux: remove unused hashtab code, Christian Göttsche
- [RFC PATCH v2 2/9] libselinux/utils: introduce selabel_compare, Christian Göttsche
  - Re: [RFC PATCH v2 2/9] libselinux/utils: introduce selabel_compare, James Carter
    - Re: [RFC PATCH v2 2/9] libselinux/utils: introduce selabel_compare, Christian Göttsche
      - Re: [RFC PATCH v2 2/9] libselinux/utils: introduce selabel_compare, James Carter
- [RFC PATCH v2 8/9] libselinux: add selabel_file(5) fuzzer, Christian Göttsche
- [RFC PATCH v2 1/9] policycoreutils: introduce unsetfiles, Christian Göttsche
- [RFC PATCH v2 9/9] libselinux: support parallel selabel_lookup(3), Christian Göttsche
- [RFC PATCH v2 5/9] libselinux: sidtab updates, Christian Göttsche
  - Re: [RFC PATCH v2 5/9] libselinux: sidtab updates, James Carter
    - Re: [RFC PATCH v2 5/9] libselinux: sidtab updates, Christian Göttsche
- [RFC PATCH v2 6/9] libselinux: rework selabel_file(5) database, Christian Göttsche
[PATCH 1/3] libsepol: ensure transitivity in compare functions, Christian Göttsche
- [PATCH 2/3] libsepol/cil: ensure transitivity in compare functions, Christian Göttsche
- [PATCH 3/3] mcstrans: ensure transitivity in compare functions, Christian Göttsche
- Re: [PATCH 1/3] libsepol: ensure transitivity in compare functions, James Carter
  - Re: [PATCH 1/3] libsepol: ensure transitivity in compare functions, James Carter
[PATCH] selinux: correct return values in selinux_socket_getpeersec_dgram(), Paul Moore
- Re: [PATCH] selinux: correct return values in selinux_socket_getpeersec_dgram(), Paul Moore
[PATCH v2 0/3] per-vma locks in userfaultfd, Lokesh Gidra
- [PATCH v2 1/3] userfaultfd: move userfaultfd_ctx struct to header file, Lokesh Gidra
  - Re: [PATCH v2 1/3] userfaultfd: move userfaultfd_ctx struct to header file, Mike Rapoport
- [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
  - Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Liam R. Howlett
    - Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
      - Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Liam R. Howlett
        
        Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Mike Rapoport
        
        Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Liam R. Howlett
        
        Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
        
        Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Mike Rapoport
        
        Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
        
        Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Mike Rapoport
        
        Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
        
        Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Mike Rapoport
  - Re: [PATCH v2 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Mike Rapoport
- [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
  - Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
    - Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Suren Baghdasaryan
      - Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
      - Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Suren Baghdasaryan
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Suren Baghdasaryan
        
        Re: [PATCH v2 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Liam R. Howlett
- Re: [PATCH v2 0/3] per-vma locks in userfaultfd, Liam R. Howlett
  - Re: [PATCH v2 0/3] per-vma locks in userfaultfd, Lokesh Gidra
[PATCH] security: fix no-op hook logic in security_inode_{set,remove}xattr(), Ondrej Mosnacek
- Re: [PATCH] security: fix no-op hook logic in security_inode_{set,remove}xattr(), Paul Moore
  - Re: [PATCH] security: fix no-op hook logic in security_inode_{set,remove}xattr(), Paul Moore
    - Re: [PATCH] security: fix no-op hook logic in security_inode_{set,remove}xattr(), Paul Moore
      - Re: [PATCH] security: fix no-op hook logic in security_inode_{set,remove}xattr(), Paul Moore
        
        Re: [PATCH] security: fix no-op hook logic in security_inode_{set,remove}xattr(), Casey Schaufler
        
        Re: [PATCH] security: fix no-op hook logic in security_inode_{set,remove}xattr(), Paul Moore
[PATCH] selinux: Use kfree_sensitive for certain code paths of security, Ronald Monthero
- Re: [PATCH] selinux: Use kfree_sensitive for certain code paths of security, Casey Schaufler
- Re: [PATCH] selinux: Use kfree_sensitive for certain code paths of security, Paul Moore
  - Re: [PATCH] selinux: Use kfree_sensitive for certain code paths of security, Ronald Monthero
[PATCH] lsm: fix default return value of the socket_getpeersec_* hooks, Ondrej Mosnacek
- Re: [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks, Paul Moore
  - Re: [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks, Casey Schaufler
    - Re: [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks, Paul Moore
      - Re: [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks, Ondrej Mosnacek
        
        Re: [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks, Casey Schaufler
- Re: [PATCH] lsm: fix default return value of the socket_getpeersec_* hooks, Paul Moore
[PATCH 1/3] userfaultfd: move userfaultfd_ctx struct to header file, Lokesh Gidra
- [PATCH 2/3] userfaultfd: protect mmap_changing with rw_sem in userfaulfd_ctx, Lokesh Gidra
- [PATCH 3/3] userfaultfd: use per-vma locks in userfaultfd operations, Lokesh Gidra
[PATCH] security: fix the logic in security_inode_getsecctx(), Ondrej Mosnacek
- Re: [PATCH] security: fix the logic in security_inode_getsecctx(), Ondrej Mosnacek
- Re: [PATCH] security: fix the logic in security_inode_getsecctx(), Stephen Smalley
  - Re: [PATCH] security: fix the logic in security_inode_getsecctx(), Stephen Smalley
    - Re: [PATCH] security: fix the logic in security_inode_getsecctx(), Ondrej Mosnacek
      - Re: [PATCH] security: fix the logic in security_inode_getsecctx(), Stephen Smalley
        
        Re: [PATCH] security: fix the logic in security_inode_getsecctx(), Paul Moore
        
        Re: [PATCH] security: fix the logic in security_inode_getsecctx(), Stephen Smalley
        
        Re: [PATCH] security: fix the logic in security_inode_getsecctx(), Paul Moore
- Re: [PATCH] security: fix the logic in security_inode_getsecctx(), Casey Schaufler
- Re: [PATCH] security: fix the logic in security_inode_getsecctx(), Paul Moore
selinux-testsuite nfs tests?, Stephen Smalley
- Re: selinux-testsuite nfs tests?, Stephen Smalley
  - Re: selinux-testsuite nfs tests?, Paul Moore
    - Re: selinux-testsuite nfs tests?, Stephen Smalley
      - Re: selinux-testsuite nfs tests?, Stephen Smalley
        
        Re: selinux-testsuite nfs tests?, Paul Moore
        
        Re: selinux-testsuite nfs tests?, Ondrej Mosnacek
        
        Re: selinux-testsuite nfs tests?, Paul Moore
        
        Re: selinux-testsuite nfs tests?, Stephen Smalley
        
        Re: selinux-testsuite nfs tests?, Paul Moore
        
        Re: selinux-testsuite nfs tests?, Stephen Smalley
        
        Re: selinux-testsuite nfs tests?, Paul Moore
        
        Re: selinux-testsuite nfs tests?, Ondrej Mosnacek
        
        Re: selinux-testsuite nfs tests?, Stephen Smalley
        
        Re: selinux-testsuite nfs tests?, Stephen Smalley
        
        Re: selinux-testsuite nfs tests?, Stephen Smalley
        
        Re: selinux-testsuite nfs tests?, Paul Moore
[PATCH] python/semanage: Allow modifying records on "add", Vit Mojzis
- Re: [PATCH] python/semanage: Allow modifying records on "add", James Carter
  - [PATCH v2] python/semanage: Allow modifying records on "add", Vit Mojzis
    - Re: [PATCH v2] python/semanage: Allow modifying records on "add", James Carter
[PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL, Paul Moore
- Re: [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL, Paul Moore
  - Re: [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL, Jens Axboe
- Re: [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL, Jens Axboe
  - Re: [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL, Jens Axboe
    - Re: [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL, Jens Axboe
      - Re: [PATCH] io_uring: enable audit and restrict cred override for IORING_OP_FIXED_FD_INSTALL, Paul Moore
[PATCH 01/15] checkpolicy: add libfuzz based fuzzer, Christian Göttsche
- [PATCH 02/15] checkpolicy: cleanup resources on parse error, Christian Göttsche
  - Re: [PATCH 02/15] checkpolicy: cleanup resources on parse error, James Carter
    - Re: [PATCH 02/15] checkpolicy: cleanup resources on parse error, James Carter
- [PATCH 04/15] checkpolicy: free ebitmap on error, Christian Göttsche
  - Re: [PATCH 04/15] checkpolicy: free ebitmap on error, James Carter
    - Re: [PATCH 04/15] checkpolicy: free ebitmap on error, James Carter
- [PATCH 03/15] checkpolicy: cleanup identifiers on error, Christian Göttsche
  - Re: [PATCH 03/15] checkpolicy: cleanup identifiers on error, James Carter
    - Re: [PATCH 03/15] checkpolicy: cleanup identifiers on error, James Carter
- [PATCH 05/15] checkpolicy: check allocation and free memory on error at type definition, Christian Göttsche
  - Re: [PATCH 05/15] checkpolicy: check allocation and free memory on error at type definition, James Carter
    - Re: [PATCH 05/15] checkpolicy: check allocation and free memory on error at type definition, James Carter
- [PATCH 08/15] checkpolicy: bail out on invalid role, Christian Göttsche
  - Re: [PATCH 08/15] checkpolicy: bail out on invalid role, James Carter
    - Re: [PATCH 08/15] checkpolicy: bail out on invalid role, James Carter
- [PATCH 09/15] libsepol: use typedef, Christian Göttsche
  - Re: [PATCH 09/15] libsepol: use typedef, James Carter
    - Re: [PATCH 09/15] libsepol: use typedef, James Carter
- [PATCH 06/15] checkpolicy: clean expression on error, Christian Göttsche
  - Re: [PATCH 06/15] checkpolicy: clean expression on error, James Carter
    - Re: [PATCH 06/15] checkpolicy: clean expression on error, James Carter
- [PATCH 07/15] checkpolicy: call YYABORT on parse errors, Christian Göttsche
  - Re: [PATCH 07/15] checkpolicy: call YYABORT on parse errors, James Carter
    - Re: [PATCH 07/15] checkpolicy: call YYABORT on parse errors, James Carter
- [PATCH 11/15] checkpolicy: fix use-after-free on invalid sens alias, Christian Göttsche
  - Re: [PATCH 11/15] checkpolicy: fix use-after-free on invalid sens alias, Petr Lautrbach
    - Re: [PATCH 11/15] checkpolicy: fix use-after-free on invalid sens alias, James Carter
- [PATCH 10/15] libsepol: add copy member to level_datum, Christian Göttsche
  - Re: [PATCH 10/15] libsepol: add copy member to level_datum, James Carter
- [PATCH 13/15] checkpolicy: free temporary bounds type, Christian Göttsche
  - Re: [PATCH 13/15] checkpolicy: free temporary bounds type, James Carter
    - Re: [PATCH 13/15] checkpolicy: free temporary bounds type, James Carter
- [PATCH 12/15] checkpolicy: provide more descriptive error messages, Christian Göttsche
  - Re: [PATCH 12/15] checkpolicy: provide more descriptive error messages, James Carter
    - Re: [PATCH 12/15] checkpolicy: provide more descriptive error messages, James Carter
- [PATCH 15/15] checkpolicy: misc policy_define.c cleanup, Christian Göttsche
  - Re: [PATCH 15/15] checkpolicy: misc policy_define.c cleanup, James Carter
    - Re: [PATCH 15/15] checkpolicy: misc policy_define.c cleanup, James Carter
- [PATCH 14/15] checkpolicy: avoid assigning garbage values, Christian Göttsche
  - Re: [PATCH 14/15] checkpolicy: avoid assigning garbage values, James Carter
    - Re: [PATCH 14/15] checkpolicy: avoid assigning garbage values, James Carter
- Re: [PATCH 01/15] checkpolicy: add libfuzz based fuzzer, James Carter
  - Re: [PATCH 01/15] checkpolicy: add libfuzz based fuzzer, James Carter
IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions, Paul Moore
- Re: IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions, Jens Axboe
  - Re: IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions, Paul Moore
    - Re: IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions, Jens Axboe
      - Re: IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions, Paul Moore
        
        Re: IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions, Jens Axboe
- Re: IORING_OP_FIXED_FD_INSTALL and audit/LSM interactions, Christian Brauner
[PATCH] selinux: reduce the object class calculations at inode init time, Paul Moore
- Re: [PATCH] selinux: reduce the object class calculations at inode init time, Stephen Smalley
- Re: [PATCH] selinux: reduce the object class calculations at inode init time, Paul Moore
Race in security/selinux/hooks.c on isec->sclass and isec->sid usage, Gabriel Ryan
- Re: Race in security/selinux/hooks.c on isec->sclass and isec->sid usage, Stephen Smalley
  - Re: Race in security/selinux/hooks.c on isec->sclass and isec->sid usage, Paul Moore
    - Re: Race in security/selinux/hooks.c on isec->sclass and isec->sid usage, Stephen Smalley
      - Re: Race in security/selinux/hooks.c on isec->sclass and isec->sid usage, Paul Moore
        
        Re: Race in security/selinux/hooks.c on isec->sclass and isec->sid usage, Stephen Smalley
[PATCH] userfaultfd: fix return error if mmap_changing is non-zero in MOVE ioctl, Lokesh Gidra
- Re: [PATCH] userfaultfd: fix return error if mmap_changing is non-zero in MOVE ioctl, Suren Baghdasaryan
- Re: [PATCH] userfaultfd: fix return error if mmap_changing is non-zero in MOVE ioctl, Mike Rapoport
[PATCH] userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb, Lokesh Gidra
- Re: [PATCH] userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb, Andrew Morton
  - Re: [PATCH] userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb, Axel Rasmussen
  - Message not available
    - Re: [PATCH] userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb, Mike Rapoport
[PATCH v9 00/25] security: Move IMA and EVM to the LSM infrastructure, Roberto Sassu
- [PATCH v9 01/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure, Roberto Sassu
  - Re: [PATCH v9 1/25] ima: Align ima_inode_post_setattr() definition with LSM infrastructure, Paul Moore
- [PATCH v9 02/25] ima: Align ima_file_mprotect() definition with LSM infrastructure, Roberto Sassu
  - Re: [PATCH v9 2/25] ima: Align ima_file_mprotect() definition with LSM infrastructure, Paul Moore
- [PATCH v9 03/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure, Roberto Sassu
  - Re: [PATCH v9 3/25] ima: Align ima_inode_setxattr() definition with LSM infrastructure, Paul Moore
- [PATCH v9 05/25] ima: Align ima_post_read_file() definition with LSM infrastructure, Roberto Sassu
  - Re: [PATCH v9 5/25] ima: Align ima_post_read_file() definition with LSM infrastructure, Paul Moore
- [PATCH v9 06/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure, Roberto Sassu
  - Re: [PATCH v9 6/25] evm: Align evm_inode_post_setattr() definition with LSM infrastructure, Paul Moore
- [PATCH v9 07/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure, Roberto Sassu
  - Re: [PATCH v9 7/25] evm: Align evm_inode_setxattr() definition with LSM infrastructure, Paul Moore
- [PATCH v9 08/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure, Roberto Sassu
  - Re: [PATCH v9 8/25] evm: Align evm_inode_post_setxattr() definition with LSM infrastructure, Paul Moore
- [PATCH v9 09/25] security: Align inode_setattr hook definition with EVM, Roberto Sassu
  - Re: [PATCH v9 9/25] security: Align inode_setattr hook definition with EVM, Paul Moore
- [PATCH v9 10/25] security: Introduce inode_post_setattr hook, Roberto Sassu
  - Re: [PATCH v9 10/25] security: Introduce inode_post_setattr hook, Paul Moore
  - Re: [PATCH v9 10/25] security: Introduce inode_post_setattr hook, Christian Brauner
- [PATCH v9 11/25] security: Introduce inode_post_removexattr hook, Roberto Sassu
  - Re: [PATCH v9 11/25] security: Introduce inode_post_removexattr hook, Paul Moore
  - Re: [PATCH v9 11/25] security: Introduce inode_post_removexattr hook, Christian Brauner
- [PATCH v9 12/25] security: Introduce file_post_open hook, Roberto Sassu
  - Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Paul Moore
  - Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Christian Brauner
    - Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Christian Brauner
  - Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Christian Brauner
    - Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Roberto Sassu
      - Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Christian Brauner
        
        Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Roberto Sassu
  - Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Mimi Zohar
    - Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Paul Moore
      - Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Roberto Sassu
        
        Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Paul Moore
        
        Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Mimi Zohar
        
        Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Paul Moore
        
        Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Mimi Zohar
        
        Re: [PATCH v9 12/25] security: Introduce file_post_open hook, Paul Moore
- [PATCH v9 14/25] security: Introduce path_post_mknod hook, Roberto Sassu
  - Re: [PATCH v9 14/25] security: Introduce path_post_mknod hook, Paul Moore
  - Re: [PATCH v9 14/25] security: Introduce path_post_mknod hook, Christian Brauner
  - Re: [PATCH v9 14/25] security: Introduce path_post_mknod hook, Stefan Berger
- [PATCH v9 15/25] security: Introduce inode_post_create_tmpfile hook, Roberto Sassu
  - Re: [PATCH v9 15/25] security: Introduce inode_post_create_tmpfile hook, Paul Moore
  - Re: [PATCH v9 15/25] security: Introduce inode_post_create_tmpfile hook, Christian Brauner
  - Re: [PATCH v9 15/25] security: Introduce inode_post_create_tmpfile hook, Stefan Berger
- [PATCH v9 16/25] security: Introduce inode_post_set_acl hook, Roberto Sassu
  - Re: [PATCH v9 16/25] security: Introduce inode_post_set_acl hook, Paul Moore
  - Re: [PATCH v9 16/25] security: Introduce inode_post_set_acl hook, Christian Brauner
- [PATCH v9 17/25] security: Introduce inode_post_remove_acl hook, Roberto Sassu
  - Re: [PATCH v9 17/25] security: Introduce inode_post_remove_acl hook, Paul Moore
  - Re: [PATCH v9 17/25] security: Introduce inode_post_remove_acl hook, Christian Brauner
- [PATCH v9 18/25] security: Introduce key_post_create_or_update hook, Roberto Sassu
  - Re: [PATCH v9 18/25] security: Introduce key_post_create_or_update hook, Paul Moore
- [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA, Roberto Sassu
  - Re: [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA, Paul Moore
  - Re: [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA, Stefan Berger
    - Re: [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA, Paul Moore
      - Re: [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA, Stefan Berger
        
        Re: [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA, Roberto Sassu
        
        Re: [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA, Stefan Berger
        
        Re: [PATCH v9 19/25] integrity: Move integrity_kernel_module_request() to IMA, Roberto Sassu
- [PATCH v9 20/25] ima: Move to LSM infrastructure, Roberto Sassu
  - Re: [PATCH v9 20/25] ima: Move to LSM infrastructure, Casey Schaufler
  - Re: [PATCH v9 20/25] ima: Move to LSM infrastructure, Paul Moore
  - Re: [PATCH v9 20/25] ima: Move to LSM infrastructure, Christian Brauner
  - Re: [PATCH v9 20/25] ima: Move to LSM infrastructure, Stefan Berger
- [PATCH v9 21/25] ima: Move IMA-Appraisal to LSM infrastructure, Roberto Sassu
  - Re: [PATCH v9 21/25] ima: Move IMA-Appraisal to LSM infrastructure, Casey Schaufler
  - Re: [PATCH v9 21/25] ima: Move IMA-Appraisal to LSM infrastructure, Paul Moore
  - Re: [PATCH v9 21/25] ima: Move IMA-Appraisal to LSM infrastructure, Christian Brauner
- [PATCH v9 22/25] evm: Move to LSM infrastructure, Roberto Sassu
  - Re: [PATCH v9 22/25] evm: Move to LSM infrastructure, Paul Moore
  - Re: [PATCH v9 22/25] evm: Move to LSM infrastructure, Christian Brauner
  - Re: [PATCH v9 22/25] evm: Move to LSM infrastructure, Stefan Berger
- [PATCH v9 23/25] evm: Make it independent from 'integrity' LSM, Roberto Sassu

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]

Powered by Linux