Security Enhanced Linux (SELINUX)
[Prev Page][Next Page]
- [PATCH] selinux: avoid uninitialized variable warning,
Arnd Bergmann
- [PATCH -next] selinux: Make selinux_kernfs_init_security static,
Yue Haibing
- [pcmoore-selinux:next 8/10] htmldocs: include/linux/lsm_hooks.h:1814: warning: Function parameter or member 'kernfs_init_security' not described in 'security_list_options',
kbuild test robot
- [PATCH 0/4] Signal: Fix hard lockup problem in flush_sigqueue(),
Waiman Long
- [GIT PULL] SELinux fixes for v5.1 (#2),
Paul Moore
- [PATCH] restorecond: Do not link against libpcre,
Laurent Bigonville
- [PATCH] binder: fix BUG_ON found by selinux-testsuite, Todd Kjos
- [PATCH] scripts/selinux: fix build,
Stephen Smalley
- v5.1-rc1 binder_alloc_do_buffer_copy() BUG_ON triggered by selinux-testsuite,
Paul Moore
- [PATCH 1/1] restorecond: use /run instead of /var/run,
Nicolas Iooss
- [PATCH] selinux: fix NULL dereference in policydb_destroy(),
Ondrej Mosnacek
- ANN: SELinux userspace release 2019-03-15 / 2.9,
Petr Lautrbach
- general protection fault in ebitmap_destroy (2),
syzbot
- [PATCH 36/38] vfs: Convert selinuxfs to fs_context, David Howells
- [GIT PULL] SELinux fixes for v5.1 (#1),
Paul Moore
- [PATCH] selinux: use kernel definition of PF_MAX in scripts,
Johannes Brechtmann
- [PATCH] Restorecon: factor out a lookup helper for context matches,
xunchang
Re: Patch to the context lookup change,
Stephen Smalley
[PATCH] libselinux: Do not define gettid() if glibc >= 2.30 is used,
Petr Lautrbach
[PATCH net] selinux: add the missing walk_size + len check in selinux_sctp_bind_connect,
Xin Long
[PATCH net] net: selinux: fix memory leak in selinux_netlbl_socket_post_create(),
Mao Wenan
[GIT PULL] SELinux patches for v5.1,
Paul Moore
[PATCH] security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblock,
J. Bruce Fields
[PATCH] libselinux: Add security_reject_unknown(3) man page,
Petr Lautrbach
ANN: SELinux userspace 2.9-rc2 release candidate, Petr Lautrbach
[PATCH 00/97] LSM: Complete module stacking,
Casey Schaufler
- [PATCH 04/97] SCAFFOLD: Move sock_graft out of sock.h, Casey Schaufler
- [PATCH 03/97] LSM: Infrastructure management of the key security blob, Casey Schaufler
- [PATCH 01/97] LSM: Infrastructure management of the superblock, Casey Schaufler
- [PATCH 02/97] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH 08/97] LSM: Use lsm_export in the cred_getsecid hooks, Casey Schaufler
- [PATCH 05/97] LSM: Create an lsm_export data structure., Casey Schaufler
- [PATCH 11/97] LSM: Use lsm_export in the kernel_ask_as hooks, Casey Schaufler
- [PATCH 10/97] LSM: Use lsm_export in the sk_getsecid hooks, Casey Schaufler
- [PATCH 07/97] SCAFFOLD: Move security.h out of route.h, Casey Schaufler
- [PATCH 09/97] LSM: Use lsm_export in the ipc_getsecid and task_getsecid hooks, Casey Schaufler
- [PATCH 06/97] LSM: Use lsm_export in the inode_getsecid hooks, Casey Schaufler
- [PATCH 16/97] LSM: Use lsm_export in the secctx_to_secid hooks, Casey Schaufler
- [PATCH 15/97] LSM: Use lsm_export in the secid_to_secctx hooks, Casey Schaufler
- [PATCH 17/97] LSM: Use lsm_export in security_audit_rule_match, Casey Schaufler
- [PATCH 19/97] LSM: Use lsm_export in security_socket_getpeersec_dgram, Casey Schaufler
- [PATCH 12/97] LSM: Use lsm_export in the getpeersec_dgram hooks, Casey Schaufler
- [PATCH 18/97] LSM: Use lsm_export in security_kernel_act_as, Casey Schaufler
- [PATCH 14/97] LSM: Fix logical operation in lsm_export checks, Casey Schaufler
- [PATCH 13/97] LSM: Use lsm_export in the audit_rule_match hooks, Casey Schaufler
- [PATCH 27/97] LSM: Use lsm_export in security_cred_getsecid, Casey Schaufler
- [PATCH 21/97] LSM: Use lsm_export in security_secid_to_secctx, Casey Schaufler
- [PATCH 20/97] LSM: Use lsm_export in security_secctx_to_secid, Casey Schaufler
- [PATCH 26/97] LSM: Use lsm_export in security_inode_getsecid, Casey Schaufler
- [PATCH 24/97] LSM: FIXUP - security_secctx_to_secid, Casey Schaufler
- [PATCH 23/97] LSM: Use lsm_export in security_task_getsecid, Casey Schaufler
- [PATCH 32/97] IMA: Clean out lsm_export scaffolding, Casey Schaufler
- [PATCH 22/97] LSM: Use lsm_export in security_ipc_getsecid, Casey Schaufler
- [PATCH 35/97] NET: Remove scaffolding on new secmarks, Casey Schaufler
- [PATCH 37/97] Netlabel: Replace secids with lsm_export, Casey Schaufler
- [PATCH 34/97] NET: Remove scaffolding on secmarks, Casey Schaufler
- [PATCH 36/97] NET: Remove netfilter scaffolding for lsm_export, Casey Schaufler
- [PATCH 31/97] Audit: Convert osid to an lsm_export structure, Casey Schaufler
- [PATCH 30/97] Audit: Convert target_sid to an lsm_export structure, Casey Schaufler
- [PATCH 29/97] Audit: Change audit_sig_sid to audit_sig_lsm, Casey Schaufler
- [PATCH 40/97] Smack: Restore the release_secctx hook, Casey Schaufler
- [PATCH 44/97] LSM: Use lsm_context in secid_to_secctx hooks, Casey Schaufler
- [PATCH 43/97] LSM: Create a data structure for a security context, Casey Schaufler
- [PATCH 39/97] IMA: FIXUP prototype using lsm_export, Casey Schaufler
- [PATCH 38/97] LSM: Remove lsm_export scaffolding functions, Casey Schaufler
- [PATCH 42/97] LSM: Limit calls to certain module hooks, Casey Schaufler
- [PATCH 51/97] LSM: Use lsm_context in security_inode_getsecctx, Casey Schaufler
- [PATCH 47/97] LSM: Use lsm_context in inode_notifysecctx hooks, Casey Schaufler
- [PATCH 52/97] LSM: Use lsm_context in security_secctx_to_secid, Casey Schaufler
- [PATCH 50/97] LSM: Use lsm_context in security_inode_notifysecctx, Casey Schaufler
- [PATCH 49/97] LSM: Use lsm_context in security_dentry_init_security, Casey Schaufler
- [PATCH 46/97] LSM: Use lsm_context in inode_getsecctx hooks, Casey Schaufler
- [PATCH 59/97] LSM: Use lsm_context in security_inode_setsecctx, Casey Schaufler
- [PATCH 45/97] LSM: Use lsm_context in secctx_to_secid hooks, Casey Schaufler
- [PATCH 48/97] LSM: Use lsm_context in dentry_init_security hooks, Casey Schaufler
- [PATCH 41/97] AppArmor: Remove unnecessary hook stub, Casey Schaufler
- [PATCH 66/97] LSM: Add secmark_relabel_packet to the set of one call hooks, Casey Schaufler
- [PATCH 64/97] LSM: Specify which LSM to display with /proc/self/attr/display, Casey Schaufler
- [PATCH 65/97] AppArmor: Remove the exclusive flag, Casey Schaufler
- [PATCH 62/97] LSM: Special handling for secctx lsm hooks, Casey Schaufler
- [PATCH 60/97] kernfs: remove lsm_context scaffolding, Casey Schaufler
- [PATCH 63/97] SELinux: Use blob offset in current_sid, Casey Schaufler
- [PATCH 61/97] LSM: Remove unused macro, Casey Schaufler
- [PATCH 68/97] netfilter: Fix memory leak introduced with lsm_context, Casey Schaufler
- [PATCH 69/97] Smack: Consolidate secmark conversions, Casey Schaufler
- [PATCH 70/97] netfilter: Remove unnecessary NULL check in lsm_context, Casey Schaufler
- [PATCH 67/97] LSM: Make getting the secmark right cleaner with lsm_export_one_secid, Casey Schaufler
- [PATCH 54/97] LSM: Use lsm_context in security_release_secctx, Casey Schaufler
- [PATCH 55/97] LSM: Use lsm_context in security_secid_to_secctx, Casey Schaufler
- [PATCH 53/97] LSM: Use lsm_context in release_secctx hooks, Casey Schaufler
- [PATCH 58/97] LSM: Use lsm_context in inode_setsecctx hooks, Casey Schaufler
- [PATCH 57/97] LSM: Add the release function to the lsm_context, Casey Schaufler
- [PATCH 56/97] fs: remove lsm_context scaffolding, Casey Schaufler
- [PATCH 33/97] NET: Store LSM access information in the socket blob for UDS, Casey Schaufler
- [PATCH 28/97] LSM: REVERT Use lsm_export in the sk_getsecid hooks, Casey Schaufler
- [PATCH 25/97] LSM: FIXUP - security_secid_to_secctx, Casey Schaufler
- Re: [PATCH 00/97] LSM: Complete module stacking, Stephen Smalley
- <Possible follow-ups>
- [PATCH 00/97] LSM: Complete module stacking, Casey Schaufler
- [PATCH 72/97] LSM: Add secmark refcounting to call_one list - part 2, Casey Schaufler
- [PATCH 71/97] LSM: Add secmark refcounting to call_one list, Casey Schaufler
- [PATCH 73/97] LSM: refactor security_setprocattr, Casey Schaufler
- [PATCH 77/97] LSM: Correct handling of ENOSYS in inode_setxattr, Casey Schaufler
- [PATCH 74/97] Smack: Detect if secmarks can be safely used, Casey Schaufler
- [PATCH 75/97] LSM: Support multiple LSMs using inode_init_security, Casey Schaufler
- [PATCH 76/97] LSM: Use full security context in security_inode_setsecctx, Casey Schaufler
- [PATCH 78/97] LSM: Infrastructure security blobs for mount options, Casey Schaufler
- [PATCH 79/97] LSM: Fix for security_init_inode_security, Casey Schaufler
- [PATCH 80/97] Smack: Advertise the secid to netlabel, Casey Schaufler
- [PATCH 83/97] Smack: Set netlabel flags properly on new label import, Casey Schaufler
- [PATCH 82/97] Smack: Fix setting of the CIPSO MLS_CAT flags, Casey Schaufler
- [PATCH 81/97] LSM: Change error detection for UDP peer security, Casey Schaufler
- [PATCH 87/97] Smack: Let netlabel do the work on connections, Casey Schaufler
- [PATCH 88/97] Netlabel: Return the labeling type on socket, Casey Schaufler
- [PATCH 86/97] Smack: Don't set the socket label on each send, Casey Schaufler
- [PATCH 85/97] Smack: Let netlabel do the work on the ambient domain, Casey Schaufler
- [PATCH 90/97] Netlabel: Return the labeling type on socket, Casey Schaufler
- [PATCH 91/97] Netlabel: Return the labeling type on socket, Casey Schaufler
- [PATCH 89/97] Netlabel: Return the labeling type on socket, Casey Schaufler
- [PATCH 92/97] LSM: Remember the NLTYPE of netlabel sockets, Casey Schaufler
- [PATCH 93/97] Smack: Use the NLTYPE on output, Casey Schaufler
- [PATCH 95/97] LSM: Avoid network conflicts in SELinux and Smack, Casey Schaufler
- [PATCH 94/97] LSM: Hook for netlabel reconciliation, Casey Schaufler
- [PATCH 97/97] Smack: Remove the exclusive bit, Casey Schaufler
- [PATCH 96/97] LSM: Apply Netlabel consitancy checks on send and connect, Casey Schaufler
- [PATCH 84/97] Netlabel: Add a secattr comparison API function, Casey Schaufler
neverallow rules,
Joe Nall
RHEL auth_role using logging_send_audit_msgs,
Ted Toth
[PATCH] netlabel: fix out-of-bounds memory accesses,
Paul Moore
[PATCH v3] libselinux: selinux_set_mapping: fix handling of unknown classes/perms,
Stephen Smalley
[PATCH] selinux: use kernel linux/socket.h definitions for PF_MAX,
Paulo Alcantara
Bash 5 change in behavior and SELinux,
Dominick Grift
[PATCH v2] libselinux: selinux_set_mapping: fix handling of unknown classes/perms, Stephen Smalley
[PATCH v7 0/7] Allow initializing the kernfs node's secctx based on its parent,
Ondrej Mosnacek
[PATCH] libselinux: selinux_set_mapping: fix handling of unknown classes/perms,
Stephen Smalley
wildcards in file_contexts.subs for NixOS,
Russell Coker
[PATCH v6] scripts/selinux: modernize mdp,
Stephen Smalley
.desktop files installed by gui/,
Nicolas Iooss
[PATCH v4] scripts/selinux: modernize mdp,
Dominick Grift
[RFC] Switch to Python 3 by default,
Petr Lautrbach
[PATCH] scripts/selinux: modernize mdp,
Dominick Grift
Re: [PATCH] doc: sctp: Merge and clean up rst files,
Paul Moore
[PATCH 1/2] python/sepolicy: drop python shebang from the module,
Nicolas Iooss
Re: [PATCH v2] LSM: Ignore "security=" when "lsm=" is specified,
Tetsuo Handa
For those not following the container world SELinux just proved it merits, Daniel Walsh
Re: [RFC PATCH 22/27] KEYS: Replace uid/gid/perm permissions checking with an ACL,
Stephen Smalley
[PATCH v3] scripts/selinux: add basic mls support to mdp,
Stephen Smalley
Re: [PATCH v3] scripts/selinux: add basic mls support to mdp, Paul Moore
[PATCH v2] scripts/selinux: add basic mls support to mdp, Stephen Smalley
[PATCH] scripts/selinux: add basic mls support to mdp,
Stephen Smalley
[PATCH] selinux-testsuite: fix userspace, refpolicy, and mailing list,
Stephen Smalley
[PATCH v6 0/5] Allow initializing the kernfs node's secctx based on its parent,
Ondrej Mosnacek
IB pkey policy problem found via the selinux-testsuite,
Paul Moore
Re: [PATCH] LSM: Allow syzbot to ignore security= parameter.,
Tetsuo Handa
[PATCH 1/1] libsepol/cil: silence static analyser's use-after-free warning,
Nicolas Iooss
[PATCH] libsemanage: genhomedircon - improve handling large groups,
Petr Lautrbach
[PATCH 1/2] python/semanage module: Fix handling of -a/-e/-d/-r options,
Petr Lautrbach
[PATCH] gui: Make all polgen button labels translatable,
Petr Lautrbach
[PATCH] libselinux/selinux_restorecon: Skip customized files also without -v,
Petr Lautrbach
[PATCH] selinux: Fix classmap for BPF,
William A. Kennington III
[PATCH] selinux: fix avc audit messages,
Stephen Smalley
[PATCH v5 0/5] Allow initializing the kernfs node's secctx based on its parent,
Ondrej Mosnacek
[bug report] selinux: kill selinux_sb_get_mnt_opts(),
Dan Carpenter
[PATCH v4 0/5] Allow initializing the kernfs node's secctx based on its parent,
Ondrej Mosnacek
[PATCH] checkpolicy: Add -S option to manpage,
Vit Mojzis
ANN: SETools 4.2.1, Chris PeBenito
[PATCH 1/1] libsepol: do not use uninitialized value for low_value,
Nicolas Iooss
[PATCH rdma-rc v1 0/4] IB selinux related fixes,
Leon Romanovsky
[PATCH] libsepol: Fix RESOURCE_LEAK defects reported by coverity scan,
James Carter
gcc 9.0.0 build issues,
Petr Lautrbach
[PATCH] python/semanage/seobject: Fix listing boolean values,
Vit Mojzis
[PATCH 0/3] Support flake8 version 3.7,
Nicolas Iooss
[PATCH 1/2] libselinux: set an appropriate errno in booleans.c,
Petr Lautrbach
[PATCH] dbus: Fix name of polkit function,
Petr Lautrbach
[PATCH] python/semanage: Examples are no longer in the main semanage man page,
Petr Lautrbach
[PATCH] scripts/release: Update links to use release assets instead of wiki links,
Petr Lautrbach
[PATCH 1/3] libsepol: Fix RESOURCE_LEAK defects reported by coverity scan,
Petr Lautrbach
runcon in enforcing mode,
Ian Pilcher
KASAN: use-after-free Read in selinux_netlbl_socket_setsockopt,
syzbot
Why is bash calling ioctl?,
Ian Pilcher
[PATCH] python/restorecon: add force option,
Viktor Ashirov
[PATCH v3 0/5] Allow initializing the kernfs node's secctx based on its parent,
Ondrej Mosnacek
[PATCH v2] selinux: replace BUG_ONs with WARN_ONs in avc.c,
Ondrej Mosnacek
[PATCH rdma-next] IB/core: Don't register MAD agents for LSM notifications,
Leon Romanovsky
[PATCH] selinux: replace BUG_ONs with WARN_ONs in avc.c,
Ondrej Mosnacek
ANN: SELinux userspace 2.9-rc1 release candidate, Petr Lautrbach
[PATCH v3 0/4] Report raw context in AVCs + refactoring,
Ondrej Mosnacek
[GitHub PR #118] Add russian translations for man pages,
Petr Lautrbach
[PATCH] restorecond: Install DBUS service file with 644 permissions,
Petr Lautrbach
[PATCH v2] selinux: log invalid contexts in AVCs,
Ondrej Mosnacek
[PATCH 1/3] Travis-CI: upgrade PyPy to 6.0,
Nicolas Iooss
[RFC PATCH] selinux: log invalid contexts in AVCs,
Ondrej Mosnacek
[PATCH 1/1] libselinux: do not dereference symlink with statfs in selinux_restorecon,
Nicolas Iooss
Bug Report: bug if selinux_msg_queue_msgsnd & and selinux_msg_queue_msgrcv,
John Johansen
[GIT PULL] SELinux fixes for v5.0 (#1),
Paul Moore
Re: Kernel memory corruption in CIPSO labeled TCP packets processing.,
Casey Schaufler
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Fedora Desktop]
[Kernel]
[KDE Users]
[Gnome Users]
