Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

Re: Kernel memory corruption in CIPSO labeled TCP packets processing., (continued)
[PATCH 1/1] python/sepolicy: initialize mislabeled_files in __init__(), Nicolas Iooss
- Re: [PATCH 1/1] python/sepolicy: initialize mislabeled_files in __init__(), Petr Lautrbach
  - Re: [PATCH 1/1] python/sepolicy: initialize mislabeled_files in __init__(), Nicolas Iooss
RFC: introduce new library versions for added symbols, Petr Lautrbach
- Re: RFC: introduce new library versions for added symbols, Stephen Smalley
  - Re: RFC: introduce new library versions for added symbols, Petr Lautrbach
    - Re: RFC: introduce new library versions for added symbols, Stephen Smalley
      - [PATCH] libselinux/audit2why.so: Filter out non-python related symbols, Petr Lautrbach
        
        Re: [PATCH] libselinux/audit2why.so: Filter out non-python related symbols, Stephen Smalley
        
        Re: [PATCH] libselinux/audit2why.so: Filter out non-python related symbols, Stephen Smalley
        
        Re: [PATCH] libselinux/audit2why.so: Filter out non-python related symbols, Stephen Smalley
        
        Re: [PATCH] libselinux/audit2why.so: Filter out non-python related symbols, Petr Lautrbach
        
        Re: [PATCH] libselinux/audit2why.so: Filter out non-python related symbols, Petr Lautrbach
[PATCH v2] setsebool: support use of -P on SELinux-disabled hosts, Stephen Smalley
- Re: [PATCH v2] setsebool: support use of -P on SELinux-disabled hosts, Nicolas Iooss
- Re: [PATCH v2] setsebool: support use of -P on SELinux-disabled hosts, Petr Lautrbach
  - Re: [PATCH v2] setsebool: support use of -P on SELinux-disabled hosts, Stephen Smalley
    - Re: [PATCH v2] setsebool: support use of -P on SELinux-disabled hosts, Petr Lautrbach
      - Re: [PATCH v2] setsebool: support use of -P on SELinux-disabled hosts, Stephen Smalley
        
        Re: [PATCH v2] setsebool: support use of -P on SELinux-disabled hosts, Daniel Walsh
        
        Re: [PATCH v2] setsebool: support use of -P on SELinux-disabled hosts, Stephen Smalley
        
        Re: [PATCH v2] setsebool: support use of -P on SELinux-disabled hosts, Daniel Walsh
        
        Re: [PATCH v2] setsebool: support use of -P on SELinux-disabled hosts, Stephen Smalley
[PATCH] setsebool: support use of -P on SELinux-disabled hosts, Stephen Smalley
Re: [PATCH] security/selinux/hooks: remove unneeded semicolon, Paul Moore
last call for selinux 2.9-rc1 release, Petr Lautrbach
[PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Ondrej Mosnacek
- [PATCH v2 1/3] LSM: Add new hook for generic node initialization, Ondrej Mosnacek
  - Re: [PATCH v2 1/3] LSM: Add new hook for generic node initialization, Casey Schaufler
    - Re: [PATCH v2 1/3] LSM: Add new hook for generic node initialization, Paul Moore
      - Re: [PATCH v2 1/3] LSM: Add new hook for generic node initialization, Casey Schaufler
      - Re: [PATCH v2 1/3] LSM: Add new hook for generic node initialization, Ondrej Mosnacek
- [PATCH v2 2/3] selinux: Implement the object_init_security hook, Ondrej Mosnacek
- [PATCH v2 3/3] kernfs: Initialize security of newly created nodes, Ondrej Mosnacek
  - Re: [PATCH v2 3/3] kernfs: Initialize security of newly created nodes, Tejun Heo
- Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Casey Schaufler
  - Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Stephen Smalley
    - Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Casey Schaufler
      - Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Stephen Smalley
        
        Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Casey Schaufler
        
        Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Stephen Smalley
        
        Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Paul Moore
        
        Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Ondrej Mosnacek
        
        Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Casey Schaufler
        
        Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Ondrej Mosnacek
        
        Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Ondrej Mosnacek
        
        Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Stephen Smalley
        
        Re: [PATCH v2 0/3] Allow initializing the kernfs node's secctx based on its parent, Stephen Smalley
general protection fault in ebitmap_destroy, syzbot
- Re: general protection fault in ebitmap_destroy, Stephen Smalley
  - Re: general protection fault in ebitmap_destroy, Paul Moore
[PATCH 0/3] Allow initializing the kernfs node's secctx based on its parent, Ondrej Mosnacek
- [PATCH 1/3] LSM: Add new hook for generic node initialization, Ondrej Mosnacek
  - Re: [PATCH 1/3] LSM: Add new hook for generic node initialization, Stephen Smalley
    - Re: [PATCH 1/3] LSM: Add new hook for generic node initialization, Ondrej Mosnacek
- [PATCH 2/3] selinux: Implement the object_init_security hook, Ondrej Mosnacek
  - Re: [PATCH 2/3] selinux: Implement the object_init_security hook, Stephen Smalley
    - Re: [PATCH 2/3] selinux: Implement the object_init_security hook, Paul Moore
- [PATCH 3/3] kernfs: Initialize security of newly created nodes, Ondrej Mosnacek
  - Re: [PATCH 3/3] kernfs: Initialize security of newly created nodes, Stephen Smalley
    - Re: [PATCH 3/3] kernfs: Initialize security of newly created nodes, Paul Moore
- Re: [PATCH 0/3] Allow initializing the kernfs node's secctx based on its parent, Tejun Heo
  - Re: [PATCH 0/3] Allow initializing the kernfs node's secctx based on its parent, Ondrej Mosnacek
    - Re: [PATCH 0/3] Allow initializing the kernfs node's secctx based on its parent, Ondrej Mosnacek
      - Message not available
        
        Re: [PATCH 0/3] Allow initializing the kernfs node's secctx based on its parent, Tejun Heo
        
        Re: [PATCH 0/3] Allow initializing the kernfs node's secctx based on its parent, Stephen Smalley
        
        Re: [PATCH 0/3] Allow initializing the kernfs node's secctx based on its parent, Daniel Walsh
        
        Re: [PATCH 0/3] Allow initializing the kernfs node's secctx based on its parent, Daniel Walsh
    - Re: [PATCH 0/3] Allow initializing the kernfs node's secctx based on its parent, Tejun Heo
  - Re: [PATCH 0/3] Allow initializing the kernfs node's secctx based on its parent, Stephen Smalley
[PATCH] selinux: avc: mark avc node as not a leak, Prateek Patel
- Re: [PATCH] selinux: avc: mark avc node as not a leak, Catalin Marinas
  - Re: [PATCH] selinux: avc: mark avc node as not a leak, Prateek Patel
[PATCH AUTOSEL 4.20 032/117] selinux: always allow mounting submounts, Sasha Levin
[PATCH AUTOSEL 4.19 25/97] selinux: always allow mounting submounts, Sasha Levin
[PATCH AUTOSEL 4.14 12/53] selinux: always allow mounting submounts, Sasha Levin
[PATCH AUTOSEL 4.9 09/36] selinux: always allow mounting submounts, Sasha Levin
[PATCH v2] libsemanage: set selinux policy root around calls to selinux_boolean_sub, Stephen Smalley
- Re: [PATCH v2] libsemanage: set selinux policy root around calls to selinux_boolean_sub, Petr Lautrbach
  - Re: [PATCH v2] libsemanage: set selinux policy root around calls to selinux_boolean_sub, Nicolas Iooss
[PATCH] libsemanage: set selinux policy root around calls to selinux_boolean_sub, Stephen Smalley
[PATCH 0/5] Run tests in python/ with "make test", Nicolas Iooss
- [PATCH 1/5] Travis-CI: download refpolicy and install headers, Nicolas Iooss
- [PATCH 3/5] python/audit2allow: use local sepolgen-ifgen-attr-helper for tests, Nicolas Iooss
- [PATCH 2/5] python/audit2allow: make the tests useful again, Nicolas Iooss
- [PATCH 4/5] python/sepolgen: refpolicy installs its Makefile in include/Makefile, Nicolas Iooss
- [PATCH 5/5] python: run all the tests with "make test", Nicolas Iooss
  - Re: [PATCH 5/5] python: run all the tests with "make test", Petr Lautrbach
[PATCH 1/1] scripts/run-flake8: run on Python scripts not ending with .py, Nicolas Iooss
- Re: [PATCH 1/1] scripts/run-flake8: run on Python scripts not ending with .py, Petr Lautrbach
  - Re: [PATCH 1/1] scripts/run-flake8: run on Python scripts not ending with .py, Petr Lautrbach
[PATCH 1/2] python/semanage: explain why sepolicy is imported in a function, Nicolas Iooss
- [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it, Nicolas Iooss
  - Re: [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it, Nicolas Iooss
    - Re: [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it, Petr Lautrbach
selinux list move final notice, Stephen Smalley
[PATCH] libsemanage: Always set errno to 0 before calling getpwent(), Laurent Bigonville
- Re: [PATCH] libsemanage: Always set errno to 0 before calling getpwent(), Laurent Bigonville
  - Re: [PATCH] libsemanage: Always set errno to 0 before calling getpwent(), Stephen Smalley
    - Re: [PATCH] libsemanage: Always set errno to 0 before calling getpwent(), Laurent Bigonville
      - Re: [PATCH] libsemanage: Always set errno to 0 before calling getpwent(), Stephen Smalley
        
        Re: [PATCH] libsemanage: Always set errno to 0 before calling getpwent(), Nicolas Iooss
[V2 PATCH 1/3] Makefile: fix _FORTIFY_SOURCE redefined build error, bill . c . roberts
- [V2 PATCH 2/3] build: set _FORTIFY_SOURCE=2 in libselinux, bill . c . roberts
- [V2 PATCH 3/3] Makefile: add -Wstrict-overflow=5 to CFLAGS, bill . c . roberts
- Re: [V2 PATCH 1/3] Makefile: fix _FORTIFY_SOURCE redefined build error, Jason Zaman
  - Re: [V2 PATCH 1/3] Makefile: fix _FORTIFY_SOURCE redefined build error, William Roberts
[GIT PULL] SELinux patches v4.21, Paul Moore
- Re: [GIT PULL] SELinux patches v4.21, pr-tracker-bot
[large PATCH on GitHub] python/sepolgen: upgrade ply to release 3.11, Nicolas Iooss
- Re: [large PATCH on GitHub] python/sepolgen: upgrade ply to release 3.11, Petr Lautrbach
[PATCH 1/4] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it, Nicolas Iooss
- [PATCH 2/4] python/audit2allow/sepolgen-ifgen: add missing \n to error message, Nicolas Iooss
- [PATCH 3/4] python/audit2allow/sepolgen-ifgen: show errors on stderr, Nicolas Iooss
- [PATCH 4/4] python/audit2allow: allow using audit2why as non-root user, Nicolas Iooss
  - Re: [PATCH 4/4] python/audit2allow: allow using audit2why as non-root user, Petr Lautrbach
[PATCH v2 0/2] Fix SELinux context mount with the cgroup filesystem, Ondrej Mosnacek
- [PATCH v2 1/2] selinux: never allow relabeling on context mounts, Ondrej Mosnacek
  - Re: [PATCH v2 1/2] selinux: never allow relabeling on context mounts, Stephen Smalley
- [PATCH v2 2/2] selinux: do not override context on context mounts, Ondrej Mosnacek
  - Re: [PATCH v2 2/2] selinux: do not override context on context mounts, Stephen Smalley
    - Re: [PATCH v2 2/2] selinux: do not override context on context mounts, Ondrej Mosnacek
      - Re: [PATCH v2 2/2] selinux: do not override context on context mounts, Paul Moore
        
        Re: [PATCH v2 2/2] selinux: do not override context on context mounts, Paul Moore
Fix semanage in envinronment without default policy or when -S <store> is used, Petr Lautrbach
- [PATCH 1/4] python/semanage: move valid_types initialisations to class constructors, Petr Lautrbach
  - Re: [PATCH 1/4] python/semanage: move valid_types initialisations to class constructors, Nicolas Iooss
    - Re: [PATCH 1/4] python/semanage: move valid_types initialisations to class constructors, Petr Lautrbach
- [PATCH 2/4] python/semanage: import sepolicy only when it's needed, Petr Lautrbach
- [PATCH 3/4] python/sepolicy: Add sepolicy.load_store_policy(store), Petr Lautrbach
  - Re: [PATCH 3/4] python/sepolicy: Add sepolicy.load_store_policy(store), Nicolas Iooss
    - Re: [PATCH 3/4] python/sepolicy: Add sepolicy.load_store_policy(store), Petr Lautrbach
- [PATCH 4/4] python/semanage: Load a store policy and set the store SELinux policy root, Petr Lautrbach
- [PATCH v2 1/5] python/semanage: move valid_types initialisations to class constructors, Petr Lautrbach
  - [PATCH v2 2/5] python/semanage: import sepolicy only when it's needed, Petr Lautrbach
  - [PATCH v2 3/5] python/sepolicy: Add sepolicy.load_store_policy(store), Petr Lautrbach
  - [PATCH v2 4/5] python/semanage: Load a store policy and set the store SELinux policy root, Petr Lautrbach
  - [PATCH v2 5/5] python/sepolicy: Make policy files sorting more robust, Petr Lautrbach
    - Re: [PATCH v2 5/5] python/sepolicy: Make policy files sorting more robust, Nicolas Iooss
[PATCH 1/3] semanage_migrate_store: fix many Python linter warnings, Nicolas Iooss
- [PATCH 2/3] semanage_migrate_store: remove unused loading of libsepol.so, Nicolas Iooss
- [PATCH 3/3] semanage_migrate_store: switch to space indentation, Nicolas Iooss
  - Re: [PATCH 3/3] semanage_migrate_store: switch to space indentation, Petr Lautrbach
[PATCH] mcstrans: Fix check in raw_color(), Petr Lautrbach
- Re: [PATCH] mcstrans: Fix check in raw_color(), Nicolas Iooss
Fwd: [PATCH 3/7] selinux: convert to kvmalloc, Stephen Smalley
- Re: Fwd: [PATCH 3/7] selinux: convert to kvmalloc, peter enderborg
[PATCH 1/1] python/sepolgen: always indent with 4 spaces, Nicolas Iooss
- Re: [PATCH 1/1] python/sepolgen: always indent with 4 spaces, Petr Lautrbach
[PATCH 1/2] mcstrans: convert test scripts to Python 3, Nicolas Iooss
- [PATCH 2/2] mcstrans: fix Python linter warnings on test scripts, Nicolas Iooss
  - Re: [PATCH 2/2] mcstrans: fix Python linter warnings on test scripts, Petr Lautrbach
[PATCH 1/2] Makefile: fix _FORTIFY_SOURCE redefined build error, bill . c . roberts
- [PATCH 2/2] Makefile: add -Wstrict-overflow=5 to CFLAGS, bill . c . roberts
- Re: [PATCH 1/2] Makefile: fix _FORTIFY_SOURCE redefined build error, Stephen Smalley
  - Re: [PATCH 1/2] Makefile: fix _FORTIFY_SOURCE redefined build error, Stephen Smalley
    - Re: [PATCH 1/2] Makefile: fix _FORTIFY_SOURCE redefined build error, William Roberts
      - Re: [PATCH 1/2] Makefile: fix _FORTIFY_SOURCE redefined build error, William Roberts
        
        Re: [PATCH 1/2] Makefile: fix _FORTIFY_SOURCE redefined build error, William Roberts
        
        Re: [PATCH 1/2] Makefile: fix _FORTIFY_SOURCE redefined build error, Jason Zaman
        
        Re: [PATCH 1/2] Makefile: fix _FORTIFY_SOURCE redefined build error, Patrick Steinhardt
        
        Re: [PATCH 1/2] Makefile: fix _FORTIFY_SOURCE redefined build error, William Roberts
        
        Re: [PATCH 1/2] Makefile: fix _FORTIFY_SOURCE redefined build error, Stephen Smalley
        
        Re: [PATCH 1/2] Makefile: fix _FORTIFY_SOURCE redefined build error, William Roberts
[RFC PATCH 0/3] Fix SELinux context mount with the cgroup filesystem, Ondrej Mosnacek
- [RFC PATCH 1/3] cgroup: fix parsing empty mount option string, Ondrej Mosnacek
  - Re: [RFC PATCH 1/3] cgroup: fix parsing empty mount option string, Tejun Heo
    - Re: [RFC PATCH 1/3] cgroup: fix parsing empty mount option string, Ondrej Mosnacek
      - Re: [RFC PATCH 1/3] cgroup: fix parsing empty mount option string, Tejun Heo
- [RFC PATCH 2/3] selinux: never allow relabeling on context mounts, Ondrej Mosnacek
  - Re: [RFC PATCH 2/3] selinux: never allow relabeling on context mounts, Stephen Smalley
    - Re: [RFC PATCH 2/3] selinux: never allow relabeling on context mounts, Ondrej Mosnacek
- [RFC PATCH 3/3] selinux: do not override context on context mounts, Ondrej Mosnacek
  - Re: [RFC PATCH 3/3] selinux: do not override context on context mounts, Stephen Smalley
    - Re: [RFC PATCH 3/3] selinux: do not override context on context mounts, Ondrej Mosnacek
      - Re: [RFC PATCH 3/3] selinux: do not override context on context mounts, Stephen Smalley
        
        Re: [RFC PATCH 3/3] selinux: do not override context on context mounts, Ondrej Mosnacek
SELinux testsuite failure in overlayfs with v4.20-rc kernels, James Morris
- Re: SELinux testsuite failure in overlayfs with v4.20-rc kernels, Paul Moore
  - Re: SELinux testsuite failure in overlayfs with v4.20-rc kernels, James Morris
  - Re: SELinux testsuite failure in overlayfs with v4.20-rc kernels, James Morris
    - Re: SELinux testsuite failure in overlayfs with v4.20-rc kernels, Paul Moore
[PATCH] python/sepolicy: search() also for dontaudit rules, Petr Lautrbach
- Re: [PATCH] python/sepolicy: search() also for dontaudit rules, Nicolas Iooss
  - Re: [PATCH] python/sepolicy: search() also for dontaudit rules, Petr Lautrbach
[PATCH 1/2] selinux: avoid silent denials in permissive mode under RCU walk, Stephen Smalley
- [PATCH 2/2] selinux: stop passing MAY_NOT_BLOCK to the AVC upon follow_link, Stephen Smalley
  - Re: [PATCH 2/2] selinux: stop passing MAY_NOT_BLOCK to the AVC upon follow_link, Paul Moore
[PATCH 1/1] python/semanage: do not show "None" levels when using a non-MLS policy, Nicolas Iooss
- Re: [PATCH 1/1] python/semanage: do not show "None" levels when using a non-MLS policy, Petr Lautrbach
  - Re: [PATCH 1/1] python/semanage: do not show "None" levels when using a non-MLS policy, Nicolas Iooss
[PATCH 1/2] python/chcat: improve the code readability, Nicolas Iooss
- [PATCH 2/2] python/chcat: fix removing categories on users with Fedora default setup, Nicolas Iooss
  - Re: [PATCH 2/2] python/chcat: fix removing categories on users with Fedora default setup, Petr Lautrbach
    - Re: [PATCH 2/2] python/chcat: fix removing categories on users with Fedora default setup, Petr Lautrbach
- Re: [PATCH 1/2] python/chcat: improve the code readability, Petr Lautrbach
[RFC PATCH v2 1/2] selinux: avoid silent denials in permissive mode under RCU walk, Stephen Smalley
- [RFC PATCH v2 2/2] selinux: stop passing MAY_NOT_BLOCK to the AVC upon follow_link, Stephen Smalley
[RFC][PATCH] selinux: avoid silent denials in permissive mode under RCU walk, Stephen Smalley
- Re: [RFC][PATCH] selinux: avoid silent denials in permissive mode under RCU walk, Stephen Smalley
- Re: [RFC][PATCH] selinux: avoid silent denials in permissive mode under RCU walk, Paul Moore
  - Re: [RFC][PATCH] selinux: avoid silent denials in permissive mode under RCU walk, BMK
  - Re: [RFC][PATCH] selinux: avoid silent denials in permissive mode under RCU walk, Stephen Smalley
    - Re: [RFC][PATCH] selinux: avoid silent denials in permissive mode under RCU walk, Paul Moore
    - Re: [RFC][PATCH] selinux: avoid silent denials in permissive mode under RCU walk, Stephen Smalley
[PATCH] python/semanage: Start exporting "ibendport" and "ibpkey" entries, Vit Mojzis
- Re: [PATCH] python/semanage: Start exporting "ibendport" and "ibpkey" entries, Nicolas Iooss
[PATCH] python/semanage: Include MCS/MLS range when exporting local customizations, Vit Mojzis
- Re: [PATCH] python/semanage: Include MCS/MLS range when exporting local customizations, Nicolas Iooss
SELinux logging problem, BMK
- Re: SELinux logging problem, Stephen Smalley
  - Re: SELinux logging problem, Stephen Smalley
    - Re: SELinux logging problem, BMK
      - Re: SELinux logging problem, Stephen Smalley
        
        Re: SELinux logging problem, BMK
        
        Re: SELinux logging problem, Stephen Smalley
        
        Re: SELinux logging problem, BMK
        
        Re: SELinux logging problem, Stephen Smalley
        
        Re: SELinux logging problem, BMK
[PATCH] python/chcat: use check_call instead of getstatusoutput, Petr Lautrbach
- Re: [PATCH] python/chcat: use check_call instead of getstatusoutput, Nicolas Iooss
[RFC PATCH v4 0/2] Fix ENOMEM errors during policy reload, Ondrej Mosnacek
- [RFC PATCH v4 1/2] selinux: use separate table for initial SID lookup, Ondrej Mosnacek
  - Re: [RFC PATCH v4 1/2] selinux: use separate table for initial SID lookup, Stephen Smalley
  - Re: [RFC PATCH v4 1/2] selinux: use separate table for initial SID lookup, Paul Moore
    - Re: [RFC PATCH v4 1/2] selinux: use separate table for initial SID lookup, Ondrej Mosnacek
      - Re: [RFC PATCH v4 1/2] selinux: use separate table for initial SID lookup, Paul Moore
- [RFC PATCH v4 2/2] selinux: overhaul sidtab to fix bug and improve performance, Ondrej Mosnacek
  - Re: [RFC PATCH v4 2/2] selinux: overhaul sidtab to fix bug and improve performance, Stephen Smalley
  - Re: [RFC PATCH v4 2/2] selinux: overhaul sidtab to fix bug and improve performance, Paul Moore
    - Re: [RFC PATCH v4 2/2] selinux: overhaul sidtab to fix bug and improve performance, Ondrej Mosnacek
      - Re: [RFC PATCH v4 2/2] selinux: overhaul sidtab to fix bug and improve performance, Paul Moore
Kernel Ueventd KConfig, William Roberts
- Re: Kernel Ueventd KConfig, William Roberts
  - Re: Kernel Ueventd KConfig, Stephen Smalley
Security modules and sending signals within the same process, Florian Weimer
- Re: Security modules and sending signals within the same process, Stephen Smalley
  - Re: Security modules and sending signals within the same process, Florian Weimer
- Re: Security modules and sending signals within the same process, Casey Schaufler
  - Re: Security modules and sending signals within the same process, Florian Weimer
  - Re: [apparmor] Security modules and sending signals within the same process, John Johansen
[GIT PULL] SELinux fixes for v4.20 (#2), Paul Moore
- Re: [GIT PULL] SELinux fixes for v4.20 (#2), pr-tracker-bot
[RFC PATCH v3 0/9] Fix ENOMEM errors during policy reload, Ondrej Mosnacek
- [RFC PATCH v3 2/9] [squash] do not store entry for SECSID_NULL, Ondrej Mosnacek
- [RFC PATCH v3 1/9] selinux: use separate table for initial SID lookup, Ondrej Mosnacek
- [RFC PATCH v3 3/9] [fixup] fix handling of SECSID_NULL, Ondrej Mosnacek
  - Re: [RFC PATCH v3 3/9] [fixup] fix handling of SECSID_NULL, Paul Moore
    - Re: [RFC PATCH v3 3/9] [fixup] fix handling of SECSID_NULL, Ondrej Mosnacek
- [RFC PATCH v3 4/9] [fixup] cosmetic tweak for sidtab_search_core(), Ondrej Mosnacek
- [RFC PATCH v3 6/9] [fixup] fix handling of invalid context in convert_context, Ondrej Mosnacek
- [RFC PATCH v3 7/9] [fixup] remove the now unneeded 'out' label, Ondrej Mosnacek
- [RFC PATCH v3 5/9] selinux: overhaul sidtab to fix bug and improve performance, Ondrej Mosnacek
- [RFC PATCH v3 8/9] [fixup] fix SIDTAB_LEAF_ENTRIES to use the correct size macro, Ondrej Mosnacek
- [RFC PATCH v3 9/9] [squash] add back reverse lookup cache to sidtab, Ondrej Mosnacek
[PATCH] selinux: add support for RTM_NEWCHAIN, RTM_DELCHAIN, and RTM_GETCHAIN, Paul Moore
- Re: [PATCH] selinux: add support for RTM_NEWCHAIN, RTM_DELCHAIN, and RTM_GETCHAIN, Paul Moore
  - Re: [PATCH] selinux: add support for RTM_NEWCHAIN, RTM_DELCHAIN, and RTM_GETCHAIN, David Miller
[PATCH] selinux-testsuite: enable multiport netfilter match for sctp tests, Stephen Smalley
- Re: [PATCH] selinux-testsuite: enable multiport netfilter match for sctp tests, Paul Moore
overlayfs access checks on underlying layers, Miklos Szeredi
- Re: overlayfs access checks on underlying layers, Miklos Szeredi
  - Re: overlayfs access checks on underlying layers, Vivek Goyal
    - Re: overlayfs access checks on underlying layers, Miklos Szeredi
      - Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Miklos Szeredi
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Miklos Szeredi
        
        Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Mark Salyzyn
        
        Re: overlayfs access checks on underlying layers, Casey Schaufler
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Amir Goldstein
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Miklos Szeredi
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Miklos Szeredi
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Miklos Szeredi
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Miklos Szeredi
        
        Re: overlayfs access checks on underlying layers, Paul Moore
        
        Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Miklos Szeredi
        
        Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Vivek Goyal
        
        Re: overlayfs access checks on underlying layers, Daniel Walsh
        
        Re: overlayfs access checks on underlying layers, Paul Moore
        
        Re: overlayfs access checks on underlying layers, Stephen Smalley
        
        Re: overlayfs access checks on underlying layers, Paul Moore
[PATCH v5 00/38] LSM: Module stacking for SARA and Landlock, Casey Schaufler
- [PATCH v5 11/38] LSM: Separate idea of "major" LSM from "exclusive" LSM, Casey Schaufler
- [PATCH v5 12/38] apparmor: Remove SECURITY_APPARMOR_BOOTPARAM_VALUE, Casey Schaufler
- [PATCH v5 07/38] LSM: Introduce "lsm=" for boottime LSM selection, Casey Schaufler
- [PATCH v5 14/38] LSM: Add all exclusive LSMs to ordered initialization, Casey Schaufler
- [PATCH v5 13/38] selinux: Remove SECURITY_SELINUX_BOOTPARAM_VALUE, Casey Schaufler
- [PATCH v5 18/38] LSM: Introduce enum lsm_order, Casey Schaufler
- [PATCH v5 16/38] LoadPin: Initialize as ordered LSM, Casey Schaufler
- [PATCH v5 19/38] capability: Initialize as LSM_ORDER_FIRST, Casey Schaufler
- [PATCH v5 20/38] procfs: add smack subdir to attrs, Casey Schaufler
- [PATCH v5 25/38] AppArmor: Abstract use of cred security blob, Casey Schaufler
- [PATCH v5 26/38] TOMOYO: Abstract use of cred security blob, Casey Schaufler
- [PATCH v5 27/38] Infrastructure management of the cred security blob, Casey Schaufler
- [PATCH v5 30/38] LSM: Infrastructure management of the file security, Casey Schaufler
- [PATCH v5 31/38] SELinux: Abstract use of inode security blob, Casey Schaufler
- [PATCH v5 34/38] LSM: Infrastructure management of the task security, Casey Schaufler
- [PATCH v5 32/38] Smack: Abstract use of inode security blob, Casey Schaufler
- [PATCH v5 35/38] SELinux: Abstract use of ipc security blobs, Casey Schaufler
- [PATCH v5 33/38] LSM: Infrastructure management of the inode security, Casey Schaufler
- [PATCH v5 15/38] LSM: Split LSM preparation from initialization, Casey Schaufler
- [PATCH v5 36/38] Smack: Abstract use of ipc security blobs, Casey Schaufler
- [PATCH v5 37/38] LSM: Infrastructure management of the ipc security blob, Casey Schaufler
- [PATCH v5 38/38] TOMOYO: Update LSM flags to no longer be exclusive, Casey Schaufler
- [PATCH v5 28/38] SELinux: Abstract use of file security blob, Casey Schaufler
- [PATCH v5 01/38] LSM: Introduce LSM_FLAG_LEGACY_MAJOR, Casey Schaufler
  - Re: [PATCH v5 01/38] LSM: Introduce LSM_FLAG_LEGACY_MAJOR, Kees Cook
    - Re: [PATCH v5 01/38] LSM: Introduce LSM_FLAG_LEGACY_MAJOR, Ondrej Mosnacek
    - Re: [PATCH v5 01/38] LSM: Introduce LSM_FLAG_LEGACY_MAJOR, Casey Schaufler
- [PATCH v5 09/38] LSM: Prepare for reorganizing "security=" logic, Casey Schaufler
- [PATCH v5 03/38] LSM: Plumb visibility into optional "enabled" state, Casey Schaufler
- [PATCH v5 24/38] SELinux: Remove unused selinux_is_enabled, Casey Schaufler
- [PATCH v5 29/38] Smack: Abstract use of file security blob, Casey Schaufler
- [PATCH v5 17/38] Yama: Initialize as ordered LSM, Casey Schaufler
- [PATCH v5 02/38] LSM: Provide separate ordered initialization, Casey Schaufler
- [PATCH v5 04/38] LSM: Lift LSM selection out of individual LSMs, Casey Schaufler
- [PATCH v5 06/38] LSM: Introduce CONFIG_LSM, Casey Schaufler
- [PATCH v5 08/38] LSM: Tie enabling logic to presence in ordered list, Casey Schaufler
- [PATCH v5 05/38] LSM: Build ordered list of LSMs to initialize, Casey Schaufler
- [PATCH v5 10/38] LSM: Refactor "security=" in terms of enable/disable, Casey Schaufler
- [PATCH v5 23/38] SELinux: Remove cred security blob poisoning, Casey Schaufler
- [PATCH v5 22/38] SELinux: Abstract use of cred security blob, Casey Schaufler
- [PATCH v5 21/38] Smack: Abstract use of cred security blob, Casey Schaufler
- Message not available
  - Re: [PATCH v5 00/38] LSM: Module stacking for SARA and Landlock, James Morris
    - Re: [PATCH v5 00/38] LSM: Module stacking for SARA and Landlock, Kees Cook
      - Re: [PATCH v5 00/38] LSM: Module stacking for SARA and Landlock, Kees Cook
        
        Re: [PATCH v5 00/38] LSM: Module stacking for SARA and Landlock, James Morris
        
        Re: [PATCH v5 00/38] LSM: Module stacking for SARA and Landlock, Casey Schaufler
        
        Re: [PATCH v5 00/38] LSM: Module stacking for SARA and Landlock, Kees Cook
        
        Re: [PATCH v5 00/38] LSM: Module stacking for SARA and Landlock, Casey Schaufler
- <Possible follow-ups>
- [PATCH v5 00/38] LSM: Module stacking for SARA and Landlock, Casey Schaufler
  - [PATCH v5 01/38] LSM: Introduce LSM_FLAG_LEGACY_MAJOR, Casey Schaufler
  - [PATCH v5 21/38] Smack: Abstract use of cred security blob, Casey Schaufler
  - [PATCH v5 20/38] procfs: add smack subdir to attrs, Casey Schaufler
  - [PATCH v5 29/38] Smack: Abstract use of file security blob, Casey Schaufler
  - [PATCH v5 37/38] LSM: Infrastructure management of the ipc security blob, Casey Schaufler
  - [PATCH v5 33/38] LSM: Infrastructure management of the inode security, Casey Schaufler
  - [PATCH v5 36/38] Smack: Abstract use of ipc security blobs, Casey Schaufler
  - [PATCH v5 35/38] SELinux: Abstract use of ipc security blobs, Casey Schaufler
  - [PATCH v5 34/38] LSM: Infrastructure management of the task security, Casey Schaufler
  - [PATCH v5 30/38] LSM: Infrastructure management of the file security, Casey Schaufler
  - [PATCH v5 32/38] Smack: Abstract use of inode security blob, Casey Schaufler
  - [PATCH v5 31/38] SELinux: Abstract use of inode security blob, Casey Schaufler
  - [PATCH v5 28/38] SELinux: Abstract use of file security blob, Casey Schaufler
  - [PATCH v5 24/38] SELinux: Remove unused selinux_is_enabled, Casey Schaufler
  - [PATCH v5 27/38] Infrastructure management of the cred security blob, Casey Schaufler
  - [PATCH v5 26/38] TOMOYO: Abstract use of cred security blob, Casey Schaufler
  - [PATCH v5 25/38] AppArmor: Abstract use of cred security blob, Casey Schaufler
  - [PATCH v5 22/38] SELinux: Abstract use of cred security blob, Casey Schaufler
  - [PATCH v5 23/38] SELinux: Remove cred security blob poisoning, Casey Schaufler
  - [PATCH v5 19/38] capability: Initialize as LSM_ORDER_FIRST, Casey Schaufler
  - [PATCH v5 16/38] LoadPin: Initialize as ordered LSM, Casey Schaufler
  - [PATCH v5 18/38] LSM: Introduce enum lsm_order, Casey Schaufler
  - [PATCH v5 17/38] Yama: Initialize as ordered LSM, Casey Schaufler
  - [PATCH v5 13/38] selinux: Remove SECURITY_SELINUX_BOOTPARAM_VALUE, Casey Schaufler
  - [PATCH v5 11/38] LSM: Separate idea of "major" LSM from "exclusive" LSM, Casey Schaufler
  - [PATCH v5 12/38] apparmor: Remove SECURITY_APPARMOR_BOOTPARAM_VALUE, Casey Schaufler
  - [PATCH v5 14/38] LSM: Add all exclusive LSMs to ordered initialization, Casey Schaufler
  - [PATCH v5 15/38] LSM: Split LSM preparation from initialization, Casey Schaufler
  - [PATCH v5 08/38] LSM: Tie enabling logic to presence in ordered list, Casey Schaufler
  - [PATCH v5 10/38] LSM: Refactor "security=" in terms of enable/disable, Casey Schaufler
  - [PATCH v5 09/38] LSM: Prepare for reorganizing "security=" logic, Casey Schaufler
  - [PATCH v5 07/38] LSM: Introduce "lsm=" for boottime LSM selection, Casey Schaufler
  - [PATCH v5 05/38] LSM: Build ordered list of LSMs to initialize, Casey Schaufler
  - [PATCH v5 04/38] LSM: Lift LSM selection out of individual LSMs, Casey Schaufler
  - [PATCH v5 06/38] LSM: Introduce CONFIG_LSM, Casey Schaufler
  - [PATCH v5 03/38] LSM: Plumb visibility into optional "enabled" state, Casey Schaufler
  - [PATCH v5 02/38] LSM: Provide separate ordered initialization, Casey Schaufler
  - [PATCH v5 38/38] TOMOYO: Update LSM flags to no longer be exclusive, Casey Schaufler
[RFC PATCH v2 0/4] Fix ENOMEM errors during policy reload, Ondrej Mosnacek
- [RFC PATCH v2 1/4] selinux: use separate table for initial SID lookup, Ondrej Mosnacek
- [RFC PATCH v2 2/4] [squash] do not store entry for SECSID_NULL, Ondrej Mosnacek
  - Re: [RFC PATCH v2 2/4] [squash] do not store entry for SECSID_NULL, Stephen Smalley
    - Re: [RFC PATCH v2 2/4] [squash] do not store entry for SECSID_NULL, Stephen Smalley
    - Re: [RFC PATCH v2 2/4] [squash] do not store entry for SECSID_NULL, Ondrej Mosnacek
      - Re: [RFC PATCH v2 2/4] [squash] do not store entry for SECSID_NULL, Ondrej Mosnacek
- [RFC PATCH v2 4/4] [squash] add back reverse lookup cache to sidtab, Ondrej Mosnacek
- [RFC PATCH v2 3/4] selinux: overhaul sidtab to fix bug and improve performance, Ondrej Mosnacek
  - Re: [RFC PATCH v2 3/4] selinux: overhaul sidtab to fix bug and improve performance, Stephen Smalley
    - Re: [RFC PATCH v2 3/4] selinux: overhaul sidtab to fix bug and improve performance, Ondrej Mosnacek
Re: linux-next: manual merge of the selinux tree with the vfs tree, Ondrej Mosnacek
- Re: linux-next: manual merge of the selinux tree with the vfs tree, Ondrej Mosnacek
- Re: linux-next: manual merge of the selinux tree with the vfs tree, Stephen Rothwell
  - Re: linux-next: manual merge of the selinux tree with the vfs tree, Paul Moore
    - Re: linux-next: manual merge of the selinux tree with the vfs tree, Ondrej Mosnacek
      - Re: linux-next: manual merge of the selinux tree with the vfs tree, Paul Moore
        
        Re: linux-next: manual merge of the selinux tree with the vfs tree, Al Viro
        
        Re: linux-next: manual merge of the selinux tree with the vfs tree, Casey Schaufler
        
        Re: linux-next: manual merge of the selinux tree with the vfs tree, Al Viro
        
        Re: linux-next: manual merge of the selinux tree with the vfs tree, Al Viro
      - Re: linux-next: manual merge of the selinux tree with the vfs tree, Ondrej Mosnacek
        
        Re: linux-next: manual merge of the selinux tree with the vfs tree, Ondrej Mosnacek
        
        Re: linux-next: manual merge of the selinux tree with the vfs tree, Ondrej Mosnacek
        
        Re: linux-next: manual merge of the selinux tree with the vfs tree, Al Viro
        
        Re: linux-next: manual merge of the selinux tree with the vfs tree, Ondrej Mosnacek
        
        Re: linux-next: manual merge of the selinux tree with the vfs tree, Al Viro
        
        Re: linux-next: manual merge of the selinux tree with the vfs tree, Casey Schaufler
- Message not available
  - Re: linux-next: manual merge of the selinux tree with the vfs tree, David Howells
    - Re: linux-next: manual merge of the selinux tree with the vfs tree, Ondrej Mosnacek
[PATCH] selinux: make "selinux_policycap_names[]" const char *, Alexey Dobriyan
- Re: [PATCH] selinux: make "selinux_policycap_names[]" const char *, Paul Moore
Re: [PATCH] libsepol: ibpkeys.c: fix printf format string specifiers for subnet_prefix, Nicolas Iooss
[PATCH 1/1] Documentation: Update SELinux reference policy URL, Petr Vorel
- Re: [PATCH 1/1] Documentation: Update SELinux reference policy URL, Paul Moore
[PATCH] selinux: always allow mounting submounts, Ondrej Mosnacek
- Re: [PATCH] selinux: always allow mounting submounts, Ondrej Mosnacek
- Re: [PATCH] selinux: always allow mounting submounts, Paul Moore
  - Re: [PATCH] selinux: always allow mounting submounts, Ondrej Mosnacek
    - Re: [PATCH] selinux: always allow mounting submounts, Ondrej Mosnacek
      - Re: [PATCH] selinux: always allow mounting submounts, Paul Moore
        
        Re: [PATCH] selinux: always allow mounting submounts, Eric W. Biederman
        
        Re: [PATCH] selinux: always allow mounting submounts, Ondrej Mosnacek
        
        Re: [PATCH] selinux: always allow mounting submounts, Eric W. Biederman
[PATCH] dbus: remove deprecated at_console statement, Petr Lautrbach
- Re: [PATCH] dbus: remove deprecated at_console statement, Petr Lautrbach
  - Re: [PATCH] dbus: remove deprecated at_console statement, Petr Lautrbach
Container SELinux Customization tool - udica, Lukas Vrabec
[GIT PULL] SELinux fixes for v4.20 (#1), Paul Moore
- Re: [GIT PULL] SELinux fixes for v4.20 (#1), pr-tracker-bot
[PATCH] selinux: fix non-MLS handling in mls_context_to_sid(), Paul Moore
- Re: [PATCH] selinux: fix non-MLS handling in mls_context_to_sid(), Paul Moore
Kernel panic - not syncing: corrupted stack end detected inside scheduler, Qian Cai
[RFC PATCH 0/3] Fix ENOMEM errors during policy reload, Ondrej Mosnacek
- [RFC PATCH 1/3] selinux: refactor sidtab conversion, Ondrej Mosnacek
  - Re: [RFC PATCH 1/3] selinux: refactor sidtab conversion, Stephen Smalley
  - Re: [RFC PATCH 1/3] selinux: refactor sidtab conversion, Paul Moore
    - Re: [RFC PATCH 1/3] selinux: refactor sidtab conversion, Ondrej Mosnacek
- [RFC PATCH 2/3] selinux: use separate table for initial SID lookup, Ondrej Mosnacek
  - Re: [RFC PATCH 2/3] selinux: use separate table for initial SID lookup, Stephen Smalley
    - Re: [RFC PATCH 2/3] selinux: use separate table for initial SID lookup, Ondrej Mosnacek
      - Re: [RFC PATCH 2/3] selinux: use separate table for initial SID lookup, Stephen Smalley
        
        Re: [RFC PATCH 2/3] selinux: use separate table for initial SID lookup, Ondrej Mosnacek
- [RFC PATCH 3/3] selinux: overhaul sidtab to fix bug and improve performance, Ondrej Mosnacek
BUG: KASAN: slab-out-of-bounds in selinux_sctp_bind_connect+0x60/0x150, Qian Cai
- Re: BUG: KASAN: slab-out-of-bounds in selinux_sctp_bind_connect+0x60/0x150, Paul Moore
  - Re: BUG: KASAN: slab-out-of-bounds in selinux_sctp_bind_connect+0x60/0x150, Qian Cai
    - Re: BUG: KASAN: slab-out-of-bounds in selinux_sctp_bind_connect+0x60/0x150, Paul Moore
      - Re: BUG: KASAN: slab-out-of-bounds in selinux_sctp_bind_connect+0x60/0x150, Qian Cai
        
        Re: BUG: KASAN: slab-out-of-bounds in selinux_sctp_bind_connect+0x60/0x150, Paul Moore
        
        Re: BUG: KASAN: slab-out-of-bounds in selinux_sctp_bind_connect+0x60/0x150, Qian Cai
        
        Re: BUG: KASAN: slab-out-of-bounds in selinux_sctp_bind_connect+0x60/0x150, Paul Moore
- [PATCH] selinux: check length properly in SCTP bind hook, Ondrej Mosnacek
  - Re: [PATCH] selinux: check length properly in SCTP bind hook, Paul Moore
  - Re: [PATCH] selinux: check length properly in SCTP bind hook, Qian Cai
    - Re: [PATCH] selinux: check length properly in SCTP bind hook, Paul Moore
[PATCH v3] selinux: simplify mls_context_to_sid(), Ondrej Mosnacek
- Re: [PATCH v3] selinux: simplify mls_context_to_sid(), Stephen Smalley
  - Re: [PATCH v3] selinux: simplify mls_context_to_sid(), Paul Moore
    - Re: [PATCH v3] selinux: simplify mls_context_to_sid(), Ondrej Mosnacek
    - Re: [PATCH v3] selinux: simplify mls_context_to_sid(), Stephen Smalley
      - Re: [PATCH v3] selinux: simplify mls_context_to_sid(), Stephen Smalley
- Re: [PATCH v3] selinux: simplify mls_context_to_sid(), Paul Moore
  - Re: [PATCH v3] selinux: simplify mls_context_to_sid(), Ondrej Mosnacek
[no subject], Ravi Kumar
- Re:, Ravi Kumar
- Re:, Ondrej Mosnacek
  - Re: Android kill capability denials, Stephen Smalley
    - Re: Android kill capability denials, Stephen Smalley
[PATCH 1/1] gui: remove html_util.py, Nicolas Iooss
- Re: [PATCH 1/1] gui: remove html_util.py, Petr Lautrbach
  - Re: [PATCH 1/1] gui: remove html_util.py, Petr Lautrbach
Re: [PATCH 1/1] libselinux: selinux_restorecon: fix printf format string specifier for uint64_t, Nicolas Iooss
ANN: SETools 4.2.0, Chris PeBenito
[PATCH v2] selinux: simplify mls_context_to_sid(), Ondrej Mosnacek
[PATCH] selinux: simplify mls_context_to_sid(), Ondrej Mosnacek
Re: [PATCH] python: replace aliases with corresponding type names, Vit Mojzis
- Re: [PATCH] python: replace aliases with corresponding type names, Nicolas Iooss
Re: [PATCH] libsemanage: set selinux policy root to match semanage root or storename, Nicolas Iooss
- Re: [PATCH] libsemanage: set selinux policy root to match semanage root or storename, Stephen Smalley
  - Re: [PATCH] libsemanage: set selinux policy root to match semanage root or storename, Stephen Smalley
Re: [PATCH 1/1] libsepol: mark permissive types when loading a binary policy, Nicolas Iooss
- Re: [Non-DoD Source] Re: [PATCH 1/1] libsepol: mark permissive types when loading a binary policy, jwcart2
SELinux MLS for Apache Process, Ishara Fernando
- Re: SELinux MLS for Apache Process, Stephen Smalley
  - Re: SELinux MLS for Apache Process, Ishara Fernando
    - Re: SELinux MLS for Apache Process, Stephen Smalley
      - Re: SELinux MLS for Apache Process, Ishara Fernando
        
        Re: SELinux MLS for Apache Process, Stephen Smalley
        
        Re: SELinux MLS for Apache Process, Ishara Fernando
[PATCH v6 0/5] LSM: Support ptrace sidechannel access checks, Casey Schaufler
- [PATCH v6 2/5] Smack: Prepare for PTRACE_MODE_SCHED, Casey Schaufler
- [PATCH v6 3/5] SELinux: Prepare for PTRACE_MODE_SCHED, Casey Schaufler
- [PATCH v6 4/5] Capability: Complete PTRACE_MODE_SCHED, Casey Schaufler
- [PATCH v6 5/5] sidechannel: Linux Security Module for sidechannel, Casey Schaufler
  - Re: [PATCH v6 5/5] sidechannel: Linux Security Module for sidechannel, Randy Dunlap
- [PATCH v6 1/5] AppArmor: Prepare for PTRACE_MODE_SCHED, Casey Schaufler
[PATCH 0/2] Fix ENOMEM errors during policy reload, Ondrej Mosnacek
- [PATCH 2/2] selinux: fix ENOMEM errors during policy reload, Ondrej Mosnacek
  - Re: [PATCH 2/2] selinux: fix ENOMEM errors during policy reload, Ondrej Mosnacek
    - Re: [PATCH 2/2] selinux: fix ENOMEM errors during policy reload, Ondrej Mosnacek
  - Re: [PATCH 2/2] selinux: fix ENOMEM errors during policy reload, Stephen Smalley
    - Re: [PATCH 2/2] selinux: fix ENOMEM errors during policy reload, Stephen Smalley
      - Re: [PATCH 2/2] selinux: fix ENOMEM errors during policy reload, Ondrej Mosnacek
    - Re: [PATCH 2/2] selinux: fix ENOMEM errors during policy reload, Ondrej Mosnacek
- [PATCH 1/2] selinux: use separate table for initial SID lookup, Ondrej Mosnacek
  - Re: [PATCH 1/2] selinux: use separate table for initial SID lookup, Stephen Smalley
    - Re: [PATCH 1/2] selinux: use separate table for initial SID lookup, Ondrej Mosnacek
      - Re: [PATCH 1/2] selinux: use separate table for initial SID lookup, Paul Moore
cil mlsconstrain, Ted Toth
- Re: cil mlsconstrain, Stephen Smalley
  - Re: cil mlsconstrain, Ted Toth
    - Re: cil mlsconstrain, Stephen Smalley
      - Re: cil mlsconstrain, Ted Toth
[PATCH v6] selinux: policydb - fix byte order and alignment issues, Ondrej Mosnacek
- Re: [PATCH v6] selinux: policydb - fix byte order and alignment issues, Stephen Smalley
- Re: [PATCH v6] selinux: policydb - fix byte order and alignment issues, Paul Moore
[PATCH v2] libsepol: add missing ibendport port validity check, Ondrej Mosnacek
- Re: [PATCH v2] libsepol: add missing ibendport port validity check, William Roberts
  - Re: [PATCH v2] libsepol: add missing ibendport port validity check, William Roberts
[PATCH v5] selinux: policydb - fix byte order and alignment issues, Ondrej Mosnacek
[PATCH] libsepol: add missing ibendport port validity check, Ondrej Mosnacek
- Re: [PATCH] libsepol: add missing ibendport port validity check, William Roberts
  - Re: [PATCH] libsepol: add missing ibendport port validity check, Ondrej Mosnacek
[PATCH v4] selinux: policydb - fix byte order and alignment issues, Ondrej Mosnacek
- Re: [PATCH v4] selinux: policydb - fix byte order and alignment issues, William Roberts
- Re: [PATCH v4] selinux: policydb - fix byte order and alignment issues, Stephen Smalley
  - Re: [PATCH v4] selinux: policydb - fix byte order and alignment issues, William Roberts
    - Re: [PATCH v4] selinux: policydb - fix byte order and alignment issues, Ondrej Mosnacek
  - Re: [PATCH v4] selinux: policydb - fix byte order and alignment issues, Ondrej Mosnacek
[PATCH v2] libsepol: fix endianity in ibpkey range checks, Ondrej Mosnacek
- Re: [PATCH v2] libsepol: fix endianity in ibpkey range checks, William Roberts
[PATCH] libsepol: fix endianity in ibpkey range checks, Ondrej Mosnacek
- Re: [PATCH] libsepol: fix endianity in ibpkey range checks, William Roberts
- Re: [PATCH] libsepol: fix endianity in ibpkey range checks, Stephen Smalley
  - Re: [PATCH] libsepol: fix endianity in ibpkey range checks, William Roberts
- Re: [PATCH] libsepol: fix endianity in ibpkey range checks, William Roberts
  - Re: [PATCH] libsepol: fix endianity in ibpkey range checks, Paul Moore
    - Re: [PATCH] libsepol: fix endianity in ibpkey range checks, Stephen Smalley
      - Re: [PATCH] libsepol: fix endianity in ibpkey range checks, William Roberts
  - Re: [PATCH] libsepol: fix endianity in ibpkey range checks, Ondrej Mosnacek
[PATCH v3] selinux: policydb - fix byte order and alignment issues, Ondrej Mosnacek
- Re: [PATCH v3] selinux: policydb - fix byte order and alignment issues, Stephen Smalley
- Re: [PATCH v3] selinux: policydb - fix byte order and alignment issues, William Roberts
Fix alias handling in sepolicy and semaange, Vit Mojzis
- [PATCH 2/3] python/sepolicy: Stop rejecting aliases in sepolicy commands, Vit Mojzis
- [PATCH 1/3] python/sepolicy: Fix "info" to search aliases as well, Vit Mojzis
- [PATCH 3/3] python/semanage: Stop rejecting aliases in semanage commands, Vit Mojzis
- Re: Fix alias handling in sepolicy and semaange, William Roberts
- Re: Fix alias handling in sepolicy and semaange, Vit Mojzis
[PATCH v2] selinux: fix byte order and alignment issues in policydb.c, Ondrej Mosnacek
- Re: [PATCH v2] selinux: fix byte order and alignment issues in policydb.c, Stephen Smalley
  - Re: [PATCH v2] selinux: fix byte order and alignment issues in policydb.c, Ondrej Mosnacek
    - Re: [PATCH v2] selinux: fix byte order and alignment issues in policydb.c, Ondrej Mosnacek
[GIT PULL] SELinux fixes for v4.19 (#1), Paul Moore
- Re: [GIT PULL] SELinux fixes for v4.19 (#1), Greg KH
[RFC] proposal for resolving the cred_guard_mutex deadlock, Jann Horn via Selinux
[PATCH v2 0/1] Modify exception handling in semanage_migrate_store, Yuli Khodorkovskiy
- [PATCH v2 1/1] libsemanage: improve semanage_migrate_store import failure, Yuli Khodorkovskiy
[PATCH 0/4] libsepol: Cleanup initial sid handling when writing CIL and policy.conf files, James Carter
- [PATCH 1/4] libsepol: Rename kernel_to_common.c stack functions, James Carter
- [PATCH 2/4] libsepol: Eliminate initial sid string definitions in module_to_cil.c, James Carter
- [PATCH 3/4] libsepol: Check that initial sid indexes are within the valid range, James Carter
- [PATCH 4/4] libsepol: Add two new Xen initial SIDs, James Carter
- Message not available
  - Re: [PATCH 0/4] libsepol: Cleanup initial sid handling when writing CIL and policy.conf files, William Roberts
[PATCH 0/2] libsepol: Add ability to sort ocontexts in libsepol and add option to use it in checkpolicy, James Carter
- [PATCH 2/2] checkpolicy: Add option to sort ocontexts when creating a binary policy, James Carter
- [PATCH 1/2] libsepol: Create policydb_sort_ocontexts(), James Carter
[PATCH] README: Update the SELinux mailing list location, Stephen Smalley
Blocking exec on processes based on arguments, Ville Baillie
- Re: Blocking exec on processes based on arguments, Stephen Smalley
[PATCH] MAINTAINERS: update the SELinux mailing list location, Paul Moore
- Re: [PATCH] MAINTAINERS: update the SELinux mailing list location, Paul Moore
Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Jann Horn via Selinux
- Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Christian Brauner
  - Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Jann Horn via Selinux
    - Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Christian Brauner
      - Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Jann Horn via Selinux
        
        Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Christian Brauner
        
        Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Jann Horn via Selinux
        
        Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Christian Brauner
        
        Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Christian Brauner
        
        Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Jann Horn via Selinux
        
        Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Christian Brauner
- Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Paul Moore
  - Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Jann Horn via Selinux
    - Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Christian Brauner
      - Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Tycho Andersen
        
        Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Christian Brauner
        
        Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Tycho Andersen
        
        Re: [PATCH v7 3/6] seccomp: add a way to get a listener fd from ptrace, Christian Brauner
selinux list is moving, Stephen Smalley
[PATCH] libsemanage: improve semanage_migrate_store import failure, Yuli Khodorkovskiy
- Re: [PATCH] libsemanage: improve semanage_migrate_store import failure, William Roberts
  - Re: [PATCH] libsemanage: improve semanage_migrate_store import failure, Jason Zaman
    - Re: [PATCH] libsemanage: improve semanage_migrate_store import failure, Chris PeBenito
      - Re: [PATCH] libsemanage: improve semanage_migrate_store import failure, William Roberts
        
        Re: [PATCH] libsemanage: improve semanage_migrate_store import failure, William Roberts
[PATCH] selinux-testsuite: update the dependencies in README.md, Paul Moore
- Re: [PATCH] selinux-testsuite: update the dependencies in README.md, Stephen Smalley
- <Possible follow-ups>
- [PATCH] selinux-testsuite: update the dependencies in README.md, Paul Moore
  - Re: [PATCH] selinux-testsuite: update the dependencies in README.md, Ondrej Mosnacek
    - Re: [PATCH] selinux-testsuite: update the dependencies in README.md, Stephen Smalley
      - Re: [PATCH] selinux-testsuite: update the dependencies in README.md, Ondrej Mosnacek
        
        Re: [PATCH] selinux-testsuite: update the dependencies in README.md, Paul Moore
  - Re: [PATCH] selinux-testsuite: update the dependencies in README.md, Stephen Smalley
  - Re: [PATCH] selinux-testsuite: update the dependencies in README.md, Stephen Smalley
[PATCH] restorecond: Do not ignore the -f option, Ondrej Mosnacek
- Re: [PATCH] restorecond: Do not ignore the -f option, Jason Zaman
[PATCH] selinux: fix race when removing selinuxfs entries, Ondrej Mosnacek
- Re: [PATCH] selinux: fix race when removing selinuxfs entries, Al Viro
  - Re: [PATCH] selinux: fix race when removing selinuxfs entries, Ondrej Mosnacek
  - Re: [PATCH] selinux: fix race when removing selinuxfs entries, Stephen Smalley
ANN: SETools 4.2.0-rc, Chris PeBenito
[PATCH v5 0/5] LSM: Support ptrace sidechannel access checks, Casey Schaufler
- [PATCH v5 3/5] SELinux: Prepare for PTRACE_MODE_SCHED, Casey Schaufler
  - Re: [PATCH v5 3/5] SELinux: Prepare for PTRACE_MODE_SCHED, Stephen Smalley
  - Re: [PATCH v5 3/5] SELinux: Prepare for PTRACE_MODE_SCHED, Stephen Smalley
    - RE: [PATCH v5 3/5] SELinux: Prepare for PTRACE_MODE_SCHED, Schaufler, Casey
- [PATCH v5 2/5] Smack: Prepare for PTRACE_MODE_SCHED, Casey Schaufler
  - Re: [PATCH v5 2/5] Smack: Prepare for PTRACE_MODE_SCHED, Jann Horn via Selinux
    - RE: [PATCH v5 2/5] Smack: Prepare for PTRACE_MODE_SCHED, Schaufler, Casey
      - Re: [PATCH v5 2/5] Smack: Prepare for PTRACE_MODE_SCHED, Jann Horn via Selinux
        
        Re: [PATCH v5 2/5] Smack: Prepare for PTRACE_MODE_SCHED, Jiri Kosina
        
        Re: [PATCH v5 2/5] Smack: Prepare for PTRACE_MODE_SCHED, Jann Horn via Selinux
        
        Re: [PATCH v5 2/5] Smack: Prepare for PTRACE_MODE_SCHED, Jiri Kosina
- [PATCH v5 4/5] Capability: Complete PTRACE_MODE_SCHED, Casey Schaufler
  - Re: [PATCH v5 4/5] Capability: Complete PTRACE_MODE_SCHED, Jann Horn via Selinux
    - RE: [PATCH v5 4/5] Capability: Complete PTRACE_MODE_SCHED, Schaufler, Casey
- [PATCH v5 5/5] sidechannel: Linux Security Module for sidechannel, Casey Schaufler
  - Re: [PATCH v5 5/5] sidechannel: Linux Security Module for sidechannel, James Morris
    - Re: [PATCH v5 5/5] sidechannel: Linux Security Module for sidechannel, Casey Schaufler
      - Re: [PATCH v5 5/5] sidechannel: Linux Security Module for sidechannel, James Morris
        
        RE: [PATCH v5 5/5] sidechannel: Linux Security Module for sidechannel, Schaufler, Casey
        
        RE: [PATCH v5 5/5] sidechannel: Linux Security Module for sidechannel, James Morris
        
        Re: [PATCH v5 5/5] sidechannel: Linux Security Module for sidechannel, Jann Horn via Selinux
        
        Re: [PATCH v5 5/5] sidechannel: Linux Security Module for sidechannel, James Morris
        
        RE: [PATCH v5 5/5] sidechannel: Linux Security Module for sidechannel, Schaufler, Casey
- [PATCH v5 1/5] AppArmor: Prepare for PTRACE_MODE_SCHED, Casey Schaufler

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]