Commit Graph

187 Commits

Author SHA1 Message Date
Petr Lautrbach
0c39fcdf0b libsepol-3.4-0.rc2.1
-SELinux userspace 3.4-rc2 release
2022-04-21 15:24:23 +02:00
Petr Lautrbach
9c848ca54b libsepol-3.4-0.rc1.1
- SELinux userspace 3.4-rc1 release
2022-04-12 11:08:55 +02:00
Petr Lautrbach
ba9331a864 SELinux userspace 3.3 release 2021-10-22 12:18:48 +02:00
Petr Lautrbach
04203d6962 SELinux userspace 3.3-rc3 release 2021-10-07 17:20:55 +02:00
Petr Lautrbach
394d26d7f2 SELinux userspace 3.3-rc2 release 2021-09-29 13:55:33 +02:00
Petr Lautrbach
3e8ea426c3 SELinux userspace 3.2 release 2021-03-08 15:42:29 +01:00
Petr Lautrbach
7a8d2de4ef SELinux userspace 3.2-rc2 release 2021-02-05 10:09:15 +01:00
Petr Lautrbach
2d96c8836c SELinux userspace 3.2-rc1 release
https://lore.kernel.org/selinux/87a6t36bpp.fsf@redhat.com/T/#u
2021-01-20 16:30:09 +01:00
Petr Lautrbach
c58a1c7ba8 libsepol-3.1-1
- SELinux userspace 3.1 release
2020-07-10 18:01:58 +02:00
Petr Lautrbach
50ae97404c SELinux userspace 3.0 release 2019-12-06 08:05:46 +01:00
Petr Lautrbach
01964798fa SELinux userspace 3.0-rc1 release candidate 2019-11-11 10:55:45 +01:00
Petr Lautrbach
ce5eeffdaa SELinux userspace 2.9 release 2019-03-18 16:46:48 +01:00
Petr Lautrbach
ba37cef257 SELinux userspace 2.9-rc2 release candidate 2019-03-06 17:20:17 +01:00
Petr Lautrbach
6b4592388f SELinux userspace 2.9-rc1 release candidate 2019-01-30 09:51:37 +01:00
Petr Lautrbach
0ce45d72d2 libsepol-2.8-1
- SELinux userspace 2.8 release
2018-05-25 10:21:40 +02:00
Petr Lautrbach
8bb335b66c SELinux userspace 2.8-rc3 release candidate 2018-05-14 18:52:22 +02:00
Petr Lautrbach
4526ce3233 SELinux userspace 2.8-rc1 release candidate 2018-04-23 13:12:12 +02:00
Petr Lautrbach
640cc38286 libsepol-2.7-1
- Update to upstream release 2017-08-04
2017-08-07 13:44:45 +02:00
Petr Lautrbach
99653f4b76 libsepol-2.6-1
- Update to upstream release 2016-10-14
2017-02-20 12:27:15 +01:00
Petr Lautrbach
0861542f57 libsepol-2.5-1
- Update to upstream release 2016-02-23
2016-02-23 21:31:12 +01:00
Petr Lautrbach
3febb8cf9a libsepol-2.5-0.1.rc1
Update to upstream rc1 release 2016-01-07
2016-02-21 14:34:14 +01:00
Petr Lautrbach
5e480567c8 Update to upstream release 2.4 2015-07-20 17:41:51 +02:00
Dan Walsh
87d9d9b744 Update to upstream
* Improve error message for name-based transition conflicts.
	* Revert libsepol: filename_trans: use some better sorting to compare and merge.
	* Report source file and line information for neverallow failures.
	* Fix valgrind errors in constraint_expr_eval_reason from Richard Haines.
	* Add sepol_validate_transition_reason_buffer function from Richard Haines.
2014-05-06 14:20:51 -04:00
Dan Walsh
4704b23dcb Update to upstream
* Improve error message for name-based transition conflicts.
	* Revert libsepol: filename_trans: use some better sorting to compare and merge.
	* Report source file and line information for neverallow failures.
	* Fix valgrind errors in constraint_expr_eval_reason from Richard Haines.
	* Add sepol_validate_transition_reason_buffer function from Richard Haines.
2014-05-06 14:17:40 -04:00
Dan Walsh
5c767f8d24 Update to upstream
- Richard Haines patch V1 Allow constraint denials to be determined.
- Add separate role declarations as required by modern checkpolicy.
2013-10-31 09:17:42 -04:00
Dan Walsh
8f8f3fb514 Update to upstream
* filename_trans: use some better sorting to compare and merge
	* coverity fixes
	* implement default type policy syntax
	* Fix memory leak issues found by Klocwork
- Add CONTRAINT_NAMES to the kernel
2013-02-07 12:24:09 -05:00
rhatdan
7a85deddcf Update to upstream
* fix neverallow checking on attributes
	* Move context_copy() after switch block in ocontext_copy_*().
	* check for missing initial SID labeling statement.
	* Add always_check_network policy capability
	* role_fix_callback skips out-of-scope roles during expansion.
2012-09-13 12:32:09 -04:00
Dan Walsh
5f329cea08 Update to upstream
* reserve policycapability for redhat testing of ptrace child
	* cosmetic changes to make the source easier to read
	* prepend instead of append to filename_trans list
	* Android/MacOS X build support
	* allocate enough space to hold filename in trans rules
2012-07-04 07:19:41 -04:00
Dan Walsh
a195d32913 Update to upstream
* checkpolicy: implement new default labeling behaviors
2012-03-29 14:28:13 -04:00
Dan Walsh
58df885532 Remove old source from sources file 2011-11-04 09:06:17 -04:00
Dan Walsh
39e091adf3 Update to upstream
* regenerate .pc on VERSION change
	* Move ebitmap_* functions from mcstrans to libsepol
	* expand: do filename_trans type comparison on mapped representation
2011-11-04 08:55:31 -04:00
Dan Walsh
07e78442e3 Update to upstream
* Skip writing role attributes for policy.X and
	* Indicate when boolean is indeed a tunable.
	* Separate tunable from boolean during compile.
	* Write and read TUNABLE flags in related
	* Copy and check the cond_bool_datum_t.flags during link.
	* Permanently discard disabled branches of tunables in
	* Skip tunable identifier and cond_node_t in expansion.
	* Create a new preserve_tunables flag
	* Preserve tunables when required by semodule program.
	* setools expects expand_module_avrules to be an exported
	* tree: default make target to all not
2011-09-19 06:48:59 -04:00
Dan Walsh
6eec04097e Update to upstream
* Only call role_fix_callback for base.p_roles during expansion.
	* use mapped role number instead of module role number
2011-08-18 06:58:25 -04:00
Dan Walsh
a98ce44d26 Update to upstream
* Release, minor version bump
2011-07-28 11:35:27 -04:00
Dan Walsh
b7b88e49b7 Update to upstream
* Warn if filename_trans rules are dropped by Steve Lawrence.
2011-05-03 09:40:22 -04:00
Dan Walsh
6e97542597 Update to upstream
* Fixes for new role_transition class field by Eric Paris.
	* Add libsepol support for filename_trans rules by Eric Paris.
2011-04-14 08:52:33 -04:00
Dan Walsh
a3a7288b5c * Give correct names to mount points in load_policy by Dan Walsh.
* Make sure selinux state is reported correctly if selinux is disabled or
	fails to load by Dan Walsh.
	* Fix crash if selinux_key_create was never called by Dan Walsh.
	* Add new file_context.subs_dist for distro specific filecon substitutions
	by Dan Walsh.
	* Update man pages for selinux_color_* functions by Richard Haines.
2011-04-12 10:03:13 -04:00
Dan Walsh
9788767c5c - Upgrade to latest from NSA
* Fix compliation under GCC 4.6 by Justin Mattock
2010-12-21 16:43:33 -05:00
Daniel J Walsh
aca479dae3 - Upgrade to latest from NSA
Fixed typo in error message from Manoj Srivastava.
2009-11-18 22:16:47 +00:00
Daniel J Walsh
a5bd29455e - Upgrade to latest from NSA
Add pkgconfig file from Eamon Walsh.
2009-11-02 18:11:36 +00:00
Daniel J Walsh
31a56530a4 - Upgrade to latest from NSA
Add support for building Xen policies from Paul Nuzzi.
2009-10-29 19:27:40 +00:00
Daniel J Walsh
ad2013ee23 - Upgrade to latest from NSA
Check last offset in the module package against the file size. Reported by
    Manoj Srivastava for bug filed by Max Kellermann.
2009-09-08 13:08:11 +00:00
Daniel J Walsh
cd4e504b6b - Upgrade to latest from NSA
Add method to check disable dontaudit flag from Christopher Pardy.
2009-07-07 19:33:40 +00:00
Daniel J Walsh
4ce335c44c - Upgrade to latest from NSA
Fix boolean state smashing from Joshua Brindle.
2009-03-25 20:37:52 +00:00
Daniel J Walsh
848ca5cad6 - Upgrade to latest from NSA
Fix alias field in module format, caused by boundary format change from
    Caleb Case.
2009-02-18 21:47:17 +00:00
Daniel J Walsh
d13ce1e89d - Upgrade to latest from NSA
Add bounds support from KaiGai Kohei.
Fix invalid aliases bug from Joshua Brindle.
2008-11-07 14:11:04 +00:00
Daniel J Walsh
f25671b55a - Upgrade to latest from NSA
Revert patch that removed expand_rule.
2008-09-30 13:31:29 +00:00
Daniel J Walsh
962484ceef - Upgrade to latest from NSA
Allow require then declare in the source policy from Joshua Brindle.
2008-07-07 17:51:57 +00:00
Daniel J Walsh
38eb295021 - Upgrade to latest from NSA
Fix mls_semantic_level_expand() to handle a user require w/o MLS
    information from Stephen Smalley.
2008-06-22 13:52:55 +00:00
Daniel J Walsh
d7c858894a - Upgrade to latest from NSA
Fix endianness bug in the handling of network node addresses from Stephen
    Smalley. Only affects big endian platforms. Bug reported by John Weeks
    of Sun upon policy mismatch between x86 and sparc.
2008-06-11 12:16:46 +00:00