Syzbot CI

Patch Series

Subject	SELinux namespace support
Author	stephen.smalley.work@gmail.com
Date	2025-08-14 13:25:52 +0000 UTC
Version	7
Cc	horms@kernel.org netdev@vger.kernel.org omosnace@redhat.com paul@paul-moore.com selinux@vger.kernel.org stephen.smalley.work@gmail.com

Patches (42)

Name	Content
[PATCH v7 01/42] selinux: restore passing of selinux_state	[Body]
[PATCH v7 02/42] selinux: introduce current_selinux_state	[Body]
[PATCH v7 03/42] selinux: support multiple selinuxfs instances	[Body]
[PATCH v7 04/42] selinux: dynamically allocate selinux namespace	[Body]
[PATCH v7 05/42] netstate,selinux: create the selinux netlink socket per network namespace	[Body]
[PATCH v7 06/42] selinux: limit selinux netlink notifications to init namespace	[Body]
[PATCH v7 07/42] selinux: support per-task/cred selinux namespace	[Body]
[PATCH v7 08/42] selinux: introduce cred_selinux_state() and use it	[Body]
[PATCH v7 09/42] selinux: init inode from nearest initialized namespace	[Body]
[PATCH v7 10/42] selinux: add a selinuxfs interface to unshare selinux namespace	[Body]
[PATCH v7 11/42] selinux: add limits for SELinux namespaces	[Body]
[PATCH v7 12/42] selinux: exempt creation of init SELinux namespace from limits	[Body]
[PATCH v7 13/42] selinux: refactor selinux_state_create()	[Body]
[PATCH v7 14/42] selinux: allow userspace to detect non-init SELinux namespace	[Body]
[PATCH v7 15/42] selinuxfs: restrict write operations to the same selinux namespace	[Body]
[PATCH v7 16/42] selinux: introduce a global SID table	[Body]
[PATCH v7 17/42] selinux: wrap security server interfaces to use the global SID table	[Body]
[PATCH v7 18/42] selinux: introduce a Kconfig option for SELinux namespaces	[Body]
[PATCH v7 19/42] selinux: eliminate global SID table if !CONFIG_SECURITY_SELINUX_NS	[Body]
[PATCH v7 20/42] selinux: maintain a small cache in the global SID table	[Body]
[PATCH v7 21/42] selinux: update hook functions to use correct selinux namespace	[Body]
[PATCH v7 22/42] selinux: introduce cred_task_has_perm()	[Body]
[PATCH v7 23/42] selinux: introduce cred_has_extended_perms()	[Body]
[PATCH v7 24/42] selinux: introduce cred_self_has_perm()	[Body]
[PATCH v7 25/42] selinux: introduce cred_has_perm()	[Body]
[PATCH v7 26/42] selinux: introduce cred_ssid_has_perm() and cred_other_has_perm()	[Body]
[PATCH v7 27/42] selinux: introduce task_obj_has_perm()	[Body]
[PATCH v7 28/42] selinux: update bprm hooks for selinux namespaces	[Body]
[PATCH v7 29/42] selinux: add kerneldoc to new permission checking functions	[Body]
[PATCH v7 30/42] selinux: convert selinux_file_send_sigiotask() to namespace-aware helper	[Body]
[PATCH v7 31/42] selinux: rename cred_has_perm() to cred_tsid_has_perm()	[Body]
[PATCH v7 32/42] selinux: update cred_tsid_has_perm_noaudit() to return the combined avd	[Body]
[PATCH v7 33/42] selinux: convert additional checks to cred_ssid_has_perm()	[Body]
[PATCH v7 34/42] selinux: introduce selinux_state_has_perm()	[Body]
[PATCH v7 35/42] selinux: annotate selinuxfs permission checks	[Body]
[PATCH v7 36/42] selinux: annotate process transition permission checks	[Body]
[PATCH v7 37/42] selinux: convert xfrm and netlabel permission checks	[Body]
[PATCH v7 38/42] selinux: switch selinux_lsm_setattr() checks to current namespace	[Body]
[PATCH v7 39/42] selinux: make open_perms namespace-aware	[Body]
[PATCH v7 40/42] selinux: split cred_ssid_has_perm() into two cases	[Body]
[PATCH v7 41/42] selinux: convert nlmsg_sock_has_extended_perms() to namespace-aware	[Body]
[PATCH v7 42/42] selinux: disallow writes to /sys/fs/selinux/user in non-init namespaces	[Body]

Session 2025-08-14

ID (for dev)	bfcfbf54-9d88-454a-a820-48656f60321e
Status	skipped
Triaged	Skipped: failed to find a base commit: series does not apply [Log]
Execution Log	[Link]

Test	Base	Patched	Verdict