Home
last modified time | relevance | path

Searched refs:in (Results 1 – 18 of 18) sorted by relevance

/security/keys/
A Dkeyctl_pkey.c219 void *in, *out; in keyctl_pkey_e_d_s() local
244 in = memdup_user(_in, params.in_len); in keyctl_pkey_e_d_s()
245 if (IS_ERR(in)) { in keyctl_pkey_e_d_s()
246 ret = PTR_ERR(in); in keyctl_pkey_e_d_s()
255 ret = params.key->type->asym_eds_op(&params, in, out); in keyctl_pkey_e_d_s()
265 kfree(in); in keyctl_pkey_e_d_s()
294 void *in, *in2; in keyctl_pkey_verify() local
306 in = memdup_user(_in, params.in_len); in keyctl_pkey_verify()
307 if (IS_ERR(in)) { in keyctl_pkey_verify()
308 ret = PTR_ERR(in); in keyctl_pkey_verify()
[all …]
A DKconfig11 access keys in the kernel.
29 call that didn't upcall to the kernel to be cached temporarily in the
38 filesystem in which each method needs to request an authentication
48 in the sense that they stay around after all processes of that UID
76 keys in the kernel. Trusted keys are random number symmetric keys,
97 in the kernel. Encrypted keys are instantiated using kernel
124 in the kernel.
/security/lockdown/
A DKconfig10 bool "Enable lockdown LSM early in init"
13 Enable the lockdown LSM early in boot. This is necessary in order
36 The kernel runs in integrity mode by default. Features that allow
42 The kernel runs in confidentiality mode by default. Features that
/security/ipe/
A DKconfig63 supplied in the policy.
82 enabled and its digest matches the supplied digest value in the
94 is in the .fs-verity keyring.
108 in TAP format (https://testanything.org/). Only useful for kernel devs
112 For more information on KUnit and unit tests in general please refer
113 to the KUnit documentation in Documentation/dev-tools/kunit/.
/security/apparmor/
A DKconfig12 Required userspace tools (if they are not included in your
23 Build apparmor with debugging logic in apparmor. Not all
79 verify that policy in the kernel matches what is expected,
115 in TAP format (https://testanything.org/). Only useful for kernel devs
119 For more information on KUnit and unit tests in general please refer
120 to the KUnit documentation in Documentation/dev-tools/kunit/.
/security/
A DKconfig.hardening36 initialized before use in a function.
140 bool "Show KSTACK_ERASE metrics in the /proc file system"
145 in the /proc file system. In particular, /proc/<pid>/stack_depth
155 This option provides 'stack_erasing' sysctl, which can be used in
182 with "init_on_free" is that data lifetime in memory is reduced,
206 generated "write-what-where" gadgets) in the resulting kernel
222 Detect overflows of buffers in common string and memory functions
252 Minimal integrity checking in the linked-list manipulation routines
263 data corruption in kernel memory structures when they get checked
294 The seed used for compilation is in scripts/basic/randomize.seed.
[all …]
A DKconfig167 Intel TXT support in a kernel boot.
194 either in the kernel code itself, or as a kernel configuration
217 be in the first argument passed to this program on the command
246 in old kernel configs to CONFIG_LSM in new kernel configs. Don't
278 A comma-separated list of LSMs, in initialization order.
281 if selected in the kernel configuration, will be ignored.
/security/selinux/
A DKconfig21 kernel image to be distributed with SELinux built in, but not
34 kernel will start in permissive mode (log everything, deny nothing)
55 This option sets the number of buckets used in the sidtab hashtable
78 developers, unless you know what this does in the kernel code you
A Dhooks.c5844 ifindex = state->in->ifindex; in selinux_ip_forward()
/security/keys/trusted-keys/
A Dtrusted_dcp.c77 static int do_dcp_crypto(u8 *in, u8 *out, bool do_encrypt) in do_dcp_crypto() argument
112 sg_init_one(&src_sg, in, AES_KEYSIZE_128); in do_dcp_crypto()
129 static int do_aead_crypto(u8 *in, u8 *out, size_t len, u8 *key, u8 *nonce, in do_aead_crypto() argument
156 sg_init_one(&src_sg, in, len); in do_aead_crypto()
/security/tomoyo/
A DKconfig25 such programs in "learning mode" dulls the system response
45 Say Y here if you want to activate access control as soon as built-in
78 bool "Use insecure built-in settings for fuzzing tests."
83 Enabling this option forces minimal built-in policy and disables
/security/integrity/ima/
A DKconfig130 appended to the original policy. Have in mind that the rules are
131 scanned in FIFO order so be careful when you design and add new ones.
243 The modsig keyword can be used in the IMA policy to allow a hook
247 bool "Permit keys validly signed by a built-in, machine (if configured) or secondary"
255 key is validly signed by a CA cert in the system built-in,
259 Intermediate keys between those the kernel has compiled in and the
261 provided they are validly signed by a key already resident in the
262 built-in, machine (if configured) or secondary trusted keyrings.
331 allocated (in kb) for IMA measurements added during kexec soft reboot.
/security/landlock/
A DKconfig12 set of access rights (e.g. open a file in read-only, make a
32 See the KUnit documentation in Documentation/dev-tools/kunit
/security/loadpin/
A DKconfig17 # Module compression breaks LoadPin unless modules are decompressed in
32 considered trusted if its root digest is found in the list
/security/smack/
A DKconfig21 Enable the bring-up ("b") access mode in Smack rules.
54 delivering a signal in the Smack rules.
/security/integrity/
A DKconfig74 in the platform keyring, keys contained in the .machine keyring will
83 on any key added to it. By default no restrictions are in place
/security/yama/
A DKconfig11 Further information can be found in
/security/integrity/evm/
A DKconfig40 in the HMAC calculation, enabling this option includes newly defined

Completed in 36 milliseconds