Searched refs:keys (Results 1 – 12 of 12) sorted by relevance
| /security/integrity/ |
| A D | Kconfig | 29 to "lock" certain keyring to prevent adding new keys.
30 This is useful for evm and module keyrings, when keys are
34 bool "Enable asymmetric keys support"
43 asymmetric keys.
46 bool "Require all keys on the integrity keyrings be signed"
51 This option requires that all keys added to the .ima and
56 bool "Provide keyring for platform/firmware trusted keys"
73 be added. This keyring shall contain just MOK keys. Unlike keys
86 other MOK keys load into the platform keyring.
89 bool "Only CA keys without DigitialSignature usage set"
[all …]
|
| /security/keys/ |
| A D | Kconfig | 11 access keys in the kernel.
13 It also includes provision of methods by which such keys might be
18 a searchable sequence of keys. Each process is equipped with access
60 bool "Large payload keys"
76 keys in the kernel. Trusted keys are random number symmetric keys,
83 source "security/keys/trusted-keys/Kconfig"
97 in the kernel. Encrypted keys are instantiated using kernel
106 bool "Allow encrypted keys with user decrypted data"
116 bool "Diffie-Hellman operations on retained keys"
123 public keys and shared secrets using values stored as keys
[all …]
|
| A D | Makefile | 31 obj-$(CONFIG_TRUSTED_KEYS) += trusted-keys/
32 obj-$(CONFIG_ENCRYPTED_KEYS) += encrypted-keys/
|
| A D | keyring.c | 143 assoc_array_init(&keyring->keys); in keyring_instantiate()
431 assoc_array_destroy(&keyring->keys, &keyring_assoc_array_ops); in keyring_destroy()
445 if (keyring->keys.nr_leaves_on_tree != 0) in keyring_describe()
446 seq_printf(m, ": %lu", keyring->keys.nr_leaves_on_tree); in keyring_describe()
497 ret = assoc_array_iterate(&keyring->keys, in keyring_read()
506 ret = keyring->keys.nr_leaves_on_tree * sizeof(key_serial_t); in keyring_read()
651 object = assoc_array_find(&keyring->keys, in search_keyring()
732 ptr = READ_ONCE(keyring->keys.root); in search_nested_keyrings()
1317 edit = assoc_array_insert(&keyring->keys, in __key_link_begin()
1731 result = assoc_array_iterate(&keyring->keys, in keyring_gc()
[all …]
|
| A D | gc.c | 135 static noinline void key_gc_unused_keys(struct list_head *keys) in key_gc_unused_keys() argument
137 while (!list_empty(keys)) { in key_gc_unused_keys()
139 list_entry(keys->next, struct key, graveyard_link); in key_gc_unused_keys()
|
| /security/keys/trusted-keys/ |
| A D | Kconfig | 5 bool "TPM-based trusted keys"
18 backend. Trusted keys are random number symmetric keys,
20 The TPM only unseals the keys, if the boot PCRs and other
24 bool "TEE-based trusted keys"
33 bool "CAAM-based trusted keys"
43 bool "DCP-based trusted keys"
|
| A D | tpm2key.asn1 | 2 --- ASN.1 for TPM 2.0 keys
|
| /security/keys/encrypted-keys/ |
| A D | Makefile | 6 obj-$(CONFIG_ENCRYPTED_KEYS) += encrypted-keys.o
8 encrypted-keys-y := encrypted.o ecryptfs_format.o
11 encrypted-keys-y += $(masterkey-y) $(masterkey-m-m)
|
| /security/integrity/ima/ |
| A D | Kconfig | 247 bool "Permit keys validly signed by a built-in, machine (if configured) or secondary"
259 Intermediate keys between those the kernel has compiled in and the
260 IMA keys to be added may be added to the system secondary keyring,
271 revoked IMA keys. It is consulted before any other keyring. If
280 File signature verification is based on the public keys
281 loaded on the .ima trusted keyring. These public keys are
289 default "/etc/keys/x509_ima.der"
|
| /security/ |
| A D | Makefile | 6 obj-$(CONFIG_KEYS) += keys/
|
| A D | Kconfig | 8 source "security/keys/Kconfig"
|
| /security/integrity/evm/ |
| A D | Kconfig | 74 default "/etc/keys/x509_evm.der"
|
Completed in 15 milliseconds