Home
last modified time | relevance | path

Searched refs:integrity (Results 1 – 25 of 128) sorted by relevance

123456

/linux-6.3-rc2/security/integrity/
A DMakefile6 obj-$(CONFIG_INTEGRITY) += integrity.o
8 integrity-y := iint.o
9 integrity-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o
10 integrity-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o
11 integrity-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
12 integrity-$(CONFIG_INTEGRITY_PLATFORM_KEYRING) += platform_certs/platform_keyring.o
13 integrity-$(CONFIG_INTEGRITY_MACHINE_KEYRING) += platform_certs/machine_keyring.o
14 integrity-$(CONFIG_LOAD_UEFI_KEYS) += platform_certs/efi_parser.o \
17 integrity-$(CONFIG_LOAD_IPL_KEYS) += platform_certs/load_ipl_s390.o
18 integrity-$(CONFIG_LOAD_PPC_KEYS) += platform_certs/efi_parser.o \
A DKconfig8 This option enables the integrity subsystem, which is comprised
46 bool "Require all keys on the integrity keyrings be signed"
98 bool "Enables integrity auditing support "
102 In addition to enabling integrity auditing support, this
104 controls the level of integrity auditing messages.
105 0 - basic integrity auditing messages (default)
106 1 - additional integrity auditing messages
108 Additional informational integrity auditing messages would
112 source "security/integrity/ima/Kconfig"
113 source "security/integrity/evm/Kconfig"
/linux-6.3-rc2/Documentation/block/
A Ddata-integrity.rst18 support for appending integrity metadata to an I/O. The integrity
40 allow the operating system to interact with the integrity metadata
136 The data integrity patches add a new field to struct bio when
140 containing the integrity metadata and the required housekeeping
164 merging and splitting the integrity metadata.
186 /sys/block/<bdev>/integrity/write_generate
190 /sys/block/<bdev>/integrity/read_verify
229 The integrity payload will be freed at bio_free() time.
237 the integrity metadata in the pages must be in a format
242 integrity metadata must have a value of bip->bip_sector.
[all …]
A Dindex.rst14 data-integrity
/linux-6.3-rc2/Documentation/admin-guide/device-mapper/
A Ddm-integrity.rst2 dm-integrity
5 The dm-integrity target emulates a block device that has additional
6 per-sector tags that can be used for storing integrity information.
46 3. unload the dm-integrity target
48 5. load the dm-integrity target with the target size
59 dm-integrity won't read of write these sectors
70 and integrity tag doesn't match.
72 data and integrity tags are written to the
127 generate and verify the integrity tags.
215 1. the number of integrity mismatches
[all …]
A Ddm-crypt.rst132 integrity:<bytes>:<type>
134 in per-bio integrity structure. This metadata must by provided
135 by underlying dm-integrity target.
141 integrity for the encrypted device. The additional space is then
A Ddm-ima.rst15 target types like crypt, verity, integrity etc. Each of these target
49 /sys/kernel/security/integrity/ima/ascii_runtime_measurements
50 /sys/kernel/security/integrity/ima/binary_runtime_measurements
62 TEMPLATE_NAME := Template name that registered the integrity value (e.g. ima-buf).
143 target_name := Name of the target. 'linear', 'crypt', 'integrity' etc.
331 #. integrity
418 3. integrity
421 section above) has the following data format for 'integrity' target.
430 target_name := "target_name=integrity"
450 When a 'integrity' target is loaded, then IMA ASCII measurement log will have an entry
[all …]
A Dindex.rst18 dm-integrity
A Dverity.rst5 Device-Mapper's "verity" target provides transparent integrity checking of
32 This is the device containing data, the integrity of which needs to be
162 Cryptographic hashes are used to assert the integrity of the device on a
170 integrity checking is essential.
205 It is expected that a user-space tool will verify the integrity of the
/linux-6.3-rc2/include/linux/
A Dt10-pi.h45 if (rq->q->integrity.interval_exp) in t10_pi_ref_tag()
46 shift = rq->q->integrity.interval_exp; in t10_pi_ref_tag()
76 if (rq->q->integrity.interval_exp) in ext_pi_ref_tag()
77 shift = rq->q->integrity.interval_exp; in ext_pi_ref_tag()
A Dblk-integrity.h48 struct blk_integrity *bi = &disk->queue->integrity; in blk_get_integrity()
65 return q->integrity.profile; in blk_integrity_queue_supports_integrity()
/linux-6.3-rc2/Documentation/ABI/stable/
A Dsysfs-class-tpm4 Contact: linux-integrity@vger.kernel.org
12 Contact: linux-integrity@vger.kernel.org
24 Contact: linux-integrity@vger.kernel.org
32 Contact: linux-integrity@vger.kernel.org
49 Contact: linux-integrity@vger.kernel.org
72 Contact: linux-integrity@vger.kernel.org
81 Contact: linux-integrity@vger.kernel.org
89 Contact: linux-integrity@vger.kernel.org
112 Contact: linux-integrity@vger.kernel.org
164 Contact: linux-integrity@vger.kernel.org
[all …]
A Dsysfs-block58 integrity metadata. Set if the device is T10 PI-capable.
61 What: /sys/block/<disk>/integrity/format
65 Metadata format for integrity capable block device.
74 by one integrity tuple. Typically the device's logical
78 What: /sys/block/<disk>/integrity/read_verify
83 integrity of read requests serviced by devices that
84 support sending integrity metadata.
87 What: /sys/block/<disk>/integrity/tag_size
91 Number of bytes of integrity tag space available per
95 What: /sys/block/<disk>/integrity/write_generate
[all …]
/linux-6.3-rc2/block/
A Dblk-integrity.c123 struct blk_integrity *b1 = &gd1->queue->integrity; in blk_integrity_compare()
124 struct blk_integrity *b2 = &gd2->queue->integrity; in blk_integrity_compare()
225 struct blk_integrity *bi = &disk->queue->integrity; in integrity_attr_show()
237 struct blk_integrity *bi = &disk->queue->integrity; in integrity_attr_store()
352 ATTRIBUTE_GROUPS(integrity);
399 struct blk_integrity *bi = &disk->queue->integrity; in blk_integrity_register()
429 struct blk_integrity *bi = &disk->queue->integrity; in blk_integrity_unregister()
A Dt10-pi.c137 const int tuple_sz = rq->q->integrity.tuple_size; in t10_pi_type1_prepare()
186 unsigned intervals = nr_bytes >> rq->q->integrity.interval_exp; in t10_pi_type1_complete()
187 const int tuple_sz = rq->q->integrity.tuple_size; in t10_pi_type1_complete()
376 const int tuple_sz = rq->q->integrity.tuple_size; in ext_pi_type1_prepare()
414 unsigned intervals = nr_bytes >> rq->q->integrity.interval_exp; in ext_pi_type1_complete()
415 const int tuple_sz = rq->q->integrity.tuple_size; in ext_pi_type1_complete()
A DMakefile29 obj-$(CONFIG_BLK_DEV_INTEGRITY) += bio-integrity.o blk-integrity.o
/linux-6.3-rc2/security/integrity/evm/
A DKconfig12 integrity attacks.
56 /sys/kernel/security/integrity/evm/evm_xattrs.
67 verify EVM integrity starting from the 'init' process.
/linux-6.3-rc2/Documentation/staging/
A Dxz.rst16 for integrity checking. The home page of XZ Embedded is at
59 Since the XZ Embedded supports only streams with no integrity check or
60 CRC32, make sure that you don't use some other integrity check type
67 which will verify the integrity of the uncompressed data anyway.
68 Double checking the integrity would probably be waste of CPU cycles.
70 by the decoder; you can only change the integrity check type (or
/linux-6.3-rc2/security/integrity/ima/
A DKconfig25 an aggregate integrity value over this list inside the
51 that IMA uses to maintain the integrity aggregate of the
88 prompt "Default integrity hash algorithm"
93 list, integrity appraisal and audit log. The compiled default
149 bool "Appraise integrity measurements"
153 This option enables local measurement integrity appraisal.
159 For more information on integrity appraisal refer to:
/linux-6.3-rc2/fs/btrfs/
A DKconfig51 bool "Btrfs with integrity check tool compiled in (DANGEROUS)"
60 If the integrity check tool is included and activated in
66 to verify the integrity of (super)-block write requests
/linux-6.3-rc2/security/
A DKconfig211 source "security/integrity/Kconfig"
249 …default "landlock,lockdown,yama,loadpin,safesetid,integrity,smack,selinux,tomoyo,apparmor,bpf" if …
250 …default "landlock,lockdown,yama,loadpin,safesetid,integrity,apparmor,selinux,smack,tomoyo,bpf" if …
251 default "landlock,lockdown,yama,loadpin,safesetid,integrity,tomoyo,bpf" if DEFAULT_SECURITY_TOMOYO
252 default "landlock,lockdown,yama,loadpin,safesetid,integrity,bpf" if DEFAULT_SECURITY_DAC
253 default "landlock,lockdown,yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor,bpf"
A DMakefile29 obj-$(CONFIG_INTEGRITY) += integrity/
/linux-6.3-rc2/arch/powerpc/configs/
A Dsecurity.config1 # This is the equivalent of booting with lockdown=integrity
/linux-6.3-rc2/Documentation/security/
A Ddigsig.rst20 Currently digital signatures are used by the IMA/EVM integrity protection subsystem.
70 * Verifies data integrity against digital signature.
/linux-6.3-rc2/Documentation/admin-guide/
A Djfs.rst28 from backup media. The integrity of the volume is not
31 integrity(*)

Completed in 28 milliseconds

123456