/linux/security/integrity/ |
H A D | Makefile | 6 obj-$(CONFIG_INTEGRITY) += integrity.o 8 integrity-y := iint.o 9 integrity-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o 10 integrity-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o 11 integrity-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o 12 integrity-$(CONFIG_INTEGRITY_PLATFORM_KEYRING) += platform_certs/platform_keyring.o 13 integrity-$(CONFIG_INTEGRITY_MACHINE_KEYRING) += platform_certs/machine_keyring.o 14 integrity-$(CONFIG_LOAD_UEFI_KEYS) += platform_certs/efi_parser.o \ 17 integrity-$(CONFIG_LOAD_IPL_KEYS) += platform_certs/load_ipl_s390.o 18 integrity-$(CONFIG_LOAD_PPC_KEYS) += platform_certs/efi_parser.o \
|
H A D | Kconfig | 8 This option enables the integrity subsystem, which is comprised 46 bool "Require all keys on the integrity keyrings be signed" 119 bool "Enables integrity auditing support " 123 In addition to enabling integrity auditing support, this 125 controls the level of integrity auditing messages. 126 0 - basic integrity auditing messages (default) 127 1 - additional integrity auditing messages 129 Additional informational integrity auditing messages would 133 source "security/integrity/ima/Kconfig" 134 source "security/integrity/evm/Kconfig"
|
/linux/Documentation/block/ |
H A D | data-integrity.rst | 18 support for appending integrity metadata to an I/O. The integrity 40 allow the operating system to interact with the integrity metadata 136 The data integrity patches add a new field to struct bio when 140 containing the integrity metadata and the required housekeeping 164 merging and splitting the integrity metadata. 186 /sys/block/<bdev>/integrity/write_generate 190 /sys/block/<bdev>/integrity/read_verify 229 The integrity payload will be freed at bio_free() time. 237 the integrity metadata in the pages must be in a format 242 integrity metadata must have a value of bip->bip_sector. [all …]
|
H A D | index.rst | 14 data-integrity
|
/linux/Documentation/admin-guide/device-mapper/ |
H A D | dm-integrity.rst | 2 dm-integrity 5 The dm-integrity target emulates a block device that has additional 6 per-sector tags that can be used for storing integrity information. 55 3. unload the dm-integrity target 57 5. load the dm-integrity target with the target size 68 dm-integrity won't read of write these sectors 79 and integrity tag doesn't match. 81 data and integrity tags are written to the 132 generate and verify the integrity tags. 225 1. the number of integrity mismatches [all …]
|
H A D | dm-ima.rst | 15 target types like crypt, verity, integrity etc. Each of these target 49 /sys/kernel/security/integrity/ima/ascii_runtime_measurements 50 /sys/kernel/security/integrity/ima/binary_runtime_measurements 62 TEMPLATE_NAME := Template name that registered the integrity value (e.g. ima-buf). 143 target_name := Name of the target. 'linear', 'crypt', 'integrity' etc. 331 #. integrity 418 3. integrity 421 section above) has the following data format for 'integrity' target. 430 target_name := "target_name=integrity" 450 When a 'integrity' target is loaded, then IMA ASCII measurement log will have an entry [all …]
|
H A D | dm-crypt.rst | 137 integrity:<bytes>:<type> 139 in per-bio integrity structure. This metadata must by provided 140 by underlying dm-integrity target. 146 integrity for the encrypted device. The additional space is then
|
H A D | index.rst | 18 dm-integrity
|
H A D | verity.rst | 5 Device-Mapper's "verity" target provides transparent integrity checking of 32 This is the device containing data, the integrity of which needs to be 162 Cryptographic hashes are used to assert the integrity of the device on a 170 integrity checking is essential. 205 It is expected that a user-space tool will verify the integrity of the
|
/linux/include/linux/ |
H A D | t10-pi.h | 45 if (rq->q->integrity.interval_exp) in t10_pi_ref_tag() 46 shift = rq->q->integrity.interval_exp; in t10_pi_ref_tag() 76 if (rq->q->integrity.interval_exp) in ext_pi_ref_tag() 77 shift = rq->q->integrity.interval_exp; in ext_pi_ref_tag()
|
H A D | blk-integrity.h | 49 struct blk_integrity *bi = &disk->queue->integrity; in blk_get_integrity() 66 return q->integrity.profile; in blk_integrity_queue_supports_integrity()
|
/linux/Documentation/ABI/stable/ |
H A D | sysfs-class-tpm | 4 Contact: linux-integrity@vger.kernel.org 12 Contact: linux-integrity@vger.kernel.org 24 Contact: linux-integrity@vger.kernel.org 32 Contact: linux-integrity@vger.kernel.org 49 Contact: linux-integrity@vger.kernel.org 72 Contact: linux-integrity@vger.kernel.org 81 Contact: linux-integrity@vger.kernel.org 89 Contact: linux-integrity@vger.kernel.org 112 Contact: linux-integrity@vger.kernel.org 164 Contact: linux-integrity@vger.kernel.org [all …]
|
H A D | sysfs-block | 58 integrity metadata. Set if the device is T10 PI-capable. 61 What: /sys/block/<disk>/integrity/format 65 Metadata format for integrity capable block device. 74 by one integrity tuple. Typically the device's logical 78 What: /sys/block/<disk>/integrity/read_verify 83 integrity of read requests serviced by devices that 84 support sending integrity metadata. 87 What: /sys/block/<disk>/integrity/tag_size 91 Number of bytes of integrity tag space available per 95 What: /sys/block/<disk>/integrity/write_generate [all …]
|
/linux/tools/testing/selftests/net/ |
H A D | tcp_mmap.c | 89 static int integrity; /* -i option: sender and receiver compute sha256 over the data.*/ variable 205 if (integrity) { in child_thread() 233 if (integrity) in child_thread() 249 if (integrity) in child_thread() 268 if (integrity) in child_thread() 280 if (integrity) { in child_thread() 504 integrity = 1; in main() 581 if (integrity) { in main() 601 if (integrity) in main() 605 if (integrity && total == FILE_SZ) { in main()
|
/linux/block/ |
H A D | blk-integrity.c | 123 struct blk_integrity *b1 = &gd1->queue->integrity; in blk_integrity_compare() 124 struct blk_integrity *b2 = &gd2->queue->integrity; in blk_integrity_compare() 217 return &dev_to_disk(dev)->queue->integrity; in dev_to_bi() 364 struct blk_integrity *bi = &disk->queue->integrity; in blk_integrity_register() 395 struct blk_integrity *bi = &disk->queue->integrity; in blk_integrity_unregister()
|
H A D | Makefile | 29 obj-$(CONFIG_BLK_DEV_INTEGRITY) += bio-integrity.o blk-integrity.o
|
H A D | t10-pi.c | 144 struct blk_integrity *bi = &rq->q->integrity; in t10_pi_type1_prepare() 195 struct blk_integrity *bi = &rq->q->integrity; in t10_pi_type1_complete() 396 struct blk_integrity *bi = &rq->q->integrity; in ext_pi_type1_prepare() 436 struct blk_integrity *bi = &rq->q->integrity; in ext_pi_type1_complete()
|
/linux/security/integrity/evm/ |
H A D | Kconfig | 13 integrity attacks. 57 /sys/kernel/security/integrity/evm/evm_xattrs. 68 verify EVM integrity starting from the 'init' process. The
|
/linux/Documentation/staging/ |
H A D | xz.rst | 16 for integrity checking. The home page of XZ Embedded is at 59 Since the XZ Embedded supports only streams with no integrity check or 60 CRC32, make sure that you don't use some other integrity check type 67 which will verify the integrity of the uncompressed data anyway. 68 Double checking the integrity would probably be waste of CPU cycles. 70 by the decoder; you can only change the integrity check type (or
|
/linux/security/integrity/ima/ |
H A D | Kconfig | 26 an aggregate integrity value over this list inside the 53 that IMA uses to maintain the integrity aggregate of the 88 prompt "Default integrity hash algorithm" 92 list, integrity appraisal and audit log. The compiled default 145 bool "Appraise integrity measurements" 148 This option enables local measurement integrity appraisal. 154 For more information on integrity appraisal refer to:
|
/linux/Documentation/security/ |
H A D | snp-tdx-threat-model.rst | 26 security technologies that aim to protect the confidentiality and integrity 46 integrity for the VM's guest memory and execution state (vCPU registers), 51 …w.amd.com/system/files/techdocs/sev-snp-strengthening-vm-isolation-with-integrity-protection-and-m… 163 integrity protection. This threat model assumes that those features are 168 1. Preserve the confidentiality and integrity of CoCo guest's private 201 data should also be considered untrusted until its integrity and 226 This allows the host to break the integrity of the code running 233 integrity or freshness of such data.
|
H A D | digsig.rst | 20 Currently digital signatures are used by the IMA/EVM integrity protection subsystem. 70 * Verifies data integrity against digital signature.
|
/linux/arch/powerpc/configs/ |
H A D | security.config | 3 # This is the equivalent of booting with lockdown=integrity
|
/linux/security/ |
H A D | Makefile | 30 obj-$(CONFIG_INTEGRITY) += integrity/
|
/linux/Documentation/admin-guide/ |
H A D | jfs.rst | 28 from backup media. The integrity of the volume is not 31 integrity(*)
|