Home
last modified time | relevance | path

Searched refs:integrity (Results 1 – 25 of 147) sorted by relevance

123456

/linux-6.15/security/integrity/
H A DMakefile6 obj-$(CONFIG_INTEGRITY) += integrity.o
8 integrity-y := iint.o
9 integrity-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o
10 integrity-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o
11 integrity-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
12 integrity-$(CONFIG_INTEGRITY_PLATFORM_KEYRING) += platform_certs/platform_keyring.o
13 integrity-$(CONFIG_INTEGRITY_MACHINE_KEYRING) += platform_certs/machine_keyring.o
14 integrity-$(CONFIG_LOAD_UEFI_KEYS) += platform_certs/efi_parser.o \
17 integrity-$(CONFIG_LOAD_IPL_KEYS) += platform_certs/load_ipl_s390.o
18 integrity-$(CONFIG_LOAD_PPC_KEYS) += platform_certs/efi_parser.o \
H A DKconfig8 This option enables the integrity subsystem, which is comprised
46 bool "Require all keys on the integrity keyrings be signed"
119 bool "Enables integrity auditing support "
123 In addition to enabling integrity auditing support, this
125 controls the level of integrity auditing messages.
126 0 - basic integrity auditing messages (default)
127 1 - additional integrity auditing messages
129 Additional informational integrity auditing messages would
133 source "security/integrity/ima/Kconfig"
134 source "security/integrity/evm/Kconfig"
/linux-6.15/Documentation/block/
H A Ddata-integrity.rst18 support for appending integrity metadata to an I/O. The integrity
40 allow the operating system to interact with the integrity metadata
136 The data integrity patches add a new field to struct bio when
140 containing the integrity metadata and the required housekeeping
156 Block devices can set up the integrity information in the integrity
179 /sys/block/<bdev>/integrity/write_generate
183 /sys/block/<bdev>/integrity/read_verify
222 The integrity payload will be freed at bio_free() time.
230 the integrity metadata in the pages must be in a format
235 integrity metadata must have a value of bip->bip_sector.
[all …]
H A Dindex.rst14 data-integrity
/linux-6.15/Documentation/admin-guide/device-mapper/
H A Ddm-integrity.rst2 dm-integrity
55 3. unload the dm-integrity target
57 5. load the dm-integrity target with the target size
68 dm-integrity won't read of write these sectors
79 and integrity tag doesn't match.
81 data and integrity tags are written to the
95 I - inline mode - in this mode, dm-integrity will store integrity
99 space for the selected integrity tag.
137 generate and verify the integrity tags.
230 1. the number of integrity mismatches
[all …]
H A Ddm-crypt.rst137 integrity:<bytes>:<type>
139 in per-bio integrity structure. This metadata must by provided
140 by underlying dm-integrity target.
146 integrity for the encrypted device. The additional space is then
150 Optionally set the integrity key size if it differs from the digest size.
169 Use an integrity key of <bytes> size instead of using an integrity key size
H A Ddm-ima.rst15 target types like crypt, verity, integrity etc. Each of these target
49 /sys/kernel/security/integrity/ima/ascii_runtime_measurements
50 /sys/kernel/security/integrity/ima/binary_runtime_measurements
62 TEMPLATE_NAME := Template name that registered the integrity value (e.g. ima-buf).
143 target_name := Name of the target. 'linear', 'crypt', 'integrity' etc.
331 #. integrity
418 3. integrity
421 section above) has the following data format for 'integrity' target.
430 target_name := "target_name=integrity"
450 When a 'integrity' target is loaded, then IMA ASCII measurement log will have an entry
[all …]
H A Dindex.rst18 dm-integrity
/linux-6.15/include/linux/
H A Dt10-pi.h45 rq->q->limits.integrity.interval_exp) in t10_pi_ref_tag()
46 shift = rq->q->limits.integrity.interval_exp; in t10_pi_ref_tag()
70 rq->q->limits.integrity.interval_exp) in ext_pi_ref_tag()
71 shift = rq->q->limits.integrity.interval_exp; in ext_pi_ref_tag()
H A Dblk-integrity.h36 return q->limits.integrity.tuple_size; in blk_integrity_queue_supports_integrity()
43 return &disk->queue->limits.integrity; in blk_get_integrity()
/linux-6.15/Documentation/ABI/stable/
H A Dsysfs-class-tpm4 Contact: linux-integrity@vger.kernel.org
12 Contact: linux-integrity@vger.kernel.org
24 Contact: linux-integrity@vger.kernel.org
32 Contact: linux-integrity@vger.kernel.org
49 Contact: linux-integrity@vger.kernel.org
72 Contact: linux-integrity@vger.kernel.org
81 Contact: linux-integrity@vger.kernel.org
89 Contact: linux-integrity@vger.kernel.org
112 Contact: linux-integrity@vger.kernel.org
164 Contact: linux-integrity@vger.kernel.org
[all …]
H A Dsysfs-block118 What: /sys/block/<disk>/integrity/format
122 Metadata format for integrity capable block device.
138 by one integrity tuple. Typically the device's logical
142 What: /sys/block/<disk>/integrity/read_verify
147 integrity of read requests serviced by devices that
148 support sending integrity metadata.
151 What: /sys/block/<disk>/integrity/tag_size
155 Number of bytes of integrity tag space available per
165 (even if the device provides application integrity
169 What: /sys/block/<disk>/integrity/write_generate
[all …]
/linux-6.15/tools/testing/selftests/net/
H A Dtcp_mmap.c89 static int integrity; /* -i option: sender and receiver compute sha256 over the data.*/ variable
205 if (integrity) { in child_thread()
233 if (integrity) in child_thread()
249 if (integrity) in child_thread()
268 if (integrity) in child_thread()
280 if (integrity) { in child_thread()
504 integrity = 1; in main()
581 if (integrity) { in main()
601 if (integrity) in main()
605 if (integrity && total == FILE_SZ) { in main()
/linux-6.15/Documentation/security/
H A Dipe.rst17 strong integrity guarantees over both the executable code, and specific
19 specific data files would not be readable unless they passed integrity
22 of what would provide the integrity claims. At the time, there were two
23 main mechanisms considered that could guarantee integrity for the system
41 enforce the integrity policy, or it should not.
48 file should be subject to integrity policy.
78 1. The policy itself must be integrity verified (preventing trivial
89 IMA, as the only integrity policy mechanism at the time, was
100 separation of measurement policy from local integrity policy
120 integrity is independent of the policy for enforcing that integrity claim.
[all …]
H A Dsnp-tdx-threat-model.rst26 security technologies that aim to protect the confidentiality and integrity
46 integrity for the VM's guest memory and execution state (vCPU registers),
51 …w.amd.com/system/files/techdocs/sev-snp-strengthening-vm-isolation-with-integrity-protection-and-m…
163 integrity protection. This threat model assumes that those features are
168 1. Preserve the confidentiality and integrity of CoCo guest's private
201 data should also be considered untrusted until its integrity and
226 This allows the host to break the integrity of the code running
233 integrity or freshness of such data.
H A Ddigsig.rst20 Currently digital signatures are used by the IMA/EVM integrity protection subsystem.
70 * Verifies data integrity against digital signature.
/linux-6.15/Documentation/staging/
H A Dxz.rst13 for executable code. CRC32 is supported for integrity checking.
53 Since the XZ Embedded supports only streams with CRC32 or no integrity
54 check, make sure that you don't use some other integrity check type
62 which will verify the integrity of the uncompressed data anyway.
63 Double checking the integrity would probably be waste of CPU cycles.
65 by the decoder; you can only change the integrity check type (or
/linux-6.15/block/
H A DMakefile29 obj-$(CONFIG_BLK_DEV_INTEGRITY) += bio-integrity.o blk-integrity.o t10-pi.o \
30 bio-integrity-auto.o
H A Dt10-pi.c127 struct blk_integrity *bi = &rq->q->limits.integrity; in t10_pi_type1_prepare()
178 struct blk_integrity *bi = &rq->q->limits.integrity; in t10_pi_type1_complete()
301 struct blk_integrity *bi = &rq->q->limits.integrity; in ext_pi_type1_prepare()
341 struct blk_integrity *bi = &rq->q->limits.integrity; in ext_pi_type1_complete()
451 struct blk_integrity *bi = &rq->q->limits.integrity; in blk_integrity_prepare()
464 struct blk_integrity *bi = &rq->q->limits.integrity; in blk_integrity_complete()
H A Dblk-integrity.c184 return &dev_to_disk(dev)->queue->limits.integrity; in dev_to_bi()
225 lim.integrity.flags &= ~flag; in flag_store()
227 lim.integrity.flags |= flag; in flag_store()
/linux-6.15/security/integrity/evm/
H A DKconfig13 integrity attacks.
57 /sys/kernel/security/integrity/evm/evm_xattrs.
68 verify EVM integrity starting from the 'init' process. The
/linux-6.15/security/integrity/ima/
H A DKconfig26 an aggregate integrity value over this list inside the
53 that IMA uses to maintain the integrity aggregate of the
88 prompt "Default integrity hash algorithm"
92 list, integrity appraisal and audit log. The compiled default
145 bool "Appraise integrity measurements"
148 This option enables local measurement integrity appraisal.
154 For more information on integrity appraisal refer to:
/linux-6.15/arch/powerpc/configs/
H A Dsecurity.config3 # This is the equivalent of booting with lockdown=integrity
/linux-6.15/security/
H A DMakefile31 obj-$(CONFIG_INTEGRITY) += integrity/
/linux-6.15/Documentation/admin-guide/
H A Djfs.rst28 from backup media. The integrity of the volume is not
31 integrity(*)

123456