| /Linux-v4.19/crypto/asymmetric_keys/ |
| D | restrict.c | 125 struct key *trusted, bool check_dest) in key_or_keyring_common() argument
138 if (!trusted && !check_dest) in key_or_keyring_common()
150 if (trusted) { in key_or_keyring_common()
151 if (trusted->type == &key_type_keyring) { in key_or_keyring_common()
153 key = find_asymmetric_key(trusted, sig->auth_ids[0], in key_or_keyring_common()
157 } else if (trusted->type == &key_type_asymmetric) { in key_or_keyring_common()
160 signer_ids = asymmetric_key_ids(trusted); in key_or_keyring_common()
184 key = __key_get(trusted); in key_or_keyring_common()
190 key = __key_get(trusted); in key_or_keyring_common()
237 struct key *trusted) in restrict_link_by_key_or_keyring() argument
[all …]
|
| /Linux-v4.19/Documentation/security/keys/ |
| D | trusted-encrypted.rst | 21 By default, trusted keys are sealed under the SRK, which has the default
27 keyctl add trusted name "new keylen [options]" ring
28 keyctl add trusted name "load hex_blob [pcrlock=pcrnum]" ring
60 'master' key can either be a trusted-key or user-key type. The main
61 disadvantage of encrypted keys is that if they are not rooted in a trusted key,
80 key-type:= 'trusted' | 'user'
83 Examples of trusted and encrypted key usage:
85 Create and save a trusted key named "kmk" of length 32 bytes::
87 $ keyctl add trusted kmk "new 32" @u
94 440502848 --alswrv 500 500 \_ trusted: kmk
[all …]
|
| D | index.rst | 11 trusted-encrypted
|
| D | ecryptfs.rst | 35 time after the unsealing of a 'trusted' key in order to perform the mount in a
49 key-type:= 'trusted' | 'user'
|
| /Linux-v4.19/Documentation/devicetree/bindings/arm/firmware/ |
| D | tlm,trusted-foundations.txt | 5 presence by declaring a node compatible with "tlm,trusted-foundations"
9 - compatible: "tlm,trusted-foundations"
15 trusted-foundations {
16 compatible = "tlm,trusted-foundations";
|
| /Linux-v4.19/certs/ |
| D | Kconfig | 19 bool "Provide system-wide ring of trusted keys"
23 Provide a system keyring to which trusted keys can be added. Keys in
24 the keyring are considered to be trusted. Keys may be added at will
36 containing trusted X.509 certificates to be included in the default
38 also trusted.
49 image. This allows introducing a trusted certificate to the default
66 into the kernel or already in the secondary trusted keyring.
|
| /Linux-v4.19/security/integrity/ima/ |
| D | Kconfig | 191 be signed and verified by a public key on the trusted IMA
204 and verified by a public key on the trusted IMA keyring.
216 and verified by a key on the trusted IMA keyring.
234 keyring be signed by a key on the system trusted keyring.
248 secondary trusted keyrings.
253 built-in or secondary trusted keyrings.
267 bool "Load X509 certificate onto the '.ima' trusted keyring"
272 loaded on the .ima trusted keyring. These public keys are
273 X509 certificates signed by a trusted key on the
275 loading from the kernel onto the '.ima' trusted keyring.
|
| /Linux-v4.19/include/crypto/ |
| D | public_key.h | 61 struct key *trusted);
66 struct key *trusted);
|
| /Linux-v4.19/Documentation/ABI/testing/ |
| D | evm | 12 trusted/encrypted key stored in the Kernel Key
53 as part of the trusted boot. For more information on
54 creating and loading existing trusted/encrypted keys,
56 Documentation/security/keys/trusted-encrypted.rst. Both
|
| D | sysfs-class-bdi | 50 be trusted to play fair.
|
| /Linux-v4.19/security/integrity/evm/ |
| D | Kconfig | 58 bool "Load an X509 certificate onto the '.evm' trusted keyring"
62 Load an X509 certificate onto the '.evm' trusted keyring.
65 onto the '.evm' trusted keyring. A public key can be used to
|
| /Linux-v4.19/include/linux/ |
| D | if_link.h | 30 __u32 trusted; member
|
| /Linux-v4.19/security/keys/ |
| D | Makefile | 30 obj-$(CONFIG_TRUSTED_KEYS) += trusted.o
|
| /Linux-v4.19/drivers/net/netdevsim/ |
| D | netdev.c | 38 bool trusted; member
405 ns->vfconfigs[vf].trusted = val; in nsim_set_vf_trust()
427 ivi->trusted = ns->vfconfigs[vf].trusted; in nsim_get_vf_config()
|
| /Linux-v4.19/arch/arm/firmware/ |
| D | Kconfig | 24 tlm,trusted-foundations device tree binding documentation for details
|
| /Linux-v4.19/Documentation/filesystems/ |
| D | overlayfs.txt | 68 is it must support the creation of trusted.* extended attributes, and
118 A directory is made opaque by setting the xattr "trusted.overlay.opaque"
167 copied up (but not the contents). Then the "trusted.overlay.redirect"
208 upper directory is stored in a "trusted.overlay.upper" extended attribute
286 "trusted." xattrs will require CAP_SYS_ADMIN. But it should be possible
311 filesystem, are encoded and stored in the "trusted.overlay.origin" extended
386 attribute "trusted.overlay.origin" on the upper inode.
390 to by the "trusted.overlay.redirect" extended attribute, will verify
409 "trusted.overlay.upper" with an encoded file handle of the upper
426 are stored in extended attribute "trusted.overlay.origin".
|
| /Linux-v4.19/drivers/net/ethernet/intel/ixgbe/ |
| D | ixgbe_sriov.c | 108 adapter->vfinfo[i].trusted = false; in __ixgbe_enable_sriov()
915 if (adapter->vfinfo[vf].pf_set_mac && !adapter->vfinfo[vf].trusted && in ixgbe_set_vf_mac_addr()
957 if (adapter->vfinfo[vf].pf_set_mac && !adapter->vfinfo[vf].trusted && in ixgbe_set_vf_macvlan_msg()
1133 !adapter->vfinfo[vf].trusted) { in ixgbe_update_vf_xcast_mode()
1663 if (adapter->vfinfo[vf].trusted == setting) in ixgbe_ndo_set_vf_trust()
1666 adapter->vfinfo[vf].trusted = setting; in ixgbe_ndo_set_vf_trust()
1691 ivi->trusted = adapter->vfinfo[vf].trusted; in ixgbe_ndo_get_vf_config()
|
| /Linux-v4.19/Documentation/devicetree/bindings/arm/ |
| D | tegra.txt | 60 "tlm,trusted-foundations" binding's documentation for more details.
|
| /Linux-v4.19/drivers/net/ethernet/intel/i40e/ |
| D | i40e_virtchnl_pf.h | 79 bool trusted; member
|
| /Linux-v4.19/drivers/crypto/ccp/ |
| D | Kconfig | 46 enable third-party trusted applications.
|
| /Linux-v4.19/Documentation/crypto/ |
| D | asymmetric-keys.txt | 327 (1) Restrict using the kernel builtin trusted keyring
332 The kernel builtin trusted keyring will be searched for the signing key.
333 If the builtin trusted keyring is not configured, all links will be
337 (2) Restrict using the kernel builtin and secondary trusted keyrings
342 The kernel builtin and secondary trusted keyrings will be searched for the
343 signing key. If the secondary trusted keyring is not configured, this
|
| /Linux-v4.19/arch/arm/boot/dts/ |
| D | tegra114-tn7.dts | 24 trusted-foundations {
25 compatible = "tlm,trusted-foundations";
|
| /Linux-v4.19/Documentation/ABI/stable/ |
| D | sysfs-bus-usb | 126 be trusted, as the device may have a smaller config descriptor
128 can be trusted, and can be used to seek forward one (sub)
|
| /Linux-v4.19/include/net/ |
| D | af_vsock.h | 46 bool trusted; member
|
| /Linux-v4.19/security/integrity/ |
| D | Kconfig | 51 .evm keyrings be signed by a key on the system trusted
|
