Home
last modified time | relevance | path

Searched refs:trusted (Results 1 – 25 of 113) sorted by relevance

12345

/Linux-v5.15/crypto/asymmetric_keys/
Drestrict.c121 struct key *trusted, bool check_dest) in key_or_keyring_common() argument
134 if (!trusted && !check_dest) in key_or_keyring_common()
146 if (trusted) { in key_or_keyring_common()
147 if (trusted->type == &key_type_keyring) { in key_or_keyring_common()
149 key = find_asymmetric_key(trusted, sig->auth_ids[0], in key_or_keyring_common()
153 } else if (trusted->type == &key_type_asymmetric) { in key_or_keyring_common()
156 signer_ids = asymmetric_key_ids(trusted); in key_or_keyring_common()
180 key = __key_get(trusted); in key_or_keyring_common()
186 key = __key_get(trusted); in key_or_keyring_common()
233 struct key *trusted) in restrict_link_by_key_or_keyring() argument
[all …]
/Linux-v5.15/security/keys/trusted-keys/
DMakefile6 obj-$(CONFIG_TRUSTED_KEYS) += trusted.o
7 trusted-y += trusted_core.o
8 trusted-y += trusted_tpm1.o
11 trusted-y += trusted_tpm2.o
12 trusted-y += tpm2key.asn1.o
14 trusted-$(CONFIG_TEE) += trusted_tee.o
/Linux-v5.15/Documentation/devicetree/bindings/arm/firmware/
Dtlm,trusted-foundations.txt5 presence by declaring a node compatible with "tlm,trusted-foundations"
9 - compatible: "tlm,trusted-foundations"
15 trusted-foundations {
16 compatible = "tlm,trusted-foundations";
/Linux-v5.15/Documentation/security/keys/
Dtrusted-encrypted.rst112 ‘master’ key can either be a trusted-key or user-key type. The main disadvantage
113 of encrypted keys is that if they are not rooted in a trusted key, they are only
124 TPM 1.2: By default, trusted keys are sealed under the SRK, which has the
146 keyctl add trusted name "new keylen [options]" ring
147 keyctl add trusted name "load hex_blob [pcrlock=pcrnum]" ring
183 keyctl add trusted name "new keylen" ring
184 keyctl add trusted name "load hex_blob" ring
208 key-type:= 'trusted' | 'user'
210 Examples of trusted and encrypted key usage
213 Create and save a trusted key named "kmk" of length 32 bytes.
[all …]
Dindex.rst11 trusted-encrypted
Decryptfs.rst35 time after the unsealing of a 'trusted' key in order to perform the mount in a
49 key-type:= 'trusted' | 'user'
/Linux-v5.15/certs/
DKconfig45 bool "Provide system-wide ring of trusted keys"
49 Provide a system keyring to which trusted keys can be added. Keys in
50 the keyring are considered to be trusted. Keys may be added at will
62 containing trusted X.509 certificates to be included in the default
64 also trusted.
75 image. This allows introducing a trusted certificate to the default
92 into the kernel or already in the secondary trusted keyring.
/Linux-v5.15/security/integrity/ima/
DKconfig205 be signed and verified by a public key on the trusted IMA
218 and verified by a public key on the trusted IMA keyring.
230 and verified by a key on the trusted IMA keyring.
261 keyring be signed by a key on the system trusted keyring.
275 secondary trusted keyrings.
280 built-in or secondary trusted keyrings.
294 bool "Load X509 certificate onto the '.ima' trusted keyring"
299 loaded on the .ima trusted keyring. These public keys are
300 X509 certificates signed by a trusted key on the
302 loading from the kernel onto the '.ima' trusted keyring.
[all …]
/Linux-v5.15/include/crypto/
Dpublic_key.h67 struct key *trusted);
72 struct key *trusted);
/Linux-v5.15/security/integrity/evm/
DKconfig59 bool "Load an X509 certificate onto the '.evm' trusted keyring"
63 Load an X509 certificate onto the '.evm' trusted keyring.
66 onto the '.evm' trusted keyring. A public key can be used to
/Linux-v5.15/Documentation/ABI/testing/
Devm12 trusted/encrypted key stored in the Kernel Key
88 as part of the trusted boot. For more information on
89 creating and loading existing trusted/encrypted keys,
91 Documentation/security/keys/trusted-encrypted.rst. Both
/Linux-v5.15/Documentation/admin-guide/hw-vuln/
Dcore-scheduling.rst21 user-designated trusted group can share a core. This increase in core sharing
100 trusted (same cookie) at any point in time. Kernel threads are assumed trusted.
109 the idle task is selected. Idle task is globally trusted.
125 priority task is not trusted with respect to the core wide highest priority
126 task. If a sibling does not have a trusted task to run, it will be forced idle
156 and are considered system-wide trusted. The forced-idling of siblings running
165 Core scheduling tries to guarantee that only trusted tasks run concurrently on a
167 concurrently or kernel could be running concurrently with a task not trusted by
172 Core scheduling selects only trusted tasks to run together. IPI is used to notify
206 allowing system processes (trusted tasks) to share a core.
/Linux-v5.15/drivers/net/ethernet/intel/ice/
Dice_virtchnl_pf.h93 u8 trusted:1; member
138 int ice_set_vf_trust(struct net_device *netdev, int vf_id, bool trusted);
220 int __always_unused vf_id, bool __always_unused trusted) in ice_set_vf_trust() argument
/Linux-v5.15/security/integrity/
DKconfig52 .evm keyrings be signed by a key on the system trusted
56 bool "Provide keyring for platform/firmware trusted keys"
60 Provide a separate, distinct keyring for platform trusted keys, which
/Linux-v5.15/Documentation/admin-guide/device-mapper/
Dverity.rst64 and the salt. This hash should be trusted as there is no other authenticity
138 trusted keyring by default, or the secondary trusted keyring if
140 trusted keyring includes by default the builtin trusted keyring, and it can
142 already in the secondary trusted keyring.
/Linux-v5.15/include/linux/
Dif_link.h30 __u32 trusted; member
/Linux-v5.15/security/keys/
DMakefile31 obj-$(CONFIG_TRUSTED_KEYS) += trusted-keys/
/Linux-v5.15/drivers/net/netdevsim/
Dnetdev.c161 nsim_bus_dev->vfconfigs[vf].trusted = val; in nsim_set_vf_trust()
184 ivi->trusted = nsim_bus_dev->vfconfigs[vf].trusted; in nsim_get_vf_config()
/Linux-v5.15/drivers/net/ethernet/pensando/ionic/
Dionic.h33 u8 trusted; member
/Linux-v5.15/drivers/net/ethernet/intel/ixgbe/
Dixgbe_sriov.c108 adapter->vfinfo[i].trusted = false; in __ixgbe_enable_sriov()
928 if (adapter->vfinfo[vf].pf_set_mac && !adapter->vfinfo[vf].trusted && in ixgbe_set_vf_mac_addr()
970 if (adapter->vfinfo[vf].pf_set_mac && !adapter->vfinfo[vf].trusted && in ixgbe_set_vf_macvlan_msg()
1151 !adapter->vfinfo[vf].trusted) { in ixgbe_update_vf_xcast_mode()
1687 if (adapter->vfinfo[vf].trusted == setting) in ixgbe_ndo_set_vf_trust()
1690 adapter->vfinfo[vf].trusted = setting; in ixgbe_ndo_set_vf_trust()
1715 ivi->trusted = adapter->vfinfo[vf].trusted; in ixgbe_ndo_get_vf_config()
/Linux-v5.15/Documentation/filesystems/
Doverlayfs.rst103 creation of trusted.* and/or user.* extended attributes, and must provide
153 A directory is made opaque by setting the xattr "trusted.overlay.opaque"
202 copied up (but not the contents). Then the "trusted.overlay.redirect"
243 upper directory is stored in a "trusted.overlay.upper" extended attribute
365 "trusted." xattrs will require CAP_SYS_ADMIN. But it should be possible
396 filesystem, are encoded and stored in the "trusted.overlay.origin" extended
491 attribute "trusted.overlay.origin" on the upper inode.
495 to by the "trusted.overlay.redirect" extended attribute, will verify
514 "trusted.overlay.upper" with an encoded file handle of the upper
531 are stored in extended attribute "trusted.overlay.origin".
[all …]
/Linux-v5.15/drivers/net/ethernet/intel/i40e/
Di40e_virtchnl_pf.h80 bool trusted; member
/Linux-v5.15/Documentation/crypto/
Dasymmetric-keys.rst338 1) Restrict using the kernel builtin trusted keyring
343 The kernel builtin trusted keyring will be searched for the signing key.
344 If the builtin trusted keyring is not configured, all links will be
348 2) Restrict using the kernel builtin and secondary trusted keyrings
353 The kernel builtin and secondary trusted keyrings will be searched for the
354 signing key. If the secondary trusted keyring is not configured, this
/Linux-v5.15/drivers/crypto/ccp/
DKconfig47 enable third-party trusted applications.
/Linux-v5.15/arch/arm/boot/dts/
Dtegra114-tn7.dts24 trusted-foundations {
25 compatible = "tlm,trusted-foundations";

12345