Home
last modified time | relevance | path

Searched refs:encryption (Results 1 – 25 of 80) sorted by relevance

1234

/Linux-v5.4/Documentation/x86/
Damd-memory-encryption.rst23 A page is encrypted when a page table entry has the encryption bit set (see
24 below on how to determine its position). The encryption bit can also be
26 successive level of page tables can also be encrypted by setting the encryption
29 encryption bit is set in cr3, doesn't imply the full hierarchy is encrypted.
30 Each page table entry in the hierarchy needs to have the encryption bit set to
31 achieve that. So, theoretically, you could have the encryption bit set in cr3
32 so that the PGD is encrypted, but not set the encryption bit in the PGD entry
38 memory. Since the memory encryption bit is controlled by the guest OS when it
40 forces the memory encryption bit to 1.
50 encryption
[all …]
Dindex.rst25 amd-memory-encryption
/Linux-v5.4/Documentation/filesystems/
Dfscrypt.rst2 Filesystem-level encryption (fscrypt)
9 transparent encryption of files and directories.
15 use encryption, see the documentation for the userspace tool `fscrypt
20 <https://source.android.com/security/encryption/file-based>`_, over
56 Provided that userspace chooses a strong encryption key, fscrypt
72 fscrypt (and storage encryption in general) can only provide limited
89 After an encryption key has been added, fscrypt does not hide the
97 encryption but rather only by the correctness of the kernel.
98 Therefore, any encryption-specific access control checks would merely
107 security vulnerability, can compromise all encryption keys that are
[all …]
Dubifs-authentication.rst16 At the current state, UBIFS encryption however does not prevent attacks where
24 Other full disk encryption systems like dm-crypt cover all filesystem metadata,
34 name encryption, the authentication system could be tied into fscrypt such that
36 be possible to use UBIFS authentication without using encryption.
390 UBIFS authentication is intended to operate side-by-side with UBIFS encryption
391 (fscrypt) to provide confidentiality and authenticity. Since UBIFS encryption
392 has a different approach of encryption policies per directory, there can be
393 multiple fscrypt master keys and there might be folders without encryption.
397 encryption, it does not share the same master key with fscrypt, but manages
407 or key in userspace that covers UBIFS authentication and encryption. This can
[all …]
/Linux-v5.4/Documentation/admin-guide/device-mapper/
Ddm-crypt.rst5 Device-Mapper's "crypt" target provides transparent encryption of block devices
17 Encryption cipher, encryption mode and Initial Vector (IV) generator.
52 Key used for encryption. It is encoded either as a hexadecimal number
66 The encryption key size in bytes. The kernel key payload size must match
112 Perform encryption using the same cpu that IO was submitted on.
113 The default is to use an unbound workqueue so that encryption work
117 Disable offloading writes to a separate thread after encryption.
119 encryption threads to a single thread degrades performance
137 Use <bytes> as the encryption unit instead of 512 bytes sectors.
153 encryption with dm-crypt using the 'cryptsetup' utility, see
[all …]
/Linux-v5.4/net/sunrpc/
DKconfig39 bool "Secure RPC: Disable insecure Kerberos encryption types"
43 Choose Y here to disable the use of deprecated encryption types
45 deprecated encryption types include DES-CBC-MD5, DES-CBC-CRC,
50 keytabs that contain only these deprecated encryption types.
51 Choosing Y prevents the use of known-insecure encryption types
/Linux-v5.4/fs/crypto/
DKconfig3 bool "FS Encryption (Per-file encryption)"
14 Enable encryption of files and directories. This
/Linux-v5.4/Documentation/crypto/
Ddescore-readme.txt4 des - fast & portable DES encryption & decryption.
30 1. Highest possible encryption/decryption PERFORMANCE.
50 30us per encryption (options: 64k tables, no IP/FP)
51 33us per encryption (options: 64k tables, FIPS standard bit ordering)
52 45us per encryption (options: 2k tables, no IP/FP)
53 48us per encryption (options: 2k tables, FIPS standard bit ordering)
55 this has the quickest encryption/decryption routines i've seen.
66 53us per encryption (uses 2k of tables)
70 encryption/decryption is still slower on the sparc and 68000.
84 68us per encryption (uses 2k of tables)
[all …]
Dapi-samples.rst8 all inputs are random bytes, the encryption is done in-place, and it's
29 * encryption/decryption operations. But in this example, we'll just do a
30 * single encryption operation with it (which is not very efficient).
Duserspace-if.rst95 to provide different memory pointers for the encryption and decryption
159 should be processed for encryption or decryption. In addition, the IV is
170 - ALG_OP_ENCRYPT - encryption of data
218 should be processed for encryption or decryption. In addition, the IV is
229 - ALG_OP_ENCRYPT - encryption of data
277 - AEAD encryption input: AAD \|\| plaintext
284 - AEAD encryption output: ciphertext \|\| authentication tag
375 AEAD ciphers. For a encryption operation, the authentication tag of
/Linux-v5.4/Documentation/virt/kvm/
Damd-memory-encryption.rst29 Bit[23] 1 = memory encryption can be enabled
30 0 = memory encryption can not be enabled
33 Bit[0] 1 = memory encryption can be enabled
34 0 = memory encryption can not be enabled
43 SEV hardware uses ASIDs to associate a memory encryption key with a VM.
70 The KVM_SEV_LAUNCH_START command is used for creating the memory encryption
71 context. To create the encryption context, user must provide a guest policy,
Dindex.rst10 amd-memory-encryption
/Linux-v5.4/drivers/net/wireless/cisco/
DKconfig27 - with or without encryption) as well as card before the Cisco
50 - with or without encryption) as well as card before the Cisco
/Linux-v5.4/crypto/
DKconfig340 This IV generator generates an IV based on the encryption of
382 for AES encryption.
417 normally even when applied before encryption.
456 Adiantum encryption mode.
464 Adiantum encryption mode.
473 Adiantum is a tweakable, length-preserving encryption mode
474 designed for fast and secure disk encryption, especially on
484 bound. Unlike XTS, Adiantum is a true wide-block encryption
491 tristate "ESSIV support for block encryption"
496 dm-crypt. It uses the hash of the block encryption key as the
[all …]
/Linux-v5.4/fs/cifs/
Dsmb2transport.c321 struct derivation encryption; member
337 rc = generate_key(ses, ptriplet->encryption.label, in generate_smb3signingkey()
338 ptriplet->encryption.context, ses->smb3encryptionkey, in generate_smb3signingkey()
383 d = &triplet.encryption; in generate_smb30signingkey()
411 d = &triplet.encryption; in generate_smb311signingkey()
/Linux-v5.4/net/tls/
DKconfig16 encryption handling of the TLS protocol to be done in-kernel.
/Linux-v5.4/drivers/net/wireless/
Dray_cs.h51 UCHAR encryption; member
/Linux-v5.4/fs/ecryptfs/
DKconfig22 for userspace to wrap/unwrap file encryption keys by other
/Linux-v5.4/Documentation/networking/mac80211_hwsim/
Dmac80211_hwsim.rst45 radio. Software encryption in mac80211 is used so that the frames are
47 complete testing of encryption.
/Linux-v5.4/Documentation/driver-api/mei/
Dhdcp.rst19 the HDCP encryption keys to Intel graphics hardware.
/Linux-v5.4/drivers/acpi/nfit/
DKconfig21 Some NVDIMM devices and controllers support encryption and
/Linux-v5.4/arch/arm/crypto/
DKconfig92 and for XTS mode encryption, CBC and XTS mode decryption speedup is
93 around 25%. (CBC encryption speed is not affected by this driver.)
/Linux-v5.4/fs/coda/
DKconfig11 replication, security model for authentication and encryption,
/Linux-v5.4/drivers/isdn/mISDN/
DKconfig21 echo cancellation, tone generation, and Blowfish encryption and
/Linux-v5.4/Documentation/networking/
Dtls-offload.rst42 intercepts them, inserts record framing, performs encryption (in ``TLS_SW``
46 In ``TLS_HW`` mode the encryption is not performed in the TLS ULP.
49 and send them to the device for encryption and transmission.
167 The device performs encryption and authentication of the record data.
432 for encryption of their TLS payload.
434 passed to the device for encryption.
436 encryption.
465 should still be able to perform TX offload (encryption) and should

1234