Searched refs:keyrings (Results 1 – 14 of 14) sorted by relevance
| /Linux-v5.15/security/integrity/ |
| D | Kconfig | 20 bool "Digital signature verification using multiple keyrings"
26 using multiple keyrings. It defines separate keyrings for each
28 Different keyrings improves search performance, but also allow
30 This is useful for evm and module keyrings, when keys are
46 bool "Require all keys on the integrity keyrings be signed"
52 .evm keyrings be signed by a key on the system trusted
|
| /Linux-v5.15/security/keys/ |
| D | Kconfig | 19 to five standard keyrings: UID-specific, GID-specific, session,
43 bool "Enable register of persistent per-UID keyrings"
46 This option provides a register of persistent per-UID keyrings,
47 primarily aimed at Kerberos key storage. The keyrings are persistent
126 on keys and keyrings on which the caller has View permission.
|
| /Linux-v5.15/Documentation/ABI/testing/ |
| D | ima_policy | 30 [appraise_flag=] [appraise_algos=] [keyrings=]
50 keyrings:= list of keyrings
141 measure func=KEY_CHECK keyrings=.builtin_trusted_keys|.ima
|
| /Linux-v5.15/Documentation/security/keys/ |
| D | core.rst | 26 tokens, keyrings, etc.. These are represented in the kernel by struct key.
140 * Each process subscribes to three keyrings: a thread-specific keyring, a
161 * Each user ID resident in the system holds two special keyrings: a user
172 limits the total number of keys and keyrings, the other limits the total
179 Process-specific and thread-specific keyrings are not counted towards a
186 manipulate keys and keyrings.
192 userspace to request a key that can't be found in a process's keyrings.
222 This permits keyrings to be searched and keys to be found. Searches can
223 only recurse into nested keyrings that have search permission set.
257 The default keyrings associated with users will be labeled with the default
[all …]
|
| D | request-key.rst | 81 2) request_key() searches the process's subscribed keyrings to see if there's
107 This will permit it to then search the keyrings of process A with the
127 This is because process A's keyrings can't simply be attached to
|
| /Linux-v5.15/security/integrity/ima/ |
| D | ima_policy.c | 92 struct ima_rule_opt_list *keyrings; /* Measure keys added to these keyrings */ member
368 ima_free_rule_opt_list(entry->keyrings); in ima_free_rule()
497 if (!rule->keyrings) in ima_match_rule_data()
500 opt_list = rule->keyrings; in ima_match_rule_data()
1453 entry->keyrings) { in ima_parse_rule()
1458 entry->keyrings = ima_alloc_rule_opt_list(args); in ima_parse_rule()
1459 if (IS_ERR(entry->keyrings)) { in ima_parse_rule()
1460 result = PTR_ERR(entry->keyrings); in ima_parse_rule()
1461 entry->keyrings = NULL; in ima_parse_rule()
1896 ima_show_rule_opt_list(m, entry->keyrings); in ima_policy_show()
|
| D | Kconfig | 273 Keys may be added to the IMA or IMA blacklist keyrings, if the
275 secondary trusted keyrings.
280 built-in or secondary trusted keyrings.
283 bool "Create IMA machine owner blacklist keyrings (EXPERIMENTAL)"
|
| /Linux-v5.15/Documentation/security/ |
| D | credentials.rst | 180 4. Keys and keyrings.
190 of keyrings:
197 cached on one of these keyrings for future accesses to find.
264 4. the reference count on any keyrings it points to may be changed;
266 5. any keyrings it points to may be revoked, expired or have their security
269 6. the contents of any keyrings to which it points may be changed (the whole
270 point of keyrings being a shared set of credentials, modifiable by anyone
282 longer permit attachment to process-specific keyrings in the requesting
295 changed, the keyrings subscribed to may have their contents altered.
|
| /Linux-v5.15/Documentation/networking/ |
| D | dns_resolver.rst | 125 keyrings for a cached DNS result. If that fails to find one, it upcalls to
|
| D | rxrpc.rst | 449 extracted from the calling process's keyrings with request_key() and
|
| /Linux-v5.15/Documentation/crypto/ |
| D | asymmetric-keys.rst | 348 2) Restrict using the kernel builtin and secondary trusted keyrings
353 The kernel builtin and secondary trusted keyrings will be searched for the
|
| /Linux-v5.15/Documentation/ |
| D | watch_queue.rst | 235 Notifications of this type indicate changes to keys and keyrings, including
|
| /Linux-v5.15/Documentation/filesystems/ |
| D | fscrypt.rst | 728 added is limited by the user's quota for the keyrings service (see
809 Nevertheless, to add a key to one of the process-subscribed keyrings,
848 process-subscribed keyrings mechanism.
1022 process-subscribed keyrings.
|
| /Linux-v5.15/ |
| D | MAINTAINERS | 2953 L: keyrings@vger.kernel.org
4341 L: keyrings@vger.kernel.org
10353 L: keyrings@vger.kernel.org
10364 L: keyrings@vger.kernel.org
10374 L: keyrings@vger.kernel.org
10382 L: keyrings@vger.kernel.org
|
