/linux-6.6.21/security/integrity/ |
D | Makefile | 6 obj-$(CONFIG_INTEGRITY) += integrity.o 8 integrity-y := iint.o 9 integrity-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o 10 integrity-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o 11 integrity-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o 12 integrity-$(CONFIG_INTEGRITY_PLATFORM_KEYRING) += platform_certs/platform_keyring.o 13 integrity-$(CONFIG_INTEGRITY_MACHINE_KEYRING) += platform_certs/machine_keyring.o 14 integrity-$(CONFIG_LOAD_UEFI_KEYS) += platform_certs/efi_parser.o \ 17 integrity-$(CONFIG_LOAD_IPL_KEYS) += platform_certs/load_ipl_s390.o 18 integrity-$(CONFIG_LOAD_PPC_KEYS) += platform_certs/efi_parser.o \
|
D | Kconfig | 8 This option enables the integrity subsystem, which is comprised 46 bool "Require all keys on the integrity keyrings be signed" 119 bool "Enables integrity auditing support " 123 In addition to enabling integrity auditing support, this 125 controls the level of integrity auditing messages. 126 0 - basic integrity auditing messages (default) 127 1 - additional integrity auditing messages 129 Additional informational integrity auditing messages would 133 source "security/integrity/ima/Kconfig" 134 source "security/integrity/evm/Kconfig"
|
/linux-6.6.21/Documentation/block/ |
D | data-integrity.rst | 18 support for appending integrity metadata to an I/O. The integrity 29 DIF and the other integrity extensions is that the protection format 31 integrity of the I/O and reject it if corruption is detected. This 40 allow the operating system to interact with the integrity metadata 46 information to each sector. The data + integrity metadata is stored 53 encouraged them to allow separation of the data and integrity metadata 67 when writing and vice versa. This allows the integrity metadata to be 73 buffers and the integrity metadata. These two distinct buffers must 76 The separation of the data and integrity metadata buffers as well as 85 The data integrity framework in Linux enables protection information [all …]
|
D | index.rst | 14 data-integrity
|
/linux-6.6.21/Documentation/admin-guide/device-mapper/ |
D | dm-integrity.rst | 2 dm-integrity 5 The dm-integrity target emulates a block device that has additional 6 per-sector tags that can be used for storing integrity information. 8 A general problem with storing integrity tags with every sector is that 9 writing the sector and the integrity tag must be atomic - i.e. in case of 10 crash, either both sector and integrity tag or none of them is written. 12 To guarantee write atomicity, the dm-integrity target uses journal, it 13 writes sector data and integrity tags into a journal, commits the journal 14 and then copies the data and integrity tags to their respective location. 16 The dm-integrity target can be used with the dm-crypt target - in this [all …]
|
D | dm-crypt.rst | 132 integrity:<bytes>:<type> 134 in per-bio integrity structure. This metadata must by provided 135 by underlying dm-integrity target. 141 integrity for the encrypted device. The additional space is then
|
D | dm-ima.rst | 15 target types like crypt, verity, integrity etc. Each of these target 49 /sys/kernel/security/integrity/ima/ascii_runtime_measurements 50 /sys/kernel/security/integrity/ima/binary_runtime_measurements 62 TEMPLATE_NAME := Template name that registered the integrity value (e.g. ima-buf). 143 target_name := Name of the target. 'linear', 'crypt', 'integrity' etc. 331 #. integrity 418 3. integrity 421 section above) has the following data format for 'integrity' target. 430 target_name := "target_name=integrity" 450 When a 'integrity' target is loaded, then IMA ASCII measurement log will have an entry [all …]
|
D | index.rst | 18 dm-integrity
|
D | verity.rst | 5 Device-Mapper's "verity" target provides transparent integrity checking of 32 This is the device containing data, the integrity of which needs to be 162 Cryptographic hashes are used to assert the integrity of the device on a 170 integrity checking is essential. 205 It is expected that a user-space tool will verify the integrity of the
|
/linux-6.6.21/include/linux/ |
D | t10-pi.h | 45 if (rq->q->integrity.interval_exp) in t10_pi_ref_tag() 46 shift = rq->q->integrity.interval_exp; in t10_pi_ref_tag() 76 if (rq->q->integrity.interval_exp) in ext_pi_ref_tag() 77 shift = rq->q->integrity.interval_exp; in ext_pi_ref_tag()
|
D | blk-integrity.h | 48 struct blk_integrity *bi = &disk->queue->integrity; in blk_get_integrity() 65 return q->integrity.profile; in blk_integrity_queue_supports_integrity()
|
/linux-6.6.21/Documentation/ABI/stable/ |
D | sysfs-class-tpm | 4 Contact: linux-integrity@vger.kernel.org 12 Contact: linux-integrity@vger.kernel.org 24 Contact: linux-integrity@vger.kernel.org 32 Contact: linux-integrity@vger.kernel.org 49 Contact: linux-integrity@vger.kernel.org 72 Contact: linux-integrity@vger.kernel.org 81 Contact: linux-integrity@vger.kernel.org 89 Contact: linux-integrity@vger.kernel.org 112 Contact: linux-integrity@vger.kernel.org 164 Contact: linux-integrity@vger.kernel.org [all …]
|
D | sysfs-block | 53 What: /sys/block/<disk>/integrity/device_is_integrity_capable 58 integrity metadata. Set if the device is T10 PI-capable. 61 What: /sys/block/<disk>/integrity/format 65 Metadata format for integrity capable block device. 69 What: /sys/block/<disk>/integrity/protection_interval_bytes 74 by one integrity tuple. Typically the device's logical 78 What: /sys/block/<disk>/integrity/read_verify 83 integrity of read requests serviced by devices that 84 support sending integrity metadata. 87 What: /sys/block/<disk>/integrity/tag_size [all …]
|
/linux-6.6.21/tools/testing/selftests/net/ |
D | tcp_mmap.c | 89 static int integrity; /* -i option: sender and receiver compute sha256 over the data.*/ variable 205 if (integrity) { in child_thread() 233 if (integrity) in child_thread() 249 if (integrity) in child_thread() 268 if (integrity) in child_thread() 280 if (integrity) { in child_thread() 504 integrity = 1; in main() 581 if (integrity) { in main() 601 if (integrity) in main() 605 if (integrity && total == FILE_SZ) { in main()
|
/linux-6.6.21/block/ |
D | blk-integrity.c | 123 struct blk_integrity *b1 = &gd1->queue->integrity; in blk_integrity_compare() 124 struct blk_integrity *b2 = &gd2->queue->integrity; in blk_integrity_compare() 217 return &dev_to_disk(dev)->queue->integrity; in dev_to_bi() 364 struct blk_integrity *bi = &disk->queue->integrity; in blk_integrity_register() 394 struct blk_integrity *bi = &disk->queue->integrity; in blk_integrity_unregister()
|
D | t10-pi.c | 137 const int tuple_sz = rq->q->integrity.tuple_size; in t10_pi_type1_prepare() 186 unsigned intervals = nr_bytes >> rq->q->integrity.interval_exp; in t10_pi_type1_complete() 187 const int tuple_sz = rq->q->integrity.tuple_size; in t10_pi_type1_complete() 376 const int tuple_sz = rq->q->integrity.tuple_size; in ext_pi_type1_prepare() 414 unsigned intervals = nr_bytes >> rq->q->integrity.interval_exp; in ext_pi_type1_complete() 415 const int tuple_sz = rq->q->integrity.tuple_size; in ext_pi_type1_complete()
|
D | Makefile | 29 obj-$(CONFIG_BLK_DEV_INTEGRITY) += bio-integrity.o blk-integrity.o
|
/linux-6.6.21/security/integrity/evm/ |
D | Kconfig | 12 integrity attacks. 56 /sys/kernel/security/integrity/evm/evm_xattrs. 67 verify EVM integrity starting from the 'init' process. The
|
/linux-6.6.21/Documentation/staging/ |
D | xz.rst | 16 for integrity checking. The home page of XZ Embedded is at 59 Since the XZ Embedded supports only streams with no integrity check or 60 CRC32, make sure that you don't use some other integrity check type 67 which will verify the integrity of the uncompressed data anyway. 68 Double checking the integrity would probably be waste of CPU cycles. 70 by the decoder; you can only change the integrity check type (or
|
/linux-6.6.21/security/integrity/ima/ |
D | Kconfig | 25 an aggregate integrity value over this list inside the 52 that IMA uses to maintain the integrity aggregate of the 87 prompt "Default integrity hash algorithm" 91 list, integrity appraisal and audit log. The compiled default 144 bool "Appraise integrity measurements" 147 This option enables local measurement integrity appraisal. 153 For more information on integrity appraisal refer to:
|
/linux-6.6.21/fs/btrfs/ |
D | Kconfig | 52 bool "Btrfs with integrity check tool compiled in (DEPRECATED)" 63 If the integrity check tool is included and activated in 69 to verify the integrity of (super)-block write requests
|
/linux-6.6.21/security/ |
D | Makefile | 29 obj-$(CONFIG_INTEGRITY) += integrity/
|
/linux-6.6.21/arch/powerpc/configs/ |
D | security.config | 3 # This is the equivalent of booting with lockdown=integrity
|
/linux-6.6.21/Documentation/security/ |
D | digsig.rst | 20 Currently digital signatures are used by the IMA/EVM integrity protection subsystem. 70 * Verifies data integrity against digital signature.
|
/linux-6.6.21/Documentation/admin-guide/ |
D | jfs.rst | 28 from backup media. The integrity of the volume is not 31 integrity(*)
|