/linux-6.6.21/drivers/memory/tegra/ |
D | tegra194.c | 20 .security = 0x004, 30 .security = 0x00c, 40 .security = 0x014, 50 .security = 0x0ac, 60 .security = 0x0b4, 70 .security = 0x0e4, 80 .security = 0x0fc, 90 .security = 0x13c, 100 .security = 0x15c, 110 .security = 0x1ac, [all …]
|
D | tegra186.c | 78 value = readl(mc->regs + client->regs.sid.security); in tegra186_mc_client_sid_override() 97 writel(value, mc->regs + client->regs.sid.security); in tegra186_mc_client_sid_override() 155 .security = 0x004, 165 .security = 0x074, 175 .security = 0x0ac, 185 .security = 0x0b4, 195 .security = 0x0e4, 205 .security = 0x0fc, 215 .security = 0x13c, 225 .security = 0x15c, [all …]
|
D | tegra234.c | 29 .security = 0xac, 41 .security = 0xe4, 53 .security = 0x144, 65 .security = 0x14c, 77 .security = 0x154, 89 .security = 0x15c, 99 .security = 0x164, 109 .security = 0x16c, 119 .security = 0x174, 129 .security = 0x17c, [all …]
|
/linux-6.6.21/Documentation/security/ |
D | lsm.rst | 20 implemented as its own particular kernel patch. Several other security 25 patch to support its security needs. 28 remarks that described a security framework he would be willing to 30 general framework that would provide a set of security hooks to control 31 operations on kernel objects and a set of opaque security fields in 32 kernel data structures for maintaining security attributes. This 34 desired model of security. Linus also suggested the possibility of 38 such a framework. LSM was a joint development effort by several security 44 security module. 50 security modules. In particular, the LSM framework is primarily focused [all …]
|
D | lsm-development.rst | 14 see ``security/security.c`` and associated structures: 16 .. kernel-doc:: security/security.c
|
/linux-6.6.21/Documentation/driver-api/nvdimm/ |
D | security.rst | 9 specification [1], security DSMs are introduced. The spec added the following 10 security DSMs: "get security state", "set passphrase", "disable passphrase", 12 data structure has been added to struct dimm in order to support the security 17 The "security" sysfs attribute is provided in the nvdimm sysfs directory. For 19 /sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/security 21 The "show" attribute of that attribute will display the security state for 23 frozen, and overwrite. If security is not supported, the sysfs attribute 27 in order to support some of the security functionalities: 29 disable <keyid> - disable enabled security and remove key. 30 freeze - freeze changing of security states. [all …]
|
/linux-6.6.21/Documentation/netlabel/ |
D | introduction.rst | 12 NetLabel is a mechanism which can be used by kernel security modules to attach 13 security attributes to outgoing network packets generated from user space 14 applications and read security attributes from incoming network packets. It 16 layer, and the kernel security module API. 22 network packet's security attributes. If any translation between the network 23 security attributes and those on the host are required then the protocol 26 the NetLabel kernel security module API described below. 44 The purpose of the NetLabel security module API is to provide a protocol 46 to protocol independence, the security module API is designed to be completely 50 Detailed information about the NetLabel security module API can be found in the
|
D | lsm_interface.rst | 12 NetLabel is a mechanism which can set and retrieve security attributes from 15 The NetLabel security module API is defined in 'include/net/netlabel.h' but a 22 it uses the concept of security attributes to refer to the packet's security 23 labels. The NetLabel security attributes are defined by the 25 NetLabel subsystem converts the security attributes to and from the correct 28 security attributes into whatever security identifiers are in use for their 44 label and the internal LSM security identifier can be time consuming. The 47 LSM has received a packet, used NetLabel to decode its security attributes, 48 and translated the security attributes into a LSM internal identifier the LSM
|
D | cipso_ipv4.rst | 27 label by using the NetLabel security module API; if the NetLabel "domain" is 37 NetLabel security module API to extract the security attributes of the packet. 44 The CIPSO/IPv4 protocol engine contains a mechanism to translate CIPSO security 49 different security attribute mapping table. 54 The NetLabel system provides a framework for caching security attribute
|
/linux-6.6.21/Documentation/process/ |
D | security-bugs.rst | 6 Linux kernel developers take security very seriously. As such, we'd 7 like to know when a security bug is found so that it can be fixed and 8 disclosed as quickly as possible. Please report security bugs to the 9 Linux kernel security team. 14 The Linux kernel security team can be contacted by email at 15 <security@kernel.org>. This is a private list of security officers 19 security team will bring in extra help from area maintainers to 20 understand and fix the security vulnerability. 39 The security list is not a disclosure channel. For that, see Coordination 62 information submitted to the security list and any followup discussions [all …]
|
D | embargoed-hardware-issues.rst | 9 Hardware issues which result in security problems are a different category 10 of security bugs than pure software bugs which only affect the Linux 25 The Linux kernel hardware security team is separate from the regular Linux 26 kernel security team. 28 The team only handles developing fixes for embargoed hardware security 29 issues. Reports of pure software security bugs in the Linux kernel are not 31 Linux kernel security team (:ref:`Documentation/admin-guide/ 34 The team can be contacted by email at <hardware-security@kernel.org>. This 35 is a private list of security officers who will help you to coordinate a 43 - PGP: https://www.kernel.org/static/files/hardware-security.asc [all …]
|
/linux-6.6.21/security/integrity/evm/ |
D | Kconfig | 11 EVM protects a file's security extended attributes against 37 In addition to the original security xattrs (eg. security.selinux, 38 security.SMACK64, security.capability, and security.ima) included 40 Smack xattrs: security.SMACK64EXEC, security.SMACK64TRANSMUTE and 41 security.SMACK64MMAP. 56 /sys/kernel/security/integrity/evm/evm_xattrs.
|
/linux-6.6.21/security/ |
D | Kconfig | 8 source "security/keys/Kconfig" 23 bool "Enable different security models" 27 This allows you to choose different security modules to be 30 If this option is not selected, the default Linux security 39 various security modules (AppArmor, IMA, SafeSetID, TOMOYO, TPM). 47 This enables the socket and networking security hooks. 48 If enabled, a security module can use these hooks to 56 This enables the Infiniband security hooks. 57 If enabled, a security module can use these hooks to 65 This enables the XFRM (IPSec) networking security hooks. [all …]
|
/linux-6.6.21/security/selinux/ |
D | xfrm.c | 67 return selinux_authorizable_ctx(x->security); in selinux_authorizable_xfrm() 180 if (!xp->security) in selinux_xfrm_state_pol_flow_match() 181 if (x->security) in selinux_xfrm_state_pol_flow_match() 188 if (!x->security) in selinux_xfrm_state_pol_flow_match() 196 state_sid = x->security->ctx_sid; in selinux_xfrm_state_pol_flow_match() 221 return x->security->ctx_sid; in selinux_xfrm_skb_sid_egress() 236 struct xfrm_sec_ctx *ctx = x->security; in selinux_xfrm_skb_sid_ingress() 334 return selinux_xfrm_alloc_user(&x->security, uctx, GFP_KERNEL); in selinux_xfrm_state_alloc() 372 x->security = ctx; in selinux_xfrm_state_alloc_acquire() 384 selinux_xfrm_free(x->security); in selinux_xfrm_state_free() [all …]
|
/linux-6.6.21/Documentation/admin-guide/LSM/ |
D | apparmor.rst | 8 AppArmor is MAC style security extension for the Linux kernel. It implements 19 If AppArmor should be selected as the default security module then set:: 26 If AppArmor is not the default security module it can be enabled by passing 27 ``security=apparmor`` on the kernel's command line. 29 If AppArmor is the default security module it can be disabled by passing 30 ``apparmor=0, security=XXXX`` (where ``XXXX`` is valid security module), on the
|
D | index.rst | 6 various security checks to be hooked by new kernel extensions. The name 10 ``"security=..."`` kernel command line argument, in the case where multiple 14 (MAC) extensions which provide a comprehensive security policy. Examples 25 A list of the active security modules can be found by reading 26 ``/sys/kernel/security/lsm``. This is a comma separated list, and 32 Process attributes associated with "major" security modules should 34 A security module may maintain a module specific subdirectory there, 36 security module and contains all its special files. The files directly
|
/linux-6.6.21/Documentation/ABI/testing/ |
D | procfs-attr-current | 2 Contact: linux-security-module@vger.kernel.org, 5 Description: The current security information used by a Linux 6 security module (LSM) that is active on the system. 8 this interface and hence obtain the security state 13 this interface and hence change the security state of
|
D | procfs-attr-exec | 2 Contact: linux-security-module@vger.kernel.org, 5 Description: The security information to be used on the process 6 by a Linux security module (LSM) active on the system 9 this interface and hence obtain the security state 14 this interface and hence change the security state of
|
D | sysfs-driver-intel-m10-bmc-sec-update | 1 What: /sys/bus/platform/drivers/intel-m10bmc-sec-update/.../security/sr_root_entry_hash 11 What: /sys/bus/platform/drivers/intel-m10bmc-sec-update/.../security/pr_root_entry_hash 21 What: /sys/bus/platform/drivers/intel-m10bmc-sec-update/.../security/bmc_root_entry_hash 31 What: /sys/bus/platform/drivers/intel-m10bmc-sec-update/.../security/sr_canceled_csks 39 What: /sys/bus/platform/drivers/intel-m10bmc-sec-update/.../security/pr_canceled_csks 47 What: /sys/bus/platform/drivers/intel-m10bmc-sec-update/.../security/bmc_canceled_csks 55 What: /sys/bus/platform/drivers/intel-m10bmc-sec-update/.../security/flash_count
|
D | evm | 1 What: /sys/kernel/security/evm 2 What: /sys/kernel/security/*/evm 6 EVM protects a file's security extended attributes(xattrs) 9 value as the extended attribute 'security.evm'. 11 EVM supports two classes of security.evm. The first is 85 or validate the 'security.evm' xattr, but returns 92 Documentation/security/keys/trusted-encrypted.rst. Both 97 What: /sys/kernel/security/*/evm/evm_xattrs
|
/linux-6.6.21/drivers/acpi/nfit/ |
D | Kconfig | 18 bool "Enable debug for NVDIMM security commands" 22 other security features. The payloads for the commands that 24 security material. Disable debug of those command payloads 26 on NVDIMM security enabling say Y, otherwise say N.
|
/linux-6.6.21/drivers/cxl/ |
D | pci.c | 132 if (mds->security.sanitize_node) in cxl_pci_mbox_irq() 133 mod_delayed_work(system_wq, &mds->security.poll_dwork, 0); in cxl_pci_mbox_irq() 149 container_of(work, typeof(*mds), security.poll_dwork.work); in cxl_mbox_sanitize_work() 154 mds->security.poll_tmo_secs = 0; in cxl_mbox_sanitize_work() 155 if (mds->security.sanitize_node) in cxl_mbox_sanitize_work() 156 sysfs_notify_dirent(mds->security.sanitize_node); in cxl_mbox_sanitize_work() 157 mds->security.sanitize_active = false; in cxl_mbox_sanitize_work() 161 int timeout = mds->security.poll_tmo_secs + 10; in cxl_mbox_sanitize_work() 163 mds->security.poll_tmo_secs = min(15 * 60, timeout); in cxl_mbox_sanitize_work() 164 schedule_delayed_work(&mds->security.poll_dwork, timeout * HZ); in cxl_mbox_sanitize_work() [all …]
|
/linux-6.6.21/Documentation/translations/zh_CN/admin-guide/ |
D | security-bugs.rst | 3 :Original: :doc:`../../../process/security-bugs` 18 可以通过电子邮件<security@kernel.org>联系Linux内核安全团队。这是一个安全人员 61 <http://oss-security.openwall.org/wiki/mailing-lists/distros#how-to-use-the-lists>。
|
/linux-6.6.21/Documentation/translations/zh_TW/admin-guide/ |
D | security-bugs.rst | 5 :Original: :doc:`../../../process/security-bugs` 21 可以通過電子郵件<security@kernel.org>聯繫Linux內核安全團隊。這是一個安全人員 64 <http://oss-security.openwall.org/wiki/mailing-lists/distros#how-to-use-the-lists>。
|
/linux-6.6.21/fs/9p/ |
D | Kconfig | 40 implemented by security modules like SELinux. This option 41 enables an extended attribute handler for file security 44 If you are not using a security module that requires using 45 extended attributes for file security labels, say N.
|