/linux-5.19.10/Documentation/block/ |
D | inline-encryption.rst | 12 Inline encryption hardware sits logically between memory and disk, and can 14 can control exactly how the inline encryption hardware will en/decrypt the data 18 Some inline encryption hardware accepts all encryption parameters including raw 19 keys directly in low-level I/O requests. However, most inline encryption 24 Note that inline encryption hardware is very different from traditional crypto 26 crypto accelerators operate on memory regions, whereas inline encryption 27 hardware operates on I/O requests. Thus, inline encryption hardware needs to be 30 Inline encryption hardware is also very different from "self-encrypting drives", 32 drives don't provide fine-grained control of encryption and provide no way to 33 verify the correctness of the resulting ciphertext. Inline encryption hardware [all …]
|
D | index.rst | 17 inline-encryption
|
/linux-5.19.10/Documentation/x86/ |
D | amd-memory-encryption.rst | 23 A page is encrypted when a page table entry has the encryption bit set (see 24 below on how to determine its position). The encryption bit can also be 26 successive level of page tables can also be encrypted by setting the encryption 29 encryption bit is set in cr3, doesn't imply the full hierarchy is encrypted. 30 Each page table entry in the hierarchy needs to have the encryption bit set to 31 achieve that. So, theoretically, you could have the encryption bit set in cr3 32 so that the PGD is encrypted, but not set the encryption bit in the PGD entry 38 memory. Since the memory encryption bit is controlled by the guest OS when it 40 forces the memory encryption bit to 1. 50 encryption [all …]
|
D | index.rst | 27 amd-memory-encryption
|
/linux-5.19.10/Documentation/filesystems/ |
D | fscrypt.rst | 2 Filesystem-level encryption (fscrypt) 9 transparent encryption of files and directories. 15 use encryption, see the documentation for the userspace tool `fscrypt 20 <https://source.android.com/security/encryption/file-based>`_, over 56 Provided that userspace chooses a strong encryption key, fscrypt 72 fscrypt (and storage encryption in general) can only provide limited 80 Cryptographic API algorithms or inline encryption hardware are. If a 89 After an encryption key has been added, fscrypt does not hide the 97 encryption but rather only by the correctness of the kernel. 98 Therefore, any encryption-specific access control checks would merely [all …]
|
D | ubifs-authentication.rst | 20 At the current state, UBIFS encryption however does not prevent attacks where 28 Other full disk encryption systems like dm-crypt cover all filesystem metadata, 38 name encryption, the authentication system could be tied into fscrypt such that 40 be possible to use UBIFS authentication without using encryption. 394 UBIFS authentication is intended to operate side-by-side with UBIFS encryption 395 (fscrypt) to provide confidentiality and authenticity. Since UBIFS encryption 396 has a different approach of encryption policies per directory, there can be 397 multiple fscrypt master keys and there might be folders without encryption. 401 encryption, it does not share the same master key with fscrypt, but manages 411 or key in userspace that covers UBIFS authentication and encryption. This can [all …]
|
/linux-5.19.10/fs/crypto/ |
D | Kconfig | 3 bool "FS Encryption (Per-file encryption)" 10 Enable encryption of files and directories. This 16 # Filesystems supporting encryption must select this if FS_ENCRYPTION. This 20 # Note: this option only pulls in the algorithms that filesystem encryption 21 # needs "by default". If userspace will use "non-default" encryption modes such 22 # as Adiantum encryption, then those other modes need to be explicitly enabled 46 Enable fscrypt to use inline encryption hardware if available.
|
/linux-5.19.10/Documentation/admin-guide/device-mapper/ |
D | dm-crypt.rst | 5 Device-Mapper's "crypt" target provides transparent encryption of block devices 17 Encryption cipher, encryption mode and Initial Vector (IV) generator. 52 Key used for encryption. It is encoded either as a hexadecimal number 66 The encryption key size in bytes. The kernel key payload size must match 112 Perform encryption using the same cpu that IO was submitted on. 113 The default is to use an unbound workqueue so that encryption work 117 Disable offloading writes to a separate thread after encryption. 119 encryption threads to a single thread degrades performance 145 Use <bytes> as the encryption unit instead of 512 bytes sectors. 161 encryption with dm-crypt using the 'cryptsetup' utility, see [all …]
|
/linux-5.19.10/net/sunrpc/ |
D | Kconfig | 38 bool "Secure RPC: Disable insecure Kerberos encryption types" 42 Choose Y here to disable the use of deprecated encryption types 44 deprecated encryption types include DES-CBC-MD5, DES-CBC-CRC, 49 keytabs that contain only these deprecated encryption types. 50 Choosing Y prevents the use of known-insecure encryption types
|
/linux-5.19.10/Documentation/virt/kvm/x86/ |
D | amd-memory-encryption.rst | 31 Bit[23] 1 = memory encryption can be enabled 32 0 = memory encryption can not be enabled 35 Bit[0] 1 = memory encryption can be enabled 36 0 = memory encryption can not be enabled 45 SEV hardware uses ASIDs to associate a memory encryption key with a VM. 101 The KVM_SEV_LAUNCH_START command is used for creating the memory encryption 102 context. To create the encryption context, user must provide a guest policy, 305 outgoing guest encryption context. 336 outgoing guest memory region with the encryption context creating using 364 issued by the hypervisor to delete the encryption context. [all …]
|
D | index.rst | 10 amd-memory-encryption
|
/linux-5.19.10/Documentation/crypto/ |
D | descore-readme.rst | 5 Fast & Portable DES encryption & decryption 15 des - fast & portable DES encryption & decryption. 41 1. Highest possible encryption/decryption PERFORMANCE. 62 - 30us per encryption (options: 64k tables, no IP/FP) 63 - 33us per encryption (options: 64k tables, FIPS standard bit ordering) 64 - 45us per encryption (options: 2k tables, no IP/FP) 65 - 48us per encryption (options: 2k tables, FIPS standard bit ordering) 68 this has the quickest encryption/decryption routines i've seen. 80 - 53us per encryption (uses 2k of tables) 85 encryption/decryption is still slower on the sparc and 68000. [all …]
|
D | api-samples.rst | 8 all inputs are random bytes, the encryption is done in-place, and it's 29 * encryption/decryption operations. But in this example, we'll just do a 30 * single encryption operation with it (which is not very efficient).
|
D | userspace-if.rst | 95 to provide different memory pointers for the encryption and decryption 159 should be processed for encryption or decryption. In addition, the IV is 170 - ALG_OP_ENCRYPT - encryption of data 218 should be processed for encryption or decryption. In addition, the IV is 229 - ALG_OP_ENCRYPT - encryption of data 277 - AEAD encryption input: AAD \|\| plaintext 284 - AEAD encryption output: ciphertext \|\| authentication tag 386 AEAD ciphers. For a encryption operation, the authentication tag of
|
/linux-5.19.10/drivers/gpu/drm/amd/display/modules/hdcp/ |
D | hdcp1_transition.c | 81 } else if (!conn->is_repeater && input->encryption != PASS) { in mod_hdcp_hdcp1_transition() 131 input->encryption != PASS) { in mod_hdcp_hdcp1_transition() 229 } else if ((!conn->is_repeater && input->encryption != PASS) || in mod_hdcp_hdcp1_dp_transition() 308 } else if (input->encryption != PASS || in mod_hdcp_hdcp1_dp_transition()
|
D | hdcp1_execution.c | 236 &input->encryption, &status, in computations_validate_rx_test_for_repeater() 241 &input->encryption, &status, in computations_validate_rx_test_for_repeater() 362 if (input->encryption != PASS) in read_ksv_list() 364 &input->encryption, &status, in read_ksv_list()
|
/linux-5.19.10/block/ |
D | Kconfig | 191 bool "Enable inline encryption support in block layer" 194 block layer handle encryption, so users can take 195 advantage of inline encryption hardware if present. 203 Enabling this lets the block layer handle inline encryption 205 encryption hardware is not present.
|
/linux-5.19.10/net/tipc/ |
D | Kconfig | 40 bool "TIPC encryption support" 46 Saying Y here will enable support for TIPC encryption.
|
/linux-5.19.10/drivers/net/wireless/cisco/ |
D | Kconfig | 27 - with or without encryption) as well as card before the Cisco 50 - with or without encryption) as well as card before the Cisco
|
/linux-5.19.10/crypto/ |
D | Kconfig | 377 This IV generator generates an IV based on the encryption of 418 for AES encryption. 454 normally even when applied before encryption. 493 Adiantum encryption mode. 501 Adiantum encryption mode. 510 Adiantum is a tweakable, length-preserving encryption mode 511 designed for fast and secure disk encryption, especially on 521 bound. Unlike XTS, Adiantum is a true wide-block encryption 528 tristate "ESSIV support for block encryption" 533 dm-crypt. It uses the hash of the block encryption key as the [all …]
|
/linux-5.19.10/drivers/net/wireless/purelifi/plfxlc/ |
D | Kconfig | 9 The driver supports common 802.11 encryption/authentication
|
/linux-5.19.10/drivers/net/wireless/ |
D | ray_cs.h | 51 UCHAR encryption; member
|
/linux-5.19.10/Documentation/devicetree/bindings/crypto/ |
D | intel,keembay-ocs-aes.yaml | 14 hardware-accelerated AES/SM4 encryption/decryption.
|
/linux-5.19.10/Documentation/networking/mac80211_hwsim/ |
D | mac80211_hwsim.rst | 45 radio. Software encryption in mac80211 is used so that the frames are 47 complete testing of encryption.
|
/linux-5.19.10/fs/cifs/ |
D | smb2transport.c | 392 struct derivation encryption; member 442 rc = generate_key(ses, ptriplet->encryption.label, in generate_smb3signingkey() 443 ptriplet->encryption.context, in generate_smb3signingkey() 500 d = &triplet.encryption; in generate_smb30signingkey() 529 d = &triplet.encryption; in generate_smb311signingkey()
|