| /linux/drivers/memory/tegra/ |
| A D | tegra194.c | 20 .security = 0x004,
30 .security = 0x00c,
40 .security = 0x014,
50 .security = 0x0ac,
60 .security = 0x0b4,
70 .security = 0x0e4,
80 .security = 0x0fc,
90 .security = 0x13c,
100 .security = 0x15c,
110 .security = 0x1ac,
[all …]
|
| A D | tegra186.c | 29 u32 override, security; in tegra186_mc_program_sid() local
32 security = readl(mc->regs + client->regs.sid.security); in tegra186_mc_program_sid()
42 security = readl(mc->regs + client->regs.sid.security); in tegra186_mc_program_sid()
158 .security = 0x004,
168 .security = 0x074,
178 .security = 0x0ac,
188 .security = 0x0b4,
198 .security = 0x0e4,
208 .security = 0x0fc,
218 .security = 0x13c,
[all …]
|
| /linux/security/keys/ |
| A D | .built-in.a.cmd | 1 …security/keys/built-in.a; /usr/bin/ccache /home/test/workspace/code/optee_3.16/build/../toolchains…
|
| /linux/Documentation/security/ |
| A D | lsm.rst | 25 patch to support its security needs.
44 security module.
56 logic is implemented as a security module.
65 of security modules that are active on the system.
73 program execution security information, security fields are included in
77 security information, a security field is included in :c:type:`struct
81 For System V IPC security information,
91 network device security information, security fields were added to
104 general security module stacking. It defines
117 and free security structures for inode objects.
[all …]
|
| /linux/security/ |
| A D | .built-in.a.cmd | 1 …security/built-in.a; /usr/bin/ccache /home/test/workspace/code/optee_3.16/build/../toolchains/aarc…
|
| A D | Kconfig | 8 source "security/keys/Kconfig"
23 bool "Enable different security models"
222 source "security/selinux/Kconfig"
223 source "security/smack/Kconfig"
224 source "security/tomoyo/Kconfig"
225 source "security/apparmor/Kconfig"
226 source "security/loadpin/Kconfig"
227 source "security/yama/Kconfig"
228 source "security/safesetid/Kconfig"
229 source "security/lockdown/Kconfig"
[all …]
|
| /linux/Documentation/driver-api/nvdimm/ |
| A D | security.rst | 9 specification [1], security DSMs are introduced. The spec added the following
10 security DSMs: "get security state", "set passphrase", "disable passphrase",
19 /sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/security
21 The "show" attribute of that attribute will display the security state for
23 frozen, and overwrite. If security is not supported, the sysfs attribute
27 in order to support some of the security functionalities:
29 disable <keyid> - disable enabled security and remove key.
30 freeze - freeze changing of security states.
90 The security disable command format is:
127 This command is only available when security is disabled.
[all …]
|
| /linux/security/keys/trusted-keys/ |
| A D | .built-in.a.cmd | 1 …security/keys/trusted-keys/built-in.a; /usr/bin/ccache /home/test/workspace/code/optee_3.16/build/…
|
| A D | .tpm2key.asn1.o.cmd | 1 …security/keys/trusted-keys/.tpm2key.asn1.o.d -nostdinc -I./arch/arm64/include -I./arch/arm64/inclu…
3 source_security/keys/trusted-keys/tpm2key.asn1.o := security/keys/trusted-keys/tpm2key.asn1.c
45 security/keys/trusted-keys/tpm2key.asn1.h \
48 security/keys/trusted-keys/tpm2key.asn1.o: $(deps_security/keys/trusted-keys/tpm2key.asn1.o)
|
| /linux/security/integrity/evm/ |
| A D | Kconfig | 11 EVM protects a file's security extended attributes against
37 In addition to the original security xattrs (eg. security.selinux,
38 security.SMACK64, security.capability, and security.ima) included
40 Smack xattrs: security.SMACK64EXEC, security.SMACK64TRANSMUTE and
41 security.SMACK64MMAP.
56 /sys/kernel/security/integrity/evm/evm_xattrs.
|
| /linux/Documentation/netlabel/ |
| A D | introduction.rst | 12 NetLabel is a mechanism which can be used by kernel security modules to attach
13 security attributes to outgoing network packets generated from user space
14 applications and read security attributes from incoming network packets. It
16 layer, and the kernel security module API.
22 network packet's security attributes. If any translation between the network
23 security attributes and those on the host are required then the protocol
26 the NetLabel kernel security module API described below.
44 The purpose of the NetLabel security module API is to provide a protocol
46 to protocol independence, the security module API is designed to be completely
50 Detailed information about the NetLabel security module API can be found in the
|
| A D | lsm_interface.rst | 12 NetLabel is a mechanism which can set and retrieve security attributes from
15 The NetLabel security module API is defined in 'include/net/netlabel.h' but a
22 it uses the concept of security attributes to refer to the packet's security
23 labels. The NetLabel security attributes are defined by the
25 NetLabel subsystem converts the security attributes to and from the correct
28 security attributes into whatever security identifiers are in use for their
44 label and the internal LSM security identifier can be time consuming. The
47 LSM has received a packet, used NetLabel to decode its security attributes,
48 and translated the security attributes into a LSM internal identifier the LSM
|
| A D | cipso_ipv4.rst | 27 label by using the NetLabel security module API; if the NetLabel "domain" is
37 NetLabel security module API to extract the security attributes of the packet.
44 The CIPSO/IPv4 protocol engine contains a mechanism to translate CIPSO security
49 different security attribute mapping table.
54 The NetLabel system provides a framework for caching security attribute
|
| /linux/security/selinux/ |
| A D | xfrm.c | 67 return selinux_authorizable_ctx(x->security); in selinux_authorizable_xfrm()
183 if (!xp->security) in selinux_xfrm_state_pol_flow_match()
184 if (x->security) in selinux_xfrm_state_pol_flow_match()
191 if (!x->security) in selinux_xfrm_state_pol_flow_match()
199 state_sid = x->security->ctx_sid; in selinux_xfrm_state_pol_flow_match()
224 return x->security->ctx_sid; in selinux_xfrm_skb_sid_egress()
239 struct xfrm_sec_ctx *ctx = x->security; in selinux_xfrm_skb_sid_ingress()
375 x->security = ctx; in selinux_xfrm_state_alloc_acquire()
387 selinux_xfrm_free(x->security); in selinux_xfrm_state_free()
395 return selinux_xfrm_delete(x->security); in selinux_xfrm_state_delete()
[all …]
|
| /linux/Documentation/admin-guide/ |
| A D | security-bugs.rst | 6 Linux kernel developers take security very seriously. As such, we'd
7 like to know when a security bug is found so that it can be fixed and
8 disclosed as quickly as possible. Please report security bugs to the
9 Linux kernel security team.
14 The Linux kernel security team can be contacted by email at
15 <security@kernel.org>. This is a private list of security officers
19 security team will bring in extra help from area maintainers to
20 understand and fix the security vulnerability.
39 The security list is not a disclosure channel. For that, see Coordination
62 information submitted to the security list and any followup discussions
[all …]
|
| /linux/Documentation/process/ |
| A D | embargoed-hardware-issues.rst | 9 Hardware issues which result in security problems are a different category
10 of security bugs than pure software bugs which only affect the Linux
26 kernel security team.
28 The team only handles the coordination of embargoed hardware security
31 Linux kernel security team (:ref:`Documentation/admin-guide/
43 - PGP: https://www.kernel.org/static/files/hardware-security.asc
44 - S/MIME: https://www.kernel.org/static/files/hardware-security.crt
50 Hardware security officers
53 The current team of hardware security officers:
111 immediately to the Hardware security officers.
[all …]
|
| /linux/Documentation/admin-guide/LSM/ |
| A D | apparmor.rst | 8 AppArmor is MAC style security extension for the Linux kernel. It implements
19 If AppArmor should be selected as the default security module then set::
26 If AppArmor is not the default security module it can be enabled by passing
27 ``security=apparmor`` on the kernel's command line.
29 If AppArmor is the default security module it can be disabled by passing
30 ``apparmor=0, security=XXXX`` (where ``XXXX`` is valid security module), on the
|
| A D | index.rst | 6 various security checks to be hooked by new kernel extensions. The name
10 ``"security=..."`` kernel command line argument, in the case where multiple
14 (MAC) extensions which provide a comprehensive security policy. Examples
25 A list of the active security modules can be found by reading
26 ``/sys/kernel/security/lsm``. This is a comma separated list, and
32 Process attributes associated with "major" security modules should
34 A security module may maintain a module specific subdirectory there,
36 security module and contains all its special files. The files directly
|
| /linux/security/keys/encrypted-keys/ |
| A D | .built-in.a.cmd | 1 …security/keys/encrypted-keys/built-in.a; /usr/bin/ccache /home/test/workspace/code/optee_3.16/buil…
|
| /linux/Documentation/ABI/testing/ |
| A D | procfs-attr-current | 2 Contact: linux-security-module@vger.kernel.org,
5 Description: The current security information used by a Linux
6 security module (LSM) that is active on the system.
8 this interface and hence obtain the security state
13 this interface and hence change the security state of
|
| A D | procfs-attr-exec | 2 Contact: linux-security-module@vger.kernel.org,
5 Description: The security information to be used on the process
6 by a Linux security module (LSM) active on the system
9 this interface and hence obtain the security state
14 this interface and hence change the security state of
|
| A D | evm | 1 What: /sys/kernel/security/evm
2 What: /sys/kernel/security/*/evm
6 EVM protects a file's security extended attributes(xattrs)
9 value as the extended attribute 'security.evm'.
11 EVM supports two classes of security.evm. The first is
85 or validate the 'security.evm' xattr, but returns
92 Documentation/security/keys/trusted-encrypted.rst. Both
97 What: /sys/kernel/security/*/evm/evm_xattrs
|
| /linux/security/integrity/ |
| A D | .built-in.a.cmd | 1 …security/integrity/built-in.a; /usr/bin/ccache /home/test/workspace/code/optee_3.16/build/../toolc…
|
| /linux/Documentation/filesystems/caching/ |
| A D | cachefiles.rst | 25 (*) A note on security.
299 security context that is not appropriate for accessing the cache - either
318 (2) Finds the security label of the process which issued the bind request
323 and asks LSM to supply a security ID as which it should act given the
328 SELinux transitions the daemon's security ID to the module's security ID
398 Furthermore, should CacheFiles create a file or directory, the security
410 So CacheFiles makes use of a logical split in the security between the
411 objective security (task->real_cred) and the subjective security (task->cred).
412 The objective security holds the intrinsic security properties of a process and
417 The subjective security holds the active security properties of a process, and
[all …]
|
| /linux/drivers/acpi/nfit/ |
| A D | Kconfig | 18 bool "Enable debug for NVDIMM security commands"
22 other security features. The payloads for the commands that
24 security material. Disable debug of those command payloads
26 on NVDIMM security enabling say Y, otherwise say N.
|