| /linux-4.4.14/crypto/asymmetric_keys/ |
| D | pkcs7_trust.c | 33 bool trusted; in pkcs7_validate_trust_one() local
46 trusted = x509->trusted; in pkcs7_validate_trust_one()
125 trusted = test_bit(KEY_FLAG_TRUSTED, &key->flags); in pkcs7_validate_trust_one()
139 p->trusted = trusted; in pkcs7_validate_trust_one()
142 sinfo->trusted = trusted; in pkcs7_validate_trust_one()
196 *_trusted |= sinfo->trusted; in pkcs7_validate_trust()
|
| D | pkcs7_key_type.c | 40 bool trusted; in pkcs7_preparse() local
62 ret = pkcs7_validate_trust(pkcs7, system_trusted_keyring, &trusted); in pkcs7_preparse()
65 if (!trusted) in pkcs7_preparse()
|
| D | pkcs7_parser.h | 25 bool trusted; member
|
| D | x509_parser.h | 44 bool trusted; member
|
| D | x509_public_key.c | 322 } else if (!prep->trusted) { in x509_key_preparse()
325 prep->trusted = 1; in x509_key_preparse()
|
| D | Kconfig | 55 PKCS#7 message - provided the message is signed by a trusted key. If
|
| /linux-4.4.14/Documentation/security/ |
| D | keys-trusted-encrypted.txt | 19 By default, trusted keys are sealed under the SRK, which has the default
24 keyctl add trusted name "new keylen [options]" ring
25 keyctl add trusted name "load hex_blob [pcrlock=pcrnum]" ring
50 'master' key can either be a trusted-key or user-key type. The main
51 disadvantage of encrypted keys is that if they are not rooted in a trusted key,
67 key-type:= 'trusted' | 'user'
70 Examples of trusted and encrypted key usage:
72 Create and save a trusted key named "kmk" of length 32 bytes:
74 $ keyctl add trusted kmk "new 32" @u
81 440502848 --alswrv 500 500 \_ trusted: kmk
[all …]
|
| D | keys-ecryptfs.txt | 33 time after the unsealing of a 'trusted' key in order to perform the mount in a
44 key-type:= 'trusted' | 'user'
|
| D | 00-INDEX | 19 keys-trusted-encrypted.txt
|
| D | keys.txt | 1315 accessed. key->datalen cannot be trusted to stay consistent with the
|
| /linux-4.4.14/Documentation/devicetree/bindings/arm/firmware/ |
| D | tlm,trusted-foundations.txt | 5 presence by declaring a node compatible with "tlm,trusted-foundations"
9 - compatible: "tlm,trusted-foundations"
15 trusted-foundations {
16 compatible = "tlm,trusted-foundations";
|
| /linux-4.4.14/Documentation/ABI/testing/ |
| D | evm | 11 with a trusted/encrypted key for the HMAC-sha1 operation.
19 of the trusted boot. For more information on creating and
20 loading existing trusted/encrypted keys, refer to:
21 Documentation/keys-trusted-encrypted.txt. (A sample dracut
22 patch, which loads the trusted/encrypted key and enables
|
| D | sysfs-class-bdi | 50 be trusted to play fair.
|
| /linux-4.4.14/certs/ |
| D | Kconfig | 18 bool "Provide system-wide ring of trusted keys"
21 Provide a system keyring to which trusted keys can be added. Keys in
22 the keyring are considered to be trusted. Keys may be added at will
34 containing trusted X.509 certificates to be included in the default
36 also trusted.
|
| D | system_keyring.c | 123 bool trusted; in system_verify_data() local
141 ret = pkcs7_validate_trust(pkcs7, system_trusted_keyring, &trusted); in system_verify_data()
145 if (!trusted) { in system_verify_data()
|
| /linux-4.4.14/security/integrity/ima/ |
| D | Kconfig | 132 keyring be signed by a key on the system trusted keyring.
135 bool "Load X509 certificate onto the '.ima' trusted keyring"
140 loaded on the .ima trusted keyring. These public keys are
141 X509 certificates signed by a trusted key on the
143 loading from the kernel onto the '.ima' trusted keyring.
|
| /linux-4.4.14/include/linux/ |
| D | if_link.h | 27 __u32 trusted; member
|
| D | key-type.h | 48 bool trusted; /* True if key is trusted */ member
|
| /linux-4.4.14/security/keys/ |
| D | Makefile | 27 obj-$(CONFIG_TRUSTED_KEYS) += trusted.o
|
| D | key.c | 816 prep.trusted = flags & KEY_ALLOC_TRUSTED; in key_create_or_update()
833 if (!prep.trusted && test_bit(KEY_FLAG_TRUSTED_ONLY, &keyring->flags)) in key_create_or_update()
835 flags |= prep.trusted ? KEY_ALLOC_TRUSTED : 0; in key_create_or_update()
|
| D | Kconfig | 79 'master' key can be either a trusted-key or user-key type.
|
| /linux-4.4.14/arch/x86/kernel/ |
| D | kexec-bzimage64.c | 532 bool trusted; in bzImage64_verify_sig() local
538 &trusted); in bzImage64_verify_sig()
541 if (!trusted) in bzImage64_verify_sig()
|
| /linux-4.4.14/Documentation/devicetree/bindings/arm/ |
| D | tegra.txt | 41 "tlm,trusted-foundations" binding's documentation for more details.
|
| /linux-4.4.14/arch/arm/firmware/ |
| D | Kconfig | 24 tlm,trusted-foundations device tree binding documentation for details
|
| /linux-4.4.14/Documentation/devicetree/bindings/i2c/ |
| D | trivial-devices.txt | 35 atmel,at97sc3204t i2c trusted platform module (TPM)
73 nuvoton,npct501 i2c trusted platform module (TPM)
105 winbond,wpct301 i2c trusted platform module (TPM)
|
| /linux-4.4.14/drivers/net/ethernet/intel/ixgbe/ |
| D | ixgbe_sriov.c | 121 adapter->vfinfo[i].trusted = false; in __ixgbe_enable_sriov()
1026 !adapter->vfinfo[vf].trusted) { in ixgbe_update_vf_xcast_mode()
1500 if (adapter->vfinfo[vf].trusted == setting) in ixgbe_ndo_set_vf_trust()
1503 adapter->vfinfo[vf].trusted = setting; in ixgbe_ndo_set_vf_trust()
1528 ivi->trusted = adapter->vfinfo[vf].trusted; in ixgbe_ndo_get_vf_config()
|
| D | ixgbe.h | 155 u8 trusted; member
|
| /linux-4.4.14/arch/arm/boot/dts/ |
| D | tegra114-tn7.dts | 23 trusted-foundations {
24 compatible = "tlm,trusted-foundations";
|
| D | tegra114-roth.dts | 23 trusted-foundations {
24 compatible = "tlm,trusted-foundations";
|
| /linux-4.4.14/include/net/ |
| D | af_vsock.h | 44 bool trusted; member
|
| /linux-4.4.14/Documentation/ABI/stable/ |
| D | sysfs-bus-usb | 126 be trusted, as the device may have a smaller config descriptor
128 can be trusted, and can be used to seek forward one (sub)
|
| /linux-4.4.14/Documentation/netlabel/ |
| D | cipso_ipv4.txt | 13 labeled networking and is used in many trusted operating systems.
|
| /linux-4.4.14/Documentation/ |
| D | cpu-load.txt | 22 this data sometimes it can not be trusted at all.
|
| D | module-signing.txt | 28 trusted userspace bits.
186 trusted certificates can be provided in a PEM-encoded file referenced by the
|
| D | binfmt_misc.txt | 60 should be used with care - the interpreter has to be trusted not to
|
| D | intel_txt.txt | 6 provide the building blocks for creating trusted platforms.
|
| D | md.txt | 59 'dirty' means that the parity cannot be trusted, and the fact that it
|
| D | kernel-parameters.txt | 578 the system trusted keyring to be used for certificate
|
| /linux-4.4.14/Documentation/filesystems/cifs/ |
| D | TODO | 47 k) implement support for security and trusted categories of xattrs
|
| /linux-4.4.14/Documentation/tpm/ |
| D | xen-tpmfront.txt | 17 these domains (manager, vTPM, and guest) is trusted, the vTPM subsystem extends
|
| /linux-4.4.14/Documentation/device-mapper/ |
| D | dm-raid.txt | 236 increasingly whitelisted in the kernel and can thus be trusted.
238 For trusted devices, the following dm-raid module parameter can be set
|
| D | verity.txt | 60 and the salt. This hash should be trusted as there is no other authenticity
|
| /linux-4.4.14/Documentation/filesystems/ |
| D | overlayfs.txt | 48 is it must support the creation of trusted.* extended attributes, and
98 A directory is made opaque by setting the xattr "trusted.overlay.opaque"
|
| D | squashfs.txt | 217 ("user.", "trusted." etc) and it also encodes how the name/value fields
|
| D | ramfs-rootfs-initramfs.txt | 63 got any backing store. Because of this, only root (or a trusted user) should
|
| /linux-4.4.14/fs/ |
| D | xattr.c | 958 bool trusted = capable(CAP_SYS_ADMIN); in simple_xattr_list() local
967 if (!trusted && xattr_is_trusted(xattr->name)) in simple_xattr_list()
|
| D | Kconfig | 158 Currently this enables support for the trusted.* and
|
| /linux-4.4.14/net/vmw_vsock/ |
| D | af_vsock.c | 624 vsk->trusted = psk->trusted; in __vsock_create()
628 vsk->trusted = capable(CAP_NET_ADMIN); in __vsock_create()
|
| D | vmci_transport.c | 509 return vsock->trusted || in vmci_transport_is_trusted()
541 u32 peer, u32 flags, bool trusted) in vmci_transport_queue_pair_alloc() argument
545 if (trusted) { in vmci_transport_queue_pair_alloc()
|
| /linux-4.4.14/Documentation/scsi/ |
| D | ChangeLog.sym53c8xx_2 | 36 since BIOS settings were trusted instead on first load.
|
| /linux-4.4.14/Documentation/block/ |
| D | biovecs.txt | 104 * bi_vcnt can't be trusted or relied upon by driver code - i.e. anything that
|
| D | biodoc.txt | 217 done in some scenarios where the low level driver cannot be trusted to
|
| /linux-4.4.14/Documentation/ia64/ |
| D | fsys.txt | 45 - neither the memory-stack nor the register-stack can be trusted while
|
| /linux-4.4.14/net/core/ |
| D | rtnetlink.c | 1099 ivi.trusted = -1; in rtnl_fill_vfinfo()
1126 vf_trust.setting = ivi.trusted; in rtnl_fill_vfinfo()
|
| /linux-4.4.14/Documentation/RCU/ |
| D | checklist.txt | 269 superuser or some other trusted user, then it might not
|
| /linux-4.4.14/Documentation/hwmon/ |
| D | sysfs-interface | 637 channel should not be trusted.
|
| /linux-4.4.14/drivers/scsi/aic7xxx/ |
| D | aic79xx.seq | 555 * CURRSCB nor LASTSCB can be trusted. We must
714 * will be NULL, CURRSCB and LASTSCB cannot be trusted,
|
| /linux-4.4.14/Documentation/x86/ |
| D | boot.txt | 263 wide, and therefore cannot be trusted for the size of a kernel if
|
| /linux-4.4.14/lib/ |
| D | Kconfig.debug | 878 the content of the corrupted region can no longer be trusted.
|
| /linux-4.4.14/init/ |
| D | Kconfig | 1794 trusted keyring to provide public keys. This then can be used for
|
| /linux-4.4.14/ |
| D | MAINTAINERS | 6147 F: Documentation/security/keys-trusted-encrypted.txt
6148 F: include/keys/trusted-type.h
6149 F: security/keys/trusted.c
6150 F: security/keys/trusted.h
6158 F: Documentation/security/keys-trusted-encrypted.txt
|