Home
last modified time | relevance | path

Searched full:integrity (Results 1 – 25 of 452) sorted by relevance

12345678910>>...19

/linux-6.8/Documentation/block/
Ddata-integrity.rst2 Data Integrity
16 protocols (SBC Data Integrity Field, SCC protection proposal) as well
18 support for appending integrity metadata to an I/O. The integrity
29 DIF and the other integrity extensions is that the protection format
31 integrity of the I/O and reject it if corruption is detected. This
35 2. The Data Integrity Extensions
40 allow the operating system to interact with the integrity metadata
45 The SCSI Data Integrity Field works by appending 8 bytes of protection
46 information to each sector. The data + integrity metadata is stored
53 encouraged them to allow separation of the data and integrity metadata
[all …]
Dinline-encryption.rst275 Interaction between inline encryption and blk integrity
283 its integrity information is calculated (using the plaintext data, since
285 integrity info is sent to the device. Obviously, the integrity info must be
287 must not store the integrity info that it received with the plaintext data
289 re-generate the integrity info from the ciphertext data and store that on disk
290 instead. Another issue with storing the integrity info of the plaintext data is
293 if the fallback is used, the device will receive the integrity info of the
298 and disallow the combination for now. Whenever a device supports integrity, the
/linux-6.8/Documentation/admin-guide/device-mapper/
Ddm-integrity.rst2 dm-integrity
5 The dm-integrity target emulates a block device that has additional
6 per-sector tags that can be used for storing integrity information.
8 A general problem with storing integrity tags with every sector is that
9 writing the sector and the integrity tag must be atomic - i.e. in case of
10 crash, either both sector and integrity tag or none of them is written.
12 To guarantee write atomicity, the dm-integrity target uses journal, it
13 writes sector data and integrity tags into a journal, commits the journal
14 and then copies the data and integrity tags to their respective location.
16 The dm-integrity target can be used with the dm-crypt target - in this
[all …]
Ddm-crypt.rst132 integrity:<bytes>:<type>
134 in per-bio integrity structure. This metadata must by provided
135 by underlying dm-integrity target.
141 integrity for the encrypted device. The additional space is then
Dverity.rst5 Device-Mapper's "verity" target provides transparent integrity checking of
32 This is the device containing data, the integrity of which needs to be
162 Cryptographic hashes are used to assert the integrity of the device on a
170 integrity checking is essential.
205 It is expected that a user-space tool will verify the integrity of the
/linux-6.8/security/integrity/
DMakefile3 # Makefile for caching inode integrity data (iint)
6 obj-$(CONFIG_INTEGRITY) += integrity.o
8 integrity-y := iint.o
9 integrity-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o
10 integrity-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o
11 integrity-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
12 integrity-$(CONFIG_INTEGRITY_PLATFORM_KEYRING) += platform_certs/platform_keyring.o
13 integrity-$(CONFIG_INTEGRITY_MACHINE_KEYRING) += platform_certs/machine_keyring.o
14 integrity-$(CONFIG_LOAD_UEFI_KEYS) += platform_certs/efi_parser.o \
17 integrity-$(CONFIG_LOAD_IPL_KEYS) += platform_certs/load_ipl_s390.o
[all …]
DKconfig3 config INTEGRITY config
4 bool "Integrity subsystem"
8 This option enables the integrity subsystem, which is comprised
9 of a number of different components including the Integrity
17 if INTEGRITY
46 bool "Require all keys on the integrity keyrings be signed"
119 bool "Enables integrity auditing support "
123 In addition to enabling integrity auditing support, this
125 controls the level of integrity auditing messages.
126 0 - basic integrity auditing messages (default)
[all …]
Diint.c9 * - implements the integrity hooks: integrity_inode_alloc,
11 * - cache integrity information associated with an inode
22 #include "integrity.h"
172 * Free the integrity information(iint) associated with an inode.
203 DEFINE_LSM(integrity) = {
204 .name = "integrity",
225 * integrity_load_keys - load integrity keys hook
240 integrity_dir = securityfs_create_dir("integrity", NULL); in integrity_fs_init()
245 pr_err("Unable to create integrity sysfs dir: %d\n", in integrity_fs_init()
/linux-6.8/block/
Dblk-integrity.c3 * blk-integrity.c - Block layer data integrity extensions
9 #include <linux/blk-integrity.h>
20 * blk_rq_count_integrity_sg - Count number of integrity scatterlist elements
22 * @bio: bio with integrity metadata attached
25 * scatterlist corresponding to the integrity metadata in a bio.
59 * blk_rq_map_integrity_sg - Map integrity metadata into a scatterlist
61 * @bio: bio with integrity metadata attached
64 * Description: Map the integrity vectors in request into a
111 * blk_integrity_compare - Compare integrity profile of two disks
116 * sub-devices use the same integrity format before advertising to
[all …]
Dbio-integrity.c3 * bio-integrity.c - bio data integrity extensions
9 #include <linux/blk-integrity.h>
39 * bio_integrity_alloc - Allocate integrity payload and attach it to bio
40 * @bio: bio to attach integrity metadata to
42 * @nr_vecs: Number of integrity metadata scatter-gather elements
44 * Description: This function prepares a bio for attaching integrity
46 * integrity metadata that can be attached.
136 * bio_integrity_free - Free bio integrity payload
139 * Description: Used to free the integrity portion of a bio. Usually
158 * bio_integrity_add_page - Attach integrity metadata
[all …]
DKconfig64 bool "Block layer data integrity support"
68 data integrity option provides hooks which can be used by
69 filesystems to ensure better data integrity.
72 T10/SCSI Data Integrity Field or the T13/ATA External Path
89 integrity. However there are some setups that need this capability
Dt10-pi.c8 #include <linux/blk-integrity.h>
137 const int tuple_sz = rq->q->integrity.tuple_size; in t10_pi_type1_prepare()
186 unsigned intervals = nr_bytes >> rq->q->integrity.interval_exp; in t10_pi_type1_complete()
187 const int tuple_sz = rq->q->integrity.tuple_size; in t10_pi_type1_complete()
376 const int tuple_sz = rq->q->integrity.tuple_size; in ext_pi_type1_prepare()
414 unsigned intervals = nr_bytes >> rq->q->integrity.interval_exp; in ext_pi_type1_complete()
415 const int tuple_sz = rq->q->integrity.tuple_size; in ext_pi_type1_complete()
/linux-6.8/Documentation/ABI/stable/
Dsysfs-class-tpm4 Contact: linux-integrity@vger.kernel.org
12 Contact: linux-integrity@vger.kernel.org
24 Contact: linux-integrity@vger.kernel.org
32 Contact: linux-integrity@vger.kernel.org
49 Contact: linux-integrity@vger.kernel.org
72 Contact: linux-integrity@vger.kernel.org
81 Contact: linux-integrity@vger.kernel.org
89 Contact: linux-integrity@vger.kernel.org
112 Contact: linux-integrity@vger.kernel.org
164 Contact: linux-integrity@vger.kernel.org
[all …]
Dsysfs-block53 What: /sys/block/<disk>/integrity/device_is_integrity_capable
58 integrity metadata. Set if the device is T10 PI-capable.
61 What: /sys/block/<disk>/integrity/format
65 Metadata format for integrity capable block device.
69 What: /sys/block/<disk>/integrity/protection_interval_bytes
74 by one integrity tuple. Typically the device's logical
78 What: /sys/block/<disk>/integrity/read_verify
83 integrity of read requests serviced by devices that
84 support sending integrity metadata.
87 What: /sys/block/<disk>/integrity/tag_size
[all …]
/linux-6.8/include/linux/
Dblk-integrity.h48 struct blk_integrity *bi = &disk->queue->integrity; in blk_get_integrity()
65 return q->integrity.profile; in blk_integrity_queue_supports_integrity()
81 * bio_integrity_intervals - Return number of integrity intervals for a bio
86 * sectors but integrity metadata is done in terms of the data integrity
88 * to the appropriate number of integrity intervals.
108 * Return the first bvec that contains integrity data. Only drivers that are
109 * limited to a single integrity segment should use this helper.
Dt10-pi.h45 if (rq->q->integrity.interval_exp) in t10_pi_ref_tag()
46 shift = rq->q->integrity.interval_exp; in t10_pi_ref_tag()
76 if (rq->q->integrity.interval_exp) in ext_pi_ref_tag()
77 shift = rq->q->integrity.interval_exp; in ext_pi_ref_tag()
/linux-6.8/security/integrity/ima/
DKconfig2 # IBM Integrity Measurement Architecture
5 bool "Integrity Measurement Architecture(IMA)"
17 The Trusted Computing Group(TCG) runtime Integrity
25 an aggregate integrity value over this list inside the
52 that IMA uses to maintain the integrity aggregate of the
87 prompt "Default integrity hash algorithm"
91 list, integrity appraisal and audit log. The compiled default
144 bool "Appraise integrity measurements"
147 This option enables local measurement integrity appraisal.
153 For more information on integrity appraisal refer to:
/linux-6.8/drivers/md/
Ddm-io-rewind.c8 #include <linux/blk-integrity.h>
48 * dm_bio_integrity_rewind - Rewind integrity vector
49 * @bio: bio whose integrity vector to update
52 * Description: This function calculates how many integrity bytes the
54 * integrity vector accordingly.
/linux-6.8/Documentation/staging/
Dxz.rst16 for integrity checking. The home page of XZ Embedded is at
59 Since the XZ Embedded supports only streams with no integrity check or
60 CRC32, make sure that you don't use some other integrity check type
67 which will verify the integrity of the uncompressed data anyway.
68 Double checking the integrity would probably be waste of CPU cycles.
70 by the decoder; you can only change the integrity check type (or
/linux-6.8/security/integrity/evm/
DKconfig12 integrity attacks.
56 /sys/kernel/security/integrity/evm/evm_xattrs.
67 verify EVM integrity starting from the 'init' process. The
/linux-6.8/Documentation/security/
Dsnp-tdx-threat-model.rst26 security technologies that aim to protect the confidentiality and integrity
46 integrity for the VM's guest memory and execution state (vCPU registers),
51 …w.amd.com/system/files/techdocs/sev-snp-strengthening-vm-isolation-with-integrity-protection-and-m…
163 integrity protection. This threat model assumes that those features are
168 1. Preserve the confidentiality and integrity of CoCo guest's private
201 data should also be considered untrusted until its integrity and
226 This allows the host to break the integrity of the code running
233 integrity or freshness of such data.
/linux-6.8/tools/testing/selftests/net/
Dtcp_mmap.c89 static int integrity; /* -i option: sender and receiver compute sha256 over the data.*/ variable
205 if (integrity) { in child_thread()
233 if (integrity) in child_thread()
249 if (integrity) in child_thread()
268 if (integrity) in child_thread()
280 if (integrity) { in child_thread()
504 integrity = 1; in main()
581 if (integrity) { in main()
601 if (integrity) in main()
605 if (integrity && total == FILE_SZ) { in main()
/linux-6.8/Documentation/security/keys/
Dtrusted-encrypted.rst11 convenience, and are integrity verified.
60 * Optional binding to platform integrity state
64 Keys can be optionally sealed to specified PCR (integrity measurement)
65 values, and only unsealed by the TPM, if PCRs and blob integrity
74 Relies on Secure/Trusted boot process for platform integrity. It can
80 for platform integrity.
320 compromised by a user level problem, and when sealed to a platform integrity
/linux-6.8/security/lockdown/
DKconfig34 bool "Integrity"
36 The kernel runs in integrity mode by default. Features that allow
/linux-6.8/security/
DMakefile29 # Object integrity file lists
30 obj-$(CONFIG_INTEGRITY) += integrity/

12345678910>>...19