| /kernel/linux/linux-6.6/Documentation/block/ |
| D | data-integrity.rst | 2 Data Integrity
16 protocols (SBC Data Integrity Field, SCC protection proposal) as well
18 support for appending integrity metadata to an I/O. The integrity
29 DIF and the other integrity extensions is that the protection format
31 integrity of the I/O and reject it if corruption is detected. This
35 2. The Data Integrity Extensions
40 allow the operating system to interact with the integrity metadata
45 The SCSI Data Integrity Field works by appending 8 bytes of protection
46 information to each sector. The data + integrity metadata is stored
53 encouraged them to allow separation of the data and integrity metadata
[all …]
|
| /kernel/linux/linux-5.10/Documentation/block/ |
| D | data-integrity.rst | 2 Data Integrity
16 protocols (SBC Data Integrity Field, SCC protection proposal) as well
18 support for appending integrity metadata to an I/O. The integrity
29 DIF and the other integrity extensions is that the protection format
31 integrity of the I/O and reject it if corruption is detected. This
35 2. The Data Integrity Extensions
40 allow the operating system to interact with the integrity metadata
45 The SCSI Data Integrity Field works by appending 8 bytes of protection
46 information to each sector. The data + integrity metadata is stored
53 encouraged them to allow separation of the data and integrity metadata
[all …]
|
| D | inline-encryption.rst | 101 bounce bio as if it were not encrypted at all (except when blk-integrity is
235 Interaction between inline encryption and blk integrity
243 its integrity information is calculated (using the plaintext data, since
245 integrity info is sent to the device. Obviously, the integrity info must be
247 must not store the integrity info that it received with the plaintext data
249 re-generate the integrity info from the ciphertext data and store that on disk
250 instead. Another issue with storing the integrity info of the plaintext data is
253 if the fallback is used, the device will receive the integrity info of the
258 and disallow the combination for now. Whenever a device supports integrity, the
|
| /kernel/linux/linux-5.10/Documentation/admin-guide/device-mapper/ |
| D | dm-integrity.rst | 2 dm-integrity
5 The dm-integrity target emulates a block device that has additional
6 per-sector tags that can be used for storing integrity information.
8 A general problem with storing integrity tags with every sector is that
9 writing the sector and the integrity tag must be atomic - i.e. in case of
10 crash, either both sector and integrity tag or none of them is written.
12 To guarantee write atomicity, the dm-integrity target uses journal, it
13 writes sector data and integrity tags into a journal, commits the journal
14 and then copies the data and integrity tags to their respective location.
16 The dm-integrity target can be used with the dm-crypt target - in this
[all …]
|
| /kernel/linux/linux-6.6/Documentation/admin-guide/device-mapper/ |
| D | dm-integrity.rst | 2 dm-integrity
5 The dm-integrity target emulates a block device that has additional
6 per-sector tags that can be used for storing integrity information.
8 A general problem with storing integrity tags with every sector is that
9 writing the sector and the integrity tag must be atomic - i.e. in case of
10 crash, either both sector and integrity tag or none of them is written.
12 To guarantee write atomicity, the dm-integrity target uses journal, it
13 writes sector data and integrity tags into a journal, commits the journal
14 and then copies the data and integrity tags to their respective location.
16 The dm-integrity target can be used with the dm-crypt target - in this
[all …]
|
| /kernel/linux/linux-5.10/security/integrity/ |
| D | Kconfig | 3 config INTEGRITY config
4 bool "Integrity subsystem"
8 This option enables the integrity subsystem, which is comprised
9 of a number of different components including the Integrity
17 if INTEGRITY
46 bool "Require all keys on the integrity keyrings be signed"
85 bool "Enables integrity auditing support "
89 In addition to enabling integrity auditing support, this
91 controls the level of integrity auditing messages.
92 0 - basic integrity auditing messages (default)
[all …]
|
| D | Makefile | 3 # Makefile for caching inode integrity data (iint)
6 obj-$(CONFIG_INTEGRITY) += integrity.o
8 integrity-y := iint.o
9 integrity-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o
10 integrity-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o
11 integrity-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
12 integrity-$(CONFIG_INTEGRITY_PLATFORM_KEYRING) += platform_certs/platform_keyring.o
13 integrity-$(CONFIG_LOAD_UEFI_KEYS) += platform_certs/efi_parser.o \
16 integrity-$(CONFIG_LOAD_IPL_KEYS) += platform_certs/load_ipl_s390.o
17 integrity-$(CONFIG_LOAD_PPC_KEYS) += platform_certs/efi_parser.o \
|
| D | iint.c | 9 * - implements the integrity hooks: integrity_inode_alloc,
11 * - cache integrity information associated with an inode
22 #include "integrity.h"
131 * The integrity's "iint_cache" is initialized at security_init(), in integrity_inode_get()
136 panic("%s: lsm=integrity required.\n", __func__); in integrity_inode_get()
180 * Free the integrity information(iint) associated with an inode.
211 DEFINE_LSM(integrity) = {
212 .name = "integrity",
232 * integrity_load_keys - load integrity keys hook
245 integrity_dir = securityfs_create_dir("integrity", NULL); in integrity_fs_init()
[all …]
|
| /kernel/linux/linux-6.6/block/ |
| D | bio-integrity.c | 3 * bio-integrity.c - bio data integrity extensions
9 #include <linux/blk-integrity.h>
39 * bio_integrity_alloc - Allocate integrity payload and attach it to bio
40 * @bio: bio to attach integrity metadata to
42 * @nr_vecs: Number of integrity metadata scatter-gather elements
44 * Description: This function prepares a bio for attaching integrity
46 * integrity metadata that can be attached.
95 * bio_integrity_free - Free bio integrity payload
98 * Description: Used to free the integrity portion of a bio. Usually
115 * bio_integrity_add_page - Attach integrity metadata
[all …]
|
| D | blk-integrity.c | 3 * blk-integrity.c - Block layer data integrity extensions
9 #include <linux/blk-integrity.h>
20 * blk_rq_count_integrity_sg - Count number of integrity scatterlist elements
22 * @bio: bio with integrity metadata attached
25 * scatterlist corresponding to the integrity metadata in a bio.
59 * blk_rq_map_integrity_sg - Map integrity metadata into a scatterlist
61 * @bio: bio with integrity metadata attached
64 * Description: Map the integrity vectors in request into a
111 * blk_integrity_compare - Compare integrity profile of two disks
116 * sub-devices use the same integrity format before advertising to
[all …]
|
| /kernel/linux/linux-6.6/security/integrity/ |
| D | Makefile | 3 # Makefile for caching inode integrity data (iint)
6 obj-$(CONFIG_INTEGRITY) += integrity.o
8 integrity-y := iint.o
9 integrity-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o
10 integrity-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o
11 integrity-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
12 integrity-$(CONFIG_INTEGRITY_PLATFORM_KEYRING) += platform_certs/platform_keyring.o
13 integrity-$(CONFIG_INTEGRITY_MACHINE_KEYRING) += platform_certs/machine_keyring.o
14 integrity-$(CONFIG_LOAD_UEFI_KEYS) += platform_certs/efi_parser.o \
17 integrity-$(CONFIG_LOAD_IPL_KEYS) += platform_certs/load_ipl_s390.o
[all …]
|
| D | Kconfig | 3 config INTEGRITY config
4 bool "Integrity subsystem"
8 This option enables the integrity subsystem, which is comprised
9 of a number of different components including the Integrity
17 if INTEGRITY
46 bool "Require all keys on the integrity keyrings be signed"
119 bool "Enables integrity auditing support "
123 In addition to enabling integrity auditing support, this
125 controls the level of integrity auditing messages.
126 0 - basic integrity auditing messages (default)
[all …]
|
| D | iint.c | 9 * - implements the integrity hooks: integrity_inode_alloc,
11 * - cache integrity information associated with an inode
22 #include "integrity.h"
172 * Free the integrity information(iint) associated with an inode.
203 DEFINE_LSM(integrity) = {
204 .name = "integrity",
225 * integrity_load_keys - load integrity keys hook
240 integrity_dir = securityfs_create_dir("integrity", NULL); in integrity_fs_init()
245 pr_err("Unable to create integrity sysfs dir: %d\n", in integrity_fs_init()
|
| /kernel/linux/linux-5.10/block/ |
| D | bio-integrity.c | 3 * bio-integrity.c - bio data integrity extensions
41 * bio_integrity_alloc - Allocate integrity payload and attach it to bio
42 * @bio: bio to attach integrity metadata to
44 * @nr_vecs: Number of integrity metadata scatter-gather elements
46 * Description: This function prepares a bio for attaching integrity
48 * integrity metadata that can be attached.
100 * bio_integrity_free - Free bio integrity payload
103 * Description: Used to free the integrity portion of a bio. Usually
121 * bio_integrity_add_page - Attach integrity metadata
123 * @page: page containing integrity metadata
[all …]
|
| D | blk-integrity.c | 3 * blk-integrity.c - Block layer data integrity extensions
20 * blk_rq_count_integrity_sg - Count number of integrity scatterlist elements
22 * @bio: bio with integrity metadata attached
25 * scatterlist corresponding to the integrity metadata in a bio.
59 * blk_rq_map_integrity_sg - Map integrity metadata into a scatterlist
61 * @bio: bio with integrity metadata attached
64 * Description: Map the integrity vectors in request into a
111 * blk_integrity_compare - Compare integrity profile of two disks
116 * sub-devices use the same integrity format before advertising to
117 * upper layers that they can send/receive integrity metadata. This
[all …]
|
| /kernel/linux/linux-6.6/Documentation/ABI/stable/ |
| D | sysfs-class-tpm | 4 Contact: linux-integrity@vger.kernel.org
12 Contact: linux-integrity@vger.kernel.org
24 Contact: linux-integrity@vger.kernel.org
32 Contact: linux-integrity@vger.kernel.org
49 Contact: linux-integrity@vger.kernel.org
72 Contact: linux-integrity@vger.kernel.org
81 Contact: linux-integrity@vger.kernel.org
89 Contact: linux-integrity@vger.kernel.org
112 Contact: linux-integrity@vger.kernel.org
164 Contact: linux-integrity@vger.kernel.org
[all …]
|
| /kernel/linux/linux-5.10/Documentation/ABI/stable/ |
| D | sysfs-class-tpm | 4 Contact: linux-integrity@vger.kernel.org
12 Contact: linux-integrity@vger.kernel.org
24 Contact: linux-integrity@vger.kernel.org
32 Contact: linux-integrity@vger.kernel.org
49 Contact: linux-integrity@vger.kernel.org
72 Contact: linux-integrity@vger.kernel.org
81 Contact: linux-integrity@vger.kernel.org
89 Contact: linux-integrity@vger.kernel.org
112 Contact: linux-integrity@vger.kernel.org
164 Contact: linux-integrity@vger.kernel.org
[all …]
|
| /kernel/linux/linux-6.6/include/linux/ |
| D | blk-integrity.h | 48 struct blk_integrity *bi = &disk->queue->integrity; in blk_get_integrity()
65 return q->integrity.profile; in blk_integrity_queue_supports_integrity()
81 * bio_integrity_intervals - Return number of integrity intervals for a bio
86 * sectors but integrity metadata is done in terms of the data integrity
88 * to the appropriate number of integrity intervals.
108 * Return the current bvec that contains the integrity data. bip_iter may be
109 * advanced to iterate over the integrity data.
|
| D | t10-pi.h | 45 if (rq->q->integrity.interval_exp) in t10_pi_ref_tag()
46 shift = rq->q->integrity.interval_exp; in t10_pi_ref_tag()
76 if (rq->q->integrity.interval_exp) in ext_pi_ref_tag()
77 shift = rq->q->integrity.interval_exp; in ext_pi_ref_tag()
|
| /kernel/linux/linux-6.6/security/integrity/ima/ |
| D | Kconfig | 2 # IBM Integrity Measurement Architecture
5 bool "Integrity Measurement Architecture(IMA)"
17 The Trusted Computing Group(TCG) runtime Integrity
25 an aggregate integrity value over this list inside the
52 that IMA uses to maintain the integrity aggregate of the
87 prompt "Default integrity hash algorithm"
91 list, integrity appraisal and audit log. The compiled default
144 bool "Appraise integrity measurements"
147 This option enables local measurement integrity appraisal.
153 For more information on integrity appraisal refer to:
|
| /kernel/linux/linux-5.10/security/integrity/ima/ |
| D | Kconfig | 2 # IBM Integrity Measurement Architecture
5 bool "Integrity Measurement Architecture(IMA)"
17 The Trusted Computing Group(TCG) runtime Integrity
25 an aggregate integrity value over this list inside the
52 that IMA uses to maintain the integrity aggregate of the
87 prompt "Default integrity hash algorithm"
91 list, integrity appraisal and audit log. The compiled default
144 bool "Appraise integrity measurements"
147 This option enables local measurement integrity appraisal.
153 For more information on integrity appraisal refer to:
|
| /kernel/linux/linux-5.10/Documentation/ABI/testing/ |
| D | sysfs-block | 41 What: /sys/block/<disk>/integrity/format
45 Metadata format for integrity capable block device.
49 What: /sys/block/<disk>/integrity/read_verify
54 integrity of read requests serviced by devices that
55 support sending integrity metadata.
58 What: /sys/block/<disk>/integrity/tag_size
62 Number of bytes of integrity tag space available per
66 What: /sys/block/<disk>/integrity/device_is_integrity_capable
71 integrity metadata. Set if the device is T10 PI-capable.
73 What: /sys/block/<disk>/integrity/protection_interval_bytes
[all …]
|
| /kernel/linux/linux-6.6/drivers/md/ |
| D | dm-io-rewind.c | 8 #include <linux/blk-integrity.h>
48 * dm_bio_integrity_rewind - Rewind integrity vector
49 * @bio: bio whose integrity vector to update
52 * Description: This function calculates how many integrity bytes the
54 * integrity vector accordingly.
|
| /kernel/linux/linux-6.6/Documentation/staging/ |
| D | xz.rst | 16 for integrity checking. The home page of XZ Embedded is at
59 Since the XZ Embedded supports only streams with no integrity check or
60 CRC32, make sure that you don't use some other integrity check type
67 which will verify the integrity of the uncompressed data anyway.
68 Double checking the integrity would probably be waste of CPU cycles.
70 by the decoder; you can only change the integrity check type (or
|
| /kernel/linux/linux-5.10/Documentation/staging/ |
| D | xz.rst | 16 for integrity checking. The home page of XZ Embedded is at
59 Since the XZ Embedded supports only streams with no integrity check or
60 CRC32, make sure that you don't use some other integrity check type
67 which will verify the integrity of the uncompressed data anyway.
68 Double checking the integrity would probably be waste of CPU cycles.
70 by the decoder; you can only change the integrity check type (or
|