| /kernel/linux/linux-5.10/drivers/memory/tegra/ |
| D | tegra186.c | 25 unsigned int security; member
47 u32 override, security; in tegra186_mc_program_sid() local
50 security = readl(mc->regs + client->regs.security); in tegra186_mc_program_sid()
52 dev_dbg(mc->dev, "client %s: override: %x security: %x\n", in tegra186_mc_program_sid()
53 client->name, override, security); in tegra186_mc_program_sid()
60 security = readl(mc->regs + client->regs.security); in tegra186_mc_program_sid()
62 dev_dbg(mc->dev, "client %s: override: %x security: %x\n", in tegra186_mc_program_sid()
63 client->name, override, security); in tegra186_mc_program_sid()
74 .security = 0x004,
81 .security = 0x074,
[all …]
|
| /kernel/linux/linux-6.6/Documentation/security/ |
| D | lsm.rst | 2 Linux Security Modules: General Security Hooks for Linux
16 In March 2001, the National Security Agency (NSA) gave a presentation
17 about Security-Enhanced Linux (SELinux) at the 2.5 Linux Kernel Summit.
20 implemented as its own particular kernel patch. Several other security
25 patch to support its security needs.
28 remarks that described a security framework he would be willing to
30 general framework that would provide a set of security hooks to control
31 operations on kernel objects and a set of opaque security fields in
32 kernel data structures for maintaining security attributes. This
34 desired model of security. Linus also suggested the possibility of
[all …]
|
| /kernel/linux/linux-5.10/Documentation/security/ |
| D | lsm.rst | 2 Linux Security Modules: General Security Hooks for Linux
16 In March 2001, the National Security Agency (NSA) gave a presentation
17 about Security-Enhanced Linux (SELinux) at the 2.5 Linux Kernel Summit.
20 implemented as its own particular kernel patch. Several other security
25 patch to support its security needs.
28 remarks that described a security framework he would be willing to
30 general framework that would provide a set of security hooks to control
31 operations on kernel objects and a set of opaque security fields in
32 kernel data structures for maintaining security attributes. This
34 desired model of security. Linus also suggested the possibility of
[all …]
|
| /kernel/linux/linux-6.6/drivers/memory/tegra/ |
| D | tegra194.c | 20 .security = 0x004,
30 .security = 0x00c,
40 .security = 0x014,
50 .security = 0x0ac,
60 .security = 0x0b4,
70 .security = 0x0e4,
80 .security = 0x0fc,
90 .security = 0x13c,
100 .security = 0x15c,
110 .security = 0x1ac,
[all …]
|
| D | tegra186.c | 78 if (client->regs.sid.security == 0 && client->regs.sid.override == 0) in tegra186_mc_client_sid_override()
81 value = readl(mc->regs + client->regs.sid.security); in tegra186_mc_client_sid_override()
100 writel(value, mc->regs + client->regs.sid.security); in tegra186_mc_client_sid_override()
158 .security = 0x004,
168 .security = 0x074,
178 .security = 0x0ac,
188 .security = 0x0b4,
198 .security = 0x0e4,
208 .security = 0x0fc,
218 .security = 0x13c,
[all …]
|
| D | tegra234.c | 17 * override and security register offsets.
29 .security = 0xac,
41 .security = 0xe4,
53 .security = 0x144,
65 .security = 0x14c,
77 .security = 0x154,
89 .security = 0x15c,
99 .security = 0x164,
109 .security = 0x16c,
119 .security = 0x174,
[all …]
|
| /kernel/linux/linux-6.6/security/ |
| D | Kconfig | 3 # Security configuration
6 menu "Security options"
8 source "security/keys/Kconfig"
54 config SECURITY config
55 bool "Enable different security models"
59 This allows you to choose different security modules to be
62 If this option is not selected, the default Linux security
71 various security modules (AppArmor, IMA, SafeSetID, TOMOYO, TPM).
76 bool "Socket and Networking Security Hooks"
77 depends on SECURITY
[all …]
|
| /kernel/linux/linux-5.10/security/ |
| D | Kconfig | 3 # Security configuration
6 menu "Security options"
8 source "security/keys/Kconfig"
22 config SECURITY config
23 bool "Enable different security models"
27 This allows you to choose different security modules to be
30 If this option is not selected, the default Linux security
36 depends on SECURITY
44 various security modules (AppArmor, IMA, SafeSetID, TOMOYO, TPM).
49 bool "Socket and Networking Security Hooks"
[all …]
|
| /kernel/linux/linux-5.10/include/linux/ |
| D | lsm_hooks.h | 2 * Linux Security Module interfaces
28 #include <linux/security.h>
33 * union security_list_options - Linux Security Module hook function list
35 * Security hooks for program execution operations.
38 * If the setup in prepare_exec_creds did not setup @bprm->cred->security
40 * @bprm->cred->security to be what commit_creds needs to install for the
42 * (e.g. for transitions between security domains).
55 * between security domains).
64 * begin. It allows a check against the @bprm->cred->security value
71 * Prepare to install the new security attributes of a process being
[all …]
|
| /kernel/linux/linux-5.10/Documentation/driver-api/nvdimm/ |
| D | security.rst | 2 NVDIMM Security
9 specification [1], security DSMs are introduced. The spec added the following
10 security DSMs: "get security state", "set passphrase", "disable passphrase",
12 data structure has been added to struct dimm in order to support the security
17 The "security" sysfs attribute is provided in the nvdimm sysfs directory. For
19 /sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/security
21 The "show" attribute of that attribute will display the security state for
23 frozen, and overwrite. If security is not supported, the sysfs attribute
27 in order to support some of the security functionalities:
29 disable <keyid> - disable enabled security and remove key.
[all …]
|
| /kernel/linux/linux-6.6/Documentation/driver-api/nvdimm/ |
| D | security.rst | 2 NVDIMM Security
9 specification [1], security DSMs are introduced. The spec added the following
10 security DSMs: "get security state", "set passphrase", "disable passphrase",
12 data structure has been added to struct dimm in order to support the security
17 The "security" sysfs attribute is provided in the nvdimm sysfs directory. For
19 /sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/security
21 The "show" attribute of that attribute will display the security state for
23 frozen, and overwrite. If security is not supported, the sysfs attribute
27 in order to support some of the security functionalities:
29 disable <keyid> - disable enabled security and remove key.
[all …]
|
| /kernel/linux/linux-6.6/Documentation/process/ |
| D | security-bugs.rst | 3 Security bugs
6 Linux kernel developers take security very seriously. As such, we'd
7 like to know when a security bug is found so that it can be fixed and
8 disclosed as quickly as possible. Please report security bugs to the
9 Linux kernel security team.
14 The Linux kernel security team can be contacted by email at
15 <security@kernel.org>. This is a private list of security officers
19 security team will bring in extra help from area maintainers to
20 understand and fix the security vulnerability.
39 The security list is not a disclosure channel. For that, see Coordination
[all …]
|
| D | embargoed-hardware-issues.rst | 9 Hardware issues which result in security problems are a different category
10 of security bugs than pure software bugs which only affect the Linux
25 The Linux kernel hardware security team is separate from the regular Linux
26 kernel security team.
28 The team only handles developing fixes for embargoed hardware security
29 issues. Reports of pure software security bugs in the Linux kernel are not
31 Linux kernel security team (:ref:`Documentation/admin-guide/
34 The team can be contacted by email at <hardware-security@kernel.org>. This
35 is a private list of security officers who will help you to coordinate a
43 - PGP: https://www.kernel.org/static/files/hardware-security.asc
[all …]
|
| /kernel/linux/linux-5.10/Documentation/admin-guide/ |
| D | security-bugs.rst | 3 Security bugs
6 Linux kernel developers take security very seriously. As such, we'd
7 like to know when a security bug is found so that it can be fixed and
8 disclosed as quickly as possible. Please report security bugs to the
9 Linux kernel security team.
14 The Linux kernel security team can be contacted by email at
15 <security@kernel.org>. This is a private list of security officers
19 security team will bring in extra help from area maintainers to
20 understand and fix the security vulnerability.
39 The security list is not a disclosure channel. For that, see Coordination
[all …]
|
| /kernel/linux/linux-5.10/Documentation/process/ |
| D | embargoed-hardware-issues.rst | 9 Hardware issues which result in security problems are a different category
10 of security bugs than pure software bugs which only affect the Linux
25 The Linux kernel hardware security team is separate from the regular Linux
26 kernel security team.
28 The team only handles the coordination of embargoed hardware security
29 issues. Reports of pure software security bugs in the Linux kernel are not
31 Linux kernel security team (:ref:`Documentation/admin-guide/
34 The team can be contacted by email at <hardware-security@kernel.org>. This
35 is a private list of security officers who will help you to coordinate an
43 - PGP: https://www.kernel.org/static/files/hardware-security.asc
[all …]
|
| /kernel/linux/linux-5.10/Documentation/netlabel/ |
| D | lsm_interface.rst | 2 NetLabel Linux Security Module Interface
12 NetLabel is a mechanism which can set and retrieve security attributes from
15 The NetLabel security module API is defined in 'include/net/netlabel.h' but a
18 NetLabel Security Attributes
22 it uses the concept of security attributes to refer to the packet's security
23 labels. The NetLabel security attributes are defined by the
25 NetLabel subsystem converts the security attributes to and from the correct
28 security attributes into whatever security identifiers are in use for their
44 label and the internal LSM security identifier can be time consuming. The
47 LSM has received a packet, used NetLabel to decode its security attributes,
[all …]
|
| D | introduction.rst | 12 NetLabel is a mechanism which can be used by kernel security modules to attach
13 security attributes to outgoing network packets generated from user space
14 applications and read security attributes from incoming network packets. It
16 layer, and the kernel security module API.
22 network packet's security attributes. If any translation between the network
23 security attributes and those on the host are required then the protocol
26 the NetLabel kernel security module API described below.
41 Security Module API
44 The purpose of the NetLabel security module API is to provide a protocol
46 to protocol independence, the security module API is designed to be completely
[all …]
|
| /kernel/linux/linux-6.6/Documentation/netlabel/ |
| D | lsm_interface.rst | 2 NetLabel Linux Security Module Interface
12 NetLabel is a mechanism which can set and retrieve security attributes from
15 The NetLabel security module API is defined in 'include/net/netlabel.h' but a
18 NetLabel Security Attributes
22 it uses the concept of security attributes to refer to the packet's security
23 labels. The NetLabel security attributes are defined by the
25 NetLabel subsystem converts the security attributes to and from the correct
28 security attributes into whatever security identifiers are in use for their
44 label and the internal LSM security identifier can be time consuming. The
47 LSM has received a packet, used NetLabel to decode its security attributes,
[all …]
|
| D | introduction.rst | 12 NetLabel is a mechanism which can be used by kernel security modules to attach
13 security attributes to outgoing network packets generated from user space
14 applications and read security attributes from incoming network packets. It
16 layer, and the kernel security module API.
22 network packet's security attributes. If any translation between the network
23 security attributes and those on the host are required then the protocol
26 the NetLabel kernel security module API described below.
41 Security Module API
44 The purpose of the NetLabel security module API is to provide a protocol
46 to protocol independence, the security module API is designed to be completely
[all …]
|
| /kernel/linux/linux-5.10/security/integrity/evm/ |
| D | Kconfig | 11 EVM protects a file's security extended attributes against
37 In addition to the original security xattrs (eg. security.selinux,
38 security.SMACK64, security.capability, and security.ima) included
40 Smack xattrs: security.SMACK64EXEC, security.SMACK64TRANSMUTE and
41 security.SMACK64MMAP.
56 /sys/kernel/security/integrity/evm/evm_xattrs.
|
| /kernel/liteos_a/security/ |
| D | Kconfig | 1 config SECURITY config
2 bool "Enable Security Module"
5 This option will enable security module. This is a basic feature,
11 depends on SECURITY
19 depends on SECURITY
25 bool "Enable security boot"
27 depends on SECURITY
29 This option will enable security boot.
|
| /kernel/linux/linux-6.6/security/integrity/evm/ |
| D | Kconfig | 11 EVM protects a file's security extended attributes against
37 In addition to the original security xattrs (eg. security.selinux,
38 security.SMACK64, security.capability, and security.ima) included
40 Smack xattrs: security.SMACK64EXEC, security.SMACK64TRANSMUTE and
41 security.SMACK64MMAP.
56 /sys/kernel/security/integrity/evm/evm_xattrs.
|
| /kernel/linux/linux-5.10/Documentation/admin-guide/LSM/ |
| D | index.rst | 2 Linux Security Module Usage
5 The Linux Security Module (LSM) framework provides a mechanism for
6 various security checks to be hooked by new kernel extensions. The name
10 ``"security=..."`` kernel command line argument, in the case where multiple
14 (MAC) extensions which provide a comprehensive security policy. Examples
25 A list of the active security modules can be found by reading
26 ``/sys/kernel/security/lsm``. This is a comma separated list, and
32 Process attributes associated with "major" security modules should
34 A security module may maintain a module specific subdirectory there,
36 security module and contains all its special files. The files directly
|
| /kernel/linux/linux-6.6/Documentation/admin-guide/LSM/ |
| D | index.rst | 2 Linux Security Module Usage
5 The Linux Security Module (LSM) framework provides a mechanism for
6 various security checks to be hooked by new kernel extensions. The name
10 ``"security=..."`` kernel command line argument, in the case where multiple
14 (MAC) extensions which provide a comprehensive security policy. Examples
25 A list of the active security modules can be found by reading
26 ``/sys/kernel/security/lsm``. This is a comma separated list, and
32 Process attributes associated with "major" security modules should
34 A security module may maintain a module specific subdirectory there,
36 security module and contains all its special files. The files directly
|
| /kernel/linux/linux-5.10/security/selinux/ |
| D | xfrm.c | 3 * NSA Security-Enhanced Linux (SELinux) security module
29 * 3. Testing addition of sk_policy's with security context via setsockopt
33 #include <linux/security.h>
63 * Returns true if the xfrm contains a security blob for SELinux.
67 return selinux_authorizable_ctx(x->security); in selinux_authorizable_xfrm()
71 * Allocates a xfrm_sec_state and populates it using the supplied security
183 if (!xp->security) in selinux_xfrm_state_pol_flow_match()
184 if (x->security) in selinux_xfrm_state_pol_flow_match()
191 if (!x->security) in selinux_xfrm_state_pol_flow_match()
199 state_sid = x->security->ctx_sid; in selinux_xfrm_state_pol_flow_match()
[all …]
|