Home
last modified time | relevance | path

Searched refs:in (Results 1 – 13 of 13) sorted by relevance

/security/keys/
Dkeyctl_pkey.c213 void *in, *out; in keyctl_pkey_e_d_s() local
238 in = memdup_user(_in, params.in_len); in keyctl_pkey_e_d_s()
239 if (IS_ERR(in)) { in keyctl_pkey_e_d_s()
240 ret = PTR_ERR(in); in keyctl_pkey_e_d_s()
249 ret = params.key->type->asym_eds_op(&params, in, out); in keyctl_pkey_e_d_s()
259 kfree(in); in keyctl_pkey_e_d_s()
288 void *in, *in2; in keyctl_pkey_verify() local
300 in = memdup_user(_in, params.in_len); in keyctl_pkey_verify()
301 if (IS_ERR(in)) { in keyctl_pkey_verify()
302 ret = PTR_ERR(in); in keyctl_pkey_verify()
[all …]
DKconfig11 access keys in the kernel.
33 call that didn't upcall to the kernel to be cached temporarily in the
42 filesystem in which each method needs to request an authentication
52 in the sense that they stay around after all processes of that UID
86 keys in the kernel. Trusted keys are random number symmetric keys,
104 in the kernel. Encrypted keys are kernel generated random numbers,
120 in the kernel.
/security/lockdown/
DKconfig10 bool "Enable lockdown LSM early in init"
13 Enable the lockdown LSM early in boot. This is necessary in order
36 The kernel runs in integrity mode by default. Features that allow
42 The kernel runs in confidentiality mode by default. Features that
/security/integrity/ima/
DKconfig131 appended to the original policy. Have in mind that the rules are
132 scanned in FIFO order so be careful when you design and add new ones.
246 The modsig keyword can be used in the IMA policy to allow a hook
259 This option is deprecated in favor of INTEGRITY_TRUSTED_KEYRING
262 bool "Permit keys validly signed by a built-in or secondary CA cert (EXPERIMENTAL)"
270 key is validly signed by a CA cert in the system built-in or
273 Intermediate keys between those the kernel has compiled in and the
275 provided they are validly signed by a key already resident in the
276 built-in or secondary trusted keyrings.
/security/tomoyo/
DKconfig27 such programs in "learning mode" dulls the system response
47 Say Y here if you want to activate access control as soon as built-in
80 bool "Use insecure built-in settings for fuzzing tests."
85 Enabling this option forces minimal built-in policy and disables
/security/
DKconfig58 bool "Remove the kernel mapping in user mode"
125 Intel TXT support in a kernel boot.
150 validating memory ranges against heap object sizes in
187 however, several cases of this in the kernel that have not all
195 Detect overflows of buffers in common string and memory functions
204 either in the kernel code itself, or as a kernel configuration
227 be in the first argument passed to this program on the command
254 in old kernel configs to CONFIG_LSM in new kernel configs. Don't
286 A comma-separated list of LSMs, in initialization order.
DKconfig.hardening40 initialized before use in a function.
151 bool "Show STACKLEAK metrics in the /proc file system"
155 If this is set, STACKLEAK metrics for every task are available in
166 This option provides 'stack_erasing' sysctl, which can be used in
191 with "init_on_free" is that data lifetime in memory is reduced,
/security/apparmor/
DKconfig12 Required userspace tools (if they are not included in your
36 to verify that policy in the kernel matches what is expected,
46 Build apparmor with debugging logic in apparmor. Not all
/security/smack/
DKconfig21 Enable the bring-up ("b") access mode in Smack rules.
54 delivering a signal in the Smack rules.
/security/selinux/
DKconfig21 kernel image to be distributed with SELinux built in, but not
55 kernel will start in permissive mode (log everything, deny nothing)
95 This option sets the number of buckets used in the sidtab hashtable
Dhooks.c5616 return selinux_ip_forward(skb, state->in, PF_INET); in selinux_ipv4_forward()
5624 return selinux_ip_forward(skb, state->in, PF_INET6); in selinux_ipv6_forward()
/security/yama/
DKconfig11 Further information can be found in
/security/integrity/evm/
DKconfig39 in the HMAC calculation, enabling this option includes newly defined