Home
last modified time | relevance | path

Searched refs:in (Results 1 – 14 of 14) sorted by relevance

/security/keys/
Dkeyctl_pkey.c219 void *in, *out; in keyctl_pkey_e_d_s() local
244 in = memdup_user(_in, params.in_len); in keyctl_pkey_e_d_s()
245 if (IS_ERR(in)) { in keyctl_pkey_e_d_s()
246 ret = PTR_ERR(in); in keyctl_pkey_e_d_s()
255 ret = params.key->type->asym_eds_op(&params, in, out); in keyctl_pkey_e_d_s()
265 kfree(in); in keyctl_pkey_e_d_s()
294 void *in, *in2; in keyctl_pkey_verify() local
306 in = memdup_user(_in, params.in_len); in keyctl_pkey_verify()
307 if (IS_ERR(in)) { in keyctl_pkey_verify()
308 ret = PTR_ERR(in); in keyctl_pkey_verify()
[all …]
DKconfig11 access keys in the kernel.
29 call that didn't upcall to the kernel to be cached temporarily in the
38 filesystem in which each method needs to request an authentication
48 in the sense that they stay around after all processes of that UID
83 keys in the kernel. Trusted keys are random number symmetric keys,
101 in the kernel. Encrypted keys are kernel generated random numbers,
117 in the kernel.
/security/lockdown/
DKconfig10 bool "Enable lockdown LSM early in init"
13 Enable the lockdown LSM early in boot. This is necessary in order
36 The kernel runs in integrity mode by default. Features that allow
42 The kernel runs in confidentiality mode by default. Features that
/security/apparmor/
DKconfig14 Required userspace tools (if they are not included in your
38 to verify that policy in the kernel matches what is expected,
48 Build apparmor with debugging logic in apparmor. Not all
80 in TAP format (https://testanything.org/). Only useful for kernel devs
84 For more information on KUnit and unit tests in general please refer
85 to the KUnit documentation in Documentation/dev-tools/kunit/.
/security/selinux/
DKconfig21 kernel image to be distributed with SELinux built in, but not
45 WARNING: this option is deprecated and will be removed in a future
58 kernel will start in permissive mode (log everything, deny nothing)
91 WARNING: this option is deprecated and will be removed in a future
102 This option sets the number of buckets used in the sidtab hashtable
Dhooks.c5790 return selinux_ip_forward(skb, state->in, PF_INET); in selinux_ipv4_forward()
5798 return selinux_ip_forward(skb, state->in, PF_INET6); in selinux_ipv6_forward()
/security/tomoyo/
DKconfig27 such programs in "learning mode" dulls the system response
47 Say Y here if you want to activate access control as soon as built-in
80 bool "Use insecure built-in settings for fuzzing tests."
85 Enabling this option forces minimal built-in policy and disables
/security/integrity/ima/
DKconfig129 appended to the original policy. Have in mind that the rules are
130 scanned in FIFO order so be careful when you design and add new ones.
242 The modsig keyword can be used in the IMA policy to allow a hook
246 bool "Permit keys validly signed by a built-in or secondary CA cert (EXPERIMENTAL)"
254 key is validly signed by a CA cert in the system built-in or
257 Intermediate keys between those the kernel has compiled in and the
259 provided they are validly signed by a key already resident in the
260 built-in or secondary trusted keyrings.
/security/
DKconfig114 Intel TXT support in a kernel boot.
139 validating memory ranges against heap object sizes in
176 however, several cases of this in the kernel that have not all
187 Detect overflows of buffers in common string and memory functions
196 either in the kernel code itself, or as a kernel configuration
219 be in the first argument passed to this program on the command
247 in old kernel configs to CONFIG_LSM in new kernel configs. Don't
279 A comma-separated list of LSMs, in initialization order.
DKconfig.hardening53 initialized before use in a function.
193 bool "Show STACKLEAK metrics in the /proc file system"
197 If this is set, STACKLEAK metrics for every task are available in
208 This option provides 'stack_erasing' sysctl, which can be used in
233 with "init_on_free" is that data lifetime in memory is reduced,
257 generated "write-what-where" gadgets) in the resulting kernel
/security/smack/
DKconfig21 Enable the bring-up ("b") access mode in Smack rules.
54 delivering a signal in the Smack rules.
/security/yama/
DKconfig11 Further information can be found in
/security/landlock/
DKconfig11 set of access rights (e.g. open a file in read-only, make a
/security/integrity/evm/
DKconfig39 in the HMAC calculation, enabling this option includes newly defined