Searched full:integrity (Results 1 – 25 of 94) sorted by relevance
1234
| /Documentation/block/ |
| D | data-integrity.rst | 2 Data Integrity
16 protocols (SBC Data Integrity Field, SCC protection proposal) as well
18 support for appending integrity metadata to an I/O. The integrity
29 DIF and the other integrity extensions is that the protection format
31 integrity of the I/O and reject it if corruption is detected. This
35 2. The Data Integrity Extensions
40 allow the operating system to interact with the integrity metadata
45 The SCSI Data Integrity Field works by appending 8 bytes of protection
46 information to each sector. The data + integrity metadata is stored
53 encouraged them to allow separation of the data and integrity metadata
[all …]
|
| D | index.rst | 14 data-integrity
|
| D | inline-encryption.rst | 275 Interaction between inline encryption and blk integrity
283 its integrity information is calculated (using the plaintext data, since
285 integrity info is sent to the device. Obviously, the integrity info must be
287 must not store the integrity info that it received with the plaintext data
289 re-generate the integrity info from the ciphertext data and store that on disk
290 instead. Another issue with storing the integrity info of the plaintext data is
293 if the fallback is used, the device will receive the integrity info of the
298 and disallow the combination for now. Whenever a device supports integrity, the
|
| /Documentation/admin-guide/device-mapper/ |
| D | dm-integrity.rst | 2 dm-integrity
5 The dm-integrity target emulates a block device that has additional
6 per-sector tags that can be used for storing integrity information.
8 A general problem with storing integrity tags with every sector is that
9 writing the sector and the integrity tag must be atomic - i.e. in case of
10 crash, either both sector and integrity tag or none of them is written.
12 To guarantee write atomicity, the dm-integrity target uses journal, it
13 writes sector data and integrity tags into a journal, commits the journal
14 and then copies the data and integrity tags to their respective location.
16 The dm-integrity target can be used with the dm-crypt target - in this
[all …]
|
| D | dm-crypt.rst | 137 integrity:<bytes>:<type>
139 in per-bio integrity structure. This metadata must by provided
140 by underlying dm-integrity target.
146 integrity for the encrypted device. The additional space is then
164 Use an integrity key of <bytes> size instead of using an integrity key size
|
| D | verity.rst | 5 Device-Mapper's "verity" target provides transparent integrity checking of
32 This is the device containing data, the integrity of which needs to be
169 Cryptographic hashes are used to assert the integrity of the device on a
177 integrity checking is essential.
212 It is expected that a user-space tool will verify the integrity of the
|
| D | index.rst | 18 dm-integrity
|
| D | dm-ima.rst | 15 target types like crypt, verity, integrity etc. Each of these target
49 /sys/kernel/security/integrity/ima/ascii_runtime_measurements
50 /sys/kernel/security/integrity/ima/binary_runtime_measurements
62 TEMPLATE_NAME := Template name that registered the integrity value (e.g. ima-buf).
143 target_name := Name of the target. 'linear', 'crypt', 'integrity' etc.
331 #. integrity
418 3. integrity
421 section above) has the following data format for 'integrity' target.
430 target_name := "target_name=integrity"
450 When a 'integrity' target is loaded, then IMA ASCII measurement log will have an entry
[all …]
|
| /Documentation/security/ |
| D | ipe.rst | 3 Integrity Policy Enforcement (IPE) - Kernel Documentation
17 strong integrity guarantees over both the executable code, and specific
19 specific data files would not be readable unless they passed integrity
22 of what would provide the integrity claims. At the time, there were two
23 main mechanisms considered that could guarantee integrity for the system
30 over IMA+EVM as the *integrity mechanism* in the original use case of IPE
39 files), cannot be enforced to be globally integrity verified. This means
41 enforce the integrity policy, or it should not.
44 policy would indicate what labels required integrity verification, which
48 file should be subject to integrity policy.
[all …]
|
| D | snp-tdx-threat-model.rst | 26 security technologies that aim to protect the confidentiality and integrity
46 integrity for the VM's guest memory and execution state (vCPU registers),
51 …w.amd.com/system/files/techdocs/sev-snp-strengthening-vm-isolation-with-integrity-protection-and-m…
163 integrity protection. This threat model assumes that those features are
168 1. Preserve the confidentiality and integrity of CoCo guest's private
201 data should also be considered untrusted until its integrity and
226 This allows the host to break the integrity of the code running
233 integrity or freshness of such data.
|
| D | digsig.rst | 20 Currently digital signatures are used by the IMA/EVM integrity protection subsystem.
70 * Verifies data integrity against digital signature.
|
| /Documentation/ABI/stable/ |
| D | sysfs-class-tpm | 4 Contact: linux-integrity@vger.kernel.org
12 Contact: linux-integrity@vger.kernel.org
24 Contact: linux-integrity@vger.kernel.org
32 Contact: linux-integrity@vger.kernel.org
49 Contact: linux-integrity@vger.kernel.org
72 Contact: linux-integrity@vger.kernel.org
81 Contact: linux-integrity@vger.kernel.org
89 Contact: linux-integrity@vger.kernel.org
112 Contact: linux-integrity@vger.kernel.org
164 Contact: linux-integrity@vger.kernel.org
[all …]
|
| D | sysfs-block | 106 What: /sys/block/<disk>/integrity/device_is_integrity_capable
111 integrity metadata. Set if the device is T10 PI-capable.
114 What: /sys/block/<disk>/integrity/format
118 Metadata format for integrity capable block device.
122 What: /sys/block/<disk>/integrity/protection_interval_bytes
127 by one integrity tuple. Typically the device's logical
131 What: /sys/block/<disk>/integrity/read_verify
136 integrity of read requests serviced by devices that
137 support sending integrity metadata.
140 What: /sys/block/<disk>/integrity/tag_size
[all …]
|
| /Documentation/staging/ |
| D | xz.rst | 13 for executable code. CRC32 is supported for integrity checking.
53 Since the XZ Embedded supports only streams with CRC32 or no integrity
54 check, make sure that you don't use some other integrity check type
62 which will verify the integrity of the uncompressed data anyway.
63 Double checking the integrity would probably be waste of CPU cycles.
65 by the decoder; you can only change the integrity check type (or
|
| /Documentation/admin-guide/ |
| D | jfs.rst | 28 from backup media. The integrity of the volume is not
31 integrity(*)
|
| /Documentation/security/keys/ |
| D | trusted-encrypted.rst | 11 convenience, and are integrity verified.
74 * Optional binding to platform integrity state
78 Keys can be optionally sealed to specified PCR (integrity measurement)
79 values, and only unsealed by the TPM, if PCRs and blob integrity
88 Relies on Secure/Trusted boot process for platform integrity. It can
94 for platform integrity.
99 platform integrity.
364 compromised by a user level problem, and when sealed to a platform integrity
|
| /Documentation/ABI/testing/ |
| D | sysfs-class-fc_host | 13 These files contain the number of link integrity error
|
| D | sysfs-class-fc_remote_ports | 13 These files contain the number of link integrity error
|
| D | evm | 7 against integrity attacks. The initial method maintains an
93 dracut (via 97masterkey and 98integrity) and systemd (via
|
| /Documentation/security/tpm/ |
| D | tpm-security.rst | 33 secrets and integrity as far as we are able in this environment and to
41 Measurement (PCR) Integrity
132 used to check the integrity of requests and responses and decrypt and
151 protect the integrity. Additionally, we use parameter encryption to
209 that TPM integrity and privacy was preserved across the entire boot
|
| /Documentation/filesystems/nfs/ |
| D | rpc-server-gss.rst | 36 - integrity/privacy protection (signing and encrypting of individual
42 Therefore, we perform per-packet integrity and privacy protection in the
|
| /Documentation/arch/x86/ |
| D | intel_txt.rst | 62 measure or protect the integrity of a running kernel, they all
63 assume the kernel is "good" to begin with. The Integrity
64 Measurement Architecture (IMA) and Linux Integrity Module interface
177 In order to preserve system integrity across S3, the kernel
|
| /Documentation/admin-guide/LSM/ |
| D | LoadPin.rst | 29 still use LoadPin to protect the integrity of other files kernel loads. The
|
| /Documentation/devicetree/bindings/crypto/ |
| D | fsl,sec-v4.0.yaml | 124 Run Time Integrity Check (RTIC) Node. Defines a register space that
162 Run Time Integrity Check (RTIC) Memory Node defines individual RTIC
163 memory regions that are used to perform run-time integrity check of
|
| /Documentation/filesystems/ |
| D | ubifs-authentication.rst | 32 layer, the dm-integrity or dm-verity subsystems [DM-INTEGRITY, DM-VERITY]
210 the authenticity and integrity of metadata and file contents stored on flash.
217 does not prevent it, it enables (trusted) code to check the integrity and
267 the root node to ensure the node's integrity.
379 protect the integrity of the full LPT by a simple hash stored in the master
442 [DM-INTEGRITY] https://www.kernel.org/doc/Documentation/device-mapper/dm-integrity.rst
|
1234