Home
last modified time | relevance | path

Searched +full:non +full:- +full:secure +full:- +full:domain (Results 1 – 25 of 25) sorted by relevance

/Documentation/devicetree/bindings/misc/
Dqcom,fastrpc.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
10 - Srinivas Kandagatla <srinivas.kandagatla@linaro.org>
13 The FastRPC implements an IPC (Inter-Processor Communication)
25 - adsp
26 - mdsp
27 - sdsp
28 - cdsp
29 - cdsp1
[all …]
/Documentation/devicetree/bindings/bus/
Dst,stm32mp25-rifsc.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
4 $id: http://devicetree.org/schemas/bus/st,stm32mp25-rifsc.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
10 - Gatien Chevallier <gatien.chevallier@foss.st.com>
19 - RISC registers associated with RISUP logic (resource isolation device unit
20 for peripherals), assign all non-RIF aware peripherals to zero, one or
21 any security domains (secure, privilege, compartment).
22 - RIMC registers: associated with RIMU logic (resource isolation master
23 unit), assign all non RIF-aware bus master to one security domain by
[all …]
/Documentation/devicetree/bindings/clock/
Dfujitsu,mb86s70-crg11.txt2 -----------------------------------
5 - compatible : Shall contain "fujitsu,mb86s70-crg11"
6 - #clock-cells : Shall be 3 {cntrlr domain port}
13 compatible = "fujitsu,mb86s70-crg11";
14 #clock-cells = <3>;
18 #mbox-cells = <1>;
21 interrupts = <0 36 4>, /* LP Non-Sec */
22 <0 35 4>, /* HP Non-Sec */
23 <0 37 4>; /* Secure */
24 clocks = <&clock 0 2 1>; /* Cntrlr:0 Domain:2 Port:1 */
[all …]
/Documentation/devicetree/bindings/mailbox/
Darm,mhu.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
10 - Jassi Brar <jaswinder.singh@linaro.org>
13 The ARM's Message-Handling-Unit (MHU) is a mailbox controller that has 3
19 be a 'Secure' resource, hence can't be used by Linux running NS.
22 interrupt signal using a 32-bit register, with all 32-bits logically ORed
28 interrupt. Each of the 32-bits can be used as "doorbell" to alert the remote
37 - arm,mhu
38 - arm,mhu-doorbell
[all …]
/Documentation/trace/coresight/
Dcoresight-cpu-debug.rst9 ------------
11 Coresight CPU debug module is defined in ARMv8-a architecture reference manual
13 debug module and it is mainly used for two modes: self-hosted debug and
16 explore debugging method which rely on self-hosted debug mode, this document
19 The debug module provides sample-based profiling extension, which can be used
20 to sample CPU program counter, secure state and exception level, etc; usually
21 every CPU has one dedicated debug module to be connected. Based on self-hosted
29 --------------
31 - During driver registration, it uses EDDEVID and EDDEVID1 - two device ID
32 registers to decide if sample-based profiling is implemented or not. On some
[all …]
/Documentation/devicetree/bindings/timer/
Darm,arch_timer.yaml1 # SPDX-License-Identifier: GPL-2.0
3 ---
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
10 - Marc Zyngier <marc.zyngier@arm.com>
11 - Mark Rutland <mark.rutland@arm.com>
13 ARM cores may have a per-core architected timer, which provides per-cpu timers,
17 The per-core architected timer is attached to a GIC to deliver its
18 per-processor interrupts via PPIs. The memory mapped timer is attached to a GIC
24 - items:
25 - const: arm,cortex-a15-timer
[all …]
/Documentation/admin-guide/
Dthunderbolt.rst1 .. SPDX-License-Identifier: GPL-2.0
25 -----------------------------------
27 should be a userspace tool that handles all the low-level details, keeps
31 found in ``Documentation/ABI/testing/sysfs-bus-thunderbolt``.
35 ``/etc/udev/rules.d/99-local.rules``::
66 secure
68 addition to UUID the device (if it supports secure connect) is sent
89 the Thunderbolt domain the host controller manages. There is typically
90 one domain per Thunderbolt host controller.
92 If the security level reads as ``user`` or ``secure`` the connected
[all …]
Dkernel-parameters.txt16 force -- enable ACPI if default was off
17 on -- enable ACPI but allow fallback to DT [arm64,riscv64]
18 off -- disable ACPI if default was on
19 noirq -- do not use ACPI for IRQ routing
20 strict -- Be less tolerant of platforms that are not
22 rsdt -- prefer RSDT over (default) XSDT
23 copy_dsdt -- copy DSDT to memory
24 nospcr -- disable console in ACPI SPCR table as
41 If set to vendor, prefer vendor-specific driver
73 Documentation/firmware-guide/acpi/debug.rst for more information about
[all …]
Ddevices.txt1 0 Unnamed devices (e.g. non-device mounts)
7 2 = /dev/kmem OBSOLETE - replaced by /proc/kcore
11 6 = /dev/core OBSOLETE - replaced by /proc/kcore
14 9 = /dev/urandom Faster, less secure random number gen.
18 12 = /dev/oldmem OBSOLETE - replaced by /proc/vmcore
31 2 char Pseudo-TTY masters
37 Pseudo-tty's are named as follows:
40 the 1st through 16th series of 16 pseudo-ttys each, and
44 These are the old-style (BSD) PTY devices; Unix98
106 3 char Pseudo-TTY slaves
[all …]
/Documentation/arch/s390/
Dvfio-ap.rst13 The AP adapter cards are exposed via the AP bus. The motivation for vfio-ap
45 sub-directory::
50 * AP domain
53 depending upon the adapter type and hardware configuration. A domain is
54 identified by a number from 0 to 255; however, the maximum domain number is
55 determined by machine model and/or adapter type.. A domain can be thought of
57 domain can be configured with a secure private key used for clear key
58 encryption. A domain is classified in one of two ways depending upon how it
65 usage domain; for example, to set the secure private key for the control
66 domain.
[all …]
/Documentation/process/
Dembargoed-hardware-issues.rst7 -----
23 -------
31 Linux kernel security team (:ref:`Documentation/admin-guide/
34 The team can be contacted by email at <hardware-security@kernel.org>. This
43 - PGP: https://www.kernel.org/static/files/hardware-security.asc
44 - S/MIME: https://www.kernel.org/static/files/hardware-security.crt
55 - Linus Torvalds (Linux Foundation Fellow)
56 - Greg Kroah-Hartman (Linux Foundation Fellow)
57 - Thomas Gleixner (Linux Foundation Fellow)
59 Operation of mailing-lists
[all …]
/Documentation/arch/arm64/
Dbooting.rst13 (EL0 - EL3), with EL0, EL1 and EL2 having a secure and a non-secure
15 level and exists only in secure mode. Both are architecturally optional.
19 is passed to the Linux kernel. This may include secure monitor and
33 ---------------------------
46 -------------------------
50 The device tree blob (dtb) must be placed on an 8-byte boundary and must
59 ------------------------------
71 ------------------------
75 The decompressed kernel image contains a 64-byte header as follows::
91 - As of v3.17, all fields are little endian unless stated otherwise.
[all …]
/Documentation/ABI/testing/
Dsysfs-bus-thunderbolt29 de-authorization of devices. Value of 1 means user can
30 de-authorize PCIe tunnel by writing 0 to authorized
53 secure Require devices that support secure connect at
78 0 The device will be de-authorized (only supported if
79 deauthorization attribute under domain contains 1)
87 0 The device will be de-authorized (only supported if
88 deauthorization attribute under domain contains 1)
117 Description: When a devices supports Thunderbolt secure connect it will
119 authorization to use the secure connection method instead.
202 -ENODATA instead as the NVM version is not available.
[all …]
Dsysfs-devices-system-cpu2 Date: pre-git history
3 Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org>
18 Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org>
37 See Documentation/admin-guide/cputopology.rst for more information.
43 Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org>
58 Contact: Linux memory management mailing list <linux-mm@kvack.org>
67 /sys/devices/system/cpu/cpu42/node2 -> ../../node/node2
77 Contact: Linux kernel mailing list <linux-kernel@vger.kernel.org>
89 core_siblings_list: human-readable list of the logical CPU
99 thread_siblings_list: human-readable list of cpuX's hardware
[all …]
/Documentation/admin-guide/cifs/
Dusage.rst18 MS-SMB2 (for detailed SMB2/SMB3/SMB3.1.1 protocol specification)
36 (e.g. /usr/src/linux-2.5.73)
48 the modules directory e.g. /lib/modules/6.3.0-060300-generic/kernel/fs/smb/client/cifs.ko).
57 required, mount.cifs is recommended. Most distros include a ``cifs-utils``
62 domain to the proper network user. The mount.cifs mount helper can be
63 found at cifs-utils.git on git.samba.org
80 much older and less secure than the default dialect SMB3 which includes
122 mounts, unless umount is invoked with -i (which will avoid invoking a umount
139 Most current servers support SMB2.1 and SMB3 which are more secure,
140 but there are useful protocol extensions for the older less secure CIFS
[all …]
/Documentation/arch/x86/
Dtdx.rst1 .. SPDX-License-Identifier: GPL-2.0
4 Intel Trust Domain Extensions (TDX)
7 Intel's Trust Domain Extensions (TDX) protect confidential guest VMs from
16 TDX introduces a new CPU mode called Secure Arbitration Mode (SEAM) and
18 CPU-attested software module called 'the TDX module' runs inside the new
22 TDX also leverages Intel Multi-Key Total Memory Encryption (MKTME) to
23 provide crypto-protection to the VMs. TDX reserves part of MKTME KeyIDs
32 TDX boot-time detection
33 -----------------------
41 ---------------------------------------
[all …]
/Documentation/driver-api/
Dvfio.rst2 VFIO - "Virtual Function I/O" [1]_
7 allotted. This includes x86 hardware with AMD-Vi and Intel VT-d,
11 a secure, IOMMU protected environment. In other words, this allows
12 safe [2]_, non-privileged, userspace drivers.
19 bare-metal device drivers [3]_.
22 field, also benefit from low-overhead, direct device access from
23 userspace. Examples include network adapters (often non-TCP/IP based)
33 secure, more featureful userspace driver environment than UIO.
36 ---------------------------
41 by far the most critical aspect for maintaining a secure environment
[all …]
/Documentation/devicetree/bindings/mmc/
Dnvidia,tegra20-sdhci.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
4 $id: http://devicetree.org/schemas/mmc/nvidia,tegra20-sdhci.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
7 title: NVIDIA Tegra Secure Digital Host Controller
10 - Thierry Reding <thierry.reding@gmail.com>
11 - Jon Hunter <jonathanh@nvidia.com>
18 mmc-controller.yaml and the properties for the Tegra SDHCI controller.
23 - enum:
24 - nvidia,tegra20-sdhci
[all …]
/Documentation/networking/
Drxrpc.rst1 .. SPDX-License-Identifier: GPL-2.0
7 The RxRPC protocol driver provides a reliable two-phase transport on top of UDP
38 RxRPC is a two-layer protocol. There is a session layer which provides
44 +-------------+
46 +-------------+
48 +-------------+
50 +-------------+
52 +-------------+
60 (2) A two-phase protocol. The client transmits a blob (the request) and then
67 (4) A secure protocol, using the Linux kernel's key retention facility to
[all …]
Dip-sysctl.rst1 .. SPDX-License-Identifier: GPL-2.0
10 ip_forward - BOOLEAN
11 - 0 - disabled (default)
12 - not 0 - enabled
20 ip_default_ttl - INTEGER
25 ip_no_pmtu_disc - INTEGER
27 fragmentation-required ICMP is received, the PMTU to this
38 accept fragmentation-needed errors if the underlying protocol
43 only intended to secure e.g. name servers in namespaces where
48 Possible values: 0-3
[all …]
Dbonding.rst1 .. SPDX-License-Identifier: GPL-2.0
11 Corrections, HA extensions: 2000/10/03-15:
13 - Willy Tarreau <willy at meta-x.org>
14 - Constantine Gavrilov <const-g at xpert.com>
15 - Chad N. Tindel <ctindel at ieee dot org>
16 - Janice Girouard <girouard at us dot ibm dot com>
17 - Jay Vosburgh <fubar at us dot ibm dot com>
22 - Mitch Williams <mitch.a.williams at intel.com>
35 the original tools from extreme-linux and beowulf sites will not work
59 3.7 Configuring LACP for 802.3ad mode in a more secure way
[all …]
/Documentation/filesystems/
Derofs.rst1 .. SPDX-License-Identifier: GPL-2.0
4 EROFS - Enhanced Read-Only File System
10 EROFS filesystem stands for Enhanced Read-Only File System. It aims to form a
11 generic read-only filesystem solution for various read-only use cases instead
17 random-access friendly high-performance filesystem to get rid of unneeded I/O
18 amplification and memory-resident overhead compared to similar approaches.
22 - read-only storage media or
24 - part of a fully trusted read-only solution, which means it needs to be
25 immutable and bit-for-bit identical to the official golden image for
28 - hope to minimize extra storage space with guaranteed end-to-end performance
[all …]
Dfscrypt.rst2 Filesystem-level encryption (fscrypt)
11 Note: "fscrypt" in this document refers to the kernel-level portion,
14 covers the kernel-level portion. For command-line examples of how to
20 <https://source.android.com/security/encryption/file-based>`_, over
25 Unlike dm-crypt, fscrypt operates at the filesystem level rather than
28 filesystem. This is useful for multi-user systems where each user's
29 data-at-rest needs to be cryptographically isolated from the others.
34 directly into supported filesystems --- currently ext4, F2FS, UBIFS,
44 fscrypt does not support encrypting files in-place. Instead, it
54 ---------------
[all …]
/Documentation/admin-guide/sysctl/
Dkernel.rst5 .. See scripts/check-sysctl-docs to keep this up to date
13 Documentation/admin-guide/sysctl/index.rst.
15 ------------------------------------------------------------------------------
39 If BSD-style process accounting is enabled these values control
71 The machine hardware name, the same output as ``uname -m``
129 Ctrl-Alt-Delete). Writing a value to this file which doesn't
130 correspond to a running process will result in ``-ESRCH``.
132 See also `ctrl-alt-del`_.
236 ctrl-alt-del
239 When the value in this file is 0, ctrl-alt-del is trapped and
[all …]
/Documentation/virt/kvm/
Dapi.rst1 .. SPDX-License-Identifier: GPL-2.0
4 The Definitive KVM (Kernel-based Virtual Machine) API Documentation
13 - System ioctls: These query and set global attributes which affect the
17 - VM ioctls: These query and set attributes that affect an entire virtual
24 - vcpu ioctls: These query and set attributes that control the operation
32 - device ioctls: These query and set attributes that control the operation
52 of fork() and the SCM_RIGHTS facility of unix domain socket. These
80 facility that allows backward-compatible extensions to the API to be
104 the ioctl returns -ENOTTY.
122 -----------------------
[all …]