| /openbmc/linux/Documentation/block/ |
| H A D | data-integrity.rst | 2 Data Integrity
16 protocols (SBC Data Integrity Field, SCC protection proposal) as well
18 support for appending integrity metadata to an I/O. The integrity
29 DIF and the other integrity extensions is that the protection format
31 integrity of the I/O and reject it if corruption is detected. This
35 2. The Data Integrity Extensions
40 allow the operating system to interact with the integrity metadata
45 The SCSI Data Integrity Field works by appending 8 bytes of protection
46 information to each sector. The data + integrity metadata is stored
53 encouraged them to allow separation of the data and integrity metadata
[all …]
|
| /openbmc/phosphor-net-ipmid/ |
| H A D | integrity_algo.hpp | 12 namespace integrity namespace
16 * @enum Integrity Algorithms
18 * The Integrity Algorithm Number specifies the algorithm used to generate the
21 * Integrity Algorithm is none the AuthCode value is not calculated and the
37 * Interface is the base class for the Integrity Algorithms.
38 * Unless otherwise specified, the integrity algorithm is applied to the packet
60 * @brief Verify the integrity data of the packet
69 * using integrity algorithm on the packet data, false otherwise
77 * @brief Generate integrity data for the outgoing IPMI packet
88 * @brief Check if the Integrity algorithm is supported
[all …]
|
| H A D | integrity_algo.cpp | 12 namespace integrity namespace
30 throw std::runtime_error("Generating integrity data failed"); in generateHMAC()
34 // AuthCode field length is based on the integrity algorithm. So we are in generateHMAC()
50 // Verify if the generated integrity data for the packet and the received in verifyIntegrityData()
51 // integrity data matches. in verifyIntegrityData()
70 // Generated Kn for the integrity algorithm with the additional key keyed in generateKn()
75 throw std::runtime_error("Generating KeyN for integrity " in generateKn()
100 // AuthCode field length is based on the integrity algorithm. So we are in generateHMAC()
116 // Verify if the generated integrity data for the packet and the received in verifyIntegrityData()
117 // integrity data matches. in verifyIntegrityData()
[all …]
|
| H A D | auth_algo.hpp | 52 explicit Interface(integrity::Algorithms intAlgo, in Interface()
69 * Integrity Key.
82 * @brief Generate the Integrity Check Value
85 * Integrity Check Value.
91 * @note The session integrity key which is the secret key for the
127 // Session Integrity Key
131 * Integrity Algorithm is activated and set in the session data only
133 * integrity algorithm is negotiated in the Open Session Request command
134 * . So the integrity algorithm successfully negotiated is stored
137 integrity::Algorithms intAlgo;
[all …]
|
| H A D | session.hpp | 155 * @brief Get Session's Integrity Algorithm
157 * @return pointer to the integrity algorithm
167 throw std::runtime_error("Integrity Algorithm Empty"); in getIntegrityAlgo()
172 * @brief Set Session's Integrity Algorithm
174 * @param[in] integrityAlgo - unique pointer to integrity algorithm
178 std::unique_ptr<cipher::integrity::Interface>&& integrityAlgo) in setIntegrityAlgo()
183 /** @brief Check if integrity algorithm is enabled for this session.
185 * @return true if integrity algorithm is enabled else false.
301 // Integrity Algorithm Interface for the Session
302 std::unique_ptr<cipher::integrity::Interface> integrityAlgoInterface =
|
| /openbmc/phosphor-webui/ |
| H A D | package-lock.json | 10 …"integrity": "sha512-a9gxpmdXtZEInkCSHUJDLHZVBgb1QS0jhss4cPP93EW7s+uC5bikET2twEF3KV+7rDblJcmNvTR7V… string
19 …"integrity": "sha512-zeFQrr+284Ekvd9e7KAX954LkapWiOmQtsfHirhxqfdlX6MEC32iRE+pqUGlYIBchdevaCwvzxWGS… string
30 …"integrity": "sha512-kWc7L0fw1xwvI0zi8OKVBuxRVefwGOrKSQMvrQ3dW+bIIavBY3/NpXmpjMy7bQnLgwgzWQZ8TlM57… string
54 …"integrity": "sha512-4FJkXzKXEDB1snCFZlLP4gpC3JILicCpGbzG9f9G7tGqGCzETQ2hWPrcinA9oU4wtf2biUaEH5065… string
63 …"integrity": "sha512-KXPvOm8K9IJKFM0bmdn8QXh7udDh1g/giieX0NLCaMnb4hEiVFqnop2ImTXCc5e0/oHz3LTqmHGtE… string
72 …"integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUx… string
80 …"integrity": "sha512-GbNIxVB3ZJe3tLeDm1HSn2AhuD/mVcyLDpgtLXa5tplmWrJdF/elxB56XNqCuD6szyNkDi6wuoKXl… string
92 …"integrity": "sha512-6o+mJrZBxOoEX77Ezv9zwW7WV8DdluouRKNY/IR5u/YTMuKHgugHOzYWlYvYLpLA9nPsQCAAASpCI… string
101 …"integrity": "sha512-5eFOm2SyFPK4Rh3XMMRDjN7lBH0orh3ss0g3rTYZnBQ+r6YPj7lgDyCvPphynHvUrobJmeMignBr6… string
111 …"integrity": "sha512-4mWm8DCK2LugIS+p1yArqvG1Pf162upsIsjE7cNBjez+NjliQpVhj20obE520nao0o14DaTnFJv+F… string
[all …]
|
| /openbmc/linux/Documentation/admin-guide/device-mapper/ |
| H A D | dm-integrity.rst | 2 dm-integrity
5 The dm-integrity target emulates a block device that has additional
6 per-sector tags that can be used for storing integrity information.
8 A general problem with storing integrity tags with every sector is that
9 writing the sector and the integrity tag must be atomic - i.e. in case of
10 crash, either both sector and integrity tag or none of them is written.
12 To guarantee write atomicity, the dm-integrity target uses journal, it
13 writes sector data and integrity tags into a journal, commits the journal
14 and then copies the data and integrity tags to their respective location.
16 The dm-integrity target can be used with the dm-crypt target - in this
[all …]
|
| /openbmc/phosphor-net-ipmid/test/ |
| H A D | cipher.cpp | 18 * Step-1 Generate Integrity Data for the packet, using the implemented API in TEST()
23 // Hardcoded Session Integrity Key in TEST()
27 auto algoPtr = std::make_unique<cipher::integrity::AlgoSHA1>(sik); in TEST()
31 // Generate the Integrity Data in TEST()
35 cipher::integrity::AlgoSHA1::SHA1_96_AUTHCODE_LENGTH)); in TEST()
38 * Step-2 Generate Integrity data using OpenSSL SHA1 algorithm in TEST()
45 // Generated K1 for the integrity algorithm with the additional key keyed in TEST()
62 FAIL() << "Generating integrity data failed"; in TEST()
65 output.resize(cipher::integrity::AlgoSHA1::SHA1_96_AUTHCODE_LENGTH); in TEST()
68 * Step-3 Check if the integrity data we generated using the implemented API in TEST()
[all …]
|
| /openbmc/linux/block/ |
| H A D | bio-integrity.c | 3 * bio-integrity.c - bio data integrity extensions
9 #include <linux/blk-integrity.h>
39 * bio_integrity_alloc - Allocate integrity payload and attach it to bio
40 * @bio: bio to attach integrity metadata to
42 * @nr_vecs: Number of integrity metadata scatter-gather elements
44 * Description: This function prepares a bio for attaching integrity
46 * integrity metadata that can be attached.
95 * bio_integrity_free - Free bio integrity payload
98 * Description: Used to free the integrity portion of a bio. Usually
115 * bio_integrity_add_page - Attach integrity metadata
[all …]
|
| H A D | blk-integrity.c | 3 * blk-integrity.c - Block layer data integrity extensions
9 #include <linux/blk-integrity.h>
20 * blk_rq_count_integrity_sg - Count number of integrity scatterlist elements
22 * @bio: bio with integrity metadata attached
25 * scatterlist corresponding to the integrity metadata in a bio.
59 * blk_rq_map_integrity_sg - Map integrity metadata into a scatterlist
61 * @bio: bio with integrity metadata attached
64 * Description: Map the integrity vectors in request into a
111 * blk_integrity_compare - Compare integrity profile of two disks
116 * sub-devices use the same integrity format before advertising to
[all …]
|
| /openbmc/linux/security/integrity/ |
| H A D | Makefile | 3 # Makefile for caching inode integrity data (iint)
6 obj-$(CONFIG_INTEGRITY) += integrity.o
8 integrity-y := iint.o
9 integrity-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o
10 integrity-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o
11 integrity-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
12 integrity-$(CONFIG_INTEGRITY_PLATFORM_KEYRING) += platform_certs/platform_keyring.o
13 integrity-$(CONFIG_INTEGRITY_MACHINE_KEYRING) += platform_certs/machine_keyring.o
14 integrity-$(CONFIG_LOAD_UEFI_KEYS) += platform_certs/efi_parser.o \
17 integrity-$(CONFIG_LOAD_IPL_KEYS) += platform_certs/load_ipl_s390.o
[all …]
|
| H A D | Kconfig | 3 config INTEGRITY config
4 bool "Integrity subsystem"
8 This option enables the integrity subsystem, which is comprised
9 of a number of different components including the Integrity
17 if INTEGRITY
46 bool "Require all keys on the integrity keyrings be signed"
119 bool "Enables integrity auditing support "
123 In addition to enabling integrity auditing support, this
125 controls the level of integrity auditing messages.
126 0 - basic integrity auditing messages (default)
[all …]
|
| H A D | iint.c | 9 * - implements the integrity hooks: integrity_inode_alloc,
11 * - cache integrity information associated with an inode
22 #include "integrity.h"
172 * Free the integrity information(iint) associated with an inode.
203 DEFINE_LSM(integrity) = {
204 .name = "integrity",
225 * integrity_load_keys - load integrity keys hook
240 integrity_dir = securityfs_create_dir("integrity", NULL); in integrity_fs_init()
245 pr_err("Unable to create integrity sysfs dir: %d\n", in integrity_fs_init()
|
| /openbmc/webui-vue/ |
| H A D | package-lock.json | 82 …"integrity": "sha512-7s0VcTwiK/0tNOVdSX9FWMeFdOEcsAOz9HesBldXxFMaGvIak7KC2z9tV9EgsQXn6KUsWsfIkViMN… string
107 …"integrity": "sha512-BcYH1CVJBO9tvyIZ2jVeXgSIMvGZ2FDRvDdOIVQyuklNKSsx+eppDEBq/g47Ayw+RqNFE+URvOShm… string
119 …"integrity": "sha512-qJzAIcv03PyaWqxRgO4mSU3lihncDT296vnyuE2O8uA4w3UHWI4S3hgeZd1L8W1Bft40w9JxJ2b41… string
155 …"integrity": "sha512-oipXieGC3i45Y1A41t4tAqpnEZWgB/lC6Ehh6+rOviR5XWpTtMmLN+fGjz9vOiNRt0p6RtO6DtD0p… string
169 …"integrity": "sha512-BaDeOonYvhdKw+JoMVkAixAAJzG2jVPIwWoKBPdYuY9b452e2rPuI9QPYh3KpofZ3pW2akOmwZLOi… string
181 …"integrity": "sha512-xZeCVVdwb4MsDBkkyZ64tReWYrLRHlMN72vP7Bdm3OUOuyFZExhsHUUnuWnm2/XOlAJzR0LfPpB56… string
194 …"integrity": "sha512-ctSdRHBi20qWOfy27RUb4Fhp07KSJ3sXcuSvTrXrc4aG8NSYDo1ici3Vhg9bg69y5bj0Mr1lh0aeE… string
209 …"integrity": "sha512-kTkaDl7c9vO80zeX1rJxnuRpEsD5tA81yh11X1gQo+PhSti3JS+7qeZo9U4RHobKRiFPKaGK3svUA… string
232 …"integrity": "sha512-03TCmXy2FtXJEZfbXDTSqq1fRJArk7lX9DOFC/47VthYcxyIOx+eXQmdo6DOQvrbpIix+KfXwvuXd… string
249 …"integrity": "sha512-LV76g+C502biUK6AyZ3LK10vDpDyCzZnhZFXkH1L75zHPj68+qc8Zfpx2th+gzwA2MzyK+1g/3EPl… string
[all …]
|
| /openbmc/openbmc/meta-security/meta-integrity/classes/ |
| H A D | sanity-meta-integrity.bbclass | 5 if 'integrity' not in e.data.getVar('DISTRO_FEATURES').split() and not skip_check:
6 bb.warn("You have included the meta-integrity layer, but \
7 'integrity' has not been enabled in your DISTRO_FEATURES. Some bbappend files \
8 and preferred version setting may not take effect. See the meta-integrity README \
9 for details on enabling integrity support.")
|
| /openbmc/openbmc/meta-security/recipes-ids/tripwire/files/ |
| H A D | tripwire.txt | 5 3. Run the first integrity check. (/usr/sbin/tripwire--check)
12 … policy file greatly increases Tripwire software's ability to ensure the integrity of your system.
27 … the rules in the policy file. This database serves as the baseline for integrity checks. The synt…
30 Running an Integrity Check
31 …Integrity Check mode compares the current file system objects with their properties recorded in th…
39 Updating the Database after an Integrity Check
40 Database Update mode enables you to update the Tripwire database after an integrity check if you de…
56 …ine against the current system to determine what changes have occurred. This is an integrity check.
58 …n integrity check, Tripwire software produces report files. Report files summarize any changes tha…
|
| /openbmc/linux/Documentation/ABI/stable/ |
| H A D | sysfs-class-tpm | 4 Contact: linux-integrity@vger.kernel.org
12 Contact: linux-integrity@vger.kernel.org
24 Contact: linux-integrity@vger.kernel.org
32 Contact: linux-integrity@vger.kernel.org
49 Contact: linux-integrity@vger.kernel.org
72 Contact: linux-integrity@vger.kernel.org
81 Contact: linux-integrity@vger.kernel.org
89 Contact: linux-integrity@vger.kernel.org
112 Contact: linux-integrity@vger.kernel.org
164 Contact: linux-integrity@vger.kernel.org
[all …]
|
| /openbmc/openbmc/meta-security/meta-integrity/ |
| H A D | README.md | 2 integrity layer.
6 to have 'integrity' in DISTRO_FEATURES to have effect.
9 DISTRO_FEATURES:append = " integrity"
11 If meta-integrity is included, but integrity is not enabled as a
15 'integrity' has not been enabled in your DISTRO_FEATURES. Some bbappend files
45 make sure to copy the maintainer and add a "[meta-integrity]"
54 1. Adding the integrity layer to your build
59 1. Adding the integrity layer to your build
67 location of the integrity layer to bblayers.conf, along with any
74 /path/to/yocto/meta-security/meta-integrity \
[all …]
|
| /openbmc/linux/include/linux/ |
| H A D | blk-integrity.h | 48 struct blk_integrity *bi = &disk->queue->integrity; in blk_get_integrity()
65 return q->integrity.profile; in blk_integrity_queue_supports_integrity()
81 * bio_integrity_intervals - Return number of integrity intervals for a bio
86 * sectors but integrity metadata is done in terms of the data integrity
88 * to the appropriate number of integrity intervals.
108 * Return the current bvec that contains the integrity data. bip_iter may be
109 * advanced to iterate over the integrity data.
|
| H A D | t10-pi.h | 45 if (rq->q->integrity.interval_exp) in t10_pi_ref_tag()
46 shift = rq->q->integrity.interval_exp; in t10_pi_ref_tag()
76 if (rq->q->integrity.interval_exp) in ext_pi_ref_tag()
77 shift = rq->q->integrity.interval_exp; in ext_pi_ref_tag()
|
| /openbmc/openbmc/meta-security/meta-integrity/conf/ |
| H A D | layer.conf | 8 BBFILE_COLLECTIONS += "integrity"
27 BBLAYERS_LAYERINDEX_NAME_integrity = "meta-integrity"
29 # Sanity check for meta-integrity layer.
31 INHERIT += "sanity-meta-integrity"
39 WARN_QA:append:integrity = " patch-status missing-metadata"
|
| /openbmc/ipmitool/src/plugins/lanplus/ |
| H A D | README.lanplus | 13 algorithms, whereas the integrity algorithms are not all HMAC. See section
28 integrity checking. One the one hand, section 13.28.4 states explicitly
29 that HMAC integrity algorithms use the session integrity key as the HMAC
32 "all keying material for the RSP integrity and confidentiality algorithms
35 integrity and confidentiality algorithms defined in this specification,
38 of authentication codes (integrity checking). Furthermore, we are using
|
| /openbmc/linux/security/integrity/ima/ |
| H A D | Kconfig | 2 # IBM Integrity Measurement Architecture
5 bool "Integrity Measurement Architecture(IMA)"
17 The Trusted Computing Group(TCG) runtime Integrity
25 an aggregate integrity value over this list inside the
52 that IMA uses to maintain the integrity aggregate of the
87 prompt "Default integrity hash algorithm"
91 list, integrity appraisal and audit log. The compiled default
144 bool "Appraise integrity measurements"
147 This option enables local measurement integrity appraisal.
153 For more information on integrity appraisal refer to:
|
| /openbmc/phosphor-net-ipmid/command/ |
| H A D | rakp34.cpp | 25 case cipher::integrity::Algorithms::HMAC_SHA1_96: in applyIntegrityAlgo()
28 std::make_unique<cipher::integrity::AlgoSHA1>( in applyIntegrityAlgo()
32 case cipher::integrity::Algorithms::HMAC_SHA256_128: in applyIntegrityAlgo()
35 std::make_unique<cipher::integrity::AlgoSHA256>( in applyIntegrityAlgo()
177 * Session Integrity Key in RAKP34()
213 // Generate Session Integrity Key in RAKP34()
221 * Integrity Check Value in RAKP34()
250 // Integrity Check Value in RAKP34()
263 // Set the Integrity Algorithm in RAKP34()
|
| /openbmc/phosphor-dbus-interfaces/yaml/xyz/openbmc_project/Attestation/ |
| H A D | ComponentIntegrity.interface.yaml | 2 Implement to represent component integrity information acquired from a
38 change that leads to component integrity change should update this
46 whose integrity this resource authenticates.
54 component whose integrity this resource reports.
|