| /openbmc/linux/Documentation/security/ |
| H A D | credentials.rst | 2 Credentials in Linux
29 credentials. What's in the set depends on the type of object.
33 Amongst the credentials of most objects, there will be a subset that
42 Also amongst the credentials of those objects, there will be a subset that
65 A subject has an additional interpretation of its credentials. A subset
66 of its credentials forms the 'subjective context'. The subjective context
117 of its credentials. When an action is requested, they take the
122 Types of Credentials
125 The Linux kernel supports the following types of credentials:
127 1. Traditional UNIX credentials.
[all …]
|
| /openbmc/linux/kernel/ |
| H A D | cred.c | 2 /* Task credentials management - see Documentation/security/credentials.rst
42 * The initial credentials for the initial task
66 * The RCU callback to actually dispose of a set of credentials
93 * __put_cred - Destroy a set of credentials
96 * Destroy a set of credentials on which no references remain.
115 * Clean up a task's credentials when it exits
139 * get_task_cred - Get another task's objective credentials
142 * Get the objective credentials of a task, pinning them so that they can't go
143 * away. Accessing a task's credentials directly is not permitted.
165 * Allocate blank credentials, such that the credentials can be filled in at a
[all …]
|
| /openbmc/linux/include/linux/ |
| H A D | cred.h | 2 /* Credentials management - see Documentation/security/credentials.rst
37 * If the caller is accessing a task's credentials, they must hold the RCU read
175 * get_new_cred - Get a reference on a new set of credentials
176 * @cred: The new credentials to reference
178 * Get a reference on the specified set of new credentials. The caller must
188 * get_cred - Get a reference on a set of credentials
189 * @cred: The credentials to reference
191 * Get a reference on the specified set of credentials. The caller must
194 * This is used to deal with a committed set of credentials. Although the
197 * accidental alteration of a set of credentials that should be considered
[all …]
|
| /openbmc/qemu/include/crypto/ |
| H A D | tlscreds.h | 42 * types of TLS handshake credentials. Most commonly the
44 * certificate credentials.
54 * @creds: pointer to a TLS credentials object
55 * @endpoint: type of network endpoint that will be using the credentials
58 * Check whether the credentials is setup according to
61 * Returns true if the credentials is setup for the endpoint, false otherwise
|
| H A D | tlssession.h | 114 * @creds: pointer to a TLS credentials object
116 * @aclname: optional ACL to validate peer credentials against
128 * the server's credentials (aka x509 certificate).
132 * the peer's credentials. For x509 credentials, the ACL
171 * Validate the peer's credentials after a successful
176 * Returns 0 if the credentials validated, -1 on error
345 * credentials, this will return the CommonName from
|
| /openbmc/openbmc-tools/reboot-ping-pong/ |
| H A D | rpp | 10 Credentials = namedtuple("Credentials", "username, password") variable
11 Target = namedtuple("Target", "credentials, endpoint")
88 self.entity.console.credentials.username.encode()
92 self.entity.console.credentials.password.encode()
136 self.entity.console.credentials.username,
143 self.entity.console.credentials.password.encode()
181 bmccreds = Credentials("root", "0penBmc")
189 Credentials("user", "password"), Endpoint("host.somewhere.com", 22)
|
| /openbmc/qemu/include/io/ |
| H A D | channel-tls.h | 57 * @creds: the credentials to use for TLS handshake
63 * credentials provided in @creds. If the @aclname parameter
65 * credentials (ie a x509 client certificate) which will
87 * @creds: the credentials to use for TLS handshake
93 * credentials provided in @creds. The @hostname parameter
95 * and will be validated against the server's credentials
|
| /openbmc/openbmc/meta-openembedded/meta-python/recipes-devtools/python/python3-requests-toolbelt/ |
| H A D | 720240501dca0b4eacc3295665d7ced8719e11d2.patch | 53 - "Access-Control-Allow-Credentials": "true",
61 + "Access-Control-Allow-Credentials": [
123 - "Access-Control-Allow-Credentials": "true",
131 + "Access-Control-Allow-Credentials": [
193 - "Access-Control-Allow-Credentials": "true",
201 + "Access-Control-Allow-Credentials": [
263 - "Access-Control-Allow-Credentials": "true",
271 + "Access-Control-Allow-Credentials": [
333 - "Access-Control-Allow-Credentials": "true",
341 + "Access-Control-Allow-Credentials": [
[all …]
|
| /openbmc/qemu/docs/system/ |
| H A D | tls.rst | 245 QEMU has a standard mechanism for loading x509 credentials that will be
248 for the system emulators. Each set of credentials loaded should be given
250 credentials can be used for multiple network backends, so VNC,
251 migration, NBD, character devices can all share the same credentials.
252 Note, however, that credentials for use in a client endpoint must be
263 dynamically generate DH parameters when loading the credentials.
265 The ``endpoint`` parameter indicates whether the credentials will be
279 To load server credentials with client certificate validation enabled
285 while to load client credentials use
292 parameter which expects the ID of the TLS credentials object. For
|
| /openbmc/openbmc-test-automation/security/ |
| H A D | test_bmc_connections.robot | 147 # Every 100th iteration Login with correct credentials
175 Run Keyword And Ignore Error Login to GUI With Incorrect Credentials
221 Test BMCweb Stability On Continuous Redfish Login Attempts With Invalid Credentials
222 [Documentation] Make invalid credentials Redfish login attempts continuously and
223 ... verify bmcweb stability by login to Redfish with valid credentials.
226 Invalid Credentials Redfish Login Attempts
340 Login to GUI With Incorrect Credentials
348 Invalid Credentials Redfish Login Attempts
349 [Documentation] Continuous invalid credentials login attempts to Redfish and
350 ... login to Redfish with valid credentials at times and get failed login attempts.
[all …]
|
| /openbmc/qemu/crypto/ |
| H A D | tlscredspsk.c | 101 error_setg(errp, "Cannot allocate credentials: %s", in qcrypto_tls_creds_psk_load()
114 error_setg(errp, "Cannot set PSK server credentials: %s", in qcrypto_tls_creds_psk_load()
138 error_setg(errp, "Cannot allocate credentials: %s", in qcrypto_tls_creds_psk_load()
146 error_setg(errp, "Cannot set PSK client credentials: %s", in qcrypto_tls_creds_psk_load()
186 error_setg(errp, "TLS credentials support requires GNUTLS"); in qcrypto_tls_creds_psk_load()
|
| H A D | tlscredsanon.c | 54 error_setg(errp, "Cannot allocate credentials: %s", in qcrypto_tls_creds_anon_load()
70 error_setg(errp, "Cannot allocate credentials: %s", in qcrypto_tls_creds_anon_load()
107 error_setg(errp, "TLS credentials support requires GNUTLS"); in qcrypto_tls_creds_anon_load()
|
| H A D | tlssession.c | 157 error_setg(errp, "Credentials endpoint doesn't match session"); in qcrypto_tls_session_new()
204 error_setg(errp, "Cannot set session credentials: %s", in qcrypto_tls_session_new()
240 error_setg(errp, "Cannot set session credentials: %s", in qcrypto_tls_session_new()
262 error_setg(errp, "Cannot set session credentials: %s", in qcrypto_tls_session_new()
274 error_setg(errp, "Unsupported TLS credentials type %s", in qcrypto_tls_session_new()
|
| /openbmc/docs/designs/ |
| H A D | expired-password.md | 26 1. Success, when the access credentials (such as username and password) are
28 2. Failure, when either the access credentials are invalid or the account being
31 3. PasswordChangeRequired, when the access credentials are correct and the
54 credentials, whether or not those credentials have expired and must be
103 credentials are otherwise correct and the reason for the authentication
109 The `/login` URI is enhanced. If it is used with correct credentials (userid
|
| H A D | certificate-revocation-list.md | 36 Instead, Google has a dedicated daemon for credentials installation, and this
72 to reload newly installed credentials.
|
| /openbmc/openbmc-test-automation/openpower/ |
| H A D | test_inband_bmc_auth_reset.robot | 24 @{credentials}= Create List ${OPENBMC_USERNAME} ${OPENBMC_PASSWORD}
25 ${data}= create dictionary data=@{credentials}
|
| /openbmc/linux/include/linux/soc/ti/ |
| H A D | k3-ringacc.h | 28 * @K3_RINGACC_RING_MODE_CREDENTIALS: Credentials mode is message mode plus
29 * stores credentials with each message, requiring the element size to be
30 * doubled to fit the credentials. Any exposed memory should be protected
109 * Message/Credentials/Queue mode.
|
| /openbmc/bmcweb/redfish-core/schema/dmtf/json-schema/ |
| H A D | HostInterface.v1_3_3.json | 179 …ecated": "This property has been deprecated in favor of newer methods of negotiating credentials.",
190 …ecated": "This property has been deprecated in favor of newer methods of negotiating credentials.",
230 …ecated": "This property has been deprecated in favor of newer methods of negotiating credentials.",
241 …ecated": "This property has been deprecated in favor of newer methods of negotiating credentials.",
344 …ecated": "This property has been deprecated in favor of newer methods of negotiating credentials.",
352 …ecated": "This property has been deprecated in favor of newer methods of negotiating credentials.",
|
| /openbmc/openbmc-test-automation/extended/ |
| H A D | test_bmc_stress_buster.robot | 62 @{credentials}= Create List ${rest_username} ${rest_password}
63 ${data}= Create Dictionary data=@{credentials}
|
| /openbmc/linux/net/sunrpc/ |
| H A D | auth_unix.c | 77 * Match credentials against current the auth_cred.
107 * Marshal credentials.
163 * Refresh credentials. This is a no-op for AUTH_UNIX
|
| /openbmc/openbmc-test-automation/redfish/service_root/ |
| H A D | test_sessions_management.robot | 26 Create Session And Verify Response Code Using Different Credentials
27 [Documentation] Create session and verify response code using different credentials.
39 Create Session And Verify Response Code Using Operator Credentials
40 [Documentation] Create session and verify response code using operator credentials.
|
| /openbmc/linux/security/ |
| H A D | security.c | 792 * @mgr: task credentials of current binder process
908 * @new: new credentials for the target process
909 * @old: current credentials of the target process
930 * @cred: credentials to examine
936 * credentials. @cap contains the capability <include/linux/capability.h>.
1045 * security_bprm_creds_for_exec() - Prepare the credentials for exec()
1071 * ensures that the credentials will not be derived from a script that the
1114 * transformed by an execve operation, based on the old credentials pointed to
1131 * being transformed by an execve operation. The new credentials have, by this
2914 * @cred: credentials
[all …]
|
| H A D | commoncap.c | 53 * @cred: The credentials to use
232 * @new: The proposed new credentials; alterations should be made here
233 * @old: The current task's current credentials
240 * credentials, and assuming no error, will be committed by the caller of LSM.
720 * its xattrs and, if present, apply them to the proposed credentials being
875 * cap_bprm_creds_from_file - Set up the proposed credentials for execve().
877 * @file: The file to pull the credentials from
879 * Set up the proposed credentials for a new execution context being
910 * credentials unless they have the appropriate permit. in cap_bprm_creds_from_file()
1114 * @new: The proposed credentials
[all …]
|
| /openbmc/qemu/qapi/ |
| H A D | crypto.json | 12 # The type of network endpoint that will be using the credentials.
479 # @verify-peer: if true the peer credentials will be verified once the
481 # credentials. (default: true)
486 # credentials will be acting as a client or as a server
532 # credentials (default: true)
|
| /openbmc/qemu/migration/ |
| H A D | tls.c | 40 error_setg(errp, "No TLS credentials with id '%s'", tls_creds); in migration_tls_get_creds()
46 error_setg(errp, "Object with id '%s' is not TLS credentials", in migration_tls_get_creds()
|