Home
last modified time | relevance | path

Searched refs:integrity (Results 1 – 25 of 259) sorted by relevance

1234567891011

/openbmc/linux/security/integrity/
H A DMakefile6 obj-$(CONFIG_INTEGRITY) += integrity.o
8 integrity-y := iint.o
9 integrity-$(CONFIG_INTEGRITY_AUDIT) += integrity_audit.o
10 integrity-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o
11 integrity-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
12 integrity-$(CONFIG_INTEGRITY_PLATFORM_KEYRING) += platform_certs/platform_keyring.o
13 integrity-$(CONFIG_INTEGRITY_MACHINE_KEYRING) += platform_certs/machine_keyring.o
14 integrity-$(CONFIG_LOAD_UEFI_KEYS) += platform_certs/efi_parser.o \
17 integrity-$(CONFIG_LOAD_IPL_KEYS) += platform_certs/load_ipl_s390.o
18 integrity-$(CONFIG_LOAD_PPC_KEYS) += platform_certs/efi_parser.o \
H A DKconfig8 This option enables the integrity subsystem, which is comprised
46 bool "Require all keys on the integrity keyrings be signed"
119 bool "Enables integrity auditing support "
123 In addition to enabling integrity auditing support, this
125 controls the level of integrity auditing messages.
126 0 - basic integrity auditing messages (default)
127 1 - additional integrity auditing messages
129 Additional informational integrity auditing messages would
133 source "security/integrity/ima/Kconfig"
134 source "security/integrity/evm/Kconfig"
/openbmc/linux/Documentation/block/
H A Ddata-integrity.rst18 support for appending integrity metadata to an I/O. The integrity
29 DIF and the other integrity extensions is that the protection format
31 integrity of the I/O and reject it if corruption is detected. This
40 allow the operating system to interact with the integrity metadata
46 information to each sector. The data + integrity metadata is stored
53 encouraged them to allow separation of the data and integrity metadata
67 when writing and vice versa. This allows the integrity metadata to be
73 buffers and the integrity metadata. These two distinct buffers must
76 The separation of the data and integrity metadata buffers as well as
85 The data integrity framework in Linux enables protection information
[all …]
/openbmc/phosphor-net-ipmid/test/
H A Dcipher.cpp27 auto algoPtr = std::make_unique<cipher::integrity::AlgoSHA1>(sik); in TEST()
35 cipher::integrity::AlgoSHA1::SHA1_96_AUTHCODE_LENGTH)); in TEST()
65 output.resize(cipher::integrity::AlgoSHA1::SHA1_96_AUTHCODE_LENGTH); in TEST()
113 output.resize(cipher::integrity::AlgoSHA1::SHA1_96_AUTHCODE_LENGTH); in TEST()
129 auto algoPtr = std::make_unique<cipher::integrity::AlgoSHA1>(sik); in TEST()
148 std::vector<uint8_t> integrity = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12}; in TEST() local
150 packet.insert(packet.end(), integrity.begin(), integrity.end()); in TEST()
154 std::advance(integrityIter, integrity.size()); in TEST()
164 auto algoPtr = std::make_unique<cipher::integrity::AlgoSHA1>(sik); in TEST()
189 auto algoPtr = std::make_unique<cipher::integrity::AlgoSHA256>(sik); in TEST()
[all …]
/openbmc/linux/Documentation/admin-guide/device-mapper/
H A Ddm-integrity.rst2 dm-integrity
5 The dm-integrity target emulates a block device that has additional
6 per-sector tags that can be used for storing integrity information.
8 A general problem with storing integrity tags with every sector is that
9 writing the sector and the integrity tag must be atomic - i.e. in case of
10 crash, either both sector and integrity tag or none of them is written.
12 To guarantee write atomicity, the dm-integrity target uses journal, it
13 writes sector data and integrity tags into a journal, commits the journal
14 and then copies the data and integrity tags to their respective location.
16 The dm-integrity target can be used with the dm-crypt target - in this
[all …]
/openbmc/openbmc/meta-security/meta-integrity/classes/
H A Dsanity-meta-integrity.bbclass5 if 'integrity' not in e.data.getVar('DISTRO_FEATURES').split() and not skip_check:
6 bb.warn("You have included the meta-integrity layer, but \
7 'integrity' has not been enabled in your DISTRO_FEATURES. Some bbappend files \
8 and preferred version setting may not take effect. See the meta-integrity README \
9 for details on enabling integrity support.")
/openbmc/linux/include/linux/
H A Dt10-pi.h45 if (rq->q->integrity.interval_exp) in t10_pi_ref_tag()
46 shift = rq->q->integrity.interval_exp; in t10_pi_ref_tag()
76 if (rq->q->integrity.interval_exp) in ext_pi_ref_tag()
77 shift = rq->q->integrity.interval_exp; in ext_pi_ref_tag()
H A Dblk-integrity.h48 struct blk_integrity *bi = &disk->queue->integrity; in blk_get_integrity()
65 return q->integrity.profile; in blk_integrity_queue_supports_integrity()
/openbmc/linux/Documentation/ABI/stable/
H A Dsysfs-class-tpm4 Contact: linux-integrity@vger.kernel.org
12 Contact: linux-integrity@vger.kernel.org
24 Contact: linux-integrity@vger.kernel.org
32 Contact: linux-integrity@vger.kernel.org
49 Contact: linux-integrity@vger.kernel.org
72 Contact: linux-integrity@vger.kernel.org
81 Contact: linux-integrity@vger.kernel.org
89 Contact: linux-integrity@vger.kernel.org
112 Contact: linux-integrity@vger.kernel.org
164 Contact: linux-integrity@vger.kernel.org
[all …]
/openbmc/phosphor-net-ipmid/
H A Dauth_algo.hpp52 explicit Interface(integrity::Algorithms intAlgo, in Interface()
137 integrity::Algorithms intAlgo;
164 explicit AlgoSHA1(integrity::Algorithms intAlgo, in AlgoSHA1()
199 explicit AlgoSHA256(integrity::Algorithms intAlgo, in AlgoSHA256()
/openbmc/linux/tools/testing/selftests/net/
H A Dtcp_mmap.c89 static int integrity; /* -i option: sender and receiver compute sha256 over the data.*/ variable
205 if (integrity) { in child_thread()
233 if (integrity) in child_thread()
249 if (integrity) in child_thread()
268 if (integrity) in child_thread()
280 if (integrity) { in child_thread()
504 integrity = 1; in main()
581 if (integrity) { in main()
601 if (integrity) in main()
605 if (integrity && total == FILE_SZ) { in main()
/openbmc/openbmc/meta-security/meta-integrity/
H A DREADME.md2 integrity layer.
6 to have 'integrity' in DISTRO_FEATURES to have effect.
9 DISTRO_FEATURES:append = " integrity"
11 If meta-integrity is included, but integrity is not enabled as a
15 'integrity' has not been enabled in your DISTRO_FEATURES. Some bbappend files
45 make sure to copy the maintainer and add a "[meta-integrity]"
54 1. Adding the integrity layer to your build
59 1. Adding the integrity layer to your build
67 location of the integrity layer to bblayers.conf, along with any
74 /path/to/yocto/meta-security/meta-integrity \
[all …]
/openbmc/ipmitool/src/plugins/lanplus/
H A DREADME.lanplus13 algorithms, whereas the integrity algorithms are not all HMAC. See section
28 integrity checking. One the one hand, section 13.28.4 states explicitly
29 that HMAC integrity algorithms use the session integrity key as the HMAC
32 "all keying material for the RSP integrity and confidentiality algorithms
35 integrity and confidentiality algorithms defined in this specification,
38 of authentication codes (integrity checking). Furthermore, we are using
/openbmc/phosphor-net-ipmid/command/
H A Dopen_session.cpp42 if (!cipher::integrity::Interface::isAlgorithmSupported( in openSession()
43 static_cast<cipher::integrity::Algorithms>(request->intAlgo))) in openSession()
82 static_cast<cipher::integrity::Algorithms>(request->intAlgo), in openSession()
H A Drakp34.cpp25 case cipher::integrity::Algorithms::HMAC_SHA1_96: in applyIntegrityAlgo()
28 std::make_unique<cipher::integrity::AlgoSHA1>( in applyIntegrityAlgo()
32 case cipher::integrity::Algorithms::HMAC_SHA256_128: in applyIntegrityAlgo()
35 std::make_unique<cipher::integrity::AlgoSHA256>( in applyIntegrityAlgo()
/openbmc/u-boot/arch/x86/include/asm/fsp/
H A Dfsp_ffs.h50 union ffs_integrity integrity; member
73 union ffs_integrity integrity; member
/openbmc/linux/block/
H A Dblk-integrity.c123 struct blk_integrity *b1 = &gd1->queue->integrity; in blk_integrity_compare()
124 struct blk_integrity *b2 = &gd2->queue->integrity; in blk_integrity_compare()
217 return &dev_to_disk(dev)->queue->integrity; in dev_to_bi()
364 struct blk_integrity *bi = &disk->queue->integrity; in blk_integrity_register()
394 struct blk_integrity *bi = &disk->queue->integrity; in blk_integrity_unregister()
H A Dt10-pi.c137 const int tuple_sz = rq->q->integrity.tuple_size; in t10_pi_type1_prepare()
186 unsigned intervals = nr_bytes >> rq->q->integrity.interval_exp; in t10_pi_type1_complete()
187 const int tuple_sz = rq->q->integrity.tuple_size; in t10_pi_type1_complete()
376 const int tuple_sz = rq->q->integrity.tuple_size; in ext_pi_type1_prepare()
414 unsigned intervals = nr_bytes >> rq->q->integrity.interval_exp; in ext_pi_type1_complete()
415 const int tuple_sz = rq->q->integrity.tuple_size; in ext_pi_type1_complete()
/openbmc/openbmc/poky/bitbake/lib/bb/fetch2/
H A Dnpm.py67 def npm_integrity(integrity): argument
72 algo, value = integrity.split("-", maxsplit=1)
227 integrity = view.get("dist", {}).get("integrity")
230 if integrity is not None:
231 checksum_name, checksum_expected = npm_integrity(integrity)
H A Dnpmsw.py98 integrity = params.get("integrity", None)
103 if is_semver(version) and integrity:
113 checksum_name, checksum_expected = npm_integrity(integrity)
131 elif version.startswith("http") and integrity:
137 checksum_name, checksum_expected = npm_integrity(integrity)
/openbmc/linux/Documentation/staging/
H A Dxz.rst16 for integrity checking. The home page of XZ Embedded is at
59 Since the XZ Embedded supports only streams with no integrity check or
60 CRC32, make sure that you don't use some other integrity check type
67 which will verify the integrity of the uncompressed data anyway.
68 Double checking the integrity would probably be waste of CPU cycles.
70 by the decoder; you can only change the integrity check type (or
/openbmc/linux/security/integrity/evm/
H A DKconfig12 integrity attacks.
56 /sys/kernel/security/integrity/evm/evm_xattrs.
67 verify EVM integrity starting from the 'init' process. The
/openbmc/openbmc/meta-security/recipes-ids/tripwire/files/
H A Dtripwire.txt5 3. Run the first integrity check. (/usr/sbin/tripwire--check)
12 … policy file greatly increases Tripwire software's ability to ensure the integrity of your system.
27 … the rules in the policy file. This database serves as the baseline for integrity checks. The synt…
40 Database Update mode enables you to update the Tripwire database after an integrity check if you de…
56 …ine against the current system to determine what changes have occurred. This is an integrity check.
58 …n integrity check, Tripwire software produces report files. Report files summarize any changes tha…
/openbmc/docs/designs/
H A Dredfish-spdm-attestation.md15 to authenticate device identity, hardware configuration and firmware integrity.
36 identity and integrity of devices.
66 `Attestation.ComponentIntegrity` provides basic component integrity information,
67 including the protocol to measure the integrity, last updated time, attestation
69 including a link to the trusted component that the component integrity object is
70 reporting, and a link to the systems that the component integrity object is
82 [component-integrity](https://gerrit.openbmc.org/c/openbmc/phosphor-dbus-interfaces/+/64354).
90 a device. It can securely measure the integrity information of a device.
99 integrity object reported by this `TrustedComponent`.
195 trusted component object and component integrity object.
/openbmc/linux/security/integrity/ima/
H A DKconfig25 an aggregate integrity value over this list inside the
52 that IMA uses to maintain the integrity aggregate of the
87 prompt "Default integrity hash algorithm"
91 list, integrity appraisal and audit log. The compiled default
144 bool "Appraise integrity measurements"
147 This option enables local measurement integrity appraisal.
153 For more information on integrity appraisal refer to:

1234567891011