Home
last modified time | relevance | path

Searched refs:security (Results 1 – 25 of 938) sorted by relevance

12345678910>>...38

/openbmc/linux/drivers/memory/tegra/
H A Dtegra194.c20 .security = 0x004,
30 .security = 0x00c,
40 .security = 0x014,
50 .security = 0x0ac,
60 .security = 0x0b4,
70 .security = 0x0e4,
80 .security = 0x0fc,
90 .security = 0x13c,
100 .security = 0x15c,
110 .security = 0x1ac,
[all …]
H A Dtegra186.c78 if (client->regs.sid.security == 0 && client->regs.sid.override == 0) in tegra186_mc_client_sid_override()
81 value = readl(mc->regs + client->regs.sid.security); in tegra186_mc_client_sid_override()
100 writel(value, mc->regs + client->regs.sid.security); in tegra186_mc_client_sid_override()
158 .security = 0x004,
168 .security = 0x074,
178 .security = 0x0ac,
188 .security = 0x0b4,
198 .security = 0x0e4,
208 .security = 0x0fc,
218 .security = 0x13c,
[all …]
H A Dtegra234.c29 .security = 0xac,
41 .security = 0xe4,
53 .security = 0x144,
65 .security = 0x14c,
77 .security = 0x154,
89 .security = 0x15c,
99 .security = 0x164,
109 .security = 0x16c,
119 .security = 0x174,
129 .security = 0x17c,
[all …]
/openbmc/openbmc/meta-security/recipes-core/packagegroup/
H A Dpackagegroup-core-security.bb9 packagegroup-core-security \
10 packagegroup-security-utils \
11 packagegroup-security-scanners \
12 packagegroup-security-audit \
13 packagegroup-security-ids \
14 packagegroup-security-mac \
15 packagegroup-security-compliance \
16 …${@bb.utils.contains("DISTRO_FEATURES", "ptest", "packagegroup-meta-security-ptest-packages", "", …
19 RDEPENDS:packagegroup-core-security = "\
20 packagegroup-security-utils \
[all …]
/openbmc/linux/Documentation/security/
H A Dlsm.rst20 implemented as its own particular kernel patch. Several other security
25 patch to support its security needs.
28 remarks that described a security framework he would be willing to
30 general framework that would provide a set of security hooks to control
31 operations on kernel objects and a set of opaque security fields in
32 kernel data structures for maintaining security attributes. This
34 desired model of security. Linus also suggested the possibility of
38 such a framework. LSM was a joint development effort by several security
44 security module.
50 security modules. In particular, the LSM framework is primarily focused
[all …]
/openbmc/docs/security/
H A Dobmc-security-response-team.md1 # The OpenBMC security vulnerability reporting process
3 This describes the OpenBMC security vulnerability reporting process which is
4 intended to give the project time to address security problems before public
9 - a procedure to privately report security vulnerabilities
10 - a security response team to address reported vulnerabilities
11 - the openbmc-security email address for the response team
12 - guidelines for security response team members
16 1. A community member reports a problem privately to the security response team
18 2. The responders (including the security response team, the repository
20 3. The repository maintainer creates an OpenBMC security advisory which
[all …]
H A Dobmc-security-response-team-guidelines.md3 These are the guidelines for OpenBMC security responders, including the security
5 problems reported by the [security vulnerability reporting process][].
7 Each project within OpenBMC works independently to resolve security
8 vulnerabilities. The security response team helps the maintainers, provides
23 - Communicate by opening the GitHub draft security advistory as soon as the
36 - [Create the draft security advisory][] and populate its fields.
44 - Use private channels, for example, email, GitHub draft security advistory,
46 - Inform contacts this is private work as part of the OpenBMC security
55 - Submit the problem to another security response team, for example, the
72 - Publish a security advisory to the affected OpenBMC repository.
[all …]
H A Dhow-to-report-a-security-vulnerability.md1 # How to report a security vulnerability
3 This describes how you can report an OpenBMC security vulnerability privately to
8 - You have information about a security problem or vulnerability which is not
14 To begin the process: Privately contact the OpenBMC security response team and
17 - Suggest sending an email. Use `openbmc-security at lists.ozlabs.org`.
20 not, the security response team will help route the problem.
21 - Include details about the security problem such as:
29 the security response team can help you route the problem.
31 When the project owners get a new security problem, they will create a [GitHub
32 security advisory][] in their repository and begin work. The advisory has draft
[all …]
/openbmc/openbmc/meta-security/
H A DREADME.md2 …s](https://gitlab.com/akuster/meta-security/badges/master-next/pipeline.svg)](https://gitlab.com/a…
4 …tus](https://gitlab.com/akuster/meta-security/badges/master/pipeline.svg)](https://gitlab.com/akus…
6 Meta-security
10 to have 'security' in DISTRO_FEATURES to have effect.
13 DISTRO_FEATURES:append = " security"
15 If meta-security is included, but security is not enabled as a
18 You have included the meta-security layer, but
19 'security' has not been enabled in your DISTRO_FEATURES. Some bbappend files
27 This layer provides security tools, hardening tools for Linux kernels
28 and libraries for implementing security mechanisms.
[all …]
/openbmc/openbmc/meta-arm/
H A DSECURITY.md3 Arm takes security issues seriously and welcomes feedback from researchers and
4 the security community in order to improve the security of its products and
6 vulnerabilities and other security issues.
10 security notifications and fixes to be available and facilitate coordinated
18 meta-arm@lists.yoctoproject.org and arm-security@arm.com.
21 to the maintainers \(see [README.md](/README.md)\) and arm-security@arm.com, including as much
24 …rmation, please visit https://developer.arm.com/support/arm-security-updates/report-security-vulne…
27 ## Branches maintained with security fixes
36 security patches, but well-tested patches may still be accepted for them for
43 pull upstream components, incorporating their respective security fixes
[all …]
/openbmc/openbmc/meta-security/dynamic-layers/meta-perl/recipes-core/packagegroup/
H A Dpackagegroup-core-security.bbappend4 packagegroup-security-hardening \
6 RDEPENDS:packagegroup-core-security += "\
7 packagegroup-security-hardening \
10 SUMMARY:packagegroup-security-hardening = "Security Hardening tools"
11 RDEPENDS:packagegroup-security-hardening = " \
15 RDEPENDS:packagegroup-security-scanners += "\
/openbmc/openbmc/poky/documentation/dev-manual/
H A Dsecurity-subjects.rst8 and need to handle security issues and practices both internal (in the code
12 This manual assembles security-related information concerning the whole
13 ecosystem. It includes information on reporting a potential security issue,
15 related code. It is written to be useful for both security researchers and
18 How to report a potential security vulnerability?
26 a message to security AT yoctoproject DOT org, including as many details as
32 reporting potential security issues in the specific ``SECURITY.md`` file at the
39 Branches maintained with security fixes
49 maintained with security patches, but well-tested patches may still be accepted
55 We have set up two security-related mailing lists:
[all …]
/openbmc/linux/Documentation/driver-api/nvdimm/
H A Dsecurity.rst9 specification [1], security DSMs are introduced. The spec added the following
10 security DSMs: "get security state", "set passphrase", "disable passphrase",
12 data structure has been added to struct dimm in order to support the security
17 The "security" sysfs attribute is provided in the nvdimm sysfs directory. For
19 /sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/security
21 The "show" attribute of that attribute will display the security state for
23 frozen, and overwrite. If security is not supported, the sysfs attribute
27 in order to support some of the security functionalities:
29 disable <keyid> - disable enabled security and remove key.
30 freeze - freeze changing of security states.
[all …]
/openbmc/openbmc/meta-security/recipes-scanners/buck-security/
H A Dbuck-security_0.7.bb1 SUMMARY = "Linux security scanner"
2 DESCRIPTION = "Buck-Security is a security scanner for Debian and Ubuntu Linux. It runs a couple of…
3 system. This enables you to quickly overview the security status of your Linux system."
4 SECTION = "security"
8 SRC_URI = "http://sourceforge.net/projects/buck-security/files/buck-security/buck-security_${PV}/${…
21 cp -r ${S}/buck-security ${D}${bindir}
22 …:Spec->catfile(dirname(File::Spec->rel2abs(__FILE__)), "buck/checks")!' ${D}${bindir}/buck-security
23 …c->catfile(dirname(File::Spec->rel2abs(__FILE__)), "buck/checks/lib")!' ${D}${bindir}/buck-security
24 …le::Spec->catfile(dirname(File::Spec->rel2abs(__FILE__)), "buck/lib")!' ${D}${bindir}/buck-security
25 …= File::Spec->catfile(dirname(File::Spec->rel2abs(__FILE__)), "buck")!' ${D}${bindir}/buck-security
/openbmc/linux/Documentation/netlabel/
H A Dintroduction.rst12 NetLabel is a mechanism which can be used by kernel security modules to attach
13 security attributes to outgoing network packets generated from user space
14 applications and read security attributes from incoming network packets. It
16 layer, and the kernel security module API.
22 network packet's security attributes. If any translation between the network
23 security attributes and those on the host are required then the protocol
26 the NetLabel kernel security module API described below.
44 The purpose of the NetLabel security module API is to provide a protocol
46 to protocol independence, the security module API is designed to be completely
50 Detailed information about the NetLabel security module API can be found in the
H A Dlsm_interface.rst12 NetLabel is a mechanism which can set and retrieve security attributes from
15 The NetLabel security module API is defined in 'include/net/netlabel.h' but a
22 it uses the concept of security attributes to refer to the packet's security
23 labels. The NetLabel security attributes are defined by the
25 NetLabel subsystem converts the security attributes to and from the correct
28 security attributes into whatever security identifiers are in use for their
44 label and the internal LSM security identifier can be time consuming. The
47 LSM has received a packet, used NetLabel to decode its security attributes,
48 and translated the security attributes into a LSM internal identifier the LSM
/openbmc/linux/Documentation/process/
H A Dsecurity-bugs.rst6 Linux kernel developers take security very seriously. As such, we'd
7 like to know when a security bug is found so that it can be fixed and
8 disclosed as quickly as possible. Please report security bugs to the
9 Linux kernel security team.
14 The Linux kernel security team can be contacted by email at
15 <security@kernel.org>. This is a private list of security officers
19 security team will bring in extra help from area maintainers to
20 understand and fix the security vulnerability.
39 The security list is not a disclosure channel. For that, see Coordination
62 information submitted to the security list and any followup discussions
[all …]
/openbmc/linux/security/integrity/evm/
H A DKconfig11 EVM protects a file's security extended attributes against
37 In addition to the original security xattrs (eg. security.selinux,
38 security.SMACK64, security.capability, and security.ima) included
40 Smack xattrs: security.SMACK64EXEC, security.SMACK64TRANSMUTE and
41 security.SMACK64MMAP.
56 /sys/kernel/security/integrity/evm/evm_xattrs.
/openbmc/pldm/
H A D.clang-tidy114 clang-analyzer-security.FloatLoopCounter,
115 clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,
116 clang-analyzer-security.insecureAPI.SecuritySyntaxChecker,
117 clang-analyzer-security.insecureAPI.UncheckedReturn,
118 clang-analyzer-security.insecureAPI.bcmp,
119 clang-analyzer-security.insecureAPI.bcopy,
120 clang-analyzer-security.insecureAPI.bzero,
121 clang-analyzer-security.insecureAPI.decodeValueOfObjCType,
122 clang-analyzer-security.insecureAPI.getpw,
123 clang-analyzer-security.insecureAPI.gets,
[all …]
/openbmc/openbmc/meta-openembedded/meta-oe/recipes-support/ssiapi/ssiapi/
H A D0004-Do-not-override-flags-coming-from-build-environment.patch6 e.g. we need some optimization level turned on when security flags are enabled
24 …ty=hidden -D_GNU_SOURCE -O3 -fstack-protector -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -fPIC"
25 -CFLAGS="-std=gnu99 -fstack-protector -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -fPIC"
26 …sibility-inlines-hidden -O3 -fstack-protector -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -fPIC"
27 …ty=hidden -D_GNU_SOURCE -O3 -fstack-protector -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -fPIC"
28 +#CFLAGS="-std=gnu99 -fstack-protector -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -fPIC"
29 …sibility-inlines-hidden -O3 -fstack-protector -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -fPIC"
/openbmc/docs/
H A DSECURITY.md3 ## How to report a security vulnerability
5 This describes how you can report an OpenBMC security vulnerability privately to
10 - You have information about a security problem which is not yet publicly
18 - Send an email to `openbmc-security at lists.ozlabs.org` with details about the
19 security problem such as:
26 The OpenBMC security response team (SRT) will respond to you and work to address
30 Anyone brought onboard should be given a link to the OpenBMC [security
38 - Create an OpenBMC security advisory.
55 [security response team guidelines]: ./obmc-security-response-team-guidelines.md
/openbmc/linux/security/selinux/
H A Dxfrm.c67 return selinux_authorizable_ctx(x->security); in selinux_authorizable_xfrm()
180 if (!xp->security) in selinux_xfrm_state_pol_flow_match()
181 if (x->security) in selinux_xfrm_state_pol_flow_match()
188 if (!x->security) in selinux_xfrm_state_pol_flow_match()
196 state_sid = x->security->ctx_sid; in selinux_xfrm_state_pol_flow_match()
221 return x->security->ctx_sid; in selinux_xfrm_skb_sid_egress()
236 struct xfrm_sec_ctx *ctx = x->security; in selinux_xfrm_skb_sid_ingress()
334 return selinux_xfrm_alloc_user(&x->security, uctx, GFP_KERNEL); in selinux_xfrm_state_alloc()
372 x->security = ctx; in selinux_xfrm_state_alloc_acquire()
384 selinux_xfrm_free(x->security); in selinux_xfrm_state_free()
[all …]
/openbmc/linux/security/
H A DKconfig8 source "security/keys/Kconfig"
55 bool "Enable different security models"
59 This allows you to choose different security modules to be
62 If this option is not selected, the default Linux security
71 various security modules (AppArmor, IMA, SafeSetID, TOMOYO, TPM).
79 This enables the socket and networking security hooks.
80 If enabled, a security module can use these hooks to
88 This enables the Infiniband security hooks.
89 If enabled, a security module can use these hooks to
97 This enables the XFRM (IPSec) networking security hooks.
[all …]
/openbmc/openbmc/meta-security/classes/
H A Dsanity-meta-security.bbclass5 if 'security' not in e.data.getVar('DISTRO_FEATURES').split() and not skip_check:
6 bb.warn("You have included the meta-security layer, but \
7 'security' has not been enabled in your DISTRO_FEATURES. Some bbappend files \
8 and preferred version setting may not take effect. See the meta-security README \
9 for details on enabling security support.")
/openbmc/linux/Documentation/admin-guide/LSM/
H A Dapparmor.rst8 AppArmor is MAC style security extension for the Linux kernel. It implements
19 If AppArmor should be selected as the default security module then set::
26 If AppArmor is not the default security module it can be enabled by passing
27 ``security=apparmor`` on the kernel's command line.
29 If AppArmor is the default security module it can be disabled by passing
30 ``apparmor=0, security=XXXX`` (where ``XXXX`` is valid security module), on the

12345678910>>...38