Home
last modified time | relevance | path

Searched refs:keyrings (Results 1 – 14 of 14) sorted by relevance

/linux/security/integrity/
A DKconfig20 bool "Digital signature verification using multiple keyrings"
26 using multiple keyrings. It defines separate keyrings for each
28 Different keyrings improves search performance, but also allow
30 This is useful for evm and module keyrings, when keys are
46 bool "Require all keys on the integrity keyrings be signed"
52 .evm keyrings be signed by a key on the system trusted
/linux/security/keys/
A DKconfig19 to five standard keyrings: UID-specific, GID-specific, session,
43 bool "Enable register of persistent per-UID keyrings"
46 This option provides a register of persistent per-UID keyrings,
47 primarily aimed at Kerberos key storage. The keyrings are persistent
126 on keys and keyrings on which the caller has View permission.
/linux/Documentation/ABI/testing/
A Dima_policy31 [appraise_flag=] [appraise_algos=] [keyrings=]
54 keyrings:= list of keyrings
145 measure func=KEY_CHECK keyrings=.builtin_trusted_keys|.ima
/linux/Documentation/security/keys/
A Dcore.rst26 tokens, keyrings, etc.. These are represented in the kernel by struct key.
161 * Each user ID resident in the system holds two special keyrings: a user
186 manipulate keys and keyrings.
223 only recurse into nested keyrings that have search permission set.
262 Note, however, that the default keyrings associated with the root user are
420 * Search the process's keyrings for a key, potentially calling out to
594 keyrings are the same, nothing is done.
628 error EACCES will result. Only keyrings that the process has search
763 authorisation key associated with the specified key in its keyrings
1126 keyrings. There are three functions for dealing with these::
[all …]
A Drequest-key.rst81 2) request_key() searches the process's subscribed keyrings to see if there's
107 This will permit it to then search the keyrings of process A with the
127 This is because process A's keyrings can't simply be attached to
/linux/security/integrity/ima/
A Dima_policy.c99 struct ima_rule_opt_list *keyrings; /* Measure keys added to these keyrings */ member
376 ima_free_rule_opt_list(entry->keyrings); in ima_free_rule()
505 if (!rule->keyrings) in ima_match_rule_data()
508 opt_list = rule->keyrings; in ima_match_rule_data()
1510 entry->keyrings) { in ima_parse_rule()
1515 entry->keyrings = ima_alloc_rule_opt_list(args); in ima_parse_rule()
1516 if (IS_ERR(entry->keyrings)) { in ima_parse_rule()
1517 result = PTR_ERR(entry->keyrings); in ima_parse_rule()
1518 entry->keyrings = NULL; in ima_parse_rule()
2018 ima_show_rule_opt_list(m, entry->keyrings); in ima_policy_show()
A DKconfig273 Keys may be added to the IMA or IMA blacklist keyrings, if the
275 secondary trusted keyrings.
280 built-in or secondary trusted keyrings.
283 bool "Create IMA machine owner blacklist keyrings (EXPERIMENTAL)"
/linux/Documentation/security/
A Dcredentials.rst180 4. Keys and keyrings.
190 of keyrings:
197 cached on one of these keyrings for future accesses to find.
264 4. the reference count on any keyrings it points to may be changed;
266 5. any keyrings it points to may be revoked, expired or have their security
269 6. the contents of any keyrings to which it points may be changed (the whole
270 point of keyrings being a shared set of credentials, modifiable by anyone
282 longer permit attachment to process-specific keyrings in the requesting
295 changed, the keyrings subscribed to may have their contents altered.
/linux/Documentation/networking/
A Ddns_resolver.rst125 keyrings for a cached DNS result. If that fails to find one, it upcalls to
A Drxrpc.rst449 extracted from the calling process's keyrings with request_key() and
/linux/Documentation/crypto/
A Dasymmetric-keys.rst348 2) Restrict using the kernel builtin and secondary trusted keyrings
353 The kernel builtin and secondary trusted keyrings will be searched for the
/linux/Documentation/
A Dwatch_queue.rst235 Notifications of this type indicate changes to keys and keyrings, including
/linux/Documentation/filesystems/
A Dfscrypt.rst728 added is limited by the user's quota for the keyrings service (see
809 Nevertheless, to add a key to one of the process-subscribed keyrings,
848 process-subscribed keyrings mechanism.
1022 process-subscribed keyrings.
/linux/
A DMAINTAINERS3009 L: keyrings@vger.kernel.org
4410 L: keyrings@vger.kernel.org
10520 L: keyrings@vger.kernel.org
10531 L: keyrings@vger.kernel.org
10541 L: keyrings@vger.kernel.org
10549 L: keyrings@vger.kernel.org

Completed in 33 milliseconds