Home
last modified time | relevance | path

Searched full:encryption (Results 1 – 25 of 315) sorted by relevance

12345678910>>...13

/linux/arch/x86/mm/
H A Dmem_encrypt_boot.S3 * AMD Memory Encryption Support
26 * RCX - virtual address of the encryption workarea, including:
28 * - encryption routine page (PAGE_SIZE)
30 * R8 - physical address of the pagetables to use for encryption
39 addq $PAGE_SIZE, %rax /* Workarea encryption routine */
46 /* Copy encryption routine into the workarea */
47 movq %rax, %rdi /* Workarea encryption routine */
48 leaq __enc_copy(%rip), %rsi /* Encryption routine */
49 movq $(.L__enc_copy_end - __enc_copy), %rcx /* Encryption routine length */
55 movq %r8, %rdx /* Pagetables used for encryption */
[all …]
H A Dmem_encrypt_amd.c3 * AMD Memory Encryption Support
49 /* Buffer used for early in-place encryption by BSP, no locking needed */
83 * This routine does not change the underlying encryption setting of the
162 /* Use early_pmd_flags but remove the encryption mask */ in __sme_early_map_unmap_mem()
290 * to invalidate the memory before encryption attribute is cleared. in amd_enc_status_change_prepare()
353 /* Change the page encryption mask. */ in set_pte_enc_mask()
424 * the number of pages to set/clear encryption bit is smaller in early_set_memory_enc_dec()
486 /* Update the protection map with memory encryption mask */ in sme_early_init()
553 * If the unused memory range was mapped decrypted, change the encryption in mem_encrypt_free_decrypted_mem()
555 * re-encryption on the same condition used for the decryption in in mem_encrypt_free_decrypted_mem()
/linux/Documentation/admin-guide/device-mapper/
H A Ddm-crypt.rst5 Device-Mapper's "crypt" target provides transparent encryption of block devices
17 Encryption cipher, encryption mode and Initial Vector (IV) generator.
52 Key used for encryption. It is encoded either as a hexadecimal number
66 The encryption key size in bytes. The kernel key payload size must match
112 Perform encryption using the same cpu that IO was submitted on.
113 The default is to use an unbound workqueue so that encryption work
122 Disable offloading writes to a separate thread after encryption.
124 encryption threads to a single thread degrades performance
144 For Authenticated Encryption with Additional Data (AEAD)
155 Use <bytes> as the encryption unit instead of 512 bytes sectors.
[all …]
/linux/drivers/crypto/
H A Dsa2ul.h72 #define SA_ENG_ID_EM2 3 /* Encryption/Decryption enginefor pass 2 */
113 #define SA_CTX_ENC_TYPE1_SZ 64 /* Encryption SC with Key only */
114 #define SA_CTX_ENC_TYPE2_SZ 96 /* Encryption SC with Key and Aux1 */
126 * Bit 2-3: Fetch Encryption/Air Ciphering Bytes
231 * @submode: Encryption submodes
232 * @enc_size: Size of first pass encryption size
233 * @enc_size2: Size of second pass encryption size
234 * @enc_offset: Encryption payload offset in the packet
235 * @enc_iv: Encryption initialization vector for pass2
236 * @enc_iv2: Encryption initialization vector for pass2
[all …]
/linux/fs/crypto/
H A Dpolicy.c3 * Encryption policy functions for per-file encryption support.
23 * fscrypt_policies_equal() - check whether two encryption policies are the same
66 * Return %true if the given combination of encryption modes is supported for v1
67 * (and later) encryption policies.
69 * Do *not* add anything new here, since v1 encryption policies are deprecated.
134 * IV_INO_LBLK_* with other encryption modes arises. in supported_iv_ino_lblk_policy()
189 "Unsupported encryption modes (contents %d, filenames %d)", in fscrypt_supported_v1_policy()
197 fscrypt_warn(inode, "Unsupported encryption flags (0x%02x)", in fscrypt_supported_v1_policy()
225 "Unsupported encryption modes (contents %d, filenames %d)", in fscrypt_supported_v2_policy()
235 fscrypt_warn(inode, "Unsupported encryption flags (0x%02x)", in fscrypt_supported_v2_policy()
[all …]
/linux/include/linux/
H A Dblk-crypto-profile.h15 * struct blk_crypto_ll_ops - functions to control inline encryption hardware
17 * Low-level operations for controlling inline encryption hardware. This
19 * encryption. All functions may sleep, are serialized by profile->lock, and
25 * @keyslot_program: Program a key into the inline encryption hardware.
27 * Program @key into the specified @slot in the inline encryption
42 * @keyslot_evict: Evict a key from the inline encryption hardware.
119 * struct blk_crypto_profile - inline encryption profile for a device
121 * This struct contains a storage device's inline encryption capabilities (e.g.
123 * inline encryption hardware (e.g. programming and evicting keys), and optional
131 * @ll_ops: Driver-provided functions to control the inline encryption
/linux/Documentation/crypto/
H A Dkrb5.rst17 - Encryption Mode.
24 This API provides Kerberos 5-style cryptography for key derivation, encryption
83 type for encryption and checksumming respectively. They hold
93 encryption mode.
97 * ``block_len``, ``conf_len`` and ``cksum_len`` are the encryption block
99 used in encryption mode, but only the checksum length is used in checksum
109 Once the application has selected an encryption type, the keys that will be
150 (checksum-only or full encryption).
195 crypto object, an AEAD template for encryption and a synchronous hash for
199 Encryption Mode
[all …]
H A Ddescore-readme.rst5 Fast & Portable DES encryption & decryption
15 des - fast & portable DES encryption & decryption.
41 1. Highest possible encryption/decryption PERFORMANCE.
62 - 30us per encryption (options: 64k tables, no IP/FP)
63 - 33us per encryption (options: 64k tables, FIPS standard bit ordering)
64 - 45us per encryption (options: 2k tables, no IP/FP)
65 - 48us per encryption (options: 2k tables, FIPS standard bit ordering)
68 this has the quickest encryption/decryption routines i've seen.
80 - 53us per encryption (uses 2k of tables)
85 encryption/decryption is still slower on the sparc and 68000.
[all …]
/linux/net/sunrpc/
H A DKconfig
/linux/Documentation/virt/kvm/x86/
H A Damd-memory-encryption.rst31 Bit[23] 1 = memory encryption can be enabled
32 0 = memory encryption can not be enabled
35 Bit[0] 1 = memory encryption can be enabled
36 0 = memory encryption can not be enabled
45 SEV hardware uses ASIDs to associate a memory encryption key with a VM.
132 The KVM_SEV_LAUNCH_START command is used for creating the memory encryption
133 context. To create the encryption context, user must provide a guest policy,
336 outgoing guest encryption context.
367 outgoing guest memory region with the encryption context creating using
395 issued by the hypervisor to delete the encryption context.
[all …]
/linux/drivers/crypto/aspeed/
H A DKconfig7 throughput of hash data digest, encryption and decryption.
45 Supports AES/DES symmetric-key encryption and decryption
56 Supports 256 bits to 4096 bits RSA encryption/decryption
/linux/include/crypto/
H A Daead.h3 * AEAD: Authenticated Encryption with Associated Data
18 * DOC: Authenticated Encryption With Associated Data (AEAD) Cipher API
23 * The most prominent examples for this type of encryption is GCM and CCM.
35 * associated data memory location before performing the encryption or
50 * during encryption (resp. decryption). The authentication tag is generated
51 * during the encryption operation and appended to the ciphertext. During
55 * In-place encryption/decryption is enabled by using the same scatterlist
115 * during encryption or the size of the authentication tag to be
316 * data returned by the encryption or decryption operation
429 * IMPORTANT NOTE The encryption operation creates the authentication data /
[all …]
/linux/net/tipc/
H A Dcrypto.h73 * TIPC encryption message format:
97 * Ver : = 7 i.e. TIPC encryption message version
100 * "known" or not at the message encryption
101 * TX : TX key used for the message encryption
111 * part of the nonce used for the message encryption/decryption
115 * generated by the message encryption
H A DKconfig39 bool "TIPC encryption support"
46 Saying Y here will enable support for TIPC encryption.
/linux/Documentation/virt/kvm/s390/
H A Ds390-pv-dump.rst21 can be requested. The encryption is based on the Customer
50 metadata comprised of the encryption tweaks and status flags. The
52 time of the export does not matter as no re-encryption is
/linux/Documentation/security/keys/
H A Decryptfs.rst6 file using a randomly generated File Encryption Key (FEK).
8 Each FEK is in turn encrypted with a File Encryption Key Encryption Key (FEKEK)
/linux/drivers/crypto/nx/
H A DKconfig4 tristate "Encryption acceleration support on pSeries platform"
10 Support for PowerPC Nest (NX) encryption acceleration. This
/linux/drivers/crypto/ccp/
H A DKconfig20 which can be used to offload encryption operations such as SHA, AES
24 tristate "Encryption and hashing offload support"
/linux/Documentation/security/tpm/
H A Dtpm-security.rst29 encryption`_ schemes. The next phase of research seems to be hacking
74 encryption to prevent the loss of secret information.
134 HMAC and encryption keys are usually derived from the shared
144 session may also be reused for the in-kernel HMAC, encryption and
151 protect the integrity. Additionally, we use parameter encryption to
214 .. _attack against TPM based Linux disk encryption: https://www.secura.com/blog/tpm-sniffing-attack…
/linux/arch/x86/boot/compressed/
H A Dmem_encrypt.S3 * AMD Memory Encryption Support
32 * Pagetable bit position used to indicate encryption
45 andl $0x3f, %eax /* Return the encryption bit location */
245 * time kept in the %eax and %ebx registers. Since encryption is always active
280 /* Enable paging to see if encryption is active */
/linux/Documentation/devicetree/bindings/crypto/
H A Dsamsung-sss.yaml15 -- Advanced Encryption Standard (AES)
16 -- Data Encryption Standard (DES)/3DES
/linux/net/sunrpc/auth_gss/
H A Dgss_krb5_crypto.c99 * functions, but the CBC-CTS encryption and HMAC are replaced
103 * %GSS_S_COMPLETE: Encryption successful in krb5_encrypt()
104 * %GSS_S_FAILURE: Encryption failed in krb5_encrypt()
/linux/security/keys/trusted-keys/
H A Dtrusted_dcp.c26 * AES encryption engine only. It does not provide direct key sealing/unsealing.
27 * To make DCP hardware encryption keys usable as trust source, we define
32 * blob encryption key (BEK) and 128-bit nonce. The BEK and nonce are used to
36 * encryption engine with AES-128-ECB. The encrypted BEK, generated nonce,
48 * @nonce: Random nonce used for @payload encryption.
/linux/arch/x86/boot/startup/
H A Dmap_kernel.c44 * Clear the memory encryption mask from the .bss..decrypted section. in sme_postprocess_startup()
46 * there is no need to zero it after changing the memory encryption in sme_postprocess_startup()
72 * Return the SME encryption mask (if SME is active) to be used as a in sme_postprocess_startup()
121 /* Include the SME encryption mask in the fixup value */ in __startup_64()
/linux/drivers/scsi/
H A Dsense_codes.h365 SENSE_CODE(0x2A0D, "Data encryption capabilities changed")
367 SENSE_CODE(0x2A11, "Data encryption parameters changed by another i_t nexus")
368 SENSE_CODE(0x2A12, "Data encryption parameters changed by vendor specific event")
369 SENSE_CODE(0x2A13, "Data encryption key instance counter has changed")
855 SENSE_CODE(0x7403, "Incorrect data encryption key")
859 SENSE_CODE(0x7407, "Encryption parameters not useable")
861 SENSE_CODE(0x7409, "Encryption mode mismatch on read")
863 SENSE_CODE(0x740B, "Incorrect Encryption parameters")
865 SENSE_CODE(0x740D, "Encryption algorithm disabled")
869 SENSE_CODE(0x7421, "Data Encryption configuration prevented")
[all …]

12345678910>>...13