| /linux/tools/testing/selftests/bpf/progs/ |
| H A D | bpf_flow.c | 75 static __always_inline int export_flow_keys(struct bpf_flow_keys *keys, in export_flow_keys() argument
78 __u32 key = (__u32)(keys->sport) << 16 | keys->dport; in export_flow_keys()
81 memcpy(&val, keys, sizeof(val)); in export_flow_keys()
118 struct bpf_flow_keys *keys = skb->flow_keys; in parse_eth_proto() local
137 return export_flow_keys(keys, BPF_DROP); in parse_eth_proto()
140 return export_flow_keys(keys, BPF_DROP); in parse_eth_proto()
146 struct bpf_flow_keys *keys = skb->flow_keys; in _dissect() local
148 if (keys->n_proto == bpf_htons(ETH_P_IP)) { in _dissect()
161 return parse_eth_proto(skb, keys->n_proto); in _dissect()
167 struct bpf_flow_keys *keys = skb->flow_keys; in parse_ip_proto() local
[all …]
|
| /linux/drivers/input/keyboard/ |
| H A D | mtk-pmic-keys.c | 138 struct mtk_pmic_keys *keys; member
150 struct mtk_pmic_keys_info keys[MTK_PMIC_MAX_KEY_COUNT]; member
159 static void mtk_pmic_keys_lp_reset_setup(struct mtk_pmic_keys *keys, in mtk_pmic_keys_lp_reset_setup() argument
170 error = of_property_read_u32(keys->dev->of_node, "power-off-time-sec", in mtk_pmic_keys_lp_reset_setup()
178 error = of_property_read_u32(keys->dev->of_node, in mtk_pmic_keys_lp_reset_setup()
202 regmap_update_bits(keys->regmap, regs->pmic_rst_reg, mask, value); in mtk_pmic_keys_lp_reset_setup()
210 regmap_read(info->keys->regmap, info->regs->deb_reg, &key_deb); in mtk_pmic_keys_irq_handler_thread()
216 input_report_key(info->keys->input_dev, info->keycode, pressed); in mtk_pmic_keys_irq_handler_thread()
217 input_sync(info->keys->input_dev); in mtk_pmic_keys_irq_handler_thread()
219 dev_dbg(info->keys->dev, "(%s) key =%d using PMIC\n", in mtk_pmic_keys_irq_handler_thread()
[all …]
|
| /linux/security/keys/ |
| H A D | Kconfig | 6 menuconfig KEYS config
11 access keys in the kernel.
13 It also includes provision of methods by which such keys might be
18 a searchable sequence of keys. Each process is equipped with access
24 if KEYS
60 bool "Large payload keys"
64 This option provides support for holding large keys within the kernel
71 tristate "TRUSTED KEYS"
74 keys in the kernel. Trusted keys ar
[all...] |
| H A D | gc.c | 10 #include <keys/keyring-type.h>
19 * Reaper for unused keys.
25 * Reaper for links from keyrings to dead keys.
93 * reaper to go through a cycle finding expired keys.
103 * Reap keys of dead type.
106 * collector: the first to mark keys of that type as being dead, the second to
107 * collect dead links and the third to clean up the dead keys. We have to be
133 * Garbage collect a list of unreferenced, detached keys
135 static noinline void key_gc_unused_keys(struct list_head *keys) in key_gc_unused_keys() argument
137 while (!list_empty(keys)) { in key_gc_unused_keys()
[all …]
|
| /linux/arch/arm64/include/asm/ |
| H A D | pointer_auth.h | 33 * We give each process its own keys, which are shared by all threads. The keys
57 static __always_inline void ptrauth_keys_init_kernel(struct ptrauth_keys_kernel *keys) in ptrauth_keys_init_kernel() argument
60 get_random_bytes(&keys->apia, sizeof(keys->apia)); in ptrauth_keys_init_kernel()
63 static __always_inline void ptrauth_keys_switch_kernel(struct ptrauth_keys_kernel *keys) in ptrauth_keys_switch_kernel() argument
68 __ptrauth_key_install_nosync(APIA, keys->apia); in ptrauth_keys_switch_kernel()
74 static inline void ptrauth_keys_install_user(struct ptrauth_keys_user *keys) in ptrauth_keys_install_user() argument
77 __ptrauth_key_install_nosync(APIB, keys->apib); in ptrauth_keys_install_user()
78 __ptrauth_key_install_nosync(APDA, keys->apda); in ptrauth_keys_install_user()
79 __ptrauth_key_install_nosync(APDB, keys->apdb); in ptrauth_keys_install_user()
83 __ptrauth_key_install_nosync(APGA, keys->apga); in ptrauth_keys_install_user()
[all …]
|
| /linux/security/integrity/ |
| H A D | Kconfig | 22 select KEYS
29 to "lock" certain keyring to prevent adding new keys.
30 This is useful for evm and module keyrings, when keys are
34 bool "Enable asymmetric keys support"
44 asymmetric keys.
47 bool "Require all keys on the integrity keyrings be signed"
52 This option requires that all keys added to the .ima and
57 bool "Provide keyring for platform/firmware trusted keys"
61 Provide a separate, distinct keyring for platform trusted keys, which
67 bool "Provide a keyring to which Machine Owner Keys may be added"
[all …]
|
| /linux/certs/ |
| H A D | Kconfig | 39 Note: Remove all ECDSA signing keys, e.g. certs/signing_key.pem,
45 bool "Provide system-wide ring of trusted keys"
46 depends on KEYS
50 Provide a system keyring to which trusted keys can be added. Keys in
51 the keyring are considered to be trusted. Keys may be added at will
53 userspace may only add extra keys if those keys can be verified by
54 keys already in the keyring.
56 Keys in this keyring are used by module signature checking.
59 string "Additional X.509 keys for default system keyring"
67 NOTE: If you previously provided keys for the system keyring in the
[all …]
|
| /linux/tools/testing/selftests/net/ |
| H A D | tcp_fastopen_backup_key.c | 5 * New keys are 'rotated' in two steps:
7 * 2) Make new key the primary by swapping the backup and primary keys
49 static void get_keys(int fd, uint32_t *keys) in get_keys() argument
55 if (getsockopt(fd, SOL_TCP, TCP_FASTOPEN_KEY, keys, &len)) in get_keys()
62 if (sscanf(buf, "%x-%x-%x-%x,%x-%x-%x-%x", keys, keys + 1, keys + 2, in get_keys()
63 keys + 3, keys + 4, keys + 5, keys + 6, keys + 7) != 8) in get_keys()
67 static void set_keys(int fd, uint32_t *keys) in set_keys() argument
72 if (setsockopt(fd, SOL_TCP, TCP_FASTOPEN_KEY, keys, in set_keys()
79 keys[0], keys[1], keys[2], keys[3], keys[4], keys[5], in set_keys()
80 keys[6], keys[7]); in set_keys()
[all …]
|
| /linux/tools/testing/selftests/bpf/map_tests/ |
| H A D | htab_map_batch_ops.c | 14 static void map_batch_update(int map_fd, __u32 max_entries, int *keys, in map_batch_update() argument
29 keys[i] = i + 1; in map_batch_update()
37 err = bpf_map_update_batch(map_fd, keys, values, &max_entries, &opts); in map_batch_update()
42 int *keys, void *values, bool is_pcpu) in map_batch_verify() argument
56 CHECK(keys[i] + 1 + j != bpf_percpu(v[i], j), in map_batch_verify()
59 i, j, keys[i], bpf_percpu(v[i], j)); in map_batch_verify()
62 CHECK(keys[i] + 1 != ((int *)values)[i], in map_batch_verify()
64 "error: i %d key %d value %d\n", i, keys[i], in map_batch_verify()
73 "error: keys array at index %d missing\n", i); in map_batch_verify()
81 int map_fd, *keys, *visited, key; in __test_map_lookup_and_delete_batch() local
[all …]
|
| H A D | array_map_batch_ops.c | 15 static void map_batch_update(int map_fd, __u32 max_entries, int *keys, in map_batch_update() argument
26 keys[i] = i; in map_batch_update()
36 err = bpf_map_update_batch(map_fd, keys, values, &max_entries, &opts); in map_batch_update()
40 static void map_batch_verify(int *visited, __u32 max_entries, int *keys, in map_batch_verify() argument
52 CHECK(keys[i] + j + 1 != value, in map_batch_verify()
55 j, keys[i], value); in map_batch_verify()
58 CHECK(keys[i] + 1 != values[i], "key/value checking", in map_batch_verify()
59 "error: i %d key %d value %lld\n", i, keys[i], in map_batch_verify()
66 "error: keys array at index %d missing\n", i); in map_batch_verify()
72 int map_fd, *keys, *visited; in __test_map_lookup_and_update_batch() local
[all …]
|
| H A D | lpm_trie_map_batch_ops.c | 23 struct test_lpm_key *keys, int *values) in map_batch_update() argument
34 keys[i].prefix = 32; in map_batch_update()
36 inet_pton(AF_INET, buff, &keys[i].ipv4); in map_batch_update()
40 err = bpf_map_update_batch(map_fd, keys, values, &max_entries, &opts); in map_batch_update()
45 struct test_lpm_key *keys, int *values) in map_batch_verify() argument
53 inet_ntop(AF_INET, &keys[i].ipv4, buff, 32); in map_batch_verify()
62 "error: keys array at index %d missing\n", i); in map_batch_verify()
69 struct test_lpm_key *keys, key; in test_lpm_trie_map_batch_ops() local
86 keys = malloc(max_entries * sizeof(struct test_lpm_key)); in test_lpm_trie_map_batch_ops()
89 CHECK(!keys || !values || !visited, "malloc()", "error:%s\n", in test_lpm_trie_map_batch_ops()
[all …]
|
| /linux/arch/arm64/kernel/ |
| H A D | pointer_auth.c | 13 struct ptrauth_keys_user *keys = &tsk->thread.keys_user; in ptrauth_prctl_reset_keys() local
25 ptrauth_keys_init_user(keys); in ptrauth_prctl_reset_keys()
37 get_random_bytes(&keys->apia, sizeof(keys->apia)); in ptrauth_prctl_reset_keys()
39 get_random_bytes(&keys->apib, sizeof(keys->apib)); in ptrauth_prctl_reset_keys()
41 get_random_bytes(&keys->apda, sizeof(keys->apda)); in ptrauth_prctl_reset_keys()
43 get_random_bytes(&keys->apdb, sizeof(keys->apdb)); in ptrauth_prctl_reset_keys()
45 get_random_bytes(&keys->apga, sizeof(keys->apga)); in ptrauth_prctl_reset_keys()
46 ptrauth_keys_install_user(keys); in ptrauth_prctl_reset_keys()
67 int ptrauth_set_enabled_keys(struct task_struct *tsk, unsigned long keys, in ptrauth_set_enabled_keys() argument
78 if ((keys & ~PR_PAC_ENABLED_KEYS_MASK) || (enabled & ~keys)) in ptrauth_set_enabled_keys()
[all …]
|
| /linux/Documentation/security/keys/ |
| H A D | trusted-encrypted.rst | 2 Trusted and Encrypted Keys
5 Trusted and Encrypted Keys are two new key types added to the existing kernel
6 key ring service. Both of these new types are variable length symmetric keys,
7 and in both cases all keys are created in the kernel, and user space sees,
8 stores, and loads only encrypted blobs. Trusted Keys require the availability
9 of a Trust Source for greater security, while Encrypted Keys can be used on any
17 A trust source provides the source of security for Trusted Keys. This
23 consumer of the Trusted Keys to determine if the trust source is sufficiently
49 DCP provides two keys that can be used as root of trust: the OTP key
78 Keys can be optionally sealed to specified PCR (integrity measurement)
[all …]
|
| H A D | core.rst | 5 This service allows cryptographic keys, authentication tokens, cross-domain
10 other keys. Processes each have three standard keyring subscriptions that a
11 kernel service can search for relevant keys.
25 In this context, keys represent units of cryptographic data, authentication
47 kernel by a kernel service (such as a filesystem) before keys of that type
53 Should a type be removed from the system, all the keys of that type will
65 instantiation function. Keys can also be immortal.
68 actual "key". In the case of a keyring, this is a list of keys to which
86 Keys being requested from userspace will be in this state.
96 * Expired. Keys can have lifetimes set. If their lifetime is exceeded,
[all …]
|
| /linux/lib/ |
| H A D | test_static_keys.c | 3 * Kernel module for testing static keys.
14 /* old keys */
55 static void invert_keys(struct test_key *keys, int size) in invert_keys() argument
61 if (previous != keys[i].key) { in invert_keys()
62 invert_key(keys[i].key); in invert_keys()
63 previous = keys[i].key; in invert_keys()
68 static int verify_keys(struct test_key *keys, int size, bool invert) in verify_keys() argument
74 ret = static_key_enabled(keys[i].key); in verify_keys()
75 init = keys[i].init_state; in verify_keys()
78 ret = keys[i].test_key(); in verify_keys()
[all …]
|
| /linux/drivers/md/bcache/ |
| H A D | btree.c | 18 * as keys are inserted we only sort the pages that have not yet been written.
53 * Check for bad keys in replay
114 if (b->level && b->keys.nsets) in bch_btree_init_next()
115 bch_btree_sort(&b->keys, &b->c->sort); in bch_btree_init_next()
117 bch_btree_sort_lazy(&b->keys, &b->c->sort); in bch_btree_init_next()
120 bch_bset_init_next(&b->keys, write_block(b), in bch_btree_init_next()
163 iter->b = &b->keys; in bch_btree_node_read_done()
170 b->written < btree_blocks(b) && i->seq == b->keys.set[0].data->seq; in bch_btree_node_read_done()
198 if (i != b->keys.set[0].data && !i->keys) in bch_btree_node_read_done()
208 bset_sector_offset(&b->keys, i) < KEY_SIZE(&b->key); in bch_btree_node_read_done()
[all …]
|
| /linux/drivers/net/ethernet/cisco/enic/ |
| H A D | enic_clsf.c | 15 * @keys: flow_keys of ipv4 5tuple
21 int enic_addfltr_5t(struct enic *enic, struct flow_keys *keys, u16 rq) in enic_addfltr_5t() argument
26 switch (keys->basic.ip_proto) { in enic_addfltr_5t()
38 data.u.ipv4.src_addr = ntohl(keys->addrs.v4addrs.src); in enic_addfltr_5t()
39 data.u.ipv4.dst_addr = ntohl(keys->addrs.v4addrs.dst); in enic_addfltr_5t()
40 data.u.ipv4.src_port = ntohs(keys->ports.src); in enic_addfltr_5t()
41 data.u.ipv4.dst_port = ntohs(keys->ports.dst); in enic_addfltr_5t()
162 if (tpos->keys.addrs.v4addrs.src == k->addrs.v4addrs.src && in htbl_key_search()
163 tpos->keys.addrs.v4addrs.dst == k->addrs.v4addrs.dst && in htbl_key_search()
164 tpos->keys.ports.ports == k->ports.ports && in htbl_key_search()
[all …]
|
| /linux/Documentation/block/ |
| H A D | inline-encryption.rst | 19 keys directly in low-level I/O requests. However, most inline encryption
61 - Inline encryption hardware usually (but not always) requires that keys be
64 key for every I/O request, but rather keep track of which keys are in the
67 - Upper layers typically define a specific end-of-life for crypto keys, e.g.
69 At these times, keys are wiped from memory. We must provide a way for upper
70 layers to also evict keys from any keyslots they are present in.
98 functions to program and evict keys) to upper layers. Each device driver that
170 encryption hardware, the crypto API doesn't accept keys directly in requests but
171 rather requires that keys be set ahead of time, and setting keys can be
307 Hardware-wrapped keys
[all …]
|
| /linux/tools/testing/selftests/net/tcp_ao/ |
| H A D | key-management.c | 240 try_delete_key("closed socket, delete all keys", sk, 100, 100, 0, -1, -1, 0); in check_closed_socket()
245 test_error("failed to set current/rnext keys"); in check_closed_socket()
265 test_error("failed to set current/rnext keys"); in check_closed_socket()
286 test_xfail("%s: the socket has current/rnext keys: %d:%d", in assert_no_current_rnext()
291 test_ok("%s: the socket has no current/rnext keys", tst_msg); in assert_no_current_rnext()
326 try_delete_key("listen socket, delete all keys", sk, 100, 100, 0, -1, -1, 0); in check_listen_socket()
344 test_error("failed to set current/rnext keys"); in check_listen_socket()
347 assert_no_current_rnext("listen() after current/rnext keys set", sk); in check_listen_socket()
427 struct test_key *keys; member
454 struct test_key *key = &collection.keys[index]; in init_key_in_collection()
[all …]
|
| /linux/drivers/md/dm-vdo/indexer/ |
| H A D | radix-sort.c | 17 * keys to be sorted.
23 /* Sort keys are pointers to immutable fixed-length arrays of bytes. */
27 * The keys are separated into piles based on the byte in each keys at the current offset, so the
28 * number of keys with each byte must be counted.
52 /* The number of bytes remaining in the sort keys. */
65 /* Compare a segment of two fixed-length keys starting at an offset. */
71 /* Insert the next unsorted key into an array of sorted keys. */
88 * 256-way radix sort when the number of keys to sort is small.
118 * Count the number of times each byte value appears in the arrays of keys to sort at the current
157 * After the keys are moved to the appropriate pile, we'll need to sort each of the piles by the
[all …]
|
| /linux/Documentation/filesystems/ |
| H A D | fscrypt.rst | 27 with different keys and to have unencrypted files on the same
105 Unless `hardware-wrapped keys`_ are used, an attacker who gains the
108 compromise all fscrypt keys that are currently in-use. This also
110 keys the system was using may remain in memory for a short time.
112 However, if hardware-wrapped keys are used, then the fscrypt master
113 keys and file contents encryption keys (but not other types of fscrypt
114 subkeys such as filenames encryption keys) are protected from
117 In addition, fscrypt allows encryption keys to be removed from the
124 thereby wiping their per-file keys and making them once again appear
129 - Per-file keys for in-use files will *not* be removed or wiped.
[all …]
|
| /linux/drivers/mfd/ |
| H A D | ucb1x00-assabet.c | 41 struct gpio_keys_platform_data keys; in ucb1x00_assabet_add() local
46 memset(&keys, 0, sizeof(keys)); in ucb1x00_assabet_add()
55 keys.buttons = buttons; in ucb1x00_assabet_add()
56 keys.nbuttons = ARRAY_SIZE(buttons); in ucb1x00_assabet_add()
57 keys.poll_interval = 50; in ucb1x00_assabet_add()
58 keys.name = "ucb1x00"; in ucb1x00_assabet_add()
60 pdev = platform_device_register_data(&ucb->dev, "gpio-keys", -1, in ucb1x00_assabet_add()
61 &keys, sizeof(keys)); in ucb1x00_assabet_add()
|
| /linux/net/core/ |
| H A D | flow_dissector.c | 1042 * @flow_dissector: list of keys to dissect
1051 * The function will try to retrieve individual keys into target specified
1767 static inline void __flow_hash_consistentify(struct flow_keys *keys) in __flow_hash_consistentify() argument
1771 switch (keys->control.addr_type) { in __flow_hash_consistentify()
1773 if ((__force u32)keys->addrs.v4addrs.dst < in __flow_hash_consistentify()
1774 (__force u32)keys->addrs.v4addrs.src) in __flow_hash_consistentify()
1775 swap(keys->addrs.v4addrs.src, keys->addrs.v4addrs.dst); in __flow_hash_consistentify()
1777 if ((__force u16)keys->ports.dst < in __flow_hash_consistentify()
1778 (__force u16)keys->ports.src) { in __flow_hash_consistentify()
1779 swap(keys->ports.src, keys->ports.dst); in __flow_hash_consistentify()
[all …]
|
| /linux/tools/testing/selftests/tc-testing/tc-tests/filters/ |
| H A D | flow.json | 18 … "filter parent ffff: protocol ip pref 1 flow chain [0-9]+ handle 0x1 map keys dst and 0x000000ff …
40 … "filter parent ffff: protocol ip pref 1 flow chain [0-9]+ handle 0x1 map keys dst.*or 0x000000ff …
62 … "filter parent ffff: protocol ip pref 1 flow chain [0-9]+ handle 0x1 map keys dst xor 0x000000ff …
84 … "filter parent ffff: protocol ip pref 1 flow chain [0-9]+ handle 0x1 map keys dst rshift 31 basec…
106 … "filter parent ffff: protocol ip pref 1 flow chain [0-9]+ handle 0x1 map keys dst addend 0xff bas…
128 … "filter parent ffff: protocol ip pref 1 flow chain [0-9]+ handle 0x1 map keys src addend 0xff bas…
150 … "filter parent ffff: protocol ip pref 1 flow chain [0-9]+ handle 0x1 map keys proto addend 0xff b…
172 … "filter parent ffff: protocol ip pref 1 flow chain [0-9]+ handle 0x1 map keys proto-src addend 0x…
194 … "filter parent ffff: protocol ip pref 1 flow chain [0-9]+ handle 0x1 map keys proto-dst addend 0x…
216 … "filter parent ffff: protocol ip pref 1 flow chain [0-9]+ handle 0x1 map keys iif addend 0xff bas…
[all …]
|
| /linux/include/trace/events/ |
| H A D | bcache.h | 225 TP_PROTO(struct bio *bio, u32 keys),
226 TP_ARGS(bio, keys),
240 __entry->nr_keys = keys;
244 TP_printk("%d,%d %s %llu + %u keys %u",
269 __field(unsigned, keys )
275 __entry->keys = b->keys.set[b->keys.nsets].data->keys;
279 __entry->bucket, __entry->block, __entry->keys)
366 TP_PROTO(struct btree *b, unsigned keys),
367 TP_ARGS(b, keys),
371 __field(unsigned, keys )
[all …]
|