Home
last modified time | relevance | path

Searched +full:secure +full:- +full:only (Results 1 – 25 of 870) sorted by relevance

12345678910>>...35

/freebsd/sys/contrib/device-tree/Bindings/arm/
H A Dsecure.txt1 * ARM Secure world bindings
4 "Normal" and "Secure". Most devicetree consumers (including the Linux
6 world or the Secure world. However some devicetree consumers are
8 visible only in the Secure address space, only in the Normal address
10 virtual machine which boots Secure firmware and wants to tell the
13 The general principle of the naming scheme for Secure world bindings
14 is that any property that needs a different value in the Secure world
15 can be supported by prefixing the property name with "secure-". So for
16 instance "secure-foo" would override "foo". For property names with
17 a vendor prefix, the Secure variant of "vendor,foo" would be
[all …]
/freebsd/sys/contrib/device-tree/Bindings/nvmem/
H A Dst,stm32-romem.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
4 $id: http://devicetree.org/schemas/nvmem/st,stm32-romem.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
7 title: STMicroelectronics STM32 Factory-programmed data
10 This represents STM32 Factory-programmed read only non-volatile area: locked
11 flash, OTP, read-only HW regs... This contains various information such as:
16 - Fabrice Gasnier <fabrice.gasnier@foss.st.com>
19 - $ref: nvmem.yaml#
20 - $ref: nvmem-deprecated-cells.yaml#
[all …]
H A Damlogic,meson-gxbb-efuse.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
4 $id: http://devicetree.org/schemas/nvmem/amlogic,meson-gxbb-efuse.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
10 - Neil Armstrong <neil.armstrong@linaro.org>
13 - $ref: nvmem.yaml#
14 - $ref: nvmem-deprecated-cells.yaml#
19 - const: amlogic,meson-gxbb-efuse
20 - items:
21 - const: amlogic,meson-gx-efuse
[all …]
/freebsd/share/man/man7/
H A Dsecurity.747 multi-user systems have some inherent security, the job of building and
53 only as secure as you make them, and security concerns are ever competing
60 As yesterday's mini-computers and mainframes
74 .Bl -enum -offset indent
89 Typically, DoS attacks are brute-force mechanisms that attempt
95 only be fixed by applying a bug fix to the kernel.
99 Brute-force network attacks are harder to deal with.
100 A spoofed-packet attack, for example, is
114 The result is that if you have any moderate-sized user base,
137 may find a bug in a root-run server and be able to break root over a network
[all …]
/freebsd/crypto/openssl/doc/man3/
H A DSSL_CTX_set_options.pod7 SSL_get_secure_renegotiation_support - manipulate SSL options
26 SSL_CTX_set_options() adds the options set via bit-mask in B<options> to B<ctx>.
29 SSL_set_options() adds the options set via bit-mask in B<options> to B<ssl>.
32 SSL_CTX_clear_options() clears the options set via bit-mask in B<options>
35 SSL_clear_options() clears the options set via bit-mask in B<options> to B<ssl>.
42 secure renegotiation.
48 The options are coded as bit-masks and can be combined by a bitwise B<or>
67 Add server-hello extension from the early version of cryptopro draft
80 Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
81 OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
[all …]
H A DPEM_bytes_read_bio.pod5 PEM_bytes_read_bio, PEM_bytes_read_bio_secmem - read a PEM-encoded data structure from a BIO
20 PEM_bytes_read_bio() reads PEM-formatted (IETF RFC 1421 and IETF RFC 7468)
23 etc.). If multiple PEM-encoded data structures are present in the same
24 stream, PEM_bytes_read_bio() will skip non-matching data types and
25 continue reading. Non-PEM data present in the stream may cause an
36 non-NULL. The caller must free the storage pointed to by I<*pnm>.
38 The returned data is the DER-encoded form of the requested type, in
43 memory from the secure heap for its temporary buffers and the storage
49 PEM_bytes_read_bio_secmem() only enforces that the secure heap is used for
52 allocated from the secure heap. In cases where it is desirable to ensure
[all …]
/freebsd/crypto/openssh/
H A Dssh.110 .\" called by a name other than "ssh" or "Secure Shell".
75 It is intended to provide secure encrypted communications between
78 .Ux Ns -domain
79 sockets can also be forwarded over the secure channel.
108 .Bl -tag -width Ds -compact
112 to use IPv4 addresses only.
117 to use IPv6 addresses only.
121 .Xr ssh-agent 1 .
122 This can also be specified on a per-host basis in a configuration file.
127 .Ux Ns -domain
[all …]
/freebsd/usr.sbin/bsdconfig/security/include/
H A Dsecurelevel.hlp4 root user in multi-user mode, which in turn may limit the effects of
8 -1 Permanently insecure mode - always run the system in level 0
11 0 Insecure mode - immutable and append-only flags may be turned
15 1 Secure mode - the system immutable and system append-only
21 2 Highly secure mode - same as secure mode, plus disks may not
25 system is multi-user.
32 3 Network secure mode - same as highly secure mode, plus IP
H A Dmessages.subr33 msg_highly_secure="Highly Secure"
34 msg_highly_secure_mode="Highly secure mode"
35 … service disruption if used improperly.\n\nMost settings will take effect only following a system …
36 msg_network_secure="Network Secure"
37 msg_network_secure_mode="Network secure mode"
41 msg_secure="Secure"
42 msg_secure_mode="Secure mode"
45secure mode system flags may not be overridden by the root user,\naccess to direct kernel memory i…
/freebsd/secure/lib/libcrypto/man/man3/
H A DSSL_CTX_set_options.318 .\" Set up some character translations and predefined strings. \*(-- will
24 .tr \(*W-
27 . ds -- \(*W-
29 . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30 . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
37 . ds -- \|\(em\|
71 .\" Fear. Run. Save yourself. No user-serviceable parts.
81 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
97 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
98 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
[all …]
/freebsd/crypto/krb5/src/windows/installer/wix/
H A Dproperty.wxi1 <?xml version="1.0" encoding="utf-8"?>
2 <!--
5 Copyright (C) 2007 Secure Endpoints Inc.
27 -->
30 <!-- Important: This product should only be installed in all-user mode -->
33 <Property Id="LEASHAUTOINIT" Admin="yes" Secure="yes">-autoinit</Property>
34 <Property Id="LEASHAUTOSTART" Admin="yes" Secure="yes">1</Property>
54 <!-- Additional properties relating to the UI are in the appropriate UI.wxi file -->
56 <!-- Configuration properties. If these properties are defined, then
59 not be defined. -->
[all …]
/freebsd/sys/contrib/device-tree/Bindings/mailbox/
H A Dti,secure-proxy.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
4 $id: http://devicetree.org/schemas/mailbox/ti,secure-proxy.yaml#
5 $schema: http://devicetree.org/meta-schemas/core.yaml#
7 title: Texas Instruments' Secure Proxy
10 - Nishanth Menon <nm@ti.com>
13 The Texas Instruments' secure proxy is a mailbox controller that has
16 called "threads" or "proxies" - each instance is unidirectional and is
22 pattern: "^mailbox@[0-9a-f]+$"
25 const: ti,am654-secure-proxy
[all …]
/freebsd/crypto/krb5/doc/admin/
H A Dinstall_appl_srv.rst5 over the network. Application servers can be "secure" or "insecure."
6 A "secure" host is set up to require authentication from every client
12 recommends that you make your hosts secure, to take advantage of the
16 sign-on capability.
22 ---------------
25 KDC. By default on UNIX-like systems this file is named |keytab|.
27 is a potential point of entry for a break-in, and if compromised,
29 be readable only by root, and should exist only on the machine's local
50 …/trillium.mit.edu@ATHENA.MIT.EDU with kvno 3, encryption type aes256-cts-hmac-sha384-192 added to …
51 …/trillium.mit.edu@ATHENA.MIT.EDU with kvno 3, encryption type aes256-cts-hmac-sha384-192 added to …
[all …]
/freebsd/crypto/krb5/doc/html/_sources/admin/
H A Dinstall_appl_srv.rst.txt5 over the network. Application servers can be "secure" or "insecure."
6 A "secure" host is set up to require authentication from every client
12 recommends that you make your hosts secure, to take advantage of the
16 sign-on capability.
22 ---------------
25 KDC. By default on UNIX-like systems this file is named |keytab|.
27 is a potential point of entry for a break-in, and if compromised,
29 be readable only by root, and should exist only on the machine's local
50 …/trillium.mit.edu@ATHENA.MIT.EDU with kvno 3, encryption type aes256-cts-hmac-sha384-192 added to …
51 …/trillium.mit.edu@ATHENA.MIT.EDU with kvno 3, encryption type aes256-cts-hmac-sha384-192 added to …
[all …]
/freebsd/sys/contrib/device-tree/Bindings/iommu/
H A Dqcom,iommu.txt3 Qualcomm "B" family devices which are not compatible with arm-smmu have
6 to non-secure vs secure interrupt line.
10 - compatible : Should be one of:
12 "qcom,msm8916-iommu"
13 "qcom,msm8953-iommu"
15 Followed by "qcom,msm-iommu-v1".
17 - clock-names : Should be a pair of "iface" (required for IOMMUs
21 - clocks : Phandles for respective clocks described by
22 clock-names.
24 - #address-cells : must be 1.
[all …]
/freebsd/crypto/openssl/test/
H A Dsecmemtest.c2 * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
21 TEST_info("Secure memory is implemented."); in test_sec_mem()
24 /* s = non-secure 20 */ in test_sec_mem()
29 /* r = non-secure 20, s = non-secure 20 */ in test_sec_mem()
36 /* r = non-secure 20, p = secure 20, s = non-secure 20 */ in test_sec_mem()
38 /* 20 secure -> 32-byte minimum allocation unit */ in test_sec_mem()
44 /* r = non-secure 20, p = secure 20, q = non-secure 20, s = non-secure 20 */ in test_sec_mem()
50 /* r = non-secure 20, p = secure 20, q = non-secure 20, s = secure 20 */ in test_sec_mem()
52 /* 2 * 20 secure -> 64 bytes allocated */ in test_sec_mem()
57 /* 20 secure -> 32 bytes allocated */ in test_sec_mem()
[all …]
/freebsd/crypto/openssl/crypto/rand/
H A Drand_pool.c2 * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
22 RAND_POOL *ossl_rand_pool_new(int entropy_requested, int secure, in ossl_rand_pool_new() argument
26 size_t min_alloc_size = RAND_POOL_MIN_ALLOCATION(secure); in ossl_rand_pool_new()
33 pool->min_len = min_len; in ossl_rand_pool_new()
34 pool->max_len = (max_len > RAND_POOL_MAX_LENGTH) ? in ossl_rand_pool_new()
36 pool->alloc_len = min_len < min_alloc_size ? min_alloc_size : min_len; in ossl_rand_pool_new()
37 if (pool->alloc_len > pool->max_len) in ossl_rand_pool_new()
38 pool->alloc_len = pool->max_len; in ossl_rand_pool_new()
40 if (secure) in ossl_rand_pool_new()
41 pool->buffer = OPENSSL_secure_zalloc(pool->alloc_len); in ossl_rand_pool_new()
[all …]
/freebsd/sys/contrib/device-tree/Bindings/rng/
H A Domap_rng.txt1 OMAP SoC and Inside-Secure HWRNG Module
5 - compatible : Should contain entries for this and backward compatible
7 - "ti,omap2-rng" for OMAP2.
8 - "ti,omap4-rng" for OMAP4, OMAP5 and AM33XX.
9 - "inside-secure,safexcel-eip76" for SoCs with EIP76 IP block
11 - ti,hwmods: Name of the hwmod associated with the RNG module
12 - reg : Offset and length of the register set for the module
13 - interrupts : the interrupt number for the RNG module.
14 Used for "ti,omap4-rng" and "inside-secure,safexcel-eip76"
15 - clocks: the trng clock source. Only mandatory for the
[all …]
H A Domap_rng.yaml1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
3 ---
[all...]
/freebsd/crypto/heimdal/lib/krb5/
H A Dkrb5_verify_user.31 .\" Copyright (c) 2001 - 2006 Kungliga Tekniska Högskolan
51 Kerberos 5 Library (libkrb5, -lkrb5)
55 …pal principal" "krb5_ccache ccache" "const char *password" "krb5_boolean secure" "const char *serv…
57 …pal principal" "krb5_ccache ccache" "const char *password" "krb5_boolean secure" "const char *serv…
69 .Fn krb5_verify_opt_set_secure "krb5_verify_opt *opt" "krb5_boolean secure"
87 New tickets will be obtained as a side-effect and stored in
99 must only initialized with
109 .Fa secure
126 should only be freed with
163 .Fa secure
[all …]
/freebsd/usr.bin/less/
H A Ddefines.h5 /* Unix definition file for less. -*- C -*-
13 * If you edit defines.h by hand, do "touch stamp-h" before you run make
20 * SECURE is 1 if you wish to disable a bunch of features in order to
22 * SECURE_COMPILE is set by the --with-secure configure option.
24 #define SECURE SECURE_COMPILE macro
28 * (This is possible only if your system supplies the system() function.)
30 #define SHELL_ESCAPE (!SECURE)
35 #define EXAMINE (!SECURE)
41 #define TAB_COMPLETE_FILENAME (!SECURE)
57 * (This is possible only if your system supplies the system() function.)
[all …]
/freebsd/sys/contrib/device-tree/Bindings/firmware/
H A Dintel,stratix10-svc.txt3 Intel Stratix10 SoC is composed of a 64 bit quad-core ARM Cortex A53 hard
4 processor system (HPS) and Secure Device Manager (SDM). When the FPGA is
10 communication with SDM, only the secure world of software (EL3, Exception
18 driver also manages secure monitor call (SMC) to communicate with secure monitor
22 -------------------
26 - compatible: "intel,stratix10-svc" or "intel,agilex-svc"
27 - method: smc or hvc
28 smc - Secure Monitor Call
29 hvc - Hypervisor Call
30 - memory-region:
[all …]
/freebsd/contrib/unbound/contrib/
H A Dupdate-anchor.sh2 # update-anchor.sh, update a trust anchor.
7 ubhost=unbound-host
11 echo "usage: update-anchor [-r hs] [-b] <zone name> <trust anchor file>"
14 echo " the trust anchor file should contain only keys for one zone"
15 echo " -b causes keyfile to be made in bind format."
16 echo " without -b the file is made in unbound format."
19 echo " update-anchor [-r hints] [-b] -d directory"
26 echo "-r root.hints use different root hints. Strict option order."
32 if test $# -eq 0; then
36 filearg='-f'
[all …]
/freebsd/lib/libsecureboot/efi/include/Guid/
H A DGlobalVariable.h3 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
7 http://opensource.org/licenses/bsd-license.php
33 // only permit the creation of variables with a UEFI Specification-defined
37 // L"Boot####" - A boot load option.
38 // L"Driver####" - A driver load option.
39 // L"SysPrep####" - A System Prep application load option.
40 // L"Key####" - Describes hot key relationship with a Boot#### load option.
91 /// The boot option for the next boot only.
101 /// The types of boot options supported by the boot manager. Should be treated as read-only.
118 /// only modified by firmware and is read-only to the OS.
[all …]
/freebsd/contrib/dma/
H A Ddma.conf6 # Please use dpkg-reconfigure dma to change this value.
24 # Uncomment if you want STARTTLS support (only used in combination with
29 # Only makes sense if you use a smarthost.
41 # the SECURE entry below to INSECURE. Otherwise plain login will only work
42 # over a secure connection. Use this option with caution.
43 #SECURE
46 # behind a dialup line. You have to submit your mails manually with dma -q

12345678910>>...35