| /linux/tools/testing/selftests/arm64/pauth/ |
| H A D | pac.c | 39 void sign_specific(struct signatures *sign, size_t val) in sign_specific()
47 void sign_all(struct signatures *sign, size_t val) in sign_all()
56 int n_same(struct signatures *old, struct signatures *new, int nkeys) in n_same()
70 int n_same_single_set(struct signatures *sign, int nkeys) in n_same_single_set()
92 int exec_sign_all(struct signatures *signed_vals, size_t val) in exec_sign_all()
179 ret = read(new_stdout[0], signed_vals, sizeof(struct signatures)); in exec_sign_all()
260 struct signatures signed_vals; in TEST()
299 struct signatures new_keys; in TEST()
300 struct signatures old_key in TEST()
[all...] |
| H A D | exec_target.c | 12 struct signatures signed_vals; in main()
31 fwrite(&signed_vals, sizeof(struct signatures), 1, stdout); in main()
|
| H A D | helper.h | 11 struct signatures { struct
|
| /linux/security/integrity/ima/ |
| H A D | Kconfig | 183 bool "Appraise firmware signatures"
193 bool "Appraise kexec kernel image signatures"
201 Kernel image signatures can not be verified by the original
206 bool "Appraise kernel modules signatures"
213 Kernel module signatures can only be verified by IMA-appraisal,
234 bool "Support module-style signatures for appraisal"
241 Adds support for signatures appended to files. The format of the
244 to accept such signatures.
|
| /linux/fs/verity/ |
| H A D | signature.c | 3 * Verification of builtin signatures
9 * This file implements verification of fs-verity builtin signatures. Please
11 * signatures with fs-verity, and the alternatives (such as userspace signature
45 * against the certificates in the fs-verity keyring. Note that signatures
72 * The ".fs-verity" keyring is empty, due to builtin signatures in fsverity_verify_signature()
|
| H A D | Kconfig | 43 fs-verity builtin signatures.
46 the only way to do signatures with fs-verity, and the
|
| /linux/drivers/scsi/ |
| H A D | fdomain_isa.c | 40 * The following BIOS signature signatures are for boards which do *NOT*
65 } signatures[] = { variable
84 #define SIGNATURE_COUNT ARRAY_SIZE(signatures)
101 if (check_signature(p + signatures[i].offset, in fdomain_isa_match()
102 signatures[i].signature, in fdomain_isa_match()
103 signatures[i].length)) in fdomain_isa_match()
107 sig = &signatures[i]; in fdomain_isa_match()
|
| /linux/security/integrity/platform_certs/ |
| H A D | load_uefi.c | 130 pr_err("Couldn't parse MokListRT signatures from EFI MOKvar config table: %d\n", in load_moklist_certs()
143 pr_err("Couldn't parse MokListRT signatures: %d\n", rc); in load_moklist_certs()
193 pr_err("Couldn't parse db signatures: %d\n", in load_uefi_certs()
210 pr_err("Couldn't parse dbx signatures: %d\n", rc); in load_uefi_certs()
229 pr_err("Couldn't parse mokx signatures %d\n", rc); in load_uefi_certs()
|
| H A D | load_powerpc.c | 104 pr_err("Couldn't parse db signatures: %d\n", rc); in load_powerpc_certs()
121 pr_err("Couldn't parse dbx signatures: %d\n", rc); in load_powerpc_certs()
137 pr_err("Couldn't parse trustedcadb signatures: %d\n", rc); in load_powerpc_certs()
153 pr_err("Couldn't parse moduledb signatures: %d\n", rc); in load_powerpc_certs()
|
| /linux/Documentation/admin-guide/ |
| H A D | module-signing.rst | 13 .. - Non-valid signatures and unsigned modules.
30 involved. The signatures are not themselves encoded in any industrial standard
94 their signatures checked without causing a dependency loop.
129 Cryptographic keypairs are required to generate and check signatures. A
133 kernel so that it can be used to check the signatures as the modules are
265 Non-valid signatures and unsigned modules
|
| /linux/Documentation/ABI/testing/ |
| H A D | ima_policy | 56 limited to fsverity digest based signatures
146 Example of appraise rule allowing modsig appended signatures:
172 signatures (format version 3) stored in security.ima xattr.
|
| H A D | evm | 57 signatures have been solved.
103 to be added at runtime. Any signatures generated after
|
| /linux/Documentation/process/ |
| H A D | maintainer-pgp-guide.rst | 29 Both git repositories and tarballs carry PGP signatures of the kernel
30 developers who create official kernel releases. These signatures offer a
35 - git repositories provide PGP signatures on all tags
36 - tarballs provide detached PGP signatures with all downloads
212 The more signatures you have on your PGP key from other developers, the
370 your signatures (if they know the passphrase). Furthermore, each time a
734 signatures. Furthermore, when rebasing your repository to match
735 upstream, even your own PGP commit signatures will end up discarded. For
749 signatures will be valuable for such purposes.
786 purpose that puts cryptographic attestation signatures into message
[all …]
|
| /linux/tools/testing/selftests/kexec/ |
| H A D | test_kexec_file_load.sh | 6 # both signatures depending on the IMA policy, or none.
64 pesign -i $KERNEL_IMAGE --show-signature | grep -q "No signatures"
228 # Are there pe and ima signatures
|
| /linux/include/uapi/linux/ |
| H A D | fsverity.h | 67 * Format in which fs-verity file digests are signed in built-in signatures.
74 * is optional. fs-verity users may also verify signatures in userspace, in
|
| /linux/kernel/module/ |
| H A D | signing.c | 113 * unparseable signatures, and signature check failures -- in module_sig_check()
114 * even if signatures aren't required. in module_sig_check()
|
| /linux/Documentation/security/ |
| H A D | digsig.rst | 20 Currently digital signatures are used by the IMA/EVM integrity protection subsystem.
82 to generate signatures, to load keys into the kernel keyring.
|
| H A D | ipe.rst | 26 1. IMA + EVM Signatures
70 * No need for two signatures (IMA, then EVM): one signature covers
72 * Signatures can be stored externally to the filesystem metadata.
180 trusted to be changed. This is done through signatures, resulting in needing
|
| /linux/drivers/gpu/drm/nouveau/include/nvfw/ |
| H A D | acr.h | 180 u32 signatures[4]; member
210 u32 signatures[4]; member
|
| /linux/arch/powerpc/include/asm/ |
| H A D | syscalls.h | 85 * Architecture specific signatures required by long long munging:
87 * The following signatures provide a machine long parameter for
|
| /linux/Documentation/kbuild/ |
| H A D | reproducible-builds.rst | 93 3. Create detached signatures for the modules, and publish them as
96 4. Perform a second build that attaches the module signatures. It
|
| /linux/scripts/ |
| H A D | get_maintainer.pl | 248 'git-blame-signatures!' => \$email_git_blame_signatures,
251 'git-min-signatures=i' => \$email_git_min_signatures,
1059 --git-min-signatures => number of signatures required (default: $email_git_min_signatures)
1063 --git-blame-signatures => when used with --git-blame, also include all commit signers
1077 --fixes => for patches, add signatures of commits with 'Fixes: <commit>' (default: 1 (on))
1126 --git-min-signatures, --git-max-maintainers, --git-min-percent, and
1594 ## Reformat email addresses (with names) to avoid badly written signatures
1607 my @signatures = ();
1622 @signatures = grep(/^[ \t]*${signature_pattern}.*\@.*$/, @lines);
1627 return (0, \@signatures, \@authors, \@stats) if !@signatures;
[all …]
|
| /linux/lib/ |
| H A D | check_signature.c | 6 * check_signature - find BIOS signatures
|
| /linux/security/integrity/evm/ |
| H A D | evm_main.c | 552 * Writing other xattrs is safe for portable signatures, as portable in evm_protect_xattr()
553 * signatures are immutable and can never be updated. in evm_protect_xattr()
695 * Writing other xattrs is safe for portable signatures, as portable in evm_inode_set_acl()
696 * signatures are immutable and can never be updated. in evm_inode_set_acl()
928 * Writing attrs is safe for portable signatures, as portable signatures in evm_inode_setattr()
|
| H A D | evm_crypto.c | 155 * signatures in hmac_add_misc()
256 * signatures/HMACs. in evm_calc_hmac_or_hash()
306 /* Portable EVM signatures must include an IMA hash */ in evm_calc_hmac_or_hash()
|