Home
last modified time | relevance | path

Searched full:encrypted (Results 1 – 25 of 265) sorted by relevance

1234567891011

/linux/tools/perf/pmu-events/arch/s390/cf_z16/
H A Dpai_crypto.json34 "BriefDescription": "KM ENCRYPTED DEA",
35 "PublicDescription": "KM-Encrypted-DEA function ending with CC=0"
41 "BriefDescription": "KM ENCRYPTED TDEA 128",
42 "PublicDescription": "KM-Encrypted-TDEA-128 function ending with CC=0"
48 "BriefDescription": "KM ENCRYPTED TDEA 192",
49 "PublicDescription": "KM-Encrypted-TDEA-192 function ending with CC=0"
76 "BriefDescription": "KM ENCRYPTED AES 128",
77 "PublicDescription": "KM-Encrypted-AES-128 function ending with CC=0"
83 "BriefDescription": "KM ENCRYPTED AES 192",
84 "PublicDescription": "KM-Encrypted-AES-192 function ending with CC=0"
[all …]
/linux/tools/perf/pmu-events/arch/s390/cf_z17/
H A Dpai_crypto.json34 "BriefDescription": "KM ENCRYPTED DEA",
35 "PublicDescription": "KM-Encrypted-DEA function ending with CC=0"
41 "BriefDescription": "KM ENCRYPTED TDEA 128",
42 "PublicDescription": "KM-Encrypted-TDEA-128 function ending with CC=0"
48 "BriefDescription": "KM ENCRYPTED TDEA 192",
49 "PublicDescription": "KM-Encrypted-TDEA-192 function ending with CC=0"
76 "BriefDescription": "KM ENCRYPTED AES 128",
77 "PublicDescription": "KM-Encrypted-AES-128 function ending with CC=0"
83 "BriefDescription": "KM ENCRYPTED AES 192",
84 "PublicDescription": "KM-Encrypted-AES-192 function ending with CC=0"
[all …]
/linux/Documentation/security/keys/
H A Decryptfs.rst2 Encrypted keys for the eCryptfs filesystem
8 Each FEK is in turn encrypted with a File Encryption Key Encryption Key (FEKEK)
12 the FEK is encrypted by 'ecryptfsd' with the help of external libraries in order
22 The 'encrypted' key type has been extended with the introduction of the new
24 filesystem. Encrypted keys of the newly introduced format store an
31 encrypted form.
33 The eCryptfs filesystem may really benefit from using encrypted keys in that the
42 keyctl add encrypted name "new ecryptfs key-type:master-key-name keylen" ring
43 keyctl add encrypted name "load hex_blob" ring
53 Example of encrypted key usage with the eCryptfs filesystem:
[all …]
/linux/arch/x86/mm/
H A Dmem_encrypt_boot.S23 * RDI - virtual address for the encrypted mapping
36 /* Set up a one page stack in the non-encrypted memory area */
42 movq %rdi, %r10 /* Encrypted area */
53 movq %r10, %rdi /* Encrypted area */
79 * the kernel will be encrypted during the process. So this
85 * RDI - virtual address for the encrypted mapping
93 * The area will be encrypted by copying from the non-encrypted
95 * intermediate buffer back to the encrypted memory space. The physical
97 * being encrypted "in place".
113 movq %rdi, %r10 /* Save encrypted area address */
[all …]
H A Dioremap.c91 * In a SEV guest, NONE and RESERVED should not be mapped encrypted because
92 * there the whole memory is already encrypted.
112 * be mapped encrypted when SEV is active.
185 enum page_cache_mode pcm, void *caller, bool encrypted) in __ioremap_caller() argument
258 * is not requested (using encrypted), explicitly set decrypt in __ioremap_caller()
262 if ((io_desc.flags & IORES_MAP_ENCRYPTED) || encrypted) in __ioremap_caller()
547 * If SEV is active, that implies that BIOS/UEFI also ran encrypted so
585 /* For SEV, these areas are encrypted */ in memremap_should_map_decrypted()
726 * RAM remap will map the data as encrypted. Determine if a RAM remap should
753 * as encrypted. Determine if an encrypted mapping should not be done and set
/linux/security/keys/encrypted-keys/
H A DMakefile3 # Makefile for encrypted keys
6 obj-$(CONFIG_ENCRYPTED_KEYS) += encrypted-keys.o
8 encrypted-keys-y := encrypted.o ecryptfs_format.o
11 encrypted-keys-y += $(masterkey-y) $(masterkey-m-m)
H A Dencrypted.c11 * See Documentation/security/keys/trusted-encrypted.rst
24 #include <keys/encrypted-type.h>
35 #include "encrypted.h"
80 "Allow instantiation of encrypted keys using provided decrypted data");
99 * valid_ecryptfs_desc - verify the description of a new/loaded encrypted key
101 * The description of a encrypted key with format 'ecryptfs' must contain
164 * <encrypted iv + data>
290 /* convert the hex encoded iv, encrypted-data and HMAC to ascii */ in datablob_format()
301 * Use a user provided key to encrypt/decrypt an encrypted-key.
489 /* verify HMAC before decrypting encrypted ke
[all...]
H A Dmasterkey_trusted.c11 * See Documentation/security/keys/trusted-encrypted.rst
17 #include <keys/encrypted-type.h>
18 #include "encrypted.h"
24 * manages both trusted/encrypted key-types, like the encrypted key type
/linux/Documentation/driver-api/nvdimm/
H A Dsecurity.rst51 A nvdimm encrypted-key of format enc32 has the description format of:
54 See file ``Documentation/security/keys/trusted-encrypted.rst`` for creating
55 encrypted-keys of enc32 format. TPM usage with a master trusted key is
56 preferred for sealing the encrypted-keys.
64 relevant encrypted-keys into the kernel user keyring during the initramfs phase.
115 An encrypted-key with the current user passphrase that is tied to the nvdimm
125 is just another encrypted-key.
136 another encrypted-key.
/linux/Documentation/virt/kvm/s390/
H A Ds390-pv-boot.rst12 Memory made accessible to the hypervisor will be encrypted. See
16 information about the encrypted components and necessary metadata to
27 switch into PV mode itself, the user can load encrypted guest
59 The components are for instance an encrypted kernel, kernel parameters
62 After the initial import of the encrypted data, all defined pages will
82 encrypted images.
H A Ds390-pv-dump.rst20 provides an interface to KVM over which encrypted CPU and memory data
34 and extracts dump keys with which the VM dump data will be encrypted.
46 write out the encrypted vcpu state, but also the unencrypted state
49 The memory state is further divided into the encrypted memory and its
51 encrypted memory can simply be read once it has been exported. The
/linux/net/tls/
H A Dtrace.h47 bool encrypted, bool decrypted),
49 TP_ARGS(sk, tcp_seq, rec_no, rec_len, encrypted, decrypted),
56 __field( bool, encrypted )
65 __entry->encrypted = encrypted;
70 "sk=%p tcp_seq=%u rec_no=%llu len=%u encrypted=%d decrypted=%d",
73 __entry->encrypted, __entry->decrypted
/linux/Documentation/virt/hyperv/
H A Dcoco.rst104 paravisor runs first and sets up the guest physical memory as encrypted. The
133 context), MMIO accesses to these devices must be encrypted references instead
136 check whether a particular address range should be treated as encrypted
140 memory between encrypted and decrypted requires coordinating with the
201 copied into a temporary (encrypted) buffer for further validation and
220 equivalent of bounce buffering between encrypted and decrypted memory is
255 operates in encrypted memory, the memory used for communication with
262 and that supports encrypted memory. In such a case, neither the host partition
270 In the case the device does not support encrypted memory, the paravisor
271 provides bounce-buffering, and although the data is not encrypted, the backing
[all …]
/linux/Documentation/admin-guide/device-mapper/
H A Ddm-crypt.rst70 Either 'logon', 'user', 'encrypted' or 'trusted' kernel key type.
78 then sectors are encrypted according to their offsets (sector 0 uses key0;
87 encrypted data. You can specify it as a path like /dev/xxx or a device
91 Starting sector within the device where the encrypted data begins.
106 option. For example, allowing discards on encrypted devices may lead to
146 integrity for the encrypted device. The additional space is then
177 concurrency (the split requests could be encrypted in parallel by multiple
184 concurrency (the split requests could be encrypted in parallel by multiple
/linux/fs/ntfs/
H A Daops.c61 * - If the attribute is encrypted, access is denied (-EACCES) because
79 * Only $DATA attributes can be encrypted and only unnamed $DATA in ntfs_read_folio()
81 * this means to create compressed/encrypted files, not that the in ntfs_read_folio()
82 * attribute is compressed/encrypted. Note we need to check for in ntfs_read_folio()
88 * EFS-encrypted files are not supported. in ntfs_read_folio()
109 * For regular, non-resident files (i.e. not compressed and not encrypted), map
145 "encrypted")); in ntfs_bmap()
262 * EFS-encrypted files are not supported. in ntfs_writepages()
266 ntfs_debug("Encrypted I/O not supported"); in ntfs_writepages()
/linux/Documentation/process/
H A Dembargoed-hardware-issues.rst38 The list is encrypted and email to the list can be sent by either PGP or
39 S/MIME encrypted and must be signed with the reporter's PGP key or S/MIME
62 The encrypted mailing-lists which are used in our process are hosted on
120 other factors and should be only used when absolutely necessary. Encrypted
135 The hardware security team will provide an incident-specific encrypted
172 team via the specific encrypted mailing-list.
181 The initial response team sets up an encrypted mailing-list or repurposes
319 Encrypted mailing-lists
322 We use encrypted mailing lists for communication. The operating principle
323 of these lists is that email sent to the list is encrypted either with the
[all …]
/linux/net/rxrpc/
H A Drxkad.c712 response->encrypted.checksum = htonl(csum); in rxkad_calc_response_checksum()
725 size_t encsize = sizeof(((struct rxkad_response *)0)->encrypted); in rxkad_encrypt_response()
731 offsetof(struct rxkad_response, encrypted), encsize); in rxkad_encrypt_response()
834 h.resp.encrypted.epoch = htonl(conn->proto.epoch); in rxkad_insert_response_header()
835 h.resp.encrypted.cid = htonl(conn->proto.cid); in rxkad_insert_response_header()
836 h.resp.encrypted.checksum = 0; in rxkad_insert_response_header()
837 h.resp.encrypted.securityIndex = htonl(conn->security_ix); in rxkad_insert_response_header()
838 h.resp.encrypted.call_id[0] = htonl(conn->channels[0].call_counter); in rxkad_insert_response_header()
839 h.resp.encrypted.call_id[1] = htonl(conn->channels[1].call_counter); in rxkad_insert_response_header()
840 h.resp.encrypted.call_id[2] = htonl(conn->channels[2].call_counter); in rxkad_insert_response_header()
[all …]
/linux/arch/x86/kvm/
H A DKconfig157 bool "AMD Secure Encrypted Virtualization (SEV) support"
167 Provides support for launching encrypted VMs which use Secure
168 Encrypted Virtualization (SEV), Secure Encrypted Virtualization with
169 Encrypted State (SEV-ES), and Secure Encrypted Virtualization with
/linux/Documentation/power/
H A Dswsusp-dmcrypt.rst16 Now your system is properly set up, your disk is encrypted except for
26 up dm-crypt and then asks swsusp to resume from the encrypted
56 card contains at least the encrypted swap setup in a file
67 initrd that allows you to resume from encrypted swap and that
133 Otherwise we just remove the encrypted swap device and leave it to the
/linux/arch/x86/coco/
H A Dcore.c66 * will access all memory as encrypted. So, when APs are being brought
67 * up under SME the trampoline area cannot be encrypted, whereas under SEV
68 * the trampoline area must be encrypted.
137 * - for AMD, bit *set* means the page is encrypted in cc_mkenc()
138 * - for AMD with vTOM and for Intel, *clear* means encrypted in cc_mkenc()
/linux/fs/ceph/
H A Dcrypto.h31 * Header for the encrypted file when truncating the size, this
32 * will be sent to MDS, and the MDS will update the encrypted
67 * We want to encrypt filenames when creating them, but the encrypted
88 * must also store the full encrypted name (in the dentry's alternate_name
132 * If we have an encrypted inode then we must adjust the offset and
/linux/arch/x86/boot/compressed/
H A Dsev.c3 * AMD Encrypted Register State Support
122 * being changed to encrypted, it can't be used to perform GHCB in sev_es_shutdown_ghcb()
124 * protocol is used to change the GHCB page over to an encrypted in sev_es_shutdown_ghcb()
130 * GHCB Page must be flushed from the cache and mapped encrypted again. in sev_es_shutdown_ghcb()
135 error("Can't map GHCB page encrypted"); in sev_es_shutdown_ghcb()
138 * GHCB page is mapped encrypted again and flushed from the cache. in sev_es_shutdown_ghcb()
344 * - Bit 1 - Secure Encrypted Virtualization support in sev_check_cpu_support()
/linux/Documentation/security/secrets/
H A Dcoco.rst15 Confidential Computing (coco) hardware such as AMD SEV (Secure Encrypted
55 Consider a guest performing computations on encrypted files. The Guest Owner
62 because they are encrypted. Host can't read the decryption key because
65 confidential (memory-encrypted) guest.
/linux/Documentation/virt/kvm/x86/
H A Damd-memory-encryption.rst4 Secure Encrypted Virtualization (SEV)
10 Secure Encrypted Virtualization (SEV) is a feature found on AMD processors.
14 the memory contents of a VM will be transparently encrypted with a key
25 Bits[31:0] Number of encrypted guests supported simultaneously
165 that the memory was encrypted correctly by the firmware.
174 __u64 uaddr; /* userspace address to be encrypted (must be 16-byte aligned) */
175 __u32 len; /* length of the data to be encrypted (must be 16-byte aligned) */
184 data encrypted by the KVM_SEV_LAUNCH_UPDATE_DATA command. The guest owner may
384 __u64 guest_uaddr; /* the source memory region to be encrypted */
526 __u64 uaddr; /* 4k-aligned address of data to be loaded/encrypted. */
/linux/fs/ecryptfs/
H A Dmmap.c6 * encrypted file and the upper decrypted file.
26 * This is where we encrypt the data and pass the encrypted data to
72 * Bit 2: Encrypted?
82 * @folio: Sort of a ``virtual'' representation of the encrypted lower
131 /* This is an encrypted data extent */ in ecryptfs_copy_up_encrypted_with_header()
179 "the encrypted content from the lower " in ecryptfs_read_folio()
280 "to copy the encrypted content " in ecryptfs_write_begin()

1234567891011