Searched refs:keyrings (Results 1 – 15 of 15) sorted by relevance
| /linux-6.12.1/security/integrity/ |
| D | Kconfig | 20 bool "Digital signature verification using multiple keyrings"
26 using multiple keyrings. It defines separate keyrings for each
28 Different keyrings improves search performance, but also allow
30 This is useful for evm and module keyrings, when keys are
46 bool "Require all keys on the integrity keyrings be signed"
52 .evm keyrings be signed by a key on the system trusted
|
| /linux-6.12.1/security/keys/ |
| D | Kconfig | 19 to five standard keyrings: UID-specific, GID-specific, session,
43 bool "Enable register of persistent per-UID keyrings"
46 This option provides a register of persistent per-UID keyrings,
47 primarily aimed at Kerberos key storage. The keyrings are persistent
133 on keys and keyrings on which the caller has View permission.
|
| /linux-6.12.1/Documentation/ABI/testing/ |
| D | ima_policy | 32 [appraise_algos=] [keyrings=]
66 keyrings:= list of keyrings
157 measure func=KEY_CHECK keyrings=.builtin_trusted_keys|.ima
|
| /linux-6.12.1/Documentation/security/keys/ |
| D | core.rst | 26 tokens, keyrings, etc.. These are represented in the kernel by struct key.
140 * Each process subscribes to three keyrings: a thread-specific keyring, a
161 * Each user ID resident in the system holds two special keyrings: a user
172 limits the total number of keys and keyrings, the other limits the total
179 Process-specific and thread-specific keyrings are not counted towards a
186 manipulate keys and keyrings.
192 userspace to request a key that can't be found in a process's keyrings.
222 This permits keyrings to be searched and keys to be found. Searches can
223 only recurse into nested keyrings that have search permission set.
257 The default keyrings associated with users will be labeled with the default
[all …]
|
| D | request-key.rst | 81 2) request_key() searches the process's subscribed keyrings to see if there's
107 This will permit it to then search the keyrings of process A with the
127 This is because process A's keyrings can't simply be attached to
|
| /linux-6.12.1/Documentation/security/ |
| D | credentials.rst | 180 4. Keys and keyrings.
190 of keyrings:
197 cached on one of these keyrings for future accesses to find.
264 4. the reference count on any keyrings it points to may be changed;
266 5. any keyrings it points to may be revoked, expired or have their security
269 6. the contents of any keyrings to which it points may be changed (the whole
270 point of keyrings being a shared set of credentials, modifiable by anyone
282 longer permit attachment to process-specific keyrings in the requesting
295 changed, the keyrings subscribed to may have their contents altered.
|
| /linux-6.12.1/security/integrity/ima/ |
| D | ima_policy.c | 122 struct ima_rule_opt_list *keyrings; /* Measure keys added to these keyrings */ member
399 ima_free_rule_opt_list(entry->keyrings); in ima_free_rule()
526 if (!rule->keyrings) in ima_match_rule_data()
529 opt_list = rule->keyrings; in ima_match_rule_data()
1592 entry->keyrings) { in ima_parse_rule()
1597 entry->keyrings = ima_alloc_rule_opt_list(args); in ima_parse_rule()
1598 if (IS_ERR(entry->keyrings)) { in ima_parse_rule()
1599 result = PTR_ERR(entry->keyrings); in ima_parse_rule()
1600 entry->keyrings = NULL; in ima_parse_rule()
2136 ima_show_rule_opt_list(m, entry->keyrings); in ima_policy_show()
|
| D | Kconfig | 254 Keys may be added to the IMA or IMA blacklist keyrings, if the
256 machine (if configured), or secondary trusted keyrings. The
262 built-in, machine (if configured) or secondary trusted keyrings.
265 bool "Create IMA machine owner blacklist keyrings (EXPERIMENTAL)"
|
| /linux-6.12.1/Documentation/networking/ |
| D | dns_resolver.rst | 125 keyrings for a cached DNS result. If that fails to find one, it upcalls to
|
| D | rxrpc.rst | 449 extracted from the calling process's keyrings with request_key() and
|
| /linux-6.12.1/Documentation/crypto/ |
| D | asymmetric-keys.rst | 348 2) Restrict using the kernel builtin and secondary trusted keyrings
353 The kernel builtin and secondary trusted keyrings will be searched for the
|
| /linux-6.12.1/Documentation/core-api/ |
| D | watch_queue.rst | 235 Notifications of this type indicate changes to keys and keyrings, including
|
| /linux-6.12.1/Documentation/filesystems/ |
| D | fscrypt.rst | 879 added is limited by the user's quota for the keyrings service (see
960 Nevertheless, to add a key to one of the process-subscribed keyrings,
999 process-subscribed keyrings mechanism.
1173 process-subscribed keyrings.
|
| /linux-6.12.1/Documentation/admin-guide/LSM/ |
| D | ipe.rst | 226 ``SYSTEM_TRUSTED_KEYRING``, or to the secondary and/or platform keyrings if
|
| /linux-6.12.1/ |
| D | MAINTAINERS | 3499 L: keyrings@vger.kernel.org
5231 L: keyrings@vger.kernel.org
12577 L: keyrings@vger.kernel.org
12588 L: keyrings@vger.kernel.org
12599 L: keyrings@vger.kernel.org
12608 L: keyrings@vger.kernel.org
12616 L: keyrings@vger.kernel.org
12624 L: keyrings@vger.kernel.org
12638 L: keyrings@vger.kernel.org
|