/linux-master/drivers/nvme/common/ |
H A D | Makefile | 6 obj-$(CONFIG_NVME_KEYRING) += nvme-keyring.o 9 nvme-keyring-y += keyring.o
|
H A D | keyring.c | 13 #include <linux/nvme-keyring.h> 72 static struct key *nvme_tls_psk_lookup(struct key *keyring, argument 88 if (!keyring) 89 keyring = nvme_keyring; 90 keyring_id = key_serial(keyring); 91 pr_debug("keyring %x lookup tls psk '%s'\n", 93 keyref = keyring_search(make_key_ref(keyring, true), 131 key_serial_t nvme_tls_psk_default(struct key *keyring, argument 142 tls_key = nvme_tls_psk_lookup(keyring, hostnqn, subnqn,
|
/linux-master/include/linux/ |
H A D | nvme-keyring.h | 11 key_serial_t nvme_tls_psk_default(struct key *keyring, 18 static inline key_serial_t nvme_tls_psk_default(struct key *keyring, argument
|
H A D | digsig.h | 47 int digsig_verify(struct key *keyring, const char *sig, int siglen, 52 static inline int digsig_verify(struct key *keyring, const char *sig, argument
|
H A D | key-type.h | 144 /* Look up a keyring access restriction (optional) 174 struct key *keyring, 179 struct key *keyring, 185 struct key *keyring, 188 return key_reject_and_link(key, timeout, ENOKEY, keyring, authkey); 183 key_negate_and_link(struct key *key, unsigned timeout, struct key *keyring, struct key *authkey) argument
|
H A D | key.h | 41 #define KEY_POS_READ 0x02000000 /* possessor can read key payload / view keyring */ 42 #define KEY_POS_WRITE 0x04000000 /* possessor can update key payload / add link to keyring */ 43 #define KEY_POS_SEARCH 0x08000000 /* possessor can find a key in search / search a keyring */ 44 #define KEY_POS_LINK 0x10000000 /* possessor can create a link to a key/keyring */ 82 KEY_NEED_SEARCH, /* Require permission to search (keyring) or find (key) */ 189 * authentication token / access credential / keyring 212 time64_t last_used_at; /* last time used for LRU keyring discard */ 238 #define KEY_FLAG_UID_KEYRING 9 /* set if key is a user or user session keyring */ 269 /* This is set on a keyring to restrict the addition of a link to a key 271 * keyring i [all...] |
/linux-master/security/integrity/ima/ |
H A D | ima_asymmetric_keys.c | 19 * @keyring: keyring to which the key is linked to 29 void ima_post_key_create_or_update(struct key *keyring, struct key *key, argument 43 queued = ima_queue_key(keyring, payload, payload_len); 49 * keyring->description points to the name of the keyring 53 * The name of the keyring is passed in the "eventname" 58 * The name of the keyring is also passed in the "keyring" 61 * to the given keyring [all...] |
H A D | ima_queue_keys.c | 67 static struct ima_key_entry *ima_alloc_key_entry(struct key *keyring, argument 78 entry->keyring_name = kstrdup(keyring->description, 94 keyring->description, 104 bool ima_queue_key(struct key *keyring, const void *payload, argument 110 entry = ima_alloc_key_entry(keyring, payload, payload_len);
|
/linux-master/security/keys/ |
H A D | keyring.c | 17 #include <keys/keyring-type.h> 70 * The keyring key type definition. Keyrings are simply keys of this type and 76 static int keyring_instantiate(struct key *keyring, 78 static void keyring_revoke(struct key *keyring); 79 static void keyring_destroy(struct key *keyring); 80 static void keyring_describe(const struct key *keyring, struct seq_file *m); 81 static long keyring_read(const struct key *keyring, 85 .name = "keyring", 104 * Publish the name of a keyring so that it can be found by name (if it has 107 static void keyring_publish_name(struct key *keyring) argument 140 keyring_instantiate(struct key *keyring, struct key_preparsed_payload *prep) argument 412 keyring_destroy(struct key *keyring) argument 437 keyring_describe(const struct key *keyring, struct seq_file *m) argument 481 keyring_read(const struct key *keyring, char *buffer, size_t buflen) argument 523 struct key *keyring; local 554 restrict_link_reject(struct key *keyring, const struct key_type *type, const union key_payload *payload, struct key *restriction_key) argument 646 search_keyring(struct key *keyring, struct keyring_search_context *ctx) argument 663 search_nested_keyrings(struct key *keyring, struct keyring_search_context *ctx) argument 667 struct key *keyring; member in struct:__anon772 902 struct key *keyring; local 937 keyring_search(key_ref_t keyring, struct key_type *type, const char *description, bool recurse) argument 1024 struct key *keyring; local 1101 struct key *keyring, *key; local 1144 struct key *keyring; local 1292 __key_link_begin(struct key *keyring, const struct keyring_index_key *index_key, struct assoc_array_edit **_edit) argument 1350 __key_link_check_live_key(struct key *keyring, struct key *key) argument 1367 __key_link(struct key *keyring, struct key *key, struct assoc_array_edit **_edit) argument 1407 __key_link_check_restriction(struct key *keyring, struct key *key) argument 1435 key_link(struct key *keyring, struct key *key) argument 1484 __key_unlink_begin(struct key *keyring, struct key *key, struct assoc_array_edit **_edit) argument 1506 __key_unlink(struct key *keyring, struct key *key, struct assoc_array_edit **_edit) argument 1545 key_unlink(struct key *keyring, struct key *key) argument 1647 keyring_clear(struct key *keyring) argument 1678 keyring_revoke(struct key *keyring) argument 1716 keyring_gc(struct key *keyring, time64_t limit) argument 1761 keyring_restriction_gc(struct key *keyring, struct key_type *dead_type) argument [all...] |
H A D | process_keys.c | 22 /* Session keyring create vs join semaphore */ 36 * Get or create a user register keyring. 47 /* Make sure there's a register keyring. It gets owned by the 66 /* We don't return a ref since the keyring is pinned by the user_ns */ 97 /* Get the user keyring. Note that there may be one in existence 122 /* Get a default session keyring (which might also exist already) */ 138 /* We install a link from the user session keyring to 139 * the user keyring. 145 /* And only then link the user-session keyring to the 182 * Get the user session keyring i 223 struct key *keyring; local 270 struct key *keyring; local 317 install_session_keyring_to_cred(struct cred *cred, struct key *keyring) argument 356 install_session_keyring(struct key *keyring) argument 841 struct key *keyring; local [all...] |
H A D | key.c | 207 * keyring is destroyed, so it must be dynamically allocated. 419 * Instantiate a key and link it into the target keyring atomically. Must be 420 * called with the target keyring's semaphore writelocked. The target key's 426 struct key *keyring, 433 key_check(keyring); 454 /* and link it into the destination keyring */ 455 if (keyring) { 456 if (test_bit(KEY_FLAG_KEEP, &keyring->flags)) 459 __key_link(keyring, key, _edit); 480 * key_instantiate_and_link - Instantiate a key and link it into the keyring 424 __key_instantiate_and_link(struct key *key, struct key_preparsed_payload *prep, struct key *keyring, struct key *authkey, struct assoc_array_edit **_edit) argument 495 key_instantiate_and_link(struct key *key, const void *data, size_t datalen, struct key *keyring, struct key *authkey) argument 571 key_reject_and_link(struct key *key, unsigned timeout, unsigned error, struct key *keyring, struct key *authkey) argument 805 struct key *keyring, *key = NULL; local [all...] |
H A D | Makefile | 12 keyring.o \
|
/linux-master/include/keys/ |
H A D | system_keyring.h | 2 /* System keyring containing trusted public keys. 22 extern int restrict_link_by_builtin_trusted(struct key *keyring, 30 extern __init int load_module_cert(struct key *keyring); 36 static inline __init int load_module_cert(struct key *keyring) argument 45 struct key *keyring, 49 int restrict_link_by_digsig_builtin_and_secondary(struct key *keyring, 68 extern void __init set_machine_trusted_keys(struct key *keyring); 71 static inline void __init set_machine_trusted_keys(struct key *keyring) argument 126 extern void __init set_platform_trusted_keys(struct key *keyring); 128 static inline void set_platform_trusted_keys(struct key *keyring) argument [all...] |
H A D | asymmetric-type.h | 81 extern struct key *find_asymmetric_key(struct key *keyring, 88 const struct key *keyring);
|
/linux-master/security/integrity/ |
H A D | digsig.c | 22 static struct key *keyring[INTEGRITY_KEYRING_MAX]; variable in typeref:struct:key 47 if (!keyring[id]) { 48 keyring[id] = 50 if (IS_ERR(keyring[id])) { 51 int err = PTR_ERR(keyring[id]); 52 pr_err("no %s keyring: %d\n", keyring_name[id], err); 53 keyring[id] = NULL; 58 return keyring[id]; 64 struct key *keyring; local 69 keyring 89 struct key *keyring; local [all...] |
H A D | digsig_asymmetric.c | 22 static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid) argument 43 if (keyring) { 44 /* search in specific keyring */ 47 kref = keyring_search(make_key_ref(keyring, 1), 58 if (keyring) 59 pr_err_ratelimited("Request for unknown key '%s' in '%s' keyring. err %ld\n", 60 name, keyring->description, 82 int asymmetric_verify(struct key *keyring, const char *sig, argument 102 key = request_asymmetric_key(keyring, be32_to_cpu(hdr->keyid));
|
H A D | integrity.h | 158 int asymmetric_verify(struct key *keyring, const char *sig, 161 static inline int asymmetric_verify(struct key *keyring, const char *sig, argument 169 int ima_modsig_verify(struct key *keyring, const struct modsig *modsig); 171 static inline int ima_modsig_verify(struct key *keyring, argument
|
/linux-master/crypto/asymmetric_keys/ |
H A D | selftest.c | 23 * be loaded into a temporary keyring for the duration of the testing. 181 struct key *keyring; local 186 keyring = keyring_alloc(".certs_selftest", 193 if (IS_ERR(keyring)) 194 panic("Can't allocate certs selftest keyring: %ld\n", 195 PTR_ERR(keyring)); 198 sizeof(certs_selftest_keys) - 1, keyring); 200 panic("Can't allocate certs selftest keyring: %d\n", ret); 216 ret = pkcs7_validate_trust(pkcs7, keyring); 223 key_put(keyring); [all...] |
H A D | x509_loader.c | 9 const struct key *keyring) 31 key = key_create_or_update(make_key_ref(keyring, 1), 7 x509_load_certificate_list(const u8 cert_list[], const unsigned long list_size, const struct key *keyring) argument
|
/linux-master/fs/crypto/ |
H A D | Makefile | 8 keyring.o \
|
H A D | keyring.c | 3 * Filesystem-level keyring for fscrypt 10 * filesystem-level keyring, including the ioctls: 74 * that concurrent keyring lookups can no longer find it. 78 /* Clear the keyring so the quota gets released right away. */ 95 * fscrypt_master_key struct by removing it from the keyring and 206 struct fscrypt_keyring *keyring; local 211 keyring = kzalloc(sizeof(*keyring), GFP_KERNEL); 212 if (!keyring) 214 spin_lock_init(&keyring 236 struct fscrypt_keyring *keyring = sb->s_master_keys; local 267 fscrypt_mk_hash_bucket(struct fscrypt_keyring *keyring, const struct fscrypt_key_specifier *mk_spec) argument 291 struct fscrypt_keyring *keyring; local 340 struct key *keyring; local 432 struct fscrypt_keyring *keyring = sb->s_master_keys; local [all...] |
/linux-master/fs/smb/client/ |
H A D | cifs_spnego.c | 181 struct key *keyring; local 188 * Create an override credential set with special thread keyring for 196 keyring = keyring_alloc(".cifs_spnego", 201 if (IS_ERR(keyring)) { 202 ret = PTR_ERR(keyring); 211 * instruct request_key() to use this special keyring as a cache for 214 set_bit(KEY_FLAG_ROOT_CAN_CLEAR, &keyring->flags); 215 cred->thread_keyring = keyring; 219 cifs_dbg(FYI, "cifs spnego keyring: %d\n", key_serial(keyring)); [all...] |
/linux-master/net/dns_resolver/ |
H A D | dns_key.c | 338 struct key *keyring; local 341 /* create an override credential set with a special thread keyring in 351 keyring = keyring_alloc(".dns_resolver", 356 if (IS_ERR(keyring)) { 357 ret = PTR_ERR(keyring); 365 /* instruct request_key() to use this special keyring as a cache for 367 set_bit(KEY_FLAG_ROOT_CAN_CLEAR, &keyring->flags); 368 cred->thread_keyring = keyring; 372 kdebug("DNS resolver keyring: %d\n", key_serial(keyring)); [all...] |
/linux-master/scripts/ |
H A D | extract-sys-certs.pl | 9 die "Format: $0 [-s <systemmap-file>] <vmlinux-file> <keyring-file>\n" 21 my $keyring = $ARGV[1]; 154 open FD, ">$keyring" || die $keyring; 157 die "$keyring" if (!defined($len)); 158 die "Short write on $keyring\n" if ($len != $size); 159 close(FD) || die $keyring;
|
/linux-master/certs/ |
H A D | system_keyring.c | 2 /* System trusted keyring for trusted public keys 36 * restrict_link_by_builtin_trusted - Restrict keyring addition by built-in CA 42 * Restrict the addition of keys into a keyring based on the key-to-be-added 43 * being vouched for by a key in the built in system keyring. 55 * restrict_link_by_digsig_builtin - Restrict digitalSignature key additions by the built-in keyring 61 * Restrict the addition of keys into a keyring based on the key-to-be-added 62 * being vouched for by a key in the built in system keyring. The new key 76 * restrict_link_by_builtin_and_secondary_trusted - Restrict keyring 83 * Restrict the addition of keys into a keyring based on the key-to-be-added 93 /* If we have a secondary trusted keyring, the 187 set_machine_trusted_keys(struct key *keyring) argument 265 load_module_cert(struct key *keyring) argument 424 set_platform_trusted_keys(struct key *keyring) argument [all...] |