# HLOS security

Source: [https://docs.qualcomm.com/doc/80-88500-4/topic/79_HLOS_security.html](https://docs.qualcomm.com/doc/80-88500-4/topic/79_HLOS_security.html)

The HLOS is supported by security features for authentication and
    encryption.

Table : HLOS security support features

| Security feature | Description |
| --- | --- |
| Verified boot LE (VBLE) | Supports cryptographic authentication of HLOS images such as boot image |
| Device mapper verity (DM-verity) | Supported as part of AVB2.0. It provides the system and vendor image integrity |
| Disk encryption | Full Disk Encryption (FDE) is supported |
| Security Enhanced Linux (SELinux) | Provides added kernel security |
| Kernel module signing | Kernel module signing is supported |
| Peripheral image loader | Authenticates and loads the peripheral firmware and resets the peripheral hardware |

- **[DM-verity](https://docs.qualcomm.com/doc/80-88500-4/topic/80_DM_verity.html)**  

The device mapper (DM) is an infrastructure in the Linux kernel that provides a generic     way to create virtual layers of block devices. The dm-verity target provides read-only     transparent integrity checking of block devices using kernel crypto API.
- **[SElinux](https://docs.qualcomm.com/doc/80-88500-4/topic/81_SElinux.html)**  

SELinux is a security enhancement to Linux that allows more control over access to     system. It was created by the United States National Security Agency (NSA) as a set of patches     to Linux kernel using the Linux kernel module, and later, it was adopted by Linux     kernel.

**Parent Topic:** [Security](https://docs.qualcomm.com/doc/80-88500-4/topic/76_Security.html)

Last Published: Aug 18, 2023

[Previous Topic
Overview of Qualcomm TEE 5.0](https://docs.qualcomm.com/bundle/publicresource/80-88500-4/topics/78_Qualcomm_TEE_5_0.md) [Next Topic
DM-verity](https://docs.qualcomm.com/bundle/publicresource/80-88500-4/topics/80_DM_verity.md)