Commit | Line | Data |
---|---|---|
66dbc325 MZ |
1 | What: security/evm |
2 | Date: March 2011 | |
3 | Contact: Mimi Zohar <zohar@us.ibm.com> | |
4 | Description: | |
5 | EVM protects a file's security extended attributes(xattrs) | |
6 | against integrity attacks. The initial method maintains an | |
7 | HMAC-sha1 value across the extended attributes, storing the | |
8 | value as the extended attribute 'security.evm'. | |
9 | ||
10 | EVM depends on the Kernel Key Retention System to provide it | |
11 | with a trusted/encrypted key for the HMAC-sha1 operation. | |
12 | The key is loaded onto the root's keyring using keyctl. Until | |
13 | EVM receives notification that the key has been successfully | |
14 | loaded onto the keyring (echo 1 > <securityfs>/evm), EVM | |
15 | can not create or validate the 'security.evm' xattr, but | |
16 | returns INTEGRITY_UNKNOWN. Loading the key and signaling EVM | |
17 | should be done as early as possible. Normally this is done | |
18 | in the initramfs, which has already been measured as part | |
19 | of the trusted boot. For more information on creating and | |
20 | loading existing trusted/encrypted keys, refer to: | |
21 | Documentation/keys-trusted-encrypted.txt. (A sample dracut | |
22 | patch, which loads the trusted/encrypted key and enables | |
23 | EVM, is available from http://linux-ima.sourceforge.net/#EVM.) |