diff options
Diffstat (limited to 'system/ima-evm-utils/README')
-rw-r--r-- | system/ima-evm-utils/README | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/system/ima-evm-utils/README b/system/ima-evm-utils/README new file mode 100644 index 0000000000..ec9deccf9b --- /dev/null +++ b/system/ima-evm-utils/README @@ -0,0 +1,12 @@ +Linux kernel integrity subsystem is comprised of a number of different +components including the Integrity Measurement Architecture (IMA), +Extended Verification Module (EVM), IMA-appraisal extension, digital +signature verification extension and audit measurement log support. + +The evmctl utility is used for producing and verifying digital +signatures, which are used by the Linux kernel integrity subsystem. It +is also used for importing keys into the kernel keyring. + +Linux integrity subsystem allows to use IMA and EVM signatures. EVM +signature protects file metadata, such as file attributes and extended +attributes. IMA signature protects file content. |