]> git.ipfire.org Git - thirdparty/kernel/linux.git/commit
projects / thirdparty / kernel / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bab8e90) | patch
evm: Enforce signatures version 3 with new EVM policy 'bit 3'
authorStefan Berger <stefanb@linux.ibm.com>
Wed, 25 Mar 2026 21:33:49 +0000 (17:33 -0400)
committerMimi Zohar <zohar@linux.ibm.com>
Wed, 1 Apr 2026 14:16:53 +0000 (10:16 -0400)
commit82bbd447199ff1441031d2eaf9afe041550cf525
tree292e2762b88320af684b83886ce5df57546468d4tree | snapshot
parentbab8e90bca64a87dd058527ae1d02596d35dc601commit | diff
evm: Enforce signatures version 3 with new EVM policy 'bit 3'

Enable the configuration of EVM so that it requires that asymmetric
signatures it accepts are of version 3 (sigv3). To enable this, introduce
bit 3 (value 0x0008) that the user may write to EVM's securityfs policy
configuration file 'evm' for sigv3 enforcement.

Mention bit 3 in the documentation.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Documentation/ABI/testing/evm diff | blob | blame | history
security/integrity/evm/evm.h diff | blob | blame | history
security/integrity/evm/evm_main.c diff | blob | blame | history
A mirror of Linus' kernel repository