Google Git
Sign in
linux/linux/kernel/git/zohar/linux-integrity/refs/heads/next-integrity-testing
commit
03290518a65f63810500f06998c4ddda7385b487
[log] [tgz]
author
Stefan Berger <stefanb@linux.ibm.com>
Wed Mar 25 17:33:49 2026 -0400
committer
Mimi Zohar <zohar@linux.ibm.com>
Wed Mar 25 19:31:16 2026 -0400
tree
292e2762b88320af684b83886ce5df57546468d4
parent
5896eb29bd58596cfb4da9847e5b827e771505f0 [diff]
evm: Enforce signatures version 3 with new EVM policy 'bit 3'

Enable the configuration of EVM so that it requires that asymmetric
signatures it accepts are of version 3 (sigv3). To enable this, introduce
bit 3 (value 0x0008) that the user may write to EVM's securityfs policy
configuration file 'evm' for sigv3 enforcement.

Mention bit 3 in the documentation.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
3 files changed
tree: 292e2762b88320af684b83886ce5df57546468d4
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. io_uring/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. rust/
  18. samples/
  19. scripts/
  20. security/
  21. sound/
  22. tools/
  23. usr/
  24. virt/
  25. .clang-format
  26. .clippy.toml
  27. .cocciconfig
  28. .editorconfig
  29. .get_maintainer.ignore
  30. .gitattributes
  31. .gitignore
  32. .mailmap
  33. .pylintrc
  34. .rustfmt.toml
  35. COPYING
  36. CREDITS
  37. Kbuild
  38. Kconfig
  39. MAINTAINERS
  40. Makefile
  41. README