Changes in evm

0fc8f6200d2313278fbf4539bbab74677c685531 - Merge drm/drm-fixes into drm-misc-fixes

Mon, 27 Apr 2026 10:26:49 +0200

Merge drm/drm-fixes into drm-misc-fixesGetting fixes and updates from v7.1-rc1.Signed-off-by: Thomas Zimmermann List of files: /linux/Documentation/ABI/testing/evm

9cdca336677b4d15579ec462e33c8a330ab3a9de - Merge tag 'integrity-v7.1' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity

Sat, 18 Apr 2026 00:42:01 +0200

Merge tag 'integrity-v7.1' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrityPull integrity updates from Mimi Zohar: "There are two main changes, one feature removal, some code cleanup, and a number of bug fixes. Main changes: - Detecting secure boot mode was limited to IMA. Make detecting secure boot mode accessible to EVM and other LSMs - IMA sigv3 support was limited to fsverity. Add IMA sigv3 support for IMA regular file hashes and EVM portable signatures Remove: - Remove IMA support for asychronous hash calculation originally added for hardware acceleration Cleanup: - Remove unnecessary Kconfig CONFIG_MODULE_SIG and CONFIG_KEXEC_SIG tests - Add descriptions of the IMA atomic flags Bug fixes: - Like IMA, properly limit EVM "fix" mode - Define and call evm_fix_hmac() to update security.evm - Fallback to using i_version to detect file change for filesystems that do not support STATX_CHANGE_COOKIE - Address missing kernel support for configured (new) TPM hash algorithms - Add missing crypto_shash_final() return value"* tag 'integrity-v7.1' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity: evm: Enforce signatures version 3 with new EVM policy 'bit 3' integrity: Allow sigv3 verification on EVM_XATTR_PORTABLE_DIGSIG ima: add support to require IMA sigv3 signatures ima: add regular file data hash signature version 3 support ima: Define asymmetric_verify_v3() to verify IMA sigv3 signatures ima: remove buggy support for asynchronous hashes integrity: Eliminate weak definition of arch_get_secureboot() ima: Add code comments to explain IMA iint cache atomic_flags ima_fs: Correctly create securityfs files for unsupported hash algos ima: check return value of crypto_shash_final() in boot aggregate ima: Define and use a digest_size field in the ima_algo_desc structure powerpc/ima: Drop unnecessary check for CONFIG_MODULE_SIG ima: efi: Drop unnecessary check for CONFIG_MODULE_SIG/CONFIG_KEXEC_SIG ima: fallback to using i_version to detect file change evm: fix security.evm for a file with IMA signature s390: Drop unnecessary CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT evm: Don't enable fix mode when secure boot is enabled integrity: Make arch_ima_get_secureboot integrity-wide List of files: /linux/Documentation/ABI/testing/evm

82bbd447199ff1441031d2eaf9afe041550cf525 - evm: Enforce signatures version 3 with new EVM policy 'bit 3'

Wed, 25 Mar 2026 22:33:49 +0100

evm: Enforce signatures version 3 with new EVM policy 'bit 3'Enable the configuration of EVM so that it requires that asymmetricsignatures it accepts are of version 3 (sigv3). To enable this, introducebit 3 (value 0x0008) that the user may write to EVM's securityfs policyconfiguration file 'evm' for sigv3 enforcement.Mention bit 3 in the documentation.Signed-off-by: Stefan Berger Signed-off-by: Mimi Zohar List of files: /linux/Documentation/ABI/testing/evm

03ab8e6297acd1bc0eedaa050e2a1635c576fd11 - Merge tag 'v5.18'

Tue, 31 May 2022 15:13:23 +0200

Merge tag 'v5.18'Linux 5.18 List of files: /linux/Documentation/ABI/testing/evm

1136fa0c07de570dc17858745af8be169d1440ba - Merge tag 'v5.17-rc4' into for-linus

Tue, 01 Mar 2022 08:12:55 +0100

Merge tag 'v5.17-rc4' into for-linusMerge with mainline to get the Intel ASoC generic helpers header andother changes. List of files: /linux/Documentation/ABI/testing/evm

87a0b2fafc09766d8c55461a18345a1cfb10a7fe - Merge tag 'v5.16' into next

Tue, 18 Jan 2022 03:03:39 +0100

Merge tag 'v5.16' into nextSync up with mainline to bring in the latest API changes. List of files: /linux/Documentation/ABI/testing/evm

762f99f4f3cb41a775b5157dd761217beba65873 - Merge branch 'next' into for-linus

Sat, 15 Jan 2022 21:09:44 +0100

Merge branch 'next' into for-linusPrepare input updates for 5.17 merge window. List of files: /linux/Documentation/ABI/testing/evm

f81483aaeb59da530b286fe5d081e1705eb5c886 - Merge branch 'for-next' into for-linus

Wed, 05 Jan 2022 15:38:11 +0100

Merge branch 'for-next' into for-linusPull 5.17 materials.Signed-off-by: Takashi Iwai List of files: /linux/Documentation/ABI/testing/evm

1758047057dbe329be712a31b79db7151b5871f8 - Merge drm/drm-next into drm-misc-next-fixes

Fri, 17 Dec 2021 11:33:33 +0100

Merge drm/drm-next into drm-misc-next-fixesBackmerging to bring drm-misc-next-fixes up to the latest state forthe current release cycle.Signed-off-by: Thomas Zimmermann List of files: /linux/Documentation/ABI/testing/evm

8632987380765dee716d460640aa58d58d52998e - Merge branch 'reset/of-get-optional-exclusive' of git://git.pengutronix.de/pza/linux into timers/drivers/next

Thu, 09 Dec 2021 13:57:57 +0100

Merge branch 'reset/of-get-optional-exclusive' of git://git.pengutronix.de/pza/linux into timers/drivers/next"Add optional variant of of_reset_control_get_exclusive(). If therequested reset is not specified in the device tree, this functionreturns NULL instead of an error."This dependency is needed for the Generic Timer Module (a.k.a OSTM)support for RZ/G2L.Signed-off-by: Daniel Lezcano List of files: /linux/Documentation/ABI/testing/evm

5d8dfaa71d87f742c53309b95cb6a8b274119027 - Merge tag 'v5.15' into next

Thu, 09 Dec 2021 08:43:50 +0100

Merge tag 'v5.15' into nextSync up with the mainline to get the latest APIs and DT bindings. List of files: /linux/Documentation/ABI/testing/evm

448cc2fb3a7b327823a9afd374808c37b8e6194f - Merge drm/drm-next into drm-intel-next

Mon, 22 Nov 2021 16:35:32 +0100

Merge drm/drm-next into drm-intel-nextSync up with drm-next to get v5.16-rc2.Signed-off-by: Jani Nikula List of files: /linux/Documentation/ABI/testing/evm

8626afb170dc44ed0512e04131e4d8eac0c5ec57 - Merge drm/drm-next into drm-intel-gt-next

Mon, 22 Nov 2021 13:18:15 +0100

Merge drm/drm-next into drm-intel-gt-nextThomas needs the dma_resv_for_each_fence API for i915/ttm async migrationwork.Signed-off-by: Tvrtko Ursulin List of files: /linux/Documentation/ABI/testing/evm

a713ca234ea9d946235ac7248995c5fddfd9e523 - Merge drm/drm-next into drm-misc-next

Thu, 18 Nov 2021 09:36:39 +0100

Merge drm/drm-next into drm-misc-nextBackmerging from drm/drm-next for v5.16-rc1.Signed-off-by: Thomas Zimmermann List of files: /linux/Documentation/ABI/testing/evm

467dd91e2f783d34b2205751bdf88bcdcac55984 - Merge drm/drm-fixes into drm-misc-fixes

Tue, 16 Nov 2021 08:51:39 +0100

Merge drm/drm-fixes into drm-misc-fixesWe need -rc1 to address a breakage in drm/scheduler affecting panfrost.Signed-off-by: Maxime Ripard List of files: /linux/Documentation/ABI/testing/evm

7f9f879243d6cf5d2d60d12065e93189cc343387 - Merge remote-tracking branch 'torvalds/master' into perf/core

Sat, 06 Nov 2021 19:49:33 +0100

Merge remote-tracking branch 'torvalds/master' into perf/coreTo pick up some tools/perf/ patches that went via tip/perf/core, suchas: tools/perf: Add mem_hops field in perf_mem_data_src structureSigned-off-by: Arnaldo Carvalho de Melo List of files: /linux/Documentation/ABI/testing/evm

95faf6ba654dd334617f347023e65b06d791c4a6 - Merge tag 'driver-core-5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core

Thu, 04 Nov 2021 16:32:38 +0100

Merge tag 'driver-core-5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-corePull driver core updates from Greg KH: "Here is the big set of driver core changes for 5.16-rc1. All of these have been in linux-next for a while now with no reported problems. Included in here are: - big update and cleanup of the sysfs abi documentation files and scripts from Mauro. We are almost at the place where we can properly check that the running kernel's sysfs abi is documented fully. - firmware loader updates - dyndbg updates - kernfs cleanups and fixes from Christoph - device property updates - component fix - other minor driver core cleanups and fixes"* tag 'driver-core-5.16-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: (122 commits) device property: Drop redundant NULL checks x86/build: Tuck away built-in firmware under FW_LOADER vmlinux.lds.h: wrap built-in firmware support under FW_LOADER firmware_loader: move struct builtin_fw to the only place used x86/microcode: Use the firmware_loader built-in API firmware_loader: remove old DECLARE_BUILTIN_FIRMWARE() firmware_loader: formalize built-in firmware API component: do not leave master devres group open after bind dyndbg: refine verbosity 1-4 summary-detail gpiolib: acpi: Replace custom code with device_match_acpi_handle() i2c: acpi: Replace custom function with device_match_acpi_handle() driver core: Provide device_match_acpi_handle() helper dyndbg: fix spurious vNpr_info change dyndbg: no vpr-info on empty queries dyndbg: vpr-info on remove-module complete, not starting device property: Add missed header in fwnode.h Documentation: dyndbg: Improve cli param examples dyndbg: Remove support for ddebug_query param dyndbg: make dyndbg a known cli param dyndbg: show module in vpr-info in dd-exec-queries ... List of files: /linux/Documentation/ABI/testing/evm

483f7d699fd96d494dbd299f73d758073c73c147 - ABI: evm: place a second what at the next line

Tue, 28 Sep 2021 12:14:04 +0200

ABI: evm: place a second what at the next lineOriginally, get_abi.pl was using spaces to separate What: parameters,but there are several references that declare things like: /sys/class/powercap/...//enabledSo, the logic was changes in order to properly address it.That broke the second What added byChangeset 18e49b304633 ("ABI: security: fix location for evm and ima_policy").As the only file that defines multiple What: at the same line isthis file, let's move the second What: to a separate line.Fixes: 18e49b304633 ("ABI: security: fix location for evm and ima_policy")Fixes: ab9c14805b37 ("scripts: get_abi.pl: Better handle multiple What parameters")Signed-off-by: Mauro Carvalho Chehab Link: https://lore.kernel.org/r/1f1e29ccdc0dd0ec089a67b8a4e9650517c6137a.1632823172.git.mchehab+huawei@kernel.orgSigned-off-by: Greg Kroah-Hartman List of files: /linux/Documentation/ABI/testing/evm

18e49b304633fab4253718173ea36e6605fd1036 - ABI: security: fix location for evm and ima_policy

Thu, 16 Sep 2021 10:59:31 +0200

ABI: security: fix location for evm and ima_policyThe What: definitions there are wrong, pointing to differentlocations than what's expected.Reviewed-by: Mimi Zohar Signed-off-by: Mauro Carvalho Chehab Link: https://lore.kernel.org/r/b2563ac34c2e234cdd728f0c701b57ac9023c45a.1631782432.git.mchehab+huawei@kernel.orgSigned-off-by: Greg Kroah-Hartman List of files: /linux/Documentation/ABI/testing/evm

46466ae3a105d9620e1355e33125a413b8c6ce18 - Merge branch 'perf/urgent' into perf/core, to pick up fixes

Thu, 26 Aug 2021 09:14:05 +0200

Merge branch 'perf/urgent' into perf/core, to pick up fixesSigned-off-by: Ingo Molnar List of files: /linux/Documentation/ABI/testing/evm