xref: /linux/Documentation/ABI/testing/evm (revision e58e871becec2d3b04ed91c0c16fe8deac9c9dfa)
1What:		security/evm
2Date:		March 2011
3Contact:	Mimi Zohar <zohar@us.ibm.com>
4Description:
5		EVM protects a file's security extended attributes(xattrs)
6		against integrity attacks. The initial method maintains an
7		HMAC-sha1 value across the extended attributes, storing the
8		value as the extended attribute 'security.evm'.
9
10		EVM depends on the Kernel Key Retention System to provide it
11		with a trusted/encrypted key for the HMAC-sha1 operation.
12		The key is loaded onto the root's keyring using keyctl.  Until
13		EVM receives notification that the key has been successfully
14		loaded onto the keyring (echo 1 > <securityfs>/evm), EVM
15		can not create or validate the 'security.evm' xattr, but
16		returns INTEGRITY_UNKNOWN.  Loading the key and signaling EVM
17		should be done as early as possible.  Normally this is done
18		in the initramfs, which has already been measured as part
19		of the trusted boot.  For more information on creating and
20		loading existing trusted/encrypted keys, refer to:
21		Documentation/keys-trusted-encrypted.txt.  (A sample dracut
22		patch, which loads the trusted/encrypted key and enables
23		EVM, is available from http://linux-ima.sourceforge.net/#EVM.)
24