1What: security/evm 2Date: March 2011 3Contact: Mimi Zohar <zohar@us.ibm.com> 4Description: 5 EVM protects a file's security extended attributes(xattrs) 6 against integrity attacks. The initial method maintains an 7 HMAC-sha1 value across the extended attributes, storing the 8 value as the extended attribute 'security.evm'. 9 10 EVM depends on the Kernel Key Retention System to provide it 11 with a trusted/encrypted key for the HMAC-sha1 operation. 12 The key is loaded onto the root's keyring using keyctl. Until 13 EVM receives notification that the key has been successfully 14 loaded onto the keyring (echo 1 > <securityfs>/evm), EVM 15 can not create or validate the 'security.evm' xattr, but 16 returns INTEGRITY_UNKNOWN. Loading the key and signaling EVM 17 should be done as early as possible. Normally this is done 18 in the initramfs, which has already been measured as part 19 of the trusted boot. For more information on creating and 20 loading existing trusted/encrypted keys, refer to: 21 Documentation/keys-trusted-encrypted.txt. (A sample dracut 22 patch, which loads the trusted/encrypted key and enables 23 EVM, is available from http://linux-ima.sourceforge.net/#EVM.) 24