The EVM/IMA-appraisal patches have gone through a number of iterations. The latest EVM patches were posted last Monday, separately from the IMA-appraisal patches to facilitate review, but have not received any additional Acks, particularly from the fs side, which are needed for the patches to be upstreamed. Anybody on this list able to help get the needed review and Acks?

Additional info: Dave Safford's whitepaper overview of the proposed Linux integrity subsystem: http://downloads.sf.net/project/linux-ima/linux-ima/Integrity_overview.pdf.

EVM: git://git.kernel.org/pub/scm/linux/kernel/git/zohar/ima-2.6.36.git/#next-evm

IMA-appraisal (waiting for EVM to be upstreamed, before posting) git://git.kernel.org/pub/scm/linux/kernel/git/zohar/ima-2.6.36.git/#next-ima-appraisal

Digital signature extensions (Dmitry Kasatkin): http://meego.gitorious.org/meego-platform-security/ima-ksign

Digital signature utilities (Dmitry Kasatkin): http://meego.gitorious.org/meego-platform-security/evm-utils.

Other, including a sample dracut patch to enable EVM in the initramfs: http://linux-ima.sf.net

Thanks,

Mimi Zohar Dave Safford