Linux Kernel Integrity

From Linux Kernel Security Subsystem
Revision as of 00:16, 31 October 2017 by PeterHuewe (talk | contribs) (Added a bunch of useful links to capture the current situation of TPM under Linux, maybe move to it's own page in the future.)
Jump to navigation Jump to search

linux-integrity@vger.kernel.org is the mailing list for TPM and IMA targeted patches and discussion.

For non-trivial patch sets, such as patch sets that touch multiple subsystems, it is recommended to CC the linux-security-module@vger.kernel.org mailing list for more broad screening.


TPM and IMA have have their own maintainers and GIT trees:

TPM 2.0

The TPM 2.0 infrastructure in and around linux is currently moving fast. Here is a link list which tries to capture the current situation.


Books & Links


Intel TSS Stack

The Intel TSS Stack, compliant with the TCG SAPI specifications consists of

Interesting Links can be found here:

Interesting Projects using Intel TSS Stack

Automated Full Disk De/Encryption with Clevis/Tang+TPM+Luks

StrongSwan VPN Server + IMA + TPMSupport (Remote Attestation)

Others:

IBM TSS Stack

The IBM Stack follows a more pragmatic approach - the code can be found at

including tools and everything.

James Bottomley has been actively developing against it

It comes with its own


IMA

See https://sourceforge.net/p/linux-ima/wiki/Home/ for details.