Linux Kernel Integrity

From Linux Kernel Security Subsystem
Revision as of 14:03, 15 March 2018 by Stefanb (talk | contribs) (IMA)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search is the mailing list for TPM and IMA targeted patches and discussion.

For non-trivial patch sets, such as patch sets that touch multiple subsystems, it is recommended to CC the mailing list for more broad screening.

TPM and IMA have have their own maintainers and GIT trees:

TPM 2.0

The TPM 2.0 infrastructure in and around linux is currently moving fast. Here is a link list which tries to capture the current situation.

Books & Links

Intel TSS Stack

The Intel TSS Stack, compliant with the TCG SAPI specifications consists of

Interesting Links can be found here:

Interesting Projects using Intel TSS Stack

Automated Full Disk De/Encryption with Clevis/Tang+TPM+Luks

StrongSwan VPN Server + IMA + TPMSupport (Remote Attestation)



The IBM Stack follows a more pragmatic approach - the code can be found at

including tools and everything.

James Bottomley has been actively developing against it

It comes with its own


See for details.

IMA namespacing: IMA Namespacing design considerations