New to this release is CI support for testing new kernel integrity
features not yet upstreamed and bugfixes, or functionality not enabled
by distros in a User Mode Linux (UML) environment. Testing in a UML
environment also allows saving CI build artifacts, such as private
keys, needed for creating and loading public keys onto the trusted
kernel keyrings. These public keys may be used for code - file data
and metadata - signature verification.
See the NEWS file for a short summary of changes and the git history
for details.
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Updated both the release and library (ABI change) versions. See the
NEWS file for a short summary and the git history for details.
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
Releasing v1.3.1 so quickly after v1.3 is to address a couple of distro
build issues. A few additional changes, that were not quite ready for
the 1.3 release, are included as well. Refer to "NEWS" for a summary of
these changes.
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
autoconfig requires the existence of a "NEWS" file. "git log" is a better
changelog, and "ChangeLog" is really condensed and suitable to be NEWS.
After renaming ChangeLog to NEWS, autoconfig complains about the missing
"ChangeLog" file.
Replacing the default automake GNU flavor with "foreign" removes the
requirement for defining the NEWS, COPYING, AUTHORS, ChangeLog, and
README files.
Reported-by: Petr Vorel <pvorel@suse.cz>
Suggested-by: Vitaly Chikunov <vt@altlinux.org>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
evmctl provides signing support for IMA/EVM.
Functionality includes signing of file content (IMA), file metadata (EVM),
importing public keys into kernel keyring.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
