On Fri, 2024-02-23 at 12:25 -0500, Stefan Berger wrote: > To support "portable and immutable signatures" on otherwise unsupported > filesystems, determine the EVM signature type by the content of a file's > xattr. If the file has the appropriate signature type then allow it to be > copied up. All other signature types are discarded as before. > > "Portable and immutable" EVM signatures can be copied up by stacked file- > system since the metadata their signature covers does not include file- > system-specific data such as a file's inode number, generation, and UUID. > > Co-developed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx> > Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx> Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
