Hello,
I am currently working on an embedded Linux project (built with Yocto) where we
need to implement a read-only rootfs with an overlay, strictly secured by
IMA/EVM signatures.
While researching the compatibility between IMA and AUFS, I discovered some
issues regarding the correctness of file signatures through the layers (e.g.,
IMA appraisal failing or kernel warning messages).
My question is regarding the current state of this issue in modern releases
(aufs5.x): Is there any recommended workaround, specific configuration, or patch
path today that allows IMA to properly measure and appraise files through an
AUFS mount?
Thank you very much for your time and for your long-standing work and dedication
to AUFS.
Best regards,
Rodolfo Giometti
--
GNU/Linux Solutions e-mail: [email protected]
Linux Device Driver [email protected]
Embedded Systems phone: +39 349 2432127
UNIX programming
