evm: permit only valid security.evm xattrs to be updated

In addition to requiring CAP_SYS_ADMIN permission to modify/delete
security.evm, prohibit invalid security.evm xattrs from changing,
unless in fixmode. This patch prevents inadvertent 'fixing' of
security.evm to reflect offline modifications.

Changelog v7:
- rename boot paramater 'evm_mode' to 'evm'

Reported-by: Roberto Sassu <roberto.sassu@polito.it>
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>

1 files changed, 6 insertions, 0 deletions

diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index fd248a318211..db97ff1da8c0 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -48,6 +48,7 @@ parameter is applicable:
         EDD     BIOS Enhanced Disk Drive Services (EDD) is enabled
         EFI     EFI Partitioning (GPT) is enabled
         EIDE    EIDE/ATAPI support is enabled.
+        EVM     Extended Verification Module
         FB      The frame buffer device is enabled.
         GCOV    GCOV profiling is enabled.
         HW      Appropriate hardware is enabled.
@@ -750,6 +751,11 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
                         This option is obsoleted by the "netdev=" option, which
                         has equivalent usage. See its documentation for details.
 
+        evm=            [EVM]
+                        Format: { "fix" }
+                        Permit 'security.evm' to be updated regardless of
+                        current integrity status.
+
         failslab=
         fail_page_alloc=
         fail_make_request=[KNL]