% ----------------------------
\subsection{Linux}

% ----------------------------
\begin{frame}[fragile]
\frametitle{Linux Integrity Targets}
\begin{itemize}
\item Kernel Parameters
 \begin{itemize}
 \item Append only
 \item Devicetree
 \end{itemize}
\item Signed Modules (enforced)
\item Filesystem Integrity
 \begin{itemize}
 \item IMA/EVM: Hash/Signature per File
 \item dm-verity: Hashtree per Block-Device
 \end{itemize}
\item Mandatory Access Control
 \begin{itemize}
 \item SELinux/SMACK
 \item Tomoyo/AppArmor
 \end{itemize}
\end{itemize}
\end{frame}