cd /news/ai-safety/linux-7-2-ready-with-ima-and-evm-pos… · home topics ai-safety article
[ARTICLE · art-37556] src=phoronix.com ↗ pub= topic=ai-safety verified=true sentiment=↑ positive

Linux 7.2 Ready With IMA and EVM Post-Quantum ML-DSA Signature Support

Linux 7.2 kernel now supports post-quantum ML-DSA signatures for IMA and EVM, replacing RSA and ECC to protect against future quantum attacks. The update also introduces staged deletion of IMA measurement list records to address memory constraints on resource-limited systems.

read2 min views1 publishedJun 24, 2026
Linux 7.2 Ready With IMA and EVM Post-Quantum ML-DSA Signature Support
Image: Phoronix (auto-discovered)

The integrity subsystem changes merged last week for the Linux 7.2 kernel include support now for IMA and EVM post-quantum

Linux's Integrity Measurement Architecture (IMA) and Extended Verification Module (EVM) for verifying file and system integrity now is able to validate using post-quantum ML-DSA signatures for better security. ML-DSA is a modern replacement to the likes of RSA and ECC. This addition allows for more future-proof integrity of Linux systems around signatures, kernel modules, and certificates for file verification being safe against quantum attacks of the future.

The integrity pull for Linux 7.2 also introduces support to be able to remove IMA measurement list records stored in kernel memory. Due to the measurement list growing linearly and to now always keeping it in kernel memory, it's becoming an issue for resource-constrained systems. With Linux 7.2 it's possible to stage to now provide staged deletion with confirmation and staged deletion of N number of records without needing confirmation.

More details on these integrity improvements in Linux 7.2 for those interested via

ML-DSAsignature support.Linux's Integrity Measurement Architecture (IMA) and Extended Verification Module (EVM) for verifying file and system integrity now is able to validate using post-quantum ML-DSA signatures for better security. ML-DSA is a modern replacement to the likes of RSA and ECC. This addition allows for more future-proof integrity of Linux systems around signatures, kernel modules, and certificates for file verification being safe against quantum attacks of the future.

The integrity pull for Linux 7.2 also introduces support to be able to remove IMA measurement list records stored in kernel memory. Due to the measurement list growing linearly and to now always keeping it in kernel memory, it's becoming an issue for resource-constrained systems. With Linux 7.2 it's possible to stage to now provide staged deletion with confirmation and staged deletion of N number of records without needing confirmation.

More details on these integrity improvements in Linux 7.2 for those interested via

source & further reading
phoronix.com — original article EROFS With Linux 7.2 Better Handles Large Sparse AI Datasets, More Efficient I/O Fwupd 2.0.21 Brings Fixes For More Than 250 Potential Security Issues Found Via AI Intel Optimization Zone 1.1 Lays Out Tuning Recommendations For More Workloads
── more in #ai-safety 4 stories · sorted by recency
── more on @linux 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/linux-7-2-ready-with…] indexed:0 read:2min 2026-06-24 ·