Linux kernel integrity subsystem is comprised of a number of different
components including the Integrity Measurement Architecture (IMA),
Extended Verification Module (EVM), IMA-appraisal extension, digital
signature verification extension and audit measurement log support.

The evmctl utility is used for producing and verifying digital
signatures, which are used by the Linux kernel integrity subsystem. It
is also used for importing keys into the kernel keyring.

Linux integrity subsystem allows to use IMA and EVM signatures. EVM
signature protects file metadata, such as file attributes and extended
attributes. IMA signature protects file content.