Digital signature verification using multiple keyrings

configname: CONFIG_INTEGRITY_SIGNATURE

Linux Kernel Configuration
└─>Security options
└─>Digital signature verification using multiple keyrings
In linux kernel since version 3.1 (release Date: 2011-10-24)  
This option enables digital signature verification support
using multiple keyrings. It defines separate keyrings for each
of the different use cases - evm, ima, and modules.
Different keyrings improves search performance, but also allow
to "lock" certain keyring to prevent adding new keys.
This is useful for evm and module keyrings, when keys are
usually only added from initramfs.