The invention belongs to the technical field of security enhancement of a computer operating system, and particularly relates to a Linux program runtime verification and control method and system based on a Merkle tree. According to the method, an IMA architecture and a Merkle hash tree method are used for reference, the program measurement opportunity is converted into real memory loading time and real running time from starting, and a program measurement object is converted into a segment of a program code segment from the program code segment. The Linux application program is generally divided into a plurality of segments by an operating system, and each segment is only loaded into the memory from the disk when being actually accessed, so that the method does not adopt a mode of verifying the whole executable program file by the IMA when the program is started, instead, the integrity of the segment is verified when the program segment is actually loaded, and the control processing is carried out. The invention provides a safe and reliable program runtime measurement and control mechanism for the computer equipment using the Linux operation system.