IMA-templates.rst (c25141062a82ae8bddced1b3ce2b57a1c0efabe0) | IMA-templates.rst (86b4da8c0e7fcb6c217c604efcd9438ad55dd055) |
---|---|
1================================= 2IMA Template Management Mechanism 3================================= 4 5 6Introduction 7============ 8 --- 55 unchanged lines hidden (view full) --- 64 65 - 'd': the digest of the event (i.e. the digest of a measured file), 66 calculated with the SHA1 or MD5 hash algorithm; 67 - 'n': the name of the event (i.e. the file name), with size up to 255 bytes; 68 - 'd-ng': the digest of the event, calculated with an arbitrary hash 69 algorithm (field format: [<hash algo>:]digest, where the digest 70 prefix is shown only if the hash algorithm is not SHA1 or MD5); 71 - 'n-ng': the name of the event, without size limitations; | 1================================= 2IMA Template Management Mechanism 3================================= 4 5 6Introduction 7============ 8 --- 55 unchanged lines hidden (view full) --- 64 65 - 'd': the digest of the event (i.e. the digest of a measured file), 66 calculated with the SHA1 or MD5 hash algorithm; 67 - 'n': the name of the event (i.e. the file name), with size up to 255 bytes; 68 - 'd-ng': the digest of the event, calculated with an arbitrary hash 69 algorithm (field format: [<hash algo>:]digest, where the digest 70 prefix is shown only if the hash algorithm is not SHA1 or MD5); 71 - 'n-ng': the name of the event, without size limitations; |
72 - 'sig': the file signature. | 72 - 'sig': the file signature; 73 - 'buf': the buffer data that was used to generate the hash without size limitations; |
73 74 75Below, there is the list of defined template descriptors: 76 77 - "ima": its format is ``d|n``; 78 - "ima-ng" (default): its format is ``d-ng|n-ng``; | 74 75 76Below, there is the list of defined template descriptors: 77 78 - "ima": its format is ``d|n``; 79 - "ima-ng" (default): its format is ``d-ng|n-ng``; |
79 - "ima-sig": its format is ``d-ng|n-ng|sig``. | 80 - "ima-sig": its format is ``d-ng|n-ng|sig``; 81 - "ima-buf": its format is ``d-ng|n-ng|buf``; |
80 81 | 82 83 |
82 | |
83Use 84=== 85 86To specify the template descriptor to be used to generate measurement entries, 87currently the following methods are supported: 88 89 - select a template descriptor among those supported in the kernel 90 configuration (``ima-ng`` is the default choice); 91 - specify a template descriptor name from the kernel command line through 92 the ``ima_template=`` parameter; 93 - register a new template descriptor with custom format through the kernel 94 command line parameter ``ima_template_fmt=``. | 84Use 85=== 86 87To specify the template descriptor to be used to generate measurement entries, 88currently the following methods are supported: 89 90 - select a template descriptor among those supported in the kernel 91 configuration (``ima-ng`` is the default choice); 92 - specify a template descriptor name from the kernel command line through 93 the ``ima_template=`` parameter; 94 - register a new template descriptor with custom format through the kernel 95 command line parameter ``ima_template_fmt=``. |