IMA-templates.rst (c25141062a82ae8bddced1b3ce2b57a1c0efabe0) IMA-templates.rst (86b4da8c0e7fcb6c217c604efcd9438ad55dd055)
1=================================
2IMA Template Management Mechanism
3=================================
4
5
6Introduction
7============
8

--- 55 unchanged lines hidden (view full) ---

64
65 - 'd': the digest of the event (i.e. the digest of a measured file),
66 calculated with the SHA1 or MD5 hash algorithm;
67 - 'n': the name of the event (i.e. the file name), with size up to 255 bytes;
68 - 'd-ng': the digest of the event, calculated with an arbitrary hash
69 algorithm (field format: [<hash algo>:]digest, where the digest
70 prefix is shown only if the hash algorithm is not SHA1 or MD5);
71 - 'n-ng': the name of the event, without size limitations;
1=================================
2IMA Template Management Mechanism
3=================================
4
5
6Introduction
7============
8

--- 55 unchanged lines hidden (view full) ---

64
65 - 'd': the digest of the event (i.e. the digest of a measured file),
66 calculated with the SHA1 or MD5 hash algorithm;
67 - 'n': the name of the event (i.e. the file name), with size up to 255 bytes;
68 - 'd-ng': the digest of the event, calculated with an arbitrary hash
69 algorithm (field format: [<hash algo>:]digest, where the digest
70 prefix is shown only if the hash algorithm is not SHA1 or MD5);
71 - 'n-ng': the name of the event, without size limitations;
72 - 'sig': the file signature.
72 - 'sig': the file signature;
73 - 'buf': the buffer data that was used to generate the hash without size limitations;
73
74
75Below, there is the list of defined template descriptors:
76
77 - "ima": its format is ``d|n``;
78 - "ima-ng" (default): its format is ``d-ng|n-ng``;
74
75
76Below, there is the list of defined template descriptors:
77
78 - "ima": its format is ``d|n``;
79 - "ima-ng" (default): its format is ``d-ng|n-ng``;
79 - "ima-sig": its format is ``d-ng|n-ng|sig``.
80 - "ima-sig": its format is ``d-ng|n-ng|sig``;
81 - "ima-buf": its format is ``d-ng|n-ng|buf``;
80
81
82
83
82
83Use
84===
85
86To specify the template descriptor to be used to generate measurement entries,
87currently the following methods are supported:
88
89 - select a template descriptor among those supported in the kernel
90 configuration (``ima-ng`` is the default choice);
91 - specify a template descriptor name from the kernel command line through
92 the ``ima_template=`` parameter;
93 - register a new template descriptor with custom format through the kernel
94 command line parameter ``ima_template_fmt=``.
84Use
85===
86
87To specify the template descriptor to be used to generate measurement entries,
88currently the following methods are supported:
89
90 - select a template descriptor among those supported in the kernel
91 configuration (``ima-ng`` is the default choice);
92 - specify a template descriptor name from the kernel command line through
93 the ``ima_template=`` parameter;
94 - register a new template descriptor with custom format through the kernel
95 command line parameter ``ima_template_fmt=``.