scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-25 18:55:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
93b09e5a4df6f8c96e7fe331ea88e7807b83d065
OpenCellular/vkernel/include/kernel_image.h
Gaurav Shah 2480a18c45 Vboot Reference: Make kernel signing utility more flexible. 
The CL adds the --config and --vblock option to kernel_utility.

--config <file> uses the file to populate the configuration portion within a signed vbootimage

Currently, the configuration file is assumed to only contain command line options to be passed to the kernel. In the future, we might want to change it so that it contains information about the kernel load address, entry points, etc. (refer to rspangler@ drive map design doc)

--vblock makes the tool only output the verification header instead of a one monolithic signed kernel image containing the verification information (with config information contained within it) followed by the actual kernel image

Review URL: http://codereview.chromium.org/1752013
2010-04-26 11:41:53 -07:00

103 lines
3.3 KiB
C
Raw Blame History

/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* API definitions for a generating and manipulating verified boot kernel images.
* (Userland portion.)
*/
#ifndef VBOOT_REFERENCE_KERNEL_IMAGE_H_
#define VBOOT_REFERENCE_KERNEL_IMAGE_H_
#include "kernel_image_fw.h"
/* Allocate and return a new KernelImage structure. */
KernelImage* KernelImageNew(void);
/* Deep free the contents of [image]. */
void KernelImageFree(KernelImage* image);
/* Read kernel data from file named [input_file].
*
* Returns a filled up KernelImage on success, NULL on error.
*/
KernelImage* ReadKernelImage(const char* input_file);
/* Get the length of the header for kernel image [image]. */
int GetKernelHeaderLen(const KernelImage* image);
/* Calculate and store the kernel header checksum of [image]
* in [header_checksum].
*
* [header_checksum] must be a valid pointer to a buffer of
* SHA512_DIGEST_SIZE.
*/
void CalculateKernelHeaderChecksum(const KernelImage* image,
uint8_t* header_checksum);
/* Get kernel header binary blob from an [image].
*
* Caller owns the returned pointer and must Free() it.
*/
uint8_t* GetKernelHeaderBlob(const KernelImage* image);
/* Get kernel config binary blob from an [image].
*
* Caller owns the returned pointer and must Free() it.
*/
uint8_t* GetKernelConfigBlob(const KernelImage* image);
/* Get a verified kernel binary blob from an [image] and fill
* its length into blob_len.
*
* Caller owns the returned pointer and must Free() it.
*/
uint8_t* GetKernelBlob(const KernelImage* image, uint64_t* blob_len);
/* Write kernel data from [image] to a file named [input_file].
* If [is_only_vblock] is non-zero, only the verification block is output.
*
* Return 1 on success, 0 on error.
*/
int WriteKernelImage(const char* input_file,
const KernelImage* image,
int is_only_vblock);
/* Pretty print the contents of [image]. Only headers and metadata information
* is printed.
*/
void PrintKernelImage(const KernelImage* image);
/* Performs a chained verify of the kernel [image]. If [dev_mode] is
* 0 (inactive), then the [firmware_signing_key] is used to verify the signature
* of the signing key, else the check is skipped.
*
* Returns 0 on success, error code on failure.
*/
int VerifyKernelImage(const RSAPublicKey* firmware_signing_key,
const KernelImage* image,
int dev_mode);
/* Maps error codes from VerifyKernel*() to error description. */
const char* VerifyKernelErrorString(int error);
/* Add a kernel signing key signature to the key header to a kernel image
* [image] using the private key in file [firmware_key_file].
*
* Return 1 on success, 0 on failure.
*/
int AddKernelKeySignature(KernelImage* image, const char* firmware_key_file);
/* Add a kernel and kernel config signature to a kernel image [image]
* using the private signing key in file [kernel_sigining_key_file].
*
* Return 1 on success, 0 on failure.
*/
int AddKernelSignature(KernelImage* image,
const char* kernel_sigining_key_file);
void PrintKernelEntry(kernel_entry* entry);
#endif /* VBOOT_REFERENCE_KERNEL_IMAGE_H_ */
Reference in New Issue View Git Blame Copy Permalink