Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / vboot_reference / 63ca39c4a92cff713a36ddd92fa42987c45dc421 / . / vkernel / include / kernel_image.h
blob: 5c14e45be156b26668e38189f0d13882669c36e5 [file] [log] [blame]
/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* API definitions for a generating and manipulating verified boot kernel images.
* (Userland portion.)
*/
#ifndef VBOOT_REFERENCE_KERNEL_IMAGE_H_
#define VBOOT_REFERENCE_KERNEL_IMAGE_H_
#include "kernel_image_fw.h"
/* Allocate and return a new KernelImage structure. */
KernelImage* KernelImageNew(void);
/* Deep free the contents of [image]. */
void KernelImageFree(KernelImage* image);
/* Read kernel data from file named [input_file].
*
* Returns a filled up KernelImage on success, NULL on error.
*/
KernelImage* ReadKernelImage(const char* input_file);
/* Get the length of the header for kernel image [image]. */
int GetKernelHeaderLen(const KernelImage* image);
/* Calculate and store the kernel header checksum of [image]
* in [header_checksum].
*
* [header_checksum] must be a valid pointer to a buffer of
* SHA512_DIGEST_SIZE.
*/
void CalculateKernelHeaderChecksum(const KernelImage* image,
uint8_t* header_checksum);
/* Get kernel header binary blob from an [image].
*
* Caller owns the returned pointer and must Free() it.
*/
uint8_t* GetKernelHeaderBlob(const KernelImage* image);
/* Get kernel config binary blob from an [image].
*
* Caller owns the returned pointer and must Free() it.
*/
uint8_t* GetKernelConfigBlob(const KernelImage* image);
/* Get a verified kernel binary blob from an [image] and fill
* its length into blob_len.
*
* Caller owns the returned pointer and must Free() it.
*/
uint8_t* GetKernelBlob(const KernelImage* image, uint64_t* blob_len);
/* Write kernel data from [image] to a file named [input_file].
*
* If [is_only_vblock] is non-zero, only the verification block (excluding the
* actual kernel data) is output.
* If [is_subkey_out] is non-zero, only the kernel key verification (subkey)
* header is output.
*
* Return 1 on success, 0 on error.
*/
int WriteKernelImage(const char* input_file,
const KernelImage* image,
int is_only_vblock,
int is_subkey_out);
/* Create a kernel_data blob from its components and fill
* its length into blob_len, plus some information about the bootloader.
*
* Caller owns the returned pointer and must Free() it.
*/
uint8_t* GenerateKernelBlob(const char* vmlinuz_file,
const char* config_file,
const char* bootloader_file,
uint64_t* blob_len,
uint64_t* bootloader_offset,
uint64_t* bootloader_size);
/* Pretty print the contents of [image]. Only headers and metadata information
* is printed.
*/
void PrintKernelImage(const KernelImage* image);
/* Performs a chained verify of the kernel [image]. If [dev_mode] is
* 0 (inactive), then the [firmware_signing_key] is used to verify the signature
* of the signing key, else the check is skipped.
*
* Returns 0 on success, error code on failure.
*/
int VerifyKernelImage(const RSAPublicKey* firmware_signing_key,
const KernelImage* image,
int dev_mode);
/* Maps error codes from VerifyKernel*() to error description. */
const char* VerifyKernelErrorString(int error);
/* Add a kernel signing key signature to the key header to a kernel image
* [image] using the private key in file [firmware_key_file].
*
* Return 1 on success, 0 on failure.
*/
int AddKernelKeySignature(KernelImage* image, const char* firmware_key_file);
/* Add a kernel and kernel config signature to a kernel image [image]
* using the private signing key in file [kernel_sigining_key_file].
*
* Return 1 on success, 0 on failure.
*/
int AddKernelSignature(KernelImage* image,
const char* kernel_sigining_key_file);
#endif /* VBOOT_REFERENCE_KERNEL_IMAGE_H_ */