Executable images. More...

#include <ipxe/tables.h>
#include <ipxe/list.h>
#include <ipxe/refcnt.h>

Data Structures
struct	image
	An executable image. More...

struct	image_type
	An executable image type. More...

struct	image_tag
	An image tag. More...

Macros
#define	IMAGE_REGISTERED 0x0001
	Image is registered. More...

#define	IMAGE_TRUSTED 0x0002
	Image is trusted. More...

#define	IMAGE_AUTO_UNREGISTER 0x0004
	Image will be automatically unregistered after execution. More...

#define	IMAGE_HIDDEN 0x0008
	Image will be hidden from enumeration. More...

#define	IMAGE_STATIC 0x0010
	Image is statically allocated. More...

#define	IMAGE_STATIC_NAME 0x0020
	Image name is statically allocated. More...

#define	PROBE_MULTIBOOT 01
	Multiboot image probe priority. More...

#define	PROBE_NORMAL 02
	Normal image probe priority. More...

#define	PROBE_PXE 03
	PXE image probe priority. More...

#define	IMAGE_TYPES __table ( struct image_type, "image_types" )
	Executable image type table. More...

#define	__image_type(probe_order) __table_entry ( IMAGE_TYPES, probe_order )
	An executable image type. More...

#define	IMAGE_TAGS __table ( struct image_tag, "image_tags" )
	Image tag table. More...

#define	__image_tag __table_entry ( IMAGE_TAGS, 01 )
	An image tag. More...

#define	for_each_image(image) list_for_each_entry ( (image), &images, list )
	Iterate over all registered images. More...

#define	for_each_image_safe(image, tmp) list_for_each_entry_safe ( (image), (tmp), &images, list )
	Iterate over all registered images, safe against deletion. More...

Functions
	FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)

	FILE_SECBOOT (PERMITTED)

static struct image *	first_image (void)
	Retrieve first image. More...

void	free_image (struct refcnt *refcnt)
	Free executable image. More...

struct image *	alloc_image (struct uri *uri)
	Allocate executable image. More...

int	image_set_uri (struct image image, struct uri uri)
	Set image URI. More...

int	image_set_name (struct image image, const char name)
	Set image name. More...

char *	image_strip_suffix (struct image *image)
	Strip dot suffix from image name, if present. More...

int	image_set_cmdline (struct image image, const char cmdline)
	Set image command line. More...

int	image_set_len (struct image *image, size_t len)
	Set image length. More...

int	image_set_data (struct image image, const void data, size_t len)
	Set image data. More...

int	register_image (struct image *image)
	Register executable image. More...

void	unregister_image (struct image *image)
	Unregister executable image. More...

struct image *	find_image (const char *name)
	Find image by name. More...

struct image *	find_image_tag (struct image_tag *tag)
	Find image by tag. More...

int	image_exec (struct image *image)
	Execute image. More...

int	image_replace (struct image *replacement)
	Set replacement image. More...

int	image_select (struct image *image)
	Select image for execution. More...

int	image_set_trust (int require_trusted, int permanent)
	Change image trust requirement. More...

struct image *	image_memory (const char name, const void data, size_t len)
	Create registered image from block of memory. More...

const char *	image_argument (struct image image, const char key)
	Find argument within image command line. More...

int	image_pixbuf (struct image image, struct pixel_buffer *pixbuf)
	Create pixel buffer from image. More...

int	image_asn1 (struct image image, size_t offset, struct asn1_cursor *cursor)
	Extract ASN.1 object from image. More...

int	image_extract (struct image image, const char name, struct image **extracted)
	Extract archive image. More...

int	image_extract_exec (struct image *image)
	Extract and execute image. More...

static struct image *	image_get (struct image *image)
	Increment reference count on an image. More...

static void	image_put (struct image *image)
	Decrement reference count on an image. More...

static void	image_clear_cmdline (struct image *image)
	Clear image command line. More...

static void	image_trust (struct image *image)
	Set image as trusted. More...

static void	image_untrust (struct image *image)
	Set image as untrusted. More...

static void	image_hide (struct image *image)
	Mark image as hidden. More...

static struct image *	image_tag (struct image image, struct image_tag tag)
	Tag image. More...

Variables
struct image	__attribute__

struct list_head	images
	List of registered images. More...

struct image_tag	current_image

struct image_tag	selected_image

Detailed Description

Executable images.

Definition in file image.h.

Macro Definition Documentation

◆ IMAGE_REGISTERED

#define IMAGE_REGISTERED 0x0001

Image is registered.

Definition at line 77 of file image.h.

◆ IMAGE_TRUSTED

#define IMAGE_TRUSTED 0x0002

Image is trusted.

Definition at line 80 of file image.h.

◆ IMAGE_AUTO_UNREGISTER

#define IMAGE_AUTO_UNREGISTER 0x0004

Image will be automatically unregistered after execution.

Definition at line 83 of file image.h.

◆ IMAGE_HIDDEN

#define IMAGE_HIDDEN 0x0008

Image will be hidden from enumeration.

Definition at line 86 of file image.h.

◆ IMAGE_STATIC

#define IMAGE_STATIC 0x0010

Image is statically allocated.

Definition at line 89 of file image.h.

◆ IMAGE_STATIC_NAME

#define IMAGE_STATIC_NAME 0x0020

Image name is statically allocated.

Definition at line 92 of file image.h.

◆ PROBE_MULTIBOOT

#define PROBE_MULTIBOOT 01

Multiboot image probe priority.

Multiboot images are also valid executables in another format (e.g. ELF), so we must perform the multiboot probe first.

Definition at line 151 of file image.h.

◆ PROBE_NORMAL

#define PROBE_NORMAL 02

Normal image probe priority.

Definition at line 156 of file image.h.

◆ PROBE_PXE

#define PROBE_PXE 03

PXE image probe priority.

PXE images have no signature checks, so will claim all image files. They must therefore be tried last in the probe order list.

Definition at line 164 of file image.h.

◆ IMAGE_TYPES

#define IMAGE_TYPES __table ( struct image_type, "image_types" )

Executable image type table.

Definition at line 167 of file image.h.

◆ __image_type

#define __image_type ( probe_order ) __table_entry ( IMAGE_TYPES, probe_order )

An executable image type.

Definition at line 170 of file image.h.

◆ IMAGE_TAGS

#define IMAGE_TAGS __table ( struct image_tag, "image_tags" )

Image tag table.

Definition at line 181 of file image.h.

◆ __image_tag

struct image_tag current_image __image_tag __table_entry ( IMAGE_TAGS, 01 )

An image tag.

Currently-executing image.

Definition at line 184 of file image.h.

◆ for_each_image

#define for_each_image ( image ) list_for_each_entry ( (image), &images, list )

Iterate over all registered images.

Definition at line 191 of file image.h.

◆ for_each_image_safe

#define for_each_image_safe	(	image,
		tmp
	)	list_for_each_entry_safe ( (image), (tmp), &images, list )

Iterate over all registered images, safe against deletion.

Definition at line 195 of file image.h.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )

◆ FILE_SECBOOT()

FILE_SECBOOT ( PERMITTED )

◆ first_image()

static struct image* first_image ( void )

inlinestatic

Retrieve first image.

Return values

image Image, or NULL

Definition at line 203 of file image.h.

                                                   {
         return list_first_entry ( &images, struct image, list );
 }

References images, image::list, and list_first_entry.

Referenced by ipxe().

◆ free_image()

void free_image ( struct refcnt * refcnt )

Free executable image.

Parameters

refcnt Reference counter

Image consumers must call image_put() rather than calling free_image() directly. This function is exposed for use only by static images.

Definition at line 86 of file image.c.

                                           {
         struct image *image = container_of ( refcnt, struct image, refcnt );
         struct image_tag *tag;
 
         /* Sanity check: free_image() should not be called directly on
          * dynamically allocated images.
          */
         assert ( refcnt->count < 0 );
         DBGC ( image, "IMAGE %s freed\n", image->name );
 
         /* Clear any tag weak references */
         for_each_table_entry ( tag, IMAGE_TAGS ) {
                 if ( tag->image == image )
                         tag->image = NULL;
         }
 
         /* Free dynamic allocations used by both static and dynamic images */
         free ( image->cmdline );
         uri_put ( image->uri );
         image_put ( image->replacement );
 
         /* Free image name, if dynamically allocated */
         if ( ! ( image->flags & IMAGE_STATIC_NAME ) )
                 free ( image->name );
 
         /* Free image data and image itself, if dynamically allocated */
         if ( ! ( image->flags & IMAGE_STATIC ) ) {
                 ufree ( image->rwdata );
                 free ( image );
         }
 }

References assert(), image::cmdline, container_of, refcnt::count, DBGC, image::flags, for_each_table_entry, free, image_put(), IMAGE_STATIC, IMAGE_STATIC_NAME, IMAGE_TAGS, image::name, NULL, image::replacement, image::rwdata, tag, ufree(), image::uri, and uri_put().

Referenced by alloc_image(), cmdline_image_free(), efi_cmdline_free(), and lkrn_exec().

◆ alloc_image()

struct image* alloc_image ( struct uri * uri )

Allocate executable image.

Parameters

uri	URI, or NULL

Return values

image Executable image

Definition at line 124 of file image.c.

                                                {
         struct image *image;
         int rc;
 
         /* Allocate image */
         image = zalloc ( sizeof ( *image ) );
         if ( ! image )
                 goto err_alloc;
 
         /* Initialise image */
         ref_init ( &image->refcnt, free_image );
         if ( uri && ( ( rc = image_set_uri ( image, uri ) ) != 0 ) )
                 goto err_set_uri;
 
         return image;
 
  err_set_uri:
         image_put ( image );
  err_alloc:
         return NULL;
 }

References free_image(), image_put(), image_set_uri(), NULL, rc, ref_init, image::refcnt, and zalloc().

Referenced by cpio_okx(), image_extract(), image_memory(), and imgdownload().

◆ image_set_uri()

int image_set_uri	(	struct image *	image,
		struct uri *	uri
	)

Set image URI.

Parameters

image	Image
uri	New image URI

Return values

rc	Return status code

Definition at line 153 of file image.c.

                                                            {
         const char *name;
         int rc;
 
         /* Set name, if image does not already have one */
         if ( ! ( image->name && image->name[0] ) ) {
                 name = ( uri->path ? uri->path : uri->opaque );
                 if ( name ) {
                         name = basename ( ( char * ) name );
                         if ( ( rc = image_set_name ( image, name ) ) != 0 )
                                 return rc;
                 }
         }
 
         /* Update image URI */
         uri_put ( image->uri );
         image->uri = uri_get ( uri );
 
         return 0;
 }

References basename(), image_set_name(), image::name, name, uri::opaque, uri::path, rc, image::uri, uri_get(), and uri_put().

Referenced by alloc_image(), and downloader_vredirect().

◆ image_set_name()

int image_set_name	(	struct image *	image,
		const char *	name
	)

Set image name.

Parameters

image	Image
name	New image name

Return values

rc	Return status code

Definition at line 181 of file image.c.

                                                              {
         char *name_copy;
 
         /* Duplicate name */
         name_copy = strdup ( name );
         if ( ! name_copy )
                 return -ENOMEM;
 
         /* Free existing name, if not statically allocated */
         if ( ! ( image->flags & IMAGE_STATIC_NAME ) )
                 free ( image->name );
 
         /* Replace existing name */
         image->name = name_copy;
         image->flags &= ~IMAGE_STATIC_NAME;
 
         return 0;
 }

References ENOMEM, image::flags, free, IMAGE_STATIC_NAME, image::name, name, and strdup().

Referenced by cms_decrypt(), cpio_okx(), image_extract(), image_memory(), image_set_uri(), imgsingle_exec(), and register_image().

◆ image_strip_suffix()

char* image_strip_suffix ( struct image * image )

Strip dot suffix from image name, if present.

Parameters

image Image

Return values

sep	Position of old dot separator, or NULL

Definition at line 206 of file image.c.

                                                   {
         char *dot;
 
         /* Locate and strip suffix, if present */
         if ( image->name &&
              ( ( dot = strrchr ( image->name, '.' ) ) != NULL ) ) {
                 *dot = '\0';
                 return dot;
         }
 
         return NULL;
 }

References image::name, NULL, and strrchr().

Referenced by cms_decrypt(), and image_extract().

◆ image_set_cmdline()

int image_set_cmdline	(	struct image *	image,
		const char *	cmdline
	)

Set image command line.

Parameters

image	Image
cmdline	New image command line, or NULL

Return values

rc	Return status code

Definition at line 226 of file image.c.

                                                                    {
 
         free ( image->cmdline );
         image->cmdline = NULL;
         if ( cmdline ) {
                 image->cmdline = strdup ( cmdline );
                 if ( ! image->cmdline )
                         return -ENOMEM;
         }
         return 0;
 }

References cmdline, image::cmdline, ENOMEM, free, NULL, and strdup().

Referenced by cpio_okx(), image_clear_cmdline(), image_extract_exec(), and imgsingle_exec().

◆ image_set_len()

int image_set_len	(	struct image *	image,
		size_t	len
	)

Set image length.

Parameters

image	Image
len	Length of image data

Return values

rc	Return status code

Definition at line 245 of file image.c.

                                                       {
         void *new;
 
         /* Refuse to reallocate static images */
         if ( image->flags & IMAGE_STATIC )
                 return -ENOTTY;
 
         /* (Re)allocate image data */
         new = urealloc ( image->rwdata, len );
         if ( ! new )
                 return -ENOMEM;
         image->rwdata = new;
         image->len = len;
 
         return 0;
 }

References ENOMEM, ENOTTY, image::flags, IMAGE_STATIC, image::len, len, image::rwdata, and urealloc().

Referenced by cpio_okx(), gzip_extract(), image_set_data(), and zlib_deflate().

◆ image_set_data()

int image_set_data	(	struct image *	image,
		const void *	data,
		size_t	len
	)

Set image data.

Parameters

image	Image
data	Image data
len	Length of image data

Return values

rc	Return status code

Definition at line 270 of file image.c.

                                                                          {
         int rc;
 
         /* Set image length */
         if ( ( rc = image_set_len ( image, len ) ) != 0 )
                 return rc;
 
         /* Copy in new image data */
         memcpy ( image->rwdata, data, len );
 
         return 0;
 }

References data, image_set_len(), len, memcpy(), rc, and image::rwdata.

Referenced by image_memory(), and zimg_extract().

◆ register_image()

int register_image ( struct image * image )

Register executable image.

Parameters

image Executable image

Return values

rc	Return status code

Definition at line 315 of file image.c.

                                            {
         static unsigned int imgindex = 0;
         char name[8]; /* "imgXXXX" */
         int rc;
 
         /* Sanity checks */
         if ( image->flags & IMAGE_STATIC ) {
                 assert ( ( image->name == NULL ) ||
                          ( image->flags & IMAGE_STATIC_NAME ) );
                 assert ( image->cmdline == NULL );
         }
 
         /* Create image name if it doesn't already have one */
         if ( ! image->name ) {
                 snprintf ( name, sizeof ( name ), "img%d", imgindex++ );
                 if ( ( rc = image_set_name ( image, name ) ) != 0 )
                         return rc;
         }
 
         /* Add to image list */
         image_get ( image );
         image->flags |= IMAGE_REGISTERED;
         list_add_tail ( &image->list, &images );
         DBGC ( image, "IMAGE %s at [%lx,%lx) registered\n",
                image->name, virt_to_phys ( image->data ),
                ( virt_to_phys ( image->data ) + image->len ) );
 
         /* Try to detect image type, if applicable.  Ignore failures,
          * since we expect to handle some unrecognised images
          * (e.g. kernel initrds, multiboot modules, random files
          * provided via our EFI virtual filesystem, etc).
          */
         if ( ! image->type )
                 image_probe ( image );
 
         return 0;
 }

References assert(), image::cmdline, image::data, DBGC, image::flags, image_get(), image_probe(), IMAGE_REGISTERED, image_set_name(), IMAGE_STATIC, IMAGE_STATIC_NAME, images, image::len, image::list, list_add_tail, image::name, name, NULL, rc, snprintf(), and image::type.

Referenced by asn1_okx(), cmdline_init(), cms_decrypt(), efi_cmdline_init(), efi_image_exec(), embedded_init(), image_exec(), image_extract(), image_memory(), imgdownload(), pixbuf_okx(), and test_init().

◆ unregister_image()

void unregister_image ( struct image * image )

Unregister executable image.

Parameters

image Executable image

Definition at line 358 of file image.c.

                                               {
 
         /* Do nothing unless image is registered */
         if ( ! ( image->flags & IMAGE_REGISTERED ) )
                 return;
 
         DBGC ( image, "IMAGE %s unregistered\n", image->name );
         list_del ( &image->list );
         image->flags &= ~IMAGE_REGISTERED;
         image_put ( image );
 }

References DBGC, image::flags, image_put(), IMAGE_REGISTERED, image::list, list_del, and image::name.

Referenced by asn1_okx(), bzimage_exec(), cert_exec(), cms_decrypt(), com32_exec_loop(), comboot_exec_loop(), console_exec(), efi_autoexec_load(), efi_image_exec(), fdt_test_exec(), gzip_okx(), image_exec(), image_extract(), image_extract_exec(), imgdecrypt_exec(), imgextract_exec(), imgfree_exec(), imgverify_exec(), pixbuf_okx(), and zlib_okx().

◆ find_image()

struct image* find_image ( const char * name )

Find image by name.

Parameters

name	Image name

Return values

image Executable image, or NULL

Definition at line 376 of file image.c.

                                                {
         struct image *image;
 
         for_each_image ( image ) {
                 if ( strcmp ( image->name, name ) == 0 )
                         return image;
         }
 
         return NULL;
 }

References for_each_image, image::name, name, NULL, and strcmp().

Referenced by imgacquire(), and imgmulti_exec().

◆ find_image_tag()

struct image* find_image_tag ( struct image_tag * tag )

Find image by tag.

Parameters

tag Image tag

Return values

image Executable image, or NULL

Definition at line 393 of file image.c.

                                                         {
         struct image *image;
 
         for_each_image ( image ) {
                 if ( tag->image == image )
                         return image;
         }
 
         return NULL;
 }

References for_each_image, NULL, and tag.

Referenced by efi_file_open(), efi_image_exec(), fdt_create(), imgsingle_exec(), and shim_exec().

◆ image_exec()

int image_exec ( struct image * image )

Execute image.

Parameters

image Executable image

Return values

rc	Return status code

The image must already be registered. Note that executing an image may cause it to unregister itself. The caller must therefore assume that the image pointer becomes invalid.

Definition at line 414 of file image.c.

                                        {
         struct image *saved_current_image;
         struct image *replacement = NULL;
         struct uri *old_cwuri;
         int rc;
 
         /* Sanity check */
         assert ( image->flags & IMAGE_REGISTERED );
 
         /* Switch current working directory to be that of the image
          * itself, if applicable
          */
         old_cwuri = uri_get ( cwuri );
         if ( image->uri )
                 churi ( image->uri );
 
         /* Set as currently running image */
         saved_current_image = image_tag ( image, &current_image );
 
         /* Take out a temporary reference to the image, so that it
          * does not get freed when temporarily unregistered.
          */
         image_get ( image );
 
         /* Check that this image can be executed */
         if ( ! ( image->type && image->type->exec ) ) {
                 rc = -ENOEXEC;
                 goto err;
         }
 
         /* Check that image is trusted (if applicable) */
         if ( require_trusted_images && ! ( image->flags & IMAGE_TRUSTED ) ) {
                 DBGC ( image, "IMAGE %s is not trusted\n", image->name );
                 rc = -EACCES_UNTRUSTED;
                 goto err;
         }
 
         /* Record boot attempt */
         syslog ( LOG_NOTICE, "Executing \"%s\"\n", image->name );
 
         /* Temporarily unregister the image during its execution */
         unregister_image ( image );
 
         /* Try executing the image */
         if ( ( rc = image->type->exec ( image ) ) != 0 ) {
                 DBGC ( image, "IMAGE %s could not execute: %s\n",
                        image->name, strerror ( rc ) );
                 /* Do not return yet; we still have clean-up to do */
         }
 
         /* Record result of boot attempt */
         if ( rc == 0 ) {
                 syslog ( LOG_NOTICE, "Execution of \"%s\" completed\n",
                          image->name );
         } else {
                 syslog ( LOG_ERR, "Execution of \"%s\" failed: %s\n",
                          image->name, strerror ( rc ) );
         }
 
         /* Re-register image (unless due to be replaced) */
         if ( ! image->replacement )
                 register_image ( image );
 
         /* Pick up replacement image before we drop the original
          * image's temporary reference.  The replacement image must
          * already be registered, so we don't need to hold a temporary
          * reference (which would complicate the tail-recursion).
          */
         replacement = image->replacement;
         if ( replacement )
                 assert ( replacement->flags & IMAGE_REGISTERED );
 
         /* Clear any recorded replacement image */
         image_put ( image->replacement );
         image->replacement = NULL;
 
  err:
         /* Unregister image if applicable */
         if ( image->flags & IMAGE_AUTO_UNREGISTER )
                 unregister_image ( image );
 
         /* Debug message for tail-recursion.  Placed here because the
          * image_put() may end up freeing the image.
          */
         if ( replacement ) {
                 DBGC ( image, "IMAGE %s replacing self with IMAGE %s\n",
                        image->name, replacement->name );
         }
 
         /* Drop temporary reference to the original image */
         image_put ( image );
 
         /* Restore previous currently-running image */
         image_tag ( saved_current_image, &current_image );
 
         /* Reset current working directory */
         churi ( old_cwuri );
         uri_put ( old_cwuri );
 
         /* Tail-recurse into replacement image, if one exists */
         if ( replacement )
                 return image_exec ( replacement );
 
         return rc;
 }

References assert(), churi(), current_image, cwuri, DBGC, EACCES_UNTRUSTED, ENOEXEC, image_type::exec, image::flags, IMAGE_AUTO_UNREGISTER, image_exec(), image_get(), image_put(), IMAGE_REGISTERED, image_tag(), IMAGE_TRUSTED, LOG_ERR, LOG_NOTICE, image::name, NULL, rc, register_image(), replacement, image::replacement, require_trusted_images, strerror(), syslog, image::type, unregister_image(), image::uri, uri_get(), and uri_put().

Referenced by image_exec(), imgexec(), ipxe(), and uriboot().

◆ image_replace()

int image_replace ( struct image * replacement )

Set replacement image.

Parameters

replacement Replacement image

Return values

rc	Return status code

The replacement image must already be registered, and must remain registered until the currently-executing image returns.

Definition at line 529 of file image.c.

                                                 {
         struct image *image = current_image.image;
         int rc;
 
         /* Sanity check */
         assert ( replacement->flags & IMAGE_REGISTERED );
 
         /* Fail unless there is a currently-executing image */
         if ( ! image ) {
                 rc = -ENOTTY;
                 DBGC ( replacement, "IMAGE %s cannot replace non-existent "
                        "image: %s\n", replacement->name, strerror ( rc ) );
                 return rc;
         }
 
         /* Check that the replacement image can be executed */
         if ( ! ( replacement->type && replacement->type->exec ) )
                 return -ENOEXEC;
 
         /* Clear any existing replacement */
         image_put ( image->replacement );
 
         /* Set replacement */
         image->replacement = image_get ( replacement );
         DBGC ( image, "IMAGE %s will replace self with IMAGE %s\n",
                image->name, replacement->name );
 
         return 0;
 }

References assert(), current_image, DBGC, ENOEXEC, ENOTTY, image_tag::image, image_get(), image_put(), IMAGE_REGISTERED, image::name, rc, replacement, image::replacement, and strerror().

Referenced by comboot_fetch_kernel(), image_extract_exec(), and imgexec().

◆ image_select()

int image_select ( struct image * image )

Select image for execution.

Parameters

image Executable image

Return values

rc	Return status code

Definition at line 565 of file image.c.

                                          {
 
         /* Check that this image can be executed */
         if ( ! ( image->type && image->type->exec ) )
                 return -ENOEXEC;
 
         /* Mark image as selected */
         image_tag ( image, &selected_image );
 
         return 0;
 }

References ENOEXEC, image_type::exec, image_tag(), selected_image, and image::type.

Referenced by embedded_init(), and imgselect().

◆ image_set_trust()

int image_set_trust	(	int	require_trusted,
		int	permanent
	)

Change image trust requirement.

Parameters

require_trusted	Require trusted images
permanent	Make trust requirement permanent

Return values

rc	Return status code

Definition at line 584 of file image.c.

                                                            {
 
         /* Update trust requirement, if permitted to do so */
         if ( ! require_trusted_images_permanent ) {
                 require_trusted_images = require_trusted;
                 require_trusted_images_permanent = permanent;
         }
 
         /* Fail if we attempted to change the trust requirement but
          * were not permitted to do so.
          */
         if ( require_trusted_images != require_trusted )
                 return -EACCES_PERMANENT;
 
         return 0;
 }

References EACCES_PERMANENT, require_trusted_images, and require_trusted_images_permanent.

Referenced by imgtrust_exec().

◆ image_memory()

struct image* image_memory	(	const char *	name,
		const void *	data,
		size_t	len
	)

Create registered image from block of memory.

Parameters

name	Name
data	Image data
len	Length

Return values

image Image, or NULL on error

Definition at line 609 of file image.c.

                                            {
         struct image *image;
         int rc;
 
         /* Allocate image */
         image = alloc_image ( NULL );
         if ( ! image ) {
                 rc = -ENOMEM;
                 goto err_alloc_image;
         }
 
         /* Set name */
         if ( ( rc = image_set_name ( image, name ) ) != 0 )
                 goto err_set_name;
 
         /* Set data */
         if ( ( rc = image_set_data ( image, data, len ) ) != 0 )
                 goto err_set_data;
 
         /* Register image */
         if ( ( rc = register_image ( image ) ) != 0 )
                 goto err_register;
 
         /* Drop local reference to image */
         image_put ( image );
 
         return image;
 
  err_register:
  err_set_data:
  err_set_name:
         image_put ( image );
  err_alloc_image:
         return NULL;
 }

References alloc_image(), data, ENOMEM, image_put(), image_set_data(), image_set_name(), len, name, NULL, rc, and register_image().

Referenced by fdt_test_exec(), gzip_okx(), imgmem(), initrd_init(), and zlib_okx().

◆ image_argument()

const char* image_argument	(	struct image *	image,
		const char *	key
	)

Find argument within image command line.

Parameters

image	Image
key	Argument search key (including trailing delimiter)

Return values

value Argument value, or NULL if not found

Definition at line 653 of file image.c.

                                                                      {
         const char *cmdline = image->cmdline;
         const char *search;
         const char *match;
         const char *next;
 
         /* Find argument */
         for ( search = cmdline ; search ; search = next ) {
 
                 /* Find next occurrence, if any */
                 match = strstr ( search, key );
                 if ( ! match )
                         break;
                 next = ( match + strlen ( key ) );
 
                 /* Check preceding delimiter, if any */
                 if ( ( match == cmdline ) || isspace ( match[-1] ) )
                         return next;
         }
 
         return NULL;
 }

References cmdline, image::cmdline, isspace(), key, next, NULL, strlen(), and strstr().

Referenced by bzimage_parse_cmdline(), and cpio_parse_cmdline().

◆ image_pixbuf()

int image_pixbuf	(	struct image *	image,
		struct pixel_buffer **	pixbuf
	)

Create pixel buffer from image.

Parameters

image	Image
pixbuf	Pixel buffer to fill in

Return values

rc	Return status code

Definition at line 100 of file pixbuf.c.

                                                                        {
         int rc;
 
         /* Check that this image can be used to create a pixel buffer */
         if ( ! ( image->type && image->type->pixbuf ) )
                 return -ENOTSUP;
 
         /* Try creating pixel buffer */
         if ( ( rc = image->type->pixbuf ( image, pixbuf ) ) != 0 ) {
                 DBGC ( image, "IMAGE %s could not create pixel buffer: %s\n",
                        image->name, strerror ( rc ) );
                 return rc;
         }
 
         return 0;
 }

References DBGC, ENOTSUP, image::name, image_type::pixbuf, rc, strerror(), and image::type.

Referenced by console_exec(), and pixbuf_okx().

◆ image_asn1()

int image_asn1	(	struct image *	image,
		size_t	offset,
		struct asn1_cursor **	cursor
	)

Extract ASN.1 object from image.

Parameters

image	Image
offset	Offset within image
cursor	ASN.1 cursor to fill in

Return values

next	Offset to next image, or negative error

The caller is responsible for eventually calling free() on the allocated ASN.1 cursor.

Definition at line 1028 of file asn1.c.

                                                {
         int next;
         int rc;
 
         /* Sanity check */
         assert ( offset <= image->len );
 
         /* Check that this image can be used to extract an ASN.1 object */
         if ( ! ( image->type && image->type->asn1 ) )
                 return -ENOTSUP;
 
         /* Try creating ASN.1 cursor */
         next = image->type->asn1 ( image, offset, cursor );
         if ( next < 0 ) {
                 rc = next;
                 DBGC ( image, "IMAGE %s could not extract ASN.1 object: %s\n",
                        image->name, strerror ( rc ) );
                 return rc;
         }
 
         return next;
 }

References image_type::asn1, assert(), DBGC, ENOTSUP, len, image::name, next, offset, rc, strerror(), and image::type.

Referenced by asn1_okx(), cms_message(), and image_x509().

◆ image_extract()

int image_extract	(	struct image *	image,
		const char *	name,
		struct image **	extracted
	)

Extract archive image.

Parameters

image	Image
name	Extracted image name
extracted	Extracted image to fill in

Return values

rc	Return status code

Definition at line 44 of file archive.c.

                                                {
         int rc;
 
         /* Check that this image can be used to extract an archive image */
         if ( ! ( image->type && image->type->extract ) ) {
                 rc = -ENOTSUP;
                 goto err_unsupported;
         }
 
         /* Allocate new image */
         *extracted = alloc_image ( image->uri );
         if ( ! *extracted ) {
                 rc = -ENOMEM;
                 goto err_alloc;
         }
 
         /* Set image name */
         if ( ( rc = image_set_name ( *extracted,
                                      ( name ? name : image->name ) ) ) != 0 ) {
                 goto err_set_name;
         }
 
         /* Strip any archive or compression suffix from implicit name */
         if ( ! name )
                 image_strip_suffix ( *extracted );
 
         /* Try extracting archive image */
         if ( ( rc = image->type->extract ( image, *extracted ) ) != 0 ) {
                 DBGC ( image, "IMAGE %s could not extract image: %s\n",
                        image->name, strerror ( rc ) );
                 goto err_extract;
         }
 
         /* Register image */
         if ( ( rc = register_image ( *extracted ) ) != 0 )
                 goto err_register;
 
         /* Propagate trust flag */
         if ( image->flags & IMAGE_TRUSTED )
                 image_trust ( *extracted );
 
         /* Drop local reference to image */
         image_put ( *extracted );
 
         return 0;
 
         unregister_image ( *extracted );
  err_register:
  err_extract:
  err_set_name:
         image_put ( *extracted );
  err_alloc:
  err_unsupported:
         return rc;
 }

References alloc_image(), DBGC, ENOMEM, ENOTSUP, image_type::extract, image::flags, image_put(), image_set_name(), image_strip_suffix(), image_trust(), IMAGE_TRUSTED, image::name, name, rc, register_image(), strerror(), image::type, unregister_image(), and image::uri.

Referenced by gzip_okx(), image_extract_exec(), imgextract(), and zlib_okx().

◆ image_extract_exec()

int image_extract_exec ( struct image * image )

Extract and execute image.

Parameters

image Image

Return values

rc	Return status code

Definition at line 107 of file archive.c.

                                                {
         struct image *extracted;
         int rc;
 
         /* Extract image */
         if ( ( rc = image_extract ( image, NULL, &extracted ) ) != 0 )
                 goto err_extract;
 
         /* Set image command line */
         if ( ( rc = image_set_cmdline ( extracted, image->cmdline ) ) != 0 )
                 goto err_set_cmdline;
 
         /* Set auto-unregister flag */
         extracted->flags |= IMAGE_AUTO_UNREGISTER;
 
         /* Replace current image */
         if ( ( rc = image_replace ( extracted ) ) != 0 )
                 goto err_replace;
 
         /* Return to allow replacement image to be executed */
         return 0;
 
  err_replace:
  err_set_cmdline:
         unregister_image ( extracted );
  err_extract:
         return rc;
 }

References image::cmdline, image::flags, IMAGE_AUTO_UNREGISTER, image_extract(), image_replace(), image_set_cmdline(), NULL, rc, and unregister_image().

◆ image_get()

static struct image* image_get ( struct image * image )

inlinestatic

Increment reference count on an image.

Parameters

image Image

Return values

image Image

Definition at line 240 of file image.h.

                                                                {
         ref_get ( &image->refcnt );
         return image;
 }

References ref_get, and image::refcnt.

Referenced by bzimage_exec(), cms_decrypt(), create_downloader(), efi_file_open_image(), image_exec(), image_replace(), and register_image().

◆ image_put()

static void image_put ( struct image * image )

inlinestatic

Decrement reference count on an image.

Parameters

image Image

Definition at line 250 of file image.h.

                                                      {
         ref_put ( &image->refcnt );
 }

References ref_put, and image::refcnt.

Referenced by alloc_image(), cmdline_init(), cms_decrypt(), cpio_okx(), downloader_free(), efi_cmdline_init(), efi_file_free(), free_image(), image_exec(), image_extract(), image_memory(), image_replace(), imgdownload(), and unregister_image().

◆ image_clear_cmdline()

static void image_clear_cmdline ( struct image * image )

inlinestatic

Clear image command line.

Parameters

image Image

Definition at line 259 of file image.h.

                                                                {
         image_set_cmdline ( image, NULL );
 }

References image_set_cmdline(), and NULL.

◆ image_trust()

static void image_trust ( struct image * image )

inlinestatic

Set image as trusted.

Parameters

image Image

Definition at line 268 of file image.h.

                                                        {
         image->flags |= IMAGE_TRUSTED;
 }

References image::flags, and IMAGE_TRUSTED.

Referenced by cms_verify(), embedded_init(), and image_extract().

◆ image_untrust()

static void image_untrust ( struct image * image )

inlinestatic

Set image as untrusted.

Parameters

image Image

Definition at line 277 of file image.h.

                                                          {
         image->flags &= ~IMAGE_TRUSTED;
 }

References image::flags, and IMAGE_TRUSTED.

Referenced by cms_decrypt(), and cms_verify().

◆ image_hide()

static void image_hide ( struct image * image )

inlinestatic

Mark image as hidden.

Parameters

image Image

Definition at line 286 of file image.h.

                                                       {
         image->flags |= IMAGE_HIDDEN;
 }

References image::flags, and IMAGE_HIDDEN.

Referenced by imgfdt(), and shim().

◆ image_tag()

static struct image* image_tag	(	struct image *	image,
		struct image_tag *	tag
	)

inlinestatic

Tag image.

Parameters

image	Image
tag	Image tag

Return values

prev	Previous tagged image (if any)

Definition at line 297 of file image.h.

                                                                  {
         struct image *prev = tag->image;
 
         tag->image = image;
         return prev;
 }

References tag.

Referenced by fdt_test_exec(), image_exec(), image_select(), imgfdt(), and shim().

Variable Documentation

◆ attribute

struct image __attribute__

◆ images

struct list_head images

List of registered images.

Definition at line 59 of file image.c.

Referenced by first_image(), initrd_dump(), initrd_load(), initrd_region(), initrd_squash_high(), initrd_startup(), initrd_swap(), lkrn_exec(), and register_image().

◆ current_image

struct image_tag current_image

Referenced by goto_exec(), image_exec(), and image_replace().

◆ selected_image

struct image_tag selected_image

Referenced by efi_file_open(), image_select(), imgsingle_exec(), and shim_exec().

Data Structures

Macros

Functions

Variables

Detailed Description

Macro Definition Documentation

◆ IMAGE_REGISTERED

◆ IMAGE_TRUSTED

◆ IMAGE_AUTO_UNREGISTER

◆ IMAGE_HIDDEN

◆ IMAGE_STATIC

◆ IMAGE_STATIC_NAME

◆ PROBE_MULTIBOOT

◆ PROBE_NORMAL

◆ PROBE_PXE

◆ IMAGE_TYPES

◆ __image_type

◆ IMAGE_TAGS

◆ __image_tag

◆ for_each_image

◆ for_each_image_safe

Function Documentation

◆ FILE_LICENCE()

◆ FILE_SECBOOT()

◆ first_image()

◆ free_image()

◆ alloc_image()

◆ image_set_uri()

◆ image_set_name()

◆ image_strip_suffix()

◆ image_set_cmdline()

◆ image_set_len()

◆ image_set_data()

◆ register_image()

◆ unregister_image()

◆ find_image()

◆ find_image_tag()

◆ image_exec()

◆ image_replace()

◆ image_select()

◆ image_set_trust()

◆ image_memory()

◆ image_argument()

◆ image_pixbuf()

◆ image_asn1()

◆ image_extract()

◆ image_extract_exec()

◆ image_get()

◆ image_put()

◆ image_clear_cmdline()

◆ image_trust()

◆ image_untrust()

◆ image_hide()

◆ image_tag()

Variable Documentation

◆ __attribute__

◆ images

◆ current_image

◆ selected_image

◆ attribute