NAME¶
This - Verified boot kernel utility
SYNOPSIS¶
vbutil_kernel --pack <file> [
PARAMETERS]
DESCRIPTION¶
This program creates, signs, and verifies the kernel blob
- Required parameters:
- --keyblock <file>
- Key block in .keyblock format
- --signprivate <file>
- Private key to sign kernel data, in .vbprivk format
- --version <number>
- Kernel version
- --vmlinuz <file>
- Linux kernel bzImage file
- --bootloader <file>
- Bootloader stub
- --config <file>
- Command line file
- --arch <arch>
- Cpu architecture (default x86)
- Optional:
- --kloadaddr <address>
- Assign kernel body load address
- --pad <number>
- Verification padding size in bytes
- --vblockonly
- Emit just the verification blob
OR
Usage: vbutil_kernel
--repack <file> [PARAMETERS]
- Required parameters:
- --signprivate <file>
- Private key to sign kernel data, in .vbprivk format
- --oldblob <file>
- Previously packed kernel blob (including verfication blob)
- Optional:
- --keyblock <file>
- Key block in .keyblock format
- --config <file>
- New command line file
- --version <number>
- Kernel version
- --kloadaddr <address>
- Assign kernel body load address
- --pad <number>
- Verification blob size in bytes
- --vblockonly
- Emit just the verification blob
OR
Usage: vbutil_kernel
--verify <file> [PARAMETERS]
- Optional:
- --signpubkey <file>
- Public key to verify kernel keyblock, in .vbpubk format
- --verbose
- Print a more detailed report
- --keyblock <file>
- Outputs the verified key block, in .keyblock format
- --pad <number>
- Verification padding size in bytes
- --minversion <number>
- Minimum combined kernel key version and kernel version
Usage: vbutil_kernel
--pack <file> [PARAMETERS]
- Required parameters:
- --keyblock <file>
- Key block in .keyblock format
- --signprivate <file>
- Private key to sign kernel data, in .vbprivk format
- --version <number>
- Kernel version
- --vmlinuz <file>
- Linux kernel bzImage file
- --bootloader <file>
- Bootloader stub
- --config <file>
- Command line file
- --arch <arch>
- Cpu architecture (default x86)
- Optional:
- --kloadaddr <address>
- Assign kernel body load address
- --pad <number>
- Verification padding size in bytes
- --vblockonly
- Emit just the verification blob
OR
Usage: vbutil_kernel
--repack <file> [PARAMETERS]
- Required parameters:
- --signprivate <file>
- Private key to sign kernel data, in .vbprivk format
- --oldblob <file>
- Previously packed kernel blob (including verfication blob)
- Optional:
- --keyblock <file>
- Key block in .keyblock format
- --config <file>
- New command line file
- --version <number>
- Kernel version
- --kloadaddr <address>
- Assign kernel body load address
- --pad <number>
- Verification blob size in bytes
- --vblockonly
- Emit just the verification blob
OR
Usage: vbutil_kernel
--verify <file> [PARAMETERS]
- Optional:
- --signpubkey <file>
- Public key to verify kernel keyblock, in .vbpubk format
- --verbose
- Print a more detailed report
- --keyblock <file>
- Outputs the verified key block, in .keyblock format
- --pad <number>
- Verification padding size in bytes
- --minversion <number>
- Minimum combined kernel key version and kernel version
SEE ALSO¶
The full documentation for
This is maintained as a Texinfo manual. If the
info and
This programs are properly installed at your site, the
command
- info This
should give you access to the complete manual.
