Compartir a través de


IOCTL_HAL_GET_IMAGE_SIGNED_STATE (Windows CE 5.0)

Send Feedback

This IOCTL is used to retrieve the signed state of an OS image.

Parameters

  • dwIoControlCode
    [in] Set to IOCTL_HAL_GET_IMAGE_SIGNED_STATE.

  • lpInBuf
    [in] Set to NULL; not used.

  • nInBufSize
    [in] Set to zero; not used.

  • lpOutBuf
    [out] Pointer to a DWORD value.

    The following are defined DWORD values for this parameter:

    Value Description
    IMAGE_NOT_SIGNED The boot loader either did not perform signature checks on the image or the image failed the signature check.
    IMAGE_TEST_SIGNED The image was validated using a test root public key.
    IMAGE_FINAL_SIGNED The image was validated using a product root public key.
  • nOutBufSize
    [out] Size of lpOutBuf.

  • lpBytesReturned
    [in] If not NULL, set to the size of the DWORD value.

  • lpOverlapped
    [in] Set to NULL.

Return Values

TRUE indicates success. FALSE indicates failure.

Remarks

The boot loader keeps track of the signed state of the OS image when it loads the OS image for execution into memory in its boot arguments, bootargs. The boot loader has to be a fixed component, which means that it has to be in a read-only part or is not updateable, to make sure that it cannot be tampered with.

OEMs can use this IOCTL to verify the signed state of an OS image and then output a message indicating the state. It is up to the OEMs to implement this functionality.

Requirements

OS Versions: Windows CE .NET 4.2 and later.
Header: Pkfuncs.h.

See Also

OEMCheckSignature

Send Feedback on this topic to the authors

Feedback FAQs

© 2006 Microsoft Corporation. All rights reserved.