Boot process

From OLPC
Jump to navigation Jump to search

This is the sequence that OFW goes through before booting an image. The canonical specification should be at Firmware Security.

  1. If all four game-pad buttons are held down (secure copy-nand)
    1. Firmware looks at fs.zip (should be in root directory of usb key, along with the os{build_number}.img)
      • fs.zip should have data.img and data.sig in it
    2. If the data.sig lines up with the data.img, the os{build_number}.img is booted.
  2. If your laptop is insecure (the ww flag is set instead of the wp flag)
    • The laptop boots the old insecure way (loads /boot/olpc.fth and runs whatever script is there)
    • NOTE: if you hold the '×' game-pad key during startup, the laptop will go into secure mode for that one boot up
  3. If your laptop is secure (wp flag set, or '×' game-pad key was held), then...
    1. If dk flag is set
      • goto old insecure boot
    2. If present and valid /security/develop.sig (in the usb, sd, or nand)
      • goto old insecure boot.
    3. If present /boot/bootfw.zip (for secure reflash of OFW) (has... how should key be set up? data.rom and data.sig?)
      • If signature is valid, then reflash
    4. If present, valid, and not expired /security/lease.sig OR the ak flag is set
      • If present /boot/os.zip (contains data.sig and data.img)
        • then, If data.sig and data.img are valid, boot from the data.img.

Early boot describes the Linux boot sequence after these steps in firmware.