Android/Security: Difference between revisions

From OLPC
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
Firmware security for the Android and Sugar build.
Firmware security for the Android and Sugar build.


* set up for signing using [[Firmware security]],
* set up for signing using [[Firmware security#Making_New_Deployment_Keys|firmware security]] and the bios-crypto source,
* copy /boot/kernel and /boot/ramdisk from the [[Android]] build,
* copy /boot/kernel and /boot/ramdisk from the [[Android]] build,
* sign the Android kernel
* sign the Android kernel

Revision as of 04:34, 8 April 2014

Firmware security for the Android and Sugar build.

  • set up for signing using firmware security and the bios-crypto source,
  • copy /boot/kernel and /boot/ramdisk from the Android build,
  • sign the Android kernel
sign-os.sh os vmlinuz runos4.zip
  • sign the Android ramdisk
sign-os.sh os initrd runrd4.zip
  • make a /boot/alt directory,
  • place both in /boot/alt,
  • link the activation mode to the Sugar activation kernel and ramdisk,
ln -s ../runos4.zip actos4.zip
ln -s ../actrd4.zip actrd4.zip
  • test booting using the O game key to select Android, or no O game key to select Sugar, using the X game key to enable security if it is not enabled.

Removes the boot menu, because the boot menu is implemented in olpc.fth, and olpc.fth is not used during secure boot.