Android/Security: Difference between revisions
< Android
Jump to navigation
Jump to search
No edit summary |
|||
| (7 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Firmware security for the Android and Sugar build. |
Firmware security for the Android and Sugar build. |
||
* set up for signing using [[Firmware security#Making_New_Deployment_Keys|firmware security]] and the bios-crypto source, |
|||
* copy /boot/kernel and /boot/ramdisk from the [[Android]] build, |
|||
* sign the Android kernel |
|||
sign-os.sh os vmlinuz runos4.zip |
|||
* sign the Android ramdisk |
|||
sign-os.sh os initrd runrd4.zip |
|||
* make a /boot/alt directory, |
|||
mkdir alt |
|||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
| ⚫ | |||
* test booting using the [[Cheat codes|O game key]] to select Android, or no O game key to select Sugar, using the X game key to enable security if it is not enabled. |
|||
Removes the boot menu, because the boot menu is implemented in olpc.fth, and olpc.fth is not used during secure boot. |
|||
== proposed for next release == |
|||
* set up for signing using [[Firmware security#Making_New_Deployment_Keys|firmware security]] and the bios-crypto source, |
* set up for signing using [[Firmware security#Making_New_Deployment_Keys|firmware security]] and the bios-crypto source, |
||
* copy /boot/alt/vmlinuz and /boot/alt/initrd.img from the [[Android]] build, |
* copy /boot/alt/vmlinuz and /boot/alt/initrd.img from the [[Android]] build, |
||
* sign the Android kernel |
* sign the Android kernel with the deployment operating system (o1) private key: |
||
sign-os.sh os vmlinuz runos4.zip |
sign-os.sh os vmlinuz runos4.zip |
||
:*purpose: firmware will check signature using public key (o1) stored in manufacturing data. |
|||
* sign the Android ramdisk |
|||
| ⚫ | |||
sign-os.sh os initrd.img runrd4.zip |
sign-os.sh os initrd.img runrd4.zip |
||
:*purpose: firmware will check signature using public key (o1) stored in manufacturing data. |
|||
* place both in /boot/alt, |
|||
| ⚫ | |||
* link the activation mode to the Sugar activation kernel and ramdisk, |
|||
:*purpose: firmware will load these files when [[Cheat codes|O game key]] is used. |
|||
| ⚫ | |||
ln -s ../runos4.zip actos4.zip |
ln -s ../runos4.zip actos4.zip |
||
ln -s ../actrd4.zip actrd4.zip |
ln -s ../actrd4.zip actrd4.zip |
||
:*purpose: for laptops with expired or missing activation lease, the supplied actrd4.zip must obtain a lease, write it to /security/lease.sig on the first partition, then reboot. |
|||
| ⚫ | |||
:or, for laptops that are never assigned activation leases, link actos4.zip to the Android runos4.zip, and link actrd4.zip to the Android runrd4.zip, and the firmware will boot Android without obtaining a lease: |
|||
* copy the signed bootfw4.zip file to /boot/ |
|||
| ⚫ | |||
| ⚫ | |||
:or, for laptops preactivated with the {{code|ak}} tag, no action is needed, because actrd4.zip is not used. |
|||
* sign the Q7B40 firmware release with the deployment firmware (w1) key, and copy the signed bootfw4.zip file to /boot/ |
|||
:*purpose: older firmware will check signature using public key (w1) stored in manufacturing data, and automatically reflash to Q7B40 if necessary. |
|||
* test booting using the [[Cheat codes|O game key]] to select Android, or no O game key to select Sugar, using the X game key to enable security if it is not enabled, |
* test booting using the [[Cheat codes|O game key]] to select Android, or no O game key to select Sugar, using the X game key to enable security if it is not enabled, |
||
* test booting using the [[Cheat codes|rocker down key]] to display the boot menu. |
* test booting using the [[Cheat codes|rocker down key]] to display the boot menu. |
||
* implemented [http://tracker.coreboot.org/trac/openfirmware/changeset/3722 svn 3722] and q7b38ja, |
|||
Latest revision as of 04:40, 24 September 2014
Firmware security for the Android and Sugar build.
- set up for signing using firmware security and the bios-crypto source,
- copy /boot/alt/vmlinuz and /boot/alt/initrd.img from the Android build,
- sign the Android kernel with the deployment operating system (o1) private key:
sign-os.sh os vmlinuz runos4.zip
- purpose: firmware will check signature using public key (o1) stored in manufacturing data.
- sign the Android ramdisk with the deployment operating system (o1) private key:
sign-os.sh os initrd.img runrd4.zip
- purpose: firmware will check signature using public key (o1) stored in manufacturing data.
- place both files in in /boot/alt,
- purpose: firmware will load these files when O game key is used.
- link the activation mode to the Sugar activation kernel and ramdisk:
ln -s ../runos4.zip actos4.zip ln -s ../actrd4.zip actrd4.zip
- purpose: for laptops with expired or missing activation lease, the supplied actrd4.zip must obtain a lease, write it to /security/lease.sig on the first partition, then reboot.
- or, for laptops that are never assigned activation leases, link actos4.zip to the Android runos4.zip, and link actrd4.zip to the Android runrd4.zip, and the firmware will boot Android without obtaining a lease:
ln -s runos4.zip actos4.zip ln -s runrd4.zip actrd4.zip
- or, for laptops preactivated with the ak tag, no action is needed, because actrd4.zip is not used.
- sign the Q7B40 firmware release with the deployment firmware (w1) key, and copy the signed bootfw4.zip file to /boot/
- purpose: older firmware will check signature using public key (w1) stored in manufacturing data, and automatically reflash to Q7B40 if necessary.
- test booting using the O game key to select Android, or no O game key to select Sugar, using the X game key to enable security if it is not enabled,
- test booting using the rocker down key to display the boot menu.