Android/Security

From OLPC
< Android
Revision as of 21:22, 4 July 2014 by Quozl (talk | contribs)
Jump to navigation Jump to search

Firmware security for the Android and Sugar build.

  • set up for signing using firmware security and the bios-crypto source,
  • copy /boot/alt/vmlinuz and /boot/alt/initrd.img from the Android build,
  • sign the Android kernel with the deployment operating system (o1) key,
sign-os.sh os vmlinuz runos4.zip
  • sign the Android ramdisk
sign-os.sh os initrd.img runrd4.zip
  • place both in /boot/alt,
  • link the activation mode to the Sugar activation kernel and ramdisk,
ln -s ../runos4.zip actos4.zip
ln -s ../actrd4.zip actrd4.zip
  • sign the Q7B40 firmware release with the deployment firmware (w1) key,
  • copy the signed bootfw4.zip file to /boot/
  • test booting using the O game key to select Android, or no O game key to select Sugar, using the X game key to enable security if it is not enabled,
  • test booting using the rocker down key to display the boot menu.