Hi,
On 2 November 2014 07:06, srinivasan srinivasan.rns@gmail.com wrote:
Hi Simon,
http://lists.denx.de/pipermail/u-boot/2014-June/180845.html
As the above link explains the Signing of kernel & verifying with uboot,
Could you please let me know do you have any methods of signing & verifying the linux kernel with root file system ie., am using ti-sdk-am335x-evm-07.00.00.00 BSP's where linux kernel is from this BSP only & would be planning to use rootfs as my Angstrom filesystem or any others
If you use dm-verity you can verify your root disk using a hash which is stored in the verified part of U-Boot. This is the method used by Chrome OS. This requires a read-only rootfs though. Is that acceptable?
See this page for some info on how Android does this:
https://source.android.com/devices/tech/security/dm-verity.html
Could you please let me know how do we sign & verify the kernel with rootfs with detailed steps as am using beaglebone black as my development board with ti-sdk-am335x-evm-07.00.00.00 BSP's
I don't have details steps of this part sorry. An overview is here:
http://events.linuxfoundation.org/sites/events/files/slides/chromeos_and_diy...
Awaiting for your replies Many Thanks in advance
Regards, Simon