Integrity checking of OS images

James Cameron quozl at
Mon Feb 7 16:39:51 EST 2011

On Tue, Feb 08, 2011 at 01:01:36AM +1100, Sridhar Dhanapalan wrote:
> Are OS images checked for integrity by the XO before they are written
> to the flash storage? I suspect not.

As Chris said, yes.

The image is checked for transmission integrity *as* it is written to
the flash storage [1], not before.  A transmission error will result in a
partially written internal storage.  The laptop should not be used until
a successful install occurs.  It may appear to work but fail later.

For XO-1.5, the .zd format contains block hashes [2].  If the data in
these blocks do not match the hash, the fs-update ceases with an error:

Bad hash for eblock# 
Your USB key may be bad.  Please try a different one.

This should detect bit errors in downloads.

There are other possible errors too, such as "Short read of zdata file"
which will happen if the file is incompletely downloaded.

> The schools we deal with don't always have reliable Internet, so some
> failsafe mechanism to prevent them from using damaged images would be
> helpful. We can't expect them to learn md5sum to check the image first
> - that is too technical.

You should give them the option.  You never know when you have a school
teacher or aid who has a clue, and it would save them repeating the huge

I suggest you capture the output after a successful fs-update for use in
your instructions, along with a comment that "anything else is bad,
please ask for help."  The output is different for signed installs using
deployment keys.


checks the hash,

2.  git:// file zhashfs.c creates the hash.

James Cameron

More information about the Devel mailing list