Integrity checking of OS images

Sridhar Dhanapalan sridhar at laptop.org.au
Tue Feb 8 01:13:05 EST 2011


On 8 February 2011 08:39, James Cameron <quozl at laptop.org> wrote:
> On Tue, Feb 08, 2011 at 01:01:36AM +1100, Sridhar Dhanapalan wrote:
>> Are OS images checked for integrity by the XO before they are written
>> to the flash storage? I suspect not.
>
> As Chris said, yes.
>
> The image is checked for transmission integrity *as* it is written to
> the flash storage [1], not before.  A transmission error will result in a
> partially written internal storage.  The laptop should not be used until
> a successful install occurs.  It may appear to work but fail later.

Ah, that makes sense. I suspected that no checking was taking place
because it went straight to the writing.

>> The schools we deal with don't always have reliable Internet, so some
>> failsafe mechanism to prevent them from using damaged images would be
>> helpful. We can't expect them to learn md5sum to check the image first
>> - that is too technical.
>
> You should give them the option.  You never know when you have a school
> teacher or aid who has a clue, and it would save them repeating the huge
> download.
>
> I suggest you capture the output after a successful fs-update for use in
> your instructions, along with a comment that "anything else is bad,
> please ask for help."  The output is different for signed installs using
> deployment keys.

Fantastic advice. Thank you.

Sridhar



More information about the Devel mailing list