[OLPC-AU] Integrity checking of OS images
James Cameron
quozl at laptop.org
Mon Feb 7 16:39:51 EST 2011
On Tue, Feb 08, 2011 at 01:01:36AM +1100, Sridhar Dhanapalan wrote:
> Are OS images checked for integrity by the XO before they are written
> to the flash storage? I suspect not.
As Chris said, yes.
The image is checked for transmission integrity *as* it is written to
the flash storage [1], not before. A transmission error will result in a
partially written internal storage. The laptop should not be used until
a successful install occurs. It may appear to work but fail later.
For XO-1.5, the .zd format contains block hashes [2]. If the data in
these blocks do not match the hash, the fs-update ceases with an error:
Bad hash for eblock#
Your USB key may be bad. Please try a different one.
See http://wiki.laptop.org/go/Bad_hash
This should detect bit errors in downloads.
There are other possible errors too, such as "Short read of zdata file"
which will happen if the file is incompletely downloaded.
> The schools we deal with don't always have reliable Internet, so some
> failsafe mechanism to prevent them from using damaged images would be
> helpful. We can't expect them to learn md5sum to check the image first
> - that is too technical.
You should give them the option. You never know when you have a school
teacher or aid who has a clue, and it would save them repeating the huge
download.
I suggest you capture the output after a successful fs-update for use in
your instructions, along with a comment that "anything else is bad,
please ask for help." The output is different for signed installs using
deployment keys.
References:
1.
http://tracker.coreboot.org/trac/openfirmware/browser/cpu/x86/pc/olpc/via/fsupdate.fth#L159
checks the hash,
2. git://dev.laptop.org/bios-crypto file zhashfs.c creates the hash.
--
James Cameron
http://quozl.linux.org.au/
More information about the OLPC-AU
mailing list