Skip to content

Files

Latest commit

doridoridoridori
Nov 17, 2021
5413b93 · Nov 17, 2021

History

History
52 lines (40 loc) · 3.77 KB

verified_boot.md

File metadata and controls

52 lines (40 loc) · 3.77 KB

Platform Changes

  • 4.4: Added to kernel. OEMs can enable
  • 6: In 'Warning' mode
  • 7: In 'Enforcing' mode
  • 8: Android Verified Boot
    • Rollback prevention
  • 9: Devices shipping with Android 9 MUST support verified boot link

Checking verified boot

  • The Android CDD states that if a device supports verified boot then it MUST set the android.software.verified_boot prop flag.
  • Key Attestion API can be used to check bootloader / verified boot status.
    • "Bootloader must provide Verified Boot public key and lock status to TEE" from bootcamp
  • There is a kernal command line param androidboot.verifiedbootstate (see Communicating boot state) but this can only be read by root it seems

Overview

"Make persistence across reboots extraordinarily difficult"

Verified Boot, introduced in Android 4.4, provides a hardware-based root of trust, and confirms the state of each stage of the boot process. During boot, Android warns the user if the operating system has been modified from the factory version, provides information about what the warning means, and offers solutions to correct it. Depending on device implementation, Verified Boot will either allow the boot to proceed, stop the device from booting so the user can take action on the issue, or prevent the device from booting up until the issue is resolved. Starting from Android 6.0, device implementations with Advanced Encryption Standard (AES) crypto performance above 50MiB/ seconds support Verified Boot for device integrity.

Details on Android Verified Boot implementation and features can be found in the Verified Boot section on source.android.com.

From Android Security 2015 Year in Review

Links