I don't have a precise answer here (I'm not a kernel expert and this might be a good question for the android-kernel list).
However, I'm worried that going through the kernel to try to decide whether the kernel can be trusted isn't going to prove anything. JBQ On Sun, Nov 1, 2009 at 2:12 PM, Torin Walker <[email protected]> wrote: > I'm looking for a way to authenticate the bootloader and kernel images > to ensure the OS has not been tampered with from some factory default. > > One way I imagined doing this is to perform a cryptographic hash on > > /dev/mtd/mtd1 (bootloader image), and > /dev/mtd/mtd2 (kernel image), > > but opening up either of these devices into a CheckedInputStream (for > CRC32 validation, for example) results in an enormous crash. Not only > does the device stop responding, but the android debug bridge crashes > and no longer recognizes any attached devices until Windows Vista (go > figure) is rebooted. > > Can anyone suggest a better method for validating that the Operating > System has not changed (i.e. The bootloader and kernel are factory > defaults?) > > > Torin... > > > -- Jean-Baptiste M. "JBQ" Queru Software Engineer, Android Open-Source Project, Google. Questions sent directly to me that have no reason for being private will likely get ignored or forwarded to a public forum with no further warning.
