Reputation: 481
How to perform some security verification before booting operating system?
I have a bootable flash disk and it contains customized Ubunto, I want to pass the flash disk to an unknown person and it has some security issues. I want to be sure an unknown person couldn't change flash disk contents. hence I want to calculate hash of flash content and verify it on each boot and prevent booting OS if the verification failed or the hash goes mismatch.
for this purpose, I should do bootloader programming, I looking for UEFI programming but I found a few documents and videos, And also I do not know whether to select UEFI or BIOS.
so I would appreciate you if you could help me and provide a Comprehensive solution or suggest any other solution(except bootloader programming) for my problem.
Upvotes: 2
Views: 195
Answers (1)
Reputation: 989
I think you are going the wrong way. IMHO, the easiest way is to use the secure boot mechanism of UEFI. For that, you just have to sign your kernel and the modules that need to be protected.
How to sign things for Secure Boot.
Upvotes: 1
Related Questions
- How to check Boot loader is unlocked or not
- How to Lock bootloader in source code- U-boot
- Is there any way to find out if secure boot is enabled from uefi shell?
- Understanding Verified Uboot on Embedded Board
- UEFI BootLoader
- Detecting UEFI option in BIOS
- run script before boot options apears
- How to write a BIOS program that runs before the OS?
- Bios loading procedure
- Is it possible to boot the Raspberry Pi in Secure Mode?