aboutsummaryrefslogtreecommitdiff
path: root/docs/depthcharge
diff options
context:
space:
mode:
authorAlyssa Rosenzweig <alyssa@rosenzweig.io>2017-04-03 12:37:59 -0700
committerAlyssa Rosenzweig <alyssa@rosenzweig.io>2017-04-03 12:37:59 -0700
commitcb8d13228f7dcb58f7e891dfd57493209ecc5518 (patch)
tree4d085d0b677e6ea0ac469ac829f32f4328676664 /docs/depthcharge
parent0b96f7a49f0428d23231403177583316ecee413f (diff)
downloadlibrebootfr-cb8d13228f7dcb58f7e891dfd57493209ecc5518.tar.gz
librebootfr-cb8d13228f7dcb58f7e891dfd57493209ecc5518.zip
squeeze
Diffstat (limited to 'docs/depthcharge')
-rw-r--r--docs/depthcharge/index.md29
1 files changed, 0 insertions, 29 deletions
diff --git a/docs/depthcharge/index.md b/docs/depthcharge/index.md
index 13367056..c89fb7e1 100644
--- a/docs/depthcharge/index.md
+++ b/docs/depthcharge/index.md
@@ -2,7 +2,6 @@
This section relates to the depthcharge payload used in libreboot.
-
- [CrOS security model](#cros_security_model)
- [Developer mode screen](#developer_mode_screen)
- Holding the developer mode screen
@@ -17,8 +16,6 @@ This section relates to the depthcharge payload used in libreboot.
- [Configuring verified boot
parameters](#configuring_verified_boot_parameters)
-
-
CrOS security model {#cros_security_model}
===================
@@ -28,15 +25,11 @@ compromised, that is implemented as the verified boot (vboot) reference,
most of which is executed within depthcharge. A detailed overview of the
CrOS security model is available on the dedicated page.
-
In spite of the CrOS security model, depthcharge won't allow booting
kernels without verifying their signature and booting from external
media or legacy payload unless explicitly allowed: see [configuring
verified boot parameters](#configuring_verified_boot_parameters).
-
-
-
Developer mode screen {#developer_mode_screen}
=====================
@@ -50,7 +43,6 @@ external media (when enabled), booting from legacy payload (when
enabled), showing information about the device and disabling developer
mode.
-
Holding the developer mode screen {#holding_developer_mode_screen}
---------------------------------
@@ -58,8 +50,6 @@ As instructed on the developer mode screen, the screen can be held by
pressing **Ctrl + H** in the first 3 seconds after the screen is shown.
After that delay, depthcharge will resume booting normally.
-
-
Booting normally {#booting_normally}
----------------
@@ -68,8 +58,6 @@ after **3 seconds** (if developer mode screen is not held).\
The default boot medium (internal storage, external media, legacy
payload) is shown on screen.
-
-
Booting from different mediums {#booting_different_mediums}
------------------------------
@@ -84,8 +72,6 @@ can be triggered by pressing various key combinations:
- External media: **Ctrl + U** (when enabled)
- Legacy payload: **Ctrl + L** (when enabled)
-
-
Showing device information {#showing_device_information}
--------------------------
@@ -94,8 +80,6 @@ can be triggered by pressing **Ctrl + I** or **Tab**.\
Various information is shown, including vboot non-volatile data, TPM
status, GBB flags and key hashes.\
-
-
Warnings
--------
@@ -105,9 +89,6 @@ The developer mode screen will show warnings when:
- Booting from external media is enabled
- Booting legacy payloads is enabled
-
-
-
Recovery mode screen {#recovery_mode_screen}
====================
@@ -118,7 +99,6 @@ It allows recovering the device from a bad state by booting from a
trusted recovery media. When accessed with the device in a good state,
it also allows enabling developer mode.
-
Recovering from a bad state {#recovering_bad_state}
---------------------------
@@ -145,8 +125,6 @@ replaced. When the recovery private key is available (e.g. when using
self-generated keys), it can be used to sign a kernel for recovery
purposes.
-
-
Enabling developer mode {#enabling_developer_mode}
-----------------------
@@ -155,9 +133,6 @@ by pressing **Ctrl + D**.\
Instructions to confirm enabling developer mode are then shown on
screen.
-
-
-
Configuring verified boot parameters {#configuring_verified_boot_parameters}
====================================
@@ -182,7 +157,6 @@ of the device**. In particular, disabling kernels signature
verification, external media boot and legacy payload boot can weaken the
security of the device.
-
The following parameters can be configured:
- Kernels signature verification:
@@ -217,9 +191,6 @@ The following parameters can be configured:
\# **crossystem dev\_default\_boot=legacy**
-
-
-
Copyright © 2015 Paul Kocialkowski <contact@paulk.fr>\
Permission is granted to copy, distribute and/or modify this document
under the terms of the Creative Commons Attribution-ShareAlike 4.0