diff options
author | Alyssa Rosenzweig <alyssa@rosenzweig.io> | 2017-04-03 12:37:59 -0700 |
---|---|---|
committer | Alyssa Rosenzweig <alyssa@rosenzweig.io> | 2017-04-03 12:37:59 -0700 |
commit | cb8d13228f7dcb58f7e891dfd57493209ecc5518 (patch) | |
tree | 4d085d0b677e6ea0ac469ac829f32f4328676664 /docs/depthcharge | |
parent | 0b96f7a49f0428d23231403177583316ecee413f (diff) | |
download | librebootfr-cb8d13228f7dcb58f7e891dfd57493209ecc5518.tar.gz librebootfr-cb8d13228f7dcb58f7e891dfd57493209ecc5518.zip |
squeeze
Diffstat (limited to 'docs/depthcharge')
-rw-r--r-- | docs/depthcharge/index.md | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/docs/depthcharge/index.md b/docs/depthcharge/index.md index 13367056..c89fb7e1 100644 --- a/docs/depthcharge/index.md +++ b/docs/depthcharge/index.md @@ -2,7 +2,6 @@ This section relates to the depthcharge payload used in libreboot. - - [CrOS security model](#cros_security_model) - [Developer mode screen](#developer_mode_screen) - Holding the developer mode screen @@ -17,8 +16,6 @@ This section relates to the depthcharge payload used in libreboot. - [Configuring verified boot parameters](#configuring_verified_boot_parameters) - - CrOS security model {#cros_security_model} =================== @@ -28,15 +25,11 @@ compromised, that is implemented as the verified boot (vboot) reference, most of which is executed within depthcharge. A detailed overview of the CrOS security model is available on the dedicated page. - In spite of the CrOS security model, depthcharge won't allow booting kernels without verifying their signature and booting from external media or legacy payload unless explicitly allowed: see [configuring verified boot parameters](#configuring_verified_boot_parameters). - - - Developer mode screen {#developer_mode_screen} ===================== @@ -50,7 +43,6 @@ external media (when enabled), booting from legacy payload (when enabled), showing information about the device and disabling developer mode. - Holding the developer mode screen {#holding_developer_mode_screen} --------------------------------- @@ -58,8 +50,6 @@ As instructed on the developer mode screen, the screen can be held by pressing **Ctrl + H** in the first 3 seconds after the screen is shown. After that delay, depthcharge will resume booting normally. - - Booting normally {#booting_normally} ---------------- @@ -68,8 +58,6 @@ after **3 seconds** (if developer mode screen is not held).\ The default boot medium (internal storage, external media, legacy payload) is shown on screen. - - Booting from different mediums {#booting_different_mediums} ------------------------------ @@ -84,8 +72,6 @@ can be triggered by pressing various key combinations: - External media: **Ctrl + U** (when enabled) - Legacy payload: **Ctrl + L** (when enabled) - - Showing device information {#showing_device_information} -------------------------- @@ -94,8 +80,6 @@ can be triggered by pressing **Ctrl + I** or **Tab**.\ Various information is shown, including vboot non-volatile data, TPM status, GBB flags and key hashes.\ - - Warnings -------- @@ -105,9 +89,6 @@ The developer mode screen will show warnings when: - Booting from external media is enabled - Booting legacy payloads is enabled - - - Recovery mode screen {#recovery_mode_screen} ==================== @@ -118,7 +99,6 @@ It allows recovering the device from a bad state by booting from a trusted recovery media. When accessed with the device in a good state, it also allows enabling developer mode. - Recovering from a bad state {#recovering_bad_state} --------------------------- @@ -145,8 +125,6 @@ replaced. When the recovery private key is available (e.g. when using self-generated keys), it can be used to sign a kernel for recovery purposes. - - Enabling developer mode {#enabling_developer_mode} ----------------------- @@ -155,9 +133,6 @@ by pressing **Ctrl + D**.\ Instructions to confirm enabling developer mode are then shown on screen. - - - Configuring verified boot parameters {#configuring_verified_boot_parameters} ==================================== @@ -182,7 +157,6 @@ of the device**. In particular, disabling kernels signature verification, external media boot and legacy payload boot can weaken the security of the device. - The following parameters can be configured: - Kernels signature verification: @@ -217,9 +191,6 @@ The following parameters can be configured: \# **crossystem dev\_default\_boot=legacy** - - - Copyright © 2015 Paul Kocialkowski <contact@paulk.fr>\ Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike 4.0 |