Lines Matching full:verified
28 <p>Verified boot guarantees the integrity of the device software starting from a
68 Device states are LOCKED, UNLOCKED, or VERIFIED.</p>
119 <p>Bootloader integrity must be verified using a hardware root of trust. For
132 <p>A verified device will ultimately boot into one of four states during each boot
158 <p>The recovery partition must also be verified and should be verified in the
161 <img src="../images/verified_boot.png" alt="Verified boot flow" id="figure1" />
162 <p class="img-caption"><strong>Figure 1.</strong> Verified boot flow</p>
174 <li>VERIFIED, indicating someone in physical control of the device may perform
176 its current chain of trust. In the image above, a VERIFIED device must boot
178 must not be possible to alter the user keystore in the VERIFIED state. It must
196 <p>Boot and recovery image signatures may be verified during the flashing process,
199 verified again at every boot.
202 to be verified.
211 verified.</p>
226 verified | lock]</code> command. And to protect user data, <strong>all</strong>
241 <li>The LOCKED to VERIFIED transition is expected in the case where a developer
244 <li>The VERIFIED to LOCKED transition is idempotent with the above.
246 <li>The UNLOCKED to VERIFIED transition is anticipated when a user wishes to put a
250 <li> The VERIFIED to UNLOCKED transition is idempotent with the above.
271 <li>Clear a write-protected bit indicating the device is verified
283 <li>Clear a write-protected bit indicating the device is verified
290 flashing verified</code></td>
295 <li>Set a write-protected bit indicating the device is verified
319 <li>If this bit is not set, check the bit set by <code>flashing verified</code>
337 software frequently, for example, while still keeping verified boot enabled.</p>
392 <li>The current device state (LOCKED, VERIFIED, or UNLOCKED)
405 <p>The recovery image should be verified in exactly the same manner as the boot
412 system partition cannot be verified similarly to previous parts but must be
413 verified in real time as it?s being accessed by using the dm-verity kernel
417 verified, <code>init</code> will verify the signed verity metadata appended to the partition
431 mode flag is set to logging or verity metadata cannot be verified, a warning
456 on the verified partition may not function anymore. When the event is received,
461 <h3 id=verified_partition>Verified partition</h3>
463 <p>In a verified device, the system partition must always be verified. But any
464 other read-only partition can also be set to be verified, as well. Specifically,
465 any read-only partition that contains executable code must be verified on a
466 verified device. This include the vendor partition, if one exists, for example.</p>
468 <p>In order for a partition to be verified, signed verity metadata must be
513 verified against the OEM key or the user-provided keystore only.</p>
519 the image to be verified as an integer and the partition where the image can
546 <p>The Android verified boot keystore format is an ASN.1 DER-encoded document. Its
