Design proposal: go/dlc-verification
In a summary, we plan to leverage imageloader to verify a Chrome OS DLC (go/cros-dlc-design-proposal). This leverages rootfs to directly verify a DLC (instead of signature verification using async crypto). Works include:
1) a script to construct hash tree, imageloader.json, verity parameter, etc.
2) modify imageloader to do verification accordingly (a new API for this purpose).
3) appropriate testing
Comment 1 by xiaochu@chromium.org
, Jun 7 2018