Secure boot means the device allows the execution of software (i.e. kernel) only if its origin is verified.
It verifies the signature of the kernel signed with a specific "key" that is stored in internal (OTP) memory.
The purpose is to avoid the device to run a different kernel version. The filesystem is not verified by secure boot.
To achieve memory protection, you should encrypt the filesystem.
It verifies the signature of the kernel signed with a specific "key" that is stored in internal (OTP) memory.
The purpose is to avoid the device to run a different kernel version. The filesystem is not verified by secure boot.
To achieve memory protection, you should encrypt the filesystem.
Statistics: Posted by ballscrew — Fri Oct 04, 2024 7:46 am
