[yocto] General Question: Device specific value store
Matthias Schoepfer
matthias.schoepfer at googlemail.com
Tue Jun 25 01:52:59 PDT 2019
Hi Morné,
thanks for you answer. Maybe, I will explain more: we have a Dragonboard
410c based hardware. We use a read-only rootfs in one partition
(actually two with A/B approach) and we have a data partition for user
data as well as device specific data. We can partition and flash the
device through fastboot. So, if we can prepare ext4 filesystems (maybe
through yocto instead of hand-crafted scripting) for each device,
commissioning will be an easy task for the manufacturer.
I guess, we are not the only ones that need to store device specific
information besides the rootfs, and I do not find a whole lot about it
in the yocto manuals. I wonder, if there are best practices, how to
protect the data from getting corrupted (intentionally by an attacker or
by accident through ... flash corruption or whatever).
Regards,
Matthias
On 6/24/19 9:08 AM, Morné Lamprecht wrote:
> On Mon, Jun 17, 2019 at 05:25:56PM +0200, Matthias Schoepfer wrote:
>> Is there a smart, recommended way to deal with device specific data
>> (i.e. serial number, credentials for backend access, you name it),
>> that is specific for *one* device, and hence does not belong into the
>> rootfs. I know, that there are (safe) hardware stores for it, but
>> what, if your device does not have one.
>
> Not sure if I'm misunderstanding your question, but this should be
> part of your device commissioning process, i.e. like injecting
> specific security keys etc...so basically this will part of your image
> install / flash process, and not really part of the Yocto build
> process. The specifics of such a process would depend on your specific
> commissioning process.
>
> - Morné
More information about the yocto
mailing list