Hi Morné,
thanks for you answer. Maybe, I will explain more: we have a Dragonboard
410c based hardware. We use a read-only rootfs in one partition
(actually two with A/B approach) and we have a data partition for user
data as well as device specific data. We can partition and flash the
device through fastboot. So, if we can prepare ext4 filesystems (maybe
through yocto instead of hand-crafted scripting) for each device,
commissioning will be an easy task for the manufacturer.
I guess, we are not the only ones that need to store device specific
information besides the rootfs, and I do not find a whole lot about it
in the yocto manuals. I wonder, if there are best practices, how to
protect the data from getting corrupted (intentionally by an attacker or
by accident through ... flash corruption or whatever).
Regards,
Matthias
On 6/24/19 9:08 AM, Morné Lamprecht wrote:
On Mon, Jun 17, 2019 at 05:25:56PM +0200, Matthias Schoepfer wrote:
Is there a smart, recommended way to deal with device specific data
(i.e. serial number, credentials for backend access, you name it),
that is specific for *one* device, and hence does not belong into the
rootfs. I know, that there are (safe) hardware stores for it, but
what, if your device does not have one.
Not sure if I'm misunderstanding your question, but this should be
part of your device commissioning process, i.e. like injecting
specific security keys etc...so basically this will part of your image
install / flash process, and not really part of the Yocto build
process. The specifics of such a process would depend on your specific
commissioning process.
- Morné
--
_______________________________________________
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto
