Overview of Ubuntu Core
Revision as of 11:13, 14 August 2020 by Galemk (Created page with "== Ubuntu Core is all snaps == <gallery widths=500px heights=500px> Ubuntu core architecture.png|OS architecture based on snaps </gallery> == Board bring-up: kernel and the g...")
Ubuntu Core is all snaps
Board bring-up: kernel and the gadget snaps
- The kernel snap and the gadget snap enable particular hardware:
- Gadget snap provides the bootloader, typically Grub for X86 and U-Boot for ARM.
- Capabilities like full disc encryption and secure boot are enabled in the gadget snap.
Auto rollback for kernel and base snaps
- When a kernel or a base (core18, core16) snap is installed, the system reboots
- Boot logic evaluates kernel/base snap viability
- If not viable, system boots with the previous kernel/base snap
- This mechanism protects system operations from bad kernel/bases snap release
- All boot executables are signed and verified
- Verification is carried out through hardware/BIOS based root of trust
- All bootloader binaries are signed and verified before loading into memory for execution, all the way to the kernel/initramfs
- This process is standard on X86/UEFI starting with Ubuntu Core 18