This page explains some configuration tasks in Celadon.
Secure boot is enabled on the BIOS of some PCs by default. It adds the BIOS vendor’s key and Windows* key by default. However, the default setting does not include the key to verify the kernelflinger. If the BIOS has enabled secure boot, you will get the following error message:
You’ll need a USB drive with at least 1GB of free space to perform the following steps to add the key used to verify the kernelflinger to BIOS.
Download the files that comprise Keytool from their respective locations:
- KeyTool.efi is a tool included in the efitools tarball. Download the tarball from https://git.kernel.org/pub/scm/linux/kernel/git/jejb/efitools.git.
- Download DB.auth.
- Download KEK.auth.
Format the USB drive to use the FAT filesystem. Put the KeyTool.efi, DB.auth, and KEK.auth files on the USB drive.
Disable the device secure boot.
Plug in the USB drive and reboot the device.
Press F10 to enter the Boot Menu.
Select “UEFI : Build-in EFI Shell” and then find your USB device.
Execute KeyTool.efi and you will see the KeyTool menu.
Select Edit Keys to replace the keys.
Select the (db) option and press Enter.
Choose Add New Key to add the DB key.
Browse your USB drives to locate your keys and add them one at a time.
Repeat the same steps and add the new key for KEK
The live boot feature allows you to flash a specially-built image to a USB drive and then boot from the USB drive to Android* directly without installing Android to internal storage first.
The live boot feature is used only for debug purposes and must be built with eng or userdebug build flavors.
For Celadon, you will build a GPT disk image, flash it to a USB drive (similar to installing Android on the USB drive), and then boot Android from the USB drive. With this approach, Celadon supports all Android features, except some security features that need hardware binding.
Perform the following steps to live-boot Celadon.
Build a live boot image.
Follow the steps in Build Celadon From Source to set up the local development environment and to download the source code.
Open the mixins config file to verify that the kernelflinger supports the USB live boot feature for your [lunch_target], because the feature is enabled by default for some of the lunch targets such as “caas”, “celadon_ivi” and “celadon_tablet”.
The following example shows the mixins config file device/intel/project-celadon/caas/mixins.spec for the “caas” lunch target:
Enable the live boot feature by adding the usb_storage and live_boot options to the mixins.spec file.
Execute the following command to build a live boot image:
$ make SPARSE_IMAGE=true gptimage -j $(nproc)
As an alternative, you can pass the options in the make command line:
$ make SPARSE_IMAGE=true KERNELFLINGER_SUPPORT_USB_STORAGE=true KERNELFLINGER_SUPPORT_LIVE_BOOT=true gptimage -j $(nproc)
After a successful build, you will have an out/target/product/[lunch_target]/[lunch_target].img image. For example, an out/target/product/caas/caas.img image is generated for the caas lunch target.
The previous command creates an image file of 16GB bytes that contains an entire GPT disk. To change the default image size, edit the mixins config file device/intel/project-celadon/[lunch_target]/mixins.spec as follows:
Flash the live boot image to a USB drive.
For Linux*, use the dd tool to flash the image file to the USB drive. For example:
$ sudo dd if=caas.img of=/dev/sdc bs=1M
You MUST change the /dev/sdc to the actual USB drive device.
Be sure all the buffered data is written to the USB drive before removing the USB drive by running the sync command in Linux.
For Windows, use the rufus tool to flash the image file to the USB drive.
Boot from the USB drive to Android directly.
Insert the USB drive and power on the computer. Then, press a function key to enter the BIOS boot menu. Select boot from the USB drive. Now, you can boot from the USB drive to Android directly.
If you choose to save data to this Android device and you have not removed the USB drive, the data will be saved to the USB drive. You can then use the saved data on other computers.
- If you already installed Android in the internal storage, disable the internal storage if you are using USB live boot.
- If you want to use one USB drive in two computers, make sure the lock state is the same on each computer.
You may want to install Windows and Celadon Android on one device, and select which OS to boot every time the device is powering up. To facilitate dual boot, install Windows and Celadon on two separate storage devices.
Use kernelflinger UEFI executables:
The kernelflinger UEFI installer does not prompt the target storage device to install. Disconnect the Windows installed storage device first, connect the storage back to the device after installing Celadon, and then select the OS to boot from the BIOS boot menu.
An Android system is typically comprised of multiple disk partitions. Each parition is associated with an *.img file in the Celadon image. In addition, Celadon supports a whole GPT image to be flashed to the entire disk. Some partitions (e.g. the system partition) are huge, but some of them are empty. The SPARSE image format is used to reduce the image size.
The default partition size is defined in the following files:
Modify device/intel/project-celadon/[lunch_target]/mixins.spec to change some of the default settings.
- Changing the partition size will cause the OTA update to fail.
- The system partition requires at least 2560MB of disk space.