/e/ OS installation on Pixel 4a(sunfish) with verified boot.
/e/ OS installation on Pixel 4a(sunfish) with verified boot, as the device supports user-settable root of trust.
Who will use the new feature?
The owners of Pixel 4a(sunfish).
What is the target of the new feature for this user?
Verified boot( user-settable root of trust ) with bootloader locked.
Why this user would like to use this feature?
Verified Boot strives to ensure all executed code comes from a trusted source (usually device OEMs), rather than from an attacker or corruption. It establishes a full chain of trust, starting from a hardware-protected root of trust to the bootloader, to the boot partition and other verified partitions including system, vendor, and optionally oem partitions. During device boot up, each stage verifies the integrity and authenticity of the next stage before handing over execution.
In addition to ensuring that devices are running a safe version of Android, Verified Boot checks for the correct version of Android with rollback protection. Rollback protection helps to prevent a possible exploit from becoming persistent by ensuring devices only update to newer versions of Android.
In addition to verifying the OS, Verified Boot also allows Android devices to communicate their state of integrity to the user.
Boot Flow diagram