| Sumit Garg | ebfc066 | 2016-07-14 12:27:53 -0400 | [diff] [blame] | 1 | Overview of SPL verified boot on powerpc/mpc85xx & arm/layerscape platforms |
| 2 | =========================================================================== |
| 3 | |
| 4 | Introduction |
| 5 | ------------ |
| 6 | |
| 7 | This document provides an overview of how SPL verified boot works on powerpc/ |
| 8 | mpc85xx & arm/layerscape platforms. |
| 9 | |
| 10 | Methodology |
| 11 | ----------- |
| 12 | |
| 13 | The SPL image is responsible for loading the next stage boot loader, which is |
| 14 | the main u-boot image. For secure boot process on these platforms ROM verifies |
| Michal Simek | 1be82af | 2023-05-17 09:17:16 +0200 | [diff] [blame] | 15 | SPL image, so to continue chain of trust SPL image verifies U-Boot image using |
| Sumit Garg | ebfc066 | 2016-07-14 12:27:53 -0400 | [diff] [blame] | 16 | spl_validate_uboot(). This function uses QorIQ Trust Architecture header |
| Michal Simek | 1be82af | 2023-05-17 09:17:16 +0200 | [diff] [blame] | 17 | (appended to U-Boot image) to validate the U-Boot binary just before passing |
| Sumit Garg | ebfc066 | 2016-07-14 12:27:53 -0400 | [diff] [blame] | 18 | control to it. |