2016-07-14 16:27:53 +00:00
|
|
|
Overview of SPL verified boot on powerpc/mpc85xx & arm/layerscape platforms
|
|
|
|
===========================================================================
|
|
|
|
|
|
|
|
Introduction
|
|
|
|
------------
|
|
|
|
|
|
|
|
This document provides an overview of how SPL verified boot works on powerpc/
|
|
|
|
mpc85xx & arm/layerscape platforms.
|
|
|
|
|
|
|
|
Methodology
|
|
|
|
-----------
|
|
|
|
|
|
|
|
The SPL image is responsible for loading the next stage boot loader, which is
|
|
|
|
the main u-boot image. For secure boot process on these platforms ROM verifies
|
2023-05-17 07:17:16 +00:00
|
|
|
SPL image, so to continue chain of trust SPL image verifies U-Boot image using
|
2016-07-14 16:27:53 +00:00
|
|
|
spl_validate_uboot(). This function uses QorIQ Trust Architecture header
|
2023-05-17 07:17:16 +00:00
|
|
|
(appended to U-Boot image) to validate the U-Boot binary just before passing
|
2016-07-14 16:27:53 +00:00
|
|
|
control to it.
|