1*ebfc066eSSumit GargOverview of SPL verified boot on powerpc/mpc85xx & arm/layerscape platforms 2*ebfc066eSSumit Garg=========================================================================== 3*ebfc066eSSumit Garg 4*ebfc066eSSumit GargIntroduction 5*ebfc066eSSumit Garg------------ 6*ebfc066eSSumit Garg 7*ebfc066eSSumit GargThis document provides an overview of how SPL verified boot works on powerpc/ 8*ebfc066eSSumit Gargmpc85xx & arm/layerscape platforms. 9*ebfc066eSSumit Garg 10*ebfc066eSSumit GargMethodology 11*ebfc066eSSumit Garg----------- 12*ebfc066eSSumit Garg 13*ebfc066eSSumit GargThe SPL image is responsible for loading the next stage boot loader, which is 14*ebfc066eSSumit Gargthe main u-boot image. For secure boot process on these platforms ROM verifies 15*ebfc066eSSumit GargSPL image, so to continue chain of trust SPL image verifies U-boot image using 16*ebfc066eSSumit Gargspl_validate_uboot(). This function uses QorIQ Trust Architecture header 17*ebfc066eSSumit Garg(appended to U-boot image) to validate the U-boot binary just before passing 18*ebfc066eSSumit Gargcontrol to it. 19