1*4882a593SmuzhiyunOverview of SPL verified boot on powerpc/mpc85xx & arm/layerscape platforms 2*4882a593Smuzhiyun=========================================================================== 3*4882a593Smuzhiyun 4*4882a593SmuzhiyunIntroduction 5*4882a593Smuzhiyun------------ 6*4882a593Smuzhiyun 7*4882a593SmuzhiyunThis document provides an overview of how SPL verified boot works on powerpc/ 8*4882a593Smuzhiyunmpc85xx & arm/layerscape platforms. 9*4882a593Smuzhiyun 10*4882a593SmuzhiyunMethodology 11*4882a593Smuzhiyun----------- 12*4882a593Smuzhiyun 13*4882a593SmuzhiyunThe SPL image is responsible for loading the next stage boot loader, which is 14*4882a593Smuzhiyunthe main u-boot image. For secure boot process on these platforms ROM verifies 15*4882a593SmuzhiyunSPL image, so to continue chain of trust SPL image verifies U-boot image using 16*4882a593Smuzhiyunspl_validate_uboot(). This function uses QorIQ Trust Architecture header 17*4882a593Smuzhiyun(appended to U-boot image) to validate the U-boot binary just before passing 18*4882a593Smuzhiyuncontrol to it. 19