From: Sumit Garg <sumit.garg@nxp.com>
Date: Thu, 14 Jul 2016 16:27:53 +0000 (-0400)
Subject: doc: SPL: Add README for secure boot support
X-Git-Tag: v2025.01-rc5-pxa1908~8961^2~1
X-Git-Url: http://git.dujemihanovic.xyz/%22/icons/right.gif/static/%7B%7B%20%24image.RelPermalink%20%7D%7D?a=commitdiff_plain;h=ebfc066e6f755da373d503608249f77ac298fb5e;p=u-boot.git

doc: SPL: Add README for secure boot support

Adds information regarding SPL handling validation process of main u-boot
image on power/mpc85xx and arm/layerscape platforms.

Signed-off-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: York Sun <york.sun@nxp.com>
---

diff --git a/doc/SPL/README.spl-secure-boot b/doc/SPL/README.spl-secure-boot
new file mode 100644
index 0000000000..f2f8d78883
--- /dev/null
+++ b/doc/SPL/README.spl-secure-boot
@@ -0,0 +1,18 @@
+Overview of SPL verified boot on powerpc/mpc85xx & arm/layerscape platforms
+===========================================================================
+
+Introduction
+------------
+
+This document provides an overview of how SPL verified boot works on powerpc/
+mpc85xx & arm/layerscape platforms.
+
+Methodology
+-----------
+
+The SPL image is responsible for loading the next stage boot loader, which is
+the main u-boot image. For secure boot process on these platforms ROM verifies
+SPL image, so to continue chain of trust SPL image verifies U-boot image using
+spl_validate_uboot(). This function uses QorIQ Trust Architecture header
+(appended to U-boot image) to validate the U-boot binary just before passing
+control to it.