[U-Boot] Secure booting

Simon Glass sjg at chromium.org
Sat Feb 15 20:30:00 CET 2014


Hi.

On 12 February 2014 17:56, <TigerLiu at viatech.com.cn> wrote:
>
> Hi, JYOTI:
> >Can anybody inform me why u-boot 2013 does not support secure booting?
> >Basically what are the differences between u-boot2009.08 and u-boot2013
> >related to secure boot feature? What changes are required to develop
> secure
> >booting in u-boot 2013?
>
> Based on Simon's PPT, U-boot 2013.06 version was the first code package
> for verified boot.

There were quite a few changes in FIT handling, bootm and the like.
The verified boot implementation itself was only about 15 patches but
it builds on perhaps 100 more which refactor related code to make it
possible.

There is documentation in the U-Boot tree (e.g.
doc/uImage.FIT/verified-boot.txt ) and also a test you can run with
sandbox.

A rough overview is here http://lwn.net/Articles/571031/

You will find slides here: http://www.denx.de/wiki/U-Boot/MiniSummitELCE2013

There was also a talk at ELCE last year - you can find the slide and
video for that "Verified Boot on Chrome OS and How to do it yourself"

Regards,
Simon


More information about the U-Boot mailing list