[PATCH 0/4] vpl: Introduce a verifying program loader
Simon Glass
sjg at chromium.org
Thu May 20 00:17:57 CEST 2021
Hi Michal,
On Wed, 19 May 2021 at 01:16, Michal Simek <michal.simek at xilinx.com> wrote:
>
> Hi Simon,
>
> On 5/8/21 12:37 AM, Simon Glass wrote:
> > U-Boot provides a verified-boot feature based around FIT, but there is
> > no standard way of implementing it for a board. At present the various
> > required pieces must be built up separately, to produce a working
> > implementation. In particular, there is no built-in support for selecting
> > A/B boot or recovery mode.
> >
> > This series introduces VPL, a verified program loader. Its purpose is to
> > run the verified-boot process and decide which SPL binary should be run.
> > Adding VPL into the boot flow provides a standard way of implementing
> > verified boot. So far, only the phase itself is added. More work is
> > needed to add logic to the phase, based on continuing discussions about
> > how best to standardise this feature.
>
> This is quite interesting. Where is that data stored which SPL should
> run? fallback options? Do you have any proposal/document which describes it?
It is not quite ready for release. But I could talk about it on the
U-Boot call next week if that suits.
Regards,
Simon
More information about the U-Boot
mailing list