Hi Markus, On Fri, Feb 17, 2017 at 5:26 PM, Markus Valentin <m...@denx.de> wrote: > Hi, > > i'm implementing Secure Boot with U-Boot on a Intel Atom E3800 Series (Bay > Trail) based Plattform. > > I did manage to get the first boot stage (Initial Boot Block) verified by the > Trusted Execution Engine, next i need to verify the "ramstage" as they call > it.
How did you implement the first boot stage? Is it U-Boot SPL? > > Intel provides a manual on how to enable Secure Boot with coreboot in this > manual they extract the "ramstage" from the coreboot.rom file via cbfs. > Which manual is this? > How can i get the equivalent for the coreboot-ramstage from U-Boot? > My understanding is that since you already managed to have the hardware (TXE) successfully verify the first boot stage, the next step is all yours, which means you don't need anything like coreboot-ramstage. You can implement whatever loading/authenticating mechanism you put in the first boot stage to boot the 2nd stage. Regards, Bin _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
