UEFI Secure Boot in U-Boot – Grant Likely, Arm
The PC world and embedded systems have mostly followed their own paths when it comes to firmware design. PCs grew up around BIOS followed by EFI which eventually became the UEFI specification, and finally gaining Secure Boot for verifying OS images. Embedded has used many different firmware projects, with U-Boot becoming the most popular, and as such has developed its own interfaces and methods for verifying and booting an OS.Unfortunately very little of the U-Boot interface has been standardised which resulted in every U-Boot platform behaving slightly differently. This makes it very difficult for OS distributions to support more than a handful of embedded platforms. To solve this problem, U-Boot is in the process of adopting the UEFI standard for ABI and boot behaviour, including secure boot functionality. This presentation will go over the current state of UEFI and Secure Boot on U-Boot, including how to use it and future plans.
source by The Linux Foundation