I haven't found any general purpose non-x86 parts that do, but this is in the realm of things that SoC vendors seem to believe is some sort of value-add that can only be documented under NDAs, so please do prove me wrong.
Having only worked with a few non-x86 SoCs and never looked at Intel/AMD, I was a bit surprised that one would want to verify that the boot was trusted at runtime because if it wasn't trusted then the system simply shouldn't boot. I guess the difference is that most x86 systems are non-embedded and more generic, so they need to be able to boot in either trusted or untrusted modes.
Power management, mobile and firmware developer on Linux. Security developer at nvidia. Ex-biologist. Content here should not be interpreted as the opinion of my employer. Also on Mastodon and Bluesky.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
non-x86 trusted boot requirements
Date: 2023-07-17 06:05 am (UTC)Having only worked with a few non-x86 SoCs and never looked at Intel/AMD, I was a bit surprised that one would want to verify that the boot was trusted at runtime because if it wasn't trusted then the system simply shouldn't boot. I guess the difference is that most x86 systems are non-embedded and more generic, so they need to be able to boot in either trusted or untrusted modes.