Verified Boot for Embedded (VBE)

Introduction

VBE provides a standard boot mechanism for embedded systems. If defines how firmware and Operating Systems are located, updated and verified.

Within U-Boot, one or more VBE bootmeths implement the boot logic. For example, the vbe-simple bootmeth handles finding the firmware (e.g. in MMC) and starting it. Typically the bootmeth is started up in VPL and controls which SPL and U-Boot binaries are loaded.

A ‘vbe’ command provides access to various aspects of VBE’s operation, including listing methods and getting the status for a method.

For a detailed overview of VBE, see vbe-intro. A fuller description of bootflows is at vbe-bootflows and the firmware-update mechanism is described at vbe-fwupdate. VBE OS requests are described at vbe-osrequests.