Boot procedure for the host core can have multiple topologies:
a. Host CPU boots independent of secure core and is responsible for it's own secure boot
b. Secure core validates the boot chain for host CPU as part of secure core bootloader
c. Host cpu ROM code waits for secure core to boot to SPM, then host ROM requests the crypto service for verifying host cpu firmware.
in the first PoC, approach b should taken, as this offers shortest path to PoC.
Assumptions:
a. secure core boot code is aware of host image storage
b. secure core can access the host image storage
More detailed design need to be drawn/published.