In some environments, a host device (such as a mobile phone or other device) is used with an embedded or removable storage device (such as a Secure Digital (SD) card or a MultiMedia Card (MMC)) that stores the operating system code for the host device, as well as boot loader code. To boot the host device, the host device instructs the storage device to initiate a boot mode, in response to which the storage device provides the host device with the boot loader code. Executing the boot loader code enables the host device to load the operating system code from the storage device. In some mobile device environments, the instruction to initiate the boot mode is not a standard command that the host device would send in its typical read/write communications with the storage device. For example, under the Joint Electron Devices Engineering Council's (JEDEC's) JESD84-A44 standard and under Micron's TN-29-18 specification, a host device can instruct the storage device to initiate a boot mode by holding a command line to the storage device low for 74 clock cycles or by sending a CMD 0 command with the argument 0xFFFFFFFA.
Because the operating system code is stored on the storage device, it is possible that a hacker can alter the operating system code without knowledge of the host device to introduce malware. Accordingly, in some environments, it is desired to verify the integrity of the operating system code before it is executed by the host device. To perform such a “secure boot,” the host device's controller can include secure read-only memory (ROM) code or other features to verify the operating system code before it is executed. However, provisioning a controller with such verification code increases the controller's cost, and controllers that are initially manufactured without the verification code usually cannot be retrofitted to include the verification code after manufacturing.