summaryrefslogtreecommitdiff
path: root/doc/README.autoboot
diff options
context:
space:
mode:
authorSimon Glass <sjg@chromium.org>2019-07-20 20:51:17 -0600
committerTom Rini <trini@konsulko.com>2019-08-02 11:19:14 -0400
commit88fa4beb631c5329bf616554f7d2714ece7a5f0b (patch)
tree845ded2b808a0c57184b45d83035487aa8dbc60c /doc/README.autoboot
parente8c780560ad2a3104c0cbfbb61f0ac229881599d (diff)
autoboot: Improve docs for CONFIG_AUTOBOOT_ENCRYPTION
This option is not documented properly at present. Fix it. Signed-off-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'doc/README.autoboot')
-rw-r--r--doc/README.autoboot15
1 files changed, 15 insertions, 0 deletions
diff --git a/doc/README.autoboot b/doc/README.autoboot
index eeb7e4c662..de35f3093d 100644
--- a/doc/README.autoboot
+++ b/doc/README.autoboot
@@ -132,6 +132,21 @@ What they do
provides an escape sequence from the limited "password"
strings.
+ CONFIG_AUTOBOOT_ENCRYPTION
+
+ "bootstopkeysha256" environment variable
+
+ - Hash value of the input which unlocks the device and
+ stops autoboot.
+
+ This option allows a string to be entered into U-Boot to stop the
+ autoboot. The string itself is hashed and compared against the hash
+ in the environment variable 'bootstopkeysha256'. If it matches then
+ boot stops and a command-line prompt is presented.
+
+ This provides a way to ship a secure production device which can also
+ be accessed at the U-Boot command line.
+
CONFIG_RESET_TO_RETRY
(Only effective when CONFIG_BOOT_RETRY_TIME is also set)