From 88fa4beb631c5329bf616554f7d2714ece7a5f0b Mon Sep 17 00:00:00 2001
From: Simon Glass <sjg@chromium.org>
Date: Sat, 20 Jul 2019 20:51:17 -0600
Subject: autoboot: Improve docs for CONFIG_AUTOBOOT_ENCRYPTION

This option is not documented properly at present. Fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>
---
 doc/README.autoboot | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'doc')

diff --git a/doc/README.autoboot b/doc/README.autoboot
index eeb7e4c662..de35f3093d 100644
--- a/doc/README.autoboot
+++ b/doc/README.autoboot
@@ -132,6 +132,21 @@ What they do
 	provides an escape sequence from the limited "password"
 	strings.
 
+  CONFIG_AUTOBOOT_ENCRYPTION
+
+  "bootstopkeysha256"	environment variable
+
+	- Hash value of the input which unlocks the device and
+	  stops autoboot.
+
+	This option allows a string to be entered into U-Boot to stop the
+	autoboot. The string itself is hashed and compared against the hash
+	in the environment variable 'bootstopkeysha256'. If it matches then
+	boot stops and a command-line prompt is presented.
+
+	This provides a way to ship a secure production device which can also
+	be accessed at the U-Boot command line.
+
   CONFIG_RESET_TO_RETRY
 
 	(Only effective when CONFIG_BOOT_RETRY_TIME is also set)
-- 
cgit v1.2.3