doc: uefi.rst: Add OP-TEE variable storage config options

[oweals/u-boot.git] / doc / README.autoboot

diff --git a/doc/README.autoboot b/doc/README.autoboot
index 227e3b5dbbe1be7cbdc89d27196e31850e6d9d0b..5e9a5e1cf7fe09367c19517e36988a66a88df868 100644 (file)
--- a/doc/README.autoboot
+++ b/doc/README.autoboot
@@ -1,8 +1,8 @@
+SPDX-License-Identifier: GPL-2.0+
 /*
  * (C) Copyright 2001
  * Dave Ellis, SIXNET, dge@sixnetio.com
  *
- * SPDX-License-Identifier:    GPL-2.0+
  */
 
 Using autoboot configuration options
@@ -132,16 +132,31 @@ What they do
        provides an escape sequence from the limited "password"
        strings.
 
+  CONFIG_AUTOBOOT_ENCRYPTION
 
-  CONFIG_ZERO_BOOTDELAY_CHECK
+  "bootstopkeysha256"  environment variable
 
-       If this option is defined, you can stop the autoboot process
-       by hitting a key even in that case when "bootdelay" has been
-       set to 0. You can set "bootdelay" to a negative value to
-       prevent the check for console input.
+       - Hash value of the input which unlocks the device and
+         stops autoboot.
+
+       This option allows a string to be entered into U-Boot to stop the
+       autoboot. The string itself is hashed and compared against the hash
+       in the environment variable 'bootstopkeysha256'. If it matches then
+       boot stops and a command-line prompt is presented.
+
+       This provides a way to ship a secure production device which can also
+       be accessed at the U-Boot command line.
 
   CONFIG_RESET_TO_RETRY
 
        (Only effective when CONFIG_BOOT_RETRY_TIME is also set)
        After the countdown timed out, the board will be reset to restart
        again.
+
+  CONFIG_AUTOBOOT_USE_MENUKEY
+  CONFIG_AUTOBOOT_MENUKEY
+
+       If this key is pressed to stop autoboot, then the commands in the
+       environment variable 'menucmd' will be executed before boot starts.
+       For example, 33 means "!" in ASCII, so pressing ! at boot would take
+       this action.