autoboot: Improve docs for CONFIG_AUTOBOOT_ENCRYPTION

This option is not documented properly at present. Fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>

diff --git a/README b/README
index b08ad8904dafc1690f53dec65caf7c0a4309696b..b493ffeb2d9dc143ab5f90c8ab10b1fa8d0d6f18 100644 (file)
--- a/README
+++ b/README
@@ -3421,6 +3421,8 @@ List of environment variables (most likely not complete):
                  allowed for use by the bootm command. See also "bootm_low"
                  environment variable.
 
+  bootstopkeysha256, bootdelaykey, bootstopkey - See README.autoboot
+
   updatefile   - Location of the software update file on a TFTP server, used
                  by the automatic software update feature. Please refer to
                  documentation in doc/README.update for more details.

diff --git a/cmd/Kconfig b/cmd/Kconfig
index 16cb5c2956c182fbbd82940f3a39e6b68a0112e0..2cbfc0f87ecd9bc92a4d8fd2d569f8d949393c06 100644 (file)
--- a/cmd/Kconfig
+++ b/cmd/Kconfig
@@ -101,7 +101,14 @@ config AUTOBOOT_PROMPT
 config AUTOBOOT_ENCRYPTION
        bool "Enable encryption in autoboot stopping"
        depends on AUTOBOOT_KEYED
-       default n
+       help
+         This option allows a string to be entered into U-Boot to stop the
+         autoboot. The string itself is hashed and compared against the hash
+         in the environment variable 'bootstopkeysha256'. If it matches then
+         boot stops and a command-line prompt is presented.
+
+         This provides a way to ship a secure production device which can also
+         be accessed at the U-Boot command line.
 
 config AUTOBOOT_DELAY_STR
        string "Delay autobooting via specific input key / string"

diff --git a/common/autoboot.c b/common/autoboot.c
index 5a0dac8d79a5f2e13fec226daac7e863ddec11d1..f832808b71ed1a3a8b0dab4b66d4d6537a415352 100644 (file)
--- a/common/autoboot.c
+++ b/common/autoboot.c
@@ -54,6 +54,14 @@ static int slow_equals(u8 *a, u8 *b, int len)
        return diff == 0;
 }
 
+/**
+ * passwd_abort_sha256() - check for a hashed key sequence to abort booting
+ *
+ * This checks for the user entering a SHA256 hash within a given time.
+ *
+ * @etime: Timeout value ticks (stop when get_ticks() reachs this)
+ * @return 0 if autoboot should continue, 1 if it should stop
+ */
 static int passwd_abort_sha256(uint64_t etime)
 {
        const char *sha_env_str = env_get("bootstopkeysha256");
@@ -106,6 +114,14 @@ static int passwd_abort_sha256(uint64_t etime)
        return abort;
 }
 
+/**
+ * passwd_abort_key() - check for a key sequence to aborted booting
+ *
+ * This checks for the user entering a string within a given time.
+ *
+ * @etime: Timeout value ticks (stop when get_ticks() reachs this)
+ * @return 0 if autoboot should continue, 1 if it should stop
+ */
 static int passwd_abort_key(uint64_t etime)
 {
        int abort = 0;

diff --git a/doc/README.autoboot b/doc/README.autoboot
index eeb7e4c66235163d33372f60307a925679a6a119..de35f3093df0156f0eb2cb467eae427cc4606fef 100644 (file)
--- a/doc/README.autoboot
+++ b/doc/README.autoboot
@@ -132,6 +132,21 @@ What they do
        provides an escape sequence from the limited "password"
        strings.
 
+  CONFIG_AUTOBOOT_ENCRYPTION
+
+  "bootstopkeysha256"  environment variable
+
+       - Hash value of the input which unlocks the device and
+         stops autoboot.
+
+       This option allows a string to be entered into U-Boot to stop the
+       autoboot. The string itself is hashed and compared against the hash
+       in the environment variable 'bootstopkeysha256'. If it matches then
+       boot stops and a command-line prompt is presented.
+
+       This provides a way to ship a secure production device which can also
+       be accessed at the U-Boot command line.
+
   CONFIG_RESET_TO_RETRY
 
        (Only effective when CONFIG_BOOT_RETRY_TIME is also set)