binman: Add an entry for a Chromium vblock

This adds support for a Chromium verified boot block, used to sign a read-write section of the image. Signed-off-by: Simon Glass <sjg@chromium.org>
author: Simon Glass <sjg@chromium.org> 2018-07-17 13:25:47 -0600
committer: Simon Glass <sjg@chromium.org> 2018-08-01 16:30:48 -0600
commit: 24d0d3c30db0bba6579ae55e1d6202e229c23a0e (patch)
tree: 7b93e2bc56584edd1b7c043e144fbc0aa2ca54a4 /tools/binman/README.entries
parent: 94a7c603b45b9abdd9e6960ed2b096dd4553c91c (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/tools/binman/README.entries b/tools/binman/README.entries
index 41b70192c0..1b75ca0052 100644
--- a/tools/binman/README.entries
+++ b/tools/binman/README.entries
@@ -496,6 +496,23 @@ complicated. Otherwise it is the same as the u_boot entry.
 
 
 
+Entry: vblock: An entry which contains a Chromium OS verified boot block
+------------------------------------------------------------------------
+
+Properties / Entry arguments:
+    - keydir: Directory containing the public keys to use
+    - keyblock: Name of the key file to use (inside keydir)
+    - signprivate: Name of provide key file to use (inside keydir)
+    - version: Version number of the vblock (typically 1)
+    - kernelkey: Name of the kernel key to use (inside keydir)
+    - preamble-flags: Value of the vboot preamble flags (typically 0)
+
+Chromium OS  signs the read-write firmware and kernel, writing the signature
+in this block. This allows U-Boot to verify that the next firmware stage
+and kernel are genuine.
+
+
+
 Entry: x86-start16: x86 16-bit start-up code for U-Boot
 -------------------------------------------------------
author	Simon Glass <sjg@chromium.org>	2018-07-17 13:25:47 -0600
committer	Simon Glass <sjg@chromium.org>	2018-08-01 16:30:48 -0600
commit	24d0d3c30db0bba6579ae55e1d6202e229c23a0e (patch)
tree	7b93e2bc56584edd1b7c043e144fbc0aa2ca54a4 /tools/binman/README.entries
parent	94a7c603b45b9abdd9e6960ed2b096dd4553c91c (diff)