doc: Updates info on using Keystone2 secure devices

Add a section describing the secure boot image used on
Keystone2 secure devices.

Signed-off-by: Madan Srinivas <madans@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>

diff --git a/doc/README.ti-secure b/doc/README.ti-secure
index 9b0fbf97323381a093b89c78c73c8304fcb707e9..4b5380c0f3df38610d777c5c3c9e8251f98fce3a 100644 (file)
--- a/doc/README.ti-secure
+++ b/doc/README.ti-secure
@@ -133,6 +133,26 @@ Booting of U-Boot SPL
        u-boot-spl_HS_X-LOADER - boot image for all other flash memories
                including QSPI and NOR flash
 
+       Invoking the script for Keystone2 Secure Devices
+       =============================================
+
+       create-boot-image.sh \
+               <UNUSED> <INPUT_FILE> <OUTPUT_FILE> <UNUSED>
+
+       <UNUSED> is currently ignored and reserved for future use.
+
+       <INPUT_FILE> is the full path and filename of the public world boot
+       loader binary file (only u-boot.bin is currently supported on
+       Keystone2 devices, u-boot-spl.bin is not currently supported).
+
+       <OUTPUT_FILE> is the full path and filename of the final secure image.
+       The output binary images should be used in place of the standard
+       non-secure binary images (see the platform-specific user's guides
+       and releases notes for how the non-secure images are typically used)
+       u-boot_HS_MLO - signed and encrypted boot image that can be used to
+               boot from all media. Secure boot from SPI NOR flash is not
+               currently supported.
+
 Booting of Primary U-Boot (u-boot.img)
 ======================================