From 4fce6554dcc9dc9077fa89b61c675e08f9090bfe Mon Sep 17 00:00:00 2001
From: Madan Srinivas <madans@ti.com>
Date: Fri, 7 Apr 2017 10:00:07 -0500
Subject: [PATCH] doc: Updates info on using Keystone2 secure devices

Add a section describing the secure boot image used on
Keystone2 secure devices.

Signed-off-by: Madan Srinivas <madans@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
---
 doc/README.ti-secure | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/doc/README.ti-secure b/doc/README.ti-secure
index 9b0fbf9..4b5380c 100644
--- a/doc/README.ti-secure
+++ b/doc/README.ti-secure
@@ -133,6 +133,26 @@ Booting of U-Boot SPL
 	u-boot-spl_HS_X-LOADER - boot image for all other flash memories
 		including QSPI and NOR flash
 
+	Invoking the script for Keystone2 Secure Devices
+	=============================================
+
+	create-boot-image.sh \
+		<UNUSED> <INPUT_FILE> <OUTPUT_FILE> <UNUSED>
+
+	<UNUSED> is currently ignored and reserved for future use.
+
+	<INPUT_FILE> is the full path and filename of the public world boot
+	loader binary file (only u-boot.bin is currently supported on
+	Keystone2 devices, u-boot-spl.bin is not currently supported).
+
+	<OUTPUT_FILE> is the full path and filename of the final secure image.
+	The output binary images should be used in place of the standard
+	non-secure binary images (see the platform-specific user's guides
+	and releases notes for how the non-secure images are typically used)
+	u-boot_HS_MLO - signed and encrypted boot image that can be used to
+		boot from all media. Secure boot from SPI NOR flash is not
+		currently supported.
+
 Booting of Primary U-Boot (u-boot.img)
 ======================================