Merge pull request #108 from timg236/secure-boot-revoke-devkey

bootloader: Enable revoke_devkey in secure-boot recovery.bin

Merge pull request #108 from timg236/secure-boot-revoke-devkey
bootloader: Enable revoke_devkey in secure-boot recovery.bin
Tim Gover · GitHub
2 parents 8bb5820b 6b05a3a4
Showing 5 changed files with 6 additions and 4 deletions
Readme.md
secure-boot-msd/bootcode4.bin
secure-boot-recovery/README.md
secure-boot-recovery/bootcode4.bin
secure-boot-recovery/pieeprom.original.bin
@@ -63,8 +63,10 @@ On Compute Module 4 EMMC-DISABLE / nRPIBOOT (GPIO 40) must be fitted to switch t
 Otherwise, the SPI EEPROM bootloader image will be loaded instead.
 <a name="secure-boot"></a>
-## Secure Boot -  BETA
-Secure Boot is currently a BETA release feature and the functionality to permanently enable secure-boot via OTP is not enabled in this release.
+## Secure Boot
+Secure Boot requires the latest stable bootloader image.
+WARNING: If the `revoke_devkey` option is used to revoke the ROM development key then it will
+not be possible to downgrade to a bootloader older than 2022-01-06 OR disable secure-boot mode.
 ### Host setup
 Secure boot require a 2048 bit RSA asymmetric keypair and the Python `pycrytodomex` module to sign the EEPROM config and boot image.
@@ -81,8 +81,8 @@ To enable this edit the `config.txt` file in this directory and set
 * `program_pubkey` - If 1, write the hash of the customer's public key to OTP.
 * `revoke_devkey` - If 1, revoke the ROM bootloader development key which
- requires secure-boot mode and prevents downgrades to bootloader versions that
- don't support secure boot.
+   requires secure-boot mode and prevents downgrades to bootloader versions that
+    don't support secure boot.
  ** DO NOT SET THIS `revoke_devkey` UNTIL THE BOOTLOADER IS SIGNED WITH THE SECURE
 BOOT KEY. IT WILL PREVENT THE PI FROM BOOTING.**