X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=doc%2Fmkimage.1;h=b48f70bb3cc7a0222d8a21d9d1122e69af2ddf4f;hb=a4092dbd81ad8bcd7d405304f579b0b5b0c402ce;hp=b67a35178a0fec45521e27e8242216213df1f0a5;hpb=4f6104270146c76fcaf46e951f84cdc1612a04b7;p=u-boot diff --git a/doc/mkimage.1 b/doc/mkimage.1 index b67a35178a..b48f70bb3c 100644 --- a/doc/mkimage.1 +++ b/doc/mkimage.1 @@ -115,7 +115,7 @@ FIT image. .TP .BI "\-F" Indicates that an existing FIT image should be modified. No dtc -compilation is performed and the -f flag should not be given. +compilation is performed and the \-f flag should not be given. This can be used to sign images with additional keys after initial image creation. @@ -133,6 +133,12 @@ the corresponding public key is written into this file for for run-time verification. Typically the file here is the device tree binary used by CONFIG_OF_CONTROL in U-Boot. +.TP +.BI "\-r +Specifies that keys used to sign the FIT are required. This means that they +must be verified for the image to boot. Without this option, the verification +will be optional (useful for testing but not for release). + .SH EXAMPLES List image information: @@ -157,7 +163,8 @@ Create FIT image with compressed kernel and sign it with keys in the skipping those for which keys cannot be found. Also add a comment. .nf .B mkimage -f kernel.its -k /public/signing-keys -K u-boot.dtb \\\\ --c "Kernel 3.8 image for production devices" kernel.itb +.br +.B -c "Kernel 3.8 image for production devices" kernel.itb .fi .P @@ -167,7 +174,8 @@ with keys that are available in the new directory. Images that request signing with unavailable keys are skipped. .nf .B mkimage -F -k /secret/signing-keys -K u-boot.dtb \\\\ --c "Kernel 3.8 image for production devices" kernel.itb +.br +.B -c "Kernel 3.8 image for production devices" kernel.itb .fi .SH HOMEPAGE