From cdfe6e22f10ddd5a6ad5c7ff276743035c37d209 Mon Sep 17 00:00:00 2001
From: Alex Gonzalez <alexg@balena.io>
Date: Fri, 5 Jul 2024 13:33:26 +0200
Subject: [PATCH] docs: rpi-secure-boot: update with USB booting
 re-provisioning process

Also, remove mentioning that write protecting further OTP changes is
globally possible as only the customer OTP registers have this feature
and these are not used by the secure boot implementation.

Change-type: patch
Signed-off-by: Alex Gonzalez <alexg@balena.io>
---
 docs/rpi-secure-boot.md | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/docs/rpi-secure-boot.md b/docs/rpi-secure-boot.md
index 2401e7441..cc5af4004 100644
--- a/docs/rpi-secure-boot.md
+++ b/docs/rpi-secure-boot.md
@@ -49,22 +49,20 @@ The partitions are mounted under `/mnt/boot` and `/mnt/rpi` respectively.
 
 ## Device locking
 
-RaspberryPi devices require post-installation setup to lock the device after the installer image completes programming. This locking process needs to write to OTP and requires a USB connection and the `rpiboot` utility loading a dedicated signed `boot.img` file with the following `config.txt` settings:
+RaspberryPi devices require post-installation setup to lock the device after the installer image completes programming. This locking process needs to write to OTP and requires a USB connection and the `rpiboot` utility loading a dedicated signed EEPROM image file with the following `config.txt` settings:
 
 * **revoke_devkey=1**: Prevents EEPROM downgrades to versions that don't support secure boot
 * **program_pubkey=1**: Programs the digest of the EEPROM's public key to OTP
 * **program_jtag_lock=1**: Disables the GPU JTAG interface
 * **eeprom_write_protect=1**: Sets the EEPROM to write protect
 
-Finally, further OTP changes can be locked down to prevent mangling of OTP data.
-
 ## EEPROM updates on locked devices
 
 Once a device is secure boot enabled and is locked down, `rpiboot` driven EEPROM updates will no longer work. Only EEPROM self-updates are possible.
 
 ## Re-programming of locked devices
 
-Once a device is secure boot enabled and is locked down, `rpiboot` needs to use a dedicated signed `boot.img` to expose the encrypted internal storage and allow re-programming.
+Once a device is secure boot enabled and is locked down, re-programming can be done by USB booting a signed flasher images. The use of `rpiboot` to expose internal storage is not supported.
 
 ## Debugging