X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=doc%2FREADME.avb2;h=a29cee1b6f50982dbef2c66da9136db7a05b6dfd;hb=4862830b696a6d0750e19d32a82553cdb41a85f8;hp=120279fedbe235fe781c898221e3a9df7a0a9747;hpb=de4b4ef36ff61840eeb7d17be3bc9a4181c243f7;p=platform%2Fkernel%2Fu-boot.git

diff --git a/doc/README.avb2 b/doc/README.avb2
index 120279f..a29cee1 100644
--- a/doc/README.avb2
+++ b/doc/README.avb2
@@ -18,6 +18,13 @@ Integrity of the bootloader (U-boot BLOB and environment) is out of scope.
 For additional details check:
 https://android.googlesource.com/platform/external/avb/+/master/README.md
 
+1.1. AVB using OP-TEE (optional)
+---------------------------------
+If AVB is configured to use OP-TEE (see 4. below) rollback indexes and
+device lock state are stored in RPMB. The RPMB partition is managed by
+OP-TEE (https://www.op-tee.org/) which is a secure OS leveraging ARM
+TrustZone.
+
 
 2. AVB 2.0 U-BOOT SHELL COMMANDS
 -----------------------------------
@@ -61,6 +68,12 @@ CONFIG_LIBAVB=y
 CONFIG_AVB_VERIFY=y
 CONFIG_CMD_AVB=y
 
+In addtion optionally if storing rollback indexes in RPMB with help of
+OP-TEE:
+CONFIG_TEE=y
+CONFIG_OPTEE=y
+CONFIG_OPTEE_TA_AVB=y
+CONFIG_SUPPORT_EMMC_RPMB=y
 
 Then add `avb verify` invocation to your android boot sequence of commands,
 e.g.: