Clarify rollback index protection in README.md file. am: 1614f552a5 am: 459fde11d5 am: 30a7217a17
am: 7ba1b00785
Change-Id: Id77dff055890b0dd0f11e51e7b4d74ab64e42c58
diff --git a/README.md b/README.md
index 8421383..31d579b 100644
--- a/README.md
+++ b/README.md
@@ -628,10 +628,11 @@
* If the device is LOCKED, only an OS signed by an embedded
verification key (see the previous section) shall be
- accepted. Additionally, the rollback indexes in the verified image
- must not exceed those stored on the device and
- `stored_rollback_index[n]` on the device are expected to be updated
- as specified in the previous section.
+ accepted. Additionally, `rollback_index[n]` as stored in the
+ verified image must be greater or equal than what's in
+ `stored_rollback_index[n]` on the device (for all `n`) and the
+ `stored_rollback_index[n]` array is expected to be updated as
+ specified in the previous section.
+ If the key used for verification was set by the end user, and
the device has a screen, it must show a warning with the key
fingerprint to convey that the device is booting a custom