diff --git a/firmware/critical/pieeprom-2019-05-10.bin b/firmware/beta/pieeprom-2019-10-08.bin
similarity index 71%
rename from firmware/critical/pieeprom-2019-05-10.bin
rename to firmware/beta/pieeprom-2019-10-08.bin
index c0f6caf..368b2ad 100644
Binary files a/firmware/critical/pieeprom-2019-05-10.bin and b/firmware/beta/pieeprom-2019-10-08.bin differ
diff --git a/firmware/beta/pieeprom-2019-10-16.bin b/firmware/beta/pieeprom-2019-10-16.bin
new file mode 100644
index 0000000..1c8925d
Binary files /dev/null and b/firmware/beta/pieeprom-2019-10-16.bin differ
diff --git a/firmware/beta/recovery.bin b/firmware/beta/recovery.bin
new file mode 100644
index 0000000..6d0378e
Binary files /dev/null and b/firmware/beta/recovery.bin differ
diff --git a/firmware/beta/vl805-00013701.bin b/firmware/beta/vl805-00013701.bin
new file mode 100644
index 0000000..23230a3
Binary files /dev/null and b/firmware/beta/vl805-00013701.bin differ
diff --git a/firmware/beta/vl805-000137ab.bin b/firmware/beta/vl805-000137ab.bin
new file mode 100644
index 0000000..8874e54
Binary files /dev/null and b/firmware/beta/vl805-000137ab.bin differ
diff --git a/firmware/beta/vl805.latest b/firmware/beta/vl805.latest
new file mode 100644
index 0000000..00b6cc4
--- /dev/null
+++ b/firmware/beta/vl805.latest
@@ -0,0 +1 @@
+000137ab
diff --git a/firmware/recovery.bin b/firmware/critical/recovery.bin
similarity index 100%
rename from firmware/recovery.bin
rename to firmware/critical/recovery.bin
diff --git a/firmware/raspberry_pi4_network_boot_beta.md b/firmware/raspberry_pi4_network_boot_beta.md
index 97c2f10..8e680ab 100644
--- a/firmware/raspberry_pi4_network_boot_beta.md
+++ b/firmware/raspberry_pi4_network_boot_beta.md
@@ -127,3 +127,14 @@ Optional dotted decimal ip address (e.g. 192.169.1.99) for the TFTP server which
 This maybe useful on home networks because tftpd-hpa can be used instead of dnsmasq where broadband router is the DHCP server.
 Default: ""  
 
+### TFTP_PREFIX (since 2019-10-08)
+Configure the TFTP prefix string to probe
+* 0 - The serial number
+* 1 - The value of TFTP_PREFIX_STR
+* 2 - The mac-address separated by dashes (lower case)
+Default: 0 
+
+### TFTP_PREFIX_STR (since 2019-10-08)
+The prefix string to use with TFTP_PREFIX=1 - up to 127 characters.
+Default: ""
+
diff --git a/firmware/release-notes.md b/firmware/release-notes.md
index 202e93a..2e587e5 100644
--- a/firmware/release-notes.md
+++ b/firmware/release-notes.md
@@ -1,5 +1,26 @@
 # Raspberry Pi4 bootloader EEPROM release notes
 
+## 2019-10-17 - rpi-eeprom-update + recovery.bin
+    * New beta recovery.bin which can update the VLI EEPROM before
+      start.elf is loaded. This is the recommended and default method
+      because no USB devices will be in use at this stage.
+    * Extend the USE_FLASHROM configuration to use the vl805 tool
+      to program the VL805 directly.
+    * Generate SHA256 checksums in .sig files for the bootloader and
+      and VL805 images. This is required by the new recovery.bin to
+      guard against corrupted files being flashed to the EEPROM(s).
+    * Various variable renames to distinguish between the bootloader
+      and the VL805 images.
+
+## 2019-10-16 - Git 18472066 (BETA)
+   * Ignore trailing characters when parsing in PXE boot menu option.
+   * Improve error handling with unformatted sd-cards.
+## 2019-10-08 - Git 26dd3686c (BETA)
+   * TFTP now uses RFC2348 blksize option to get 1024 byte blocks if the server supports it.
+   * Fix DHCP handling of SI_ADDR
+   * TFTP_PREFIX and TFTP_PREFIX_STR options for mac-address or string literal prefix.
+   * Improved support for standard capacity and SDv1 cards.
+
 ## 2019-09-25 - Git 4d9824321 (BETA)
    * Increase TFTP timeout to 30s as default & bootconf.txt
    * Fix intermittent boot freeze/slowdown issue after loading start.elf
diff --git a/rpi-eeprom-config b/rpi-eeprom-config
index 993793f..ac34921 100755
--- a/rpi-eeprom-config
+++ b/rpi-eeprom-config
@@ -10,6 +10,8 @@ import sys
 
 IMAGE_SIZE = 512 * 1024
 
+MAX_BOOTCONF_SIZE = 2024
+
 # Each section starts with a magic number followed by a 32 bit offset to the
 # next section (big-endian).
 # The number, order and size of the sections depends on the bootloader version
@@ -55,8 +57,9 @@ class BootloaderImage(object):
         hdr_offset, length = self.find_config()
         new_config_bytes = open(new_config, 'rb').read()
         new_len = len(new_config_bytes) + FILENAME_LEN + 4
-        if new_len > length and new_len > 1024:
-            raise Exception('Config is too large')
+        if len(new_config_bytes) > MAX_BOOTCONF_SIZE:
+            raise Exception("Config is too large (%d bytes). The maximum size is %d bytes."
+                    % (len(new_config_bytes), MAX_BOOTCONF_SIZE))
         if hdr_offset + len(new_config_bytes) + FILE_HDR_LEN > IMAGE_SIZE:
             raise Exception('EEPROM image size exceeded')
 
diff --git a/rpi-eeprom-update b/rpi-eeprom-update
index 76a261f..6dad164 100755
--- a/rpi-eeprom-update
+++ b/rpi-eeprom-update
@@ -16,8 +16,9 @@ FIRMWARE_ROOT=${FIRMWARE_ROOT:-/lib/firmware/raspberrypi/bootloader}
 FIRMWARE_RELEASE_STATUS=${FIRMWARE_RELEASE_STATUS:-critical}
 FIRMWARE_IMAGE_DIR=${FIRMWARE_IMAGE_DIR:-${FIRMWARE_ROOT}/${FIRMWARE_RELEASE_STATUS}}
 FIRMWARE_BACKUP_DIR=${FIRMWARE_BACKUP_DIR:-/var/lib/raspberrypi/bootloader/backup}
+ENABLE_VL805_UPDATES=${ENABLE_VL805_UPDATES:-1}
 USE_FLASHROM=${USE_FLASHROM:-0}
-RECOVERY_BIN=${RECOVERY_BIN:-${FIRMWARE_ROOT}/recovery.bin}
+RECOVERY_BIN=${RECOVERY_BIN:-${FIRMWARE_ROOT}/${FIRMWARE_RELEASE_STATUS}/recovery.bin}
 BOOTFS=${BOOTFS:-/boot}
 
 EXIT_SUCCESS=0
@@ -31,7 +32,7 @@ OVERWRITE_CONFIG=0
 # Maximum safe SPI speed for EEPROM access 16000, slower is ok.
 SPI_SPEED=16000
 # Timestamp for first release which doesn't have a timestamp field
-FIRST_VERSION=1557513636
+BOOTLOADER_FIRST_VERSION=1557513636
 EEPROM_SIZE=524288
 
 # Simple bootloader which is able to load start.elf in the event of a power
@@ -41,6 +42,13 @@ EEPROM_SIZE=524288
 TMP_EEPROM_IMAGE=""
 TMP_BOOTFS_MNT=""
 
+VL805_CURRENT_VERSION=
+VL805_UPDATE_VERSION=
+
+# The update actions selected by the version check
+ACTION_UPDATE_BOOTLOADER=0
+ACTION_UPDATE_VL805=0
+
 cleanup() {
    if [ -f "${TMP_EEPROM_IMAGE}" ]; then
       rm -f "${TMP_EEPROM_IMAGE}"
@@ -65,9 +73,7 @@ die() {
 
 prepareImage()
 {
-   eeprom_image="$1"
-
-   [ -f "${eeprom_image}" ] || die "EEPROM image \'${eeprom_image}\' not found"
+   [ -f "${BOOTLOADER_UPDATE_IMAGE}" ] || die "EEPROM image \'${BOOTLOADER_UPDATE_IMAGE}\' not found"
    TMP_EEPROM_IMAGE="$(mktemp)"
    TMP_EEPROM_CONFIG="$(mktemp)"
 
@@ -85,98 +91,122 @@ prepareImage()
       OVERWRITE_CONFIG=1
    fi
 
-   cp -f "${eeprom_image}" "${TMP_EEPROM_IMAGE}"
+   cp -f "${BOOTLOADER_UPDATE_IMAGE}" "${TMP_EEPROM_IMAGE}"
 
    if [ "${OVERWRITE_CONFIG}" = 0 ]; then
       "${script_dir}/rpi-eeprom-config" \
          --out "${TMP_EEPROM_IMAGE}" \
-         --config "${TMP_EEPROM_CONFIG}" "${eeprom_image}"
+         --config "${TMP_EEPROM_CONFIG}" "${BOOTLOADER_UPDATE_IMAGE}"
    fi
 }
 
 applyRecoveryUpdate()
 {
-   eeprom_image="$1"
-   [ -f "${eeprom_image}" ] || die "${eeprom_image} not found"
-   TMP_EEPROM_IMAGE="$(mktemp)"
+   [ -n "${BOOTLOADER_UPDATE_IMAGE}" ] || [ -n "${VL805_UPDATE_IMAGE}" ] || die "No update images specified"
 
    findBootFS
-   prepareImage "${eeprom_image}"
 
-   # If recovery.bin encounters pieeprom.upd then it will select it in
-   # preference to pieeprom.bin. The .upd file also causes recovery.bin
-   # to rename itself to recovery.000 and reboot if the update is successful.
-   # The rename causes the ROM to ignore this file and use the newly flashed
-   # EEPROM image instead.
-   cp -f "${TMP_EEPROM_IMAGE}" "${BOOTFS}/pieeprom.upd" \
-      || die "Failed to copy ${TMP_EEPROM_IMAGE} to ${BOOTFS}"
+   # A '.sig' file is created so that recovery.bin can check that the
+   # EEPROM image has not been created (e.g. SD card corruption).
+   # The .sig file format is currently just a SHA256 in ASCII hex. In future,
+   # if an actual public key signature is required then that plus any other
+   # data would be appended after the SHA256 signature.
+   if [ -n "${BOOTLOADER_UPDATE_IMAGE}" ]; then
+        [ -f "${BOOTLOADER_UPDATE_IMAGE}" ] || die "${BOOTLOADER_UPDATE_IMAGE} not found"
+
+        TMP_EEPROM_IMAGE="$(mktemp)"
+        prepareImage
+        # If recovery.bin encounters pieeprom.upd then it will select it in
+        # preference to pieeprom.bin. The .upd file also causes recovery.bin
+        # to rename itself to recovery.000 and reboot if the update is successful.
+        # The rename causes the ROM to ignore this file and use the newly flashed
+        # EEPROM image instead.
+        sha256sum "${TMP_EEPROM_IMAGE}" | awk '{print $1}' > "${BOOTFS}/pieeprom.sig" \
+                || die "Failed to create ${BOOTFS}/pieeprom.sig"
+
+        cp -f "${TMP_EEPROM_IMAGE}" "${BOOTFS}/pieeprom.upd" \
+                || die "Failed to copy ${TMP_EEPROM_IMAGE} to ${BOOTFS}"
+   fi
+
+   if [ -n "${VL805_UPDATE_IMAGE}" ]; then
+        sha256sum "${VL805_UPDATE_IMAGE}" | awk '{print $1}' > "${BOOTFS}/vl805.sig" \
+                || die "Failed to create ${BOOTFS}/vl805.sig"
+        cp -f "${VL805_UPDATE_IMAGE}" "${BOOTFS}/vl805.bin"
+   fi
 
    cp -f "${RECOVERY_BIN}" "${BOOTFS}/recovery.bin" \
       || die "Failed to copy ${RECOVERY_BIN} to ${BOOTFS}"
 }
 
 applyUpdate() {
-   eeprom_image="$1"
-
    [ "$(id -u)" = "0" ] || die "* Must be run as root - try 'sudo rpi-eeprom-update'"
 
    if [ "${USE_FLASHROM}" = 0 ]; then
-      applyRecoveryUpdate "${eeprom_image}"
+      applyRecoveryUpdate
       return
    fi
 
-   # Bootloader EEPROM chip-select is muxed with audio pin so disable audio
-   # LDO first to avoid sending noise to analog audio.
-   /opt/vc/bin/vcmailbox 0x00030056 4 4 0 > /dev/null || true
-   dtparam audio=off
+   if [ -f "${BOOTLOADER_UPDATE_IMAGE}" ]; then
+      # Bootloader EEPROM chip-select is muxed with audio pin so disable audio
+      # LDO first to avoid sending noise to analog audio.
+      /opt/vc/bin/vcmailbox 0x00030056 4 4 0 > /dev/null || true
+      dtparam audio=off
 
-   # Switch the SPI pins to boot EEPROM
-   dtoverlay spi-gpio40-45
-   modprobe spidev
-   modprobe spi-bcm2835
+      # Switch the SPI pins to boot EEPROM
+      dtoverlay spi-gpio40-45
+      modprobe spidev
+      modprobe spi-bcm2835
 
-   prepareImage "${eeprom_image}"
+      prepareImage "${BOOTLOADER_UPDATE_IMAGE}"
 
-   echo "Applying update ${eeprom_image}"
-   flashrom -p "linux_spi:dev=/dev/spidev0.0,spispeed=${SPI_SPEED}" -w "${TMP_EEPROM_IMAGE}" || die "flashrom EEPROM update failed"
+      echo "Applying bootloaer update ${BOOTLOADER_UPDATE_IMAGE}"
+      flashrom -p "linux_spi:dev=/dev/spidev0.0,spispeed=${SPI_SPEED}" -w "${TMP_EEPROM_IMAGE}" || die "flashrom EEPROM update failed"
 
-   dtparam -R spi-gpio40-45
-   dtparam audio=on
-   /opt/vc/bin/vcmailbox 0x00030056 4 4 1 > /dev/null || true
+      dtparam -R spi-gpio40-45
+      dtparam audio=on
+      /opt/vc/bin/vcmailbox 0x00030056 4 4 1 > /dev/null || true
+   fi
+
+   if [ -f "${VL805_UPDATE_IMAGE}" ]; then
+      echo "Applying VL805 image ${VL805_UPDATE_IMAGE}"
+      vl805 -w "${VL805_UPDATE_IMAGE}"
+   fi
+
+   echo "Applying bootloader update ${BOOTLOADER_UPDATE_IMAGE}"
 }
 
 # Use the version reported by the loaded EEPROM instead of attempting to retrieve
 # this via flashrom to avoid unnecessary audio glitches.
-CURRENT_VERSION=
-getCurrentVersion() {
+BOOTLOADER_CURRENT_VERSION=
+getBootloaderCurrentVersion() {
    if vcgencmd bootloader_version | grep -q timestamp; then
-      CURRENT_VERSION=$(vcgencmd bootloader_version | grep timestamp | awk '{print $2}')
-      if [ "${CURRENT_VERSION}" = "0" ]; then
+      BOOTLOADER_CURRENT_VERSION=$(vcgencmd bootloader_version | grep timestamp | awk '{print $2}')
+      if [ "${BOOTLOADER_CURRENT_VERSION}" = "0" ]; then
          # If a timestamp of zero is returned then it's new firmware but an
          # old bootloader. Assume bootloader v0
-         CURRENT_VERSION="${FIRST_VERSION}"
+         BOOTLOADER_CURRENT_VERSION="${BOOTLOADER_FIRST_VERSION}"
       fi
    else
       # New bootloader / old firmware ? Try to parse the date
-      CURRENT_VERSION=$(date -u +%s --date "$(vcgencmd bootloader_version | head -n1)")
+      BOOTLOADER_CURRENT_VERSION=$(date -u +%s --date "$(vcgencmd bootloader_version | head -n1)" 2>/dev/null || true)
    fi
 
    # Failed to parse the version. Default to the initial production release.
-   if [ -z "${CURRENT_VERSION}" ]; then
-      CURRENT_VERSION="${FIRST_VERSION}"
+   if [ -z "${BOOTLOADER_CURRENT_VERSION}" ]; then
+      BOOTLOADER_CURRENT_VERSION="${BOOTLOADER_FIRST_VERSION}"
    fi
 }
 
 # Find latest applicable update version
-UPDATE_IMAGE=""
-UPDATE_VERSION=0
-getUpdateVersion() {
-   UPDATE_VERSION=0
+BOOTLOADER_UPDATE_IMAGE=""
+BOOTLOADER_UPDATE_VERSION=0
+getBootloaderUpdateVersion() {
+   BOOTLOADER_UPDATE_VERSION=0
    match=".*/pieeprom-[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9].bin"
    latest="$(find "${FIRMWARE_IMAGE_DIR}" -maxdepth 1 -type f -size "${EEPROM_SIZE}c" -regex "${match}" | sort -r | head -n1)"
    if [ -f "${latest}" ]; then
-      UPDATE_VERSION=$(strings "${latest}" | grep BUILD_TIMESTAMP | sed 's/.*=//g')
-      UPDATE_IMAGE="${latest}"
+      BOOTLOADER_UPDATE_VERSION=$(strings "${latest}" | grep BUILD_TIMESTAMP | sed 's/.*=//g')
+      BOOTLOADER_UPDATE_IMAGE="${latest}"
    fi
 }
 
@@ -192,12 +222,20 @@ checkDependencies() {
       die "Bootloader updates directory ${FIRMWARE_IMAGE_DIR} not found."
    fi
 
+   if ! command -v vl805 -h > /dev/null 2>&1; then
+      die "vl805 command not found"
+   fi 
+
    if vcgencmd bootloader_config | grep -qi "Command not registered"; then
-      die "vcgencmd: 'bootloader_config' command not supported. Please update VC firmware"
+      die "vcgencmd: 'bootloader_config' command not supported. Please update VC firmware and reboot."
    fi
 
-   if ! flashrom --version > /dev/null 2>&1; then
-      [ "${USE_FLASHROM}" = 0 ] || die "flashrom not found."
+   if ! command -v sha256sum > /dev/null 2>&1; then
+      die "sha256sum not found. On Debian, try installing the coreutilities package"
+   fi
+
+   if ! command -v flashrom  > /dev/null 2>&1; then
+      [ "${USE_FLASHROM}" = 0 ] || die "flashrom not found. On Debian, try installing the flashrom package."
    fi
 
    if [ "${USE_FLASHROM}" = 0 ]; then
@@ -208,18 +246,24 @@ checkDependencies() {
 usage() {
 cat <<EOF
 rpi-eeprom-update [options]... [FILE]
-   Checks whether the Raspberry Pi bootloader EEPROM is up-to-date and
-   optionally updates the EEPROM at the next reboot.
+   Checks whether the Raspberry Pi bootloader and the VL805 USB controller
+   EEPROMs are up-to-date and optionally updates the EEPROMs at the next reboot.
 
-   The default update mechanism writes recovery.bin and pieeprom.upd to the
-   boot partition on the sd-card. At the next reboot the ROM runs recovery.bin
-   which flashes pieeprom.upd to the EEPROM. If the EEPROM update was successful
-   recovery.bin renames itself to recovery.000 to prevent it from running a
-   second time then resets the system. The system should then boot normally.
+   The default update mechanism writes recovery.bin and the EEPROM update 
+   image(s) (pieeprom.upd and vl805.bin) to the boot partition on the sd-card. 
+   The SHA256 hash of the corresponding images are written to pieeprom.sig
+   and/or vl805.sig. This guards against file system corruption which could
+   cause the EEPROM to be flashed with an invalid image. This is is not a
+   security check.
+
+   At the next reboot the ROM runs recovery.bin which updates EEPROM(s). 
+   If the update was successful recovery.bin renames itself to recovery.000
+   to prevent it from running a second time then resets the system.
+   The system should then boot normally.
 
    If /boot does not correspond to the boot partition on the sd-card and this
    is not a NOOBS system then the mount point for BOOTFS should be defined
-   in /etc/default/rpi-eeprom-update
+   in /etc/default/rpi-eeprom-update by defining the BOOTFS variable.
 
    For reference, the flashrom update mechanism may be enabled by defining
    USE_FLASHROM=1 in /etc/default/rpi-eeprom-update. This not recommended
@@ -230,7 +274,8 @@ rpi-eeprom-update [options]... [FILE]
    A backup of the current EEPROM config file is written to ${FIRMWARE_BACKUP_DIR}
    before applying the update.
 
-   -a Install the latest update if necessary
+   -a Automatically install bootloader and USB (VLI) EEPROM updates.
+   -A Specify which type of EEPROM to automatically update (vl805 or bootloader)
    -d Use the default bootloader config instead of migrating the current settings
    -f Install the given file instead of the latest applicable update
       Ignores the FREEZE_VERSION flag in bootloader and is intended for manual
@@ -240,7 +285,7 @@ rpi-eeprom-update [options]... [FILE]
    -h Display help text and exit
    -j Write status information using JSON notation
    -m Write status information to the given file when run without -a or -f
-
+   -u Install the specified VL805 (USB EEPROM) image file.
 
    To extract the configuration file from an EEPROM image: 
    rpi-eeprom-config pieeprom.bin --out bootconf.txt
@@ -263,10 +308,12 @@ EOF
 
 printVersions()
 {
-   cur="$1"
-   new="$2"
-   echo "CURRENT: $(date -u "-d@${cur}") (${cur})"
-   echo " LATEST: $(date -u "-d@${new}") (${new})"
+   echo "BOOTLOADER"
+   echo "CURRENT: $(date -u "-d@${BOOTLOADER_CURRENT_VERSION}") (${BOOTLOADER_CURRENT_VERSION})"
+   echo " LATEST: $(date -u "-d@${BOOTLOADER_UPDATE_VERSION}") (${BOOTLOADER_UPDATE_VERSION})"
+   echo "VL805"
+   echo "CURRENT: ${VL805_CURRENT_VERSION}"
+   echo " LATEST: ${VL805_UPDATE_VERSION}"
 }
 
 findBootFS()
@@ -276,7 +323,6 @@ findBootFS()
    # If ${BOOTFS} is not writable OR is not on /dev/mmcblk0 then error because the ROM
    # can only load recovery.bin from the on-board SD-CARD slot or the EEPROM.
 
-   # To skip installing the safe mode recovery.bin use the -s option
    if blkid | grep -qE "/dev/mmcblk0p1.*LABEL_FATBOOT.*RECOVERY.*TYPE.*vfat"; then
       TMP_BOOTFS_MNT="$(mktemp -d)"
       mount /dev/mmcblk0p1 "${TMP_BOOTFS_MNT}"
@@ -284,33 +330,105 @@ findBootFS()
    fi
 
    # If BOOTFS is not a directory or doesn't contain any .elf files then
-   # it's probably not the boot partition so assume that it cannot be used for a
-   # safe mode recovery
+   # it's probably not the boot partition.
    [ -d "${BOOTFS}" ] || die "BOOTFS: \"${BOOTFS}\" is not a directory"
    [ "$(find "${BOOTFS}/" -name "*.elf" | wc -l)" -gt 0 ] || die "BOOTFS: \"${BOOTFS}\" contains no .elf files"
 }
 
+getVL805CurrentVersion()
+{
+   # The version number is obtained by examing a section of PCI config
+   # space which is only accessible as root. If the command is not run as
+   # root then treat the version as unknown and skip VLI updates.
+   VL805_CURRENT_VERSION=""
+   if [ "$(id -u)" = "0" ]; then
+      if vl805 | grep -q "VL805 FW version"; then
+         VL805_CURRENT_VERSION=$(vl805 | grep "VL805 FW version" | awk '{print $4}')
+      fi
+   fi
+}
+
+getVL805UpdateVersion()
+{
+   # The latest VL805 version is indicated by a file containing the version
+   # number. If the version file exists then verify that the corresponding
+   # VL805 binary exists before selecting it.
+   # There are no user modifiable sections in the VL805 firmware and there 
+   # are unlikely to be many updates to it so just indicate the latest supported
+   # version. This also avoids making any assumptions about the VLI version numbers.
+   VL805_UPDATE_VERSION=""
+   if [ -f "${FIRMWARE_IMAGE_DIR}/vl805.latest" ]; then
+      ver="$(cat "${FIRMWARE_IMAGE_DIR}/vl805.latest")"
+      if [ -f "${FIRMWARE_IMAGE_DIR}/vl805-${ver}.bin" ]; then
+         VL805_UPDATE_VERSION="${ver}"
+         VL805_UPDATE_IMAGE="${FIRMWARE_IMAGE_DIR}/vl805-${ver}.bin"
+      fi
+   fi
+}
+
+# Retrieve the version information and determine whether newer
+# versions are available.
+lookupVersionInfo()
+{
+   getBootloaderCurrentVersion
+   getBootloaderUpdateVersion
+
+   getVL805CurrentVersion
+   getVL805UpdateVersion
+
+   if [ "${BOOTLOADER_UPDATE_VERSION}" -gt "${BOOTLOADER_CURRENT_VERSION}" ]; then
+      ACTION_UPDATE_BOOTLOADER=1
+   else
+      BOOTLOADER_UPDATE_IMAGE=""
+   fi
+
+   if [ -n "${VL805_CURRENT_VERSION}" ] && [ -n "${VL805_UPDATE_VERSION}" ]; then
+      if [ "${VL805_CURRENT_VERSION}" != "${VL805_UPDATE_VERSION}" ]; then
+         ACTION_UPDATE_VL805=1
+      else
+         VL805_UPDATE_IMAGE=""
+      fi
+   fi
+}
+
 checkAndApply()
 {
-   getCurrentVersion
-   getUpdateVersion
+   lookupVersionInfo
 
-   if [ "${UPDATE_VERSION}" -gt "${CURRENT_VERSION}" ]; then
-      printVersions "${CURRENT_VERSION}" "${UPDATE_VERSION}"
-      echo "*** INSTALLING REQUIRED UPDATE ***"
-      applyUpdate "${UPDATE_IMAGE}"
-      echo "Bootloader EEPROM update pending. Please reboot to apply the update."
+   # Restrict the automatic updates to the EEPROM types selected by the -A option.
+   if [ "${AUTO_UPDATE_VL805}" != 1 ]; then
+      ACTION_UPDATE_VL805=0
+      VL805_UPDATE_IMAGE=""
+   fi
+   if [ "${AUTO_UPDATE_BOOTLOADER}" != 1 ]; then
+      ACTION_UPDATE_BOOTLOADER=0
+      BOOTLOADER_UPDATE_IMAGE=""
+   fi
+
+   if [ "${ACTION_UPDATE_BOOTLOADER}" = 1 ] || [ "${ACTION_UPDATE_VL805}" = 1 ]; then
+      echo "*** INSTALLING EEPROM UPDATES ***"
+      printVersions
+      applyUpdate
+      echo "Bootloader and/or VL805 EEPROM update pending. Please reboot to apply the update."
    else
-      echo "Bootloader EEPROM is up to date. $(date -d@${CURRENT_VERSION})"
+      echo "Bootloader and VL805 EEPROMs are up to date. $(date -d@${BOOTLOADER_CURRENT_VERSION})"
    fi
 }
 
 fileUpdate()
 {
-   echo "*** INSTALLING ${1} ***"
-   [ -f "${1}" ] || die "\"${1}\" not found"
-   applyUpdate "$1"
-   echo "Bootloader EEPROM update pending. Please reboot to apply the update."
+   echo "*** INSTALLING ${BOOTLOADER_UPDATE_IMAGE} ${VL805_UPDATE_IMAGE} ***"
+
+   if [ -n "${BOOTLOADER_UPDATE_IMAGE}" ]; then
+      [ -f "${BOOTLOADER_UPDATE_IMAGE}" ] || die "Bootloader image \"${BOOTLOADER_UPDATE_IMAGE}\" not found"
+   fi
+
+   if [ -n "${VL805_UPDATE_IMAGE}" ]; then
+      [ -f "${VL805_UPDATE_IMAGE}" ] || die "VL805 image \"${VL805_UPDATE_IMAGE}\" not found"
+   fi
+
+   applyUpdate
+   echo "EEPROM update pending. Please reboot to apply the update."
 }
 
 removePreviousUpdates()
@@ -322,25 +440,26 @@ removePreviousUpdates()
       # N.B. recovery.bin is normally ignored by the ROM if is not a valid
       # executable but it's best to not have the file at all.
       rm -f "${BOOTFS}/recovery.bin"
-      rm -f "${BOOTFS}/pieeprom.bin" "${BOOTFS}/pieeprom.upd"
+      rm -f "${BOOTFS}/pieeprom.bin" "${BOOTFS}/pieeprom.upd" "${BOOTFS}/pieeprom.sig"
+      rm -f "${BOOTFS}/vl805.bin" "${BOOTFS}/vl805.sig"
       # Case insensitive for FAT bootfs
-      find "${BOOTFS}" -maxdepth 1 -type f -iname "recovery.*" -regex ".*\.[0-9][0-9][0-9]$" -exec rm -f {} \;
+      find "${BOOTFS}" -maxdepth 1 -type f -iname "recovery.*" -regex '.*\.[0-9][0-9][0-9]$' -exec rm -f {} \;
    fi
 }
 
 checkVersion()
 {
-   getCurrentVersion
-   getUpdateVersion
-   if [ "${UPDATE_VERSION}" -gt "${CURRENT_VERSION}" ]; then
+   lookupVersionInfo
+
+   if [ "${BOOTLOADER_UPDATE_VERSION}" -gt "${BOOTLOADER_CURRENT_VERSION}" ]; then
       echo "*** UPDATE REQUIRED ***"
-      printVersions "${CURRENT_VERSION}" "${UPDATE_VERSION}"
-      write_status_info EXIT_UPDATE_REQUIRED "${CURRENT_VERSION}" "${UPDATE_VERSION}"
+      printVersions
+      write_status_info "${EXIT_UPDATE_REQUIRED}"
       exit ${EXIT_UPDATE_REQUIRED}
    else
       echo "Bootloader EEPROM is up to date"
-      printVersions "${CURRENT_VERSION}" "${UPDATE_VERSION}"
-      write_status_info EXIT_SUCCESS "${CURRENT_VERSION}" "${UPDATE_VERSION}"
+      printVersions
+      write_status_info "${EXIT_SUCCESS}"
       exit ${EXIT_SUCCESS}
    fi
 }
@@ -349,40 +468,56 @@ write_status_info()
 {
    [ -z "${MACHINE_OUTPUT}" ] && return 0
 
-   exit_code="${1}"
-   cur=${2}
-   new=${3}
+   exit_code="${1:-EXIT_FAILED}"
+   bootloader_cur="${BOOTLOADER_CURRENT_VERSION}"
+   bootloader_new="${BOOTLOADER_UPDATE_VERSION}"
+   vl805_cur="${VL805_CURRENT_VERSION}"
+   vl805_new="${VL805_UPDATE_VERSION}"
 
     if [ "${JSON_OUTPUT}" = "no" ]; then
       cat > "${MACHINE_OUTPUT}" <<EOF
 EXITCODE="${exit_code}"
-CURRENT_TS=${cur}
-LATEST_TS=${new}
+BOOTLOADER_CURRENT=${bootloader_cur}
+BOOTLOADER_LATEST=${bootloader_new}
+VL805_CURRENT="${vl805_cur}"
+VL805_LATEST="${vl805_new}"
 EOF
    else
       cat > "${MACHINE_OUTPUT}" <<EOF
 {
-  "EXITCODE": "${exit_code}",
-  "CURRENT_TS": ${cur},
-  "LATEST_TS": ${new}
+  "EXITCODE": ${exit_code},
+  "BOOTLOADER_CURRENT": ${bootloader_cur:-0},
+  "BOOTLOADER_LATEST": ${bootloader_new:-0},
+  "VL805_CURRENT": "${vl805_cur}",
+  "VL805_LATEST": "${vl805_new}"
 }
 EOF
    fi
    return 0
 }
 
-AUTO_UPDATE=""
-FILE_UPDATE=""
+AUTO_UPDATE_BOOTLOADER=0
+AUTO_UPDATE_VL805=0
 MACHINE_OUTPUT=""
 JSON_OUTPUT="no"
 
-while getopts adhf:m:j option; do
+while getopts A:adhf:m:ju: option; do
    case "${option}" in
-   a) AUTO_UPDATE=1
+   A)
+      if [ "${OPTARG}" = "bootloader" ]; then
+         AUTO_UPDATE_BOOTLOADER=1
+      elif [ "${OPTARG}" = "vl805" ]; then
+         AUTO_UPDATE_VL805=1
+      else
+         die "Unknown update mode: ${OPTARG}"
+      fi
+      ;;
+   a) AUTO_UPDATE_BOOTLOADER=1
+      AUTO_UPDATE_VL805=1
       ;;
    d) OVERWRITE_CONFIG=1
       ;;
-   f) FILE_UPDATE="${OPTARG}"
+   f) BOOTLOADER_UPDATE_IMAGE="${OPTARG}"
       ;;
    j) JSON_OUTPUT="yes"
       ;;
@@ -390,6 +525,8 @@ while getopts adhf:m:j option; do
       ;;
    h) usage
       ;;
+   u) VL805_UPDATE_IMAGE="${OPTARG}"
+      ;;
    *) echo "Unknown argument \"${option}\""
       usage
       ;;
@@ -398,15 +535,15 @@ done
 
 checkDependencies
 removePreviousUpdates
-if [ -n "${AUTO_UPDATE}" ]; then
+if [ "${AUTO_UPDATE_BOOTLOADER}" = 1 ] || [ "${AUTO_UPDATE_VL805}" = 1 ]; then
    if vcgencmd bootloader_config | grep FREEZE_VERSION=1; then
       echo "EEPROM version is frozen. Skipping update"
       exit ${EXIT_EEPROM_FROZEN}
    else
       checkAndApply
    fi
-elif [ -n "${FILE_UPDATE}" ]; then
-   fileUpdate "${FILE_UPDATE}"
+elif [ -n "${BOOTLOADER_UPDATE_IMAGE}" ] || [ -n "${VL805_UPDATE_IMAGE}" ]; then
+   fileUpdate
 else
    checkVersion
 fi
diff --git a/test/bootconf-2024.txt b/test/bootconf-2024.txt
new file mode 100644
index 0000000..77db039
--- /dev/null
+++ b/test/bootconf-2024.txt
@@ -0,0 +1,28 @@
+[all]
+BOOT_UART=0
+WAKE_ON_GPIO=1
+POWER_OFF_ON_HALT=0
+[none]                                                                              
+userdata0=0x12345789
+userdata1=0x12345789
+userdata2=0x12345789
+userdata3=0x12345789
+userdata4=0x12345789
+userdata5=0x12345789
+userdata6=0x12345789
+userdata7=0x12345789
+userdata8=0x12345789
+userdata9=0x12345789
+usercert=ZZZZZZZZZZZZlhEAAAADAQABAAABAQDg2l41l7troIKOA0hk3p9y4KuITWBL/aaTMORoqmXfyqEONNULSMElaLWch/b8ScHmcS+kxkS5DtLmKFo1JI14IaQNL5fr4C6Dp23CyMGIgjp3ZFg9tXs/qWpw36Ge0MCxjabbFeKVcMXD10voMT0AHfJtQb2YfOl37ffzC4bR3phUnp0Ceqpl0Loe6hxUP/r4Jen1OKskdfjsldfjalAjn9ASdkjnkjbaAKjnLKJbaKJHDRDkllDAlciaIKSPX2b0uk2MJRJhfarMHDnmxZtEzqMgwLdLol9XVjiSu/7EUzR9Qtvs8xhf6XuUJPRD6OtJCb49L+bb/pXAej/GOk0f
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# ++++++++++++++++++++++++++++++++++++++++++++++++
diff --git a/test/bootconf-2025.txt b/test/bootconf-2025.txt
new file mode 100644
index 0000000..e7752e4
--- /dev/null
+++ b/test/bootconf-2025.txt
@@ -0,0 +1,28 @@
+[all]
+BOOT_UART=0
+WAKE_ON_GPIO=1
+POWER_OFF_ON_HALT=0
+[none]                                                                              
+userdata0=0x12345789
+userdata1=0x12345789
+userdata2=0x12345789
+userdata3=0x12345789
+userdata4=0x12345789
+userdata5=0x12345789
+userdata6=0x12345789
+userdata7=0x12345789
+userdata8=0x12345789
+userdata9=0x12345789
+usercert=ZZZZZZZZZZZZlhEAAAADAQABAAABAQDg2l41l7troIKOA0hk3p9y4KuITWBL/aaTMORoqmXfyqEONNULSMElaLWch/b8ScHmcS+kxkS5DtLmKFo1JI14IaQNL5fr4C6Dp23CyMGIgjp3ZFg9tXs/qWpw36Ge0MCxjabbFeKVcMXD10voMT0AHfJtQb2YfOl37ffzC4bR3phUnp0Ceqpl0Loe6hxUP/r4Jen1OKskdfjsldfjalAjn9ASdkjnkjbaAKjnLKJbaKJHDRDkllDAlciaIKSPX2b0uk2MJRJhfarMHDnmxZtEzqMgwLdLol9XVjiSu/7EUzR9Qtvs8xhf6XuUJPRD6OtJCb49L+bb/pXAej/GOk0f
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 
+# ++++++++++++++++++++++++++++++++++++++++++++++++!
diff --git a/test/install b/test/install
new file mode 100755
index 0000000..e2755c3
--- /dev/null
+++ b/test/install
@@ -0,0 +1,31 @@
+#!/bin/sh
+
+# Convenience script for updating the rpi-eeprom updater via a git
+# clone instead of apt install.
+
+# For test & debug only.
+
+set -e
+
+script_dir="$(cd "$(dirname "$0")" && pwd)"
+
+die() {
+  echo "$@" >&2
+  exit 1
+}
+
+FIRMWARE_DIR="${script_dir}/../firmware"
+CONFIG="/etc/default/rpi-eeprom-update"
+
+[ "$(id -u)" = "0" ] || die "$0 Must be run as root - try 'sudo $0 [-b]'"
+
+cp -rfv "${FIRMWARE_DIR}"/* /lib/firmware/raspberrypi/bootloader
+cp -fv "${script_dir}/../rpi-eeprom-config" /usr/bin
+cp -fv "${script_dir}/../rpi-eeprom-update" /usr/bin
+cp -fv "${script_dir}/../vl805" /usr/bin
+
+cp -fv "${script_dir}/../rpi-eeprom-update-default" /etc/default/rpi-eeprom-update
+
+if [ "$1" = "-b" ]; then
+   sed -i -e 's/^FIRMWARE_RELEASE_STATUS=.*/FIRMWARE_RELEASE_STATUS=beta/' "${CONFIG}"
+fi
diff --git a/test/test-rpi-eeprom-config b/test/test-rpi-eeprom-config
index 9d72068..f56975a 100755
--- a/test/test-rpi-eeprom-config
+++ b/test/test-rpi-eeprom-config
@@ -107,6 +107,40 @@ check_update()
    fi
 }
 
+# Verify that rpi-eeprom-config will apply and 2024 byte configuration file correctly.
+check_conf_size_large()
+{
+   echo "check maximum config file size"
+   image="${script_dir}/$1"
+   conf="bootconf-2024.txt"
+
+   expected_md5="$(md5sum "${conf}" | awk '{print $1}')"
+
+   TMP_EEPROM="$(mktemp)"
+   "${script_dir}/../rpi-eeprom-config" \
+      "${image}" \
+      --config "${conf}" \
+      --out "${TMP_EEPROM}"
+
+   actual_md5="$("${script_dir}/../rpi-eeprom-config" "${TMP_EEPROM}" | md5sum | awk '{print $1}')"
+   [ "${actual_md5}" = "${expected_md5}" ] || die "EEPROM check large config: checksum mismatch"
+}
+
+# Verify that rpi-eeprom-config will reject files exceeding 2024 bytes
+check_conf_size_too_large()
+{
+   echo "check config file which exceeds the maximum size"
+   image="${script_dir}/$1"
+   conf="bootconf-2025.txt"
+
+   expected_md5="$(md5sum "${conf}" | awk '{print $1}')"
+
+   TMP_EEPROM="$(mktemp)"
+   if "${script_dir}/../rpi-eeprom-config" "${image}" --config "${conf}" --out "${TMP_EEPROM}" > /dev/null 2>&1; then
+      die "$config should have been rejected"
+   fi
+}
+
 check_loopback "../firmware/critical/pieeprom-2019-05-10.bin" "bootconf-2019-05-10.txt"
 cleanup
 
@@ -118,3 +152,9 @@ cleanup
 
 check_reduce_size "../firmware/critical/pieeprom-2019-05-10.bin" "bootconf-2019-05-10.txt"
 cleanup
+
+check_conf_size_large "../firmware/critical/pieeprom-2019-05-10.bin"
+cleanup
+
+check_conf_size_too_large "../firmware/critical/pieeprom-2019-05-10.bin"
+cleanup
diff --git a/vl805 b/vl805
new file mode 100755
index 0000000..d646de3
Binary files /dev/null and b/vl805 differ