Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/39137 )
Change subject: vboot: Upgrade kernel space to v1.0 ......................................................................
Patch Set 1:
(2 comments)
https://review.coreboot.org/c/coreboot/+/39137/1/src/security/vboot/secdata_... File src/security/vboot/secdata_tpm.c:
https://review.coreboot.org/c/coreboot/+/39137/1/src/security/vboot/secdata_... PS1, Line 204: VB2_SECDATA_KERNEL_SIZE_V10 So this is actually a good indication that we should also make a VB2_SECDATA_KERNEL_SIZE constant (without version) which will always be updated to match the size of the latest version. This code shouldn't need to change when vboot adds new fields.
https://review.coreboot.org/c/coreboot/+/39137/1/src/security/vboot/secdata_... PS1, Line 382: vb2api_secdata_kernel_create Hmm... this is a problem I didn't think about: in the v1 space we removed the UID field because it's no longer needed for TPM 2.0. But this code is still used by some people running TPM 1.2, so we cannot switch those to the v1 struct. We'll need to make a separate vb2api_secdata_kernel_create_v0() function for that case.
You'll have to move this call into _factory_initialize_tpm() so you can create a different struct depending on whether we're in the TPM2 path or not.