Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/38590 )
Change subject: vendorcode/eltan/security: Switch to vb2 vboot library ......................................................................
Patch Set 2: Code-Review+1
(2 comments)
Thanks, this is a step in the right direction.
https://review.coreboot.org/c/coreboot/+/38590/2/src/vendorcode/eltan/securi... File src/vendorcode/eltan/security/lib/Makefile.inc:
PS2: Can't you just remove this whole file and select CONFIG_VBOOT_LIB now?
https://review.coreboot.org/c/coreboot/+/38590/2/src/vendorcode/eltan/securi... File src/vendorcode/eltan/security/verified_boot/vboot_check.c:
https://review.coreboot.org/c/coreboot/+/38590/2/src/vendorcode/eltan/securi... PS2, Line 17: #define NEED_VB20_INTERNALS /* Peeking into vb2_shared_data */ What is the long-term plan here? We do not want future development on vboot to be restricted by random vendorcode users. This macro is supposed to be deprecated anyway and Joel is working hard to remove it from all of coreboot.
Are you ever going to drop all of this and completely move to the standard implementation in src/security/vboot? If not, this *will* break sooner or later, and at that point if it's a choice between not being able to uprev vboot anymore or deleting your vendorcode, we'll probably eventually have to do the latter.