Frans Hendriks has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/30831 )
Change subject: vendorcode/eltan/security/lib: Add hashing library used for measured and verified boot. ......................................................................
Patch Set 4:
Patch Set 4:
Patch Set 4:
Patch Set 4:
generally speaking this is generic code. Any particular reason to namespace it away into vendorcode/eltan?
This library is part of the measure_vboot_vendorcode topic.
I started with uploading a generic patch containing measured boot and verified boot. This verified boot includes checking bootblock and not using ChromeOS. I got comment to split into parts (as I did) and also this solution should be placed into a vendor specific directory. For this reason I placed all code into vendorcode/eltan
For us it's no problem to place the code in vendorcode, but I'm not sure about the main reason for this request.
I took a look at the other mboot commits now, and those are fine in vendorcode since it's neatly isolated.
I was referring to the vboot convenience wrappers in this commit: they're more generally useful than just for mboot and hiding them here means that it's rather likely we'll see similar functions being reimplemented in short order.
Would it make sence to adapt this patch for now? In later stage this lib can be merged/move from vendorcode?