Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/34977 )
Change subject: security/vboot: Boot to Recovery Mode if no RW slot present ......................................................................
Patch Set 1: Code-Review-1
I don't think you should do this. Running vboot when you not actually want to verify anything doesn't make any sense. We should rather try to decouple measured boot from verified boot and make them two fully independent options. It really doesn't have anything to do with vboot other than reusing crypto routines and relying on TPM initialization. We should change security/vboot/Makefile.inc so that the vboot library is still built and linked even if CONFIG_VBOOT is false (so you can use the crypto routines for other purposes), and we should tie the CRTM init to something other than vboot_logic_executed() (would probably do it in ramstage after init_tpm_dev() then... or if that's too late, maybe move that non-vboot TPM init into romstage somehow). There's no point in even having a verstage if you're never running verification.
On the other hand, if you *would* like to have verification but you just don't want to have more than one CBFS copy, we should implement a way to only have a single "RW" CBFS with no support for recovery mode or A/B updates, as discussed in CB:31662.