Hi Heinrich,
On 2/25/26 1:21 PM, Heinrich Schuchardt wrote:
On 2/25/26 10:06, Heinrich Schuchardt wrote:
On 2/25/26 09:37, Quentin Schulz wrote:
Hi Heinrich,
On 2/25/26 8:37 AM, Heinrich Schuchardt wrote:
Symbol CONFIG_VPL_CRYPTO does not exist.
Correct but I have a hunch this was based off of SPL_FIT_SIGNATURE
which does require crypto support, so I'm assuming VPL would too.
But this symbol indeed never existed, and even if it did, it wouldn't
compile anything else as far as I can tell since drivers/crypto is
enabled by default in proper and only if CONFIG_SPL_CRYPTO is set for
SPL, and only SPL (checking for !TPL and !VPL)... so something feels
unfinished with VPL here to me.
I'm not sure we're improving anything there but I don't think it
makes things worse, as such
Fixes: 4218456b3fac ("vbe: Add Kconfig options for VPL")
Reviewed-by: Quentin Schulz <[email protected]>
Thanks!
Quentin
Thank you for reviewing.
There is a symbol CONFIG_VPL_MBEDTLS_LIB_CRYPTO that might be used but
then VPL_FIT_SIGNATURE support would have to depend on MBEDTLS.
Maybe Simon can inform us what his design intention was. Adding a
defconfig actually testing VPL_FIT_SIGNATURE would be helpful.
Best regards
Heinrich
There are more non-existent symbols implied by VPL_FIT_SIGNATURE
imply VPL_RSA
imply VPL_RSA_VERIFY
@Tom
I wonder why the VPL feature was suggested if it was never tested or
used. Should we remove all of VPL?
As far as I remember, VPL was a necessary step to add support for VBE
(Verified Boot for Embedded) that Simon was working on. I don't think it
got realized entirely (upstream I mean) which may explain the current
state of VPL symbols.
Cheers,
Quentin
