Kconfig.cbfs_verification: Update TOCTOU_SAFETY combination with VBOOT

Now that VBOOT_CBFS_INTEGRATION exists, it is possible to use TOCTOU_SAFETY with VBOOT. Change-Id: I9f84574f611ec397060404c61e71312009d92ba7 Signed-off-by: Julius Werner <jwerner@chromium.org> Reviewed-on: https://review.coreboot.org/c/coreboot/+/78915 Reviewed-by: Yu-Ping Wu <yupingso@google.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
author: Julius Werner <jwerner@chromium.org> 2023-11-06 16:59:42 -0800
committer: Julius Werner <jwerner@chromium.org> 2023-11-07 22:30:20 +0000
commit: c7120e38e784cf760c08044fe4671f1be1b0b06d (patch)
tree: 19a6be1b4054198d684680a191adc81dd6a0342a /src/lib
parent: ca71588620b9f4a3c37d10f133febe5d2026921f (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/Kconfig.cbfs_verification b/src/lib/Kconfig.cbfs_verification
index 12aaf81fab..6482e06b20 100644
--- a/src/lib/Kconfig.cbfs_verification
+++ b/src/lib/Kconfig.cbfs_verification
@@ -25,7 +25,7 @@ config TOCTOU_SAFETY
 	depends on !NO_FMAP_CACHE
 	depends on !NO_CBFS_MCACHE
 	depends on !USE_OPTION_TABLE && !FSP_CAR  # Known to access CBFS before CBMEM init
-	depends on !VBOOT # TODO: can only allow this once vboot fully integrated
+	depends on !VBOOT || VBOOT_CBFS_INTEGRATION
 	depends on NO_XIP_EARLY_STAGES
 	help
 	  Say yes here to eliminate time-of-check vs. time-of-use vulnerabilities
author	Julius Werner <jwerner@chromium.org>	2023-11-06 16:59:42 -0800
committer	Julius Werner <jwerner@chromium.org>	2023-11-07 22:30:20 +0000
commit	c7120e38e784cf760c08044fe4671f1be1b0b06d (patch)
tree	19a6be1b4054198d684680a191adc81dd6a0342a /src/lib
parent	ca71588620b9f4a3c37d10f133febe5d2026921f (diff)