3 files changed, 27 insertions, 23 deletions

diff --git a/src/security/vboot/Makefile.inc b/src/security/vboot/Makefile.inc
index 67ee0f5786..b452e937c9 100644
--- a/src/security/vboot/Makefile.inc
+++ b/src/security/vboot/Makefile.inc
@@ -112,16 +112,17 @@ verstage-$(CONFIG_VBOOT_SEPARATE_VERSTAGE) += verstage.c
 ifeq (${CONFIG_VBOOT_MOCK_SECDATA},y)
 verstage-y += secdata_mock.c
 romstage-y += secdata_mock.c
+ramstage-y += secdata_mock.c
 else
 verstage-y += secdata_tpm.c
 romstage-y += secdata_tpm.c
+ramstage-y += secdata_tpm.c
 endif
 
 ifneq ($(CONFIG_TPM1)$(CONFIG_TPM2),)
 verstage-y += tpm_common.c
 endif
 
-romstage-y += vboot_logic.c
 romstage-y += common.c
 
 ramstage-y += common.c
diff --git a/src/security/vboot/vboot_common.c b/src/security/vboot/vboot_common.c
index 36cd1ade4e..049b4a9558 100644
--- a/src/security/vboot/vboot_common.c
+++ b/src/security/vboot/vboot_common.c
@@ -12,6 +12,31 @@
 #include <security/vboot/vbnv.h>
 #include <vb2_api.h>
 
+#include "antirollback.h"
+
+void vboot_save_data(struct vb2_context *ctx)
+{
+	if (ctx->flags & VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED &&
+			(CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) {
+		printk(BIOS_INFO, "Saving secdata firmware\n");
+		antirollback_write_space_firmware(ctx);
+		ctx->flags &= ~VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED;
+	}
+
+	if (ctx->flags & VB2_CONTEXT_SECDATA_KERNEL_CHANGED &&
+			(CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) {
+		printk(BIOS_INFO, "Saving secdata kernel\n");
+		antirollback_write_space_kernel(ctx);
+		ctx->flags &= ~VB2_CONTEXT_SECDATA_KERNEL_CHANGED;
+	}
+
+	if (ctx->flags & VB2_CONTEXT_NVDATA_CHANGED) {
+		printk(BIOS_INFO, "Saving nvdata\n");
+		save_vbnv(ctx->nvdata);
+		ctx->flags &= ~VB2_CONTEXT_NVDATA_CHANGED;
+	}
+}
+
 /* Check if it is okay to enable USB Device Controller (UDC). */
 int vboot_can_enable_udc(void)
 {
diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c
index e1c77b6004..a8a7be55e7 100644
--- a/src/security/vboot/vboot_logic.c
+++ b/src/security/vboot/vboot_logic.c
@@ -209,28 +209,6 @@ static vb2_error_t hash_body(struct vb2_context *ctx,
 	return VB2_SUCCESS;
 }
 
-void vboot_save_data(struct vb2_context *ctx)
-{
-	if (ctx->flags & VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED &&
-	    (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) {
-		printk(BIOS_INFO, "Saving secdata firmware\n");
-		antirollback_write_space_firmware(ctx);
-		ctx->flags &= ~VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED;
-	}
-
-	if (ctx->flags & VB2_CONTEXT_SECDATA_KERNEL_CHANGED &&
-	    (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) {
-		printk(BIOS_INFO, "Saving secdata kernel\n");
-		antirollback_write_space_kernel(ctx);
-		ctx->flags &= ~VB2_CONTEXT_SECDATA_KERNEL_CHANGED;
-	}
-
-	if (ctx->flags & VB2_CONTEXT_NVDATA_CHANGED) {
-		printk(BIOS_INFO, "Saving nvdata\n");
-		save_vbnv(ctx->nvdata);
-		ctx->flags &= ~VB2_CONTEXT_NVDATA_CHANGED;
-	}
-}
 
 static uint32_t extend_pcrs(struct vb2_context *ctx)
 {