From 7a9bd2b2e4a2c0be9f9ecc04e47684639973baef Mon Sep 17 00:00:00 2001
From: Julius Werner <jwerner@chromium.org>
Date: Wed, 30 Nov 2022 15:18:36 -0800
Subject: [PATCH] vboot: Force config file inclusion with CBFS integration

CONFIG_VBOOT_CBFS_INTEGRATION images are signed differently than normal
images. futility needs to be able to tell this difference, and it parses
the `config` file included in CBFS to do this. This change codifies that
dependency in Kconfig so that nobody can accidentally break this by
turning off config file inclusion.

Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I2b2d245b850bc65abb4e72f20b4e360312c828f7
Reviewed-on: https://review.coreboot.org/c/coreboot/+/70157
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Reviewed-by: Jakub Czapiga <jacz@semihalf.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
---
 src/security/vboot/Kconfig | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/security/vboot/Kconfig b/src/security/vboot/Kconfig
index 93e18457f7..9025979596 100644
--- a/src/security/vboot/Kconfig
+++ b/src/security/vboot/Kconfig
@@ -40,6 +40,7 @@ config VBOOT_CBFS_INTEGRATION
 	default n
 	depends on VBOOT_SLOTS_RW_A
 	depends on CBFS_VERIFICATION
+	select INCLUDE_CONFIG_FILE  # futility needs this to auto-detect signing type
 	help
 	  Say yes here to enable cryptographic verification of RW slots CBFS
 	  metadata. This will replace body hash verification.