single or authoritative home for sbsigntool?

Randy MacLeod

In chasing down a rare ccan configuration bug that sbsigntool-native
trips over, I noticed that there are several sbsigntool-native recipes,
all alike but not identical.

We have a few in the layer index:

and more elsewhere:
and even:

The meta-intel and meta-secure-core versions were somewhat different but
that seems to be due to lack of co-operation rather than different

Does it make sense to have a single version of the recipe in
a signing-key layer with the actual keys kept elsewhere I'd expect.

If so, what layer would make the most sense?
How about picking:

There is likely other recipe duplication in secure boot layers but
it's not something that I work on directly so I'm only mentioning
sbsigntool. Feel free to reduce more duplication!


# Randy MacLeod. WR Linux
# Wind River an Intel Company

Join to automatically receive all group messages.