From d27fff59230ce2f3540a34e79c3632f455616abf Mon Sep 17 00:00:00 2001 From: Jakub Czapiga Date: Thu, 17 Nov 2022 09:13:31 +0000 Subject: vboot/vboot_common: Fix vboot_save_data() code exclusion guard Compilers are not optimizing-out code correctly. This patch fixes incorrect behavior by splitting if statement and extracting code to another function, this allowing for better code size optimization and reduction of undefined references. Signed-off-by: Jakub Czapiga Change-Id: Ia5330efeeb4cfd7477cf8f7f64c6abed68281e30 Reviewed-on: https://review.coreboot.org/c/coreboot/+/69761 Reviewed-by: Yu-Ping Wu Reviewed-by: Eric Lai Tested-by: build bot (Jenkins) Reviewed-by: Julius Werner --- src/security/vboot/vboot_common.c | 27 +++++++++++++++++---------- 1 file changed, 17 insertions(+), 10 deletions(-) (limited to 'src') diff --git a/src/security/vboot/vboot_common.c b/src/security/vboot/vboot_common.c index dd611d1145..3c4957a7ed 100644 --- a/src/security/vboot/vboot_common.c +++ b/src/security/vboot/vboot_common.c @@ -9,26 +9,33 @@ #include "antirollback.h" -void vboot_save_data(struct vb2_context *ctx) +static void save_secdata(struct vb2_context *ctx) { - if (!verification_should_run() && !(ENV_ROMSTAGE && CONFIG(VBOOT_EARLY_EC_SYNC)) - && (ctx->flags - & (VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED | VB2_CONTEXT_SECDATA_KERNEL_CHANGED))) - die("TPM writeback in " ENV_STRING "?"); - - if (ctx->flags & VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED && - (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) { + if (ctx->flags & VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED + && (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) { printk(BIOS_INFO, "Saving secdata firmware\n"); antirollback_write_space_firmware(ctx); ctx->flags &= ~VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED; } - if (ctx->flags & VB2_CONTEXT_SECDATA_KERNEL_CHANGED && - (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) { + if (ctx->flags & VB2_CONTEXT_SECDATA_KERNEL_CHANGED + && (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) { printk(BIOS_INFO, "Saving secdata kernel\n"); antirollback_write_space_kernel(ctx); ctx->flags &= ~VB2_CONTEXT_SECDATA_KERNEL_CHANGED; } +} + +void vboot_save_data(struct vb2_context *ctx) +{ + if (!verification_should_run() && !(ENV_ROMSTAGE && CONFIG(VBOOT_EARLY_EC_SYNC))) { + if (ctx->flags + & (VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED + | VB2_CONTEXT_SECDATA_KERNEL_CHANGED)) + die("TPM writeback in " ENV_STRING "?"); + } else { + save_secdata(ctx); + } if (ctx->flags & VB2_CONTEXT_NVDATA_CHANGED) { printk(BIOS_INFO, "Saving nvdata\n"); -- cgit v1.2.3