[coreboot-gerrit] [S] Change in coreboot[master]: vboot/vboot_common: Fix vboot_save_data() code exclusion guard

1 Dec 2022

Julius Werner has submitted this change. ( https://review.coreboot.org/c/coreboot/+/69761 )
Change subject: vboot/vboot_common: Fix vboot_save_data() code exclusion guard
......................................................................
vboot/vboot_common: Fix vboot_save_data() code exclusion guard
Compilers are not optimizing-out code correctly. This patch fixes
incorrect behavior by splitting if statement and extracting code to
another function, this allowing for better code size optimization and
reduction of undefined references.
Signed-off-by: Jakub Czapiga jacz@semihalf.com
Change-Id: Ia5330efeeb4cfd7477cf8f7f64c6abed68281e30
Reviewed-on: https://review.coreboot.org/c/coreboot/+/69761
Reviewed-by: Yu-Ping Wu yupingso@google.com
Reviewed-by: Eric Lai eric_lai@quanta.corp-partner.google.com
Tested-by: build bot (Jenkins) no-reply@coreboot.org
Reviewed-by: Julius Werner jwerner@chromium.org
---
M src/security/vboot/vboot_common.c
1 file changed, 37 insertions(+), 10 deletions(-)
Approvals:
  build bot (Jenkins): Verified
  Julius Werner: Looks good to me, approved
  Yu-Ping Wu: Looks good to me, approved
  Eric Lai: Looks good to me, but someone else must approve

diff --git a/src/security/vboot/vboot_common.c b/src/security/vboot/vboot_common.c
index dd611d1..3c4957a 100644
--- a/src/security/vboot/vboot_common.c
+++ b/src/security/vboot/vboot_common.c
@@ -9,26 +9,33 @@
#include "antirollback.h"
-void vboot_save_data(struct vb2_context *ctx)
+static void save_secdata(struct vb2_context *ctx)
 {
-	if (!verification_should_run() && !(ENV_ROMSTAGE && CONFIG(VBOOT_EARLY_EC_SYNC))
-	    && (ctx->flags
-		& (VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED | VB2_CONTEXT_SECDATA_KERNEL_CHANGED)))
-		die("TPM writeback in " ENV_STRING "?");
-
-	if (ctx->flags & VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED &&
-			(CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) {
+	if (ctx->flags & VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED
+	    && (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) {
    	printk(BIOS_INFO, "Saving secdata firmware\n");
    	antirollback_write_space_firmware(ctx);
    	ctx->flags &= ~VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED;
    }
-	if (ctx->flags & VB2_CONTEXT_SECDATA_KERNEL_CHANGED &&
-			(CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) {
+	if (ctx->flags & VB2_CONTEXT_SECDATA_KERNEL_CHANGED
+	    && (CONFIG(VBOOT_MOCK_SECDATA) || tlcl_lib_init() == VB2_SUCCESS)) {
    	printk(BIOS_INFO, "Saving secdata kernel\n");
    	antirollback_write_space_kernel(ctx);
    	ctx->flags &= ~VB2_CONTEXT_SECDATA_KERNEL_CHANGED;
    }
+}
+
+void vboot_save_data(struct vb2_context *ctx)
+{
+	if (!verification_should_run() && !(ENV_ROMSTAGE && CONFIG(VBOOT_EARLY_EC_SYNC))) {
+		if (ctx->flags
+		    & (VB2_CONTEXT_SECDATA_FIRMWARE_CHANGED
+		       | VB2_CONTEXT_SECDATA_KERNEL_CHANGED))
+			die("TPM writeback in " ENV_STRING "?");
+	} else {
+		save_secdata(ctx);
+	}
if (ctx->flags & VB2_CONTEXT_NVDATA_CHANGED) {
    	printk(BIOS_INFO, "Saving nvdata\n");
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/69761
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Ia5330efeeb4cfd7477cf8f7f64c6abed68281e30
Gerrit-Change-Number: 69761
Gerrit-PatchSet: 6
Gerrit-Owner: Jakub Czapiga jacz@semihalf.com
Gerrit-Reviewer: Eric Lai eric_lai@quanta.corp-partner.google.com
Gerrit-Reviewer: Julius Werner jwerner@chromium.org
Gerrit-Reviewer: Yu-Ping Wu yupingso@google.com
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-MessageType: merged



    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] [S] Change in coreboot[master]: vboot/vboot_common: Fix vboot_save_data() code exclusion guard