Frans Hendriks has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/32532
Change subject: security/vboot/vboot_crtm.c: Use ENV_ conditions for vboot_measure_cbfs_hook() ......................................................................
security/vboot/vboot_crtm.c: Use ENV_ conditions for vboot_measure_cbfs_hook()
vboot_measure_cbfs_hook() is included when CONFIG_VBOOT_MEASURED_BOOT is enabled, but this function is defined a 0 in vboot_crtm.h using ENV_
Use same ENV_ for vboot_measure_cbfs_hook() as used in vboot_crtm.h. is_runtime_data() is not used when vboot_measure_cbfs_hook() is disabled, so use same conditions for this function also.
BUG=NA TEST=Build Google Banon and Google Cyan
Change-Id: Ic62c18db09c119dfb85340a6b7f36bfd148aaa45 Signed-off-by: Frans Hendriks fhendriks@eltan.com --- M src/security/vboot/vboot_crtm.c 1 file changed, 2 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/32/32532/1
diff --git a/src/security/vboot/vboot_crtm.c b/src/security/vboot/vboot_crtm.c index e4266b2..199bab6 100644 --- a/src/security/vboot/vboot_crtm.c +++ b/src/security/vboot/vboot_crtm.c @@ -139,6 +139,7 @@ return VB2_SUCCESS; }
+#if !ENV_BOOTBLOCK && !ENV_DECOMPRESSOR && !ENV_SMM static bool is_runtime_data(const char *name) { const char *whitelist = CONFIG_VBOOT_MEASURED_BOOT_RUNTIME_DATA; @@ -193,3 +194,4 @@
return tpm_measure_region(&rdev, pcr_index, tcpa_metadata); } +#endif