From a7f669049daadf6e7c6b3c66ec6b8fc973c7bd46 Mon Sep 17 00:00:00 2001 From: Jakub Czapiga Date: Thu, 17 Nov 2022 10:34:48 +0000 Subject: [PATCH] vboot: Allow for comparison of hash without zero-padding Adjust asserts to allow to store and compare (at S3 resume) hashes without padding to maximum hash length / slot size. Signed-off-by: Jakub Czapiga Change-Id: If6d46e0b58dbca86af56221b7ff2606ab2d1799a Reviewed-on: https://review.coreboot.org/c/coreboot/+/69762 Tested-by: build bot (Jenkins) Reviewed-by: Julius Werner Reviewed-by: Yu-Ping Wu Reviewed-by: Eric Lai --- src/ec/google/chromeec/vboot_storage.c | 4 ++-- src/security/vboot/vboot_logic.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/ec/google/chromeec/vboot_storage.c b/src/ec/google/chromeec/vboot_storage.c index f708b3e680..63e131448a 100644 --- a/src/ec/google/chromeec/vboot_storage.c +++ b/src/ec/google/chromeec/vboot_storage.c @@ -14,8 +14,8 @@ int vboot_save_hash(void *digest, size_t digest_size) uint32_t lock_status; int num_slots; - /* Ensure the digests being saved match the EC's slot size. */ - assert(digest_size == EC_VSTORE_SLOT_SIZE); + /* Ensure the digests being saved does not exceed the EC's slot size. */ + assert(digest_size > 0 && digest_size <= EC_VSTORE_SLOT_SIZE); if (google_chromeec_vstore_write(slot, digest, digest_size)) return -1; diff --git a/src/security/vboot/vboot_logic.c b/src/security/vboot/vboot_logic.c index 98a044c7e1..f7b4801ad1 100644 --- a/src/security/vboot/vboot_logic.c +++ b/src/security/vboot/vboot_logic.c @@ -86,7 +86,7 @@ static vb2_error_t handle_digest_result(void *slot_hash, size_t slot_hash_sz) uint8_t saved_hash[VBOOT_MAX_HASH_SIZE]; const size_t saved_hash_sz = sizeof(saved_hash); - assert(slot_hash_sz == saved_hash_sz); + assert(slot_hash_sz <= saved_hash_sz); printk(BIOS_DEBUG, "Platform is resuming.\n");