pvmfw: Move instance_hash in dice::PartialInputs

Simplify data dependencies, for simpler code flow.

Note: No functional change intended.

Test: m pvmfw libpvmfw.dice.test
Change-Id: I210dee0088cfdfdd7090316d8bad033c0082173a
diff --git a/guest/pvmfw/src/dice/mod.rs b/guest/pvmfw/src/dice/mod.rs
index 8317e48..dc7b64e 100644
--- a/guest/pvmfw/src/dice/mod.rs
+++ b/guest/pvmfw/src/dice/mod.rs
@@ -87,11 +87,12 @@
     pub mode: DiceMode,
     pub security_version: u64,
     pub rkp_vm_marker: bool,
+    pub instance_hash: Option<Hash>,
     component_name: String,
 }
 
 impl PartialInputs {
-    pub fn new(data: &VerifiedBootData) -> Result<Self> {
+    pub fn new(data: &VerifiedBootData, instance_hash: Option<Hash>) -> Result<Self> {
         let code_hash = to_dice_hash(data)?;
         let auth_hash = hash(data.public_key)?;
         let mode = to_dice_mode(data.debug_level);
@@ -101,20 +102,27 @@
         let rkp_vm_marker = data.has_capability(Capability::RemoteAttest)
             || data.has_capability(Capability::TrustySecurityVm);
 
-        Ok(Self { code_hash, auth_hash, mode, security_version, rkp_vm_marker, component_name })
+        Ok(Self {
+            code_hash,
+            auth_hash,
+            mode,
+            security_version,
+            rkp_vm_marker,
+            instance_hash,
+            component_name,
+        })
     }
 
     pub fn write_next_handover(
         self,
         current_handover: &[u8],
         salt: &[u8; HIDDEN_SIZE],
-        instance_hash: Option<Hash>,
         deferred_rollback_protection: bool,
         next_handover: &mut [u8],
         context: DiceContext,
     ) -> Result<()> {
         let config = self
-            .generate_config_descriptor(instance_hash)
+            .generate_config_descriptor()
             .map_err(|_| diced_open_dice::DiceError::InvalidInput)?;
 
         let dice_inputs = InputValues::new(
@@ -160,14 +168,14 @@
         )
     }
 
-    fn generate_config_descriptor(&self, instance_hash: Option<Hash>) -> Result<Vec<u8>> {
+    fn generate_config_descriptor(&self) -> Result<Vec<u8>> {
         let mut config = Vec::with_capacity(4);
         config.push((cbor!(COMPONENT_NAME_KEY)?, cbor!(self.component_name.as_str())?));
         config.push((cbor!(SECURITY_VERSION_KEY)?, cbor!(self.security_version)?));
         if self.rkp_vm_marker {
             config.push((cbor!(RKP_VM_MARKER_KEY)?, Value::Null))
         }
-        if let Some(instance_hash) = instance_hash {
+        if let Some(instance_hash) = self.instance_hash {
             config.push((cbor!(INSTANCE_HASH_KEY)?, Value::from(instance_hash.as_slice())));
         }
         let config = Value::Map(config);
@@ -217,7 +225,7 @@
     #[test]
     fn base_data_conversion() {
         let vb_data = BASE_VB_DATA;
-        let inputs = PartialInputs::new(&vb_data).unwrap();
+        let inputs = PartialInputs::new(&vb_data, None).unwrap();
 
         assert_eq!(inputs.mode, DiceMode::kDiceModeNormal);
         assert_eq!(inputs.security_version, 42);
@@ -229,7 +237,7 @@
     #[test]
     fn debuggable_conversion() {
         let vb_data = VerifiedBootData { debug_level: DebugLevel::Full, ..BASE_VB_DATA };
-        let inputs = PartialInputs::new(&vb_data).unwrap();
+        let inputs = PartialInputs::new(&vb_data, None).unwrap();
 
         assert_eq!(inputs.mode, DiceMode::kDiceModeDebug);
     }
@@ -238,7 +246,7 @@
     fn rkp_vm_conversion() {
         let vb_data =
             VerifiedBootData { capabilities: vec![Capability::RemoteAttest], ..BASE_VB_DATA };
-        let inputs = PartialInputs::new(&vb_data).unwrap();
+        let inputs = PartialInputs::new(&vb_data, None).unwrap();
 
         assert!(inputs.rkp_vm_marker);
     }
@@ -246,22 +254,23 @@
     #[test]
     fn base_config_descriptor() {
         let vb_data = BASE_VB_DATA;
-        let inputs = PartialInputs::new(&vb_data).unwrap();
-        let config_map = decode_config_descriptor(&inputs, None);
+        let inputs = PartialInputs::new(&vb_data, None).unwrap();
+        let config_map = decode_config_descriptor(&inputs);
 
         assert_eq!(config_map.get(&COMPONENT_NAME_KEY).unwrap().as_text().unwrap(), "vm_entry");
         assert_eq!(config_map.get(&COMPONENT_VERSION_KEY), None);
         assert_eq!(config_map.get(&RESETTABLE_KEY), None);
         assert_eq!(config_map.get(&SECURITY_VERSION_KEY).unwrap().as_integer().unwrap(), 42.into());
         assert_eq!(config_map.get(&RKP_VM_MARKER_KEY), None);
+        assert_eq!(config_map.get(&INSTANCE_HASH_KEY), None);
     }
 
     #[test]
     fn rkp_vm_config_descriptor_has_rkp_vm_marker_and_component_name() {
         let vb_data =
             VerifiedBootData { capabilities: vec![Capability::RemoteAttest], ..BASE_VB_DATA };
-        let inputs = PartialInputs::new(&vb_data).unwrap();
-        let config_map = decode_config_descriptor(&inputs, Some(HASH));
+        let inputs = PartialInputs::new(&vb_data, Some(HASH)).unwrap();
+        let config_map = decode_config_descriptor(&inputs);
 
         assert_eq!(config_map.get(&COMPONENT_NAME_KEY).unwrap().as_text().unwrap(), "vm_entry");
         assert!(config_map.get(&RKP_VM_MARKER_KEY).unwrap().is_null());
@@ -271,8 +280,8 @@
     fn security_vm_config_descriptor_has_rkp_vm_marker() {
         let vb_data =
             VerifiedBootData { capabilities: vec![Capability::TrustySecurityVm], ..BASE_VB_DATA };
-        let inputs = PartialInputs::new(&vb_data).unwrap();
-        let config_map = decode_config_descriptor(&inputs, Some(HASH));
+        let inputs = PartialInputs::new(&vb_data, Some(HASH)).unwrap();
+        let config_map = decode_config_descriptor(&inputs);
 
         assert!(config_map.get(&RKP_VM_MARKER_KEY).unwrap().is_null());
     }
@@ -281,8 +290,8 @@
     fn config_descriptor_with_instance_hash() {
         let vb_data =
             VerifiedBootData { capabilities: vec![Capability::RemoteAttest], ..BASE_VB_DATA };
-        let inputs = PartialInputs::new(&vb_data).unwrap();
-        let config_map = decode_config_descriptor(&inputs, Some(HASH));
+        let inputs = PartialInputs::new(&vb_data, Some(HASH)).unwrap();
+        let config_map = decode_config_descriptor(&inputs);
         assert_eq!(*config_map.get(&INSTANCE_HASH_KEY).unwrap(), Value::from(HASH.as_slice()));
     }
 
@@ -290,16 +299,13 @@
     fn config_descriptor_without_instance_hash() {
         let vb_data =
             VerifiedBootData { capabilities: vec![Capability::RemoteAttest], ..BASE_VB_DATA };
-        let inputs = PartialInputs::new(&vb_data).unwrap();
-        let config_map = decode_config_descriptor(&inputs, None);
+        let inputs = PartialInputs::new(&vb_data, None).unwrap();
+        let config_map = decode_config_descriptor(&inputs);
         assert!(!config_map.contains_key(&INSTANCE_HASH_KEY));
     }
 
-    fn decode_config_descriptor(
-        inputs: &PartialInputs,
-        instance_hash: Option<Hash>,
-    ) -> HashMap<i64, Value> {
-        let config_descriptor = inputs.generate_config_descriptor(instance_hash).unwrap();
+    fn decode_config_descriptor(inputs: &PartialInputs) -> HashMap<i64, Value> {
+        let config_descriptor = inputs.generate_config_descriptor().unwrap();
 
         let cbor_map =
             cbor_util::deserialize::<Value>(&config_descriptor).unwrap().into_map().unwrap();
@@ -313,7 +319,7 @@
     #[test]
     fn changing_deferred_rpb_changes_secrets() {
         let vb_data = VerifiedBootData { debug_level: DebugLevel::Full, ..BASE_VB_DATA };
-        let inputs = PartialInputs::new(&vb_data).unwrap();
+        let inputs = PartialInputs::new(&vb_data, Some([0u8; 64])).unwrap();
         let mut buffer_without_defer = [0; 4096];
         let mut buffer_with_defer = [0; 4096];
         let mut buffer_without_defer_retry = [0; 4096];
@@ -341,7 +347,6 @@
             .write_next_handover(
                 sample_dice_input,
                 &[0u8; HIDDEN_SIZE],
-                Some([0u8; 64]),
                 false,
                 &mut buffer_without_defer,
                 context.clone(),
@@ -354,7 +359,6 @@
             .write_next_handover(
                 sample_dice_input,
                 &[0u8; HIDDEN_SIZE],
-                Some([0u8; 64]),
                 true,
                 &mut buffer_with_defer,
                 context.clone(),
@@ -367,7 +371,6 @@
             .write_next_handover(
                 sample_dice_input,
                 &[0u8; HIDDEN_SIZE],
-                Some([0u8; 64]),
                 false,
                 &mut buffer_without_defer_retry,
                 context.clone(),
@@ -384,7 +387,7 @@
         let dice_artifacts = make_sample_bcc_and_cdis().unwrap();
         let handover0_bytes = to_serialized_handover(&dice_artifacts);
         let vb_data = VerifiedBootData { debug_level: DebugLevel::Full, ..BASE_VB_DATA };
-        let inputs = PartialInputs::new(&vb_data).unwrap();
+        let inputs = PartialInputs::new(&vb_data, Some([0u8; 64])).unwrap();
         let mut buffer = [0; 4096];
 
         inputs
@@ -392,7 +395,6 @@
             .write_next_handover(
                 &handover0_bytes,
                 &[0u8; HIDDEN_SIZE],
-                Some([0u8; 64]),
                 true,
                 &mut buffer,
                 DiceContext {
@@ -410,7 +412,6 @@
             .write_next_handover(
                 &handover1_bytes,
                 &[0u8; HIDDEN_SIZE],
-                Some([0u8; 64]),
                 true,
                 &mut buffer,
                 DiceContext {
@@ -428,7 +429,6 @@
             .write_next_handover(
                 &handover2_bytes,
                 &[0u8; HIDDEN_SIZE],
-                Some([0u8; 64]),
                 true,
                 &mut buffer,
                 DiceContext {
diff --git a/guest/pvmfw/src/main.rs b/guest/pvmfw/src/main.rs
index 9f1b5e6..a4acf04 100644
--- a/guest/pvmfw/src/main.rs
+++ b/guest/pvmfw/src/main.rs
@@ -110,18 +110,17 @@
     // By leaking the slice, its content will be left behind for the next stage.
     let next_dice_handover = Box::leak(next_dice_handover);
 
-    let dice_inputs = PartialInputs::new(&verified_boot_data).map_err(|e| {
+    let instance_hash = salt_from_instance_id(fdt)?;
+    let dice_inputs = PartialInputs::new(&verified_boot_data, instance_hash).map_err(|e| {
         error!("Failed to compute partial DICE inputs: {e:?}");
         RebootReason::InternalError
     })?;
 
-    let instance_hash = salt_from_instance_id(fdt)?;
     let (new_instance, salt, defer_rollback_protection) = perform_rollback_protection(
         fdt,
         &verified_boot_data,
         &dice_inputs,
         dice_handover.cdi_seal(),
-        instance_hash,
     )?;
     trace!("Got salt for instance: {salt:x?}");
 
@@ -154,7 +153,6 @@
         .write_next_handover(
             new_dice_handover.as_ref(),
             &salt,
-            instance_hash,
             defer_rollback_protection,
             next_dice_handover,
             dice_context,
diff --git a/guest/pvmfw/src/rollback.rs b/guest/pvmfw/src/rollback.rs
index e51b6d5..c2848a2 100644
--- a/guest/pvmfw/src/rollback.rs
+++ b/guest/pvmfw/src/rollback.rs
@@ -42,8 +42,8 @@
     verified_boot_data: &VerifiedBootData,
     dice_inputs: &PartialInputs,
     cdi_seal: &[u8],
-    instance_hash: Option<Hidden>,
 ) -> Result<(bool, Hidden, bool), RebootReason> {
+    let instance_hash = dice_inputs.instance_hash;
     if let Some(fixed) = get_fixed_rollback_protection(verified_boot_data) {
         // Prevent attackers from impersonating well-known images.
         perform_fixed_index_rollback_protection(verified_boot_data, fixed)?;