commit 2d63532b4fc2cbd6d0d5490ebcd7c0c28c8c60f5
author Pierre-Clément Tosi <ptosi@google.com> Fri Mar 21 16:01:21 2025 +0000
committer Pierre-Clément Tosi <ptosi@google.com> Fri Mar 21 17:29:23 2025 +0000
tree c7e8be383300a44f57576ceb33edbad52c975ee5
parent 05d2039324ca5e11484256df55785be3e8e43309

pvmfw: Move instance_hash in dice::PartialInputs

Simplify data dependencies, for simpler code flow.

Note: No functional change intended.

Test: m pvmfw libpvmfw.dice.test
Change-Id: I210dee0088cfdfdd7090316d8bad033c0082173a

guest/pvmfw/src/rollback.rs

diff --git a/guest/pvmfw/src/rollback.rs b/guest/pvmfw/src/rollback.rs
index e51b6d5..c2848a2 100644
--- a/guest/pvmfw/src/rollback.rs
+++ b/guest/pvmfw/src/rollback.rs
@@ -42,8 +42,8 @@
     verified_boot_data: &VerifiedBootData,
     dice_inputs: &PartialInputs,
     cdi_seal: &[u8],
-    instance_hash: Option<Hidden>,
 ) -> Result<(bool, Hidden, bool), RebootReason> {
+    let instance_hash = dice_inputs.instance_hash;
     if let Some(fixed) = get_fixed_rollback_protection(verified_boot_data) {
         // Prevent attackers from impersonating well-known images.
         perform_fixed_index_rollback_protection(verified_boot_data, fixed)?;