From cdffb638c85da87f6b9d61194513a24cd6a73c6a Mon Sep 17 00:00:00 2001 From: Tobin Feldman-Fitzthum Date: Wed, 26 Jun 2024 18:42:45 +0000 Subject: AmdSev: enable kernel hashes without initrd If kernel hashes are enabled but no initrd is provided, QEMU will still create an entry in the hash table, but it will be the hash of an empty buffer. Remove the explicit check for the length of the blob. This logic will be handled by the later hash comparison, which will still fail when the blob is not present but is expected, but will pass when the blob is not present and the hash table contains a hash of an empty buffer. Signed-off-by: Tobin Feldman-Fitzthum --- .../AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c b/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c index bc2d5da..7bc9f89 100644 --- a/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c +++ b/OvmfPkg/AmdSev/BlobVerifierLibSevHashes/BlobVerifierSevHashes.c @@ -156,16 +156,6 @@ VerifyBlob ( DEBUG ((DEBUG_INFO, "%a: Found GUID %g in table\n", __func__, Guid)); - if (BufSize == 0) { - DEBUG (( - DEBUG_ERROR, - "%a: Blob Specified in Hash Table was not Provided", - __func__ - )); - - CpuDeadLoop (); - } - EntrySize = Entry->Len - sizeof Entry->Guid - sizeof Entry->Len; if (EntrySize != SHA256_DIGEST_SIZE) { DEBUG (( -- cgit v1.1