On Thu, 2024-11-07 at 15:49 +0200, Jarkko Sakkinen wrote: > On Thu Nov 7, 2024 at 3:20 PM EET, James Bottomley wrote: > > On Thu, 2024-11-07 at 11:51 +0200, Jarkko Sakkinen wrote: > > [...] > > > +void tpm_buf_append_auth(struct tpm_chip *chip, struct tpm_buf > > > *buf, > > > + u8 attributes, u8 *passphrase, int > > > passphrase_len) > > > +{ > > > + /* offset tells us where the sessions area begins */ > > > + int offset = buf->handles * 4 + TPM_HEADER_SIZE; > > > + u32 len = 9 + passphrase_len; > > > + > > > + if (tpm_buf_length(buf) != offset) { > > > + /* not the first session so update the existing > > > length */ > > > + len += get_unaligned_be32(&buf->data[offset]); > > > + put_unaligned_be32(len, &buf->data[offset]); > > > + } else { > > > + tpm_buf_append_u32(buf, len); > > > + } > > > + /* auth handle */ > > > + tpm_buf_append_u32(buf, TPM2_RS_PW); > > > + /* nonce */ > > > + tpm_buf_append_u16(buf, 0); > > > + /* attributes */ > > > + tpm_buf_append_u8(buf, 0); > > > + /* passphrase */ > > > + tpm_buf_append_u16(buf, passphrase_len); > > > + tpm_buf_append(buf, passphrase, passphrase_len); > > > +} > > > + > > > > The rest of the code looks fine, but if you're going to extract > > this as a separate function instead of doing the open coded struct > > tpm2_null_auth that was there originally, you should probably > > extract and use the tpm2_buf_append_auth() function in > > trusted_tpm2.c > > So this was straight up from Mimi's original patch :-) Yes, I had the same comment prepped for that too. > Hmm... was there duplicate use for this in the patch? I'll check > this. The original open coded the empty auth append with struct tpm2_null_auth since it's the only user. However, since we do have another user in trusted keys, it might make sense to consolidate. James