On Fri May 24, 2024 at 3:59 PM EEST, James Bottomley wrote: > The new routine takes the OID enum instead of needing the u32 OID > array explicitly which reduces duplication and the potential for > mistakes. > > Signed-off-by: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> > --- > security/keys/trusted-keys/trusted_tpm2.c | 9 +++++---- > 1 file changed, 5 insertions(+), 4 deletions(-) > > diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c > index 9c7ac2e423d3..b6f34ff0ca5c 100644 > --- a/security/keys/trusted-keys/trusted_tpm2.c > +++ b/security/keys/trusted-keys/trusted_tpm2.c > @@ -19,8 +19,6 @@ > #include "tpm2key.asn1.h" > #include "tpm2-policy.h" > > -static u32 tpm2key_oid[] = { 2, 23, 133, 10, 1, 5 }; > - > static int tpm2_key_encode(struct trusted_key_payload *payload, > struct trusted_key_options *options, > u8 *src, u32 len) > @@ -31,6 +29,7 @@ static int tpm2_key_encode(struct trusted_key_payload *payload, > u8 *end_work = scratch + SCRATCH_SIZE; > u8 *priv, *pub; > u16 priv_len, pub_len; > + int ret; > > priv_len = get_unaligned_be16(src) + 2; > priv = src; > @@ -43,8 +42,10 @@ static int tpm2_key_encode(struct trusted_key_payload *payload, > if (!scratch) > return -ENOMEM; > > - work = asn1_encode_oid(work, end_work, tpm2key_oid, > - asn1_oid_len(tpm2key_oid)); > + ret = encode_OID(OID_TPMSealedData, work, end_work - work); > + if (ret < 0) > + return ret; > + work += ret; > > if (options->blobauth_len == 0) { > unsigned char bool[3], *w = bool; Yupe, it's better this way. BR, Jarkko