[PATCH] tpm2-sessions: Remove unnecessary wrapper
Jarkko Sakkinen
jarkko at kernel.org
Wed Sep 24 17:26:21 UTC 2025
On Wed, Sep 24, 2025 at 09:35:24AM +0100, Jonathan McDowell wrote:
> On Mon, Sep 22, 2025 at 02:50:09PM +0300, Jarkko Sakkinen wrote:
> > From: Jarkko Sakkinen <jarkko.sakkinen at opinsys.com>
> >
> > Open code tpm_buf_append_hmac_session_opt() because it adds unnecessary
> > disperancy to the call sites (and reduces the amount of code).
> >
> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen at opinsys.com>
>
> I don't have a strong opinion on whether this is significantly better, but
> for 2 call sites it's not unreasonable, so:
>
> Reviewed-By: Jonathan McDowell <noodles at earth.li>
I'll explain a bit of context.
I'm opening tpm2-session knot by knot and once it is like out and naked
my grand plan is to create a single function tpm2_authenticate or similar
function that wraps a TPM command into an authenticated TPM command.
The main priority with each patch is to do at least microscopic amount
of more than just pure clean up. The tpm_buf series and this series
sort of converge towards the same common goal. I think this is a good
way to move forward and refactor complex functionality without causing
major risks in production.
They key topic on this all maximizing the decoupling and it goes beyond
just "fixing tpm2-sessions". By doing this process we can more easily
re-use parts of the driver code in early boot code and sort of create
enablers for e.g., Trenchboot.
BR, Jarkko
More information about the Linux-security-module-archive
mailing list