On 10/10/2025 11:00 AM, Zhuoying Cai wrote:
+
+static int handle_certificate(int *cert_table, uint8_t **cert,
+ uint64_t cert_len, uint8_t cert_idx,
+ IplSignatureCertificateList *certs, int
cert_index)
+{
+ bool unused;
+
+ unused = cert_table[cert_idx] == -1;
+ if (unused) {
+ if (request_certificate(*cert, cert_idx)) {
+ cert_list_add(certs, cert_index, *cert, cert_len);
+ cert_table[cert_idx] = cert_index;
+ *cert += cert_len;
It's hard to understand why we increment *cert in this function by just
looking at the function. But this function is called in the loop in
zipl_run_secure, could we move this entire function in zipl_run_secure?
Thanks for the suggestion.
I'm concerned that moving this function into zipl_run_secure() could
make it harder to read, since it's already quite large. I'd prefer to
keep this function separate because it handles all certificate related
operations here and add comments to clarify why *cert is incremented.
I'd be happy to hear additional thoughts.
Maybe we could simplify this by at least moving the increment (both
cert_index and *cert) to zipl_run_secure() if this function succeeds?
That way it will be easier to follow in the loop itself?
Thanks
Farhan
+ } else {
+ puts("Could not get certificate");
+ return -1;
+ }
+
+ /* increment cert_index for the next cert entry */
+ return ++cert_index;
+ }
+
+ return cert_index;
+}
