On Sun, Oct 03, 2021 at 11:23:19AM +0200, Heinrich Schuchardt wrote: > Simplify efi_sigstore_parse_sigdb() by using existing functions. > > Signed-off-by: Heinrich Schuchardt <heinrich.schucha...@canonical.com> > --- > v3: > Keep error handling in efi_sigstore_parse_sigdb() > v2: > remove a superfluous check > --- > lib/efi_loader/efi_signature.c | 11 ++--------- > 1 file changed, 2 insertions(+), 9 deletions(-) > > diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c > index bdd09881fc..97f6dfacd9 100644 > --- a/lib/efi_loader/efi_signature.c > +++ b/lib/efi_loader/efi_signature.c > @@ -746,18 +746,11 @@ struct efi_signature_store > *efi_sigstore_parse_sigdb(u16 *name) > efi_uintn_t db_size; > efi_status_t ret; > > - if (!u16_strcmp(name, L"PK") || !u16_strcmp(name, L"KEK")) { > - vendor = &efi_global_variable_guid; > - } else if (!u16_strcmp(name, L"db") || !u16_strcmp(name, L"dbx")) { > - vendor = &efi_guid_image_security_database; > - } else { > - EFI_PRINT("unknown signature database, %ls\n", name); > - return NULL; > - } > + vendor = efi_auth_var_get_guid(name);
Should we return NULL if we get back the default guid? > > /* retrieve variable data */ > db_size = 0; > - ret = EFI_CALL(efi_get_variable(name, vendor, NULL, &db_size, NULL)); > + ret = efi_get_variable_int(name, vendor, NULL, &db_size, NULL); > if (ret == EFI_NOT_FOUND) { > EFI_PRINT("variable, %ls, not found\n", name); > sigstore = calloc(sizeof(*sigstore), 1); > -- > 2.32.0 > Regards /Ilias