Google Git
Sign in
kernel/pub/scm/linux/kernel/git/jarkko/linux-tpmdd/refs/heads/trusted-debug
commit
5a81adbd8602f2ff3b0ee264e31e1a2c87d4e9d4
[log] [tgz]
author
Jarkko Sakkinen <jarkko@kernel.org>
Tue Mar 24 12:57:15 2026 +0200
committer
Jarkko Sakkinen <jarkko@kernel.org>
Tue Mar 24 12:57:15 2026 +0200
tree
51860287160454d26121ad99781db221bf45c7a1
parent
7f2a32c0e87814f0e7852b17fa9f10321f882c36 [diff]
KEYS: trusted: Debugging as a feature

TPM_DEBUG, and other similar flags, are a non-standard way to specify a
feature in Linux kernel.  Introduce CONFIG_TRUSTED_KEYS_DEBUG for
trusted keys, and use it to replace these ad-hoc feature flags.

Given that trusted keys debug dumps can contain sensitive data, harden
the feature as follows:

1. In the Kconfig description postulate that pr_debug() statements must be
   used.
2. Use pr_debug() statements in TPM 1.x driver to print the protocol dump.

Traces, when actually needed, can be easily enabled by providing
trusted.dyndbg='+p' in the kernel command-line.

Cc: Srish Srinivasan <ssrish@linux.ibm.com>
Reported-by: Nayna Jain <nayna@linux.ibm.com>
Closes: https://lore.kernel.org/all/7f8b8478-5cd8-4d97-bfd0-341fd5cf10f9@linux.ibm.com/
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
---
v2:
- Implement for all trusted keys backends.
- Add HAVE_TRUSTED_KEYS_DEBUG as it is a good practice despite full
  coverage.
4 files changed
tree: 51860287160454d26121ad99781db221bf45c7a1
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. io_uring/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. rust/
  18. samples/
  19. scripts/
  20. security/
  21. sound/
  22. tools/
  23. usr/
  24. virt/
  25. .clang-format
  26. .clippy.toml
  27. .cocciconfig
  28. .editorconfig
  29. .get_maintainer.ignore
  30. .gitattributes
  31. .gitignore
  32. .mailmap
  33. .pylintrc
  34. .rustfmt.toml
  35. COPYING
  36. CREDITS
  37. Kbuild
  38. Kconfig
  39. MAINTAINERS
  40. Makefile
  41. README