KEYS: trusted: Debugging as a feature - kernel/linux.git

diff options

author	Jarkko Sakkinen <jarkko@kernel.org>	2026-04-09 19:07:51 +0300
committer	Jarkko Sakkinen <jarkko@kernel.org>	2026-06-15 15:19:12 +0300
commit	4d05e948cebe03974ab9927daee55273207fdc22 (patch)
tree	0dffa192549b9b8f964abb96854c17483f2063b8 /include/linux/platform_data
parent	3a1705d180b203a6764d2a142d602bbf522d339b (diff)
download	linux-4d05e948cebe03974ab9927daee55273207fdc22.tar.xz

KEYS: trusted: Debugging as a feature

TPM_DEBUG, and other similar flags, are a non-standard way to specify a feature in Linux kernel. Introduce CONFIG_TRUSTED_KEYS_DEBUG for trusted keys, and use it to replace these ad-hoc feature flags. Given that trusted keys debug dumps can contain sensitive data, harden the feature as follows: 1. In the Kconfig description postulate that pr_debug() statements must be used. 2. Use pr_debug() statements in TPM 1.x driver to print the protocol dump. 3. Require trusted.debug=1 on the kernel command line (default: 0) to activate dumps at runtime, even when CONFIG_TRUSTED_KEYS_DEBUG=y. Traces, when actually needed, can be easily enabled by providing trusted.dyndbg='+p' and trusted.debug=1 in the kernel command-line. Reported-by: Nayna Jain <nayna@linux.ibm.com> Closes: https://lore.kernel.org/all/7f8b8478-5cd8-4d97-bfd0-341fd5cf10f9@linux.ibm.com/ Reviewed-by: Nayna Jain <nayna@linux.ibm.com> Tested-by: Srish Srinivasan <ssrish@linux.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

Diffstat (limited to 'include/linux/platform_data')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: