diff options
| author | Jarkko Sakkinen <jarkko@kernel.org> | 2026-04-09 19:07:51 +0300 |
|---|---|---|
| committer | Jarkko Sakkinen <jarkko@kernel.org> | 2026-06-15 15:19:12 +0300 |
| commit | 4d05e948cebe03974ab9927daee55273207fdc22 (patch) | |
| tree | 0dffa192549b9b8f964abb96854c17483f2063b8 /include | |
| parent | 3a1705d180b203a6764d2a142d602bbf522d339b (diff) | |
| download | linux-4d05e948cebe03974ab9927daee55273207fdc22.tar.xz | |
KEYS: trusted: Debugging as a feature
TPM_DEBUG, and other similar flags, are a non-standard way to specify a
feature in Linux kernel. Introduce CONFIG_TRUSTED_KEYS_DEBUG for trusted
keys, and use it to replace these ad-hoc feature flags.
Given that trusted keys debug dumps can contain sensitive data, harden the
feature as follows:
1. In the Kconfig description postulate that pr_debug() statements must be
used.
2. Use pr_debug() statements in TPM 1.x driver to print the protocol dump.
3. Require trusted.debug=1 on the kernel command line (default: 0) to
activate dumps at runtime, even when CONFIG_TRUSTED_KEYS_DEBUG=y.
Traces, when actually needed, can be easily enabled by providing
trusted.dyndbg='+p' and trusted.debug=1 in the kernel command-line.
Reported-by: Nayna Jain <nayna@linux.ibm.com>
Closes: https://lore.kernel.org/all/7f8b8478-5cd8-4d97-bfd0-341fd5cf10f9@linux.ibm.com/
Reviewed-by: Nayna Jain <nayna@linux.ibm.com>
Tested-by: Srish Srinivasan <ssrish@linux.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/keys/trusted-type.h | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h index 03527162613f..9f9940482da4 100644 --- a/include/keys/trusted-type.h +++ b/include/keys/trusted-type.h @@ -83,18 +83,21 @@ struct trusted_key_source { extern struct key_type key_type_trusted; -#define TRUSTED_DEBUG 0 +#ifdef CONFIG_TRUSTED_KEYS_DEBUG +extern bool trusted_debug; -#if TRUSTED_DEBUG static inline void dump_payload(struct trusted_key_payload *p) { - pr_info("key_len %d\n", p->key_len); - print_hex_dump(KERN_INFO, "key ", DUMP_PREFIX_NONE, - 16, 1, p->key, p->key_len, 0); - pr_info("bloblen %d\n", p->blob_len); - print_hex_dump(KERN_INFO, "blob ", DUMP_PREFIX_NONE, - 16, 1, p->blob, p->blob_len, 0); - pr_info("migratable %d\n", p->migratable); + if (!trusted_debug) + return; + + pr_debug("key_len %d\n", p->key_len); + print_hex_dump_debug("key ", DUMP_PREFIX_NONE, + 16, 1, p->key, p->key_len, 0); + pr_debug("bloblen %d\n", p->blob_len); + print_hex_dump_debug("blob ", DUMP_PREFIX_NONE, + 16, 1, p->blob, p->blob_len, 0); + pr_debug("migratable %d\n", p->migratable); } #else static inline void dump_payload(struct trusted_key_payload *p) |