On Tue, Mar 17, 2026 at 08:44:03AM +0530, Srish Srinivasan wrote: > > On 3/10/26 4:15 AM, Nayna Jain wrote: > > > > On 2/20/26 1:34 PM, Srish Srinivasan wrote: > > > The TPM trusted-keys backend uses a local TPM_DEBUG guard and pr_info() > > > for logging debug information. > > > > > > Replace pr_info() with pr_debug(), and use KERN_DEBUG for > > > print_hex_dump(). > > > Remove TPM_DEBUG. > > > > > > No functional change intended. > > There is functional change here. This change allows secret and nonce in > > the function dump_sess() to be logged to kernel logs when dynamic debug > > is enabled. Previously, it was possible only in the debug builds and not > > the production builds at runtime. With this change, it is always there > > in production build. This can result in possible attack. > > > Hi Jarkko, > Could you please let us know your thoughts on this one? > > And Nayna, > thanks for bringing this up.
Nayna is absolutely right so I dropped it. Solution is debatable. > > thanks, > Srish. BR, Jarkko
