On Mon, Mar 23, 2026 at 11:00:46AM +0200, Jarkko Sakkinen wrote: > TPM_DEBUG is a non-standard way to specify a feature in Linux kernel. > Introduce CONFIG_TRUSTED_KEYS_DEBUG, and use it to replace TPM_DEBUG in > TPM 1.x trusted keys. > > Given that protocol bus could contain sensitive data, harden the feature as > follows: > > 1. In the Kconfig description postulate that pr_debug() statements must be > used. > 2. Use pr_debug() statements in TPM 1.x driver to print the protocol dump. > > Traces can be enabled e.g., by providing trusted.dyndbg='+p' for the kernel > command-line. > > Cc: Srish Srinivasan <[email protected]> > Reported-by: Nayna Jain <[email protected]> > Closes: > https://lore.kernel.org/all/[email protected]/ > Signed-off-by: Jarkko Sakkinen <[email protected]> > ---
I'm posting a v2 update with HAVE_* flag and a bit wider scope. BR, Jarkko
