Re: [PATCH v2 1/2] keys/trusted_keys: clean up debug message logging in the tpm backend

Next message: Deepanshu Kartikey: "[PATCH] ntfs3: fix memory leak in indx_create_allocate()"
Previous message: Jarkko Sakkinen: "Re: [PATCH v2 1/2] keys/trusted_keys: clean up debug message logging in the tpm backend"
In reply to: Jarkko Sakkinen: "Re: [PATCH v2 1/2] keys/trusted_keys: clean up debug message logging in the tpm backend"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jarkko Sakkinen

Date: Mon Mar 23 2026 - 01:21:46 EST

On Mon, Mar 23, 2026 at 07:17:51AM +0200, Jarkko Sakkinen wrote:
> On Mon, Mar 09, 2026 at 06:45:23PM -0400, Nayna Jain wrote:
> >
> > On 2/20/26 1:34 PM, Srish Srinivasan wrote:
> > > The TPM trusted-keys backend uses a local TPM_DEBUG guard and pr_info()
> > > for logging debug information.
> > >
> > > Replace pr_info() with pr_debug(), and use KERN_DEBUG for print_hex_dump().
> > > Remove TPM_DEBUG.
> > >
> > > No functional change intended.
> > There is functional change here. This change allows secret and nonce in the
> > function dump_sess() to be logged to kernel logs when dynamic debug is
> > enabled. Previously, it was possible only in the debug builds and not the
> > production builds at runtime. With this change, it is always there in
> > production build. This can result in possible attack.
>
> Good catch, thank you. It's in my master branch still (not in -next).
>
> TPM_DEBUG should be removed in all cases. If you really want to read
> a secret, use tracing tools.
>
> This only proves that the print should exist or should be a constant
> value, or overwritten same length value.

I dropped the current patches but yeah, a comment "do not touch this,
could be poisonous" won't be an acceptable way to address this.

If you want "some" debug information you can always put F-string or
0-string of same length, so there's options.

BR, Jarkko