On Mon, Mar 23, 2026 at 07:17:51AM +0200, Jarkko Sakkinen wrote: > On Mon, Mar 09, 2026 at 06:45:23PM -0400, Nayna Jain wrote: > > > > On 2/20/26 1:34 PM, Srish Srinivasan wrote: > > > The TPM trusted-keys backend uses a local TPM_DEBUG guard and pr_info() > > > for logging debug information. > > > > > > Replace pr_info() with pr_debug(), and use KERN_DEBUG for > > > print_hex_dump(). > > > Remove TPM_DEBUG. > > > > > > No functional change intended. > > There is functional change here. This change allows secret and nonce in the > > function dump_sess() to be logged to kernel logs when dynamic debug is > > enabled. Previously, it was possible only in the debug builds and not the > > production builds at runtime. With this change, it is always there in > > production build. This can result in possible attack. > > Good catch, thank you. It's in my master branch still (not in -next). > > TPM_DEBUG should be removed in all cases. If you really want to read > a secret, use tracing tools. > > This only proves that the print should exist or should be a constant > value, or overwritten same length value.
I dropped the current patches but yeah, a comment "do not touch this, could be poisonous" won't be an acceptable way to address this. If you want "some" debug information you can always put F-string or 0-string of same length, so there's options. BR, Jarkko
