trusted_pkwm.h 799 B

123456789101112131415161718192021222324252627282930313233
  1. /* SPDX-License-Identifier: GPL-2.0 */
  2. #ifndef __PKWM_TRUSTED_KEY_H
  3. #define __PKWM_TRUSTED_KEY_H
  4. #include <keys/trusted-type.h>
  5. #include <linux/bitops.h>
  6. #include <linux/printk.h>
  7. extern struct trusted_key_ops pkwm_trusted_key_ops;
  8. struct trusted_pkwm_options {
  9. u16 wrap_flags;
  10. };
  11. static inline void dump_options(struct trusted_key_options *o)
  12. {
  13. const struct trusted_pkwm_options *pkwm;
  14. bool sb_audit_or_enforce_bit;
  15. bool sb_enforce_bit;
  16. pkwm = o->private;
  17. sb_audit_or_enforce_bit = pkwm->wrap_flags & BIT(0);
  18. sb_enforce_bit = pkwm->wrap_flags & BIT(1);
  19. if (sb_audit_or_enforce_bit)
  20. pr_debug("secure boot mode required: audit or enforce");
  21. else if (sb_enforce_bit)
  22. pr_debug("secure boot mode required: enforce");
  23. else
  24. pr_debug("secure boot mode required: disabled");
  25. }
  26. #endif