1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef __PKWM_TRUSTED_KEY_H 3 #define __PKWM_TRUSTED_KEY_H 4 5 #include <keys/trusted-type.h> 6 #include <linux/bitops.h> 7 #include <linux/printk.h> 8 9 extern struct trusted_key_ops pkwm_trusted_key_ops; 10 11 struct trusted_pkwm_options { 12 u16 wrap_flags; 13 }; 14 15 static inline void dump_options(struct trusted_key_options *o) 16 { 17 const struct trusted_pkwm_options *pkwm; 18 bool sb_audit_or_enforce_bit; 19 bool sb_enforce_bit; 20 21 pkwm = o->private; 22 sb_audit_or_enforce_bit = pkwm->wrap_flags & BIT(0); 23 sb_enforce_bit = pkwm->wrap_flags & BIT(1); 24 25 if (sb_audit_or_enforce_bit) 26 pr_debug("secure boot mode required: audit or enforce"); 27 else if (sb_enforce_bit) 28 pr_debug("secure boot mode required: enforce"); 29 else 30 pr_debug("secure boot mode required: disabled"); 31 } 32 33 #endif 34