[PATCH AUTOSEL 6.12 07/31] firmware: arm_ffa: Change initcall level of ffa_init() to rootfs_initcall

[Sasha Levin <sashal@kernel.org>]

From: Yeoreum Yun <yeoreum.yun@arm.com>

[ Upstream commit 0e0546eabcd6c19765a8dbf5b5db3723e7b0ea75 ]

The Linux IMA (Integrity Measurement Architecture) subsystem used for
secure boot, file integrity, or remote attestation cannot be a loadable
module for few reasons listed below:

 o Boot-Time Integrity: IMA’s main role is to measure and appraise files
 before they are used. This includes measuring critical system files during
 early boot (e.g., init, init scripts, login binaries). If IMA were a
 module, it would be loaded too late to cover those.

 o TPM Dependency: IMA integrates tightly with the TPM to record
 measurements into PCRs. The TPM must be initialized early (ideally before
 init_ima()), which aligns with IMA being built-in.

 o Security Model: IMA is part of a Trusted Computing Base (TCB). Making it
 a module would weaken the security model, as a potentially compromised
 system could delay or tamper with its initialization.

IMA must be built-in to ensure it starts measuring from the earliest
possible point in boot which inturn implies TPM must be initialised and
ready to use before IMA.

To enable integration of tpm_event_log with the IMA subsystem, the TPM
drivers (tpm_crb and tpm_crb_ffa) also needs to be built-in. However with
FF-A driver also being initialised at device initcall level, it can lead to
an initialization order issue where:
 - crb_acpi_driver_init() may run before tpm_crb_ffa_driver()_init and
   ffa_init()
 - As a result, probing the TPM device via CRB over FFA is deferred
 - ima_init() (called as a late initcall) runs before deferred probe
   completes, IMA fails to find the TPM and logs the below error:

   |  ima: No TPM chip found, activating TPM-bypass!

Eventually it fails to generate boot_aggregate with PCR values.

Because of the above stated dependency, the ffa driver needs to initialised
before tpm_crb_ffa module to ensure IMA finds the TPM successfully when
present.

[ jarkko: reformatted some of the paragraphs because they were going past
  the 75 character boundary. ]

Signed-off-by: Yeoreum Yun <yeoreum.yun@arm.com>
Reviewed-by: Mimi Zohar <zohar@linux.ibm.com>
Reviewed-by: Sudeep Holla <sudeep.holla@arm.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---

LLM Generated explanations, may be completely bogus:

**Backport Status: YES**

This commit should be backported to stable kernel trees for the
following reasons:

1. **Fixes a real bug affecting users**: The commit fixes a boot
   initialization order issue where IMA (Integrity Measurement
   Architecture) fails to find the TPM device when using TPM over FF-A
   (Firmware Framework for Arm Architecture). Without this fix, systems
   with TPM accessed via FF-A get the error "ima: No TPM chip found,
   activating TPM-bypass!" and fail to generate boot_aggregate with PCR
   values, breaking secure boot attestation.

2. **Small and contained change**: The code change is minimal - just
   changing `module_init(ffa_init)` to `rootfs_initcall(ffa_init)`. This
   is a one-line change that only affects initialization timing.

3. **No architectural changes**: This is purely an initialization order
   fix that doesn't introduce new features or change the architecture of
   the FF-A driver.

4. **Security-critical fix**: IMA is a security subsystem used for
   secure boot, file integrity, and remote attestation. The bug prevents
   proper boot measurements from being recorded in the TPM, which is a
   critical security failure for systems relying on measured boot.

5. **Clear problem and solution**: The commit message clearly explains
   the initialization order dependency between FF-A, TPM drivers
   (tpm_crb_ffa), and IMA. The fix ensures FF-A initializes earlier (at
   rootfs_initcall level) so the TPM is available when IMA initializes
   (at late_initcall level).


7. **Multiple reviewers**: The patch has been reviewed by relevant
   maintainers including Mimi Zohar (IMA maintainer), Sudeep Holla (FF-A
   maintainer), and Jarkko Sakkinen (TPM maintainer).

The change meets all stable kernel criteria: it fixes an important bug,
has minimal risk of regression, and is confined to fixing the specific
initialization order issue without side effects.

 drivers/firmware/arm_ffa/driver.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/firmware/arm_ffa/driver.c b/drivers/firmware/arm_ffa/driver.c
index 83dad9c2da06..9fdfccbc6479 100644
--- a/drivers/firmware/arm_ffa/driver.c
+++ b/drivers/firmware/arm_ffa/driver.c
@@ -1815,7 +1815,7 @@ static int __init ffa_init(void)
 	kfree(drv_info);
 	return ret;
 }
-module_init(ffa_init);
+rootfs_initcall(ffa_init);
 
 static void __exit ffa_exit(void)
 {
-- 
2.39.5