From: Jarkko Sakkinen <jarkko@kernel.org>
To: Yeoreum Yun <yeoreum.yun@arm.com>
Cc: sudeep.holla@arm.com, peterhuewe@gmx.de, jgg@ziepe.ca,
stuart.yoder@arm.com, linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org
Subject: Re: [PATCH v4 0/2] generate boot_aggregate log in IMA with TPM using CRB over FF-A
Date: Wed, 25 Jun 2025 20:01:51 +0300 [thread overview]
Message-ID: <aFwrf1HnsilrASzX@kernel.org> (raw)
In-Reply-To: <aFwrBU4H0w9AXyQM@kernel.org>
On Wed, Jun 25, 2025 at 07:59:53PM +0300, Jarkko Sakkinen wrote:
> On Wed, Jun 25, 2025 at 11:36:19AM +0100, Yeoreum Yun wrote:
> > Hi Jarkko,
> >
> > > On Wed, Jun 18, 2025 at 11:23:00AM +0100, Yeoreum Yun wrote:
> > > > To ensure the TPM device operating over the FF-A protocol with
> > > > the CRB interface is probed before IMA initialization,
> > > > the following conditions must be met:
> > > >
> > > > 1. The corresponding ffa_device must be registered,
> > > > which is done via ffa_init().
> > > >
> > > > 2. The tpm_crb_driver must successfully probe this device via
> > > > tpm_crb_ffa_init().
> > > >
> > > > 3. The tpm_crb driver using CRB over FF-A can then
> > > > be probed successfully. (See crb_acpi_add() and
> > > > tpm_crb_ffa_init() for reference.)
> > > >
> > > > Unfortunately, ffa_init(), tpm_crb_ffa_init(), and crb_acpi_driver_init() are
> > > > all registered with device_initcall, which means crb_acpi_driver_init() may
> > > > be invoked before ffa_init() and tpm_crb_ffa_init() are completed.
> > >
> > > I get the ffa_init() part i.e, moving it earlier. However for
> > > tpm_crb_ffa_init() and crb_acpi_driver_init(), modules.dep
> > > takes care that they are loaded in order.
> > > For IMA you will need the driver as built-in but that should
> > > be handled via kernel config, not via code changes.
> >
> > In the case of "module" built, it's true.
> > However what I tell here is when "tpm_crb" and "tpm_crb_ffa" is built
> > as "built-in" in this case, it couldn't make a "dependency" between
> > the same initcall level: here is the case of this.
> >
> > 0000000000000888 l .initcall6.init>-------0000000000000000 crb_acpi_driver_init
> > 000000000000088c l .initcall6.init>-------0000000000000000 tpm_crb_ffa_driver_init
> >
> > in this case, wihtout code change, the crb_acpi_driver_init()
> > is failed since tpm_crb_ffa_driver_init() is called later.
> >
> > and this couldn't be solved with kconfig --
> > ARM_FFA_TRANSPORT=y && CONFIG_TCG_CRB=y && CONFIG_TCG_CRB_FFA=y.
> >
> > The Patch #2 is to proing the tpm_crb_ffa as part of
> > crb_acpi_driver_init() when TPM uses method ARM-FFA.
> >
> > If there's another suggestion, let me know please.
>
> Hmm.. I actually got what you mean now. I was looking this from
> wrong angle. I think we can pick these patches!
>
> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
>
> >
> > Thanks
> >
> > --
> > Sincerely,
> > Yeoreum Yun
>
> BR, Jarkko
Applied.
BR, Jarkko
next prev parent reply other threads:[~2025-06-25 20:44 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-18 10:23 [PATCH v4 0/2] generate boot_aggregate log in IMA with TPM using CRB over FF-A Yeoreum Yun
2025-06-18 10:23 ` [PATCH v4 1/2] firmware: arm_ffa: Change initcall level of ffa_init() to rootfs_initcall Yeoreum Yun
2025-06-22 12:22 ` Mimi Zohar
2025-06-24 23:29 ` Jarkko Sakkinen
2025-06-18 10:23 ` [PATCH v4 2/2] tpm: tpm_crb_ffa: try to probe tpm_crb_ffa when it's built-in Yeoreum Yun
2025-06-22 12:23 ` Mimi Zohar
2025-06-24 23:29 ` Jarkko Sakkinen
2025-06-25 10:37 ` Yeoreum Yun
2025-06-25 17:03 ` Jarkko Sakkinen
2025-06-24 23:28 ` [PATCH v4 0/2] generate boot_aggregate log in IMA with TPM using CRB over FF-A Jarkko Sakkinen
2025-06-25 10:36 ` Yeoreum Yun
2025-06-25 16:59 ` Jarkko Sakkinen
2025-06-25 17:01 ` Jarkko Sakkinen [this message]
2025-06-25 19:35 ` Sudeep Holla
2025-06-25 21:47 ` Jarkko Sakkinen
2025-06-26 19:53 ` Sudeep Holla
2025-07-02 22:24 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aFwrf1HnsilrASzX@kernel.org \
--to=jarkko@kernel.org \
--cc=jgg@ziepe.ca \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterhuewe@gmx.de \
--cc=stuart.yoder@arm.com \
--cc=sudeep.holla@arm.com \
--cc=yeoreum.yun@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).