| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250610060334.2149041-2-yeoreum.yun@arm.com>
Date: Tue, 10 Jun 2025 07:03:33 +0100
From: Yeoreum Yun <yeoreum.yun@....com>
To: jarkko@...nel.org,
sudeep.holla@....com,
peterhuewe@....de,
jgg@...pe.ca,
stuart.yoder@....com
Cc: linux-arm-kernel@...ts.infradead.org,
linux-kernel@...r.kernel.org,
linux-integrity@...r.kernel.org,
Yeoreum Yun <yeoreum.yun@....com>
Subject: [PATCH v2 1/2] firmware: arm_ffa: Change initcall level of ffa_init() to rootfs_initcall
The Linux IMA (Integrity Measurement Architecture) subsystem used for secure
boot, file integrity, or remote attestation cannot be a loadable module
for few reasons listed below:
o Boot-Time Integrity: IMA’s main role is to measure and appraise files
before they are used. This includes measuring critical system files during
early boot (e.g., init, init scripts, login binaries). If IMA were a module,
it would be loaded too late to cover those.
o TPM Dependency: IMA integrates tightly with the TPM to record measurements
into PCRs. The TPM must be initialized early (ideally before init_ima()),
which aligns with IMA being built-in.
o Security Model: IMA is part of a Trusted Computing Base (TCB). Making it a
module would weaken the security model, as a potentially compromised system
could delay or tamper with its initialization.
IMA must be built-in to ensure it starts measuring from the earliest possible
point in boot which inturn implies TPM must be initialised and ready to use
before IMA.
To enable integration of tpm_event_log with the IMA subsystem, the TPM drivers
(tpm_crb and tpm_crb_ffa) also needs to be built-in. However with FF-A driver
also being initialised at device initcall level, it can lead to an
initialization order issue where:
- crb_acpi_driver_init() may run before tpm_crb_ffa_driver()_init and ffa_init()
- As a result, probing the TPM device via CRB over FFA is deferred
- ima_init() (called as a late initcall) runs before deferred probe completes,
IMA fails to find the TPM and logs the below error:
| ima: No TPM chip found, activating TPM-bypass!
Eventually it fails to generate boot_aggregate with PCR values.
Because of the above stated dependency, the ffa driver needs to initialised
before tpm_crb_ffa module to ensure IMA finds the TPM successfully when
present.
Signed-off-by: Yeoreum Yun <yeoreum.yun@....com>
---
drivers/firmware/arm_ffa/driver.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/firmware/arm_ffa/driver.c b/drivers/firmware/arm_ffa/driver.c
index fe55613a8ea9..1a690b8186df 100644
--- a/drivers/firmware/arm_ffa/driver.c
+++ b/drivers/firmware/arm_ffa/driver.c
@@ -2058,7 +2058,7 @@ static int __init ffa_init(void)
kfree(drv_info);
return ret;
}
-module_init(ffa_init);
+rootfs_initcall(ffa_init);
static void __exit ffa_exit(void)
{
--
LEVI:{C3F47F37-75D8-414A-A8BA-3980EC8A46D7}
Powered by blists - more mailing lists