Re: [PATCH v4 2/2] tpm: tpm_crb_ffa: try to probe tpm_crb_ffa when it's built-in

From: Mimi Zohar
Date: Sun Jun 22 2025 - 08:24:15 EST

Next message: Lothar Rubusch: "[PATCH v6 1/8] iio: accel: adxl313: make use of regmap cache"
Previous message: Li Ming: "Re: [PATCH] cxl/memdev: automate cleanup with __free()"
In reply to: Yeoreum Yun: "[PATCH v4 2/2] tpm: tpm_crb_ffa: try to probe tpm_crb_ffa when it's built-in"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2025-06-18 at 11:23 +0100, Yeoreum Yun wrote:
> To generate the boot_aggregate log in the IMA subsystem using TPM PCR values,
> the TPM driver must be built as built-in and must be probed before
> the IMA subsystem is initialized.
>
> However, when the TPM device operates over the FF-A protocol using the CRB interface,
> probing fails and returns -EPROBE_DEFER
> if the tpm_crb_ffa device — an FF-A device that provides
> the communication interface to the tpm_crb driver — has not yet been probed.
>
> This issue occurs because both crb_acpi_driver_init() and
> tpm_crb_ffa_driver_init() are registered with device_initcall.
> As a result, crb_acpi_driver_init() may be invoked before
> tpm_crb_ffa_driver_init(), which is responsible for probing the tpm_crb_ffa device.
>
> When this happens, IMA fails to detect the TPM device and
> logs the following message:
>
> | ima: No TPM chip found, activating TPM-bypass!
>
> Consequently, it cannot generate the boot_aggregate log with
> the PCR values provided by the TPM.
>
> To resolve this issue, the tpm_crb_ffa_init() function explicitly attempts to
> probe the tpm_crb_ffa by register tpm_crb_ffa driver so that
> when tpm_crb_ffa device is created before tpm_crb_ffa_init(),
> probe the tpm_crb_ffa device in tpm_crb_ffa_init() to finish probe the
> TPM device completely.
>
> This ensures that the TPM device using CRB over FF-A
> can be successfully probed, even if crb_acpi_driver_init() is called first.
>
> Signed-off-by: Yeoreum Yun <yeoreum.yun@xxxxxxx>
> ---
> drivers/char/tpm/tpm_crb_ffa.c | 19 ++++++++++++++++---
> 1 file changed, 16 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm_crb_ffa.c b/drivers/char/tpm/tpm_crb_ffa.c
> index 4ead61f01299..462fcf610020 100644
> --- a/drivers/char/tpm/tpm_crb_ffa.c
> +++ b/drivers/char/tpm/tpm_crb_ffa.c
> @@ -115,6 +115,7 @@ struct tpm_crb_ffa {
> };
>
> static struct tpm_crb_ffa *tpm_crb_ffa;
> +static struct ffa_driver tpm_crb_ffa_driver;
>
> static int tpm_crb_ffa_to_linux_errno(int errno)
> {
> @@ -168,13 +169,23 @@ static int tpm_crb_ffa_to_linux_errno(int errno)
> */
> int tpm_crb_ffa_init(void)
> {
> + int ret = 0;
> +
> + if (!IS_MODULE(CONFIG_TCG_ARM_CRB_FFA)) {
> + ret = ffa_register(&tpm_crb_ffa_driver);
> + if (ret) {
> + tpm_crb_ffa = ERR_PTR(-ENODEV);
> + return ret;
> + }
> + }
> +
> if (!tpm_crb_ffa)
> - return -ENOENT;
> + ret = -ENOENT;
>
> if (IS_ERR_VALUE(tpm_crb_ffa))
> - return -ENODEV;
> + ret = -ENODEV;
>
> - return 0;
> + return ret;
> }
> EXPORT_SYMBOL_GPL(tpm_crb_ffa_init);
>
> @@ -369,7 +380,9 @@ static struct ffa_driver tpm_crb_ffa_driver = {
> .id_table = tpm_crb_ffa_device_id,
> };
>
> +#ifdef MODULE
> module_ffa_driver(tpm_crb_ffa_driver);
> +#endif
>
> MODULE_AUTHOR("Arm");
> MODULE_DESCRIPTION("TPM CRB FFA driver");

LGTM. Using ifndef/ifdef MODULE is similar to how module_init() works for both
builtin and loadable kernel modules. Except module_init() is on the
device_initcall().

Reviewed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>

Next message: Lothar Rubusch: "[PATCH v6 1/8] iio: accel: adxl313: make use of regmap cache"
Previous message: Li Ming: "Re: [PATCH] cxl/memdev: automate cleanup with __free()"
In reply to: Yeoreum Yun: "[PATCH v4 2/2] tpm: tpm_crb_ffa: try to probe tpm_crb_ffa when it's built-in"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]