From nobody Fri Jun 19 09:04:59 2026 Received: from the.earth.li (the.earth.li [93.93.131.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6EB8836D500; Fri, 24 Apr 2026 13:24:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=93.93.131.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777037049; cv=none; b=VFMvV1hsdcq4D3FRycwhLFuJ+VDM/eA7Cscdt6vh4iicxFQZYujtoPSY+GbqkCIF6hD+TBnWe3/m4AZE7I3LEjfkC6HzMDHctU9pkuuKDqVtOTepA3RbJv2YkcmyPdno9YM3dtubl+CfZtg/4D6WNu13ckwuVOmuNUkApc8SSX0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777037049; c=relaxed/simple; bh=aVadvFnQupu3+YjXiN45iZ7eUGUZiORmeNoqMxI8+5o=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=YY/zNuM4RD4/s0DUkyo5yssmKJDSCgCs3yZkAV9kKOZcwWA7wISIaOgOUKRzO6jk1k9rmx72sN02SFHovmfSEkYVNZhoWXg6tCWK646n6Da7UDEWQCCL1LNkRiZL0k3Zjhut97II0enT3A11ezbdnazg3AjqDIF/OClG7M1NQc8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=earth.li; spf=pass smtp.mailfrom=earth.li; dkim=pass (2048-bit key) header.d=earth.li header.i=@earth.li header.b=LjSajm/L; arc=none smtp.client-ip=93.93.131.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=earth.li Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=earth.li Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=earth.li header.i=@earth.li header.b="LjSajm/L" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=earth.li; s=the; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject: Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=6dUscyZYadGP/u9WJSSSuXzFvgisXZewFczcAHjysNQ=; b=LjSajm/Lv1J/FIEsPkNqemQ0lr JJFDS8nLZIO94YyIh7OWBNGrSlWjeSmtNUZQkknrUVZq7gE0SnFxWN/dZmlDD5QiyI/dLzbze/k8b MNPROBK3V0WXzbMz5oWFEK8ogZ0ztwIUUQaYZ6VOJKTur2tdLsDhZ3WQIx3Kh0bEoII4eB5JpkgmX B6nfhnKJv4kysIQojZ/uPm/NTg0PLy80kFW5CSgaTgmo9sHz+x1Foh0Et+IYVGUEB2R2bPgpHviiM l7pULkqFsWeZlbn647tGJs1N07H4hsM5VGMeQ752exLP3MgQ64GVLFbFntFG7gUfmN62TvMP2Mn6I 1xzVA0tw==; Received: from noodles by the.earth.li with local (Exim 4.98.2) (envelope-from ) id 1wGGVp-0000000553V-3BUk; Fri, 24 Apr 2026 14:24:05 +0100 Date: Fri, 24 Apr 2026 14:24:05 +0100 From: Jonathan McDowell To: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev Cc: paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, zohar@linux.ibm.com, roberto.sassu@huawei.com, dmitry.kasatkin@gmail.com, eric.snowberg@oracle.com, jarkko@kernel.org, jgg@ziepe.ca, sudeep.holla@kernel.org, maz@kernel.org, oupton@kernel.org, joey.gouly@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com, catalin.marinas@arm.com, will@kernel.org, noodles@meta.com, sebastianene@google.com, Yeoreum Yun Subject: [RFC PATCH v3 1/4] lsm: Allow LSMs to register for late_initcall_sync init Message-ID: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Yeoreum Yun There are situations where LSMs have dependencies that might mean they want to be initialised later in the boot process, to ensure those dependencies are available. In particular there are some TPM setups (Arm FF-A devices, SPI attached TPMs) required by IMA which are not guaranteed to be initialised for regular initcall_late. Add an initcall_late_sync option that can be used in these situations. [noodles: Split out from actual IMA changes] Signed-off-by: Yeoreum Yun Signed-off-by: Jonathan McDowell --- include/linux/lsm_hooks.h | 2 ++ security/lsm_init.c | 13 +++++++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/include/linux/lsm_hooks.h b/include/linux/lsm_hooks.h index d48bf0ad26f4..88fe105b7f00 100644 --- a/include/linux/lsm_hooks.h +++ b/include/linux/lsm_hooks.h @@ -166,6 +166,7 @@ enum lsm_order { * @initcall_fs: LSM callback for fs_initcall setup, optional * @initcall_device: LSM callback for device_initcall() setup, optional * @initcall_late: LSM callback for late_initcall() setup, optional + * @initcall_late_sync: LSM callback for late_initcall_sync() setup, optio= nal */ struct lsm_info { const struct lsm_id *id; @@ -181,6 +182,7 @@ struct lsm_info { int (*initcall_fs)(void); int (*initcall_device)(void); int (*initcall_late)(void); + int (*initcall_late_sync)(void); }; =20 #define DEFINE_LSM(lsm) \ diff --git a/security/lsm_init.c b/security/lsm_init.c index 573e2a7250c4..4e5c59beb82a 100644 --- a/security/lsm_init.c +++ b/security/lsm_init.c @@ -547,13 +547,22 @@ device_initcall(security_initcall_device); * security_initcall_late - Run the LSM late initcalls */ static int __init security_initcall_late(void) +{ + return lsm_initcall(late); +} +late_initcall(security_initcall_late); + +/** + * security_initcall_late_sync - Run the LSM late initcalls sync + */ +static int __init security_initcall_late_sync(void) { int rc; =20 - rc =3D lsm_initcall(late); + rc =3D lsm_initcall(late_sync); lsm_pr_dbg("all enabled LSMs fully activated\n"); call_blocking_lsm_notifier(LSM_STARTED_ALL, NULL); =20 return rc; } -late_initcall(security_initcall_late); +late_initcall_sync(security_initcall_late_sync); --=20 2.53.0 From nobody Fri Jun 19 09:04:59 2026 Received: from the.earth.li (the.earth.li [93.93.131.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 93A86388377; Fri, 24 Apr 2026 13:24:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=93.93.131.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777037063; cv=none; b=cREd5BXqWFrn0o9l16KiPW9F7wPUA6wv7t0BA1Q901dkExT+D2vvcqcM6S63SNED0vGI5LbTtRbCE80rN6mmOsap+7I6ayLG5/73IzHJFSRf5NSunngslM+PP6Rk1eWFE97jlmRHcrmosRogN5jBG8QHFno4nJuYocFGsr13Mu4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777037063; c=relaxed/simple; bh=Hx+ZZbfg1MQJpxlxs4j26r0D+rgjSaAkmyqhG04LFHQ=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=GRMzW979p3kqvx4GwoE8DWRGnWK5roU4ngq8rGtQaKh+qI21Y81cTORU7YulrQB/v2cOnmYrQweCcaxcKt+usDWJJ3UMOpRbiz4VlEysYm80URSD6qoFL5KD17DZtg3YjAKuKaklQflxVjxWQ622bw0q/1VoaBceXpxwCfHPaEM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=earth.li; spf=pass smtp.mailfrom=earth.li; dkim=pass (2048-bit key) header.d=earth.li header.i=@earth.li header.b=D65PBNvL; arc=none smtp.client-ip=93.93.131.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=earth.li Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=earth.li Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=earth.li header.i=@earth.li header.b="D65PBNvL" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=earth.li; s=the; h=In-Reply-To:Content-Transfer-Encoding:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=6Nvn3ObXRz2uv8aCo2R7yd1QBj2duvA02yL4dEAZ49E=; b=D65PBNvL/oV2YtmLCo24PHKwMt pAvDYiUfVRne77poAKmrnN+3sUyOMP7zuzpv7XW+FlDtQQUjC7gLAabPh6+QnGz28X20qT80Mngwg /BXSW5rQmOg2sja/Uy1tvD1rTH9o4WjMkyq1zye0Cu8hpkNRk7W0DKfHJxclV0+LVGsoWvVUjzJjf o4q7e7MDKoktcrX57IXBhVUfPhYR+5x+ibIE6X/VeqFZZkRbKnFy60kOBG0SOiRDKnTw3VMKkiTKo P3ArzeZ7w7RnhsAP0T0+xIM+uEF9qzawEMnnyaEADOV0vIW225h1925kJyL8T2p+EI/LGVrHWRACQ L+jjsZfQ==; Received: from noodles by the.earth.li with local (Exim 4.98.2) (envelope-from ) id 1wGGW3-0000000554Y-09YU; Fri, 24 Apr 2026 14:24:19 +0100 Date: Fri, 24 Apr 2026 14:24:19 +0100 From: Jonathan McDowell To: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev Cc: paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, zohar@linux.ibm.com, roberto.sassu@huawei.com, dmitry.kasatkin@gmail.com, eric.snowberg@oracle.com, jarkko@kernel.org, jgg@ziepe.ca, sudeep.holla@kernel.org, maz@kernel.org, oupton@kernel.org, joey.gouly@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com, catalin.marinas@arm.com, will@kernel.org, noodles@meta.com, sebastianene@google.com, Yeoreum Yun Subject: [RFC PATCH v3 2/4] security: ima: call ima_init() again at late_initcall_sync for defered TPM Message-ID: <5552c20c6d6d2ae3bbb6b35124af5d98d2f79163.1777036497.git.noodles@meta.com> References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: From: Jonathan McDowell The Linux IMA (Integrity Measurement Architecture) subsystem used for secure boot, file integrity, or remote attestation cannot be a loadable module for few reasons listed below: o Boot-Time Integrity: IMA=E2=80=99s main role is to measure and appraise = files before they are used. This includes measuring critical system files during early boot (e.g., init, init scripts, login binaries). If IMA were a module, it would be loaded too late to cover those. o TPM Dependency: IMA integrates tightly with the TPM to record measurements into PCRs. The TPM must be initialized early (ideally before init_ima()), which aligns with IMA being built-in. o Security Model: IMA is part of a Trusted Computing Base (TCB). Making it a module would weaken the security model, as a potentially compromised system could delay or tamper with its initialization. IMA must be built-in to ensure it starts measuring from the earliest possible point in boot which inturn implies TPM must be initialised and ready to use before IMA. Unfortunately some TPM drivers (such as Arm FF-A, or SPI attached TPM devices) are not reliably available during the initcall_late stage, resulting in a log error: ima: No TPM chip found, activating TPM-bypass! and no measurements into the TPM by IMA. We can avoid this by doing IMA init in the initcall_late_sync stage, after the drivers have completed their init + registration. Rather than do this everywhere, and needlessly delay the initialisation of IMA when there is no need to do so, we continue to try to initialise at the earlier stage, only deferring to the later point if the TPM is not available yet. Signed-off-by: Jonathan McDowell Reviewed-by: Yeoreum Yun --- security/integrity/ima/ima.h | 3 +- security/integrity/ima/ima_init.c | 25 ++++++++------- security/integrity/ima/ima_main.c | 37 ++++++++++++++++++++--- security/integrity/ima/ima_template_lib.c | 3 +- 4 files changed, 50 insertions(+), 18 deletions(-) diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index 89ebe98ffc5e..b3677b403a5a 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -65,6 +65,7 @@ extern struct ima_algo_desc *ima_algo_array __ro_after_in= it; extern int ima_appraise; extern struct tpm_chip *ima_tpm_chip; extern const char boot_aggregate_name[]; +extern const char boot_aggregate_late_name[]; =20 /* IMA event related data */ struct ima_event_data { @@ -257,7 +258,7 @@ static inline void ima_measure_kexec_event(const char *= event_name) {} extern bool ima_canonical_fmt; =20 /* Internal IMA function definitions */ -int ima_init(void); +int ima_init_core(bool late); int ima_fs_init(void); int ima_add_template_entry(struct ima_template_entry *entry, int violation, const char *op, struct inode *inode, diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima= _init.c index a2f34f2d8ad7..5f335834a9bb 100644 --- a/security/integrity/ima/ima_init.c +++ b/security/integrity/ima/ima_init.c @@ -22,6 +22,7 @@ =20 /* name for boot aggregate entry */ const char boot_aggregate_name[] =3D "boot_aggregate"; +const char boot_aggregate_late_name[] =3D "boot_aggregate_late"; struct tpm_chip *ima_tpm_chip; =20 /* Add the boot aggregate to the IMA measurement list and extend @@ -39,17 +40,17 @@ struct tpm_chip *ima_tpm_chip; * a different value.) Violations add a zero entry to the measurement * list and extend the aggregate PCR value with ff...ff's. */ -static int __init ima_add_boot_aggregate(void) +static int __init ima_add_boot_aggregate(bool late) { static const char op[] =3D "add_boot_aggregate"; const char *audit_cause =3D "ENOMEM"; struct ima_template_entry *entry; struct ima_iint_cache tmp_iint, *iint =3D &tmp_iint; - struct ima_event_data event_data =3D { .iint =3D iint, - .filename =3D boot_aggregate_name }; + struct ima_event_data event_data =3D { .iint =3D iint }; struct ima_max_digest_data hash; struct ima_digest_data *hash_hdr =3D container_of(&hash.hdr, struct ima_digest_data, hdr); + const char *filename; int result =3D -ENOMEM; int violation =3D 0; =20 @@ -59,6 +60,12 @@ static int __init ima_add_boot_aggregate(void) iint->ima_hash->algo =3D ima_hash_algo; iint->ima_hash->length =3D hash_digest_size[ima_hash_algo]; =20 + if (late) + filename =3D boot_aggregate_late_name; + else + filename =3D boot_aggregate_name; + event_data.filename =3D filename; + /* * With TPM 2.0 hash agility, TPM chips could support multiple TPM * PCR banks, allowing firmware to configure and enable different @@ -86,7 +93,7 @@ static int __init ima_add_boot_aggregate(void) } =20 result =3D ima_store_template(entry, violation, NULL, - boot_aggregate_name, + filename, CONFIG_IMA_MEASURE_PCR_IDX); if (result < 0) { ima_free_template_entry(entry); @@ -95,7 +102,7 @@ static int __init ima_add_boot_aggregate(void) } return 0; err_out: - integrity_audit_msg(AUDIT_INTEGRITY_PCR, NULL, boot_aggregate_name, op, + integrity_audit_msg(AUDIT_INTEGRITY_PCR, NULL, filename, op, audit_cause, result, 0); return result; } @@ -115,14 +122,10 @@ void __init ima_load_x509(void) } #endif =20 -int __init ima_init(void) +int __init ima_init_core(bool late) { int rc; =20 - ima_tpm_chip =3D tpm_default_chip(); - if (!ima_tpm_chip) - pr_info("No TPM chip found, activating TPM-bypass!\n"); - rc =3D integrity_init_keyring(INTEGRITY_KEYRING_IMA); if (rc) return rc; @@ -140,7 +143,7 @@ int __init ima_init(void) rc =3D ima_init_digests(); if (rc !=3D 0) return rc; - rc =3D ima_add_boot_aggregate(); /* boot aggregate must be first entry */ + rc =3D ima_add_boot_aggregate(late); /* boot aggregate must be first entr= y */ if (rc !=3D 0) return rc; =20 diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima= _main.c index 1d6229b156fb..0b93a286c0d3 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -1237,7 +1237,7 @@ static int ima_kernel_module_request(char *kmod_name) =20 #endif /* CONFIG_INTEGRITY_ASYMMETRIC_KEYS */ =20 -static int __init init_ima(void) +static int __init init_ima(bool late) { int error; =20 @@ -1247,10 +1247,26 @@ static int __init init_ima(void) return 0; } =20 + /* + * If we found the TPM during our first attempt, or we know there's no + * TPM, nothing further to do + */ + if (late && (ima_tpm_chip || !IS_ENABLED(CONFIG_TCG_TPM))) + return 0; + + ima_tpm_chip =3D tpm_default_chip(); + if (!ima_tpm_chip && !late && IS_ENABLED(CONFIG_TCG_TPM)) { + pr_debug("TPM not available, will try later\n"); + return -EPROBE_DEFER; + } + + if (!ima_tpm_chip) + pr_info("No TPM chip found, activating TPM-bypass!\n"); + ima_appraise_parse_cmdline(); ima_init_template_list(); hash_setup(CONFIG_IMA_DEFAULT_HASH); - error =3D ima_init(); + error =3D ima_init_core(late); =20 if (error && strcmp(hash_algo_name[ima_hash_algo], CONFIG_IMA_DEFAULT_HASH) !=3D 0) { @@ -1258,7 +1274,7 @@ static int __init init_ima(void) hash_algo_name[ima_hash_algo], CONFIG_IMA_DEFAULT_HASH); hash_setup_done =3D 0; hash_setup(CONFIG_IMA_DEFAULT_HASH); - error =3D ima_init(); + error =3D ima_init_core(late); } =20 if (error) @@ -1274,6 +1290,16 @@ static int __init init_ima(void) return error; } =20 +static int __init init_ima_late(void) +{ + return init_ima(false); +} + +static int __init init_ima_late_sync(void) +{ + return init_ima(true); +} + static struct security_hook_list ima_hooks[] __ro_after_init =3D { LSM_HOOK_INIT(bprm_check_security, ima_bprm_check), LSM_HOOK_INIT(bprm_creds_for_exec, ima_bprm_creds_for_exec), @@ -1319,6 +1345,7 @@ DEFINE_LSM(ima) =3D { .init =3D init_ima_lsm, .order =3D LSM_ORDER_LAST, .blobs =3D &ima_blob_sizes, - /* Start IMA after the TPM is available */ - .initcall_late =3D init_ima, + /* Ensure we start IMA after the TPM is available */ + .initcall_late =3D init_ima_late, + .initcall_late_sync =3D init_ima_late_sync, }; diff --git a/security/integrity/ima/ima_template_lib.c b/security/integrity= /ima/ima_template_lib.c index 0e627eac9c33..8a89236f926c 100644 --- a/security/integrity/ima/ima_template_lib.c +++ b/security/integrity/ima/ima_template_lib.c @@ -363,7 +363,8 @@ int ima_eventdigest_init(struct ima_event_data *event_d= ata, goto out; } =20 - if ((const char *)event_data->filename =3D=3D boot_aggregate_name) { + if ((const char *)event_data->filename =3D=3D boot_aggregate_name || + (const char *)event_data->filename =3D=3D boot_aggregate_late_name) { if (ima_tpm_chip) { hash.hdr.algo =3D HASH_ALGO_SHA1; result =3D ima_calc_boot_aggregate(hash_hdr); --=20 2.53.0 From nobody Fri Jun 19 09:04:59 2026 Received: from the.earth.li (the.earth.li [93.93.131.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DBA533CAE84; Fri, 24 Apr 2026 13:24:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=93.93.131.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777037074; cv=none; b=Go8dzyYuhNQGgXZb0BLMgSJKrTwfOUi/VpeIDaevXaIehbVEMpdOWjwCLyF/MGobmrLvvPHwS/q0H0zZMvBhsOl/wNrEHUdfuGVpprHi1k3idYNmbAv/tb8YUbr9x6IeRlFIIAY/VSiIMekJu1NyCIanDQzoAIKb5+ZdAWe7WDM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777037074; c=relaxed/simple; bh=6Y7kEvWLblX9b7Lo29A/5VKlmbFvHRCAoteZiBjYeAs=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=RJlVINET7q9XKXKbCKPtWwWGaDZFOXx/1IWOQLONPm1w64vOF3BavdhVQyVMt8yLaPWihGK7Et4jxYj/6JeRSY2VYBy0le4yiXQ35L2Jkb/+tXs91c3BwToqiM625gfn/dVrUWzGSG28QHVXGi3USfDzTm7jzuytRRxM66WOveQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=earth.li; spf=pass smtp.mailfrom=earth.li; dkim=pass (2048-bit key) header.d=earth.li header.i=@earth.li header.b=HuVLe4A1; arc=none smtp.client-ip=93.93.131.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=earth.li Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=earth.li Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=earth.li header.i=@earth.li header.b="HuVLe4A1" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=earth.li; s=the; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject: Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=MTLm+QnMa8LZcV3xohAT9xRe8rojyymgVoomkTLpaYs=; b=HuVLe4A1izdqdUfXiweSvrcwPM EZ7E77UWtaAyAGfUmxIohCyfZk9j3YvbBoN7i/7An0T/HXDJVaSal3VdDiCww4SUs3Z/tpRyPIXWA 4fAFlbl+wPkJJdsucxLKh6G1uKDvLkzeDzIAjjw6ppq8XtgA341v+aoXiD2aHVge/oAJ2UeemaL9R Ygs79IRXUITnpHvcULJWMtfdWe4NF1wEMB6mZzadJKwRLoBdqDFoFINyaHaQM3T+Txal5gx7GtOmX E/s/VjcrCynf9yIPqsy66m5m79JTRAE9nIlaGankZ+OXBbf8NOWi5mIZ4zAeWpzR9THZdnaqt/Gp9 aNMqR0DQ==; Received: from noodles by the.earth.li with local (Exim 4.98.2) (envelope-from ) id 1wGGWF-0000000555f-02gD; Fri, 24 Apr 2026 14:24:31 +0100 Date: Fri, 24 Apr 2026 14:24:30 +0100 From: Jonathan McDowell To: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev Cc: paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, zohar@linux.ibm.com, roberto.sassu@huawei.com, dmitry.kasatkin@gmail.com, eric.snowberg@oracle.com, jarkko@kernel.org, jgg@ziepe.ca, sudeep.holla@kernel.org, maz@kernel.org, oupton@kernel.org, joey.gouly@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com, catalin.marinas@arm.com, will@kernel.org, noodles@meta.com, sebastianene@google.com, Yeoreum Yun Subject: [RFC PATCH v3 3/4] Revert "tpm: tpm_crb_ffa: try to probe tpm_crb_ffa when it's built-in" Message-ID: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Yeoreum Yun This reverts commit 746d9e9f62a6e8ba0eba2b83fc61cfe7fa8797ce. Now that IMA will retry in the late_initcall_sync level if the TPM is not available at first, this change is no longer required. Signed-off-by: Yeoreum Yun Signed-off-by: Jonathan McDowell Acked-by: Sudeep Holla --- drivers/char/tpm/tpm_crb_ffa.c | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) diff --git a/drivers/char/tpm/tpm_crb_ffa.c b/drivers/char/tpm/tpm_crb_ffa.c index 99f1c1e5644b..05f19c0ebf82 100644 --- a/drivers/char/tpm/tpm_crb_ffa.c +++ b/drivers/char/tpm/tpm_crb_ffa.c @@ -123,7 +123,6 @@ struct tpm_crb_ffa { }; =20 static struct tpm_crb_ffa *tpm_crb_ffa; -static struct ffa_driver tpm_crb_ffa_driver; =20 static int tpm_crb_ffa_to_linux_errno(int errno) { @@ -177,23 +176,13 @@ static int tpm_crb_ffa_to_linux_errno(int errno) */ int tpm_crb_ffa_init(void) { - int ret =3D 0; - - if (!IS_MODULE(CONFIG_TCG_ARM_CRB_FFA)) { - ret =3D ffa_register(&tpm_crb_ffa_driver); - if (ret) { - tpm_crb_ffa =3D ERR_PTR(-ENODEV); - return ret; - } - } - if (!tpm_crb_ffa) - ret =3D -ENOENT; + return -ENOENT; =20 if (IS_ERR_VALUE(tpm_crb_ffa)) - ret =3D -ENODEV; + return -ENODEV; =20 - return ret; + return 0; } EXPORT_SYMBOL_GPL(tpm_crb_ffa_init); =20 @@ -405,9 +394,7 @@ static struct ffa_driver tpm_crb_ffa_driver =3D { .id_table =3D tpm_crb_ffa_device_id, }; =20 -#ifdef MODULE module_ffa_driver(tpm_crb_ffa_driver); -#endif =20 MODULE_AUTHOR("Arm"); MODULE_DESCRIPTION("TPM CRB FFA driver"); --=20 2.53.0 From nobody Fri Jun 19 09:04:59 2026 Received: from the.earth.li (the.earth.li [93.93.131.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0E2B73D34B7; Fri, 24 Apr 2026 13:24:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=93.93.131.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777037085; cv=none; b=ZaFjU5Ep7ivjA34gdyEd6He3CJ1kMdgTBdZO+SH3Ko3C2XurOT5REg27oUlCF7ogMLopSCugKjAiCF+tHXqfJfjvLASahAMwC4UMseuHwH99iCqVQ9AkfVLwZ0wJ3ifWgz/bdCBOEnReyAZyspvyoo5whbHvfm8yJuzSRCqeQ0E= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777037085; c=relaxed/simple; bh=cxYa9iowJWVapjxFQbjiCF+rrArexlK4NdNqtnwE7Vs=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=XeIoQ3kuJyAtsMDtXd1MR4jyEM50gnPu4W0w5TCgcRFuI/LGWavk+rcaIgtJZyx7VnGy5A6TQKJabp7I/dJT2nk9XI5kHvE0RDg3QNcV+vHL4mzpE5v7L+XRBTt5qDJC7Sd/DJOex5VOpg3Low8wL68idKdcBIvkYX+EilX2Nt4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=earth.li; spf=pass smtp.mailfrom=earth.li; dkim=pass (2048-bit key) header.d=earth.li header.i=@earth.li header.b=fVdQo7DL; arc=none smtp.client-ip=93.93.131.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=earth.li Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=earth.li Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=earth.li header.i=@earth.li header.b="fVdQo7DL" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=earth.li; s=the; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject: Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=NdNIwlr6EYICEoRxPpG8gr4dUMgZUbywrW3X2KQCWS4=; b=fVdQo7DLwhvnr8LSwWr0AJgZ9n NnI+PRLs1iSPv/FGWFsYSEao3/izs4kRQtMLdis1TKFt50zUAyE5xICfYJCmwGHpsFveq00Dt2TX3 m+4ESjKmlE39lccShEg1XoCAMafp69xOHODZMqgaIHad4Ch38lGOPwqQ8EMM9bmswkbiH8M+H1Riw Cv3u+USuE2tB5zISVKWmGR6r7S/Kh2M3FU7P/XGy5e4d23IYEN9oN9cb6WB1VFYt18/kyLF5d44aw EgKFVBNGuc17CJh1a0xMJFcEsngOtw3oscgmmNwsaj5B1462QWjcg810U42GBfLEZ2NFdFnrRlQe6 wN5EgjpA==; Received: from noodles by the.earth.li with local (Exim 4.98.2) (envelope-from ) id 1wGGWQ-0000000556r-0aRd; Fri, 24 Apr 2026 14:24:42 +0100 Date: Fri, 24 Apr 2026 14:24:42 +0100 From: Jonathan McDowell To: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev Cc: paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, zohar@linux.ibm.com, roberto.sassu@huawei.com, dmitry.kasatkin@gmail.com, eric.snowberg@oracle.com, jarkko@kernel.org, jgg@ziepe.ca, sudeep.holla@kernel.org, maz@kernel.org, oupton@kernel.org, joey.gouly@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com, catalin.marinas@arm.com, will@kernel.org, noodles@meta.com, sebastianene@google.com, Yeoreum Yun Subject: [RFC PATCH v3 4/4] Revert "firmware: arm_ffa: Change initcall level of ffa_init() to rootfs_initcall" Message-ID: <2e7b4dc552b45ddf14cc43bc449cbebb4ade0027.1777036497.git.noodles@meta.com> References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Yeoreum Yun This reverts commit 0e0546eabcd6c19765a8dbf5b5db3723e7b0ea75, which was added to address ordering issues with the IMA LSM initialisation where the TPM would not be fully ready by the time IMA wanted it. This has been resolved within IMA by retrying setup during late_initcall_sync if the TPM is not available at first. Signed-off-by: Yeoreum Yun Signed-off-by: Jonathan McDowell Reviewed-by: Sudeep Holla --- drivers/firmware/arm_ffa/driver.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/firmware/arm_ffa/driver.c b/drivers/firmware/arm_ffa/d= river.c index f2f94d4d533e..01547c5c0e38 100644 --- a/drivers/firmware/arm_ffa/driver.c +++ b/drivers/firmware/arm_ffa/driver.c @@ -2106,7 +2106,7 @@ static int __init ffa_init(void) kfree(drv_info); return ret; } -rootfs_initcall(ffa_init); +module_init(ffa_init); =20 static void __exit ffa_exit(void) { --=20 2.53.0 From nobody Fri Jun 19 09:04:59 2026 Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 33DDC2F7462; Wed, 29 Apr 2026 20:01:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=148.163.158.5 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777492916; cv=none; b=V4G/hsOX2uimfWi8YWrzGggHoE5lF+zqgeE73U908luwCKf2WCvkPW2DsW4DPu+0fXAw/sMTZSMSQL/ylKFyQiiORbu2nETx+Y38LuAPMqix2xO66I1tY7iy4FgXtgnzhjp2VKhjKgrNhRXn+nX+Cd37w8H9OpF6Iqabh76JsJM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777492916; c=relaxed/simple; bh=fJSg5n+VTofLF+R3vGeT0B6uJwenTXr9SrOBn2KG+f8=; h=Message-ID:Subject:From:To:Cc:In-Reply-To:References:Content-Type: Date:MIME-Version; b=u8Xap3xTeVjvKIRru02bLB/QbhufSWkjfNjqxtB915GVmfHzag1WxbE6GvdN+XbBrMB7SQqmmoXVfXzttwpMom+UAb7fznyBh/ry22q+1uGNM7qpCNtNmx3G2uAU40cvi4EknmPOHBlzCmeW2UT/eVd9TfOhrHyAVhfWLjMedY4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; spf=pass smtp.mailfrom=linux.ibm.com; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b=XN8bSfMy; arc=none smtp.client-ip=148.163.158.5 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.ibm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ibm.com header.i=@ibm.com header.b="XN8bSfMy" Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 63TFUqIl1317126; Wed, 29 Apr 2026 20:01:16 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=pp1; bh=R2x2PQ rvORUdwNxHDcUtETRc8rS0gty21jpHed4L61s=; b=XN8bSfMyWP8gMr/AlEGpjg I9o25iCplYG0leQKr/pZYRG7PLhl95Ed2+CYsJhH4qP+Lo4NYjDh/HzB9RUOTqL+ aPy3pnBcvVFfaCWE/ZIWOvitKBZ7cJmClG6R6SDSOAwG/NoIkemEPUsSAGJcuprL JMlC3+ku0+VNHW4R3wqWMuI3lcENDx+3vIpxgmBTxPs4Kg0sZZN0Jr6tIKQo5Ue5 +0iKoIDgbNiIWR2wpr8MR39Y1Nap0sXOI5oXtK13NQiai4YmH/AMs7plpOWZY9xy v9R+8j/nJvKvvhjIoJcpuGZCsaHDEe/Az/VoJDq5080NvHc5KXwwK83I9Dml+m0A == Received: from ppma13.dal12v.mail.ibm.com (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4drk1ju408-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 29 Apr 2026 20:01:15 +0000 (GMT) Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1]) by ppma13.dal12v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 63TJrroh010290; Wed, 29 Apr 2026 20:01:14 GMT Received: from smtprelay07.dal12v.mail.ibm.com ([172.16.1.9]) by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 4dsa5gfsjt-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 29 Apr 2026 20:01:14 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (smtpav05.dal12v.mail.ibm.com [10.241.53.104]) by smtprelay07.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 63TK1EAE30343876 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 29 Apr 2026 20:01:14 GMT Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0D87958052; Wed, 29 Apr 2026 20:01:14 +0000 (GMT) Received: from smtpav05.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7D9FA58065; Wed, 29 Apr 2026 20:01:12 +0000 (GMT) Received: from li-43857255-d5e6-4659-90f1-fc5cee4750ad.ibm.com (unknown [9.61.118.181]) by smtpav05.dal12v.mail.ibm.com (Postfix) with ESMTP; Wed, 29 Apr 2026 20:01:12 +0000 (GMT) Message-ID: <7734099f5e7fda5480bca016a9e6707983325fbd.camel@linux.ibm.com> Subject: [PATCH] ima: debugging late_initcall_sync measurements From: Mimi Zohar To: Jonathan McDowell , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, linux-integrity@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.linux.dev Cc: paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, roberto.sassu@huawei.com, dmitry.kasatkin@gmail.com, eric.snowberg@oracle.com, jarkko@kernel.org, jgg@ziepe.ca, sudeep.holla@kernel.org, maz@kernel.org, oupton@kernel.org, joey.gouly@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com, catalin.marinas@arm.com, will@kernel.org, noodles@meta.com, sebastianene@google.com, Yeoreum Yun In-Reply-To: References: Content-Transfer-Encoding: quoted-printable Date: Wed, 29 Apr 2026 16:01:12 -0400 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Evolution 3.56.2 (3.56.2-2.fc42) X-TM-AS-GCONF: 00 X-Proofpoint-Reinject: loops=2 maxloops=12 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNDI5MDE5OCBTYWx0ZWRfX7FCsE6eIcPV0 dRO44UnF0wfI9Fsdy2pzNYSqckElbnehPhzYgU59deAy09/NqVV5peRfk/XnbOaVW4WNoW3yIeh 5F+xYDm7ICIWl6PiWsn9iHAP1ul1MYT7KzCitUYIxkTTG19zx6c8QY6KuVi8oxcM9zdCQPY8ObM r9CMcB2a2GKNRKXO/IeLvVr2M4oKebO8S43cNheX553J3+3F+CUMfY8bMCnlJ8d9j7Ai4xxA0g0 h+c8R0ktb+8HGBQfxSF+PRXxXejvuC6BsLbJf+Fu3oHQivQmbviOYnZP/e+oyKNzqrGn1CZmGWK WiLsM3Uq/RkPd0CFQziWQZ1FSxfcMvfGF0u+zsxxDD7Ya5RQYxWa8fK48enDGobj4cMyO3GfQqZ XEvi6l4hn5CYxmeDkErHfoJjX6+ewPe+gLpxlN/DGP1CJcwZrDob9FSjNkZbySgRy4so59IQp57 iZ9BLkgkza1SODVqvrQ== X-Proofpoint-GUID: G4mI1EHlNTHJ2Sv4EmdWBE_u_oyWeRVx X-Proofpoint-ORIG-GUID: 6taI1q2EF8KzjwX9tVp-Ex5_1ZWFnHn4 X-Authority-Analysis: v=2.4 cv=MohiLWae c=1 sm=1 tr=0 ts=69f2638c cx=c_pps a=AfN7/Ok6k8XGzOShvHwTGQ==:117 a=AfN7/Ok6k8XGzOShvHwTGQ==:17 a=IkcTkHD0fZMA:10 a=A5OVakUREuEA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=Y2IxJ9c9Rs8Kov3niI8_:22 a=VwQbUJbxAAAA:8 a=VabnemYjAAAA:8 a=fWDe5KWseGDh5RaNRN8A:9 a=QEXdDO2ut3YA:10 a=gKebqoRLp9LExxC7YDUY:22 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-04-29_02,2026-04-28_01,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 adultscore=0 suspectscore=0 bulkscore=0 spamscore=0 priorityscore=1501 malwarescore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2604200000 definitions=main-2604290198 Content-Type: text/plain; charset="utf-8" With this "[RFC PATCH v3 0/4] Fix IMA + TPM initialisation ordering issue" patch set, how many records would be missing if IMA initialization is deferred to late_initcall_sync [1]? [1]https://lore.kernel.org/linux-integrity/cover.1777036497.git.noodles@met= a.com/ --- Jonathan, Yeoreum, others - By going into TPM-bypass mode, we can see how many measurements are actually missing when deferring IMA initialization to late_initcall_sync. As this is system/TPM dependent, I'd appreciate your checking. Please use the boot com= mand line option "ima_policy=3Dtcb|critical_data". thanks, Mimi security/integrity/ima/ima.h | 1 + security/integrity/ima/ima_init.c | 6 ++++++ security/integrity/ima/ima_main.c | 19 +++++++++++++++++++ 3 files changed, 26 insertions(+) diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h index 01aae19ed365..9a1117112fb2 100644 --- a/security/integrity/ima/ima.h +++ b/security/integrity/ima/ima.h @@ -286,6 +286,7 @@ extern bool ima_canonical_fmt; =20 /* Internal IMA function definitions */ int ima_init_core(bool late); +int ima_init_debug(bool late); int ima_fs_init(void); int ima_add_template_entry(struct ima_template_entry *entry, int violation, const char *op, struct inode *inode, diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima= _init.c index 5f335834a9bb..edd063b99685 100644 --- a/security/integrity/ima/ima_init.c +++ b/security/integrity/ima/ima_init.c @@ -122,6 +122,12 @@ void __init ima_load_x509(void) } #endif =20 +int __init ima_init_debug(bool late) +{ + ima_add_boot_aggregate(late); /* just add an additional record */ + return 0; +} + int __init ima_init_core(bool late) { int rc; diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima= _main.c index 42099bfe7e43..23e669be54fc 100644 --- a/security/integrity/ima/ima_main.c +++ b/security/integrity/ima/ima_main.c @@ -1254,6 +1254,7 @@ static int ima_kernel_module_request(char *kmod_name) =20 #endif /* CONFIG_INTEGRITY_ASYMMETRIC_KEYS */ =20 +#define TESTING 1 static int __init init_ima(bool late) { int error; @@ -1264,6 +1265,23 @@ static int __init init_ima(bool late) return 0; } =20 +#ifdef TESTING + /* + * Initialize early, even if it means going into TPM-bypass mode, + * but add an additional boot_aggregrate message for the + * late_initcall_sync. + * + * If measurement list records exist between the boot_aggregate + * and the boot_aggregate_late records, these records would be + * missing when IMA initializion is deferred to late_initcall_sync. + */ + if (ima_tpm_chip) { + ima_init_debug(late); /* Add an additional record */ + return 0; + } + + ima_tpm_chip =3D tpm_default_chip(); +#elif /* * If we found the TPM during our first attempt, or we know there's no * TPM, nothing further to do @@ -1276,6 +1294,7 @@ static int __init init_ima(bool late) pr_debug("TPM not available, will try later\n"); return -EPROBE_DEFER; } +#endif =20 if (!ima_tpm_chip) pr_info("No TPM chip found, activating TPM-bypass!\n"); --=20 2.53.0