diff options
author | Reka Norman <rekanorman@google.com> | 2022-12-12 10:32:53 +1100 |
---|---|---|
committer | Felix Held <felix-coreboot@felixheld.de> | 2022-12-13 14:52:37 +0000 |
commit | 6419fbf1939cecfe547f140841452ff93282e1b9 (patch) | |
tree | a1ad12f7c340dada2d513b445b6f0b37c5a49e91 /src/drivers/intel/ish | |
parent | 0423bce8e8d7bdbb817a4d958b8a332b69e9f8d1 (diff) |
drivers/intel/ish: Allow adding DmaProperty to _DSD
On nissa, the ISH is running closed source firmware, so the ChromeOS
security requirements specify it must be behind an IOMMU. Allow adding
DmaProperty to the _DSD of the ISH device. This will result in the
kernel marking the device as untrusted.
BUG=b:249846505
TEST=Check SSDT is correct, and kernel detects the DmaProperty and
firmware-name properties.
SSDT entry on yaviks with both add_acpi_dma_property and firmware_name
set in devictree:
Scope (\_SB.PCI0.ISHB)
{
Name (_DSD, Package (0x04) // _DSD: Device-Specific Data
{
ToUUID ("daffd814-6eba-4d8c-8a91-bc9bbf4aa301") /* Device Properties for _DSD */,
Package (0x01)
{
Package (0x02)
{
"firmware-name",
"adl_ish_lite.bin"
}
},
ToUUID ("70d24161-6dd5-4c9e-8070-705531292865"),
Package (0x01)
{
Package (0x02)
{
"DmaProperty",
One
}
}
})
}
Change-Id: Ie1539fc757e72e995e98c3ecf83e705e3bede8c0
Signed-off-by: Reka Norman <rekanorman@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/70632
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Subrata Banik <subratabanik@google.com>
Reviewed-by: Kangheui Won <khwon@chromium.org>
Reviewed-by: Eric Lai <eric_lai@quanta.corp-partner.google.com>
Diffstat (limited to 'src/drivers/intel/ish')
-rw-r--r-- | src/drivers/intel/ish/chip.h | 3 | ||||
-rw-r--r-- | src/drivers/intel/ish/ish.c | 16 |
2 files changed, 14 insertions, 5 deletions
diff --git a/src/drivers/intel/ish/chip.h b/src/drivers/intel/ish/chip.h index 6f8c0c6df5..e7bb8f87e5 100644 --- a/src/drivers/intel/ish/chip.h +++ b/src/drivers/intel/ish/chip.h @@ -6,4 +6,7 @@ struct drivers_intel_ish_config { /* Firmware name used by kernel for loading ISH firmware */ const char *firmware_name; + + /* Add `DmaProperty` in _DSD */ + bool add_acpi_dma_property; }; diff --git a/src/drivers/intel/ish/ish.c b/src/drivers/intel/ish/ish.c index 2403333be1..5dbb26e87e 100644 --- a/src/drivers/intel/ish/ish.c +++ b/src/drivers/intel/ish/ish.c @@ -13,19 +13,25 @@ static void ish_fill_ssdt_generator(const struct device *dev) struct device *root = dev->bus->dev; struct acpi_dp *dsd; - if (!config || !config->firmware_name) + if (!config) return; acpigen_write_scope(acpi_device_path(root)); dsd = acpi_dp_new_table("_DSD"); - acpi_dp_add_string(dsd, "firmware-name", config->firmware_name); + + if (config->firmware_name) { + acpi_dp_add_string(dsd, "firmware-name", config->firmware_name); + printk(BIOS_INFO, "%s: Set firmware-name: %s\n", + acpi_device_path(root), config->firmware_name); + } + + if (config->add_acpi_dma_property) + acpi_device_add_dma_property(dsd); + acpi_dp_write(dsd); acpigen_pop_len(); /* Scope */ - - printk(BIOS_INFO, "%s: Set firmware-name: %s\n", - acpi_device_path(root), config->firmware_name); } static struct device_operations intel_ish_ops = { |