summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorTim Wawrzynczak <twawrzynczak@chromium.org>2022-02-04 09:31:21 -0700
committerFelix Held <felix-coreboot@felixheld.de>2022-02-09 22:46:03 +0000
commit09c047c2972720f6c222407db99d5c36f46666dc (patch)
treef115024d49d9bb310454019d19faff7e96843df9 /src
parentefe0fe2674851ca0decc8ac99f3e2455dbaa0668 (diff)
drivers/pcie/generic: Add new pcie generic chip driver
This new chip driver will be used for attaching ACPI properties to PCIe endpoints. The first property it supports is "UntrustedDevice." This property can be used by a payload to, e.g., restrict the device to its own IOMMU domain for security purposes. The new property is added by adding a _DSD and an integer property set to 1. Example of the property from google/brya0: Scope (\_SB.PCI0.RP01) { Device (DEV0) { Name (_ADR, 0x0000000000000000) // _ADR: Address Name (_DSD, Package (0x02) // _DSD: Device-Specific Data { ToUUID ("daffd814-6eba-4d8c-8a91-bc9bbf4aa301") /* Device Properties for _DSD */, Package (0x01) { Package (0x02) { "UntrustedDevice", One } } }) } } BUG=b:215424986 TEST=boot patch train on google/brya0, dump SSDT, see above for snippet Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org> Change-Id: I53986614dcbf4d10a6bb4010e131f5ff5a9d25cf Reviewed-on: https://review.coreboot.org/c/coreboot/+/61627 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Nick Vaccaro <nvaccaro@google.com>
Diffstat (limited to 'src')
-rw-r--r--src/drivers/pcie/generic/Kconfig11
-rw-r--r--src/drivers/pcie/generic/Makefile.inc1
-rw-r--r--src/drivers/pcie/generic/chip.h12
-rw-r--r--src/drivers/pcie/generic/generic.c65
4 files changed, 89 insertions, 0 deletions
diff --git a/src/drivers/pcie/generic/Kconfig b/src/drivers/pcie/generic/Kconfig
new file mode 100644
index 0000000000..2a68708f61
--- /dev/null
+++ b/src/drivers/pcie/generic/Kconfig
@@ -0,0 +1,11 @@
+config DRIVERS_PCIE_GENERIC
+ bool
+ default n
+ depends on HAVE_ACPI_TABLES
+ help
+ This driver allows attaching arbitrary ACPI properties to
+ arbitrary PCI root ports or devices. Currently it supports one
+ property, "UntrustedDevice". This property indicates to the
+ operating system that the PCIe device may be considered
+ untrusted, and appropriate policies, e.g. IOMMU isolation,
+ should take place.
diff --git a/src/drivers/pcie/generic/Makefile.inc b/src/drivers/pcie/generic/Makefile.inc
new file mode 100644
index 0000000000..f634f256a8
--- /dev/null
+++ b/src/drivers/pcie/generic/Makefile.inc
@@ -0,0 +1 @@
+ramstage-$(CONFIG_DRIVERS_PCIE_GENERIC) += generic.c
diff --git a/src/drivers/pcie/generic/chip.h b/src/drivers/pcie/generic/chip.h
new file mode 100644
index 0000000000..3be57de530
--- /dev/null
+++ b/src/drivers/pcie/generic/chip.h
@@ -0,0 +1,12 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#ifndef _PCIE_GENERIC_H_
+#define _PCIE_GENERIC_H_
+
+#include <types.h>
+
+struct drivers_pcie_generic_config {
+ bool is_untrusted;
+};
+
+#endif /* _PCIE_GENERIC_H_ */
diff --git a/src/drivers/pcie/generic/generic.c b/src/drivers/pcie/generic/generic.c
new file mode 100644
index 0000000000..2daebdae04
--- /dev/null
+++ b/src/drivers/pcie/generic/generic.c
@@ -0,0 +1,65 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#include <acpi/acpi.h>
+#include <acpi/acpigen.h>
+#include <acpi/acpigen_pci.h>
+#include <device/device.h>
+#include <device/pci.h>
+#include "chip.h"
+
+static const char *pcie_generic_acpi_name(const struct device *dev)
+{
+ return "DEV0";
+}
+
+static void pcie_generic_fill_ssdt(const struct device *dev)
+{
+ struct drivers_pcie_generic_config *config;
+ struct acpi_dp *dsd;
+
+ if (!is_dev_enabled(dev))
+ return;
+
+ pci_rom_ssdt(dev);
+
+ config = dev->chip_info;
+ if (!config || !config->is_untrusted || !dev->bus || !dev->bus->dev)
+ return;
+
+ const char *scope = acpi_device_path(dev->bus->dev);
+ const char *name = acpi_device_name(dev);
+
+ acpigen_write_scope(scope);
+ acpigen_write_device(name);
+ acpigen_write_ADR_pci_device(dev);
+
+ dsd = acpi_dp_new_table("_DSD");
+ acpi_dp_add_integer(dsd, "UntrustedDevice", 1);
+ acpi_dp_write(dsd);
+
+ acpigen_write_device_end();
+ acpigen_write_scope_end();
+
+ printk(BIOS_INFO, "%s.%s: Enable ACPI properties for %s (%s)\n", scope, name,
+ dev_path(dev), dev->chip_ops->name);
+}
+
+struct device_operations pcie_generic_ops = {
+ .read_resources = pci_dev_read_resources,
+ .set_resources = pci_dev_set_resources,
+ .enable_resources = pci_dev_enable_resources,
+ .init = pci_dev_init,
+ .ops_pci = &pci_dev_ops_pci,
+ .acpi_name = pcie_generic_acpi_name,
+ .acpi_fill_ssdt = pcie_generic_fill_ssdt,
+};
+
+static void pcie_generic_enable(struct device *dev)
+{
+ dev->ops = &pcie_generic_ops;
+}
+
+struct chip_operations drivers_pcie_generic_ops = {
+ CHIP_NAME("PCIe Device")
+ .enable_dev = pcie_generic_enable
+};