diff options
author | Tim Wawrzynczak <twawrzynczak@chromium.org> | 2022-02-04 09:31:21 -0700 |
---|---|---|
committer | Felix Held <felix-coreboot@felixheld.de> | 2022-02-09 22:46:03 +0000 |
commit | 09c047c2972720f6c222407db99d5c36f46666dc (patch) | |
tree | f115024d49d9bb310454019d19faff7e96843df9 /src | |
parent | efe0fe2674851ca0decc8ac99f3e2455dbaa0668 (diff) |
drivers/pcie/generic: Add new pcie generic chip driver
This new chip driver will be used for attaching ACPI properties to PCIe
endpoints. The first property it supports is "UntrustedDevice." This
property can be used by a payload to, e.g., restrict the device to its
own IOMMU domain for security purposes. The new property is added by
adding a _DSD and an integer property set to 1.
Example of the property from google/brya0:
Scope (\_SB.PCI0.RP01)
{
Device (DEV0)
{
Name (_ADR, 0x0000000000000000) // _ADR: Address
Name (_DSD, Package (0x02) // _DSD: Device-Specific Data
{
ToUUID ("daffd814-6eba-4d8c-8a91-bc9bbf4aa301") /* Device Properties for _DSD */,
Package (0x01)
{
Package (0x02)
{
"UntrustedDevice",
One
}
}
})
}
}
BUG=b:215424986
TEST=boot patch train on google/brya0, dump SSDT, see above for snippet
Signed-off-by: Tim Wawrzynczak <twawrzynczak@chromium.org>
Change-Id: I53986614dcbf4d10a6bb4010e131f5ff5a9d25cf
Reviewed-on: https://review.coreboot.org/c/coreboot/+/61627
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Nick Vaccaro <nvaccaro@google.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/drivers/pcie/generic/Kconfig | 11 | ||||
-rw-r--r-- | src/drivers/pcie/generic/Makefile.inc | 1 | ||||
-rw-r--r-- | src/drivers/pcie/generic/chip.h | 12 | ||||
-rw-r--r-- | src/drivers/pcie/generic/generic.c | 65 |
4 files changed, 89 insertions, 0 deletions
diff --git a/src/drivers/pcie/generic/Kconfig b/src/drivers/pcie/generic/Kconfig new file mode 100644 index 0000000000..2a68708f61 --- /dev/null +++ b/src/drivers/pcie/generic/Kconfig @@ -0,0 +1,11 @@ +config DRIVERS_PCIE_GENERIC + bool + default n + depends on HAVE_ACPI_TABLES + help + This driver allows attaching arbitrary ACPI properties to + arbitrary PCI root ports or devices. Currently it supports one + property, "UntrustedDevice". This property indicates to the + operating system that the PCIe device may be considered + untrusted, and appropriate policies, e.g. IOMMU isolation, + should take place. diff --git a/src/drivers/pcie/generic/Makefile.inc b/src/drivers/pcie/generic/Makefile.inc new file mode 100644 index 0000000000..f634f256a8 --- /dev/null +++ b/src/drivers/pcie/generic/Makefile.inc @@ -0,0 +1 @@ +ramstage-$(CONFIG_DRIVERS_PCIE_GENERIC) += generic.c diff --git a/src/drivers/pcie/generic/chip.h b/src/drivers/pcie/generic/chip.h new file mode 100644 index 0000000000..3be57de530 --- /dev/null +++ b/src/drivers/pcie/generic/chip.h @@ -0,0 +1,12 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#ifndef _PCIE_GENERIC_H_ +#define _PCIE_GENERIC_H_ + +#include <types.h> + +struct drivers_pcie_generic_config { + bool is_untrusted; +}; + +#endif /* _PCIE_GENERIC_H_ */ diff --git a/src/drivers/pcie/generic/generic.c b/src/drivers/pcie/generic/generic.c new file mode 100644 index 0000000000..2daebdae04 --- /dev/null +++ b/src/drivers/pcie/generic/generic.c @@ -0,0 +1,65 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ + +#include <acpi/acpi.h> +#include <acpi/acpigen.h> +#include <acpi/acpigen_pci.h> +#include <device/device.h> +#include <device/pci.h> +#include "chip.h" + +static const char *pcie_generic_acpi_name(const struct device *dev) +{ + return "DEV0"; +} + +static void pcie_generic_fill_ssdt(const struct device *dev) +{ + struct drivers_pcie_generic_config *config; + struct acpi_dp *dsd; + + if (!is_dev_enabled(dev)) + return; + + pci_rom_ssdt(dev); + + config = dev->chip_info; + if (!config || !config->is_untrusted || !dev->bus || !dev->bus->dev) + return; + + const char *scope = acpi_device_path(dev->bus->dev); + const char *name = acpi_device_name(dev); + + acpigen_write_scope(scope); + acpigen_write_device(name); + acpigen_write_ADR_pci_device(dev); + + dsd = acpi_dp_new_table("_DSD"); + acpi_dp_add_integer(dsd, "UntrustedDevice", 1); + acpi_dp_write(dsd); + + acpigen_write_device_end(); + acpigen_write_scope_end(); + + printk(BIOS_INFO, "%s.%s: Enable ACPI properties for %s (%s)\n", scope, name, + dev_path(dev), dev->chip_ops->name); +} + +struct device_operations pcie_generic_ops = { + .read_resources = pci_dev_read_resources, + .set_resources = pci_dev_set_resources, + .enable_resources = pci_dev_enable_resources, + .init = pci_dev_init, + .ops_pci = &pci_dev_ops_pci, + .acpi_name = pcie_generic_acpi_name, + .acpi_fill_ssdt = pcie_generic_fill_ssdt, +}; + +static void pcie_generic_enable(struct device *dev) +{ + dev->ops = &pcie_generic_ops; +} + +struct chip_operations drivers_pcie_generic_ops = { + CHIP_NAME("PCIe Device") + .enable_dev = pcie_generic_enable +}; |