diff options
| -rw-r--r-- | src/soc/intel/common/block/include/intelblocks/xdci.h | 1 | ||||
| -rw-r--r-- | src/soc/intel/common/block/xdci/xdci.c | 10 |
2 files changed, 11 insertions, 0 deletions
diff --git a/src/soc/intel/common/block/include/intelblocks/xdci.h b/src/soc/intel/common/block/include/intelblocks/xdci.h index fa25513b70..1158056778 100644 --- a/src/soc/intel/common/block/include/intelblocks/xdci.h +++ b/src/soc/intel/common/block/include/intelblocks/xdci.h @@ -17,5 +17,6 @@ #define SOC_INTEL_COMMON_BLOCK_XDCI_H void soc_xdci_init(struct device *dev); +int xdci_can_enable(void); #endif /* SOC_INTEL_COMMON_BLOCK_XDCI_H */ diff --git a/src/soc/intel/common/block/xdci/xdci.c b/src/soc/intel/common/block/xdci/xdci.c index 10e6f0d10a..07093dfb5e 100644 --- a/src/soc/intel/common/block/xdci/xdci.c +++ b/src/soc/intel/common/block/xdci/xdci.c @@ -19,9 +19,19 @@ #include <device/pci.h> #include <device/pci_ids.h> #include <intelblocks/xdci.h> +#include <security/vboot/vboot_common.h> __attribute__((weak)) void soc_xdci_init(struct device *dev) { /* no-op */ } +/* Only allow xDCI controller in developer mode if VBOOT is enabled */ +int xdci_can_enable(void) +{ + if (IS_ENABLED(CONFIG_VBOOT)) + return vboot_developer_mode_enabled() ? 1 : 0; + else + return 1; +} + static struct device_operations usb_xdci_ops = { .read_resources = &pci_dev_read_resources, .set_resources = &pci_dev_set_resources, |