From 6419fbf1939cecfe547f140841452ff93282e1b9 Mon Sep 17 00:00:00 2001 From: Reka Norman Date: Mon, 12 Dec 2022 10:32:53 +1100 Subject: [PATCH] drivers/intel/ish: Allow adding DmaProperty to _DSD On nissa, the ISH is running closed source firmware, so the ChromeOS security requirements specify it must be behind an IOMMU. Allow adding DmaProperty to the _DSD of the ISH device. This will result in the kernel marking the device as untrusted. BUG=b:249846505 TEST=Check SSDT is correct, and kernel detects the DmaProperty and firmware-name properties. SSDT entry on yaviks with both add_acpi_dma_property and firmware_name set in devictree: Scope (\_SB.PCI0.ISHB) { Name (_DSD, Package (0x04) // _DSD: Device-Specific Data { ToUUID ("daffd814-6eba-4d8c-8a91-bc9bbf4aa301") /* Device Properties for _DSD */, Package (0x01) { Package (0x02) { "firmware-name", "adl_ish_lite.bin" } }, ToUUID ("70d24161-6dd5-4c9e-8070-705531292865"), Package (0x01) { Package (0x02) { "DmaProperty", One } } }) } Change-Id: Ie1539fc757e72e995e98c3ecf83e705e3bede8c0 Signed-off-by: Reka Norman Reviewed-on: https://review.coreboot.org/c/coreboot/+/70632 Tested-by: build bot (Jenkins) Reviewed-by: Subrata Banik Reviewed-by: Kangheui Won Reviewed-by: Eric Lai --- src/drivers/intel/ish/chip.h | 3 +++ src/drivers/intel/ish/ish.c | 16 +++++++++++----- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/src/drivers/intel/ish/chip.h b/src/drivers/intel/ish/chip.h index 6f8c0c6df5..e7bb8f87e5 100644 --- a/src/drivers/intel/ish/chip.h +++ b/src/drivers/intel/ish/chip.h @@ -6,4 +6,7 @@ struct drivers_intel_ish_config { /* Firmware name used by kernel for loading ISH firmware */ const char *firmware_name; + + /* Add `DmaProperty` in _DSD */ + bool add_acpi_dma_property; }; diff --git a/src/drivers/intel/ish/ish.c b/src/drivers/intel/ish/ish.c index 2403333be1..5dbb26e87e 100644 --- a/src/drivers/intel/ish/ish.c +++ b/src/drivers/intel/ish/ish.c @@ -13,19 +13,25 @@ static void ish_fill_ssdt_generator(const struct device *dev) struct device *root = dev->bus->dev; struct acpi_dp *dsd; - if (!config || !config->firmware_name) + if (!config) return; acpigen_write_scope(acpi_device_path(root)); dsd = acpi_dp_new_table("_DSD"); - acpi_dp_add_string(dsd, "firmware-name", config->firmware_name); + + if (config->firmware_name) { + acpi_dp_add_string(dsd, "firmware-name", config->firmware_name); + printk(BIOS_INFO, "%s: Set firmware-name: %s\n", + acpi_device_path(root), config->firmware_name); + } + + if (config->add_acpi_dma_property) + acpi_device_add_dma_property(dsd); + acpi_dp_write(dsd); acpigen_pop_len(); /* Scope */ - - printk(BIOS_INFO, "%s: Set firmware-name: %s\n", - acpi_device_path(root), config->firmware_name); } static struct device_operations intel_ish_ops = {