[PATCH 2/2] thunderbolt: Use pre-boot DMA protection on AMD systems
From: Mario Limonciello
Date: Tue Mar 15 2022 - 12:26:13 EST
The information is exported from the IOMMU driver whether or not
pre-boot DMA protection has been enabled on AMD systems. Use this
information to properly set iomma_dma_protection.
Link: https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-kernel-dma-protection
Link: https://www.amd.com/system/files/TechDocs/48882_IOMMU.pdf
Signed-off-by: Mario Limonciello <mario.limonciello@xxxxxxx>
---
drivers/thunderbolt/domain.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/drivers/thunderbolt/domain.c b/drivers/thunderbolt/domain.c
index 7018d959f775..e03790735c12 100644
--- a/drivers/thunderbolt/domain.c
+++ b/drivers/thunderbolt/domain.c
@@ -6,6 +6,7 @@
* Author: Mika Westerberg <mika.westerberg@xxxxxxxxxxxxxxx>
*/
+#include <linux/amd-iommu.h>
#include <linux/device.h>
#include <linux/dmar.h>
#include <linux/idr.h>
@@ -259,11 +260,15 @@ static ssize_t iommu_dma_protection_show(struct device *dev,
{
/*
* Kernel DMA protection is a feature where Thunderbolt security is
- * handled natively using IOMMU. It is enabled when IOMMU is
- * enabled and ACPI DMAR table has DMAR_PLATFORM_OPT_IN set.
+ * handled natively using IOMMU. It is enabled when the IOMMU is
+ * enabled and either:
+ * ACPI DMAR table has DMAR_PLATFORM_OPT_IN set
+ * or
+ * ACPI IVRS table has DMA_REMAP bitset
*/
return sprintf(buf, "%d\n",
- iommu_present(&pci_bus_type) && dmar_platform_optin());
+ iommu_present(&pci_bus_type) &&
+ (dmar_platform_optin() || amd_ivrs_remap_support()));
}
static DEVICE_ATTR_RO(iommu_dma_protection);
--
2.34.1