John Zhao uploaded patch set #18 to this change.

View Change

soc/intel/tigerlake: Disable Thunderbolt PCIe root ports bus master

This change disables Thunderbolt PCIe root ports bus master before
handing over to payload in order to mitigate the threat from the
unauthorized external DMA. In this state, the PCIe root ports would
be considered as trusted to not forward any DMA transactions to
downstream endpoint devices.

BUG=b:141609884
TEST=Verified PCIe resource has been allocated properly and USB behind
Thunderbolt dock is enumerated successfully.

Change-Id: I9650b9dd4df1f9bee53ae3737b7bf60b2ef8017b
Signed-off-by: John Zhao <john.zhao@intel.com>
---
M src/soc/intel/tigerlake/finalize.c
M src/soc/intel/tigerlake/include/soc/pci_devs.h
2 files changed, 16 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/68/40968/18

To view, visit change 40968. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I9650b9dd4df1f9bee53ae3737b7bf60b2ef8017b
Gerrit-Change-Number: 40968
Gerrit-PatchSet: 18
Gerrit-Owner: John Zhao <john.zhao@intel.com>
Gerrit-Reviewer: Alex Levin <levinale@google.com>
Gerrit-Reviewer: Angel Pons <th3fanbus@gmail.com>
Gerrit-Reviewer: Caveh Jalali <caveh@chromium.org>
Gerrit-Reviewer: Divya S Sasidharan <divya.s.sasidharan@intel.com>
Gerrit-Reviewer: Duncan Laurie <dlaurie@chromium.org>
Gerrit-Reviewer: John Zhao <john.zhao@intel.com>
Gerrit-Reviewer: Martin Roth <martinroth@google.com>
Gerrit-Reviewer: Patrick Georgi <pgeorgi@google.com>
Gerrit-Reviewer: Patrick Rudolph <siro@das-labor.org>
Gerrit-Reviewer: Prashant Malani <pmalani@google.com>
Gerrit-Reviewer: Shamile Khan <shamile.khan@intel.com>
Gerrit-Reviewer: Wonkyu Kim <wonkyu.kim@intel.com>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-CC: Felix Singer <felixsinger@posteo.net>
Gerrit-CC: Aaron Durbin <adurbin@chromium.org>
Gerrit-CC: Chiranjeevi Rapolu <chiranjeevi.rapolu@intel.corp-partner.google.com>
Gerrit-CC: Divya Sasidharan <divya.s.sasidharan@intel.corp-partner.google.com>
Gerrit-CC: Lalithambika Krishnakumar <lalithambika.krishnakumar@intel.corp-partner.google.com>
Gerrit-CC: Nico Huber <nico.h@gmx.de>
Gerrit-CC: Patrick Rudolph <patrick.rudolph@9elements.com>
Gerrit-CC: Paul Menzel <paulepanter@users.sourceforge.net>
Gerrit-CC: Tanu Malhotra <tanu.malhotra@intel.com>
Gerrit-CC: Tim Wawrzynczak <twawrzynczak@chromium.org>
Gerrit-MessageType: newpatchset