Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/32432 )
Change subject: soc/intel/cnl: Enable VT-d ......................................................................
Patch Set 6:
(1 comment)
https://review.coreboot.org/#/c/32432/3/src/soc/intel/cannonlake/acpi.c File src/soc/intel/cannonlake/acpi.c:
https://review.coreboot.org/#/c/32432/3/src/soc/intel/cannonlake/acpi.c@364 PS3, Line 364: any platform initiated DMA : * is restricted
IMHO, this bit should only be set in coreboot if the payload is already an OS kernel.
Rather than payload already being an OS kernel, I think it should be set only if coreboot is actually restricting DMA access outside of RMRR ranges? From the Linux patch you linked: "Returns true if the platform has %DMA_CTRL_PLATFORM_OPT_IN_FLAG set in the ACPI DMAR table. This means that the platform boot firmware has made sure no device can issue DMA outside of RMRR regions."
IMHO, that's as ambiguous as the spec. "has made sure" by what means? IOMMU or proper driver code? I think the only chance to know is to ask the author of the spec to clarify it.
NB. To me both wordings read like the firmware has already configured the IOMMU's page tables and turned it on. But then I wonder why wouldn't they just say so?