diff options
author | Bjorn Helgaas <bhelgaas@google.com> | 2024-11-25 13:40:55 -0600 |
---|---|---|
committer | Bjorn Helgaas <bhelgaas@google.com> | 2024-11-25 13:40:55 -0600 |
commit | efcbd9d3975f03c600f42a018f2453f2957042ad (patch) | |
tree | 5868451ee0cff58e62011eb9c1bc082c2bf18eb9 /drivers/pci | |
parent | c03d361c2036f3289a45834fce8372864a4576b3 (diff) | |
parent | 3b96b895127b7c0aed63d82c974b46340e8466c1 (diff) |
Merge branch 'pci/thunderbolt'
- Detect some Thunderbolt chips that are built-in and hence 'trustworthy'
by a heuristic since the 'ExternalFacingPort' and 'usb4-host-interface'
ACPI properties are not quite enough (Esther Shimanovich)
* pci/thunderbolt:
PCI: Detect and trust built-in Thunderbolt chips
Diffstat (limited to 'drivers/pci')
-rw-r--r-- | drivers/pci/probe.c | 30 |
1 files changed, 23 insertions, 7 deletions
diff --git a/drivers/pci/probe.c b/drivers/pci/probe.c index 9b2aa4ef3192..8a7e58e20839 100644 --- a/drivers/pci/probe.c +++ b/drivers/pci/probe.c @@ -1635,23 +1635,33 @@ static void set_pcie_thunderbolt(struct pci_dev *dev) static void set_pcie_untrusted(struct pci_dev *dev) { - struct pci_dev *parent; + struct pci_dev *parent = pci_upstream_bridge(dev); + if (!parent) + return; /* - * If the upstream bridge is untrusted we treat this device + * If the upstream bridge is untrusted we treat this device as * untrusted as well. */ - parent = pci_upstream_bridge(dev); - if (parent && (parent->untrusted || parent->external_facing)) + if (parent->untrusted) { + dev->untrusted = true; + return; + } + + if (arch_pci_dev_is_removable(dev)) { + pci_dbg(dev, "marking as untrusted\n"); dev->untrusted = true; + } } static void pci_set_removable(struct pci_dev *dev) { struct pci_dev *parent = pci_upstream_bridge(dev); + if (!parent) + return; /* - * We (only) consider everything downstream from an external_facing + * We (only) consider everything tunneled below an external_facing * device to be removable by the user. We're mainly concerned with * consumer platforms with user accessible thunderbolt ports that are * vulnerable to DMA attacks, and we expect those ports to be marked by @@ -1661,9 +1671,15 @@ static void pci_set_removable(struct pci_dev *dev) * accessible to user / may not be removed by end user, and thus not * exposed as "removable" to userspace. */ - if (parent && - (parent->external_facing || dev_is_removable(&parent->dev))) + if (dev_is_removable(&parent->dev)) { + dev_set_removable(&dev->dev, DEVICE_REMOVABLE); + return; + } + + if (arch_pci_dev_is_removable(dev)) { + pci_dbg(dev, "marking as removable\n"); dev_set_removable(&dev->dev, DEVICE_REMOVABLE); + } } /** |