The information is exported from the IOMMU driver whether or not pre-boot DMA protection has been enabled on AMD systems. Use this information to properly set iomma_dma_protection. Link: https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-kernel-dma-protection Link: https://www.amd.com/system/files/TechDocs/48882_IOMMU.pdf Signed-off-by: Mario Limonciello <mario.limonciello@xxxxxxx> --- drivers/thunderbolt/domain.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/drivers/thunderbolt/domain.c b/drivers/thunderbolt/domain.c index 7018d959f775..e03790735c12 100644 --- a/drivers/thunderbolt/domain.c +++ b/drivers/thunderbolt/domain.c @@ -6,6 +6,7 @@ * Author: Mika Westerberg <mika.westerberg@xxxxxxxxxxxxxxx> */ +#include <linux/amd-iommu.h> #include <linux/device.h> #include <linux/dmar.h> #include <linux/idr.h> @@ -259,11 +260,15 @@ static ssize_t iommu_dma_protection_show(struct device *dev, { /* * Kernel DMA protection is a feature where Thunderbolt security is - * handled natively using IOMMU. It is enabled when IOMMU is - * enabled and ACPI DMAR table has DMAR_PLATFORM_OPT_IN set. + * handled natively using IOMMU. It is enabled when the IOMMU is + * enabled and either: + * ACPI DMAR table has DMAR_PLATFORM_OPT_IN set + * or + * ACPI IVRS table has DMA_REMAP bitset */ return sprintf(buf, "%d\n", - iommu_present(&pci_bus_type) && dmar_platform_optin()); + iommu_present(&pci_bus_type) && + (dmar_platform_optin() || amd_ivrs_remap_support())); } static DEVICE_ATTR_RO(iommu_dma_protection); -- 2.34.1
