[Skiboot] [RFC 2/2] pci/quirk: Populate device tree for AST2400 VGA

Russell Currey ruscur at russell.cc
Tue Dec 20 17:53:33 AEDT 2016


Adding these properties enables the kernel to function in the same way
that it would if it could no longer access BMC configuration registers
through a backdoor, which may become the default in future.

The comments describe how isolating the host from the BMC could be
achieved in skiboot, assuming all kernels that the system boots
support this.  Isolating the BMC and the host from each other is
important if they are owned by different parties; for example, a cloud
provider renting machines "bare metal".

Signed-off-by: Russell Currey <ruscur at russell.cc>
---
 core/pci-quirk.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
 include/ast.h    |  6 ++++++
 2 files changed, 51 insertions(+)

diff --git a/core/pci-quirk.c b/core/pci-quirk.c
index 708f07fc..a8fc75c6 100644
--- a/core/pci-quirk.c
+++ b/core/pci-quirk.c
@@ -19,8 +19,53 @@
 #include <pci-quirk.h>
 #include <ast.h>
 
+static void quirk_astbmc_vga(struct phb *phb __unused,
+			     struct pci_device *pd __unused,
+			     struct dt_node *np)
+{
+	uint32_t revision, mcr_configuration, mcr_scu_mpll;
+
+	/*
+	 * These accesses will only work if the BMC address 0x1E6E2180 is set
+	 * to 0x7B, which is its default state on current systems.  In future,
+	 * for security purposes it is proposed to configure this register to
+	 * disallow accesses from the host, and provide the properties that
+	 * the Linux ast VGA driver used through the device tree instead.
+	 * Here we set those properties so we can test how things would work
+	 * if the window into BMC memory was closed.
+	 *
+	 * If both the petitboot kernel and the host kernel have an ast driver
+	 * that reads properties from the device tree, setting 0x1E6E2180 to
+	 * 0x79 will disable the backdoor into BMC memory and the only way the
+	 * ast driver can operate is using the device tree properties.
+	 */
+
+	revision = ast_ahb_readl(SCU_REVISION_ID);
+	mcr_configuration = ast_ahb_readl(MCR_CONFIGURATION);
+	mcr_scu_mpll = ast_ahb_readl(MCR_SCU_MPLL);
+	dt_add_property_cells(np, "ast,scu-revision-id", revision);
+	dt_add_property_cells(np, "ast,mcr-configuration", mcr_configuration);
+	dt_add_property_cells(np, "ast,mcr-scu-mpll", mcr_scu_mpll);
+
+	/*
+	 * if
+	 *    - the petitboot kernel supports an ast driver that uses DT
+	 *    - every host kernel supports an ast driver that uses DT
+	 *    - the host can't flash unsigned skiboots
+	 *
+	 * then enabling the line below will allow the host and the BMC to be
+	 * securely isolated from each other, without changing what's running
+	 * on the BMC.
+	 */
+
+	/* ast_ahb_writel(0x79, 0x1E6E2180); */
+}
+
 /* Quirks are: {fixup function, vendor ID, (device ID or PCI_ANY_ID)} */
 static const struct pci_quirk quirk_table[] = {
+	/* ASPEED 2400 VGA device */
+	{ &quirk_astbmc_vga, 0x1a03, 0x2000 },
+
 	{0}
 };
 
diff --git a/include/ast.h b/include/ast.h
index c7bf0cb3..59973075 100644
--- a/include/ast.h
+++ b/include/ast.h
@@ -51,6 +51,12 @@
 /* SCU registers */
 #define SCU_BASE		0x1e6e2000
 #define SCU_HW_STRAPPING	(SCU_BASE + 0x70)
+#define SCU_REVISION_ID		(SCU_BASE + 0x7C)
+
+/* MCR registers */
+#define MCR_BASE		0x1e6e0000
+#define MCR_CONFIGURATION	(MCR_BASE + 0x04)
+#define MCR_SCU_MPLL		(MCR_BASE + 0x120)
 
 /*
  * AHB Accessors
-- 
2.11.0



More information about the Skiboot mailing list