Lines Matching +full:protection +full:- +full:domain
1 .. SPDX-License-Identifier: GPL-2.0
22 is expected to be accompanied with an IOMMU based DMA protection.
25 -----------------------------------
27 should be a userspace tool that handles all the low-level details, keeps
31 found in ``Documentation/ABI/testing/sysfs-bus-thunderbolt``.
35 ``/etc/udev/rules.d/99-local.rules``::
89 the Thunderbolt domain the host controller manages. There is typically
90 one domain per Thunderbolt host controller.
102 -----------------------------------------------------------------
105 /sys/bus/thunderbolt/devices/0-1/authorized - 0
106 /sys/bus/thunderbolt/devices/0-1/device - 0x8004
107 /sys/bus/thunderbolt/devices/0-1/device_name - Thunderbolt to FireWire Adapter
108 /sys/bus/thunderbolt/devices/0-1/vendor - 0x1
109 /sys/bus/thunderbolt/devices/0-1/vendor_name - Apple, Inc.
110 /sys/bus/thunderbolt/devices/0-1/unique_id - e0376f00-0300-0100-ffff-ffffffffffff
115 # echo 1 > /sys/bus/thunderbolt/devices/0-1/authorized
119 If the device supports secure connect, and the domain security level is
121 a random 32-byte value used for authorization and challenging the device in
124 /sys/bus/thunderbolt/devices/0-3/authorized - 0
125 /sys/bus/thunderbolt/devices/0-3/device - 0x305
126 /sys/bus/thunderbolt/devices/0-3/device_name - AKiTiO Thunder3 PCIe Box
127 /sys/bus/thunderbolt/devices/0-3/key -
128 /sys/bus/thunderbolt/devices/0-3/vendor - 0x41
129 /sys/bus/thunderbolt/devices/0-3/vendor_name - inXtron
130 /sys/bus/thunderbolt/devices/0-3/unique_id - dc010000-0000-8508-a22d-32ca6421cb16
141 # key=$(openssl rand -hex 32)
142 # echo $key > /sys/bus/thunderbolt/devices/0-3/key
143 # echo 1 > /sys/bus/thunderbolt/devices/0-3/authorized
151 # echo $key > /sys/bus/thunderbolt/devices/0-3/key
152 # echo 2 > /sys/bus/thunderbolt/devices/0-3/authorized
163 De-authorizing devices
164 ----------------------
165 It is possible to de-authorize devices by writing ``0`` to their
167 manager implementation and can be checked by reading domain
171 When a device is de-authorized the PCIe tunnel from the parent device
173 down. This is essentially the same thing as PCIe hot-remove and the PCIe
179 DMA protection utilizing IOMMU
180 ------------------------------
190 protection is handled by the IOMMU, security levels (if set) are
194 authorize devices when IOMMU DMA protection is enabled can use the
200 ----------------------------------------------------
221 device - then you need to connect that particular device).
223 Note an OEM-specific method to power the controller up ("force power") may
227 After that we can write the firmware to the non-active parts of the NVM
231 # dd if=KYK_TBT_FW_0018.bin of=/sys/bus/thunderbolt/devices/0-0/nvm_non_active0/nvmem
236 # echo 1 > /sys/bus/thunderbolt/devices/0-0/nvm_authenticate
246 # cat /sys/bus/thunderbolt/devices/0-0/nvm_authenticate
248 # cat /sys/bus/thunderbolt/devices/0-0/nvm_version
259 Upgrading on-board retimer NVM when there is no cable connected
260 ---------------------------------------------------------------
267 # echo 1 > /sys/bus/thunderbolt/devices/0-0/usb4_port1/offline
273 # echo 1 > /sys/bus/thunderbolt/devices/0-0/usb4_port1/rescan
275 This enumerates and adds the on-board retimers. Now retimer NVM can be
281 # echo 1 > /sys/bus/thunderbolt/devices/0-0/usb4_port1/rescan
286 # echo 0 > /sys/bus/thunderbolt/devices/0-0/usb4_port1/offline
289 --------------------------------------------------
300 ---------------------------------
309 ``thunderbolt-net`` driver is loaded automatically. If the other host is
310 also Linux you should load ``thunderbolt-net`` manually on one host (it
313 # modprobe thunderbolt-net
316 is built-in to the kernel image, there is no need to do anything.
324 -------------
330 For example the intel-wmi-thunderbolt driver exposes this attribute in:
331 /sys/bus/wmi/devices/86CCFD48-205E-4A77-9C48-2021CBEDE341/force_power