Lines Matching +full:non +full:- +full:secure +full:- +full:domain
1 .. SPDX-License-Identifier: GPL-2.0
25 -----------------------------------
27 should be a userspace tool that handles all the low-level details, keeps
31 found in ``Documentation/ABI/testing/sysfs-bus-thunderbolt``.
35 ``/etc/udev/rules.d/99-local.rules``::
66 secure
68 addition to UUID the device (if it supports secure connect) is sent
89 the Thunderbolt domain the host controller manages. There is typically
90 one domain per Thunderbolt host controller.
92 If the security level reads as ``user`` or ``secure`` the connected
101 Authorizing devices when security level is ``user`` or ``secure``
102 -----------------------------------------------------------------
105 /sys/bus/thunderbolt/devices/0-1/authorized - 0
106 /sys/bus/thunderbolt/devices/0-1/device - 0x8004
107 /sys/bus/thunderbolt/devices/0-1/device_name - Thunderbolt to FireWire Adapter
108 /sys/bus/thunderbolt/devices/0-1/vendor - 0x1
109 /sys/bus/thunderbolt/devices/0-1/vendor_name - Apple, Inc.
110 /sys/bus/thunderbolt/devices/0-1/unique_id - e0376f00-0300-0100-ffff-ffffffffffff
115 # echo 1 > /sys/bus/thunderbolt/devices/0-1/authorized
119 If the device supports secure connect, and the domain security level is
120 set to ``secure``, it has an additional attribute ``key`` which can hold
121 a random 32-byte value used for authorization and challenging the device in
124 /sys/bus/thunderbolt/devices/0-3/authorized - 0
125 /sys/bus/thunderbolt/devices/0-3/device - 0x305
126 /sys/bus/thunderbolt/devices/0-3/device_name - AKiTiO Thunder3 PCIe Box
127 /sys/bus/thunderbolt/devices/0-3/key -
128 /sys/bus/thunderbolt/devices/0-3/vendor - 0x41
129 /sys/bus/thunderbolt/devices/0-3/vendor_name - inXtron
130 /sys/bus/thunderbolt/devices/0-3/unique_id - dc010000-0000-8508-a22d-32ca6421cb16
134 If the user does not want to use secure connect they can just ``echo 1``
138 If the user wants to use secure connect, the first time the device is
141 # key=$(openssl rand -hex 32)
142 # echo $key > /sys/bus/thunderbolt/devices/0-3/key
143 # echo 1 > /sys/bus/thunderbolt/devices/0-3/authorized
151 # echo $key > /sys/bus/thunderbolt/devices/0-3/key
152 # echo 2 > /sys/bus/thunderbolt/devices/0-3/authorized
163 De-authorizing devices
164 ----------------------
165 It is possible to de-authorize devices by writing ``0`` to their
167 manager implementation and can be checked by reading domain
171 When a device is de-authorized the PCIe tunnel from the parent device
173 down. This is essentially the same thing as PCIe hot-remove and the PCIe
180 ------------------------------
200 ----------------------------------------------------
221 device - then you need to connect that particular device).
223 Note an OEM-specific method to power the controller up ("force power") may
227 After that we can write the firmware to the non-active parts of the NVM
231 # dd if=KYK_TBT_FW_0018.bin of=/sys/bus/thunderbolt/devices/0-0/nvm_non_active0/nvmem
236 # echo 1 > /sys/bus/thunderbolt/devices/0-0/nvm_authenticate
246 # cat /sys/bus/thunderbolt/devices/0-0/nvm_authenticate
248 # cat /sys/bus/thunderbolt/devices/0-0/nvm_version
259 Upgrading on-board retimer NVM when there is no cable connected
260 ---------------------------------------------------------------
267 # echo 1 > /sys/bus/thunderbolt/devices/0-0/usb4_port1/offline
273 # echo 1 > /sys/bus/thunderbolt/devices/0-0/usb4_port1/rescan
275 This enumerates and adds the on-board retimers. Now retimer NVM can be
281 # echo 1 > /sys/bus/thunderbolt/devices/0-0/usb4_port1/rescan
286 # echo 0 > /sys/bus/thunderbolt/devices/0-0/usb4_port1/offline
289 --------------------------------------------------
300 ---------------------------------
309 ``thunderbolt-net`` driver is loaded automatically. If the other host is
310 also Linux you should load ``thunderbolt-net`` manually on one host (it
313 # modprobe thunderbolt-net
316 is built-in to the kernel image, there is no need to do anything.
324 -------------
330 For example the intel-wmi-thunderbolt driver exposes this attribute in:
331 /sys/bus/wmi/devices/86CCFD48-205E-4A77-9C48-2021CBEDE341/force_power