Searched hist:"9 aaa3b8b4c56d24210acef37b7c800ca218c3d40" (Results 1 – 4 of 4) sorted by relevance
| /linux/include/linux/ |
| H A D | thunderbolt.h | diff 9aaa3b8b4c56d24210acef37b7c800ca218c3d40 Sun Jan 21 11:08:04 CET 2018 Mika Westerberg <mika.westerberg@linux.intel.com> thunderbolt: Add support for preboot ACL
Preboot ACL is a mechanism that allows connecting Thunderbolt devices
boot time in more secure way than the legacy Thunderbolt boot support.
As with the legacy boot option, this also needs to be enabled from the
BIOS before booting is allowed. Difference to the legacy mode is that
the userspace software explicitly adds device UUIDs by sending a special
message to the ICM firmware. Only the devices listed in the boot ACL are
connected automatically during the boot. This works in both "user" and
"secure" security levels.
We implement this in Linux by exposing a new sysfs attribute (boot_acl)
below each Thunderbolt domain. The userspace software can then update
the full list as needed.
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
|
| /linux/Documentation/ABI/testing/ |
| H A D | sysfs-bus-thunderbolt | diff 9aaa3b8b4c56d24210acef37b7c800ca218c3d40 Sun Jan 21 11:08:04 CET 2018 Mika Westerberg <mika.westerberg@linux.intel.com> thunderbolt: Add support for preboot ACL
Preboot ACL is a mechanism that allows connecting Thunderbolt devices
boot time in more secure way than the legacy Thunderbolt boot support.
As with the legacy boot option, this also needs to be enabled from the
BIOS before booting is allowed. Difference to the legacy mode is that
the userspace software explicitly adds device UUIDs by sending a special
message to the ICM firmware. Only the devices listed in the boot ACL are
connected automatically during the boot. This works in both "user" and
"secure" security levels.
We implement this in Linux by exposing a new sysfs attribute (boot_acl)
below each Thunderbolt domain. The userspace software can then update
the full list as needed.
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
|
| /linux/drivers/thunderbolt/ |
| H A D | domain.c | diff 9aaa3b8b4c56d24210acef37b7c800ca218c3d40 Sun Jan 21 11:08:04 CET 2018 Mika Westerberg <mika.westerberg@linux.intel.com> thunderbolt: Add support for preboot ACL
Preboot ACL is a mechanism that allows connecting Thunderbolt devices
boot time in more secure way than the legacy Thunderbolt boot support.
As with the legacy boot option, this also needs to be enabled from the
BIOS before booting is allowed. Difference to the legacy mode is that
the userspace software explicitly adds device UUIDs by sending a special
message to the ICM firmware. Only the devices listed in the boot ACL are
connected automatically during the boot. This works in both "user" and
"secure" security levels.
We implement this in Linux by exposing a new sysfs attribute (boot_acl)
below each Thunderbolt domain. The userspace software can then update
the full list as needed.
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
|
| H A D | tb.h | diff 9aaa3b8b4c56d24210acef37b7c800ca218c3d40 Sun Jan 21 11:08:04 CET 2018 Mika Westerberg <mika.westerberg@linux.intel.com> thunderbolt: Add support for preboot ACL
Preboot ACL is a mechanism that allows connecting Thunderbolt devices
boot time in more secure way than the legacy Thunderbolt boot support.
As with the legacy boot option, this also needs to be enabled from the
BIOS before booting is allowed. Difference to the legacy mode is that
the userspace software explicitly adds device UUIDs by sending a special
message to the ICM firmware. Only the devices listed in the boot ACL are
connected automatically during the boot. This works in both "user" and
"secure" security levels.
We implement this in Linux by exposing a new sysfs attribute (boot_acl)
below each Thunderbolt domain. The userspace software can then update
the full list as needed.
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>
|