xref: /linux/Documentation/ABI/testing/sysfs-bus-thunderbolt (revision e6b245ccd524441f462f1ca1fe726123dcedeeee) 
1f67cf491SMika WesterbergWhat: /sys/bus/thunderbolt/devices/.../domainX/security
2f67cf491SMika WesterbergDate:		Sep 2017
3f67cf491SMika WesterbergKernelVersion:	4.13
4f67cf491SMika WesterbergContact:	thunderbolt-software@lists.01.org
5f67cf491SMika WesterbergDescription:	This attribute holds current Thunderbolt security level
6f67cf491SMika Westerberg		set by the system BIOS. Possible values are:
7f67cf491SMika Westerberg
8f67cf491SMika Westerberg		none: All devices are automatically authorized
9f67cf491SMika Westerberg		user: Devices are only authorized based on writing
10f67cf491SMika Westerberg		      appropriate value to the authorized attribute
11f67cf491SMika Westerberg		secure: Require devices that support secure connect at
12f67cf491SMika Westerberg			minimum. User needs to authorize each device.
13f67cf491SMika Westerberg		dponly: Automatically tunnel Display port (and USB). No
14f67cf491SMika Westerberg			PCIe tunnels are created.
15f67cf491SMika Westerberg
16f67cf491SMika WesterbergWhat: /sys/bus/thunderbolt/devices/.../authorized
17f67cf491SMika WesterbergDate:		Sep 2017
18f67cf491SMika WesterbergKernelVersion:	4.13
19f67cf491SMika WesterbergContact:	thunderbolt-software@lists.01.org
20f67cf491SMika WesterbergDescription:	This attribute is used to authorize Thunderbolt devices
21f67cf491SMika Westerberg		after they have been connected. If the device is not
22f67cf491SMika Westerberg		authorized, no devices such as PCIe and Display port are
23f67cf491SMika Westerberg		available to the system.
24f67cf491SMika Westerberg
25f67cf491SMika Westerberg		Contents of this attribute will be 0 when the device is not
26f67cf491SMika Westerberg		yet authorized.
27f67cf491SMika Westerberg
28f67cf491SMika Westerberg		Possible values are supported:
29f67cf491SMika Westerberg		1: The device will be authorized and connected
30f67cf491SMika Westerberg
31f67cf491SMika Westerberg		When key attribute contains 32 byte hex string the possible
32f67cf491SMika Westerberg		values are:
33f67cf491SMika Westerberg		1: The 32 byte hex string is added to the device NVM and
34f67cf491SMika Westerberg		   the device is authorized.
35f67cf491SMika Westerberg		2: Send a challenge based on the 32 byte hex string. If the
36f67cf491SMika Westerberg		   challenge response from device is valid, the device is
37f67cf491SMika Westerberg		   authorized. In case of failure errno will be ENOKEY if
38f67cf491SMika Westerberg		   the device did not contain a key at all, and
39f67cf491SMika Westerberg		   EKEYREJECTED if the challenge response did not match.
40f67cf491SMika Westerberg
41f67cf491SMika WesterbergWhat: /sys/bus/thunderbolt/devices/.../key
42f67cf491SMika WesterbergDate:		Sep 2017
43f67cf491SMika WesterbergKernelVersion:	4.13
44f67cf491SMika WesterbergContact:	thunderbolt-software@lists.01.org
45f67cf491SMika WesterbergDescription:	When a devices supports Thunderbolt secure connect it will
46f67cf491SMika Westerberg		have this attribute. Writing 32 byte hex string changes
47f67cf491SMika Westerberg		authorization to use the secure connection method instead.
48f67cf491SMika Westerberg
49bfe778acSMika WesterbergWhat:		/sys/bus/thunderbolt/devices/.../device
50bfe778acSMika WesterbergDate:		Sep 2017
51bfe778acSMika WesterbergKernelVersion:	4.13
52bfe778acSMika WesterbergContact:	thunderbolt-software@lists.01.org
53bfe778acSMika WesterbergDescription:	This attribute contains id of this device extracted from
54bfe778acSMika Westerberg		the device DROM.
55bfe778acSMika Westerberg
5672ee3390SMika WesterbergWhat:		/sys/bus/thunderbolt/devices/.../device_name
5772ee3390SMika WesterbergDate:		Sep 2017
5872ee3390SMika WesterbergKernelVersion:	4.13
5972ee3390SMika WesterbergContact:	thunderbolt-software@lists.01.org
6072ee3390SMika WesterbergDescription:	This attribute contains name of this device extracted from
6172ee3390SMika Westerberg		the device DROM.
6272ee3390SMika Westerberg
63bfe778acSMika WesterbergWhat:		/sys/bus/thunderbolt/devices/.../vendor
64bfe778acSMika WesterbergDate:		Sep 2017
65bfe778acSMika WesterbergKernelVersion:	4.13
66bfe778acSMika WesterbergContact:	thunderbolt-software@lists.01.org
67bfe778acSMika WesterbergDescription:	This attribute contains vendor id of this device extracted
68bfe778acSMika Westerberg		from the device DROM.
69bfe778acSMika Westerberg
7072ee3390SMika WesterbergWhat:		/sys/bus/thunderbolt/devices/.../vendor_name
7172ee3390SMika WesterbergDate:		Sep 2017
7272ee3390SMika WesterbergKernelVersion:	4.13
7372ee3390SMika WesterbergContact:	thunderbolt-software@lists.01.org
7472ee3390SMika WesterbergDescription:	This attribute contains vendor name of this device extracted
7572ee3390SMika Westerberg		from the device DROM.
7672ee3390SMika Westerberg
77bfe778acSMika WesterbergWhat:		/sys/bus/thunderbolt/devices/.../unique_id
78bfe778acSMika WesterbergDate:		Sep 2017
79bfe778acSMika WesterbergKernelVersion:	4.13
80bfe778acSMika WesterbergContact:	thunderbolt-software@lists.01.org
81bfe778acSMika WesterbergDescription:	This attribute contains unique_id string of this device.
82bfe778acSMika Westerberg		This is either read from hardware registers (UUID on
83bfe778acSMika Westerberg		newer hardware) or based on UID from the device DROM.
84bfe778acSMika Westerberg		Can be used to uniquely identify particular device.
85*e6b245ccSMika Westerberg
86*e6b245ccSMika WesterbergWhat:		/sys/bus/thunderbolt/devices/.../nvm_version
87*e6b245ccSMika WesterbergDate:		Sep 2017
88*e6b245ccSMika WesterbergKernelVersion:	4.13
89*e6b245ccSMika WesterbergContact:	thunderbolt-software@lists.01.org
90*e6b245ccSMika WesterbergDescription:	If the device has upgradeable firmware the version
91*e6b245ccSMika Westerberg		number is available here. Format: %x.%x, major.minor.
92*e6b245ccSMika Westerberg		If the device is in safe mode reading the file returns
93*e6b245ccSMika Westerberg		-ENODATA instead as the NVM version is not available.
94*e6b245ccSMika Westerberg
95*e6b245ccSMika WesterbergWhat:		/sys/bus/thunderbolt/devices/.../nvm_authenticate
96*e6b245ccSMika WesterbergDate:		Sep 2017
97*e6b245ccSMika WesterbergKernelVersion:	4.13
98*e6b245ccSMika WesterbergContact:	thunderbolt-software@lists.01.org
99*e6b245ccSMika WesterbergDescription:	When new NVM image is written to the non-active NVM
100*e6b245ccSMika Westerberg		area (through non_activeX NVMem device), the
101*e6b245ccSMika Westerberg		authentication procedure is started by writing 1 to
102*e6b245ccSMika Westerberg		this file. If everything goes well, the device is
103*e6b245ccSMika Westerberg		restarted with the new NVM firmware. If the image
104*e6b245ccSMika Westerberg		verification fails an error code is returned instead.
105*e6b245ccSMika Westerberg
106*e6b245ccSMika Westerberg		When read holds status of the last authentication
107*e6b245ccSMika Westerberg		operation if an error occurred during the process. This
108*e6b245ccSMika Westerberg		is directly the status value from the DMA configuration
109*e6b245ccSMika Westerberg		based mailbox before the device is power cycled. Writing
110*e6b245ccSMika Westerberg		0 here clears the status.
111