• Home
  • Raw
  • Download

Lines Matching +full:user +full:- +full:level

5 should be a userspace tool that handles all the low-level details, keeps
9 found in ``Documentation/ABI/testing/sysfs-bus-thunderbolt``.
13 ``/etc/udev/rules.d/99-local.rules``::
22 -----------------------------------
24 security levels available. Intel Titan Ridge added one more security level
33     All devices are automatically connected by the firmware. No user
37   user
38     User is asked whether the device is allowed to be connected.
40     ``/sys/bus/thunderbolt/devices``, the user then can make the decision.
44     User is asked whether the device is allowed to be connected. In
60 The current security level can be read from
65 If the security level reads as ``user`` or ``secure`` the connected
66 device must be authorized by the user before PCIe tunnels are created
74 Authorizing devices when security level is ``user`` or ``secure``
75 -----------------------------------------------------------------
78   /sys/bus/thunderbolt/devices/0-1/authorized	- 0
79   /sys/bus/thunderbolt/devices/0-1/device	- 0x8004
80   /sys/bus/thunderbolt/devices/0-1/device_name	- Thunderbolt to FireWire Adapter
81   /sys/bus/thunderbolt/devices/0-1/vendor	- 0x1
82   /sys/bus/thunderbolt/devices/0-1/vendor_name	- Apple, Inc.
83   /sys/bus/thunderbolt/devices/0-1/unique_id	- e0376f00-0300-0100-ffff-ffffffffffff
86 created yet. The user can authorize the device by simply entering::
88   # echo 1 > /sys/bus/thunderbolt/devices/0-1/authorized
92 If the device supports secure connect, and the domain security level is
94 a random 32-byte value used for authorization and challenging the device in
97   /sys/bus/thunderbolt/devices/0-3/authorized	- 0
98   /sys/bus/thunderbolt/devices/0-3/device	- 0x305
99   /sys/bus/thunderbolt/devices/0-3/device_name	- AKiTiO Thunder3 PCIe Box
100   /sys/bus/thunderbolt/devices/0-3/key		-
101   /sys/bus/thunderbolt/devices/0-3/vendor	- 0x41
102   /sys/bus/thunderbolt/devices/0-3/vendor_name	- inXtron
103   /sys/bus/thunderbolt/devices/0-3/unique_id	- dc010000-0000-8508-a22d-32ca6421cb16
107 If the user does not want to use secure connect they can just ``echo 1``
109 the same way as in the ``user`` security level.
111 If the user wants to use secure connect, the first time the device is
114   # key=$(openssl rand -hex 32)
115   # echo $key > /sys/bus/thunderbolt/devices/0-3/key
116   # echo 1 > /sys/bus/thunderbolt/devices/0-3/authorized
121 Next time the device is plugged in the user can verify (challenge) the
124   # echo $key > /sys/bus/thunderbolt/devices/0-3/key
125   # echo 2 > /sys/bus/thunderbolt/devices/0-3/authorized
130 returned to the user.
132 If the user still wants to connect the device they can either approve
137 ------------------------------
142 automatically enables IOMMU if not enabled by the user already. These
148 redundant. For this reason some systems ship with security level set to
149 ``none``. Other systems have security level set to ``user`` in order to
157 -------------------------------------------
177 device - then you need to connect that particular device).
179 Note an OEM-specific method to power the controller up ("force power") may
183 After that we can write the firmware to the non-active parts of the NVM
187   # dd if=KYK_TBT_FW_0018.bin of=/sys/bus/thunderbolt/devices/0-0/nvm_non_active0/nvmem
192   # echo 1 > /sys/bus/thunderbolt/devices/0-0/nvm_authenticate
202   # cat /sys/bus/thunderbolt/devices/0-0/nvm_authenticate
204   # cat /sys/bus/thunderbolt/devices/0-0/nvm_version
216 --------------------------------------------------
227 ---------------------------------
236 ``thunderbolt-net`` driver is loaded automatically. If the other host is
237 also Linux you should load ``thunderbolt-net`` manually on one host (it
240   # modprobe thunderbolt-net
243 is built-in to the kernel image, there is no need to do anything.
251 -------------
257 For example the intel-wmi-thunderbolt driver exposes this attribute in:
258   /sys/bus/wmi/devices/86CCFD48-205E-4A77-9C48-2021CBEDE341/force_power