1 What: /sys/bus/thunderbolt/devices/.../domainX/security
4 Contact: thunderbolt-software@lists.01.org
5 Description: This attribute holds current Thunderbolt security level
6 set by the system BIOS. Possible values are:
8 none: All devices are automatically authorized
9 user: Devices are only authorized based on writing
10 appropriate value to the authorized attribute
11 secure: Require devices that support secure connect at
12 minimum. User needs to authorize each device.
13 dponly: Automatically tunnel Display port (and USB). No
14 PCIe tunnels are created.
16 What: /sys/bus/thunderbolt/devices/.../authorized
19 Contact: thunderbolt-software@lists.01.org
20 Description: This attribute is used to authorize Thunderbolt devices
21 after they have been connected. If the device is not
22 authorized, no devices such as PCIe and Display port are
23 available to the system.
25 Contents of this attribute will be 0 when the device is not
28 Possible values are supported:
29 1: The device will be authorized and connected
31 When key attribute contains 32 byte hex string the possible
33 1: The 32 byte hex string is added to the device NVM and
34 the device is authorized.
35 2: Send a challenge based on the 32 byte hex string. If the
36 challenge response from device is valid, the device is
37 authorized. In case of failure errno will be ENOKEY if
38 the device did not contain a key at all, and
39 EKEYREJECTED if the challenge response did not match.
41 What: /sys/bus/thunderbolt/devices/.../key
44 Contact: thunderbolt-software@lists.01.org
45 Description: When a devices supports Thunderbolt secure connect it will
46 have this attribute. Writing 32 byte hex string changes
47 authorization to use the secure connection method instead.
49 What: /sys/bus/thunderbolt/devices/.../device
52 Contact: thunderbolt-software@lists.01.org
53 Description: This attribute contains id of this device extracted from
56 What: /sys/bus/thunderbolt/devices/.../device_name
59 Contact: thunderbolt-software@lists.01.org
60 Description: This attribute contains name of this device extracted from
63 What: /sys/bus/thunderbolt/devices/.../vendor
66 Contact: thunderbolt-software@lists.01.org
67 Description: This attribute contains vendor id of this device extracted
70 What: /sys/bus/thunderbolt/devices/.../vendor_name
73 Contact: thunderbolt-software@lists.01.org
74 Description: This attribute contains vendor name of this device extracted
77 What: /sys/bus/thunderbolt/devices/.../unique_id
80 Contact: thunderbolt-software@lists.01.org
81 Description: This attribute contains unique_id string of this device.
82 This is either read from hardware registers (UUID on
83 newer hardware) or based on UID from the device DROM.
84 Can be used to uniquely identify particular device.
86 What: /sys/bus/thunderbolt/devices/.../nvm_version
89 Contact: thunderbolt-software@lists.01.org
90 Description: If the device has upgradeable firmware the version
91 number is available here. Format: %x.%x, major.minor.
92 If the device is in safe mode reading the file returns
93 -ENODATA instead as the NVM version is not available.
95 What: /sys/bus/thunderbolt/devices/.../nvm_authenticate
98 Contact: thunderbolt-software@lists.01.org
99 Description: When new NVM image is written to the non-active NVM
100 area (through non_activeX NVMem device), the
101 authentication procedure is started by writing 1 to
102 this file. If everything goes well, the device is
103 restarted with the new NVM firmware. If the image
104 verification fails an error code is returned instead.
106 When read holds status of the last authentication
107 operation if an error occurred during the process. This
108 is directly the status value from the DMA configuration
109 based mailbox before the device is power cycled. Writing
110 0 here clears the status.