Merge tag 'thunderbolt-for-v5.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/westeri/thunderbolt into usb-next

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Mika writes:

thunderbolt: Changes for v5.12 merge window

This includes following Thunderbolt/USB4 changes for v5.12 merge
window:

* Start lane initialization after sleep for Thunderbolt 3 compatible
devices

* Add support for de-authorizing PCIe tunnels (software based
connection manager only)

* Add support for new ACPI 6.4 USB4 _OSC

* Allow disabling XDomain protocol

* Add support for new SL5 security level

* Clean up kernel-docs to pass W=1 builds

* A couple of cleanups and minor fixes

All these have been in linux-next without reported issues.

* tag 'thunderbolt-for-v5.12-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/westeri/thunderbolt: (27 commits)
thunderbolt: Add support for native USB4 _OSC
ACPI: Add support for native USB4 control _OSC
ACPI: Execute platform _OSC also with query bit clear
thunderbolt: Allow disabling XDomain protocol
thunderbolt: Add support for PCIe tunneling disabled (SL5)
thunderbolt: dma_test: Drop unnecessary include
thunderbolt: Add clarifying comments about USB4 terms router and adapter
thunderbolt: switch: Fix kernel-doc descriptions of non-static functions
thunderbolt: nhi: Fix kernel-doc descriptions of non-static functions
thunderbolt: path: Fix kernel-doc descriptions of non-static functions
thunderbolt: eeprom: Fix kernel-doc descriptions of non-static functions
thunderbolt: ctl: Fix kernel-doc descriptions of non-static functions
thunderbolt: switch: Fix function name in the header
thunderbolt: tunnel: Fix misspelling of 'receive_path'
thunderbolt: icm: Fix a couple of formatting issues
thunderbolt: switch: Demote a bunch of non-conformant kernel-doc headers
thunderbolt: tb: Kernel-doc function headers should document their parameters
thunderbolt: nhi: Demote some non-conformant kernel-doc headers
thunderbolt: xdomain: Fix 'tb_unregister_service_driver()'s 'drv' param
thunderbolt: eeprom: Demote non-conformant kernel-doc headers to standard comment blocks
...

Greg Kroah-Hartman 5 years ago 0a25669b fe6ad68e

+585 -81

23 changed files

expand all

Documentation

ABI

testing

sysfs-bus-thunderbolt

admin-guide

thunderbolt.rst

drivers

acpi

bus.c

thunderbolt

acpi.c

cap.c

ctl.c

dma_port.c

dma_test.c

domain.c

eeprom.c

icm.c

lc.c

nhi.c

path.c

switch.c

tb.c

tb.h

tb_regs.h

tunnel.c

usb4.c

xdomain.c

include

linux

acpi.h

thunderbolt.h

+18 -4

Documentation/ABI/testing/sysfs-bus-thunderbolt

··· 49 49 If a device is authorized automatically during boot its 50 50 boot attribute is set to 1. 51 51 52 + What: /sys/bus/thunderbolt/devices/.../domainX/deauthorization 53 + Date: May 2021 54 + KernelVersion: 5.12 55 + Contact: Mika Westerberg <mika.westerberg@linux.intel.com> 56 + Description: This attribute tells whether the system supports 57 + de-authorization of devices. Value of 1 means user can 58 + de-authorize PCIe tunnel by writing 0 to authorized 59 + attribute under each device. 60 + 52 61 What: /sys/bus/thunderbolt/devices/.../domainX/iommu_dma_protection 53 62 Date: Mar 2019 54 63 KernelVersion: 4.21 ··· 85 76 usbonly Automatically tunnel USB controller of the 86 77 connected Thunderbolt dock (and Display Port). All 87 78 PCIe links downstream of the dock are removed. 79 + nopcie USB4 system where PCIe tunneling is disabled from 80 + the BIOS. 88 81 ======= ================================================== 89 82 90 83 What: /sys/bus/thunderbolt/devices/.../authorized ··· 95 84 Contact: thunderbolt-software@lists.01.org 96 85 Description: This attribute is used to authorize Thunderbolt devices 97 86 after they have been connected. If the device is not 98 - authorized, no devices such as PCIe and Display port are 99 - available to the system. 87 + authorized, no PCIe devices are available to the system. 100 88 101 89 Contents of this attribute will be 0 when the device is not 102 90 yet authorized. 103 91 104 92 Possible values are supported: 105 93 106 - == =========================================== 94 + == =================================================== 95 + 0 The device will be de-authorized (only supported if 96 + deauthorization attribute under domain contains 1) 107 97 1 The device will be authorized and connected 108 - == =========================================== 98 + == =================================================== 109 99 110 100 When key attribute contains 32 byte hex string the possible 111 101 values are: 112 102 113 103 == ======================================================== 104 + 0 The device will be de-authorized (only supported if 105 + deauthorization attribute under domain contains 1) 114 106 1 The 32 byte hex string is added to the device NVM and 115 107 the device is authorized. 116 108 2 Send a challenge based on the 32 byte hex string. If the

+23

Documentation/admin-guide/thunderbolt.rst

··· 47 47 knowing about it. There are ways to prevent this by setting up an IOMMU but 48 48 it is not always available for various reasons. 49 49 50 + Some USB4 systems have a BIOS setting to disable PCIe tunneling. This is 51 + treated as another security level (nopcie). 52 + 50 53 The security levels are as follows: 51 54 52 55 none ··· 79 76 The firmware automatically creates tunnels for the USB controller and 80 77 Display Port in a dock. All PCIe links downstream of the dock are 81 78 removed. 79 + 80 + nopcie 81 + PCIe tunneling is disabled/forbidden from the BIOS. Available in some 82 + USB4 systems. 82 83 83 84 The current security level can be read from 84 85 ``/sys/bus/thunderbolt/devices/domainX/security`` where ``domainX`` is ··· 159 152 If the user still wants to connect the device they can either approve 160 153 the device without a key or write a new key and write 1 to the 161 154 ``authorized`` file to get the new key stored on the device NVM. 155 + 156 + De-authorizing devices 157 + ---------------------- 158 + It is possible to de-authorize devices by writing ``0`` to their 159 + ``authorized`` attribute. This requires support from the connection 160 + manager implementation and can be checked by reading domain 161 + ``deauthorization`` attribute. If it reads ``1`` then the feature is 162 + supported. 163 + 164 + When a device is de-authorized the PCIe tunnel from the parent device 165 + PCIe downstream (or root) port to the device PCIe upstream port is torn 166 + down. This is essentially the same thing as PCIe hot-remove and the PCIe 167 + toplogy in question will not be accessible anymore until the device is 168 + authorized again. If there is storage such as NVMe or similar involved, 169 + there is a risk for data loss if the filesystem on that storage is not 170 + properly shut down. You have been warned! 162 171 163 172 DMA protection utilizing IOMMU 164 173 ------------------------------

+107 -12

drivers/acpi/bus.c

··· 281 281 bool osc_pc_lpi_support_confirmed; 282 282 EXPORT_SYMBOL_GPL(osc_pc_lpi_support_confirmed); 283 283 284 + /* 285 + * ACPI 6.4 Operating System Capabilities for USB. 286 + */ 287 + bool osc_sb_native_usb4_support_confirmed; 288 + EXPORT_SYMBOL_GPL(osc_sb_native_usb4_support_confirmed); 289 + 284 290 static u8 sb_uuid_str[] = "0811B06E-4A27-44F9-8D60-3CBBC22E7B48"; 285 - static void acpi_bus_osc_support(void) 291 + static void acpi_bus_osc_negotiate_platform_control(void) 286 292 { 287 - u32 capbuf[2]; 293 + u32 capbuf[2], *capbuf_ret; 288 294 struct acpi_osc_context context = { 289 295 .uuid_str = sb_uuid_str, 290 296 .rev = 1, ··· 323 317 if (IS_ENABLED(CONFIG_SCHED_MC_PRIO)) 324 318 capbuf[OSC_SUPPORT_DWORD] |= OSC_SB_CPC_DIVERSE_HIGH_SUPPORT; 325 319 320 + if (IS_ENABLED(CONFIG_USB4)) 321 + capbuf[OSC_SUPPORT_DWORD] |= OSC_SB_NATIVE_USB4_SUPPORT; 322 + 326 323 if (!ghes_disable) 327 324 capbuf[OSC_SUPPORT_DWORD] |= OSC_SB_APEI_SUPPORT; 328 325 if (ACPI_FAILURE(acpi_get_handle(NULL, "\\_SB", &handle))) 329 326 return; 330 - if (ACPI_SUCCESS(acpi_run_osc(handle, &context))) { 331 - u32 *capbuf_ret = context.ret.pointer; 332 - if (context.ret.length > OSC_SUPPORT_DWORD) { 333 - osc_sb_apei_support_acked = 334 - capbuf_ret[OSC_SUPPORT_DWORD] & OSC_SB_APEI_SUPPORT; 335 - osc_pc_lpi_support_confirmed = 336 - capbuf_ret[OSC_SUPPORT_DWORD] & OSC_SB_PCLPI_SUPPORT; 337 - } 327 + 328 + if (ACPI_FAILURE(acpi_run_osc(handle, &context))) 329 + return; 330 + 331 + capbuf_ret = context.ret.pointer; 332 + if (context.ret.length <= OSC_SUPPORT_DWORD) { 338 333 kfree(context.ret.pointer); 334 + return; 339 335 } 340 - /* do we need to check other returned cap? Sounds no */ 336 + 337 + /* 338 + * Now run _OSC again with query flag clear and with the caps 339 + * supported by both the OS and the platform. 340 + */ 341 + capbuf[OSC_QUERY_DWORD] = 0; 342 + capbuf[OSC_SUPPORT_DWORD] = capbuf_ret[OSC_SUPPORT_DWORD]; 343 + kfree(context.ret.pointer); 344 + 345 + if (ACPI_FAILURE(acpi_run_osc(handle, &context))) 346 + return; 347 + 348 + capbuf_ret = context.ret.pointer; 349 + if (context.ret.length > OSC_SUPPORT_DWORD) { 350 + osc_sb_apei_support_acked = 351 + capbuf_ret[OSC_SUPPORT_DWORD] & OSC_SB_APEI_SUPPORT; 352 + osc_pc_lpi_support_confirmed = 353 + capbuf_ret[OSC_SUPPORT_DWORD] & OSC_SB_PCLPI_SUPPORT; 354 + osc_sb_native_usb4_support_confirmed = 355 + capbuf_ret[OSC_SUPPORT_DWORD] & OSC_SB_NATIVE_USB4_SUPPORT; 356 + } 357 + 358 + kfree(context.ret.pointer); 359 + } 360 + 361 + /* 362 + * Native control of USB4 capabilities. If any of the tunneling bits is 363 + * set it means OS is in control and we use software based connection 364 + * manager. 365 + */ 366 + u32 osc_sb_native_usb4_control; 367 + EXPORT_SYMBOL_GPL(osc_sb_native_usb4_control); 368 + 369 + static void acpi_bus_decode_usb_osc(const char *msg, u32 bits) 370 + { 371 + printk(KERN_INFO PREFIX "%s USB3%c DisplayPort%c PCIe%c XDomain%c\n", msg, 372 + (bits & OSC_USB_USB3_TUNNELING) ? '+' : '-', 373 + (bits & OSC_USB_DP_TUNNELING) ? '+' : '-', 374 + (bits & OSC_USB_PCIE_TUNNELING) ? '+' : '-', 375 + (bits & OSC_USB_XDOMAIN) ? '+' : '-'); 376 + } 377 + 378 + static u8 sb_usb_uuid_str[] = "23A0D13A-26AB-486C-9C5F-0FFA525A575A"; 379 + static void acpi_bus_osc_negotiate_usb_control(void) 380 + { 381 + u32 capbuf[3]; 382 + struct acpi_osc_context context = { 383 + .uuid_str = sb_usb_uuid_str, 384 + .rev = 1, 385 + .cap.length = sizeof(capbuf), 386 + .cap.pointer = capbuf, 387 + }; 388 + acpi_handle handle; 389 + acpi_status status; 390 + u32 control; 391 + 392 + if (!osc_sb_native_usb4_support_confirmed) 393 + return; 394 + 395 + if (ACPI_FAILURE(acpi_get_handle(NULL, "\\_SB", &handle))) 396 + return; 397 + 398 + control = OSC_USB_USB3_TUNNELING | OSC_USB_DP_TUNNELING | 399 + OSC_USB_PCIE_TUNNELING | OSC_USB_XDOMAIN; 400 + 401 + capbuf[OSC_QUERY_DWORD] = 0; 402 + capbuf[OSC_SUPPORT_DWORD] = 0; 403 + capbuf[OSC_CONTROL_DWORD] = control; 404 + 405 + status = acpi_run_osc(handle, &context); 406 + if (ACPI_FAILURE(status)) 407 + return; 408 + 409 + if (context.ret.length != sizeof(capbuf)) { 410 + printk(KERN_INFO PREFIX "USB4 _OSC: returned invalid length buffer\n"); 411 + goto out_free; 412 + } 413 + 414 + osc_sb_native_usb4_control = 415 + control & ((u32 *)context.ret.pointer)[OSC_CONTROL_DWORD]; 416 + 417 + acpi_bus_decode_usb_osc("USB4 _OSC: OS supports", control); 418 + acpi_bus_decode_usb_osc("USB4 _OSC: OS controls", 419 + osc_sb_native_usb4_control); 420 + 421 + out_free: 422 + kfree(context.ret.pointer); 341 423 } 342 424 343 425 /* -------------------------------------------------------------------------- ··· 1262 1168 * _OSC method may exist in module level code, 1263 1169 * so it must be run after ACPI_FULL_INITIALIZATION 1264 1170 */ 1265 - acpi_bus_osc_support(); 1171 + acpi_bus_osc_negotiate_platform_control(); 1172 + acpi_bus_osc_negotiate_usb_control(); 1266 1173 1267 1174 /* 1268 1175 * _PDC control method may load dynamic SSDT tables,

+65

drivers/thunderbolt/acpi.c

··· 115 115 if (ACPI_FAILURE(status)) 116 116 dev_warn(&nhi->pdev->dev, "failed to enumerate tunneled ports\n"); 117 117 } 118 + 119 + /** 120 + * tb_acpi_is_native() - Did the platform grant native TBT/USB4 control 121 + * 122 + * Returns %true if the platform granted OS native control over 123 + * TBT/USB4. In this case software based connection manager can be used, 124 + * otherwise there is firmware based connection manager running. 125 + */ 126 + bool tb_acpi_is_native(void) 127 + { 128 + return osc_sb_native_usb4_support_confirmed && 129 + osc_sb_native_usb4_control; 130 + } 131 + 132 + /** 133 + * tb_acpi_may_tunnel_usb3() - Is USB3 tunneling allowed by the platform 134 + * 135 + * When software based connection manager is used, this function 136 + * returns %true if platform allows native USB3 tunneling. 137 + */ 138 + bool tb_acpi_may_tunnel_usb3(void) 139 + { 140 + if (tb_acpi_is_native()) 141 + return osc_sb_native_usb4_control & OSC_USB_USB3_TUNNELING; 142 + return true; 143 + } 144 + 145 + /** 146 + * tb_acpi_may_tunnel_dp() - Is DisplayPort tunneling allowed by the platform 147 + * 148 + * When software based connection manager is used, this function 149 + * returns %true if platform allows native DP tunneling. 150 + */ 151 + bool tb_acpi_may_tunnel_dp(void) 152 + { 153 + if (tb_acpi_is_native()) 154 + return osc_sb_native_usb4_control & OSC_USB_DP_TUNNELING; 155 + return true; 156 + } 157 + 158 + /** 159 + * tb_acpi_may_tunnel_pcie() - Is PCIe tunneling allowed by the platform 160 + * 161 + * When software based connection manager is used, this function 162 + * returns %true if platform allows native PCIe tunneling. 163 + */ 164 + bool tb_acpi_may_tunnel_pcie(void) 165 + { 166 + if (tb_acpi_is_native()) 167 + return osc_sb_native_usb4_control & OSC_USB_PCIE_TUNNELING; 168 + return true; 169 + } 170 + 171 + /** 172 + * tb_acpi_is_xdomain_allowed() - Are XDomain connections allowed 173 + * 174 + * When software based connection manager is used, this function 175 + * returns %true if platform allows XDomain connections. 176 + */ 177 + bool tb_acpi_is_xdomain_allowed(void) 178 + { 179 + if (tb_acpi_is_native()) 180 + return osc_sb_native_usb4_control & OSC_USB_XDOMAIN; 181 + return true; 182 + }

+1 -1

drivers/thunderbolt/cap.c

··· 178 178 179 179 /** 180 180 * tb_switch_find_cap() - Find switch capability 181 - * @sw Switch to find the capability for 181 + * @sw: Switch to find the capability for 182 182 * @cap: Capability to look 183 183 * 184 184 * Returns offset to start of capability or %-ENOENT if no such

+44 -7

drivers/thunderbolt/ctl.c

··· 20 20 #define TB_CTL_RETRIES 4 21 21 22 22 /** 23 - * struct tb_cfg - thunderbolt control channel 23 + * struct tb_ctl - Thunderbolt control channel 24 + * @nhi: Pointer to the NHI structure 25 + * @tx: Transmit ring 26 + * @rx: Receive ring 27 + * @frame_pool: DMA pool for control messages 28 + * @rx_packets: Received control messages 29 + * @request_queue_lock: Lock protecting @request_queue 30 + * @request_queue: List of outstanding requests 31 + * @running: Is the control channel running at the moment 32 + * @callback: Callback called when hotplug message is received 33 + * @callback_data: Data passed to @callback 24 34 */ 25 35 struct tb_ctl { 26 36 struct tb_nhi *nhi; ··· 348 338 tb_ctl_pkg_free(pkg); 349 339 } 350 340 351 - /** 341 + /* 352 342 * tb_cfg_tx() - transmit a packet on the control channel 353 343 * 354 344 * len must be a multiple of four. ··· 385 375 return res; 386 376 } 387 377 388 - /** 378 + /* 389 379 * tb_ctl_handle_event() - acknowledge a plug event, invoke ctl->callback 390 380 */ 391 381 static bool tb_ctl_handle_event(struct tb_ctl *ctl, enum tb_cfg_pkg_type type, ··· 612 602 613 603 /** 614 604 * tb_ctl_alloc() - allocate a control channel 605 + * @nhi: Pointer to NHI 606 + * @cb: Callback called for plug events 607 + * @cb_data: Data passed to @cb 615 608 * 616 609 * cb will be invoked once for every hot plug event. 617 610 * ··· 662 649 663 650 /** 664 651 * tb_ctl_free() - free a control channel 652 + * @ctl: Control channel to free 665 653 * 666 654 * Must be called after tb_ctl_stop. 667 655 * ··· 691 677 692 678 /** 693 679 * tb_cfg_start() - start/resume the control channel 680 + * @ctl: Control channel to start 694 681 */ 695 682 void tb_ctl_start(struct tb_ctl *ctl) 696 683 { ··· 706 691 } 707 692 708 693 /** 709 - * control() - pause the control channel 694 + * tb_ctrl_stop() - pause the control channel 695 + * @ctl: Control channel to stop 710 696 * 711 697 * All invocations of ctl->callback will have finished after this method 712 698 * returns. ··· 800 784 801 785 /** 802 786 * tb_cfg_reset() - send a reset packet and wait for a response 787 + * @ctl: Control channel pointer 788 + * @route: Router string for the router to send reset 789 + * @timeout_msec: Timeout in ms how long to wait for the response 803 790 * 804 791 * If the switch at route is incorrectly configured then we will not receive a 805 792 * reply (even though the switch will reset). The caller should check for ··· 839 820 } 840 821 841 822 /** 842 - * tb_cfg_read() - read from config space into buffer 823 + * tb_cfg_read_raw() - read from config space into buffer 824 + * @ctl: Pointer to the control channel 825 + * @buffer: Buffer where the data is read 826 + * @route: Route string of the router 827 + * @port: Port number when reading from %TB_CFG_PORT, %0 otherwise 828 + * @space: Config space selector 829 + * @offset: Dword word offset of the register to start reading 830 + * @length: Number of dwords to read 831 + * @timeout_msec: Timeout in ms how long to wait for the response 843 832 * 844 - * Offset and length are in dwords. 833 + * Reads from router config space without translating the possible error. 845 834 */ 846 835 struct tb_cfg_result tb_cfg_read_raw(struct tb_ctl *ctl, void *buffer, 847 836 u64 route, u32 port, enum tb_cfg_space space, ··· 911 884 912 885 /** 913 886 * tb_cfg_write() - write from buffer into config space 887 + * @ctl: Pointer to the control channel 888 + * @buffer: Data to write 889 + * @route: Route string of the router 890 + * @port: Port number when writing to %TB_CFG_PORT, %0 otherwise 891 + * @space: Config space selector 892 + * @offset: Dword word offset of the register to start writing 893 + * @length: Number of dwords to write 894 + * @timeout_msec: Timeout in ms how long to wait for the response 914 895 * 915 - * Offset and length are in dwords. 896 + * Writes to router config space without translating the possible error. 916 897 */ 917 898 struct tb_cfg_result tb_cfg_write_raw(struct tb_ctl *ctl, const void *buffer, 918 899 u64 route, u32 port, enum tb_cfg_space space, ··· 1057 1022 1058 1023 /** 1059 1024 * tb_cfg_get_upstream_port() - get upstream port number of switch at route 1025 + * @ctl: Pointer to the control channel 1026 + * @route: Route string of the router 1060 1027 * 1061 1028 * Reads the first dword from the switches TB_CFG_SWITCH config area and 1062 1029 * returns the port number from which the reply originated.

drivers/thunderbolt/dma_port.c

··· 335 335 /* Write the block to MAIL_DATA registers */ 336 336 ret = dma_port_write(sw->tb->ctl, buf, tb_route(sw), dma->port, 337 337 dma->base + MAIL_DATA, dwords, DMA_PORT_TIMEOUT); 338 + if (ret) 339 + return ret; 338 340 339 341 in = MAIL_IN_CMD_FLASH_WRITE << MAIL_IN_CMD_SHIFT; 340 342

+1 -4

drivers/thunderbolt/dma_test.c

··· 7 7 * Mika Westerberg <mika.westerberg@linux.intel.com> 8 8 */ 9 9 10 - #include <linux/acpi.h> 11 10 #include <linux/completion.h> 12 11 #include <linux/debugfs.h> 13 12 #include <linux/module.h> ··· 298 299 tf->frame.size = 0; /* means 4096 */ 299 300 tf->dma_test = dt; 300 301 301 - tf->data = kzalloc(DMA_TEST_FRAME_SIZE, GFP_KERNEL); 302 + tf->data = kmemdup(dma_test_pattern, DMA_TEST_FRAME_SIZE, GFP_KERNEL); 302 303 if (!tf->data) { 303 304 kfree(tf); 304 305 return -ENOMEM; 305 306 } 306 - 307 - memcpy(tf->data, dma_test_pattern, DMA_TEST_FRAME_SIZE); 308 307 309 308 dma_addr = dma_map_single(dma_dev, tf->data, DMA_TEST_FRAME_SIZE, 310 309 DMA_TO_DEVICE);

+44 -4

drivers/thunderbolt/domain.c

··· 118 118 [TB_SECURITY_SECURE] = "secure", 119 119 [TB_SECURITY_DPONLY] = "dponly", 120 120 [TB_SECURITY_USBONLY] = "usbonly", 121 + [TB_SECURITY_NOPCIE] = "nopcie", 121 122 }; 122 123 123 124 static ssize_t boot_acl_show(struct device *dev, struct device_attribute *attr, ··· 239 238 } 240 239 static DEVICE_ATTR_RW(boot_acl); 241 240 241 + static ssize_t deauthorization_show(struct device *dev, 242 + struct device_attribute *attr, 243 + char *buf) 244 + { 245 + const struct tb *tb = container_of(dev, struct tb, dev); 246 + bool deauthorization = false; 247 + 248 + /* Only meaningful if authorization is supported */ 249 + if (tb->security_level == TB_SECURITY_USER || 250 + tb->security_level == TB_SECURITY_SECURE) 251 + deauthorization = !!tb->cm_ops->disapprove_switch; 252 + 253 + return sprintf(buf, "%d\n", deauthorization); 254 + } 255 + static DEVICE_ATTR_RO(deauthorization); 256 + 242 257 static ssize_t iommu_dma_protection_show(struct device *dev, 243 258 struct device_attribute *attr, 244 259 char *buf) ··· 284 267 285 268 static struct attribute *domain_attrs[] = { 286 269 &dev_attr_boot_acl.attr, 270 + &dev_attr_deauthorization.attr, 287 271 &dev_attr_iommu_dma_protection.attr, 288 272 &dev_attr_security.attr, 289 273 NULL, ··· 307 289 return attr->mode; 308 290 } 309 291 310 - static struct attribute_group domain_attr_group = { 292 + static const struct attribute_group domain_attr_group = { 311 293 .is_visible = domain_attr_is_visible, 312 294 .attrs = domain_attrs, 313 295 }; ··· 412 394 switch (type) { 413 395 case TB_CFG_PKG_XDOMAIN_REQ: 414 396 case TB_CFG_PKG_XDOMAIN_RESP: 415 - return tb_xdomain_handle_request(tb, type, buf, size); 397 + if (tb_is_xdomain_enabled()) 398 + return tb_xdomain_handle_request(tb, type, buf, size); 399 + break; 416 400 417 401 default: 418 402 tb->cm_ops->handle_event(tb, type, buf, size); ··· 460 440 if (ret) 461 441 goto err_ctl_stop; 462 442 } 443 + 444 + tb_dbg(tb, "security level set to %s\n", 445 + tb_security_names[tb->security_level]); 463 446 464 447 ret = device_add(&tb->dev); 465 448 if (ret) ··· 625 602 } 626 603 627 604 /** 605 + * tb_domain_disapprove_switch() - Disapprove switch 606 + * @tb: Domain the switch belongs to 607 + * @sw: Switch to disapprove 608 + * 609 + * This will disconnect PCIe tunnel from parent to this @sw. 610 + * 611 + * Return: %0 on success and negative errno in case of failure. 612 + */ 613 + int tb_domain_disapprove_switch(struct tb *tb, struct tb_switch *sw) 614 + { 615 + if (!tb->cm_ops->disapprove_switch) 616 + return -EPERM; 617 + 618 + return tb->cm_ops->disapprove_switch(tb, sw); 619 + } 620 + 621 + /** 628 622 * tb_domain_approve_switch() - Approve switch 629 623 * @tb: Domain the switch belongs to 630 624 * @sw: Switch to approve 631 625 * 632 626 * This will approve switch by connection manager specific means. In 633 - * case of success the connection manager will create tunnels for all 634 - * supported protocols. 627 + * case of success the connection manager will create PCIe tunnel from 628 + * parent to @sw. 635 629 */ 636 630 int tb_domain_approve_switch(struct tb *tb, struct tb_switch *sw) 637 631 {

+21 -12

drivers/thunderbolt/eeprom.c

··· 12 12 #include <linux/slab.h> 13 13 #include "tb.h" 14 14 15 - /** 15 + /* 16 16 * tb_eeprom_ctl_write() - write control word 17 17 */ 18 18 static int tb_eeprom_ctl_write(struct tb_switch *sw, struct tb_eeprom_ctl *ctl) ··· 20 20 return tb_sw_write(sw, ctl, TB_CFG_SWITCH, sw->cap_plug_events + 4, 1); 21 21 } 22 22 23 - /** 23 + /* 24 24 * tb_eeprom_ctl_write() - read control word 25 25 */ 26 26 static int tb_eeprom_ctl_read(struct tb_switch *sw, struct tb_eeprom_ctl *ctl) ··· 33 33 TB_EEPROM_OUT, 34 34 }; 35 35 36 - /** 36 + /* 37 37 * tb_eeprom_active - enable rom access 38 38 * 39 39 * WARNING: Always disable access after usage. Otherwise the controller will ··· 62 62 } 63 63 } 64 64 65 - /** 65 + /* 66 66 * tb_eeprom_transfer - transfer one bit 67 67 * 68 68 * If TB_EEPROM_IN is passed, then the bit can be retrieved from ctl->data_in. ··· 90 90 return tb_eeprom_ctl_write(sw, ctl); 91 91 } 92 92 93 - /** 93 + /* 94 94 * tb_eeprom_out - write one byte to the bus 95 95 */ 96 96 static int tb_eeprom_out(struct tb_switch *sw, u8 val) ··· 110 110 return 0; 111 111 } 112 112 113 - /** 113 + /* 114 114 * tb_eeprom_in - read one byte from the bus 115 115 */ 116 116 static int tb_eeprom_in(struct tb_switch *sw, u8 *val) ··· 131 131 return 0; 132 132 } 133 133 134 - /** 134 + /* 135 135 * tb_eeprom_get_drom_offset - get drom offset within eeprom 136 136 */ 137 137 static int tb_eeprom_get_drom_offset(struct tb_switch *sw, u16 *offset) ··· 162 162 return 0; 163 163 } 164 164 165 - /** 165 + /* 166 166 * tb_eeprom_read_n - read count bytes from offset into val 167 167 */ 168 168 static int tb_eeprom_read_n(struct tb_switch *sw, u16 offset, u8 *val, ··· 279 279 280 280 281 281 /** 282 - * tb_drom_read_uid_only - read uid directly from drom 282 + * tb_drom_read_uid_only() - Read UID directly from DROM 283 + * @sw: Router whose UID to read 284 + * @uid: UID is placed here 283 285 * 284 286 * Does not use the cached copy in sw->drom. Used during resume to check switch 285 287 * identity. ··· 376 374 return 0; 377 375 } 378 376 379 - /** 377 + /* 380 378 * tb_drom_parse_entries - parse the linked list of drom entries 381 379 * 382 380 * Drom must have been copied to sw->drom. ··· 412 410 return 0; 413 411 } 414 412 415 - /** 413 + /* 416 414 * tb_drom_copy_efi - copy drom supplied by EFI to sw->drom if present 417 415 */ 418 416 static int tb_drom_copy_efi(struct tb_switch *sw, u16 *size) ··· 522 520 } 523 521 524 522 /** 525 - * tb_drom_read - copy drom to sw->drom and parse it 523 + * tb_drom_read() - Copy DROM to sw->drom and parse it 524 + * @sw: Router whose DROM to read and parse 525 + * 526 + * This function reads router DROM and if successful parses the entries and 527 + * populates the fields in @sw accordingly. Can be called for any router 528 + * generation. 529 + * 530 + * Returns %0 in case of success and negative errno otherwise. 526 531 */ 527 532 int tb_drom_read(struct tb_switch *sw) 528 533 {

+6 -4

drivers/thunderbolt/icm.c

··· 85 85 * @set_uuid: Set UUID for the root switch (optional) 86 86 * @device_connected: Handle device connected ICM message 87 87 * @device_disconnected: Handle device disconnected ICM message 88 - * @xdomain_connected - Handle XDomain connected ICM message 89 - * @xdomain_disconnected - Handle XDomain disconnected ICM message 88 + * @xdomain_connected: Handle XDomain connected ICM message 89 + * @xdomain_disconnected: Handle XDomain disconnected ICM message 90 90 * @rtd3_veto: Handle RTD3 veto notification ICM message 91 91 */ 92 92 struct icm { ··· 1701 1701 icm->device_disconnected(tb, n->pkg); 1702 1702 break; 1703 1703 case ICM_EVENT_XDOMAIN_CONNECTED: 1704 - icm->xdomain_connected(tb, n->pkg); 1704 + if (tb_is_xdomain_enabled()) 1705 + icm->xdomain_connected(tb, n->pkg); 1705 1706 break; 1706 1707 case ICM_EVENT_XDOMAIN_DISCONNECTED: 1707 - icm->xdomain_disconnected(tb, n->pkg); 1708 + if (tb_is_xdomain_enabled()) 1709 + icm->xdomain_disconnected(tb, n->pkg); 1708 1710 break; 1709 1711 case ICM_EVENT_RTD3_VETO: 1710 1712 icm->rtd3_veto(tb, n->pkg);

+35

drivers/thunderbolt/lc.c

··· 158 158 tb_lc_set_xdomain_configured(port, false); 159 159 } 160 160 161 + /** 162 + * tb_lc_start_lane_initialization() - Start lane initialization 163 + * @port: Device router lane 0 adapter 164 + * 165 + * Starts lane initialization for @port after the router resumed from 166 + * sleep. Should be called for those downstream lane adapters that were 167 + * not connected (tb_lc_configure_port() was not called) before sleep. 168 + * 169 + * Returns %0 in success and negative errno in case of failure. 170 + */ 171 + int tb_lc_start_lane_initialization(struct tb_port *port) 172 + { 173 + struct tb_switch *sw = port->sw; 174 + int ret, cap; 175 + u32 ctrl; 176 + 177 + if (!tb_route(sw)) 178 + return 0; 179 + 180 + if (sw->generation < 2) 181 + return 0; 182 + 183 + cap = find_port_lc_cap(port); 184 + if (cap < 0) 185 + return cap; 186 + 187 + ret = tb_sw_read(sw, &ctrl, TB_CFG_SWITCH, cap + TB_LC_SX_CTRL, 1); 188 + if (ret) 189 + return ret; 190 + 191 + ctrl |= TB_LC_SX_CTRL_SLI; 192 + 193 + return tb_sw_write(sw, &ctrl, TB_CFG_SWITCH, cap + TB_LC_SX_CTRL, 1); 194 + } 195 + 161 196 static int tb_lc_set_wake_one(struct tb_switch *sw, unsigned int offset, 162 197 unsigned int flags) 163 198 {

+31 -8

drivers/thunderbolt/nhi.c

··· 44 44 return bit; 45 45 } 46 46 47 - /** 47 + /* 48 48 * ring_interrupt_active() - activate/deactivate interrupts for a single ring 49 49 * 50 50 * ring->nhi->lock must be held. ··· 105 105 iowrite32(new, ring->nhi->iobase + reg); 106 106 } 107 107 108 - /** 108 + /* 109 109 * nhi_disable_interrupts() - disable interrupts for all rings 110 110 * 111 111 * Use only during init and shutdown. ··· 182 182 return ring->head == ring->tail; 183 183 } 184 184 185 - /** 185 + /* 186 186 * ring_write_descriptors() - post frames from ring->queue to the controller 187 187 * 188 188 * ring->lock is held. ··· 212 212 } 213 213 } 214 214 215 - /** 215 + /* 216 216 * ring_work() - progress completed frames 217 217 * 218 218 * If the ring is shutting down then all frames are marked as canceled and ··· 592 592 593 593 /** 594 594 * tb_ring_start() - enable a ring 595 + * @ring: Ring to start 595 596 * 596 597 * Must not be invoked in parallel with tb_ring_stop(). 597 598 */ ··· 668 667 669 668 /** 670 669 * tb_ring_stop() - shutdown a ring 670 + * @ring: Ring to stop 671 671 * 672 672 * Must not be invoked from a callback. 673 673 * ··· 756 754 dev_dbg(&ring->nhi->pdev->dev, "freeing %s %d\n", RING_TYPE(ring), 757 755 ring->hop); 758 756 759 - /** 757 + /* 760 758 * ring->work can no longer be scheduled (it is scheduled only 761 759 * by nhi_interrupt_work, ring_stop and ring_msix). Wait for it 762 760 * to finish before freeing the ring. ··· 1190 1188 } 1191 1189 } 1192 1190 1191 + static struct tb *nhi_select_cm(struct tb_nhi *nhi) 1192 + { 1193 + struct tb *tb; 1194 + 1195 + /* 1196 + * USB4 case is simple. If we got control of any of the 1197 + * capabilities, we use software CM. 1198 + */ 1199 + if (tb_acpi_is_native()) 1200 + return tb_probe(nhi); 1201 + 1202 + /* 1203 + * Either firmware based CM is running (we did not get control 1204 + * from the firmware) or this is pre-USB4 PC so try first 1205 + * firmware CM and then fallback to software CM. 1206 + */ 1207 + tb = icm_probe(nhi); 1208 + if (!tb) 1209 + tb = tb_probe(nhi); 1210 + 1211 + return tb; 1212 + } 1213 + 1193 1214 static int nhi_probe(struct pci_dev *pdev, const struct pci_device_id *id) 1194 1215 { 1195 1216 struct tb_nhi *nhi; ··· 1281 1256 tb_apple_add_links(nhi); 1282 1257 tb_acpi_add_links(nhi); 1283 1258 1284 - tb = icm_probe(nhi); 1285 - if (!tb) 1286 - tb = tb_probe(nhi); 1259 + tb = nhi_select_cm(nhi); 1287 1260 if (!tb) { 1288 1261 dev_err(&nhi->pdev->dev, 1289 1262 "failed to determine connection manager, aborting\n");

drivers/thunderbolt/path.c

··· 466 466 467 467 /** 468 468 * tb_path_activate() - activate a path 469 + * @path: Path to activate 469 470 * 470 471 * Activate a path starting with the last hop and iterating backwards. The 471 472 * caller must fill path->hops before calling tb_path_activate(). ··· 562 561 563 562 /** 564 563 * tb_path_is_invalid() - check whether any ports on the path are invalid 564 + * @path: Path to check 565 565 * 566 566 * Return: Returns true if the path is invalid, false otherwise. 567 567 */

+75 -7

drivers/thunderbolt/switch.c

··· 525 525 526 526 /** 527 527 * tb_wait_for_port() - wait for a port to become ready 528 + * @port: Port to wait 529 + * @wait_if_unplugged: Wait also when port is unplugged 528 530 * 529 531 * Wait up to 1 second for a port to reach state TB_PORT_UP. If 530 532 * wait_if_unplugged is set then we also wait if the port is in state ··· 591 589 592 590 /** 593 591 * tb_port_add_nfc_credits() - add/remove non flow controlled credits to port 592 + * @port: Port to add/remove NFC credits 593 + * @credits: Credits to add/remove 594 594 * 595 595 * Change the number of NFC credits allocated to @port by @credits. To remove 596 596 * NFC credits pass a negative amount of credits. ··· 650 646 651 647 /** 652 648 * tb_port_clear_counter() - clear a counter in TB_CFG_COUNTER 649 + * @port: Port whose counters to clear 650 + * @counter: Counter index to clear 653 651 * 654 652 * Return: Returns 0 on success or an error code on failure. 655 653 */ ··· 724 718 return __tb_port_enable(port, false); 725 719 } 726 720 727 - /** 721 + /* 728 722 * tb_init_port() - initialize a port 729 723 * 730 724 * This is a helper method for tb_switch_alloc. Does not check or initialize ··· 1071 1065 tb_port_set_link_width(port, 1); 1072 1066 } 1073 1067 1068 + static int tb_port_start_lane_initialization(struct tb_port *port) 1069 + { 1070 + int ret; 1071 + 1072 + if (tb_switch_is_usb4(port->sw)) 1073 + return 0; 1074 + 1075 + ret = tb_lc_start_lane_initialization(port); 1076 + return ret == -EINVAL ? 0 : ret; 1077 + } 1078 + 1074 1079 /** 1075 1080 * tb_port_is_enabled() - Is the adapter port enabled 1076 1081 * @port: Port to check ··· 1319 1302 } 1320 1303 1321 1304 /** 1322 - * reset_switch() - reconfigure route, enable and send TB_CFG_PKG_RESET 1305 + * tb_switch_reset() - reconfigure route, enable and send TB_CFG_PKG_RESET 1323 1306 * @sw: Switch to reset 1324 1307 * 1325 1308 * Return: Returns 0 on success or an error code on failure. ··· 1343 1326 return res.err; 1344 1327 } 1345 1328 1346 - /** 1329 + /* 1347 1330 * tb_plug_events_active() - enable/disable plug events on a switch 1348 1331 * 1349 1332 * Also configures a sane plug_events_delay of 255ms. ··· 1393 1376 return sprintf(buf, "%u\n", sw->authorized); 1394 1377 } 1395 1378 1379 + static int disapprove_switch(struct device *dev, void *not_used) 1380 + { 1381 + struct tb_switch *sw; 1382 + 1383 + sw = tb_to_switch(dev); 1384 + if (sw && sw->authorized) { 1385 + int ret; 1386 + 1387 + /* First children */ 1388 + ret = device_for_each_child_reverse(&sw->dev, NULL, disapprove_switch); 1389 + if (ret) 1390 + return ret; 1391 + 1392 + ret = tb_domain_disapprove_switch(sw->tb, sw); 1393 + if (ret) 1394 + return ret; 1395 + 1396 + sw->authorized = 0; 1397 + kobject_uevent(&sw->dev.kobj, KOBJ_CHANGE); 1398 + } 1399 + 1400 + return 0; 1401 + } 1402 + 1396 1403 static int tb_switch_set_authorized(struct tb_switch *sw, unsigned int val) 1397 1404 { 1398 1405 int ret = -EINVAL; ··· 1424 1383 if (!mutex_trylock(&sw->tb->lock)) 1425 1384 return restart_syscall(); 1426 1385 1427 - if (sw->authorized) 1386 + if (!!sw->authorized == !!val) 1428 1387 goto unlock; 1429 1388 1430 1389 switch (val) { 1390 + /* Disapprove switch */ 1391 + case 0: 1392 + if (tb_route(sw)) { 1393 + ret = disapprove_switch(&sw->dev, NULL); 1394 + goto unlock; 1395 + } 1396 + break; 1397 + 1431 1398 /* Approve switch */ 1432 1399 case 1: 1433 1400 if (sw->key) ··· 1774 1725 struct device *dev = kobj_to_dev(kobj); 1775 1726 struct tb_switch *sw = tb_to_switch(dev); 1776 1727 1777 - if (attr == &dev_attr_device.attr) { 1728 + if (attr == &dev_attr_authorized.attr) { 1729 + if (sw->tb->security_level == TB_SECURITY_NOPCIE || 1730 + sw->tb->security_level == TB_SECURITY_DPONLY) 1731 + return 0; 1732 + } else if (attr == &dev_attr_device.attr) { 1778 1733 if (!sw->device) 1779 1734 return 0; 1780 1735 } else if (attr == &dev_attr_device_name.attr) { ··· 1824 1771 return sw->safe_mode ? 0 : attr->mode; 1825 1772 } 1826 1773 1827 - static struct attribute_group switch_group = { 1774 + static const struct attribute_group switch_group = { 1828 1775 .is_visible = switch_attr_is_visible, 1829 1776 .attrs = switch_attrs, 1830 1777 }; ··· 2659 2606 2660 2607 /** 2661 2608 * tb_sw_set_unplugged() - set is_unplugged on switch and downstream switches 2609 + * @sw: Router to mark unplugged 2662 2610 */ 2663 2611 void tb_sw_set_unplugged(struct tb_switch *sw) 2664 2612 { ··· 2748 2694 2749 2695 /* check for surviving downstream switches */ 2750 2696 tb_switch_for_each_port(sw, port) { 2751 - if (!tb_port_has_remote(port) && !port->xdomain) 2697 + if (!tb_port_has_remote(port) && !port->xdomain) { 2698 + /* 2699 + * For disconnected downstream lane adapters 2700 + * start lane initialization now so we detect 2701 + * future connects. 2702 + */ 2703 + if (!tb_is_upstream_port(port) && tb_port_is_null(port)) 2704 + tb_port_start_lane_initialization(port); 2752 2705 continue; 2706 + } else if (port->xdomain) { 2707 + /* 2708 + * Start lane initialization for XDomain so the 2709 + * link gets re-established. 2710 + */ 2711 + tb_port_start_lane_initialization(port); 2712 + } 2753 2713 2754 2714 if (tb_wait_for_port(port, true) <= 0) { 2755 2715 tb_port_warn(port,

+47 -7

drivers/thunderbolt/tb.c

··· 179 179 struct tb_xdomain *xd; 180 180 u64 route; 181 181 182 + if (!tb_is_xdomain_enabled()) 183 + return; 184 + 182 185 route = tb_downstream_route(port); 183 186 xd = tb_xdomain_find_by_route(tb, route); 184 187 if (xd) { ··· 437 434 struct tb_cm *tcm = tb_priv(tb); 438 435 struct tb_tunnel *tunnel; 439 436 437 + if (!tb_acpi_may_tunnel_usb3()) { 438 + tb_dbg(tb, "USB3 tunneling disabled, not creating tunnel\n"); 439 + return 0; 440 + } 441 + 440 442 up = tb_switch_find_port(sw, TB_TYPE_USB3_UP); 441 443 if (!up) 442 444 return 0; ··· 517 509 struct tb_port *port; 518 510 int ret; 519 511 512 + if (!tb_acpi_may_tunnel_usb3()) 513 + return 0; 514 + 520 515 if (tb_route(sw)) { 521 516 ret = tb_tunnel_usb3(sw->tb, sw); 522 517 if (ret) ··· 539 528 540 529 static void tb_scan_port(struct tb_port *port); 541 530 542 - /** 531 + /* 543 532 * tb_scan_switch() - scan for and initialize downstream switches 544 533 */ 545 534 static void tb_scan_switch(struct tb_switch *sw) ··· 555 544 pm_runtime_put_autosuspend(&sw->dev); 556 545 } 557 546 558 - /** 547 + /* 559 548 * tb_scan_port() - check for and initialize switches below port 560 549 */ 561 550 static void tb_scan_port(struct tb_port *port) ··· 715 704 tb_tunnel_free(tunnel); 716 705 } 717 706 718 - /** 707 + /* 719 708 * tb_free_invalid_tunnels() - destroy tunnels of devices that have gone away 720 709 */ 721 710 static void tb_free_invalid_tunnels(struct tb *tb) ··· 730 719 } 731 720 } 732 721 733 - /** 722 + /* 734 723 * tb_free_unplugged_children() - traverse hierarchy and free unplugged switches 735 724 */ 736 725 static void tb_free_unplugged_children(struct tb_switch *sw) ··· 848 837 struct tb_cm *tcm = tb_priv(tb); 849 838 struct tb_port *port, *in, *out; 850 839 struct tb_tunnel *tunnel; 840 + 841 + if (!tb_acpi_may_tunnel_dp()) { 842 + tb_dbg(tb, "DP tunneling disabled, not creating tunnel\n"); 843 + return; 844 + } 851 845 852 846 /* 853 847 * Find pair of inactive DP IN and DP OUT adapters and then ··· 1018 1002 } 1019 1003 } 1020 1004 1005 + static int tb_disconnect_pci(struct tb *tb, struct tb_switch *sw) 1006 + { 1007 + struct tb_tunnel *tunnel; 1008 + struct tb_port *up; 1009 + 1010 + up = tb_switch_find_port(sw, TB_TYPE_PCIE_UP); 1011 + if (WARN_ON(!up)) 1012 + return -ENODEV; 1013 + 1014 + tunnel = tb_find_tunnel(tb, TB_TUNNEL_PCI, NULL, up); 1015 + if (WARN_ON(!tunnel)) 1016 + return -ENODEV; 1017 + 1018 + tb_tunnel_deactivate(tunnel); 1019 + list_del(&tunnel->list); 1020 + tb_tunnel_free(tunnel); 1021 + return 0; 1022 + } 1023 + 1021 1024 static int tb_tunnel_pci(struct tb *tb, struct tb_switch *sw) 1022 1025 { 1023 1026 struct tb_port *up, *down, *port; ··· 1136 1101 1137 1102 /* hotplug handling */ 1138 1103 1139 - /** 1104 + /* 1140 1105 * tb_handle_hotplug() - handle hotplug event 1141 1106 * 1142 1107 * Executes on tb->wq. ··· 1245 1210 kfree(ev); 1246 1211 } 1247 1212 1248 - /** 1213 + /* 1249 1214 * tb_schedule_hotplug_handler() - callback function for the control channel 1250 1215 * 1251 1216 * Delegates to tb_handle_hotplug. ··· 1547 1512 .runtime_suspend = tb_runtime_suspend, 1548 1513 .runtime_resume = tb_runtime_resume, 1549 1514 .handle_event = tb_handle_event, 1515 + .disapprove_switch = tb_disconnect_pci, 1550 1516 .approve_switch = tb_tunnel_pci, 1551 1517 .approve_xdomain_paths = tb_approve_xdomain_paths, 1552 1518 .disconnect_xdomain_paths = tb_disconnect_xdomain_paths, ··· 1562 1526 if (!tb) 1563 1527 return NULL; 1564 1528 1565 - tb->security_level = TB_SECURITY_USER; 1529 + if (tb_acpi_may_tunnel_pcie()) 1530 + tb->security_level = TB_SECURITY_USER; 1531 + else 1532 + tb->security_level = TB_SECURITY_NOPCIE; 1533 + 1566 1534 tb->cm_ops = &tb_cm_ops; 1567 1535 1568 1536 tcm = tb_priv(tb);

+22

drivers/thunderbolt/tb.h

··· 138 138 * 139 139 * When the switch is being added or removed to the domain (other 140 140 * switches) you need to have domain lock held. 141 + * 142 + * In USB4 terminology this structure represents a router. 141 143 */ 142 144 struct tb_switch { 143 145 struct device dev; ··· 198 196 * @in_hopids: Currently allocated input HopIDs 199 197 * @out_hopids: Currently allocated output HopIDs 200 198 * @list: Used to link ports to DP resources list 199 + * 200 + * In USB4 terminology this structure represents an adapter (protocol or 201 + * lane adapter). 201 202 */ 202 203 struct tb_port { 203 204 struct tb_regs_port_header config; ··· 366 361 * @handle_event: Handle thunderbolt event 367 362 * @get_boot_acl: Get boot ACL list 368 363 * @set_boot_acl: Set boot ACL list 364 + * @disapprove_switch: Disapprove switch (disconnect PCIe tunnel) 369 365 * @approve_switch: Approve switch 370 366 * @add_switch_key: Add key to switch 371 367 * @challenge_switch_key: Challenge switch using key ··· 400 394 const void *buf, size_t size); 401 395 int (*get_boot_acl)(struct tb *tb, uuid_t *uuids, size_t nuuids); 402 396 int (*set_boot_acl)(struct tb *tb, const uuid_t *uuids, size_t nuuids); 397 + int (*disapprove_switch)(struct tb *tb, struct tb_switch *sw); 403 398 int (*approve_switch)(struct tb *tb, struct tb_switch *sw); 404 399 int (*add_switch_key)(struct tb *tb, struct tb_switch *sw); 405 400 int (*challenge_switch_key)(struct tb *tb, struct tb_switch *sw, ··· 636 629 void tb_domain_complete(struct tb *tb); 637 630 int tb_domain_runtime_suspend(struct tb *tb); 638 631 int tb_domain_runtime_resume(struct tb *tb); 632 + int tb_domain_disapprove_switch(struct tb *tb, struct tb_switch *sw); 639 633 int tb_domain_approve_switch(struct tb *tb, struct tb_switch *sw); 640 634 int tb_domain_approve_switch_key(struct tb *tb, struct tb_switch *sw); 641 635 int tb_domain_challenge_switch_key(struct tb *tb, struct tb_switch *sw); ··· 931 923 void tb_lc_unconfigure_port(struct tb_port *port); 932 924 int tb_lc_configure_xdomain(struct tb_port *port); 933 925 void tb_lc_unconfigure_xdomain(struct tb_port *port); 926 + int tb_lc_start_lane_initialization(struct tb_port *port); 934 927 int tb_lc_set_wake(struct tb_switch *sw, unsigned int flags); 935 928 int tb_lc_set_sleep(struct tb_switch *sw); 936 929 bool tb_lc_lane_bonding_possible(struct tb_switch *sw); ··· 958 949 | ((u64) port->port << (port->sw->config.depth * 8)); 959 950 } 960 951 952 + bool tb_is_xdomain_enabled(void); 961 953 bool tb_xdomain_handle_request(struct tb *tb, enum tb_cfg_pkg_type type, 962 954 const void *buf, size_t size); 963 955 struct tb_xdomain *tb_xdomain_alloc(struct tb *tb, struct device *parent, ··· 1044 1034 1045 1035 #ifdef CONFIG_ACPI 1046 1036 void tb_acpi_add_links(struct tb_nhi *nhi); 1037 + 1038 + bool tb_acpi_is_native(void); 1039 + bool tb_acpi_may_tunnel_usb3(void); 1040 + bool tb_acpi_may_tunnel_dp(void); 1041 + bool tb_acpi_may_tunnel_pcie(void); 1042 + bool tb_acpi_is_xdomain_allowed(void); 1047 1043 #else 1048 1044 static inline void tb_acpi_add_links(struct tb_nhi *nhi) { } 1045 + 1046 + static inline bool tb_acpi_is_native(void) { return true; } 1047 + static inline bool tb_acpi_may_tunnel_usb3(void) { return true; } 1048 + static inline bool tb_acpi_may_tunnel_dp(void) { return true; } 1049 + static inline bool tb_acpi_may_tunnel_pcie(void) { return true; } 1050 + static inline bool tb_acpi_is_xdomain_allowed(void) { return true; } 1049 1051 #endif 1050 1052 1051 1053 #ifdef CONFIG_DEBUG_FS

drivers/thunderbolt/tb_regs.h

··· 464 464 #define TB_LC_SX_CTRL_L1D BIT(17) 465 465 #define TB_LC_SX_CTRL_L2C BIT(20) 466 466 #define TB_LC_SX_CTRL_L2D BIT(21) 467 + #define TB_LC_SX_CTRL_SLI BIT(29) 467 468 #define TB_LC_SX_CTRL_UPSTREAM BIT(30) 468 469 #define TB_LC_SX_CTRL_SLP BIT(31) 469 470

+7 -5

drivers/thunderbolt/tunnel.c

··· 830 830 * @transmit_path: HopID used for transmitting packets 831 831 * @receive_ring: NHI ring number used to receive packets from the 832 832 * other domain. Set to %0 if RX path is not needed. 833 - * @reveive_path: HopID used for receiving packets 833 + * @receive_path: HopID used for receiving packets 834 834 * 835 835 * Return: Returns a tb_tunnel on success or NULL on failure. 836 836 */ ··· 932 932 static int tb_usb3_consumed_bandwidth(struct tb_tunnel *tunnel, 933 933 int *consumed_up, int *consumed_down) 934 934 { 935 + int pcie_enabled = tb_acpi_may_tunnel_pcie(); 936 + 935 937 /* 936 - * PCIe tunneling affects the USB3 bandwidth so take that it 937 - * into account here. 938 + * PCIe tunneling, if enabled, affects the USB3 bandwidth so 939 + * take that it into account here. 938 940 */ 939 - *consumed_up = tunnel->allocated_up * (3 + 1) / 3; 940 - *consumed_down = tunnel->allocated_down * (3 + 1) / 3; 941 + *consumed_up = tunnel->allocated_up * (3 + pcie_enabled) / 3; 942 + *consumed_down = tunnel->allocated_down * (3 + pcie_enabled) / 3; 941 943 return 0; 942 944 } 943 945

+8 -3

drivers/thunderbolt/usb4.c

··· 331 331 if (ret) 332 332 return ret; 333 333 334 - if (sw->link_usb4 && tb_switch_find_port(parent, TB_TYPE_USB3_DOWN)) { 334 + if (tb_acpi_may_tunnel_usb3() && sw->link_usb4 && 335 + tb_switch_find_port(parent, TB_TYPE_USB3_DOWN)) { 335 336 val |= ROUTER_CS_5_UTO; 336 337 xhci = false; 337 338 } 338 339 339 - /* Only enable PCIe tunneling if the parent router supports it */ 340 - if (tb_switch_find_port(parent, TB_TYPE_PCIE_DOWN)) { 340 + /* 341 + * Only enable PCIe tunneling if the parent router supports it 342 + * and it is not disabled. 343 + */ 344 + if (tb_acpi_may_tunnel_pcie() && 345 + tb_switch_find_port(parent, TB_TYPE_PCIE_DOWN)) { 341 346 val |= ROUTER_CS_5_PTO; 342 347 /* 343 348 * xHCI can be enabled if PCIe tunneling is supported

+12 -3

drivers/thunderbolt/xdomain.c

··· 30 30 struct tb *tb; 31 31 }; 32 32 33 + static bool tb_xdomain_enabled = true; 34 + module_param_named(xdomain, tb_xdomain_enabled, bool, 0444); 35 + MODULE_PARM_DESC(xdomain, "allow XDomain protocol (default: true)"); 36 + 33 37 /* Serializes access to the properties and protocol handlers below */ 34 38 static DEFINE_MUTEX(xdomain_lock); 35 39 ··· 50 46 static const uuid_t tb_xdp_uuid = 51 47 UUID_INIT(0xb638d70e, 0x42ff, 0x40bb, 52 48 0x97, 0xc2, 0x90, 0xe2, 0xc0, 0xb2, 0xff, 0x07); 49 + 50 + bool tb_is_xdomain_enabled(void) 51 + { 52 + return tb_xdomain_enabled && tb_acpi_is_xdomain_allowed(); 53 + } 53 54 54 55 static bool tb_xdomain_match(const struct tb_cfg_request *req, 55 56 const struct ctl_pkg *pkg) ··· 679 670 680 671 /** 681 672 * tb_unregister_service_driver() - Unregister XDomain service driver 682 - * @xdrv: Driver to unregister 673 + * @drv: Driver to unregister 683 674 * 684 675 * Unregisters XDomain service driver from the bus. 685 676 */ ··· 765 756 NULL, 766 757 }; 767 758 768 - static struct attribute_group tb_service_attr_group = { 759 + static const struct attribute_group tb_service_attr_group = { 769 760 .attrs = tb_service_attrs, 770 761 }; 771 762 ··· 1248 1239 NULL, 1249 1240 }; 1250 1241 1251 - static struct attribute_group xdomain_attr_group = { 1242 + static const struct attribute_group xdomain_attr_group = { 1252 1243 .attrs = xdomain_attrs, 1253 1244 }; 1254 1245

+10

include/linux/acpi.h

··· 546 546 #define OSC_SB_OSLPI_SUPPORT 0x00000100 547 547 #define OSC_SB_CPC_DIVERSE_HIGH_SUPPORT 0x00001000 548 548 #define OSC_SB_GENERIC_INITIATOR_SUPPORT 0x00002000 549 + #define OSC_SB_NATIVE_USB4_SUPPORT 0x00040000 549 550 550 551 extern bool osc_sb_apei_support_acked; 551 552 extern bool osc_pc_lpi_support_confirmed; 553 + extern bool osc_sb_native_usb4_support_confirmed; 554 + 555 + /* USB4 Capabilities */ 556 + #define OSC_USB_USB3_TUNNELING 0x00000001 557 + #define OSC_USB_DP_TUNNELING 0x00000002 558 + #define OSC_USB_PCIE_TUNNELING 0x00000004 559 + #define OSC_USB_XDOMAIN 0x00000008 560 + 561 + extern u32 osc_sb_native_usb4_control; 552 562 553 563 /* PCI Host Bridge _OSC: Capabilities DWORD 2: Support Field */ 554 564 #define OSC_PCI_EXT_CONFIG_SUPPORT 0x00000001

include/linux/thunderbolt.h

··· 45 45 * @TB_SECURITY_USBONLY: Only tunnel USB controller of the connected 46 46 * Thunderbolt dock (and Display Port). All PCIe 47 47 * links downstream of the dock are removed. 48 + * @TB_SECURITY_NOPCIE: For USB4 systems this level is used when the 49 + * PCIe tunneling is disabled from the BIOS. 48 50 */ 49 51 enum tb_security_level { 50 52 TB_SECURITY_NONE, ··· 54 52 TB_SECURITY_SECURE, 55 53 TB_SECURITY_DPONLY, 56 54 TB_SECURITY_USBONLY, 55 + TB_SECURITY_NOPCIE, 57 56 }; 58 57 59 58 /**