thunderbolt: Add 'boot' attribute for devices

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

In various cases, Thunderbolt device can be connected by ICM on boot
without waiting for approval from user. Most cases are related to
OEM-specific BIOS configurations. This information is interesting for
user-space as if the device isn't in SW ACL, it may create a friction in
the user experience where the device is automatically authorized if it's
connected on boot but requires an explicit user action if connected
after OS is up. User-space can use this information to suggest adding
the device to SW ACL for auto-authorization on later connections.

Signed-off-by: Yehezkel Bernat <yehezkel.bernat@intel.com>
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com>

authored by

Yehezkel Bernat and committed by

Mika Westerberg 8 years ago 14862ee3 3080e197

+32 -4

5 changed files

expand all

Documentation

ABI

testing

sysfs-bus-thunderbolt

drivers

thunderbolt

icm.c

switch.c

tb.h

tb_msgs.h

Documentation/ABI/testing/sysfs-bus-thunderbolt

··· 38 38 the device did not contain a key at all, and 39 39 EKEYREJECTED if the challenge response did not match. 40 40 41 + What: /sys/bus/thunderbolt/devices/.../boot 42 + Date: Jun 2018 43 + KernelVersion: 4.17 44 + Contact: thunderbolt-software@lists.01.org 45 + Description: This attribute contains 1 if Thunderbolt device was already 46 + authorized on boot and 0 otherwise. 47 + 41 48 What: /sys/bus/thunderbolt/devices/.../key 42 49 Date: Sep 2017 43 50 KernelVersion: 4.13

+8 -4

drivers/thunderbolt/icm.c

··· 402 402 static void add_switch(struct tb_switch *parent_sw, u64 route, 403 403 const uuid_t *uuid, u8 connection_id, u8 connection_key, 404 404 u8 link, u8 depth, enum tb_security_level security_level, 405 - bool authorized) 405 + bool authorized, bool boot) 406 406 { 407 407 struct tb_switch *sw; 408 408 ··· 417 417 sw->depth = depth; 418 418 sw->authorized = authorized; 419 419 sw->security_level = security_level; 420 + sw->boot = boot; 420 421 421 422 /* Link the two switches now */ 422 423 tb_port_at(route, parent_sw)->remote = tb_upstream_port(sw); ··· 432 431 433 432 static void update_switch(struct tb_switch *parent_sw, struct tb_switch *sw, 434 433 u64 route, u8 connection_id, u8 connection_key, 435 - u8 link, u8 depth) 434 + u8 link, u8 depth, bool boot) 436 435 { 437 436 /* Disconnect from parent */ 438 437 tb_port_at(tb_route(sw), parent_sw)->remote = NULL; ··· 446 445 sw->connection_key = connection_key; 447 446 sw->link = link; 448 447 sw->depth = depth; 448 + sw->boot = boot; 449 449 450 450 /* This switch still exists */ 451 451 sw->is_unplugged = false; ··· 506 504 bool authorized = false; 507 505 struct tb_xdomain *xd; 508 506 u8 link, depth; 507 + bool boot; 509 508 u64 route; 510 509 int ret; 511 510 ··· 516 513 authorized = pkg->link_info & ICM_LINK_INFO_APPROVED; 517 514 security_level = (pkg->hdr.flags & ICM_FLAGS_SLEVEL_MASK) >> 518 515 ICM_FLAGS_SLEVEL_SHIFT; 516 + boot = pkg->link_info & ICM_LINK_INFO_BOOT; 519 517 520 518 if (pkg->link_info & ICM_LINK_INFO_REJECTED) { 521 519 tb_info(tb, "switch at %u.%u was rejected by ICM firmware because topology limit exceeded\n", ··· 550 546 if (sw->depth == depth && sw_phy_port == phy_port && 551 547 !!sw->authorized == authorized) { 552 548 update_switch(parent_sw, sw, route, pkg->connection_id, 553 - pkg->connection_key, link, depth); 549 + pkg->connection_key, link, depth, boot); 554 550 tb_switch_put(sw); 555 551 return; 556 552 } ··· 599 595 600 596 add_switch(parent_sw, route, &pkg->ep_uuid, pkg->connection_id, 601 597 pkg->connection_key, link, depth, security_level, 602 - authorized); 598 + authorized, boot); 603 599 604 600 tb_switch_put(parent_sw); 605 601 }

+14

drivers/thunderbolt/switch.c

··· 775 775 } 776 776 static DEVICE_ATTR_RW(authorized); 777 777 778 + static ssize_t boot_show(struct device *dev, struct device_attribute *attr, 779 + char *buf) 780 + { 781 + struct tb_switch *sw = tb_to_switch(dev); 782 + 783 + return sprintf(buf, "%u\n", sw->boot); 784 + } 785 + static DEVICE_ATTR_RO(boot); 786 + 778 787 static ssize_t device_show(struct device *dev, struct device_attribute *attr, 779 788 char *buf) 780 789 { ··· 960 951 961 952 static struct attribute *switch_attrs[] = { 962 953 &dev_attr_authorized.attr, 954 + &dev_attr_boot.attr, 963 955 &dev_attr_device.attr, 964 956 &dev_attr_device_name.attr, 965 957 &dev_attr_key.attr, ··· 987 977 } else if (attr == &dev_attr_nvm_authenticate.attr || 988 978 attr == &dev_attr_nvm_version.attr) { 989 979 if (sw->dma_port) 980 + return attr->mode; 981 + return 0; 982 + } else if (attr == &dev_attr_boot.attr) { 983 + if (tb_route(sw)) 990 984 return attr->mode; 991 985 return 0; 992 986 }

drivers/thunderbolt/tb.h

··· 66 66 * @nvm: Pointer to the NVM if the switch has one (%NULL otherwise) 67 67 * @no_nvm_upgrade: Prevent NVM upgrade of this switch 68 68 * @safe_mode: The switch is in safe-mode 69 + * @boot: Whether the switch was already authorized on boot or not 69 70 * @authorized: Whether the switch is authorized by user or policy 70 71 * @work: Work used to automatically authorize a switch 71 72 * @security_level: Switch supported security level ··· 100 99 struct tb_switch_nvm *nvm; 101 100 bool no_nvm_upgrade; 102 101 bool safe_mode; 102 + bool boot; 103 103 unsigned int authorized; 104 104 struct work_struct work; 105 105 enum tb_security_level security_level;

drivers/thunderbolt/tb_msgs.h

··· 179 179 #define ICM_LINK_INFO_DEPTH_MASK GENMASK(7, 4) 180 180 #define ICM_LINK_INFO_APPROVED BIT(8) 181 181 #define ICM_LINK_INFO_REJECTED BIT(9) 182 + #define ICM_LINK_INFO_BOOT BIT(10) 182 183 183 184 struct icm_fr_pkg_approve_device { 184 185 struct icm_pkg_header hdr;