thunderbolt: Export IOMMU based DMA protection support to userspace (dcc3c9e3) · Commits · 戴 / test

Documentation/ABI/testing/sysfs-bus-thunderbolt

+9 −0

Original line number	Diff line number	Diff line
		@@ -21,6 +21,15 @@ Description: Holds a comma separated list of device unique_ids that
		If a device is authorized automatically during boot its
		boot attribute is set to 1.

		What: /sys/bus/thunderbolt/devices/.../domainX/iommu_dma_protection
		Date: Mar 2019
		KernelVersion: 4.21
		Contact: thunderbolt-software@lists.01.org
		Description: This attribute tells whether the system uses IOMMU
		for DMA protection. Value of 1 means IOMMU is used 0 means
		it is not (DMA protection is solely based on Thunderbolt
		security levels).

		What: /sys/bus/thunderbolt/devices/.../domainX/security
		Date: Sep 2017
		KernelVersion: 4.13

+20 −0

Original line number	Diff line number	Diff line
		@@ -133,6 +133,26 @@ If the user still wants to connect the device they can either approve
		the device without a key or write a new key and write 1 to the
		``authorized`` file to get the new key stored on the device NVM.

		DMA protection utilizing IOMMU
		------------------------------
		Recent systems from 2018 and forward with Thunderbolt ports may natively
		support IOMMU. This means that Thunderbolt security is handled by an IOMMU
		so connected devices cannot access memory regions outside of what is
		allocated for them by drivers. When Linux is running on such system it
		automatically enables IOMMU if not enabled by the user already. These
		systems can be identified by reading ``1`` from
		``/sys/bus/thunderbolt/devices/domainX/iommu_dma_protection`` attribute.

		The driver does not do anything special in this case but because DMA
		protection is handled by the IOMMU, security levels (if set) are
		redundant. For this reason some systems ship with security level set to
		``none``. Other systems have security level set to ``user`` in order to
		support downgrade to older OS, so users who want to automatically
		authorize devices when IOMMU DMA protection is enabled can use the
		following ``udev`` rule::

		ACTION=="add", SUBSYSTEM=="thunderbolt", ATTRS{iommu_dma_protection}=="1", ATTR{authorized}=="0", ATTR{authorized}="1"

		Upgrading NVM on Thunderbolt device or host
		-------------------------------------------
		Since most of the functionality is handled in firmware running on a

+17 −0

Original line number	Diff line number	Diff line
		@@ -7,7 +7,9 @@
		*/

		#include <linux/device.h>
		#include <linux/dmar.h>
		#include <linux/idr.h>
		#include <linux/iommu.h>
		#include <linux/module.h>
		#include <linux/pm_runtime.h>
		#include <linux/slab.h>
		@@ -236,6 +238,20 @@ err_free_str:
		}
		static DEVICE_ATTR_RW(boot_acl);

		static ssize_t iommu_dma_protection_show(struct device *dev,
		struct device_attribute *attr,
		char *buf)
		{
		/*
		* Kernel DMA protection is a feature where Thunderbolt security is
		* handled natively using IOMMU. It is enabled when IOMMU is
		* enabled and ACPI DMAR table has DMAR_PLATFORM_OPT_IN set.
		*/
		return sprintf(buf, "%d\n",
		iommu_present(&pci_bus_type) && dmar_platform_optin());
		}
		static DEVICE_ATTR_RO(iommu_dma_protection);

		static ssize_t security_show(struct device dev, struct device_attribute attr,
		char *buf)
		{
		@@ -251,6 +267,7 @@ static DEVICE_ATTR_RO(security);

		static struct attribute *domain_attrs[] = {
		&dev_attr_boot_acl.attr,
		&dev_attr_iommu_dma_protection.attr,
		&dev_attr_security.attr,
		NULL,
		};