Documentation/ABI/testing/sysfs-bus-thunderbolt - arm/linux - Git at Google

 What: /sys/bus/thunderbolt/devices/.../domainX/security
 Date:		Sep 2017
 KernelVersion:	4.13
 Contact:	thunderbolt-software@lists.01.org
 Description:	This attribute holds current Thunderbolt security level
 		set by the system BIOS. Possible values are:

 		none: All devices are automatically authorized
 		user: Devices are only authorized based on writing
 		      appropriate value to the authorized attribute
 		secure: Require devices that support secure connect at
 			minimum. User needs to authorize each device.
 		dponly: Automatically tunnel Display port (and USB). No
 			PCIe tunnels are created.

 What: /sys/bus/thunderbolt/devices/.../authorized
 Date:		Sep 2017
 KernelVersion:	4.13
 Contact:	thunderbolt-software@lists.01.org
 Description:	This attribute is used to authorize Thunderbolt devices
 		after they have been connected. If the device is not
 		authorized, no devices such as PCIe and Display port are
 		available to the system.

 		Contents of this attribute will be 0 when the device is not
 		yet authorized.

 		Possible values are supported:
 		1: The device will be authorized and connected

 		When key attribute contains 32 byte hex string the possible
 		values are:
 		1: The 32 byte hex string is added to the device NVM and
 		   the device is authorized.
 		2: Send a challenge based on the 32 byte hex string. If the
 		   challenge response from device is valid, the device is
 		   authorized. In case of failure errno will be ENOKEY if
 		   the device did not contain a key at all, and
 		   EKEYREJECTED if the challenge response did not match.

 What: /sys/bus/thunderbolt/devices/.../key
 Date:		Sep 2017
 KernelVersion:	4.13
 Contact:	thunderbolt-software@lists.01.org
 Description:	When a devices supports Thunderbolt secure connect it will
 		have this attribute. Writing 32 byte hex string changes
 		authorization to use the secure connection method instead.
 		Writing an empty string clears the key and regular connection
 		method can be used again.

 What:		/sys/bus/thunderbolt/devices/.../device
 Date:		Sep 2017
 KernelVersion:	4.13
 Contact:	thunderbolt-software@lists.01.org
 Description:	This attribute contains id of this device extracted from
 		the device DROM.

 What:		/sys/bus/thunderbolt/devices/.../device_name
 Date:		Sep 2017
 KernelVersion:	4.13
 Contact:	thunderbolt-software@lists.01.org
 Description:	This attribute contains name of this device extracted from
 		the device DROM.

 What:		/sys/bus/thunderbolt/devices/.../vendor
 Date:		Sep 2017
 KernelVersion:	4.13
 Contact:	thunderbolt-software@lists.01.org
 Description:	This attribute contains vendor id of this device extracted
 		from the device DROM.

 What:		/sys/bus/thunderbolt/devices/.../vendor_name
 Date:		Sep 2017
 KernelVersion:	4.13
 Contact:	thunderbolt-software@lists.01.org
 Description:	This attribute contains vendor name of this device extracted
 		from the device DROM.

 What:		/sys/bus/thunderbolt/devices/.../unique_id
 Date:		Sep 2017
 KernelVersion:	4.13
 Contact:	thunderbolt-software@lists.01.org
 Description:	This attribute contains unique_id string of this device.
 		This is either read from hardware registers (UUID on
 		newer hardware) or based on UID from the device DROM.
 		Can be used to uniquely identify particular device.

 What:		/sys/bus/thunderbolt/devices/.../nvm_version
 Date:		Sep 2017
 KernelVersion:	4.13
 Contact:	thunderbolt-software@lists.01.org
 Description:	If the device has upgradeable firmware the version
 		number is available here. Format: %x.%x, major.minor.
 		If the device is in safe mode reading the file returns
 		-ENODATA instead as the NVM version is not available.

 What:		/sys/bus/thunderbolt/devices/.../nvm_authenticate
 Date:		Sep 2017
 KernelVersion:	4.13
 Contact:	thunderbolt-software@lists.01.org
 Description:	When new NVM image is written to the non-active NVM
 		area (through non_activeX NVMem device), the
 		authentication procedure is started by writing 1 to
 		this file. If everything goes well, the device is
 		restarted with the new NVM firmware. If the image
 		verification fails an error code is returned instead.

 		When read holds status of the last authentication
 		operation if an error occurred during the process. This
 		is directly the status value from the DMA configuration
 		based mailbox before the device is power cycled. Writing
 		0 here clears the status.
	What: /sys/bus/thunderbolt/devices/.../domainX/security
	Date: Sep 2017
	KernelVersion: 4.13
	Contact: thunderbolt-software@lists.01.org
	Description: This attribute holds current Thunderbolt security level
	set by the system BIOS. Possible values are:

	none: All devices are automatically authorized
	user: Devices are only authorized based on writing
	appropriate value to the authorized attribute
	secure: Require devices that support secure connect at
	minimum. User needs to authorize each device.
	dponly: Automatically tunnel Display port (and USB). No
	PCIe tunnels are created.

	What: /sys/bus/thunderbolt/devices/.../authorized
	Date: Sep 2017
	KernelVersion: 4.13
	Contact: thunderbolt-software@lists.01.org
	Description: This attribute is used to authorize Thunderbolt devices
	after they have been connected. If the device is not
	authorized, no devices such as PCIe and Display port are
	available to the system.

	Contents of this attribute will be 0 when the device is not
	yet authorized.

	Possible values are supported:
	1: The device will be authorized and connected

	When key attribute contains 32 byte hex string the possible
	values are:
	1: The 32 byte hex string is added to the device NVM and
	the device is authorized.
	2: Send a challenge based on the 32 byte hex string. If the
	challenge response from device is valid, the device is
	authorized. In case of failure errno will be ENOKEY if
	the device did not contain a key at all, and
	EKEYREJECTED if the challenge response did not match.

	What: /sys/bus/thunderbolt/devices/.../key
	Date: Sep 2017
	KernelVersion: 4.13
	Contact: thunderbolt-software@lists.01.org
	Description: When a devices supports Thunderbolt secure connect it will
	have this attribute. Writing 32 byte hex string changes
	authorization to use the secure connection method instead.
	Writing an empty string clears the key and regular connection
	method can be used again.

	What: /sys/bus/thunderbolt/devices/.../device
	Date: Sep 2017
	KernelVersion: 4.13
	Contact: thunderbolt-software@lists.01.org
	Description: This attribute contains id of this device extracted from
	the device DROM.

	What: /sys/bus/thunderbolt/devices/.../device_name
	Date: Sep 2017
	KernelVersion: 4.13
	Contact: thunderbolt-software@lists.01.org
	Description: This attribute contains name of this device extracted from
	the device DROM.

	What: /sys/bus/thunderbolt/devices/.../vendor
	Date: Sep 2017
	KernelVersion: 4.13
	Contact: thunderbolt-software@lists.01.org
	Description: This attribute contains vendor id of this device extracted
	from the device DROM.

	What: /sys/bus/thunderbolt/devices/.../vendor_name
	Date: Sep 2017
	KernelVersion: 4.13
	Contact: thunderbolt-software@lists.01.org
	Description: This attribute contains vendor name of this device extracted
	from the device DROM.

	What: /sys/bus/thunderbolt/devices/.../unique_id
	Date: Sep 2017
	KernelVersion: 4.13
	Contact: thunderbolt-software@lists.01.org
	Description: This attribute contains unique_id string of this device.
	This is either read from hardware registers (UUID on
	newer hardware) or based on UID from the device DROM.
	Can be used to uniquely identify particular device.

	What: /sys/bus/thunderbolt/devices/.../nvm_version
	Date: Sep 2017
	KernelVersion: 4.13
	Contact: thunderbolt-software@lists.01.org
	Description: If the device has upgradeable firmware the version
	number is available here. Format: %x.%x, major.minor.
	If the device is in safe mode reading the file returns
	-ENODATA instead as the NVM version is not available.

	What: /sys/bus/thunderbolt/devices/.../nvm_authenticate
	Date: Sep 2017
	KernelVersion: 4.13
	Contact: thunderbolt-software@lists.01.org
	Description: When new NVM image is written to the non-active NVM
	area (through non_activeX NVMem device), the
	authentication procedure is started by writing 1 to
	this file. If everything goes well, the device is
	restarted with the new NVM firmware. If the image
	verification fails an error code is returned instead.

	When read holds status of the last authentication
	operation if an error occurred during the process. This
	is directly the status value from the DMA configuration
	based mailbox before the device is power cycled. Writing
	0 here clears the status.