1 What: /sys/bus/thunderbolt/devices/.../domainX/boot_acl
4 Contact: thunderbolt-software@lists.01.org
5 Description: Holds a comma separated list of device unique_ids that
6 are allowed to be connected automatically during system
7 startup (e.g boot devices). The list always contains
8 maximum supported number of unique_ids where unused
9 entries are empty. This allows the userspace software
10 to determine how many entries the controller supports.
11 If there are multiple controllers, each controller has
12 its own ACL list and size may be different between the
15 System BIOS may have an option "Preboot ACL" or similar
16 that needs to be selected before this list is taken into
19 Software always updates a full list in each write.
21 If a device is authorized automatically during boot its
22 boot attribute is set to 1.
24 What: /sys/bus/thunderbolt/devices/.../domainX/deauthorization
27 Contact: Mika Westerberg <mika.westerberg@linux.intel.com>
28 Description: This attribute tells whether the system supports
29 de-authorization of devices. Value of 1 means user can
30 de-authorize PCIe tunnel by writing 0 to authorized
31 attribute under each device.
33 What: /sys/bus/thunderbolt/devices/.../domainX/iommu_dma_protection
36 Contact: thunderbolt-software@lists.01.org
37 Description: This attribute tells whether the system uses IOMMU
38 for DMA protection. Value of 1 means IOMMU is used 0 means
39 it is not (DMA protection is solely based on Thunderbolt
42 What: /sys/bus/thunderbolt/devices/.../domainX/security
45 Contact: thunderbolt-software@lists.01.org
46 Description: This attribute holds current Thunderbolt security level
47 set by the system BIOS. Possible values are:
49 ======= ==================================================
50 none All devices are automatically authorized
51 user Devices are only authorized based on writing
52 appropriate value to the authorized attribute
53 secure Require devices that support secure connect at
54 minimum. User needs to authorize each device.
55 dponly Automatically tunnel Display port (and USB). No
56 PCIe tunnels are created.
57 usbonly Automatically tunnel USB controller of the
58 connected Thunderbolt dock (and Display Port). All
59 PCIe links downstream of the dock are removed.
60 nopcie USB4 system where PCIe tunneling is disabled from
62 ======= ==================================================
64 What: /sys/bus/thunderbolt/devices/.../authorized
67 Contact: thunderbolt-software@lists.01.org
68 Description: This attribute is used to authorize Thunderbolt devices
69 after they have been connected. If the device is not
70 authorized, no PCIe devices are available to the system.
72 Contents of this attribute will be 0 when the device is not
75 Possible values are supported:
77 == ===================================================
78 0 The device will be de-authorized (only supported if
79 deauthorization attribute under domain contains 1)
80 1 The device will be authorized and connected
81 == ===================================================
83 When key attribute contains 32 byte hex string the possible
86 == ========================================================
87 0 The device will be de-authorized (only supported if
88 deauthorization attribute under domain contains 1)
89 1 The 32 byte hex string is added to the device NVM and
90 the device is authorized.
91 2 Send a challenge based on the 32 byte hex string. If the
92 challenge response from device is valid, the device is
93 authorized. In case of failure errno will be ENOKEY if
94 the device did not contain a key at all, and
95 EKEYREJECTED if the challenge response did not match.
96 == ========================================================
98 What: /sys/bus/thunderbolt/devices/.../boot
101 Contact: thunderbolt-software@lists.01.org
102 Description: This attribute contains 1 if Thunderbolt device was already
103 authorized on boot and 0 otherwise.
105 What: /sys/bus/thunderbolt/devices/.../generation
108 Contact: Christian Kellner <christian@kellner.me>
109 Description: This attribute contains the generation of the Thunderbolt
110 controller associated with the device. It will contain 4
113 What: /sys/bus/thunderbolt/devices/.../key
116 Contact: thunderbolt-software@lists.01.org
117 Description: When a devices supports Thunderbolt secure connect it will
118 have this attribute. Writing 32 byte hex string changes
119 authorization to use the secure connection method instead.
120 Writing an empty string clears the key and regular connection
121 method can be used again.
123 What: /sys/bus/thunderbolt/devices/.../device
126 Contact: thunderbolt-software@lists.01.org
127 Description: This attribute contains id of this device extracted from
130 What: /sys/bus/thunderbolt/devices/.../device_name
133 Contact: thunderbolt-software@lists.01.org
134 Description: This attribute contains name of this device extracted from
137 What: /sys/bus/thunderbolt/devices/.../rx_speed
140 Contact: Mika Westerberg <mika.westerberg@linux.intel.com>
141 Description: This attribute reports the device RX speed per lane.
142 All RX lanes run at the same speed.
144 What: /sys/bus/thunderbolt/devices/.../rx_lanes
147 Contact: Mika Westerberg <mika.westerberg@linux.intel.com>
148 Description: This attribute reports number of RX lanes the device is
149 using simultaneusly through its upstream port.
151 What: /sys/bus/thunderbolt/devices/.../tx_speed
154 Contact: Mika Westerberg <mika.westerberg@linux.intel.com>
155 Description: This attribute reports the TX speed per lane.
156 All TX lanes run at the same speed.
158 What: /sys/bus/thunderbolt/devices/.../tx_lanes
161 Contact: Mika Westerberg <mika.westerberg@linux.intel.com>
162 Description: This attribute reports number of TX lanes the device is
163 using simultaneusly through its upstream port.
165 What: /sys/bus/thunderbolt/devices/.../vendor
168 Contact: thunderbolt-software@lists.01.org
169 Description: This attribute contains vendor id of this device extracted
170 from the device DROM.
172 What: /sys/bus/thunderbolt/devices/.../vendor_name
175 Contact: thunderbolt-software@lists.01.org
176 Description: This attribute contains vendor name of this device extracted
177 from the device DROM.
179 What: /sys/bus/thunderbolt/devices/.../unique_id
182 Contact: thunderbolt-software@lists.01.org
183 Description: This attribute contains unique_id string of this device.
184 This is either read from hardware registers (UUID on
185 newer hardware) or based on UID from the device DROM.
186 Can be used to uniquely identify particular device.
188 What: /sys/bus/thunderbolt/devices/.../nvm_version
191 Contact: thunderbolt-software@lists.01.org
192 Description: If the device has upgradeable firmware the version
193 number is available here. Format: %x.%x, major.minor.
194 If the device is in safe mode reading the file returns
195 -ENODATA instead as the NVM version is not available.
197 What: /sys/bus/thunderbolt/devices/.../nvm_authenticate
200 Contact: thunderbolt-software@lists.01.org
201 Description: When new NVM image is written to the non-active NVM
202 area (through non_activeX NVMem device), the
203 authentication procedure is started by writing to
205 If everything goes well, the device is
206 restarted with the new NVM firmware. If the image
207 verification fails an error code is returned instead.
209 This file will accept writing values "1" or "2"
211 - Writing "1" will flush the image to the storage
212 area and authenticate the image in one action.
213 - Writing "2" will run some basic validation on the image
214 and flush it to the storage area.
216 When read holds status of the last authentication
217 operation if an error occurred during the process. This
218 is directly the status value from the DMA configuration
219 based mailbox before the device is power cycled. Writing
220 0 here clears the status.
222 What: /sys/bus/thunderbolt/devices/<xdomain>.<service>/key
225 Contact: thunderbolt-software@lists.01.org
226 Description: This contains name of the property directory the XDomain
227 service exposes. This entry describes the protocol in
228 question. Following directories are already reserved by
229 the Apple XDomain specification:
231 ======== ===============================================
232 network IP/ethernet over Thunderbolt
233 targetdm Target disk mode protocol over Thunderbolt
234 extdisp External display mode protocol over Thunderbolt
235 ======== ===============================================
237 What: /sys/bus/thunderbolt/devices/<xdomain>.<service>/modalias
240 Contact: thunderbolt-software@lists.01.org
241 Description: Stores the same MODALIAS value emitted by uevent for
242 the XDomain service. Format: tbtsvc:kSpNvNrN
244 What: /sys/bus/thunderbolt/devices/<xdomain>.<service>/prtcid
247 Contact: thunderbolt-software@lists.01.org
248 Description: This contains XDomain protocol identifier the XDomain
251 What: /sys/bus/thunderbolt/devices/<xdomain>.<service>/prtcvers
254 Contact: thunderbolt-software@lists.01.org
255 Description: This contains XDomain protocol version the XDomain
258 What: /sys/bus/thunderbolt/devices/<xdomain>.<service>/prtcrevs
261 Contact: thunderbolt-software@lists.01.org
262 Description: This contains XDomain software version the XDomain
265 What: /sys/bus/thunderbolt/devices/<xdomain>.<service>/prtcstns
268 Contact: thunderbolt-software@lists.01.org
269 Description: This contains XDomain service specific settings as
272 What: /sys/bus/thunderbolt/devices/<device>:<port>.<index>/device
275 Contact: Mika Westerberg <mika.westerberg@linux.intel.com>
276 Description: Retimer device identifier read from the hardware.
278 What: /sys/bus/thunderbolt/devices/<device>:<port>.<index>/nvm_authenticate
281 Contact: Mika Westerberg <mika.westerberg@linux.intel.com>
282 Description: When new NVM image is written to the non-active NVM
283 area (through non_activeX NVMem device), the
284 authentication procedure is started by writing 1 to
285 this file. If everything goes well, the device is
286 restarted with the new NVM firmware. If the image
287 verification fails an error code is returned instead.
289 When read holds status of the last authentication
290 operation if an error occurred during the process.
293 What: /sys/bus/thunderbolt/devices/<device>:<port>.<index>/nvm_version
296 Contact: Mika Westerberg <mika.westerberg@linux.intel.com>
297 Description: Holds retimer NVM version number. Format: %x.%x, major.minor.
299 What: /sys/bus/thunderbolt/devices/<device>:<port>.<index>/vendor
302 Contact: Mika Westerberg <mika.westerberg@linux.intel.com>
303 Description: Retimer vendor identifier read from the hardware.
305 What: /sys/bus/thunderbolt/devices/.../nvm_authenticate_on_disconnect
308 Contact: Mario Limonciello <mario.limonciello@dell.com>
309 Description: For supported devices, automatically authenticate the new Thunderbolt
310 image when the device is disconnected from the host system.
312 This file will accept writing values "1" or "2"
314 - Writing "1" will flush the image to the storage
315 area and prepare the device for authentication on disconnect.
316 - Writing "2" will run some basic validation on the image
317 and flush it to the storage area.