From 6fc14e1a44e53c472865252b47398346a27d600e Mon Sep 17 00:00:00 2001 From: Mika Westerberg Date: Fri, 8 Dec 2017 14:11:39 +0300 Subject: thunderbolt: Introduce USB only (SL4) security level This new security level works so that it creates one PCIe tunnel to the connected Thunderbolt dock, removing PCIe links downstream of the dock. This leaves only the internal USB controller visible. Display Port tunnels are created normally. While there make sure security sysfs attribute returns "unknown" for any future security level. Signed-off-by: Mika Westerberg Reviewed-by: Andy Shevchenko --- drivers/thunderbolt/domain.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'drivers/thunderbolt') diff --git a/drivers/thunderbolt/domain.c b/drivers/thunderbolt/domain.c index ab4b304306f7..6281266b8ec0 100644 --- a/drivers/thunderbolt/domain.c +++ b/drivers/thunderbolt/domain.c @@ -117,6 +117,7 @@ static const char * const tb_security_names[] = { [TB_SECURITY_USER] = "user", [TB_SECURITY_SECURE] = "secure", [TB_SECURITY_DPONLY] = "dponly", + [TB_SECURITY_USBONLY] = "usbonly", }; static ssize_t boot_acl_show(struct device *dev, struct device_attribute *attr, @@ -227,8 +228,12 @@ static ssize_t security_show(struct device *dev, struct device_attribute *attr, char *buf) { struct tb *tb = container_of(dev, struct tb, dev); + const char *name = "unknown"; - return sprintf(buf, "%s\n", tb_security_names[tb->security_level]); + if (tb->security_level < ARRAY_SIZE(tb_security_names)) + name = tb_security_names[tb->security_level]; + + return sprintf(buf, "%s\n", name); } static DEVICE_ATTR_RO(security); -- cgit v1.2.3