diff options
| author | Mika Westerberg <mika.westerberg@linux.intel.com> | 2020-11-10 09:47:14 +0100 |
|---|---|---|
| committer | Mika Westerberg <mika.westerberg@linux.intel.com> | 2021-01-15 08:53:06 +0100 |
| commit | 3da88be249973f7b74e7b24ed559e6abc2fc5af4 (patch) | |
| tree | b6c607a9375ca1303f7502e329d4ea478ca017df /drivers/thunderbolt/domain.c | |
| parent | thunderbolt: Start lane initialization after sleep (diff) | |
| download | linux-3da88be249973f7b74e7b24ed559e6abc2fc5af4.tar.xz linux-3da88be249973f7b74e7b24ed559e6abc2fc5af4.zip | |
thunderbolt: Add support for de-authorizing devices
In some cases it is useful to be able de-authorize devices. For example
if user logs out the userspace can have a policy that disconnects PCIe
devices until logged in again. This is only possible for software based
connection manager as it directly controls the tunnels.
For this reason make the authorized attribute accept writing 0 which
makes the software connection manager to tear down the corresponding
PCIe tunnel. Userspace can check if this is supported by reading a new
domain attribute deauthorization, that holds 1 in that case.
While there correct tb_domain_approve_switch() kernel-doc and
description of authorized attribute to mention that it is only about
PCIe tunnels.
Cc: Christian Kellner <christian@kellner.me>
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Acked-by: Yehezkel Bernat <YehezkelShB@gmail.com>
Diffstat (limited to 'drivers/thunderbolt/domain.c')
| -rw-r--r-- | drivers/thunderbolt/domain.c | 32 |
1 files changed, 30 insertions, 2 deletions
diff --git a/drivers/thunderbolt/domain.c b/drivers/thunderbolt/domain.c index d2b92a8be577..9ba2181464cc 100644 --- a/drivers/thunderbolt/domain.c +++ b/drivers/thunderbolt/domain.c @@ -238,6 +238,16 @@ err_free_str: } static DEVICE_ATTR_RW(boot_acl); +static ssize_t deauthorization_show(struct device *dev, + struct device_attribute *attr, + char *buf) +{ + const struct tb *tb = container_of(dev, struct tb, dev); + + return sprintf(buf, "%d\n", !!tb->cm_ops->disapprove_switch); +} +static DEVICE_ATTR_RO(deauthorization); + static ssize_t iommu_dma_protection_show(struct device *dev, struct device_attribute *attr, char *buf) @@ -267,6 +277,7 @@ static DEVICE_ATTR_RO(security); static struct attribute *domain_attrs[] = { &dev_attr_boot_acl.attr, + &dev_attr_deauthorization.attr, &dev_attr_iommu_dma_protection.attr, &dev_attr_security.attr, NULL, @@ -602,13 +613,30 @@ int tb_domain_runtime_resume(struct tb *tb) } /** + * tb_domain_disapprove_switch() - Disapprove switch + * @tb: Domain the switch belongs to + * @sw: Switch to disapprove + * + * This will disconnect PCIe tunnel from parent to this @sw. + * + * Return: %0 on success and negative errno in case of failure. + */ +int tb_domain_disapprove_switch(struct tb *tb, struct tb_switch *sw) +{ + if (!tb->cm_ops->disapprove_switch) + return -EPERM; + + return tb->cm_ops->disapprove_switch(tb, sw); +} + +/** * tb_domain_approve_switch() - Approve switch * @tb: Domain the switch belongs to * @sw: Switch to approve * * This will approve switch by connection manager specific means. In - * case of success the connection manager will create tunnels for all - * supported protocols. + * case of success the connection manager will create PCIe tunnel from + * parent to @sw. */ int tb_domain_approve_switch(struct tb *tb, struct tb_switch *sw) { |