05 Dec, 2018
1 commit
-
Recent systems with Thunderbolt ports may support IOMMU natively. In
practice this means that Thunderbolt connected devices are placed behind
an IOMMU during the whole time it is connected (including during boot)
making Thunderbolt security levels redundant. This is called Kernel DMA
protection [1] by Microsoft.Some of these systems still have Thunderbolt security level set to
"user" in order to support OS downgrade (the older version of the OS
might not support IOMMU based DMA protection so connecting a device
still relies on user approval).Export this information to userspace by introducing a new sysfs
attribute (iommu_dma_protection). Based on it userspace tools can make
more accurate decision whether or not authorize the connected device.In addition update Thunderbolt documentation regarding IOMMU based DMA
protection.[1] https://docs.microsoft.com/en-us/windows/security/information-protection/kernel-dma-protection-for-thunderbolt
Signed-off-by: Mika Westerberg
Reviewed-by: Yehezkel Bernat
27 Nov, 2018
1 commit
-
During NVM upgrade process the host router is hot-removed for a short
while. During this time it is possible that the root port is moved into
D3cold which would be fine if the root port could trigger PME on itself.
However, many systems actually do not implement it so what happens is
that the root port goes into D3cold and never wakes up unless userspace
does PCI config space access, such as running 'lscpi'.For this reason we explicitly prevent the root port from runtime
suspending during NVM upgrade.Signed-off-by: Mika Westerberg
Signed-off-by: Greg Kroah-Hartman
08 Oct, 2018
1 commit
-
We want the fixes in here as well.
Signed-off-by: Greg Kroah-Hartman
03 Oct, 2018
7 commits
-
Intel has done pretty major changes to the driver and we continue to do
so in the future as well. Add Intel as copyright holder of the files we
have done changes.While there drop "Cactus Ridge" from the headers because this driver
works also with other Thunderbolt controllers.No functional changes intended.
Signed-off-by: Mika Westerberg
Acked-by: Yehezkel Bernat
Signed-off-by: Greg Kroah-Hartman -
This gets rid of the licence boilerplate duplicated in each file. While
there fix doubled space in domain.c author line.No functional changes intended.
Signed-off-by: Mika Westerberg
Acked-by: Yehezkel Bernat
Signed-off-by: Greg Kroah-Hartman -
The previous patch made the driver less verbose meanining that all the
switch structures and ports are now logged as debug level. However, we
have been missing similar output that USB for intance prints when a new
USB device is connected and disconnected. This information is useful for
end users as well as developers because it immediately shows the actual
device that was connected.This patch adds printing of the actual connected devices to the driver.
Signed-off-by: Mika Westerberg
Acked-by: Yehezkel Bernat
Signed-off-by: Greg Kroah-Hartman -
Currently the driver logs quite a lot to the system message buffer even
when doing normal operations. This information is not useful for
ordinary users and might even annoy some.For this reason convert most of the logs at info level to happen at
debug level instead. The nice output formatting is untouched.Logging can be easily re-enabled by passing "thunderbolt.dyndbg" in the
kernel command line (or using the corresponding control file runtime).Signed-off-by: Mika Westerberg
Acked-by: Yehezkel Bernat
Signed-off-by: Greg Kroah-Hartman -
dma_pool_destroy() already takes NULL pointer into account so there is
no need to check that again in tb_ctl_free().Signed-off-by: zhong jiang
[mw: reword commit log a bit]
Signed-off-by: Mika Westerberg
Signed-off-by: Greg Kroah-Hartman -
If IOMMU is enabled and Thunderbolt driver is built into the kernel
image, it will be probed before IOMMUs are attached to the PCI bus.
Because of this DMA mappings the driver does will not go through IOMMU
and start failing right after IOMMUs are enabled.For this reason move the Thunderbolt driver initialization happen at
rootfs level.Signed-off-by: Mika Westerberg
Signed-off-by: Greg Kroah-Hartman -
If there is a long chain of devices connected when the driver is loaded
ICM sends device connected event for each and those are put to tb->wq
for later processing. Now if the driver gets unloaded in the middle, so
that the work queue is not yet empty it gets flushed by tb_domain_stop().
However, by that time the root switch is already removed so the driver
crashes when it tries to dereference it in ICM event handling callbacks.Fix this by checking whether the root switch is already removed. If it
is we know that the domain is stopped and we should merely skip handling
the event.Signed-off-by: Mika Westerberg
Signed-off-by: Greg Kroah-Hartman
25 Jul, 2018
7 commits
-
When Thunderbolt host controller is set to RTD3 mode (Runtime D3) it is
present all the time. Because of this it is important to runtime suspend
the controller whenever possible. In case of ICM we have following rules
which all needs to be true before the host controller can be put to D3:- The controller firmware reports to support RTD3
- All the connected devices announce support for RTD3
- There is no active XDomain connectionImplement this using standard Linux runtime PM APIs so that when all the
children devices are runtime suspended, the Thunderbolt host controller
PCI device is runtime suspended as well. The ICM firmware then starts
powering down power domains towards RTD3 but it can prevent this if it
detects that there is an active Display Port stream (this is not visible
to the software, though).The Thunderbolt host controller will be runtime resumed either when
there is a remote wake event (device is connected or disconnected), or
when there is access from userspace that requires hardware access.Signed-off-by: Mika Westerberg
Signed-off-by: Greg Kroah-Hartman -
Variable 'approved' is being assigned but is never used hence it is
redundant and can be removed.Cleans up clang warning:
warning: variable 'approved' set but not used [-Wunused-but-set-variable]Signed-off-by: Colin Ian King
Signed-off-by: Mika Westerberg
Signed-off-by: Greg Kroah-Hartman -
The correct way to put the ICM into suspend state is to send it
NHI_MAILBOX_DRV_UNLOADS mailbox command. NHI_MAILBOX_SAVE_DEVS is not
needed on Intel Titan Ridge so we can skip it.Signed-off-by: Mika Westerberg
Signed-off-by: Greg Kroah-Hartman -
If the connection manager implementation needs to touch the domain
structures it ought to take the lock itself. Currently only ICM
implements these hooks and it does not need the lock because we there
will be no notifications before driver ready message is sent to it.Signed-off-by: Mika Westerberg
Signed-off-by: Greg Kroah-Hartman -
This command is not really fast and can make resume time slower. We only
need to get route again if the link was changed and during initial
device connected message.Signed-off-by: Mika Westerberg
Signed-off-by: Greg Kroah-Hartman -
PCI defaults to 32-bit DMA mask but this device is capable of full
64-bit addressing, so make sure we first try 64-bit DMA mask before
falling back to the default 32-bit.Signed-off-by: Mika Westerberg
Signed-off-by: Greg Kroah-Hartman -
Fixes small variable name typo and the associated
checkpatch spelling warning.Signed-off-by: Nathan Ciobanu
Signed-off-by: Mika Westerberg
Signed-off-by: Greg Kroah-Hartman
07 Jul, 2018
1 commit
-
The commit 9aaa3b8b4c56 ("thunderbolt: Add support for preboot ACL")
introduced boot_acl attribute but missed the fact that now userspace
needs to poll the attribute constantly to find out whether it has
changed or not. Fix this by sending notification to the userspace
whenever the boot_acl attribute is changed.Fixes: 9aaa3b8b4c56 ("thunderbolt: Add support for preboot ACL")
Reported-and-tested-by: Christian Kellner
Signed-off-by: Mika Westerberg
Reviewed-by: Christian Kellner
Acked-by: Yehezkel Bernat
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman
16 May, 2018
1 commit
-
If the boot ACL entry is already NULL we should not fill in the upper
two DWs with 0xfffffffff. Otherwise they are not shown as empty entries
when the sysfs attribute is read.Fixes: 9aaa3b8b4c56 ("thunderbolt: Add support for preboot ACL")
Signed-off-by: Mika Westerberg
Acked-by: Yehezkel Bernat
Signed-off-by: Greg Kroah-Hartman
14 Mar, 2018
1 commit
-
On Lenovo ThinkPad Yoga 370 (and possibly some other Lenovo models as
well) the Thunderbolt host controller sometimes comes up in such way
that the ICM firmware is not running properly. This is most likely an
issue in BIOS/firmware but as side-effect driver crashes the kernel due
to NULL pointer dereference:BUG: unable to handle kernel NULL pointer dereference at 0000000000000980
IP: pci_write_config_dword+0x5/0x20
Call Trace:
pcie2cio_write+0x3b/0x70 [thunderbolt]
icm_driver_ready+0x168/0x260 [thunderbolt]
? tb_ctl_start+0x50/0x70 [thunderbolt]
tb_domain_add+0x73/0xf0 [thunderbolt]
nhi_probe+0x182/0x300 [thunderbolt]
local_pci_probe+0x42/0xa0
? pci_match_device+0xd9/0x100
pci_device_probe+0x146/0x1b0
driver_probe_device+0x315/0x480
...Instead of crashing update the driver to bail out gracefully if we
encounter such situation.Fixes: f67cf491175a ("thunderbolt: Add support for Internal Connection Manager (ICM)")
Reported-by: Jordan Glover
Signed-off-by: Mika Westerberg
Acked-by: Yehezkel Bernat
Cc: stable@vger.kernel.org
09 Mar, 2018
18 commits
-
Intel Titan Ridge is the next Thunderbolt 3 controller. The ICM firmware
message format in Titan Ridge differs from Falcon Ridge and Alpine Ridge
somewhat because it is using route strings addressing devices. In
addition to that the DMA port of 4-channel (two port) controller is in
different port number than the previous controllers. There are some
other minor differences as well.This patch add support for Intel Titan Ridge and the new ICM firmware
message format.Signed-off-by: Radion Mirchevsky
Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
This new security level works so that it creates one PCIe tunnel to the
connected Thunderbolt dock, removing PCIe links downstream of the dock.
This leaves only the internal USB controller visible.Display Port tunnels are created normally.
While there make sure security sysfs attribute returns "unknown" for any
future security level.Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
Preboot ACL is a mechanism that allows connecting Thunderbolt devices
boot time in more secure way than the legacy Thunderbolt boot support.
As with the legacy boot option, this also needs to be enabled from the
BIOS before booting is allowed. Difference to the legacy mode is that
the userspace software explicitly adds device UUIDs by sending a special
message to the ICM firmware. Only the devices listed in the boot ACL are
connected automatically during the boot. This works in both "user" and
"secure" security levels.We implement this in Linux by exposing a new sysfs attribute (boot_acl)
below each Thunderbolt domain. The userspace software can then update
the full list as needed.Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
In various cases, Thunderbolt device can be connected by ICM on boot
without waiting for approval from user. Most cases are related to
OEM-specific BIOS configurations. This information is interesting for
user-space as if the device isn't in SW ACL, it may create a friction in
the user experience where the device is automatically authorized if it's
connected on boot but requires an explicit user action if connected
after OS is up. User-space can use this information to suggest adding
the device to SW ACL for auto-authorization on later connections.Signed-off-by: Yehezkel Bernat
Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
Intel Titan Ridge uses slightly different format for ICM driver ready
response, so add a new ->driver_ready() callback to struct icm and move
the existing handling to a separate function which we then use in Falcon
Ridge and Alpine Ridge.No functional changes intended.
Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
We will be using this from Titan Ridge support code as well so make it
constant.Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
This is needed by the new ICM interface to find xdomains by route string
instead of link and depth.While there update existing tb_xdomain_find_* functions to use
tb_xdomain_get() instead of open-coding the same.Signed-off-by: Radion Mirchevsky
Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
With the new ICM messaging there is need for find switch by route string
instead of link and depth. Add new function that makes it possible.Signed-off-by: Radion Mirchevsky
Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
Sometimes there is need for increasing reference count of a switch as
well. This also follows what we have for xdomains.Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
Use correct name in kernel-doc of tb_switch_find_by_uuid().
Signed-off-by: Radion Mirchevsky
Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
The newer ICM will not use link and depth to address devices. Instead it
uses route strings. In order to take advantage of the existing code
factor out common operations so that we can use the same functions with
the new ICM as well.No functional changes intended.
Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
The ICM firmware rejects devices if the maximum topology limit is
exceeded (more than 6 devices are connected). If that happens just log a
message to the kernel message buffer and bail out.Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
Sometimes during cold boot ICM has not yet authenticated the active NVM
image leading to timeout and failing the driver probe. Allow ICM to take
some more time and increase the timeout to 3 seconds before we give up.While there fix icm_firmware_init() to return the real error code
without overwriting it with -ENODEV.Fixes: f67cf491175a ("thunderbolt: Add support for Internal Connection Manager (ICM)")
Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko
Cc: stable@vger.kernel.org -
In some case reading root switch config space takes longer than what we
are currently waiting in the driver resulting timeout and failure.
Increase number of retries to allow some more time for the root switch
config space to become accesssible.Also log an error if the timeout is exceeded so we know why the driver
probe failed.Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
If the Thunderbolt domain adding fails for some reason we currently
always return -EIO instead of the real error code. To make debugging
easier return the actual error code instead.Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko -
If the system is suspended and user disconnects cable to another host
and connects it to a Thunderbolt device instead we get a warning from
driver core about adding duplicate sysfs attribute and adding the new
device fails.Handle this properly so that we first remove the existing XDomain
connection before adding new devices.Fixes: d1ff70241a27 ("thunderbolt: Add support for XDomain discovery protocol")
Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko
Cc: stable@vger.kernel.org -
We need to make sure a new PCIe tunnel is not created in a middle of
previous PCI rescan because otherwise the rescan code might find too
much and fail to reconfigure devices properly. This is important when
native PCIe hotplug is used. In BIOS assisted hotplug there should be no
such issue.Fixes: f67cf491175a ("thunderbolt: Add support for Internal Connection Manager (ICM)")
Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko
Cc: Bjorn Helgaas
Cc: stable@vger.kernel.org -
The driver misses implementation of PM hook that undoes what
->freeze_noirq() does after the hibernation image is created. This means
the control channel is not resumed properly and the Thunderbolt bus
becomes useless in later stages of hibernation (when the image is stored
or if the operation fails).Fix this by pointing ->thaw_noirq to driver nhi_resume_noirq(). This
makes sure the control channel is resumed properly.Fixes: 23dd5bb49d98 ("thunderbolt: Add suspend/hibernate support")
Signed-off-by: Mika Westerberg
Reviewed-by: Andy Shevchenko
Cc: stable@vger.kernel.org
16 Dec, 2017
1 commit
-
When ring enters polling mode we are expected to mask the ring interrupt
before the callback is called. However, the current code actually
unmasks it probably because of a copy-paste mistake.Mask the interrupt properly from now on.
Fixes: 4ffe722eefcb ("thunderbolt: Add polling mode for rings")
Signed-off-by: Mika Westerberg
Acked-by: Yehezkel Bernat
Signed-off-by: Greg Kroah-Hartman
17 Nov, 2017
1 commit
-
…/git/gregkh/char-misc
Pull char/misc updates from Greg KH:
"Here is the big set of char/misc and other driver subsystem patches
for 4.15-rc1.There are small changes all over here, hyperv driver updates, pcmcia
driver updates, w1 driver updats, vme driver updates, nvmem driver
updates, and lots of other little one-off driver updates as well. The
shortlog has the full details.All of these have been in linux-next for quite a while with no
reported issues"* tag 'char-misc-4.15-rc1' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc: (90 commits)
VME: Return -EBUSY when DMA list in use
w1: keep balance of mutex locks and refcnts
MAINTAINERS: Update VME subsystem tree.
nvmem: sunxi-sid: add support for A64/H5's SID controller
nvmem: imx-ocotp: Update module description
nvmem: imx-ocotp: Enable i.MX7D OTP write support
nvmem: imx-ocotp: Add i.MX7D timing write clock setup support
nvmem: imx-ocotp: Move i.MX6 write clock setup to dedicated function
nvmem: imx-ocotp: Add support for banked OTP addressing
nvmem: imx-ocotp: Pass parameters via a struct
nvmem: imx-ocotp: Restrict OTP write to IMX6 processors
nvmem: uniphier: add UniPhier eFuse driver
dt-bindings: nvmem: add description for UniPhier eFuse
nvmem: set nvmem->owner to nvmem->dev->driver->owner if unset
nvmem: qfprom: fix different address space warnings of sparse
nvmem: mtk-efuse: fix different address space warnings of sparse
nvmem: mtk-efuse: use stack for nvmem_config instead of malloc'ing it
nvmem: imx-iim: use stack for nvmem_config instead of malloc'ing it
thunderbolt: tb: fix use after free in tb_activate_pcie_devices
MAINTAINERS: Add git tree for Thunderbolt development
...
