Intel Working On Thunderbolt Security Levels For Linux, Firmware Updates

Written by Michael Larabel in Intel on 19 May 2017 at 11:27 AM EDT. 15 Comments
INTEL
Intel is continuing to improve the Thunderbolt support within the Linux kernel.

Mika Westerberg of Intel has posted a series of 24 patches for implementing security levels and NVM firmware upgrades for Thunderbolt. Thunderbolt security levels are used to fend off direct memory access (DMA) attacks when PCI Express is being used over Thunderbolt and IOMMU isn't available or working on the system. The firmware upgrade portion of the work is allowing NVM firmware upgrades on the host or device by writing the new firmware file to an nvmem entry over sysfs.

The Thunderbolt security level handling within the Linux driver allows for managing the security levels as otherwise users need to disable the security support from the BIOS if needing a PCI-E tunnel. Under this new code, Thunderbolt devices can be authorized by writing to a file via sysfs.

The developers hope user-space/desktops will add GUI functionality for wrapping around this security authorization functionality when new Thunderbolt devices are added whether it should be allowed, etc, rather than leaving users to dealing with the sysfs entries from the terminal.

This set of patches adding five thousand lines of code to the kernel also adds MSI-X support to the Thunderbolt driver for potentially greater performance over MSI / legacy interrupts, PCI IDs for the Intel Alpine Ridge Thunderbolt 3 controller, and other improvements. Perhaps we'll see this code ready for Linux 4.13 but in the mean time can be found via the kernel mailing list.
15 Comments
Related News
Rework For Intel CPU Model Handling To Land With Linux 6.10
Linux 6.10 Adding Intel Low-Latency Hint To Aggressively Boost GT Frequency For GPU Compute
Intel Releases OpenVINO 2024.1 With More Gen AI & LLM Features
Intel ANV Vulkan Driver Enables VK_KHR_shader_float_controls2
Intel Has Many Improvements For The Xe Graphics Driver In Linux 6.10
Intel Enabling Linux Driver Display Support For Upcoming "Battlemage" GPUs
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Fedora Linux 40 Available For Download As A Wonderful Upgrade
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Systemd 256-rc1 Brings A Huge Number Of New Features
NVIDIA Developer Opens Feature Pull Request For Open-Source NVK Driver
Microsoft Open-Sources MS-DOS 4.0 Under MIT License
Ubuntu 24.04 LTS Downloads Now Available
GNU Portability Library's Tool Rewritten In Python For 8~100x Better Performance
Niri 0.1.5 Scrollable-Tiling Wayland Compositor Adds New Animations