On Tue, Jan 26, 2021 at 6:26 PM Mika Westerberg <mika.westerberg@xxxxxxxxxxxxxxx> wrote: > > On Tue, Jan 26, 2021 at 06:18:47PM +0200, Yehezkel Bernat wrote: > > On Tue, Jan 26, 2021 at 5:57 PM Mika Westerberg > > <mika.westerberg@xxxxxxxxxxxxxxx> wrote: > > > > > > Recent Intel Thunderbolt firmware connection manager has support for > > > another security level, SL5, that disables PCIe tunneling. This option > > > can be turned on from the BIOS. > > > > > > When this is set the driver exposes a new security level "nopcie" to the > > > userspace and hides the authorized attribute under connected devices. > > > > > > While there we also hide it when "dponly" security level is enabled > > > since it is not really usable in that case anyway. > > > > > > Signed-off-by: Mika Westerberg <mika.westerberg@xxxxxxxxxxxxxxx> > > > --- > > > > Looks good to me, I'm just not sure I understand how this is different from > > dponly mode. Is this just because it comes from the new _OSC? > > The firmware connection manager reports this new security level instead > of dponly so we reflect that to the userspace, and while at it take > advantage of the nopcie when USB4 _OSC disables PCIe tunneling so they > both look the same from userspace perspective. Makes sense. Thanks for the clarification!