Hi Mario, On Wed, Mar 16, 2022 at 06:34:51PM +0000, Limonciello, Mario wrote: > > Might it be reasonable for the Thunderbolt core to check early on if any > > tunnelled ports are not marked as external facing, and if so just tell > > the user that iommu_dma_protection is off the table and anything they > > authorise is at their own risk? > > > > Robin. > > How about in iommu_dma_protection_show to just check that all the device > links to the NHI are marked as untrusted? Actually this does not work either because we have pre-USB4 systems out there that are using firmware based connection manager and do not set the "device links" (as it is only needed for USB4 software based connection manager systems). So only thing we can use is the ->external_facing (and ->untrusted) as those exists in all these systems (well assuming the BIOS provided them but this is Microsoft requirement in the same way with the DMAR bit). [For those who are not familiar with the connection manager, it is the software or firmware that actually creates the tunnels over the Thunderbolt/USB4 fabric. In Intel systems up to Alder Lake it used to be firmware based, and from Alder Lake and beyond it is software based meaning that the Linux Thunderbolt driver creates the tunnels. Apple systems have been software based from the beginnning.]
