Upstream commits to be applied ============================== 8fdd6ab36197 thunderbolt: Remove superfluous check 0956e4116922 thunderbolt: Make key root-only accessible e545f0d8a54a thunderbolt: Allow clearing the key The reason why these should be applied ====================================== 8fdd6ab36197 - the below patches depend on this one. 0956e4116922 is a security-related fix, it prevents non-root users from reading the key. e545f0d8a54a fixes functionality issue where if the key was rejected, it's impossible to use "connect once" flow to connect without a key even if the user chose to. How to apply it =============== Cherry-picking them to v4.13 passes cleanly.