Commit e8c9f90c authored by Christian Kellner's avatar Christian Kellner Committed by Christian Kellner

docs: document how boltctl domains shows iommu

Document how the security output changes when iommu support is
active.
parent bba147aa
......@@ -94,17 +94,20 @@ domains [-v | --verbose]
List all currently active Thunderbolt domains. A Thunderbolt domain
represents the Thunderbolt controller hardware. There will be one
domain (and host device) for each Thunderbolt controller present
in the system. The 'security' property shows the security level of
the controller. 'bootacl' shows the used and total slots of the
boot access control list (BootACL) and the content of all non-empty
entries. NB: if BootACL is unsupported it will show 0 for both (0/0).
The 'online' property shows if the thunderbolt controller is currently
powered by the firmware. *NB*: if the controller is currently offline
the BootACL list will reflect what 'boltd' estimates the list will look
like once the controller is back online and local changes have been
synchronized to the controller. This might not be accurate if the list
was modified in the meantime, e.g. from a different installation or OS.
domain (and host device) for each Thunderbolt controller present in
the system. The 'security' property shows the security level of the
controller. If 'iommu' support is active (see the *boltd* man page) it
will be indicated by a '+iommu' suffix for "secure" or "user" mode, or
just plain 'iommu' in case the security level is "none" (sl0).
'bootacl' shows the used and total slots of the boot access control
list (BootACL) and the content of all non-empty entries. NB: if
BootACL is unsupported it will show 0 for both (0/0). The 'online'
property shows if the thunderbolt controller is currently powered by
the firmware. *NB*: if the controller is currently offline the BootACL
list will reflect what 'boltd' estimates the list will look like once
the controller is back online and local changes have been synchronized
to the controller. This might not be accurate if the list was modified
in the meantime, e.g. from a different installation or OS.
enroll [--policy 'policy'] 'DEVICE'
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment