Thunderbolt device management. Version of the daemon. Indication that a new thunderbolt device has been connected and the manager is reacting to that. Probing should be true as long as the new device (and any possible attached peripherals) are initialized by the system. The policy to use during enrollment when "default" was specified. The security level of the system. The authorization mode of the daemon. Currently supported values are "enabled" if it is authorizing devices or "disabled" if authorization is disabled. State of the ForcePower setting of the bolt daemon. The maximum generation of any of Thunderbolt controller associated with the device. It will contain 4 for USB4, 3 for Thunderbolt 3. An array of object paths for the domains. List all active thunderbolt domains. The id of the domain. Object path for the domain. Return a domain given its identifier. An array of object paths for the devices. List all known devices, i.e. connected or stored in the database. The unique id of the device. Object path for the devices. Return a device given its unique identifier. The unique id of the device. Policy to use for the device. Control aspects of enrollment. Object path for the devices. Authorize a device, and on success, store the device in the database. If policy is set to "Auto", the device will be automatically authorized in the future. The unique id of the device. Remove the device and any associated information, such as the policy and its key, from the store. Object path of the new device. A new device was added. Object path of the removed device. A device was removed. Object path of the domain. A thunderbolt domain was added. Object path of the removed domain. A thunderbolt domain was removed. Thunderbolt force power management. Is there system level support for force powering the thunderbolt controller. State of the ForcePower setting of the bolt daemon. The minimum amount of time the controller will be powered. This timeout will get reset with every new activity on the thundrbolt bus while the controller is being force powered. Who is requesting the force power op. Control aspects of the force power operation. File descriptor reference to the guard. Force power the thunderbolt controller, if supported. Array of guard information, containing the "id", "who" and the pid of the guard. List active internal and external power guards. Representation of a single Thunderbolt device. The unique-id of the device. The name of the device. The vendor of the device. The type of the device, i.e. 'host' or 'peripheral' The generation of the Thunderbolt controller associated with the device. It will contain 4 for USB4, 3 for Thunderbolt 3. The current status of the device. Details of authorization information, including if they device was securily authorized via key verification ('secure') or does not support this method ('nokey'). The flag 'boot' indicates that the devices was already authorized by the firmware during pre-boot. If no downstream PCIe tunnels are authorized the 'nopcie' flag will be set. The unique id of the parent the device. The only device without a parent will be the device that represents the host controller. The sysfs path of the device, if it is connected. When a device is connected, it always is connected via a thunderbolt domain, directly or via a chain of other devices. This is the identifier of the domain. Indication if the device is stored. The authorization policy of the device. If a key is associated with the device. If set, a name that was given to the device by the user. Can only be set when device is stored. Point in time (since Epoch, in seconds) when the device was connected (0 if it is not connected). Point in time (since Epoch, in seconds) when the device was authorized (0 if it is not authorized). Point in time (since Epoch, in seconds) when the device was stored (0 if it is not stored). Information about the link speed, i.e. with how many lanes the device is connected to its parent and what rate (in Gb/s) the lanes have. Separate information is reported for transmission (tx) and reception (rx). All lanes in one direction have the same rate. Control aspects of authorization. Authorize the device. Representation of a Thunderbolt domain. The unique-id of the domain. The (sysfs) id of the domain. The sysfs path of the domain, if it is connected. The security level of the domain. The boot access control list. The input output memory management unit (IOMMU) can used on recent hardware in combination with recent kernel versions to protect against attacks, like direct memory access (DMA) attacks, at the hardware level. If this property is true than IOMMU hardware protection is active.