GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → gicmo → Bolt

gicmo / Bolt

Licence: lgpl-2.1
⚡🐧 - Thunderbolt 3 device manager | This is a MIRROR of bolt from fd.o

Programming Languages

c
50402 projects - #5 most used programming language

Labels

linuxsecuritydaemon

Projects that are alternatives of or similar to Bolt

Deluge
Deluge BitTorrent client - Git mirror, PRs only
Stars: ✭ 1,012 (+854.72%)
Mutual labels:  daemon
Oragono
A modern IRC server (daemon/ircd) written in Go.
Stars: ✭ 1,171 (+1004.72%)
Mutual labels:  daemon
Cachectl
Page cache controller for regular file in Go
Stars: ✭ 95 (-10.38%)
Mutual labels:  daemon
Eventd
A simple daemon to track remote or local events and do actions the user wants to
Stars: ✭ 43 (-59.43%)
Mutual labels:  daemon
Bulwark Explorer
Block explorer for Bulwark Cryptocurrency
Stars: ✭ 57 (-46.23%)
Mutual labels:  daemon
Git Repo Watcher
A simple bash script to watch a git repository and pull upstream changes if needed.
Stars: ✭ 73 (-31.13%)
Mutual labels:  daemon
Leoric
PoC of fighting against force-stop kill process on Android
Stars: ✭ 946 (+792.45%)
Mutual labels:  daemon
Freeradius Server
FreeRADIUS - A multi-protocol policy server.
Stars: ✭ 1,379 (+1200.94%)
Mutual labels:  daemon
Peerflix Server
Streaming torrent client for Node.js with web ui.
Stars: ✭ 1,157 (+991.51%)
Mutual labels:  daemon
Jd4
Judging daemon for programming contests
Stars: ✭ 85 (-19.81%)
Mutual labels:  daemon
Spm
A process manager similar to systemd and foreman with stop feature, written in Go.
Stars: ✭ 44 (-58.49%)
Mutual labels:  daemon
Xsuspender
👀 💻 💤 🔋 Save battery by auto-suspending unfocused X11 applications.
Stars: ✭ 53 (-50%)
Mutual labels:  daemon
Yubikeylockd
Simple daemon for locking and unlocking macOS with Yubikey
Stars: ✭ 78 (-26.42%)
Mutual labels:  daemon
Processmanager
PHP Process Control tools
Stars: ✭ 43 (-59.43%)
Mutual labels:  daemon
Go Daemon
A library for writing system daemons in golang.
Stars: ✭ 1,341 (+1165.09%)
Mutual labels:  daemon
Whatpulse
WhatPulse reverse engineered
Stars: ✭ 30 (-71.7%)
Mutual labels:  daemon
Pebble
Unofficial Pebble watch support for SailfishOS/Jolla
Stars: ✭ 71 (-33.02%)
Mutual labels:  daemon
Rabbitmq Supervisor Bundle
Symfony bundle to automatically create and update supervisor configurations for RabbitMQ consumer daemons
Stars: ✭ 103 (-2.83%)
Mutual labels:  daemon
Sidedoor
SSH connection daemon for Debian/Raspbian/Ubuntu/etc
Stars: ✭ 97 (-8.49%)
Mutual labels:  daemon
Moolticute
Mooltipass crossplatform daemon/tools
Stars: ✭ 82 (-22.64%)
Mutual labels:  daemon
View All Similar Projects ➔

bolt

Userspace system daemon to enable security levels for Thunderbolt™ on GNU/Linux®.

Introduction

Thunderbolt™ is the brand name of a hardware interface developed by Intel® that allows the connection of external peripherals to a computer.

Devices connected via Thunderbolt can be DMA masters and thus read system memory without interference of the operating system (or even the CPU). Version 3 of the interface introduced 5 different security levels, in order to mitigate the aforementioned security risk that connected devices pose to the system. The security level is set by the system firmware.

The five security levels are:

  • none: Security disabled, all devices will fully functional on connect.
  • dponly: Only pass the display-port stream through to the connected device.
  • user: Connected devices need to be manually authorized by the user.
  • secure: As 'user', but also challenge the device with a secret key to verify its identity.
  • usbonly: One PCIe tunnel is created to a usb controller in a thunderbolt dock; no other downstream PCIe tunnels are authorized (needs 4.17 kernel and recent hardware).

The Linux kernel, starting with version 4.13, provides an interface via sysfs that enables userspace query the security level, the status of connected devices and, most importantly, to authorize devices, if the security level demands it.

boltd - the system daemon

The core of bolt is a system daemon (boltd) that interfaces with sysfs and exposes devices via D-Bus to clients. It also has a database of previously authorized devices (and their keys) and will, depending on the policy set for the individual devices, automatically authorize newly connected devices without user interaction. The daemon supports syncing the devices database with the pre-boot access control list firmware feature. It also adapts its behavior when iommu support is detected.

boltctl - command line client

The boltctl command line can be used to manage thunderbolt devices via boltd. It can list devices, monitor changes and initiate authorization of devices.

Installation

The meson build system is used to configure and compile bolt.

meson build           # configure bolt, use build as buildir
ninja -C build        # compile it
ninja -C build test   # run the tests

See INSTALL for more information, BUGS for how to file issues and HACKING how to contribute.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].