Linux 5.12 will support USB 4 “Security Level 5” to disable PCIe channels
According to the mailing list, in the upcoming Linux 5.12 merge window, the USB 4/Thunderbolt changes have been merged into the USB-next tree.
These changes come from Intel, including changes to Thunderbolt and the latest USB 4 related work. It is reported that one of the new security options of Linux 5.12 is to support the security level 5 (SL5) of USB4. Using this security level will disable the PCIe channel.
In fact, the Linux kernel has already supported USB 4/Thunderbolt security settings to require user approval before new devices can be authorized, automatically allow DisplayPort and USB, and only allow USB and other authorization mechanisms for channel transmission to resist potential malicious devices connected to the system. You can check the latest detailed information about USB4/Thunderbolt security controls on Linux through the latest documentation.
In addition, this change also includes support for ACPI 6.4 USB 4 _OSC, support for disabling the XDomain protocol, and some other minor changes.