Import all devices that were authorized at boot and have active PCIe tunnels
Currently some devices are not being imported, even though they have active PCIe tunnels (i.e. they are fully functional) and were not explicitly authorized by the user (i.e. have to boot flag):
-
SECURE
mode (sl2), no key but boot (authorized by the firmware) -
NONE
mode (sl0)
The idea here is to keep a track record of devices that potentially had full access to the machine. Once the iommu
policy (part of #128 (closed)) is added, these devices can be imported with the iommu
policy.