Linux Prepares Support for ThinkPad USB-C Security Feature

Linux Prepares Support for ThinkPad USB-C Security Feature

Linux is preparing support for a Lenovo ThinkPad security feature that allows USB-C charging while blocking USB-C data connections.

The feature, called USB-C Security Restricted Mode, is designed for environments where organizations want to reduce the risk of unauthorized data transfers or malicious USB-C devices while still allowing power delivery.

Reporting USB-C Security Status

On supported newer ThinkPad systems, the feature can be enabled or disabled using the Fn+U and Fn+S key sequence.

The Linux enablement is being added through the ThinkPad ACPI driver. Once supported, users will be able to check the current state through a read-only sysfs entry at /sys/devices/platform/thinkpad_acpi/usb_c_security.

If the feature is enabled, USB-C data connections are blocked while charging remains available. If the sysfs file is present, it also indicates that the system supports the feature.

The update is mainly useful for kiosk deployments, managed enterprise laptops and physically secured environments where USB data access needs to be restricted.

The patch reflects continued work to expose vendor-specific hardware security features more clearly under Linux, giving administrators better visibility into device-level protections.