[Nouveau] [PATCH 1/3] core: add support for secure boot
Alexandre Courbot
acourbot at nvidia.com
Sun Oct 25 22:47:20 PDT 2015
On GM20x and later GPUs, firmware for some essential falcons (notably
FECS) must be authenticated by a NVIDIA-produced signature and loaded
by a high-secure falcon in order to access certain registers, in a
process known as Secure Boot.
Secure Boot requires the building of a binary blob containing the
firmwares and signatures of the falcons to be loaded. This blob is then
given to a high-secure falcon running a signed loader firmware that
copies the blob into a write-protected region, checks that the
signatures are valid, and finally loads the verified firmware into the
managed falcons and switches them to a priviledged mode.
This patch adds code that performs this process using PMU as the
high-secure falcon, and wires it into the device core.
Currently, only the secure loading of the FECS firmware is handled, but
support for other falcons (notably GPCCS and PMU) is upcoming. The
reason for limiting to FECS is that GR must initiate the loading of
FECS at init time, which, being managed by secure boot, will trigger the
loading of all other managed firmwares. A solution to this needs to be
discussed.
This code is tested on Tegra/GM20B and some minor work is required for
dGPU support, but the fundations are here for general support of Secure
Boot.
This work is based on Deepak Goyal's initial port of Secure Boot to
Nouveau.
Signed-off-by: Alexandre Courbot <acourbot at nvidia.com>
---
drm/nouveau/include/nvkm/core/device.h | 10 +
drm/nouveau/include/nvkm/core/secure_boot.h | 52 +
drm/nouveau/nvkm/core/Kbuild | 1 +
drm/nouveau/nvkm/core/secure_boot.c | 1737 +++++++++++++++++++++++++++
drm/nouveau/nvkm/engine/device/base.c | 9 +
5 files changed, 1809 insertions(+)
create mode 100644 drm/nouveau/include/nvkm/core/secure_boot.h
create mode 100644 drm/nouveau/nvkm/core/secure_boot.c
diff --git a/drm/nouveau/include/nvkm/core/device.h b/drm/nouveau/include/nvkm/core/device.h
index 8f760002e401..19e75bb0f02a 100644
--- a/drm/nouveau/include/nvkm/core/device.h
+++ b/drm/nouveau/include/nvkm/core/device.h
@@ -78,6 +78,9 @@ struct nvkm_device {
u64 disable_mask;
u32 debug;
+ /* secure boot state, to repeat the process when needed */
+ void *secure_boot_state;
+
const struct nvkm_device_chip *chip;
enum {
NV_04 = 0x04,
@@ -205,6 +208,13 @@ struct nvkm_device_chip {
int (*sw )(struct nvkm_device *, int idx, struct nvkm_sw **);
int (*vic )(struct nvkm_device *, int idx, struct nvkm_engine **);
int (*vp )(struct nvkm_device *, int idx, struct nvkm_engine **);
+
+ struct {
+ /* Bit-mask of IDs of managed falcons. 0 means no secure boot */
+ unsigned long managed_falcons;
+ /* ID of the falcon that will perform secure boot */
+ unsigned long boot_falcon;
+ } secure_boot;
};
struct nvkm_device *nvkm_device_find(u64 name);
diff --git a/drm/nouveau/include/nvkm/core/secure_boot.h b/drm/nouveau/include/nvkm/core/secure_boot.h
new file mode 100644
index 000000000000..ddec92bb8fe7
--- /dev/null
+++ b/drm/nouveau/include/nvkm/core/secure_boot.h
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2015, NVIDIA CORPORATION. All rights reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ */
+
+#ifndef __NVKM_SECURE_BOOT_H__
+#define __NVKM_SECURE_BOOT_H__
+
+#include <core/device.h>
+
+#define LSF_FALCON_ID_PMU 0
+#define LSF_FALCON_ID_RESERVED 1
+#define LSF_FALCON_ID_FECS 2
+#define LSF_FALCON_ID_GPCCS 3
+#define LSF_FALCON_ID_END 4
+#define LSF_FALCON_ID_INVALID 0xffffffff
+
+int nvkm_secure_boot_init(struct nvkm_device *);
+void nvkm_secure_boot_fini(struct nvkm_device *);
+
+int nvkm_secure_boot(struct nvkm_device *);
+
+static inline bool
+nvkm_is_secure(struct nvkm_device *device, unsigned long falcon_id)
+{
+ return device->chip->secure_boot.managed_falcons & BIT(falcon_id);
+}
+
+static inline bool
+nvkm_need_secure_boot(struct nvkm_device *device)
+{
+ return device->chip->secure_boot.managed_falcons != 0;
+}
+
+#endif
diff --git a/drm/nouveau/nvkm/core/Kbuild b/drm/nouveau/nvkm/core/Kbuild
index 7f66963f305c..9d2ecc0effec 100644
--- a/drm/nouveau/nvkm/core/Kbuild
+++ b/drm/nouveau/nvkm/core/Kbuild
@@ -11,4 +11,5 @@ nvkm-y += nvkm/core/object.o
nvkm-y += nvkm/core/oproxy.o
nvkm-y += nvkm/core/option.o
nvkm-y += nvkm/core/ramht.o
+nvkm-y += nvkm/core/secure_boot.o
nvkm-y += nvkm/core/subdev.o
diff --git a/drm/nouveau/nvkm/core/secure_boot.c b/drm/nouveau/nvkm/core/secure_boot.c
new file mode 100644
index 000000000000..956c4cd0321e
--- /dev/null
+++ b/drm/nouveau/nvkm/core/secure_boot.c
@@ -0,0 +1,1737 @@
+/*
+ * Copyright (c) 2015, NVIDIA CORPORATION. All rights reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a
+ * copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ */
+
+/*
+ * Secure boot is the process by which NVIDIA-signed firmware is loaded into
+ * some of the falcons of a GPU. For production devices this is the only way
+ * for the firmware to access useful (but sensitive) registers.
+ *
+ * A Falcon microprocessor supporting advanced security modes can run in one of
+ * three modes:
+ *
+ * - Non-secure (NS). In this mode, functionality is similar to Falcon
+ * architectures before security modes were introduced (pre-Maxwell), but
+ * capability is restricted. In particular, certain registers may be
+ * inaccessible for reads and/or writes, and physical memory access may be
+ * disabled (on certain Falcon instances). This is the only possible mode that
+ * can be used if you don't have microcode cryptographically signed by NVIDIA.
+ *
+ * - Heavy Secure (HS). In this mode, the microprocessor is a black box - it's
+ * not possible to read or write any Falcon internal state or Falcon registers
+ * from outside the Falcon (for example, from the host system). The only way
+ * to enable this mode is by loading microcode that has been signed by NVIDIA.
+ * (The loading process involves tagging the IMEM block as secure, writing the
+ * signature into a Falcon register, and starting execution. The hardware will
+ * validate the signature, and if valid, grant HS privileges.)
+ *
+ * - Light Secure (LS). In this mode, the microprocessor has more privileges
+ * than NS but fewer than HS. Some of the microprocessor state is visible to
+ * host software to ease debugging. The only way to enable this mode is by HS
+ * microcode enabling LS mode. Some privileges available to HS mode are not
+ * available here. LS mode is introduced in GM20x.
+ *
+ * Secure boot consists in temporarily switchin a HS-capable falcon (typically
+ * PMU) into HS mode in order to validate the LS firmware of managed falcons,
+ * load it, and switch managed falcons into LS mode. Once secure boot completes,
+ * no falcon remains in HS mode.
+ *
+ * Secure boot requires a write-protected memory region (WPR) which can only be
+ * written by the secure falcon. On dGPU, the driver sets up the WPR region in
+ * video memory. On Tegra, it is set up by the bootloader and its location and
+ * size written into memory controller registers.
+ *
+ * The secure boot process takes place as follows:
+ *
+ * 1) A LS blob is constructed that contains all the LS firmwares we want to
+ * load, along with their signatures and bootloaders.
+ *
+ * 2) A HS blob (also called ACR) is created that contains the signed HS
+ * firmware in charge of loading the LS firmwares into their respective
+ * falcons.
+ *
+ * 3) The HS blob is loaded (via its own bootloader) and executed on the
+ * HS-capable falcon. It authenticates itself, switches the secure falcon to
+ * HS mode and copies the LS blob into the WPR region.
+ *
+ * 4) The LS blob now being secure from all external tampering. The HS falcon
+ * checks the signatures of the LS firmwares and, if valid, switches the
+ * managed falcons to LS mode and makes them ready to run the LS firmware.
+ *
+ * 5) The managed falcons remain in LS mode and can be started.
+ *
+ */
+
+#include <core/secure_boot.h>
+#include <core/gpuobj.h>
+#include <subdev/mmu.h>
+#include <subdev/timer.h>
+#include <subdev/fb.h>
+
+#include <linux/mutex.h>
+
+enum {
+ FALCON_DMAIDX_UCODE = 0,
+ FALCON_DMAIDX_VIRT = 1,
+ FALCON_DMAIDX_PHYS_VID = 2,
+ FALCON_DMAIDX_PHYS_SYS_COH = 3,
+ FALCON_DMAIDX_PHYS_SYS_NCOH = 4,
+};
+
+/*
+ *
+ * LS blob structures
+ *
+ */
+
+/**
+ * struct lsf_ucode_desc - LS falcon signatures
+ * @prd_keys: signature to use when the GPU is in production mode
+ * @dgb_keys: signature to use when the GPU is in debug mode
+ * @b_prd_present: whether the production key is present
+ * @b_dgb_present: whether the debug key is present
+ * @falcon_id: ID of the falcon the ucode applies to
+ *
+ * Directly loaded from a signature file.
+ */
+struct lsf_ucode_desc {
+ u8 prd_keys[2][16];
+ u8 dbg_keys[2][16];
+ u32 b_prd_present;
+ u32 b_dbg_present;
+ u32 falcon_id;
+};
+
+/**
+ * struct lsf_wpr_header - LS blob WPR Header
+ * @falcon_id: LS falcon ID
+ * @lsb_offset: offset of the lsb_lsf_header in the WPR region
+ * @bootstrap_owner: secure falcon reponsible for bootstrapping the LS falcon
+ * @lazy_bootstrap: skip bootstrapping by ACR
+ * @status: bootstrapping status
+ *
+ * An array of these is written at the beginning of the WPR region, one for
+ * each managed falcon. The array is terminated by an instance which falcon_id
+ * is LSF_FALCON_ID_INVALID.
+ */
+struct lsf_wpr_header {
+ u32 falcon_id;
+ u32 lsb_offset;
+ u32 bootstrap_owner;
+#define LSF_BOOTSTRAP_OWNER_DEFAULT LSF_FALCON_ID_PMU
+ u32 lazy_bootstrap;
+ u32 status;
+#define LSF_IMAGE_STATUS_NONE 0
+#define LSF_IMAGE_STATUS_COPY 1
+#define LSF_IMAGE_STATUS_VALIDATION_CODE_FAILED 2
+#define LSF_IMAGE_STATUS_VALIDATION_DATA_FAILED 3
+#define LSF_IMAGE_STATUS_VALIDATION_DONE 4
+#define LSF_IMAGE_STATUS_VALIDATION_SKIPPED 5
+#define LSF_IMAGE_STATUS_BOOTSTRAP_READY 6
+};
+
+/**
+ * struct lsf_lsb_header - LS firmware header
+ * @signature: signature to verify the firmware against
+ * @ucode_off: offset of the ucode blob in the WPR region. The ucode
+ * blob contains the bootloader, code and data of the
+ * LS falcon
+ * @ucode_size: size of the ucode blob, including bootloader
+ * @data_size: size of the ucode blob data
+ * @bl_code_size: size of the bootloader code
+ * @bl_imem_off: offset in imem of the bootloader
+ * @bl_data_off: offset of the bootloader data in WPR region
+ * @bl_data_size: size of the bootloader data
+ * @app_code_off: offset of the app code relative to ucode_off
+ * @app_code_size: size of the app code
+ * @app_data_off: offset of the app data relative to ucode_off
+ * @app_data_size: size of the app data
+ * @flags: flags for the secure bootloader
+ *
+ * This structure is written into the WPR region for each managed falcon. Each
+ * instance is referenced by the lsb_offset member of the corresponding
+ * lsf_wpr_header.
+ */
+struct lsf_lsb_header {
+ struct lsf_ucode_desc signature;
+ u32 ucode_off;
+ u32 ucode_size;
+ u32 data_size;
+ u32 bl_code_size;
+ u32 bl_imem_off;
+ u32 bl_data_off;
+ u32 bl_data_size;
+ u32 app_code_off;
+ u32 app_code_size;
+ u32 app_data_off;
+ u32 app_data_size;
+ u32 flags;
+#define NV_FLCN_ACR_LSF_FLAG_LOAD_CODE_AT_0_FALSE 0
+#define NV_FLCN_ACR_LSF_FLAG_LOAD_CODE_AT_0_TRUE 1
+#define NV_FLCN_ACR_LSF_FLAG_DMACTL_REQ_CTX_FALSE 0
+#define NV_FLCN_ACR_LSF_FLAG_DMACTL_REQ_CTX_TRUE 4
+};
+
+/**
+ * struct flcn_bl_dmem_desc - DMEM bootloader descriptor
+ * @signature: 16B signature for secure code. 0s if no secure code
+ * @ctx_dma: DMA context to be used by BL while loading code/data
+ * @code_dma_base: 256B-aligned Physical FB Address where code is located
+ * @non_sec_code_off: offset from code_dma_base where the non-secure code is
+ * located. The offset must be multiple of 256 to help perf
+ * @non_sec_code_size: the size of the nonSecure code part.
+ * @sec_code_off: offset from code_dma_base where the secure code is
+ * located. The offset must be multiple of 256 to help perf
+ * @sec_code_size: offset from code_dma_base where the secure code is
+ * located. The offset must be multiple of 256 to help perf
+ * @code_entry_point: code entry point which will be invoked by BL after
+ * code is loaded.
+ * @data_dma_base: 256B aligned Physical FB Address where data is located.
+ * @data_size: size of data block. Should be multiple of 256B
+ *
+ * Structure used by the bootloader to load the rest of the code. This has
+ * to be filled by host and copied into DMEM at offset provided in the
+ * hsflcn_bl_desc.bl_desc_dmem_load_off.
+ */
+struct flcn_bl_dmem_desc {
+ u32 reserved[4];
+ u32 signature[4];
+ u32 ctx_dma;
+ u32 code_dma_base;
+ u32 non_sec_code_off;
+ u32 non_sec_code_size;
+ u32 sec_code_off;
+ u32 sec_code_size;
+ u32 code_entry_point;
+ u32 data_dma_base;
+ u32 data_size;
+};
+
+/**
+ * struct ls_ucode_desc - descriptor of firmware image
+ * @descriptor_size: size of this descriptor
+ * @image_size: size of the whole image
+ * @bootloader_start_offset: start offset of the bootloader in ucode image
+ * @bootloader_size: size of the bootloader
+ * @bootloader_imem_offset: start off set of the bootloader in IMEM
+ * @bootloader_entry_point: entry point of the bootloader in IMEM
+ * @app_start_offset: start offset of the LS firmware
+ * @app_size: size of the LS firmware's code and data
+ * @app_imem_offset: offset of the app in IMEM
+ * @app_imem_entry: entry point of the app in IMEM
+ * @app_dmem_offset: offset of the data in DMEM
+ * @app_resident_code_offset: offset of app code from app_start_offset
+ * @app_resident_code_size: size of the code
+ * @app_resident_data_offset: offset of data from app_start_offset
+ * @app_resident_data_size: size of data
+ *
+ * A firmware image contains the code, data, and bootloader of a given LS
+ * falcon in a single blob. This structure describes where everything is.
+ *
+ * This can be generated from a (bootloader, code, data) set if they have
+ * been loaded separately, or come directly from a file. For the later case,
+ * we need to keep the fields that are unused by the code.
+ */
+struct ls_ucode_desc {
+ u32 descriptor_size;
+ u32 image_size;
+ u32 tools_version;
+ u32 app_version;
+ char date[64];
+ u32 bootloader_start_offset;
+ u32 bootloader_size;
+ u32 bootloader_imem_offset;
+ u32 bootloader_entry_point;
+ u32 app_start_offset;
+ u32 app_size;
+ u32 app_imem_offset;
+ u32 app_imem_entry;
+ u32 app_dmem_offset;
+ u32 app_resident_code_offset;
+ u32 app_resident_code_size;
+ u32 app_resident_data_offset;
+ u32 app_resident_data_size;
+ u32 nb_overlays;
+ struct {u32 start; u32 size; } load_ovl[32];
+ u32 compressed;
+};
+
+/**
+ * struct lsf_ucode_img - temporary storage for loaded LS firmwares
+ * @node: to link within lsf_ucode_mgr
+ * @falcon_id: ID of the falcon this LS firmware is for
+ * @ucode_desc: loaded or generated map of ucode_data
+ * @ucode_header: header of the firmware
+ * @ucode_data: firmware payload (code and data)
+ * @ucode_size: size in bytes of data in ucode_data
+ * @wpr_header: WPR header to be written to the LS blob
+ * @lsb_header: LSB header to be written to the LS blob
+ * @bl_dmem_desc: DMEM bootloader descriptor to be written to the LS blob
+ *
+ * Preparing the WPR LS blob requires information about all the LS firmwares
+ * (size, etc) to be known. This structure contains all the data of one LS
+ * firmware.
+ */
+struct lsf_ucode_img {
+ struct list_head node;
+ u32 falcon_id;
+
+ struct ls_ucode_desc ucode_desc;
+ u32 *ucode_header;
+ u8 *ucode_data;
+ u32 ucode_size;
+
+ /* All members below to be copied into the WPR blob */
+ struct lsf_wpr_header wpr_header;
+ struct lsf_lsb_header lsb_header;
+ struct flcn_bl_dmem_desc bl_dmem_desc;
+};
+
+/**
+ * struct lsf_ucode_mgr - manager for all LS falcon firmwares
+ * @count: number of managed LS falcons
+ * @wpr_size: size of the required WPR region in bytes
+ * @img_list: linked list of lsf_ucode_img
+ */
+struct lsf_ucode_mgr {
+ u16 count;
+ u32 wpr_size;
+ struct list_head img_list;
+};
+
+/*
+ *
+ * HS blob structures
+ *
+ */
+
+/**
+ * struct hs_bin_hdr - header of HS firmware and bootloader files
+ * @bin_magic: always 0x10de
+ * @bin_ver: version of the bin format
+ * @bin_size: entire image size excluding this header
+ * @header_offset: offset of the firmware/bootloader header in the file
+ * @data_offset: offset of the firmware/bootloader payload in the file
+ * @data_size: size of the payload
+ *
+ * This header is located at the beginning of the HS firmware and HS bootloader
+ * files, to describe where the headers and data can be found.
+ */
+struct hs_bin_hdr {
+ u32 bin_magic;
+ u32 bin_ver;
+ u32 bin_size;
+ u32 header_offset;
+ u32 data_offset;
+ u32 data_size;
+};
+
+/**
+ * struct hsflcn_bl_desc - HS firmware bootloader descriptor
+ * @bl_start_tag: starting tag of bootloader
+ * @bl_desc_dmem_load_off: DMEM offset of flcn_bl_dmem_desc
+ * @bl_code_off: offset of code section
+ * @bl_code_size: size of code section
+ * @bl_data_off: offset of data section
+ * @bl_data_size: size of data section
+ *
+ * This structure is embedded in the HS bootloader firmware file at
+ * hs_bin_hdr.header_offset to describe the IMEM and DMEM layout expected by the
+ * HS bootloader.
+ */
+struct hsflcn_bl_desc {
+ u32 bl_start_tag;
+ u32 bl_desc_dmem_load_off;
+ u32 bl_code_off;
+ u32 bl_code_size;
+ u32 bl_data_off;
+ u32 bl_data_size;
+};
+
+/**
+ * struct acr_fw_header - HS firmware descriptor
+ * @sig_dbg_offset: offset of the debug signature
+ * @sig_dbg_size: size of the debug signature
+ * @sig_prod_offset: offset of the production signature
+ * @sig_prod_size: size of the production signature
+ * @patch_loc: offset of the offset (sic) of where the signature is
+ * @patch_sig: offset of the offset (sic) to add to sig_*_offset
+ * @hdr_offset: offset of the load header (see struct hs_load_header)
+ * @hdr_size: size of above header
+ *
+ * This structure is embedded in the HS firmware image at
+ * hs_bin_hdr.header_offset.
+ */
+struct acr_fw_header {
+ u32 sig_dbg_offset;
+ u32 sig_dbg_size;
+ u32 sig_prod_offset;
+ u32 sig_prod_size;
+ u32 patch_loc;
+ u32 patch_sig;
+ u32 hdr_offset;
+ u32 hdr_size;
+};
+
+/**
+ * struct acr_load_header - HS firmware loading header
+ *
+ * Data to be copied as-is into the struct flcn_bl_dmem_desc for the HS firmware
+ */
+struct acr_load_header {
+ u32 non_sec_code_off;
+ u32 non_sec_code_size;
+ u32 data_dma_base;
+ u32 data_size;
+ u32 reserved;
+ u32 sec_code_off;
+ u32 sec_code_size;
+};
+
+/**
+ * Contains the whole secure boot state, allowing it to be performed as needed
+ * @falcon_id: falcon that will perform secure boot
+ * @wpr_addr: physical address of the WPR region
+ * @wpr_size: size in bytes of the WPR region
+ * @ls_blob: LS blob of all the LS firmwares, signatures, bootloaders
+ * @ls_blob_size: size of the LS blob
+ * @ls_blob_nb_regions: number of LS firmwares that will be loaded
+ * @acr_blob: HS blob
+ * @acr_blob_vma: mapping of the HS blob into the secure falcon's VM
+ * @acr_bl_desc: bootloader descriptor of the HS blob
+ * @hsbl_blob: HS blob bootloader
+ * @inst: instance block for HS falcon
+ * @pgd: page directory for the HS falcon
+ * @vm: address space used by the HS falcon
+ */
+struct secure_boot {
+ u32 falcon_id;
+ u64 wpr_addr;
+ u32 wpr_size;
+ u32 base;
+
+ /* LS FWs, to be loaded by the HS ACR */
+ struct nvkm_gpuobj *ls_blob;
+ u32 ls_blob_size;
+ u16 ls_blob_nb_regions;
+
+ /* HS FW */
+ struct nvkm_gpuobj *acr_blob;
+ struct nvkm_vma acr_blob_vma;
+ struct flcn_bl_dmem_desc acr_bl_desc;
+
+ /* HS bootloader */
+ void *hsbl_blob;
+
+ /* Instance block & address space */
+ struct nvkm_gpuobj *inst;
+ struct nvkm_gpuobj *pgd;
+ struct nvkm_vm *vm;
+
+};
+
+/* TODO move to global place? */
+static void
+nvkm_gpuobj_memcpy(struct nvkm_gpuobj *dest, u32 dstoffset, void *src,
+ u32 length)
+{
+ int i;
+
+ for (i = 0; i < length; i += 4)
+ nvkm_wo32(dest, dstoffset + i, *(u32 *)(src + i));
+}
+
+/* TODO share with the GR FW loading routine? */
+static int
+sb_get_firmware(struct nvkm_device *device, const char *fwname,
+ const struct firmware **fw)
+{
+ char f[64];
+ char cname[16];
+ int i;
+
+ /* Convert device name to lowercase */
+ strncpy(cname, device->chip->name, sizeof(cname));
+ cname[sizeof(cname) - 1] = '\0';
+ i = strlen(cname);
+ while (i) {
+ --i;
+ cname[i] = tolower(cname[i]);
+ }
+
+ snprintf(f, sizeof(f), "nvidia/%s/%s.bin", cname, fwname);
+ return request_firmware(fw, f, device->dev);
+}
+
+/**
+ * Convenience function to duplicate a firmware file in memory and check that
+ * it has the required minimum size.
+ */
+static void *
+sb_load_firmware(struct nvkm_device *device, const char *name,
+ size_t min_size)
+{
+ const struct firmware *fw;
+ void *ret;
+ int err;
+
+ err = sb_get_firmware(device, name, &fw);
+ if (err)
+ return ERR_PTR(err);
+ if (fw->size < min_size) {
+ release_firmware(fw);
+ return ERR_PTR(-EINVAL);
+ }
+ ret = kmemdup(fw->data, fw->size, GFP_KERNEL);
+ release_firmware(fw);
+ if (!ret)
+ return ERR_PTR(-ENOMEM);
+
+ return ret;
+}
+
+/*
+ * Low-secure blob creation
+ */
+
+#define BL_DESC_BLK_SIZE 256
+/**
+ * Build a ucode image and descriptor from provided bootloader, code and data.
+ *
+ * @bl: bootloader image, including 16-bytes descriptor
+ * @code: LS firmware code segment
+ * @data: LS firmware data segment
+ * @desc: ucode descriptor to be written
+ *
+ * Return: allocated ucode image with corresponding descriptor information. desc
+ * is also updated to contain the right offsets within returned image.
+ */
+static void *
+lsf_ucode_img_build(const struct firmware *bl, const struct firmware *code,
+ const struct firmware *data, struct ls_ucode_desc *desc)
+{
+ struct {
+ u32 start_offset;
+ u32 size;
+ u32 imem_offset;
+ u32 entry_point;
+ } *bl_desc;
+ u32 *bl_image;
+ u32 pos = 0;
+ u8 *image;
+
+ bl_desc = (void *)bl->data;
+ bl_image = (void *)(bl_desc + 1);
+
+ desc->bootloader_start_offset = pos;
+ desc->bootloader_size = ALIGN(bl_desc->size, sizeof(u32));
+ desc->bootloader_imem_offset = bl_desc->imem_offset;
+ desc->bootloader_entry_point = bl_desc->entry_point;
+
+ pos = ALIGN(pos + desc->bootloader_size, BL_DESC_BLK_SIZE);
+ desc->app_start_offset = pos;
+ desc->app_size = ALIGN(code->size, BL_DESC_BLK_SIZE) +
+ ALIGN(data->size, BL_DESC_BLK_SIZE);
+ desc->app_imem_offset = 0;
+ desc->app_imem_entry = 0;
+ desc->app_dmem_offset = 0;
+ desc->app_resident_code_offset = 0;
+ desc->app_resident_code_size = code->size;
+
+ pos = ALIGN(pos + desc->app_resident_code_size, BL_DESC_BLK_SIZE);
+ desc->app_resident_data_offset = pos - desc->app_start_offset;
+ desc->app_resident_data_size = data->size;
+
+ desc->image_size = ALIGN(bl_desc->size, BL_DESC_BLK_SIZE) +
+ desc->app_size;
+
+ image = kzalloc(desc->image_size, GFP_KERNEL);
+ if (!image)
+ return ERR_PTR(-ENOMEM);
+
+ memcpy(image + desc->bootloader_start_offset, bl_image, bl_desc->size);
+ memcpy(image + desc->app_start_offset, code->data, code->size);
+ memcpy(image + desc->app_start_offset + desc->app_resident_data_offset,
+ data->data, data->size);
+
+ return image;
+}
+
+/**
+ * lsf_ucode_img_load_fecs() - load and prepare the LS FECS ucode image
+ *
+ * Load the FECS microcode, bootloader and signature and pack them into a single
+ * blob. Also generate the corresponding ucode descriptor.
+ */
+static int
+lsf_ucode_img_load_fecs(struct nvkm_device *device, struct lsf_ucode_img *img)
+{
+ const struct firmware *fecs_bl, *fecs_code, *fecs_data;
+ struct lsf_ucode_desc *lsf_desc;
+ int err;
+
+ img->ucode_header = NULL;
+
+ err = sb_get_firmware(device, "fecs_bl", &fecs_bl);
+ if (err)
+ goto error;
+
+ err = sb_get_firmware(device, "fecs_inst", &fecs_code);
+ if (err)
+ goto free_bl;
+
+ err = sb_get_firmware(device, "fecs_data", &fecs_data);
+ if (err)
+ goto free_inst;
+
+ img->ucode_data = lsf_ucode_img_build(fecs_bl, fecs_code, fecs_data,
+ &img->ucode_desc);
+ if (IS_ERR(img->ucode_data)) {
+ err = PTR_ERR(img->ucode_data);
+ goto free_data;
+ }
+ img->ucode_size = img->ucode_desc.image_size;
+
+ lsf_desc = sb_load_firmware(device, "fecs_sig", sizeof(*lsf_desc));
+ if (IS_ERR(lsf_desc)) {
+ err = PTR_ERR(lsf_desc);
+ goto free_image;
+ }
+ /* not needed? the signature should already have the right value */
+ lsf_desc->falcon_id = LSF_FALCON_ID_FECS;
+ memcpy(&img->lsb_header.signature, lsf_desc, sizeof(*lsf_desc));
+ img->falcon_id = lsf_desc->falcon_id;
+ kfree(lsf_desc);
+
+ /* success path - only free requested firmware files */
+ goto free_data;
+
+free_image:
+ kfree(img->ucode_data);
+free_data:
+ release_firmware(fecs_data);
+free_inst:
+ release_firmware(fecs_code);
+free_bl:
+ release_firmware(fecs_bl);
+error:
+ return err;
+}
+
+/**
+ * lsf_ucode_img_populate_bl_desc() - populate a DMEM BL descriptor for LS image
+ * @img: ucode image to generate against
+ * @desc: descriptor to populate
+ * @sb: secure boot state to use for base addresses
+ *
+ * Populate the DMEM BL descriptor with the information contained in a
+ * ls_ucode_desc.
+ *
+ */
+static void
+lsf_ucode_img_populate_bl_desc(struct lsf_ucode_img *img,
+ struct secure_boot *sb,
+ struct flcn_bl_dmem_desc *desc)
+{
+ struct ls_ucode_desc *pdesc = &img->ucode_desc;
+ u64 addr_base;
+
+ addr_base = sb->wpr_addr + img->lsb_header.ucode_off +
+ pdesc->app_start_offset;
+
+ memset(desc, 0, sizeof(*desc));
+ desc->ctx_dma = FALCON_DMAIDX_UCODE;
+ desc->code_dma_base = lower_32_bits(
+ (addr_base + pdesc->app_resident_code_offset) >> 8);
+ desc->non_sec_code_size = pdesc->app_resident_code_size;
+ desc->data_dma_base = lower_32_bits(
+ (addr_base + pdesc->app_resident_data_offset) >> 8);
+ desc->data_size = pdesc->app_resident_data_size;
+ desc->code_entry_point = pdesc->app_imem_entry;
+}
+
+typedef int (*lsf_load_func)(struct nvkm_device *, struct lsf_ucode_img *);
+
+/**
+ * lsf_ucode_img_load() - create a lsf_ucode_img and load it
+ */
+static struct lsf_ucode_img *
+lsf_ucode_img_load(struct nvkm_device *device, lsf_load_func load_func)
+{
+ struct lsf_ucode_img *img;
+ int err;
+
+ img = kzalloc(sizeof(*img), GFP_KERNEL);
+ if (!img)
+ return ERR_PTR(-ENOMEM);
+
+ err = load_func(device, img);
+ if (err) {
+ kfree(img);
+ return ERR_PTR(err);
+ }
+
+ return img;
+}
+
+static const lsf_load_func lsf_load_funcs[] = {
+ [LSF_FALCON_ID_END] = NULL, /* reserve enough space */
+ [LSF_FALCON_ID_FECS] = lsf_ucode_img_load_fecs,
+};
+
+
+#define LSF_LSB_HEADER_ALIGN 256
+#define LSF_BL_DATA_ALIGN 256
+#define LSF_BL_DATA_SIZE_ALIGN 256
+#define LSF_BL_CODE_SIZE_ALIGN 256
+#define LSF_UCODE_DATA_ALIGN 4096
+
+/**
+ * lsf_ucode_img_fill_headers - fill the WPR and LSB headers of an image
+ * @img: image to generate for
+ * @offset: offset in the WPR region where this image starts
+ *
+ * Allocate space in the WPR area from offset and write the WPR and LSB headers
+ * accordingly.
+ *
+ * Return: offset at the end of this image.
+ */
+static u32
+lsf_ucode_img_fill_headers(struct lsf_ucode_img *img, u32 offset, u32 falcon_id)
+{
+ struct lsf_wpr_header *whdr = &img->wpr_header;
+ struct lsf_lsb_header *lhdr = &img->lsb_header;
+ struct ls_ucode_desc *desc = &img->ucode_desc;
+
+ /* Fill WPR header */
+ whdr->falcon_id = img->falcon_id;
+ whdr->bootstrap_owner = LSF_BOOTSTRAP_OWNER_DEFAULT;
+ whdr->status = LSF_IMAGE_STATUS_COPY;
+
+ /* Align, save off, and include an LSB header size */
+ offset = ALIGN(offset, LSF_LSB_HEADER_ALIGN);
+ whdr->lsb_offset = offset;
+ offset += sizeof(struct lsf_lsb_header);
+
+ /*
+ * Align, save off, and include the original (static) ucode
+ * image size
+ */
+ offset = ALIGN(offset, LSF_UCODE_DATA_ALIGN);
+ lhdr->ucode_off = offset;
+ offset += img->ucode_size;
+
+ /*
+ * For falcons that use a boot loader (BL), we append a loader
+ * desc structure on the end of the ucode image and consider
+ * this the boot loader data. The host will then copy the loader
+ * desc args to this space within the WPR region (before locking
+ * down) and the HS bin will then copy them to DMEM 0 for the
+ * loader.
+ */
+ if (!img->ucode_header) {
+ /* Use a loader */
+ lhdr->bl_code_size = ALIGN(desc->bootloader_size,
+ LSF_BL_CODE_SIZE_ALIGN);
+ lhdr->ucode_size = ALIGN(desc->app_resident_data_offset,
+ LSF_BL_CODE_SIZE_ALIGN) +
+ lhdr->bl_code_size;
+ lhdr->data_size = ALIGN(desc->app_size,
+ LSF_BL_CODE_SIZE_ALIGN) +
+ lhdr->bl_code_size -
+ lhdr->ucode_size;
+ /*
+ * Though the BL is located at 0th offset of the image, the VA
+ * is different to make sure that it doesn't collide the actual
+ * OS VA range
+ */
+ lhdr->bl_imem_off = desc->bootloader_imem_offset;
+ lhdr->app_code_off = desc->app_start_offset +
+ desc->app_resident_code_offset;
+ lhdr->app_code_size = desc->app_resident_code_size;
+ lhdr->app_data_off = desc->app_start_offset +
+ desc->app_resident_data_offset;
+ lhdr->app_data_size = desc->app_resident_data_size;
+
+ lhdr->flags = 0;
+ if (img->falcon_id == falcon_id)
+ lhdr->flags = NV_FLCN_ACR_LSF_FLAG_DMACTL_REQ_CTX_TRUE;
+
+ /* Align (size bloat) and save off BL descriptor size */
+ lhdr->bl_data_size = ALIGN(sizeof(img->bl_dmem_desc),
+ LSF_BL_DATA_SIZE_ALIGN);
+ /*
+ * Align, save off, and include the additional BL data
+ */
+ offset = ALIGN(offset, LSF_BL_DATA_ALIGN);
+ lhdr->bl_data_off = offset;
+ offset += lhdr->bl_data_size;
+ } else {
+ /* Do not use a loader */
+ lhdr->ucode_size = img->ucode_size;
+ lhdr->data_size = 0;
+ lhdr->bl_code_size = 0;
+ lhdr->bl_data_off = 0;
+ lhdr->bl_data_size = 0;
+
+ lhdr->flags = NV_FLCN_ACR_LSF_FLAG_LOAD_CODE_AT_0_TRUE |
+ NV_FLCN_ACR_LSF_FLAG_DMACTL_REQ_CTX_TRUE;
+
+ /* TODO Complete for dGPU */
+
+ /*
+ * bl_data_off is already assigned in static
+ * information. But that is from start of the image
+ */
+ img->lsb_header.bl_data_off += (offset - img->ucode_size);
+ }
+
+ return offset;
+}
+
+static void
+lsf_ucode_mgr_init(struct lsf_ucode_mgr *mgr)
+{
+ memset(mgr, 0, sizeof(*mgr));
+ INIT_LIST_HEAD(&mgr->img_list);
+}
+
+static void
+lsf_ucode_mgr_cleanup(struct lsf_ucode_mgr *mgr)
+{
+ struct lsf_ucode_img *img, *t;
+
+ list_for_each_entry_safe(img, t, &mgr->img_list, node) {
+ kfree(img->ucode_data);
+ kfree(img->ucode_header);
+ kfree(img);
+ }
+}
+
+static void
+lsf_ucode_mgr_add_img(struct lsf_ucode_mgr *mgr, struct lsf_ucode_img *img)
+{
+ mgr->count++;
+ list_add(&img->node, &mgr->img_list);
+}
+
+/**
+ * lsf_mgr_fill_headers - fill the WPR and LSB headers of all managed images
+ */
+static void
+lsf_ucode_mgr_fill_headers(struct secure_boot *sb, struct lsf_ucode_mgr *mgr)
+{
+ struct lsf_ucode_img *img;
+ u32 offset;
+
+ /*
+ * Start with an array of WPR headers at the base of the WPR.
+ * The expectation here is that the secure falcon will do a single DMA
+ * read of this array and cache it internally so it's ok to pack these.
+ * Also, we add 1 to the falcon count to indicate the end of the array.
+ */
+ offset = sizeof(struct lsf_wpr_header) * (mgr->count + 1);
+
+ /*
+ * Walk the managed falcons, accounting for the LSB structs
+ * as well as the ucode images.
+ */
+ list_for_each_entry(img, &mgr->img_list, node) {
+ offset = lsf_ucode_img_fill_headers(img, offset, sb->falcon_id);
+ }
+
+ mgr->wpr_size = offset;
+}
+
+/**
+ * lsf_ucode_mgr_write_wpr - write the WPR blob contents
+ */
+static void
+lsf_ucode_mgr_write_wpr(struct nvkm_device *device, struct lsf_ucode_mgr *mgr,
+ struct nvkm_gpuobj *wpr_blob)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ struct lsf_ucode_img *img;
+ u32 pos = 0;
+
+ nvkm_kmap(wpr_blob);
+
+ list_for_each_entry(img, &mgr->img_list, node) {
+ nvkm_gpuobj_memcpy(wpr_blob, pos, &img->wpr_header,
+ sizeof(img->wpr_header));
+
+ nvkm_gpuobj_memcpy(wpr_blob, img->wpr_header.lsb_offset,
+ &img->lsb_header, sizeof(img->lsb_header));
+
+ /* Generate and write BL descriptor */
+ if (!img->ucode_header) {
+ lsf_ucode_img_populate_bl_desc(img, sb,
+ &img->bl_dmem_desc);
+ nvkm_gpuobj_memcpy(wpr_blob,
+ img->lsb_header.bl_data_off,
+ &img->bl_dmem_desc,
+ sizeof(img->bl_dmem_desc));
+ }
+
+ /* Copy ucode */
+ nvkm_gpuobj_memcpy(wpr_blob, img->lsb_header.ucode_off,
+ img->ucode_data, img->ucode_size);
+
+ pos += sizeof(img->wpr_header);
+ }
+
+ nvkm_wo32(wpr_blob, pos, LSF_FALCON_ID_INVALID);
+
+ nvkm_done(wpr_blob);
+}
+
+/**
+ * sb_prepare_ls_blob() - prepare the LS blob to be written in the WPR region
+ *
+ * For each securely managed falcon, load the FW, signatures and bootloaders and
+ * prepare a ucode blob. Then, compute the offsets in the WPR region for each
+ * blob, and finally write the headers and ucode blobs into a GPU object that
+ * will be copied into the WPR region by the HS firmware.
+ */
+static int
+sb_prepare_ls_blob(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ struct lsf_ucode_mgr mgr;
+ int falcon_id;
+ int err;
+
+ lsf_ucode_mgr_init(&mgr);
+
+ sb->falcon_id = device->chip->secure_boot.boot_falcon;
+
+ /* Load all LS blobs */
+ for_each_set_bit(falcon_id, &device->chip->secure_boot.managed_falcons,
+ LSF_FALCON_ID_END) {
+ struct lsf_ucode_img *img;
+
+ img = lsf_ucode_img_load(device, lsf_load_funcs[falcon_id]);
+
+ if (IS_ERR(img)) {
+ err = PTR_ERR(img);
+ goto cleanup;
+ }
+ lsf_ucode_mgr_add_img(&mgr, img);
+ }
+
+ /*
+ * Fill the WPR and LSF headers with the right offsets and compute
+ * required WPR size
+ */
+ lsf_ucode_mgr_fill_headers(sb, &mgr);
+
+ if (mgr.wpr_size > sb->wpr_size) {
+ nvdev_error(device, "WPR region too small to host FW blob!\n");
+ nvdev_error(device, "required: %d bytes\n", sb->ls_blob_size);
+ nvdev_error(device, "WPR size: %d bytes\n", sb->wpr_size);
+ err = -ENOMEM;
+ goto cleanup;
+ }
+
+ err = nvkm_gpuobj_new(device, mgr.wpr_size, 0x1000, false, NULL,
+ &sb->ls_blob);
+ if (err)
+ goto cleanup;
+
+ nvdev_debug(device, "%d managed LS falcons, WPR size is %d bytes\n",
+ mgr.count, mgr.wpr_size);
+
+ /* write LS blob */
+ lsf_ucode_mgr_write_wpr(device, &mgr, sb->ls_blob);
+
+ sb->ls_blob_size = mgr.wpr_size;
+ sb->ls_blob_nb_regions = mgr.count;
+
+cleanup:
+ lsf_ucode_mgr_cleanup(&mgr);
+
+ return err;
+}
+
+static void
+sb_cleanup_ls_blob(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+
+ nvkm_gpuobj_del(&sb->ls_blob);
+}
+
+/*
+ * High-secure blob creation
+ */
+
+/**
+ * hsf_img_patch_signature() - patch the HS blob with the correct signature
+ */
+static void
+hsf_img_patch_signature(struct nvkm_device *device, void *acr_image)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ struct hs_bin_hdr *hsbin_hdr = acr_image;
+ struct acr_fw_header *fw_hdr = acr_image + hsbin_hdr->header_offset;
+ void *hs_data = acr_image + hsbin_hdr->data_offset;
+ u32 patch_loc;
+ u32 patch_sig;
+ void *sig;
+ u32 sig_size;
+
+ patch_loc = *(u32 *)(acr_image + fw_hdr->patch_loc);
+ patch_sig = *(u32 *)(acr_image + fw_hdr->patch_sig);
+
+ /* Falcon in debug or production mode? */
+ if ((nvkm_rd32(device, sb->base + 0xc08) >> 20) & 0x1) {
+ sig = acr_image + fw_hdr->sig_dbg_offset;
+ sig_size = fw_hdr->sig_dbg_size;
+ } else {
+ sig = acr_image + fw_hdr->sig_prod_offset;
+ sig_size = fw_hdr->sig_prod_size;
+ }
+
+ /* Patch signature */
+ memcpy(hs_data + patch_loc, sig + patch_sig, sig_size);
+}
+
+/**
+ * struct hsflcn_acr_desc - data section of the HS firmware
+ * @signature: signature of ACR ucode
+ * @wpr_region_id: region ID holding the WPR header and its details
+ * @wpr_offset: offset from the WPR region holding the wpr header
+ * @regions: region descriptors
+ * @nonwpr_ucode_blob_size: size of LS blob
+ * @nonwpr_ucode_blob_start: FB location of LS blob is
+ */
+struct hsflcn_acr_desc {
+ union {
+ u8 reserved_dmem[0x200];
+ u32 signatures[4];
+ } ucode_reserved_space;
+ u32 wpr_region_id;
+ u32 wpr_offset;
+ u32 mmu_mem_range;
+#define FLCN_ACR_MAX_REGIONS 2
+ struct {
+ u32 no_regions;
+ struct {
+ u32 start_addr;
+ u32 end_addr;
+ u32 region_id;
+ u32 read_mask;
+ u32 write_mask;
+ u32 client_mask;
+ } region_props[FLCN_ACR_MAX_REGIONS];
+ } regions;
+ u32 nonwpr_ucode_blob_size;
+ u64 nonwpr_ucode_blob_start;
+};
+
+/**
+ * hsf_img_patch_desc() - patch the HS firmware with location of the LS blob
+ */
+static void
+hsf_img_patch_desc(struct secure_boot *sb, void *acr_image)
+{
+ struct hs_bin_hdr *hsbin_hdr = acr_image;
+ struct acr_fw_header *fw_hdr = acr_image + hsbin_hdr->header_offset;
+ struct acr_load_header *load_hdr = acr_image + fw_hdr->hdr_offset;
+ void *hs_data = acr_image + hsbin_hdr->data_offset;
+ struct hsflcn_acr_desc *desc = hs_data + load_hdr->data_dma_base;
+
+ desc->nonwpr_ucode_blob_start = sb->ls_blob->addr;
+ desc->nonwpr_ucode_blob_size = sb->ls_blob_size;
+ desc->regions.no_regions = sb->ls_blob_nb_regions;
+ desc->wpr_offset = 0;
+}
+
+/**
+ * hsf_img_populate_bl_desc() - populate a DMEM BL descriptor for HS image
+ */
+static void
+hsf_img_populate_bl_desc(void *acr_image, struct flcn_bl_dmem_desc *bl_desc)
+{
+ struct hs_bin_hdr *hsbin_hdr = acr_image;
+ struct acr_fw_header *fw_hdr = acr_image + hsbin_hdr->header_offset;
+ struct acr_load_header *load_hdr = acr_image + fw_hdr->hdr_offset;
+
+ /*
+ * Descriptor for the bootloader that will load the ACR image into
+ * IMEM/DMEM memory.
+ */
+ fw_hdr = acr_image + hsbin_hdr->header_offset;
+ load_hdr = acr_image + fw_hdr->hdr_offset;
+ memset(bl_desc, 0, sizeof(*bl_desc));
+ bl_desc->ctx_dma = FALCON_DMAIDX_VIRT;
+ bl_desc->non_sec_code_off = load_hdr->non_sec_code_off;
+ bl_desc->non_sec_code_size = load_hdr->non_sec_code_size;
+ bl_desc->sec_code_off = load_hdr->sec_code_off;
+ bl_desc->sec_code_size = load_hdr->sec_code_size;
+ bl_desc->code_entry_point = 0;
+ /*
+ * We need to set code_dma_base to the virtual address of the acr_blob,
+ * and add this address to data_dma_base before writing it into DMEM
+ */
+ bl_desc->code_dma_base = 0;
+ bl_desc->data_dma_base = load_hdr->data_dma_base >> 8;
+ bl_desc->data_size = load_hdr->data_size;
+}
+
+static int
+sb_prepare_hs_blob(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ void *acr_image;
+ struct hs_bin_hdr *hsbin_hdr;
+ u32 img_size;
+ int err;
+
+ acr_image = sb_load_firmware(device, "acr_ucode", 0);
+ if (IS_ERR(acr_image))
+ return PTR_ERR(acr_image);
+
+ /* Patch image */
+ hsf_img_patch_signature(device, acr_image);
+ hsf_img_patch_desc(sb, acr_image);
+
+ /* Generate HS BL descriptor */
+ hsf_img_populate_bl_desc(acr_image, &sb->acr_bl_desc);
+
+ /* Create ACR blob and copy HS data to it */
+ hsbin_hdr = acr_image;
+ img_size = ALIGN(hsbin_hdr->data_size, 256);
+ err = nvkm_gpuobj_new(device, img_size, 0x1000, false, NULL,
+ &sb->acr_blob);
+ if (err)
+ goto cleanup;
+
+ nvkm_kmap(sb->acr_blob);
+ nvkm_gpuobj_memcpy(sb->acr_blob, 0, acr_image + hsbin_hdr->data_offset,
+ img_size);
+ nvkm_done(sb->acr_blob);
+
+cleanup:
+ kfree(acr_image);
+
+ return err;
+}
+
+static void
+sb_cleanup_hs_blob(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+
+ nvkm_gpuobj_del(&sb->acr_blob);
+}
+
+/*
+ * High-secure bootloader blob creation
+ */
+
+static int
+sb_prepare_hsbl_blob(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+
+ if (!sb->hsbl_blob) {
+ sb->hsbl_blob = sb_load_firmware(device, "acr_bl", 0);
+ if (IS_ERR(sb->hsbl_blob)) {
+ int err = PTR_ERR(sb->hsbl_blob);
+
+ sb->hsbl_blob = NULL;
+ return err;
+ }
+ }
+
+ return 0;
+}
+
+static void
+sb_cleanup_hsbl_blob(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+
+ kfree(sb->hsbl_blob);
+ sb->hsbl_blob = NULL;
+}
+
+/*
+ * Falcon/PMU utility functions
+ */
+
+static int
+falcon_wait_clear_halt_interrupt(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ int err;
+
+ nvkm_mask(device, sb->base + 0x004, 0x10, 0x10);
+ err = nvkm_wait_usec(device, 10000, sb->base + 0x008, 0x10, 0x0);
+ if (err < 0)
+ return err;
+
+ return 0;
+}
+
+static int
+falcon_wait_for_halt(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ u32 data;
+ int err;
+
+ err = nvkm_wait_msec(device, 100, sb->base + 0x100, 0x10, 0x10);
+ if (err < 0)
+ return err;
+
+ data = nvkm_rd32(device, sb->base + 0x040);
+ if (data) {
+ nvdev_error(device, "ACR boot failed, err %x", data);
+ return -EAGAIN;
+ }
+
+ return 0;
+}
+
+static int
+falcon_wait_idle(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ int err;
+
+ err = nvkm_wait_msec(device, 10, sb->base + 0x04c, 0xffff, 0x0);
+ if (err < 0)
+ return err;
+
+ return 0;
+}
+
+/* TODO these functions are still PMU-specific... */
+
+static void
+pmu_enable_irq(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+
+ nvkm_wr32(device, sb->base + 0x010, 0xff);
+ nvkm_mask(device, 0x640, 0x1000000, 0x1000000);
+ nvkm_mask(device, 0x644, 0x1000000, 0x1000000);
+}
+
+static void
+pmu_disable_irq(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+
+ nvkm_mask(device, 0x644, 0x1000000, 0x0);
+ nvkm_mask(device, 0x640, 0x1000000, 0x0);
+ nvkm_wr32(device, sb->base + 0x014, 0xff);
+}
+
+
+static int
+pmu_enable(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ int err;
+
+ nvkm_mask(device, 0x200, 0x2000, 0x2000);
+ nvkm_rd32(device, 0x200);
+ err = nvkm_wait_msec(device, 10, sb->base + 0x10c, 0x6, 0x0);
+ if (err < 0) {
+ nvkm_mask(device, 0x200, 0x2000, 0x0);
+ nvdev_error(device, "Falcon mem scrubbing timeout\n");
+ return err;
+ }
+
+ err = falcon_wait_idle(device);
+ if (err)
+ return err;
+
+ pmu_enable_irq(device);
+
+ return 0;
+}
+
+static void
+pmu_disable(struct nvkm_device *device)
+{
+ if ((nvkm_rd32(device, 0x200) & 0x2000) != 0) {
+ pmu_disable_irq(device);
+ nvkm_mask(device, 0x200, 0x2000, 0x0);
+ }
+}
+
+static int
+pmu_reset(struct nvkm_device *device)
+{
+ int err;
+
+ err = falcon_wait_idle(device);
+ if (err)
+ return err;
+
+ pmu_disable(device);
+
+ return pmu_enable(device);
+}
+
+#define FALCON_DMEM_ADDR_MASK 0xfffc
+static int
+falcon_copy_to_dmem(struct nvkm_device *device, const u32 base, u32 dst,
+ void *src, u32 size, u8 port)
+{
+ /* Number of full words */
+ u32 w_size = size / sizeof(u32);
+ /* Number of extra bytes */
+ u32 b_size = size % sizeof(u32);
+ int i;
+
+ if (size == 0)
+ return 0;
+
+ if (dst & 0x3) {
+ nvdev_error(device, "destination offset not aligned\n");
+ return -EINVAL;
+ }
+
+ dst &= FALCON_DMEM_ADDR_MASK;
+
+ mutex_lock(&device->mutex);
+
+ nvkm_wr32(device, base + (0x1c0 + (port * 8)), (dst | (0x1 << 24)));
+
+ for (i = 0; i < w_size; i++)
+ nvkm_wr32(device, base + (0x1c4 + (port * 8)), ((u32 *)src)[i]);
+
+ if (b_size != 0) {
+ u32 data = 0;
+
+ memcpy(&data, ((u32 *)src) + w_size, b_size);
+ nvkm_wr32(device, base + (0x1c4 + (port * 8)), data);
+ }
+
+ mutex_unlock(&device->mutex);
+
+ return 0;
+}
+
+/*
+ * Hardware setup functions
+ */
+
+/**
+ * sb_setup_falcon() - set up the secure falcon for secure boot
+ */
+static int
+sb_setup_falcon(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ const u32 reg_base = sb->base + 0xe00;
+ int err;
+
+ err = falcon_wait_clear_halt_interrupt(device);
+ if (err)
+ return err;
+
+ err = pmu_reset(device);
+ if (err)
+ return err;
+ /* disable irqs for hs falcon booting as we will poll for halt */
+ pmu_disable_irq(device);
+
+ /* setup apertures - virtual */
+ nvkm_wr32(device, reg_base + 4 * (FALCON_DMAIDX_UCODE), 0x4);
+ nvkm_wr32(device, reg_base + 4 * (FALCON_DMAIDX_VIRT), 0x0);
+ /* setup apertures - physical */
+ nvkm_wr32(device, reg_base + 4 * (FALCON_DMAIDX_PHYS_VID), 0x4);
+ nvkm_wr32(device, reg_base + 4 * (FALCON_DMAIDX_PHYS_SYS_COH),
+ 0x4 | 0x1);
+ nvkm_wr32(device, reg_base + 4 * (FALCON_DMAIDX_PHYS_SYS_NCOH),
+ 0x4 | 0x2);
+
+ /* Set context */
+ nvkm_mask(device, sb->base + 0x048, 0x1, 0x1);
+ nvkm_wr32(device, sb->base + 0x480, ((sb->inst->addr >> 12) & 0xfffffff)
+ | (1 << 29) | (1 << 30));
+
+ return 0;
+}
+
+/**
+ * sb_load_hs_bl() - load HS bootloader into DMEM and IMEM
+ */
+static void
+sb_load_hs_bl(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ struct hs_bin_hdr *hdr = sb->hsbl_blob;
+ struct hsflcn_bl_desc *hsbl_desc = sb->hsbl_blob + hdr->header_offset;
+ u32 acr_blob_vma_base = lower_32_bits(sb->acr_blob_vma.offset >> 8);
+ void *hsbl_code = sb->hsbl_blob + hdr->data_offset;
+ u32 code_size = ALIGN(hsbl_desc->bl_code_size, 256);
+ u32 dst_blk;
+ u32 tag;
+ int i;
+
+ /*
+ * Copy HS bootloader interface structure where the HS descriptor
+ * expects it to be, after updating virtual address of DMA bases
+ */
+ sb->acr_bl_desc.code_dma_base += acr_blob_vma_base;
+ sb->acr_bl_desc.data_dma_base += acr_blob_vma_base;
+ falcon_copy_to_dmem(device, sb->base, hsbl_desc->bl_desc_dmem_load_off,
+ &sb->acr_bl_desc, sizeof(sb->acr_bl_desc), 0);
+ sb->acr_bl_desc.code_dma_base -= acr_blob_vma_base;
+ sb->acr_bl_desc.data_dma_base -= acr_blob_vma_base;
+
+ /* Copy HS bootloader code to IMEM */
+ dst_blk = (nvkm_rd32(device, sb->base + 0x108) & 0x1ff) -
+ (code_size >> 8);
+ tag = hsbl_desc->bl_start_tag;
+ nvkm_wr32(device, sb->base + 0x180,
+ ((dst_blk & 0xff) << 8) | (0x1 << 24));
+ for (i = 0; i < code_size; i += 4) {
+ /* write new tag every 256B */
+ if ((i % 0x100) == 0) {
+ nvkm_wr32(device, sb->base + 0x188, tag & 0xffff);
+ tag++;
+ }
+ nvkm_wr32(device, sb->base + 0x184, *(u32 *)(hsbl_code + i));
+ }
+ nvkm_wr32(device, sb->base + 0x188, 0);
+}
+
+/**
+ * sb_start() - start the falcon to perform secure boot
+ */
+static int
+sb_start(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ struct hs_bin_hdr *hdr = sb->hsbl_blob;
+ struct hsflcn_bl_desc *hsbl_desc = sb->hsbl_blob + hdr->header_offset;
+ /* virtual start address for boot vector */
+ u32 virt_addr = hsbl_desc->bl_start_tag << 8;
+
+ /* Set boot vector to code's starting virtual address */
+ nvkm_wr32(device, sb->base + 0x104, virt_addr);
+ /* Start falcon */
+ nvkm_wr32(device, sb->base + 0x100, 0x2);
+
+ return 0;
+}
+
+/*
+ * sb_execute() - execute secure boot from the prepared state
+ *
+ * Load the HS bootloader and ask the falcon to run it. This will in turn
+ * load the HS firmware and run it, so once the falcon stops all the managed
+ * falcons should have their LS firmware loaded and be ready to run.
+ */
+static int
+sb_execute(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ int err;
+
+ /* Map the HS firmware so the HS bootloader can see it */
+ err = nvkm_gpuobj_map(sb->acr_blob, sb->vm, NV_MEM_ACCESS_RW,
+ &sb->acr_blob_vma);
+ if (err)
+ return err;
+
+ /* Reset the falcon and make it ready to run the HS bootloader */
+ err = sb_setup_falcon(device);
+ if (err)
+ goto done;
+
+ /* Load the HS bootloader into the falcon's IMEM/DMEM */
+ sb_load_hs_bl(device);
+
+ /* Start the HS bootloader */
+ err = sb_start(device);
+ if (err)
+ goto done;
+
+ /* Wait until secure boot completes */
+ err = falcon_wait_for_halt(device);
+ if (err)
+ goto done;
+
+ err = falcon_wait_clear_halt_interrupt(device);
+
+done:
+ /* We don't need the ACR firmware anymore */
+ nvkm_gpuobj_unmap(&sb->acr_blob_vma);
+
+ return err;
+}
+
+const char *managed_falcons_names[] = {
+ [LSF_FALCON_ID_PMU] = "PMU",
+ [LSF_FALCON_ID_RESERVED] = "<invalid>",
+ [LSF_FALCON_ID_FECS] = "FECS",
+ [LSF_FALCON_ID_GPCCS] = "GPCCS",
+ [LSF_FALCON_ID_END] = "<invalid>",
+};
+
+/**
+ * nvkm_secure_boot() - perform secure boot
+ *
+ * Perform secure boot after loading all the required firmwares and preparing
+ * the WPR blob. After this function returns, all the managed falcons should
+ * have their LS firmware loaded and be ready to run.
+ *
+ * The various firmware blobs are kept in memory, so subsequent calls to this
+ * function will directly run the cached state instead of rebuilding it every
+ * time.
+ */
+int
+nvkm_secure_boot(struct nvkm_device *device)
+{
+ struct secure_boot *sb;
+ unsigned long falcon_id;
+ int err;
+
+ sb = device->secure_boot_state;
+
+ nvdev_debug(device, "performing secure boot of:\n");
+ for_each_set_bit(falcon_id, &device->chip->secure_boot.managed_falcons,
+ LSF_FALCON_ID_END)
+ nvdev_debug(device, "- %s\n", managed_falcons_names[falcon_id]);
+
+ /* Load all the LS firmwares and prepare the blob */
+ if (!sb->ls_blob) {
+ err = sb_prepare_ls_blob(device);
+ if (err)
+ return err;
+ }
+
+ /* Load the HS firmware for the performing falcon */
+ if (!sb->acr_blob) {
+ err = sb_prepare_hs_blob(device);
+ if (err)
+ return err;
+ }
+
+ /* Load the HS firmware bootloader */
+ if (!sb->hsbl_blob) {
+ err = sb_prepare_hsbl_blob(device);
+ if (err)
+ return err;
+ }
+
+ /*
+ * Run the HS bootloader. It will load the HS firmware and then run it.
+ * Once this returns, the LS firmwares will be loaded into the managed
+ * falcons.
+ */
+ err = sb_execute(device);
+
+ return err;
+}
+
+/**
+ * sb_init_vm() - prepare the VM required for doing secure boot.
+ */
+static int
+sb_init_vm(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ struct nvkm_vm *vm;
+ int err;
+
+ const u64 vm_area_len = 600 * 1024;
+
+ err = nvkm_gpuobj_new(device, 0x1000, 0, true, NULL, &sb->inst);
+ if (err)
+ return err;
+
+ err = nvkm_gpuobj_new(device, 0x8000, 0, true, NULL, &sb->pgd);
+ if (err)
+ return err;
+
+ err = nvkm_vm_new(device, 0, vm_area_len, 0, NULL, &vm);
+ if (err)
+ return err;
+
+ atomic_inc(&vm->engref[NVKM_SUBDEV_PMU]);
+
+ err = nvkm_vm_ref(vm, &sb->vm, sb->pgd);
+ nvkm_vm_ref(NULL, &vm, NULL);
+ if (err)
+ return err;
+
+ nvkm_kmap(sb->inst);
+ nvkm_wo32(sb->inst, 0x200, lower_32_bits(sb->pgd->addr));
+ nvkm_wo32(sb->inst, 0x204, upper_32_bits(sb->pgd->addr));
+ nvkm_wo32(sb->inst, 0x208, lower_32_bits(vm_area_len - 1));
+ nvkm_wo32(sb->inst, 0x20c, upper_32_bits(vm_area_len - 1));
+ nvkm_done(sb->inst);
+
+ return 0;
+}
+
+static void
+sb_cleanup_vm(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+
+ nvkm_vm_ref(NULL, &sb->vm, sb->pgd);
+ nvkm_gpuobj_del(&sb->pgd);
+ nvkm_gpuobj_del(&sb->inst);
+}
+
+#ifdef CONFIG_ARCH_TEGRA
+/* TODO Should this be handled by the Tegra MC driver? */
+#define TEGRA_MC_BASE 0x70019000
+#define MC_SECURITY_CARVEOUT2_CFG0 0xc58
+#define MC_SECURITY_CARVEOUT2_BOM_0 0xc5c
+#define MC_SECURITY_CARVEOUT2_BOM_HI_0 0xc60
+#define MC_SECURITY_CARVEOUT2_SIZE_128K 0xc64
+#define TEGRA_MC_SECURITY_CARVEOUT_CFG_LOCKED (1 << 1)
+/**
+ * sb_tegra_read_wpr() - read the WPR registers on Tegra
+ *
+ * On dGPU, we can manage the WPR region ourselves, but on Tegra the WPR region
+ * is reserved from system memory by the bootloader and irreversibly locked.
+ * This function reads the address and size of the pre-configured WPR region.
+ */
+static int
+sb_tegra_read_wpr(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+ void __iomem *mc;
+ u32 cfg;
+
+ mc = ioremap(TEGRA_MC_BASE, 0xd00);
+ if (!mc) {
+ nvdev_error(device, "Cannot map Tegra MC registers\n");
+ return PTR_ERR(mc);
+ }
+ sb->wpr_addr = ioread32_native(mc + MC_SECURITY_CARVEOUT2_BOM_0) |
+ ((u64)ioread32_native(mc + MC_SECURITY_CARVEOUT2_BOM_HI_0) << 32);
+ sb->wpr_size = ioread32_native(mc + MC_SECURITY_CARVEOUT2_SIZE_128K)
+ << 17;
+ cfg = ioread32_native(mc + MC_SECURITY_CARVEOUT2_CFG0);
+ iounmap(mc);
+
+ /* Check that WPR settings are valid */
+ if (sb->wpr_size == 0) {
+ nvdev_error(device, "WPR region is empty\n");
+ return -EINVAL;
+ }
+
+ if (!(cfg & TEGRA_MC_SECURITY_CARVEOUT_CFG_LOCKED)) {
+ nvdev_error(device, "WPR region not locked\n");
+ return -EINVAL;
+ }
+
+ return 0;
+}
+#else
+static int
+sb_tegra_read_wpr(struct nvkm_device *device)
+{
+ nvdev_error(device, "Tegra support not compiled in\n");
+ return -EINVAL;
+}
+#endif
+
+/**
+ * nvkm_secure_boot_init() - initialize secure boot for a device
+ *
+ * Prepare secure boot for a device. This will not load the firmwares yet,
+ * firmwares are loaded and cached upon the first call to nvkm_secure_boot().
+ */
+int
+nvkm_secure_boot_init(struct nvkm_device *device)
+{
+ struct secure_boot *sb;
+ int err;
+
+ sb = kzalloc(sizeof(*sb), GFP_KERNEL);
+ if (!sb) {
+ err = -ENOMEM;
+ goto error;
+ }
+ device->secure_boot_state = sb;
+
+ if (device->type == NVKM_DEVICE_TEGRA) {
+ err = sb_tegra_read_wpr(device);
+ if (err)
+ goto error;
+ }
+
+ err = sb_init_vm(device);
+ if (err) {
+ kfree(sb);
+ device->secure_boot_state = NULL;
+ goto error;
+ }
+
+ switch (device->chip->secure_boot.boot_falcon) {
+ case LSF_FALCON_ID_PMU:
+ sb->base = 0x10a000;
+ break;
+ default:
+ nvdev_error(device, "invalid secure boot falcon\n");
+ err = -EINVAL;
+ goto error;
+ };
+
+ return 0;
+
+error:
+ nvdev_error(device, "Secure Boot initialization failed: %d\n", err);
+ return err;
+}
+
+/**
+ * nvkm_secure_boot_fini() - cleanup secure boot state for a device
+ *
+ * Frees all the memory used by secure boot.
+ */
+void
+nvkm_secure_boot_fini(struct nvkm_device *device)
+{
+ struct secure_boot *sb = device->secure_boot_state;
+
+ if (!sb)
+ return;
+
+ if (sb->hsbl_blob)
+ sb_cleanup_hsbl_blob(device);
+
+ if (sb->acr_blob)
+ sb_cleanup_hs_blob(device);
+
+ if (sb->ls_blob)
+ sb_cleanup_ls_blob(device);
+
+ sb_cleanup_vm(device);
+
+ kfree(sb);
+ device->secure_boot_state = NULL;
+}
diff --git a/drm/nouveau/nvkm/engine/device/base.c b/drm/nouveau/nvkm/engine/device/base.c
index 7476ac271573..3e26fc5431d7 100644
--- a/drm/nouveau/nvkm/engine/device/base.c
+++ b/drm/nouveau/nvkm/engine/device/base.c
@@ -26,6 +26,7 @@
#include <core/notify.h>
#include <core/option.h>
+#include <core/secure_boot.h>
#include <subdev/bios.h>
@@ -2273,6 +2274,10 @@ nvkm_device_del(struct nvkm_device **pdevice)
if (device) {
mutex_lock(&nv_devices_mutex);
device->disable_mask = 0;
+
+ if (nvkm_need_secure_boot(device))
+ nvkm_secure_boot_fini(device);
+
for (i = NVKM_SUBDEV_NR - 1; i >= 0; i--) {
struct nvkm_subdev *subdev =
nvkm_device_subdev(device, i);
@@ -2567,6 +2572,10 @@ nvkm_device_ctor(const struct nvkm_device_func *func,
}
ret = 0;
+
+ if (nvkm_need_secure_boot(device))
+ ret = nvkm_secure_boot_init(device);
+
done:
mutex_unlock(&nv_devices_mutex);
return ret;
--
2.6.1
More information about the Nouveau
mailing list