[Nouveau] [PATCH v5 0/18] Secure Boot refactoring
Alexandre Courbot
acourbot at nvidia.com
Wed Dec 14 08:02:34 UTC 2016
Sending things in a smaller chunks since it makes their reviewing
easier.
This part part 2/3 of the secboot refactoring/PMU command support
patch series. Part 1 was the new falcon library which should be
merged soon now.
This series is mainly a refactoring/sanitization of the existing
secure boot code. It does not add new features (part 3 will).
Secure boot handling is now separated by NVIDIA firmware versions,
and LS firmwares are also loaded and managed in their own source
files. This makes the code easier to understand (more bite-size
chunks instead of thousands of LoC source files) and extend since
the proper abstractions are now in place.
The next big chunk will be PMU commands handling. Since PMU is not
the only falcon that will have to manage commands (SEC2 will manage
security features in newer firmwares), I am currently rewriting it
as part of the falcon library instead of the PMU subdev. This will
make things more reusable and will allow us to close the loop with
the current falcon engine code - please just allow me a few more days
to finish this! :)
In the meantime, this code should be good to go and test.
Alexandre Courbot (18):
secboot: rename init() hook to oneinit()
secboot: remove fixup_hs_desc hook
secboot: add low-secure firmware hooks
secboot: generate HS BL descriptor in hook
secboot: reorganize into more files
secboot: add LS flags to LS func structure
secboot: split reset function
secboot: disable falcon interrupts when running blob
secboot: remove unneeded ls_ucode_img member
secboot: remove ls_ucode_mgr
secboot: abstract LS firmware loading functions
secboot: safer zeroing of BL descriptors
secboot: add missing fields to BL structure
secboot: set default error value in error register
secboot: fix WPR descriptor generation
secboot: add lazy-bootstrap flag
falcon: add clear_interrupt function
secboot: clear halt interrupt after ACR is run
drm/nouveau/include/nvkm/engine/falcon.h | 2 +-
drm/nouveau/include/nvkm/subdev/secboot.h | 10 +-
drm/nouveau/nvkm/falcon/base.c | 6 +-
drm/nouveau/nvkm/falcon/v1.c | 17 +-
drm/nouveau/nvkm/subdev/secboot/Kbuild | 4 +-
drm/nouveau/nvkm/subdev/secboot/acr.c | 54 +-
drm/nouveau/nvkm/subdev/secboot/acr.h | 69 +-
drm/nouveau/nvkm/subdev/secboot/acr_r352.c | 936 +++++++++++++-
drm/nouveau/nvkm/subdev/secboot/acr_r352.h | 250 ++++-
drm/nouveau/nvkm/subdev/secboot/acr_r361.c | 138 ++-
drm/nouveau/nvkm/subdev/secboot/base.c | 95 +-
drm/nouveau/nvkm/subdev/secboot/gm200.c | 1283 +------------------
drm/nouveau/nvkm/subdev/secboot/gm200.h | 43 +-
drm/nouveau/nvkm/subdev/secboot/gm20b.c | 125 +--
drm/nouveau/nvkm/subdev/secboot/ls_ucode.h | 151 ++-
drm/nouveau/nvkm/subdev/secboot/ls_ucode_gr.c | 158 ++-
drm/nouveau/nvkm/subdev/secboot/priv.h | 200 +---
17 files changed, 1990 insertions(+), 1551 deletions(-)
create mode 100644 drm/nouveau/nvkm/subdev/secboot/acr.c
create mode 100644 drm/nouveau/nvkm/subdev/secboot/acr.h
create mode 100644 drm/nouveau/nvkm/subdev/secboot/acr_r352.c
create mode 100644 drm/nouveau/nvkm/subdev/secboot/acr_r352.h
create mode 100644 drm/nouveau/nvkm/subdev/secboot/acr_r361.c
create mode 100644 drm/nouveau/nvkm/subdev/secboot/gm200.h
create mode 100644 drm/nouveau/nvkm/subdev/secboot/ls_ucode.h
create mode 100644 drm/nouveau/nvkm/subdev/secboot/ls_ucode_gr.c
--
git-series 0.8.10
More information about the Nouveau
mailing list