[Nouveau] NVIDIA Falcon Microprocessor Security
martin.peres at free.fr
Fri Sep 26 16:15:46 PDT 2014
On 26/09/2014 19:19, Andy Ritger wrote:
> Hi, all.
> Below is a link to a brief document describing some changes in NVIDIA
> Falcon processors ("fuc", in Nouveau-speak, IIUC)
We actually renamed most of our docs to falcon :)
> that happened in
> Maxwell: certain aspects of the chip will only be available to Falcon
> firmware images signed by NVIDIA. So far, the set of restricted things
> is pretty small, but I expect this list will slowly grow over future
> hardware generations.
> I suspect this will not be the most popular decision, but it is the
> direction the hardware is taking.
Thank you for the heads-up! We actually wondered yesterday about
what kind of operations were forbidden without a signed falcon.
> On a slightly different note, we'd like to work out the best way to
> make NVIDIA firmware images separately (from the rest of the driver)
> available and officially redistributable for use by Nouveau. At this
> point, it is mostly just a release engineering question, but I don't think
> we'll have a lot of influence over the content: the engineers working on
> Falcon microcode assume it changes in lock-step with NVIDIA's nvidia.ko,
> so there are no backwards compatibility guarantees. How painful has
> the lack of backwards compatibility been for Nouveau thus far?
> If NVIDIA just released firmware binaries along side each NVIDIA GPU driver
> release, would it be reasonable for Nouveau to pick and choose which
> firmware you'd like promoted to, e.g.,
> Anyway, this might be a good topic to discuss at XDC. It looks I'll
> see a lot of you then; I'm looking forward to it!
Yeah, this really seems like a very good discussion to have at XDC. I'll
find a room for us to sit and discuss the problem.
Thanks again and see you soon!
More information about the Nouveau