[Nouveau] [PATCH v2 10/14] secboot: split reset function

Alexandre Courbot acourbot at nvidia.com
Thu Oct 27 04:37:04 UTC 2016


Split the reset function into more meaningful and reusable ones.

Signed-off-by: Alexandre Courbot <acourbot at nvidia.com>
---
 drm/nouveau/include/nvkm/subdev/secboot.h  |  3 ++
 drm/nouveau/nvkm/subdev/secboot/acr_r352.c | 78 ++++++++++++++++++++----------
 2 files changed, 56 insertions(+), 25 deletions(-)

diff --git a/drm/nouveau/include/nvkm/subdev/secboot.h b/drm/nouveau/include/nvkm/subdev/secboot.h
index 24d98878bb93..785e2c553392 100644
--- a/drm/nouveau/include/nvkm/subdev/secboot.h
+++ b/drm/nouveau/include/nvkm/subdev/secboot.h
@@ -30,6 +30,7 @@
  * @base: base IO address of the falcon performing secure boot
  * @managed_falcons: bitfield of falcons managed by this ACR
  * @debug_mode: whether the debug or production signatures should be used
+ * @wpr_set: whether the WPR region is currently set
 */
 struct nvkm_secboot {
 	const struct nvkm_secboot_func *func;
@@ -44,6 +45,8 @@ struct nvkm_secboot {
 	u32 wpr_size;
 
 	bool debug_mode;
+
+	bool wpr_set;
 };
 #define nvkm_secboot(p) container_of((p), struct nvkm_secboot, subdev)
 
diff --git a/drm/nouveau/nvkm/subdev/secboot/acr_r352.c b/drm/nouveau/nvkm/subdev/secboot/acr_r352.c
index a74dede4c222..d9f02c1c0de6 100644
--- a/drm/nouveau/nvkm/subdev/secboot/acr_r352.c
+++ b/drm/nouveau/nvkm/subdev/secboot/acr_r352.c
@@ -740,6 +740,54 @@ nvkm_acr_r352_load(struct nvkm_acr *_acr, struct nvkm_secboot *sb,
 	return 0;
 }
 
+static int
+acr_r352_shutdown(struct nvkm_acr_r352 *acr, struct nvkm_secboot *sb)
+{
+	int i;
+
+	/* Run the unload blob to unprotect the WPR region */
+	if (acr->unload_blob && sb->wpr_set) {
+		int ret;
+
+		nvkm_debug(&sb->subdev, "running HS unload blob\n");
+		ret = sb->func->run_blob(sb, acr->unload_blob);
+		if (ret)
+			return ret;
+		nvkm_debug(&sb->subdev, "HS unload blob completed\n");
+	}
+
+	for (i = 0; i < NVKM_FALCON_END; i++)
+		acr->falcon_state[i] = NON_SECURE;
+
+	sb->wpr_set = false;
+
+	return 0;
+}
+
+static int
+acr_r352_bootstrap(struct nvkm_acr_r352 *acr, struct nvkm_secboot *sb)
+{
+	int ret;
+
+	if (sb->wpr_set)
+		return 0;
+
+	/* Make sure all blobs are ready */
+	ret = acr_r352_load_blobs(acr, sb);
+	if (ret)
+		return ret;
+
+	nvkm_debug(&sb->subdev, "running HS load blob\n");
+	ret = sb->func->run_blob(sb, acr->load_blob);
+	if (ret)
+		return ret;
+	nvkm_debug(&sb->subdev, "HS load blob completed\n");
+
+	sb->wpr_set = true;
+
+	return 0;
+}
+
 /*
  * nvkm_acr_r352_reset() - execute secure boot from the prepared state
  *
@@ -754,11 +802,6 @@ nvkm_acr_r352_reset(struct nvkm_acr *_acr, struct nvkm_secboot *sb,
 	struct nvkm_acr_r352 *acr = nvkm_acr_r352(_acr);
 	int ret;
 
-	/* Make sure all blobs are ready */
-	ret = acr_r352_load_blobs(acr, sb);
-	if (ret)
-		return ret;
-
 	/*
 	 * Dummy GM200 implementation: perform secure boot each time we are
 	 * called on FECS. Since only FECS and GPCCS are managed and started
@@ -770,16 +813,11 @@ nvkm_acr_r352_reset(struct nvkm_acr *_acr, struct nvkm_secboot *sb,
 	if (falcon != NVKM_FALCON_FECS)
 		goto end;
 
-	/* If WPR is set and we have an unload blob, run it to unlock WPR */
-	if (acr->unload_blob &&
-	    acr->falcon_state[NVKM_FALCON_FECS] != NON_SECURE) {
-		ret = sb->func->run_blob(sb, acr->unload_blob);
-		if (ret)
-			return ret;
-	}
+	ret = acr_r352_shutdown(acr, sb);
+	if (ret)
+		return ret;
 
-	/* Reload all managed falcons */
-	ret = sb->func->run_blob(sb, acr->load_blob);
+	acr_r352_bootstrap(acr, sb);
 	if (ret)
 		return ret;
 
@@ -818,18 +856,8 @@ int
 nvkm_acr_r352_fini(struct nvkm_acr *_acr, struct nvkm_secboot *sb, bool suspend)
 {
 	struct nvkm_acr_r352 *acr = nvkm_acr_r352(_acr);
-	int ret = 0;
-	int i;
 
-	/* Run the unload blob to unprotect the WPR region */
-	if (acr->unload_blob &&
-	    acr->falcon_state[NVKM_FALCON_FECS] != NON_SECURE)
-		ret = sb->func->run_blob(sb, acr->unload_blob);
-
-	for (i = 0; i < NVKM_FALCON_END; i++)
-		acr->falcon_state[i] = NON_SECURE;
-
-	return ret;
+	return acr_r352_shutdown(acr, sb);
 }
 
 void
-- 
2.10.0



More information about the Nouveau mailing list