Displaying 20 results from an estimated 400 matches similar to: "[PATCH] drm/nouveau/secboot/acr: Remove VLA usage"
2018 Jun 22
2
[PATCH] drm/nouveau/secboot/acr: Remove VLA usage
On Fri, Jun 22, 2018 at 10:50 AM, Karol Herbst <kherbst at redhat.com> wrote:
> On Thu, May 24, 2018 at 7:24 PM, Kees Cook <keescook at chromium.org> wrote:
>> In the quest to remove all stack VLA usage from the kernel[1], this
>> allocates the working buffers before starting the writing so it won't
>> abort in the middle. This needs an initial walk of the
2016 Dec 14
18
[PATCH v5 0/18] Secure Boot refactoring
Sending things in a smaller chunks since it makes their reviewing
easier.
This part part 2/3 of the secboot refactoring/PMU command support
patch series. Part 1 was the new falcon library which should be
merged soon now.
This series is mainly a refactoring/sanitization of the existing
secure boot code. It does not add new features (part 3 will).
Secure boot handling is now separated by NVIDIA
2016 Nov 02
15
[PATCH v3 00/15] Secure Boot refactoring
This is a rework of the secure boot code that moves the building of the blob
into its own set of source files (and own hooks), making the code more flexible
and (hopefully) easier to understand as well.
This rework is needed to support more signed firmware for existing and new
chips. Since the firmwares in question are not available yet I cannot send the
code to manage then, but hopefully the
2018 Jun 22
0
[PATCH] drm/nouveau/secboot/acr: Remove VLA usage
On Thu, May 24, 2018 at 7:24 PM, Kees Cook <keescook at chromium.org> wrote:
> In the quest to remove all stack VLA usage from the kernel[1], this
> allocates the working buffers before starting the writing so it won't
> abort in the middle. This needs an initial walk of the lists to figure
> out how large the buffer should be.
>
> [1]
2016 Nov 21
33
[PATCH v4 0/33] Secure Boot refactoring / signed PMU firmware support for GM20B
This revision includes initial signed PMU firmware support for GM20B
(Tegra X1). This PMU code will also be used as a basis for dGPU signed
PMU firmware support.
With the PMU code, the refactoring of secure boot should also make
more sense.
ACR (secure boot) support is now separated by the driver version it
originates from. This separation allows to run any version of the ACR
on any chip,
2016 Oct 27
15
[PATCH v2 00/14] Secure Boot refactoring
This is a rework of the secure boot code that moves the building of the blob
into its own set of source files (and own hooks), making the code more flexible
and (hopefully) easier to understand as well.
This rework is needed to support more signed firmware for existing and new
chips. Since the firmwares in question are not available yet I cannot send the
code to manage then, but hopefully the
2018 Jun 22
0
[PATCH] drm/nouveau/secboot/acr: Remove VLA usage
On Fri, Jun 22, 2018 at 11:34 PM, Kees Cook <keescook at chromium.org> wrote:
> On Fri, Jun 22, 2018 at 10:50 AM, Karol Herbst <kherbst at redhat.com> wrote:
>> On Thu, May 24, 2018 at 7:24 PM, Kees Cook <keescook at chromium.org> wrote:
>>> In the quest to remove all stack VLA usage from the kernel[1], this
>>> allocates the working buffers before
2016 Oct 11
10
[PATCH 0/8] Secure Boot refactoring
Hi everyone,
Apologies for the big patchset. This is a rework of the secure boot code that
moves the building of the blob into its own set of source files (and own hooks),
making the code more flexible and (hopefully) easier to understand as well.
This rework is needed to support more signed firmware for existing and new
chips. Since the firmwares in question are not available yet I cannot send
2016 Nov 02
0
[PATCH v3 14/15] secboot: abstract LS firmware loading functions
The WPR and LSB headers, used to generate the LS blob, may have a
different layout and sizes depending on the driver version they come
from. Abstract them and confine their use to driver-specific code.
Signed-off-by: Alexandre Courbot <acourbot at nvidia.com>
---
drm/nouveau/nvkm/subdev/secboot/acr_r352.c | 102 +++++++++++++---------
drm/nouveau/nvkm/subdev/secboot/acr_r352.h | 119
2016 Nov 02
0
[PATCH v3 12/15] secboot: remove unneeded ls_ucode_img member
ucode_header is not used anywhere, so just get rid of it.
Signed-off-by: Alexandre Courbot <acourbot at nvidia.com>
---
drm/nouveau/nvkm/subdev/secboot/acr_r352.c | 25 +++++++------------------
drm/nouveau/nvkm/subdev/secboot/ls_ucode.h | 2 --
drm/nouveau/nvkm/subdev/secboot/ls_ucode_gr.c | 2 --
3 files changed, 7 insertions(+), 22 deletions(-)
diff --git
2016 Jan 18
6
[PATCH v2 0/5] nouveau: add secure boot support for dGPU and Tegra
This is a highly changed revision of the first patch series that adds secure
boot support to Nouveau. This code still depends on NVIDIA releasing official
firmware files, but the files released with SHIELD TV and Pixel C can already
be used on a Jetson TX1.
As you know we are working hard to release the official firmware files, however
in the meantime it doesn't hurt to review the code so it
2017 Mar 29
15
[PATCH 00/15] Support for GP10B chipset
GP10B is the chip used in Tegra X2 SoCs. This patchset adds support for
its base engines after reworking secboot a bit to accomodate its calling
convention better.
This patchset has been tested rendering simple off-screen buffers using Mesa
and yielded the expected result.
Alexandre Courbot (15):
secboot: allow to boot multiple falcons
secboot: pass instance to LS firmware loaders
secboot:
2016 Feb 24
11
[PATCH v3 00/11] nouveau: add secure boot support for dGPU and Tegra
New version of the secure boot code that works with the blobs just merged into
linux-firmware. Since the required Mesa patches are also merged, this set is
the last piece of the puzzle to get out-of-the-box accelerated Maxwell 2.
The basic code remains the same, with a few improvements with respect to how
secure falcons are started. Hopefully the patchset is better split too.
I have a
2016 Nov 02
0
[PATCH v3 13/15] secboot: remove ls_ucode_mgr
This was used only locally to one function and can be replaced by ad-hoc
variables.
Signed-off-by: Alexandre Courbot <acourbot at nvidia.com>
---
drm/nouveau/nvkm/subdev/secboot/acr_r352.c | 90 +++++++++++-------------------
1 file changed, 33 insertions(+), 57 deletions(-)
diff --git a/drm/nouveau/nvkm/subdev/secboot/acr_r352.c b/drm/nouveau/nvkm/subdev/secboot/acr_r352.c
index
2018 Jul 24
2
[PATCH] drm/nouveau/secboot/acr: fix memory leak
In case memory resources for *bl_desc* were allocated, release
them before return.
Addresses-Coverity-ID: 1472021 ("Resource leak")
Fixes: 0d466901552a ("drm/nouveau/secboot/acr: Remove VLA usage")
Signed-off-by: Gustavo A. R. Silva <gustavo at embeddedor.com>
---
drivers/gpu/drm/nouveau/nvkm/subdev/secboot/acr_r352.c | 1 +
1 file changed, 1 insertion(+)
diff --git
2016 Nov 02
0
[PATCH v3 06/15] secboot: add low-secure firmware hooks
Secure firmwares provided by NVIDIA will follow the same overall
principle, but may slightly differ in format, or not use the same
bootloader descriptor even on the same chip. In order to handle
this as gracefully as possible, turn the LS firmware functions into
hooks that can be overloaded as needed.
The current hooks cover the external firmware loading as well as the
bootloader descriptor
2018 Sep 08
2
[PATCH] drm/nouveau/secboot/acr: fix memory leak
On 8/2/18 12:51 PM, Gustavo A. R. Silva wrote:
> Hi all,
>
> Friendly ping! Who can take this?
>
> Thanks
> --
> Gustavo
>
> On 07/24/2018 08:27 AM, Gustavo A. R. Silva wrote:
>> In case memory resources for *bl_desc* were allocated, release
>> them before return.
>>
>> Addresses-Coverity-ID: 1472021 ("Resource leak")
>> Fixes:
2016 Nov 02
0
[PATCH v3 07/15] secboot: generate HS BL descriptor in hook
Use the HS hook to completely generate the HS BL descriptor, similarly
to what is done in the LS hook, instead of (arbitrarily) using the
acr_v1 format as an intermediate.
This allows us to make the bootloader descriptor structures private to
each implementation, resulting in a cleaner an more consistent design.
Signed-off-by: Alexandre Courbot <acourbot at nvidia.com>
---
2016 Feb 24
0
[PATCH v3 10/11] secboot/gm200: add secure-boot support
Add secure-boot for the dGPU set of GM20X chips, using the PMU as the
high-secure falcon.
This work is based on Deepak Goyal's initial port of Secure Boot to
Nouveau.
Signed-off-by: Alexandre Courbot <acourbot at nvidia.com>
---
drm/nouveau/include/nvkm/subdev/secboot.h | 2 +
drm/nouveau/nvkm/engine/device/base.c | 2 +
drm/nouveau/nvkm/engine/gr/gm200.c | 8 +-
2016 Dec 06
9
[PATCH 0/8] Falcon library
This was the first step of the secure boot refactoring - as Ben asked for some
fixes, I now submit it as its own series to make it easier to review (and also
because rebasing secure boot on top of this takes time and I don't want to do
it until this is validated!).
This series attempts to factorize the duplicate falcon-related code into a
single library, using the existing nvkm_falcon