From: John Hubbard <jhubbard@nvidia.com>
To: Danilo Krummrich <dakr@kernel.org>,
Alexandre Courbot <acourbot@nvidia.com>
Cc: "Joel Fernandes" <joelagnelf@nvidia.com>,
"Timur Tabi" <ttabi@nvidia.com>,
"Alistair Popple" <apopple@nvidia.com>,
"Eliot Courtney" <ecourtney@nvidia.com>,
"Shashank Sharma" <shashanks@nvidia.com>,
"Zhi Wang" <zhiw@nvidia.com>, "David Airlie" <airlied@gmail.com>,
"Simona Vetter" <simona@ffwll.ch>,
"Bjorn Helgaas" <bhelgaas@google.com>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Boqun Feng" <boqun.feng@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <lossin@kernel.org>,
"Andreas Hindborg" <a.hindborg@kernel.org>,
"Alice Ryhl" <aliceryhl@google.com>,
"Trevor Gross" <tmgross@umich.edu>,
rust-for-linux@vger.kernel.org,
LKML <linux-kernel@vger.kernel.org>,
"John Hubbard" <jhubbard@nvidia.com>
Subject: [PATCH v9 20/31] gpu: nova-core: Hopper/Blackwell: add FMC signature extraction
Date: Wed, 25 Mar 2026 18:38:51 -0700 [thread overview]
Message-ID: <20260326013902.588242-21-jhubbard@nvidia.com> (raw)
In-Reply-To: <20260326013902.588242-1-jhubbard@nvidia.com>
Add extract_fmc_signatures() which extracts SHA-384 hash, RSA public
key, and RSA signature from FMC ELF32 firmware sections. These are
needed for FSP Chain of Trust verification.
Signed-off-by: John Hubbard <jhubbard@nvidia.com>
---
drivers/gpu/nova-core/firmware.rs | 3 +-
drivers/gpu/nova-core/fsp.rs | 79 +++++++++++++++++++++++++++++++
2 files changed, 81 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/nova-core/firmware.rs b/drivers/gpu/nova-core/firmware.rs
index bc26807116e4..6d07715b3a49 100644
--- a/drivers/gpu/nova-core/firmware.rs
+++ b/drivers/gpu/nova-core/firmware.rs
@@ -26,6 +26,7 @@
},
};
+pub(crate) use elf::elf_section;
pub(crate) mod booter;
pub(crate) mod fsp;
pub(crate) mod fwsec;
@@ -646,7 +647,7 @@ fn elf32_section<'a>(elf: &'a [u8], name: &str) -> Option<&'a [u8]> {
}
/// Automatically detects ELF32 vs ELF64 based on the ELF header.
- pub(super) fn elf_section<'a>(elf: &'a [u8], name: &str) -> Option<&'a [u8]> {
+ pub(crate) fn elf_section<'a>(elf: &'a [u8], name: &str) -> Option<&'a [u8]> {
// Check ELF magic.
if elf.len() < 5 || elf.get(0..4)? != b"\x7fELF" {
return None;
diff --git a/drivers/gpu/nova-core/fsp.rs b/drivers/gpu/nova-core/fsp.rs
index 6d32e03d89f9..bbf89c70a425 100644
--- a/drivers/gpu/nova-core/fsp.rs
+++ b/drivers/gpu/nova-core/fsp.rs
@@ -112,6 +112,18 @@ unsafe impl AsBytes for GspFmcBootParams {}
// SAFETY: All bit patterns are valid for the primitive fields.
unsafe impl FromBytes for GspFmcBootParams {}
+/// Size constraints for FSP security signatures (Hopper/Blackwell).
+const FSP_HASH_SIZE: usize = 48; // SHA-384 hash
+const FSP_PKEY_SIZE: usize = 384; // RSA-3072 public key
+const FSP_SIG_SIZE: usize = 384; // RSA-3072 signature
+
+/// Structure to hold FMC signatures.
+#[derive(Debug, Clone, Copy)]
+pub(crate) struct FmcSignatures {
+ hash384: [u8; FSP_HASH_SIZE],
+ public_key: [u8; FSP_PKEY_SIZE],
+ signature: [u8; FSP_SIG_SIZE],
+}
/// FSP interface for Hopper/Blackwell GPUs.
pub(crate) struct Fsp;
@@ -145,4 +157,71 @@ pub(crate) fn wait_secure_boot(
})
.map(|_| ())
}
+
+ /// Extract FMC firmware signatures for Chain of Trust verification.
+ ///
+ /// Extracts real cryptographic signatures from FMC ELF32 firmware sections.
+ /// Returns signatures in a heap-allocated structure to prevent stack overflow.
+ #[expect(dead_code)]
+ pub(crate) fn extract_fmc_signatures(
+ dev: &device::Device<device::Bound>,
+ fmc_fw_data: &[u8],
+ ) -> Result<KBox<FmcSignatures>> {
+ let hash_section = crate::firmware::elf_section(fmc_fw_data, "hash")
+ .ok_or(EINVAL)
+ .inspect_err(|_| dev_err!(dev, "FMC firmware missing 'hash' section\n"))?;
+
+ let pkey_section = crate::firmware::elf_section(fmc_fw_data, "publickey")
+ .ok_or(EINVAL)
+ .inspect_err(|_| dev_err!(dev, "FMC firmware missing 'publickey' section\n"))?;
+
+ let sig_section = crate::firmware::elf_section(fmc_fw_data, "signature")
+ .ok_or(EINVAL)
+ .inspect_err(|_| dev_err!(dev, "FMC firmware missing 'signature' section\n"))?;
+
+ if hash_section.len() != FSP_HASH_SIZE {
+ dev_err!(
+ dev,
+ "FMC hash section size {} != expected {}\n",
+ hash_section.len(),
+ FSP_HASH_SIZE
+ );
+ return Err(EINVAL);
+ }
+
+ if pkey_section.len() > FSP_PKEY_SIZE {
+ dev_err!(
+ dev,
+ "FMC publickey section size {} > maximum {}\n",
+ pkey_section.len(),
+ FSP_PKEY_SIZE
+ );
+ return Err(EINVAL);
+ }
+
+ if sig_section.len() > FSP_SIG_SIZE {
+ dev_err!(
+ dev,
+ "FMC signature section size {} > maximum {}\n",
+ sig_section.len(),
+ FSP_SIG_SIZE
+ );
+ return Err(EINVAL);
+ }
+
+ let mut signatures = KBox::new(
+ FmcSignatures {
+ hash384: [0u8; FSP_HASH_SIZE],
+ public_key: [0u8; FSP_PKEY_SIZE],
+ signature: [0u8; FSP_SIG_SIZE],
+ },
+ GFP_KERNEL,
+ )?;
+
+ signatures.hash384.copy_from_slice(hash_section);
+ signatures.public_key[..pkey_section.len()].copy_from_slice(pkey_section);
+ signatures.signature[..sig_section.len()].copy_from_slice(sig_section);
+
+ Ok(signatures)
+ }
}
--
2.53.0
next prev parent reply other threads:[~2026-03-26 1:39 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-26 1:38 [PATCH v9 00/31] gpu: nova-core: firmware: Hopper/Blackwell support John Hubbard
2026-03-26 1:38 ` [PATCH v9 01/31] gpu: nova-core: Hopper/Blackwell: basic GPU identification John Hubbard
2026-03-26 1:38 ` [PATCH v9 02/31] gpu: nova-core: factor .fwsignature* selection into a new find_gsp_sigs_section() John Hubbard
2026-03-30 14:29 ` Alexandre Courbot
2026-03-30 17:51 ` John Hubbard
2026-03-26 1:38 ` [PATCH v9 03/31] gpu: nova-core: use GPU Architecture to simplify HAL selections John Hubbard
2026-03-26 1:38 ` [PATCH v9 04/31] gpu: nova-core: add Copy/Clone to Spec and Revision, add chipset() accessor John Hubbard
2026-03-26 1:38 ` [PATCH v9 05/31] gpu: nova-core: set DMA mask width based on GPU architecture John Hubbard
2026-03-30 14:32 ` Alexandre Courbot
2026-03-30 21:31 ` John Hubbard
2026-03-26 1:38 ` [PATCH v9 06/31] gpu: nova-core: Hopper/Blackwell: skip GFW boot waiting John Hubbard
2026-03-30 14:52 ` Alexandre Courbot
2026-03-30 15:20 ` Gary Guo
2026-03-30 18:33 ` Joel Fernandes
2026-03-30 19:15 ` John Hubbard
2026-03-31 0:18 ` Alexandre Courbot
2026-03-31 16:17 ` Joel Fernandes
2026-03-26 1:38 ` [PATCH v9 07/31] gpu: nova-core: move firmware image parsing code to firmware.rs John Hubbard
2026-03-26 1:38 ` [PATCH v9 08/31] gpu: nova-core: factor out an elf_str() function John Hubbard
2026-03-26 1:38 ` [PATCH v9 09/31] gpu: nova-core: don't assume 64-bit firmware images John Hubbard
2026-03-26 1:38 ` [PATCH v9 10/31] gpu: nova-core: add support for 32-bit " John Hubbard
2026-03-26 1:38 ` [PATCH v9 11/31] gpu: nova-core: add auto-detection of 32-bit, 64-bit " John Hubbard
2026-03-26 1:38 ` [PATCH v9 12/31] gpu: nova-core: Hopper/Blackwell: add FMC firmware image, in support of FSP John Hubbard
2026-03-26 1:38 ` [PATCH v9 13/31] gpu: nova-core: Hopper/Blackwell: add FSP falcon engine stub John Hubbard
2026-03-26 1:38 ` [PATCH v9 14/31] gpu: nova-core: Hopper/Blackwell: add FSP falcon EMEM operations John Hubbard
2026-03-26 1:38 ` [PATCH v9 15/31] gpu: nova-core: Hopper/Blackwell: add FSP message infrastructure John Hubbard
2026-03-26 1:38 ` [PATCH v9 16/31] rust: ptr: add const_align_up() John Hubbard
2026-03-27 9:33 ` Miguel Ojeda
2026-03-30 21:41 ` John Hubbard
2026-03-31 0:03 ` Miguel Ojeda
2026-03-31 2:23 ` Alexandre Courbot
2026-03-31 10:26 ` Miguel Ojeda
2026-03-31 2:21 ` Alexandre Courbot
2026-03-31 2:36 ` John Hubbard
2026-03-31 10:24 ` Miguel Ojeda
2026-03-31 11:53 ` Danilo Krummrich
2026-04-03 10:01 ` Miguel Ojeda
2026-04-03 10:02 ` Miguel Ojeda
2026-03-26 1:38 ` [PATCH v9 17/31] gpu: nova-core: Hopper/Blackwell: calculate reserved FB heap size John Hubbard
2026-04-08 1:52 ` Alexandre Courbot
2026-04-08 3:05 ` John Hubbard
2026-03-26 1:38 ` [PATCH v9 18/31] gpu: nova-core: add MCTP/NVDM protocol types for firmware communication John Hubbard
2026-03-26 1:38 ` [PATCH v9 19/31] gpu: nova-core: Hopper/Blackwell: add FSP secure boot completion waiting John Hubbard
2026-04-08 1:52 ` Alexandre Courbot
2026-04-08 2:59 ` John Hubbard
2026-03-26 1:38 ` John Hubbard [this message]
2026-03-26 1:38 ` [PATCH v9 21/31] gpu: nova-core: Hopper/Blackwell: add FSP send/receive messaging John Hubbard
2026-04-08 1:53 ` Alexandre Courbot
2026-03-26 1:38 ` [PATCH v9 22/31] gpu: nova-core: Hopper/Blackwell: add FspCotVersion type John Hubbard
2026-03-26 1:38 ` [PATCH v9 23/31] gpu: nova-core: Hopper/Blackwell: larger non-WPR heap John Hubbard
2026-03-26 1:38 ` [PATCH v9 24/31] gpu: nova-core: Hopper/Blackwell: add FSP Chain of Trust boot John Hubbard
2026-03-30 15:11 ` Alexandre Courbot
2026-03-30 22:54 ` John Hubbard
2026-04-08 3:00 ` Alexandre Courbot
2026-04-08 3:02 ` John Hubbard
2026-03-26 1:38 ` [PATCH v9 25/31] gpu: nova-core: Blackwell: use correct sysmem flush registers John Hubbard
2026-03-26 1:38 ` [PATCH v9 26/31] gpu: nova-core: make WPR heap sizing fallible John Hubbard
2026-04-08 1:53 ` Alexandre Courbot
2026-04-08 2:57 ` John Hubbard
2026-04-30 1:42 ` Alexandre Courbot
2026-03-26 1:38 ` [PATCH v9 27/31] gpu: nova-core: Hopper/Blackwell: larger WPR2 (GSP) heap John Hubbard
2026-03-26 1:38 ` [PATCH v9 28/31] gpu: nova-core: refactor SEC2 booter loading into BooterFirmware::run() John Hubbard
2026-03-26 1:39 ` [PATCH v9 29/31] gpu: nova-core: Hopper/Blackwell: add GSP lockdown release polling John Hubbard
2026-03-26 1:39 ` [PATCH v9 30/31] gpu: nova-core: Hopper/Blackwell: new location for PCI config mirror John Hubbard
2026-04-08 1:55 ` Alexandre Courbot
2026-04-08 2:52 ` John Hubbard
2026-03-26 1:39 ` [PATCH v9 31/31] gpu: nova-core: Hopper/Blackwell: integrate FSP boot path into boot() John Hubbard
2026-03-30 5:10 ` [PATCH v9 00/31] gpu: nova-core: firmware: Hopper/Blackwell support Alexandre Courbot
2026-03-30 22:47 ` John Hubbard
2026-04-08 1:51 ` Alexandre Courbot
2026-04-08 3:01 ` John Hubbard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260326013902.588242-21-jhubbard@nvidia.com \
--to=jhubbard@nvidia.com \
--cc=a.hindborg@kernel.org \
--cc=acourbot@nvidia.com \
--cc=airlied@gmail.com \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=apopple@nvidia.com \
--cc=bhelgaas@google.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=dakr@kernel.org \
--cc=ecourtney@nvidia.com \
--cc=gary@garyguo.net \
--cc=joelagnelf@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lossin@kernel.org \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=shashanks@nvidia.com \
--cc=simona@ffwll.ch \
--cc=tmgross@umich.edu \
--cc=ttabi@nvidia.com \
--cc=zhiw@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.