From: Zhi Wang <zhiw@nvidia.com>
To: Alexandre Courbot <acourbot@nvidia.com>
Cc: <dakr@kernel.org>, <airlied@gmail.com>, <simona@ffwll.ch>,
<ojeda@kernel.org>, <alex.gaynor@gmail.com>,
<boqun.feng@gmail.com>, <gary@garyguo.net>,
<bjorn3_gh@protonmail.com>, <lossin@kernel.org>,
<a.hindborg@kernel.org>, <aliceryhl@google.com>,
<tmgross@umich.edu>, <jhubbard@nvidia.com>,
<ecourtney@nvidia.com>, <joelagnelf@nvidia.com>,
<apopple@nvidia.com>, <cjia@nvidia.com>, <smitra@nvidia.com>,
<kjaju@nvidia.com>, <alkumar@nvidia.com>, <ankita@nvidia.com>,
<aniketa@nvidia.com>, <kwankhede@nvidia.com>,
<targupta@nvidia.com>, <nova-gpu@lists.linux.dev>,
<linux-kernel@vger.kernel.org>, <zhiwang@kernel.org>
Subject: Re: [PATCH 5/9] gpu: nova-core: add FSP and PRC protocol documentation
Date: Wed, 17 Jun 2026 10:51:06 +0300 [thread overview]
Message-ID: <20260617105106.5fceaf8a@inno-dell> (raw)
In-Reply-To: <DJABQBFVXDZW.T9Z7B76WVMXL@nvidia.com>
On Tue, 16 Jun 2026 17:17:34 +0900
"Alexandre Courbot" <acourbot@nvidia.com> wrote:
> On Thu Jun 4, 2026 at 8:43 PM JST, Zhi Wang wrote:
> > Add documentation for the Foundation Security Processor (FSP)
> > interface covering the simplified Hopper/Blackwell boot flow, the
> > Chain of Trust (COT) message protocol, the MCTP/NVDM message
> > format, and the Product Reconfiguration Control (PRC) protocol used
> > to query device configuration knobs such as vGPU mode.
> >
> > Signed-off-by: Zhi Wang <zhiw@nvidia.com>
>
> This is super useful, thanks! One question below:
>
> > ---
> > Documentation/gpu/nova/core/fsp.rst | 142
> > ++++++++++++++++++++++++++++ Documentation/gpu/nova/index.rst |
> > 1 + 2 files changed, 143 insertions(+)
> > create mode 100644 Documentation/gpu/nova/core/fsp.rst
> >
> > diff --git a/Documentation/gpu/nova/core/fsp.rst
> > b/Documentation/gpu/nova/core/fsp.rst new file mode 100644
> > index 000000000000..52d618d22bb8
> > --- /dev/null
> > +++ b/Documentation/gpu/nova/core/fsp.rst
> > @@ -0,0 +1,142 @@
> > +.. SPDX-License-Identifier: GPL-2.0
> > +
> > +===================================================
> > +FSP (Foundation Security Processor) and Secure Boot
> > +===================================================
> > +This document describes the role of the FSP in the GPU boot
> > sequence on +Hopper and Blackwell GPUs, and how it differs from the
> > earlier Ampere boot +flow. It also provides a brief overview of the
> > PRC (Product Reconfiguration +Control) protocol used to query
> > device configuration through FSP. As with +other documents in this
> > directory, the information is subject to change and +is intended to
> > help developers understand the corresponding kernel code. +
> > +What is FSP?
> > +============
> > +The Foundation Security Processor (FSP) is the GPU's Internal Root
> > of Trust +(IROT). It is a dedicated security processor that boots
> > from immutable ROM +(Boot ROM) inside the GPU and is responsible
> > for establishing the Chain of +Trust before any other firmware is
> > allowed to run. +
> > +FSP runs independently of the host CPU and starts executing as
> > soon as the +GPU is powered on. By the time the nova-core driver is
> > loaded, FSP has +already completed its own secure boot and is ready
> > to accept commands from +the driver.
> > +
> > +Simplified boot flow (Hopper/Blackwell)
> > +=======================================
> > +Starting with Hopper, the boot flow is significantly simplified
> > compared to +earlier GPU generations like Ampere.
> > +
> > +On an **Ampere** GPU, the boot verification chain involves
> > multiple Falcon +engines and multiple ucode stages (see falcon.rst
> > for details):: +
> > + Hardware BROM (SEC2)
>
> Is this referring to FWSEC-FRTS? If so, should this be `GSP` instead
> of `SEC2`?
Hi Alex:
This refers to the BootROM in the SEC2 Peregrine. From the timeline
perspective, FWSEC-FRTS should be positioned as below. I was thinking to
show the brief differences of relationship between internal processors
so I omit the FWSEC-FRTS in the sequence. Do you think we should add it?
+ Hardware BROM (SEC2)
here < ----- FWSEC-FRTS (GSP)
+ -> HS Booter (SEC2)
+ -> LS GSP-RM (GSP)
Z.
next prev parent reply other threads:[~2026-06-17 7:51 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-04 11:43 [PATCH 0/9] gpu: nova-core: boot GSP with vGPU enabled on Zhi Wang
2026-06-04 11:43 ` [PATCH 1/9] rust: pci: expose sriov_get_totalvfs() helper Zhi Wang
2026-06-05 14:08 ` Alexandre Courbot
2026-06-17 7:51 ` Zhi Wang
2026-06-04 11:43 ` [PATCH 2/9] gpu: nova-core: factor out common FSP message header Zhi Wang
2026-06-05 13:21 ` Alexandre Courbot
2026-06-04 11:43 ` [PATCH 3/9] gpu: nova-core: return FSP response buffer to caller Zhi Wang
2026-06-05 13:25 ` Alexandre Courbot
2026-06-05 16:04 ` Zhi Wang
2026-06-09 6:07 ` Alexandre Courbot
2026-06-17 7:52 ` Zhi Wang
2026-06-04 11:43 ` [PATCH 4/9] gpu: nova-core: read vGPU mode from FSP via PRC protocol Zhi Wang
2026-06-16 8:35 ` Alexandre Courbot
2026-06-17 8:01 ` Zhi Wang
2026-06-04 11:43 ` [PATCH 5/9] gpu: nova-core: add FSP and PRC protocol documentation Zhi Wang
2026-06-16 8:17 ` Alexandre Courbot
2026-06-17 7:51 ` Zhi Wang [this message]
2026-06-17 13:21 ` Alexandre Courbot
2026-06-04 11:43 ` [PATCH 6/9] gpu: nova-core: consolidate GSP boot parameters into GspBootContext Zhi Wang
2026-06-16 14:13 ` Alexandre Courbot
2026-06-17 13:22 ` Alexandre Courbot
2026-06-04 11:43 ` [PATCH 7/9] gpu: nova-core: add vGPU preludes Zhi Wang
2026-06-17 3:08 ` Alexandre Courbot
2026-06-04 11:43 ` [PATCH 8/9] gpu: nova-core: set RMSetSriovMode when NVIDIA vGPU is enabled Zhi Wang
2026-06-17 3:13 ` Alexandre Courbot
2026-06-04 11:43 ` [PATCH] gpu: nova-core: reserve a larger GSP WPR2 heap when " Zhi Wang
2026-06-16 14:20 ` Alexandre Courbot
2026-06-17 3:09 ` Alexandre Courbot
2026-06-17 8:07 ` Zhi Wang
2026-06-17 12:02 ` Alexandre Courbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260617105106.5fceaf8a@inno-dell \
--to=zhiw@nvidia.com \
--cc=a.hindborg@kernel.org \
--cc=acourbot@nvidia.com \
--cc=airlied@gmail.com \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=alkumar@nvidia.com \
--cc=aniketa@nvidia.com \
--cc=ankita@nvidia.com \
--cc=apopple@nvidia.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=cjia@nvidia.com \
--cc=dakr@kernel.org \
--cc=ecourtney@nvidia.com \
--cc=gary@garyguo.net \
--cc=jhubbard@nvidia.com \
--cc=joelagnelf@nvidia.com \
--cc=kjaju@nvidia.com \
--cc=kwankhede@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lossin@kernel.org \
--cc=nova-gpu@lists.linux.dev \
--cc=ojeda@kernel.org \
--cc=simona@ffwll.ch \
--cc=smitra@nvidia.com \
--cc=targupta@nvidia.com \
--cc=tmgross@umich.edu \
--cc=zhiwang@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox