From: John Hubbard <jhubbard@nvidia.com>
To: Danilo Krummrich <dakr@kernel.org>,
Alexandre Courbot <acourbot@nvidia.com>
Cc: "Joel Fernandes" <joelagnelf@nvidia.com>,
"Timur Tabi" <ttabi@nvidia.com>,
"Alistair Popple" <apopple@nvidia.com>,
"Eliot Courtney" <ecourtney@nvidia.com>,
"Shashank Sharma" <shashanks@nvidia.com>,
"Zhi Wang" <zhiw@nvidia.com>, "David Airlie" <airlied@gmail.com>,
"Simona Vetter" <simona@ffwll.ch>,
"Bjorn Helgaas" <bhelgaas@google.com>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Boqun Feng" <boqun.feng@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <lossin@kernel.org>,
"Andreas Hindborg" <a.hindborg@kernel.org>,
"Alice Ryhl" <aliceryhl@google.com>,
"Trevor Gross" <tmgross@umich.edu>,
rust-for-linux@vger.kernel.org,
LKML <linux-kernel@vger.kernel.org>,
"John Hubbard" <jhubbard@nvidia.com>
Subject: [PATCH v10 17/28] gpu: nova-core: Hopper/Blackwell: add FSP secure boot completion waiting
Date: Fri, 10 Apr 2026 19:49:42 -0700 [thread overview]
Message-ID: <20260411024953.473149-18-jhubbard@nvidia.com> (raw)
In-Reply-To: <20260411024953.473149-1-jhubbard@nvidia.com>
Add the FSP module with Fsp::wait_secure_boot(), which polls the I2CS
thermal scratch register until FSP signals boot success or the 5-second
timeout expires. Hopper and Blackwell use FSP instead of SEC2 for
secure boot.
Signed-off-by: John Hubbard <jhubbard@nvidia.com>
---
drivers/gpu/nova-core/fsp.rs | 53 ++++++++++++++++++++++++++++++
drivers/gpu/nova-core/gsp/boot.rs | 5 ++-
drivers/gpu/nova-core/nova_core.rs | 1 +
drivers/gpu/nova-core/regs.rs | 29 ++++++++++++++++
4 files changed, 87 insertions(+), 1 deletion(-)
create mode 100644 drivers/gpu/nova-core/fsp.rs
diff --git a/drivers/gpu/nova-core/fsp.rs b/drivers/gpu/nova-core/fsp.rs
new file mode 100644
index 000000000000..55e543e80de8
--- /dev/null
+++ b/drivers/gpu/nova-core/fsp.rs
@@ -0,0 +1,53 @@
+// SPDX-License-Identifier: GPL-2.0
+
+//! FSP (Firmware System Processor) interface for Hopper/Blackwell GPUs.
+//!
+//! Hopper/Blackwell use a simplified firmware boot sequence: FMC --> FSP --> GSP.
+//! Unlike Turing/Ampere/Ada, there is NO SEC2 (Security Engine 2) usage.
+//! FSP handles secure boot directly using FMC firmware + Chain of Trust.
+
+use kernel::{
+ device,
+ io::poll::read_poll_timeout,
+ prelude::*,
+ time::Delta, //
+};
+
+use crate::regs;
+
+/// FSP secure boot completion timeout in milliseconds.
+const FSP_SECURE_BOOT_TIMEOUT_MS: i64 = 5000;
+
+/// FSP interface for Hopper/Blackwell GPUs.
+pub(crate) struct Fsp;
+
+impl Fsp {
+ /// Wait for FSP secure boot completion.
+ ///
+ /// Polls the thermal scratch register until FSP signals boot completion
+ /// or timeout occurs.
+ pub(crate) fn wait_secure_boot(
+ dev: &device::Device<device::Bound>,
+ bar: &crate::driver::Bar0,
+ arch: crate::gpu::Architecture,
+ ) -> Result {
+ debug_assert!(
+ regs::read_fsp_boot_complete_status(bar, arch).is_some(),
+ "wait_secure_boot called on non-FSP architecture"
+ );
+
+ let timeout = Delta::from_millis(FSP_SECURE_BOOT_TIMEOUT_MS);
+
+ read_poll_timeout(
+ || regs::read_fsp_boot_complete_status(bar, arch).ok_or(ENOTSUPP),
+ |&status| status == regs::FSP_BOOT_COMPLETE_SUCCESS,
+ Delta::from_millis(10),
+ timeout,
+ )
+ .map_err(|_| {
+ dev_err!(dev, "FSP secure boot completion timeout\n");
+ ETIMEDOUT
+ })
+ .map(|_| ())
+ }
+}
diff --git a/drivers/gpu/nova-core/gsp/boot.rs b/drivers/gpu/nova-core/gsp/boot.rs
index 1998bd230185..9609cef3ff51 100644
--- a/drivers/gpu/nova-core/gsp/boot.rs
+++ b/drivers/gpu/nova-core/gsp/boot.rs
@@ -33,6 +33,7 @@
gsp::GspFirmware,
FIRMWARE_VERSION, //
},
+ fsp::Fsp,
gpu::{
Architecture,
Chipset, //
@@ -199,7 +200,7 @@ fn boot_via_sec2(
/// the GSP boot internally - no manual GSP reset/boot is needed.
fn boot_via_fsp(
dev: &device::Device<device::Bound>,
- _bar: &Bar0,
+ bar: &Bar0,
chipset: Chipset,
_gsp_falcon: &Falcon<Gsp>,
_wpr_meta: &Coherent<GspFwWprMeta>,
@@ -209,6 +210,8 @@ fn boot_via_fsp(
let _fsp_fw = FspFirmware::new(dev, chipset, FIRMWARE_VERSION)?;
+ Fsp::wait_secure_boot(dev, bar, chipset.arch())?;
+
Err(ENOTSUPP)
}
diff --git a/drivers/gpu/nova-core/nova_core.rs b/drivers/gpu/nova-core/nova_core.rs
index 3a609f6937e4..53558ac0f619 100644
--- a/drivers/gpu/nova-core/nova_core.rs
+++ b/drivers/gpu/nova-core/nova_core.rs
@@ -17,6 +17,7 @@
mod falcon;
mod fb;
mod firmware;
+mod fsp;
mod gpu;
mod gsp;
#[macro_use]
diff --git a/drivers/gpu/nova-core/regs.rs b/drivers/gpu/nova-core/regs.rs
index 6faeed73901d..e4de7bfffde1 100644
--- a/drivers/gpu/nova-core/regs.rs
+++ b/drivers/gpu/nova-core/regs.rs
@@ -511,6 +511,35 @@ pub(crate) fn mem_scrubbing_done(self) -> bool {
}
}
+// PTHERM registers
+
+// FSP secure boot completion status register used by FSP to signal boot completion.
+// This is the NV_THERM_I2CS_SCRATCH register.
+// Different architectures use different addresses:
+// - Hopper (GH100) and Blackwell GB10x: 0x000200bc
+// - Blackwell GB20x: 0x00ad00bc
+pub(crate) fn fsp_thermal_scratch_reg_addr(arch: Architecture) -> Result<usize> {
+ match arch {
+ Architecture::Hopper | Architecture::BlackwellGB10x => Ok(0x000200bc),
+ Architecture::BlackwellGB20x => Ok(0x00ad00bc),
+ _ => Err(kernel::error::code::ENOTSUPP),
+ }
+}
+
+/// FSP writes this value to indicate successful boot completion.
+pub(crate) const FSP_BOOT_COMPLETE_SUCCESS: u32 = 0xff;
+
+/// Read FSP boot completion status from the architecture-specific thermal scratch register.
+///
+/// Returns `None` if the architecture does not have an FSP.
+pub(crate) fn read_fsp_boot_complete_status(
+ bar: &crate::driver::Bar0,
+ arch: Architecture,
+) -> Option<u32> {
+ let addr = fsp_thermal_scratch_reg_addr(arch).ok()?;
+ Some(bar.read32(addr))
+}
+
// The modules below provide registers that are not identical on all supported chips. They should
// only be used in HAL modules.
--
2.53.0
next prev parent reply other threads:[~2026-04-11 2:50 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-11 2:49 [PATCH v10 00/28] gpu: nova-core: firmware: Hopper/Blackwell support John Hubbard
2026-04-11 2:49 ` [PATCH v10 01/28] gpu: nova-core: factor .fwsignature* selection into a new find_gsp_sigs_section() John Hubbard
2026-04-11 2:49 ` [PATCH v10 02/28] gpu: nova-core: use GPU Architecture to simplify HAL selections John Hubbard
2026-04-11 2:49 ` [PATCH v10 03/28] gpu: nova-core: Hopper/Blackwell: basic GPU identification John Hubbard
2026-04-11 3:58 ` Timur Tabi
2026-04-11 2:49 ` [PATCH v10 04/28] gpu: nova-core: add Copy/Clone to Spec and Revision John Hubbard
2026-04-11 2:49 ` [PATCH v10 05/28] gpu: nova-core: set DMA mask width based on GPU architecture John Hubbard
2026-04-11 2:49 ` [PATCH v10 06/28] gpu: nova-core: move GFW boot wait into a GPU HAL John Hubbard
2026-04-11 2:49 ` [PATCH v10 07/28] gpu: nova-core: Hopper/Blackwell: skip GFW boot waiting John Hubbard
2026-04-11 2:49 ` [PATCH v10 08/28] gpu: nova-core: Blackwell: calculate reserved FB heap size John Hubbard
2026-04-11 2:49 ` [PATCH v10 09/28] gpu: nova-core: Hopper/Blackwell: new location for PCI config mirror John Hubbard
2026-04-11 2:49 ` [PATCH v10 10/28] gpu: nova-core: refactor SEC2 booter loading into BooterFirmware::run() John Hubbard
2026-04-11 2:49 ` [PATCH v10 11/28] gpu: nova-core: Hopper/Blackwell: integrate FSP boot path into boot() John Hubbard
2026-04-11 2:49 ` [PATCH v10 12/28] gpu: nova-core: don't assume 64-bit firmware images John Hubbard
2026-04-11 2:49 ` [PATCH v10 13/28] gpu: nova-core: add support for 32-bit " John Hubbard
2026-04-11 2:49 ` [PATCH v10 14/28] gpu: nova-core: add auto-detection of 32-bit, 64-bit " John Hubbard
2026-04-11 2:49 ` [PATCH v10 15/28] gpu: nova-core: Hopper/Blackwell: add FSP falcon engine stub John Hubbard
2026-04-11 2:49 ` [PATCH v10 16/28] gpu: nova-core: Hopper/Blackwell: add FMC firmware image, in support of FSP John Hubbard
2026-04-11 2:49 ` John Hubbard [this message]
2026-04-11 2:49 ` [PATCH v10 18/28] gpu: nova-core: Hopper/Blackwell: add FMC signature extraction John Hubbard
2026-04-11 2:49 ` [PATCH v10 19/28] gpu: nova-core: Hopper/Blackwell: add FSP falcon EMEM operations John Hubbard
2026-04-11 2:49 ` [PATCH v10 20/28] gpu: nova-core: Hopper/Blackwell: add FSP message infrastructure John Hubbard
2026-04-11 2:49 ` [PATCH v10 21/28] gpu: nova-core: add MCTP/NVDM protocol types for firmware communication John Hubbard
2026-04-11 2:49 ` [PATCH v10 22/28] gpu: nova-core: Hopper/Blackwell: add FSP send/receive messaging John Hubbard
2026-04-11 2:49 ` [PATCH v10 23/28] gpu: nova-core: Hopper/Blackwell: add FspCotVersion type John Hubbard
2026-04-11 2:49 ` [PATCH v10 24/28] gpu: nova-core: Hopper/Blackwell: larger non-WPR heap John Hubbard
2026-04-11 2:49 ` [PATCH v10 25/28] gpu: nova-core: Hopper/Blackwell: add FSP Chain of Trust boot John Hubbard
2026-04-11 2:49 ` [PATCH v10 26/28] gpu: nova-core: Blackwell: use correct sysmem flush registers John Hubbard
2026-04-11 2:49 ` [PATCH v10 27/28] gpu: nova-core: Hopper/Blackwell: larger WPR2 (GSP) heap John Hubbard
2026-04-11 2:49 ` [PATCH v10 28/28] gpu: nova-core: Hopper/Blackwell: add GSP lockdown release polling John Hubbard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260411024953.473149-18-jhubbard@nvidia.com \
--to=jhubbard@nvidia.com \
--cc=a.hindborg@kernel.org \
--cc=acourbot@nvidia.com \
--cc=airlied@gmail.com \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=apopple@nvidia.com \
--cc=bhelgaas@google.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=dakr@kernel.org \
--cc=ecourtney@nvidia.com \
--cc=gary@garyguo.net \
--cc=joelagnelf@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lossin@kernel.org \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=shashanks@nvidia.com \
--cc=simona@ffwll.ch \
--cc=tmgross@umich.edu \
--cc=ttabi@nvidia.com \
--cc=zhiw@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox