NVIDIA Alerts Nouveau: They're Starting To Sign/Validate GPU Firmware Images
Andy Ritger, one of the long-time NVIDIA Linux developers who is is a great person to work with, informed the Nouveau community on Friday night about the tightening of the "Falcon" micro-processor security. Falcon is what the Nouveau developers have referred to as "FUC" and it's the firmware for this micro-processor onboard the GPU that's needed in order to properly support hardware acceleration, etc. I.e. it's critical. It's what causes problems when NVIDIA hardware is first reverse-engineered and enabled by Nouveau: usually for the first few kernel releases it requires Nouveau users to first initialize their hardware with the proprietary NVIDIA driver to obtain an MMIOtrace'd dump so they can then create their own firmware files. However, moving forward the hardware is going to be expecting signed firmware images in order to expose the complete GPU capabilities. With time, Nouveau's DRM driver has come up with the ability to self-generate its required FUC microcode for given GPUs so that it will work freely across NVIDIA GPUs without depending upon closed-source and non-redistributable firmware blobs.
Andy explained, "certain aspects of the chip will only be available to Falcon firmware images signed by NVIDIA. So far, the set of restricted things is pretty small, but I expect this list will slowly grow over future hardware generations."
NVIDIA requiring signed firmware images is being done to better protect the hardware from being misprogrammed for security reasons. With this initial security implementation, the restrictions are relatively mundane like protecting fuses and ROM from being written by incorrect or malicious software. There's protections for registers dealing with thermal shutdown and the thermal sensors while with GM20x there's now physical memory access restrictions too. However, as Andy mentioned, he expects the restrictions to grow over time for firmware that hasn't been signed by NVIDIA Corp.
To help out Nouveau, Ritger and his team are working on the best way to make NVIDIA firmware images separate from the rest of their Linux driver. As what would be a win for end-users, NVIDIA would make these firmware images "officially redistributable for use by Nouveau" -- i.e. avoiding the situation above where early hardware enablement currently requires doing MMIOtrace dumps, generating your own firmware files, etc as you could now use NVIDIA's public firmware images.
NVIDIA providing closed-source, redistributable firmware images for use by Nouveau wouldn't be too far off from what AMD does right now, albeit a step back from where things are at when Nouveau can spin its own firmware support. While AMD has their much-praised, open-source Linux graphics driver stack, the driver does remain entirely dependent upon the company's closed-source microcode files for operation. This is why the open-source Radeon graphics don't work in Debian (out of the box) and other distributions that refrain from shipping binary-only firmware blobs.
Andy asked the Nouveau developers about backwards compatibility concerns and other questions and he hopes to have a greater discussion early next month at XDC2014 Bordeaux. Andy's email can be found here along with some early responses. At the end of the day, NVIDIA hardware is becoming tighter with more restrictions imposed (in the name of security) and the hardware is less open-source friendly on a fundamental term, but NVIDIA's Linux group continues to increase their cooperation with Nouveau to ensure this doesn't thwart their open-source effort and that this open-source NVIDIA Linux driver will remain viable for end-users.