On 5/6/2025 12:26 PM, Zhi Wang wrote: > On Sat, 3 May 2025 00:07:56 -0400 > Joel Fernandes <joelagnelf@xxxxxxxxxx> wrote: > >> Add explanation of fwsec with diagrams. This helps clarify how the >> nova-core falcon boot works. >> >> Signed-off-by: Joel Fernandes <joelagnelf@xxxxxxxxxx> >> --- >> Documentation/gpu/nova/core/fwsec.rst | 180 >> ++++++++++++++++++++++++++ Documentation/gpu/nova/index.rst | >> 1 + 2 files changed, 181 insertions(+) >> create mode 100644 Documentation/gpu/nova/core/fwsec.rst >> >> diff --git a/Documentation/gpu/nova/core/fwsec.rst >> b/Documentation/gpu/nova/core/fwsec.rst new file mode 100644 >> index 000000000000..bed941ac3f2b >> --- /dev/null >> +++ b/Documentation/gpu/nova/core/fwsec.rst >> @@ -0,0 +1,180 @@ >> +.. SPDX-License-Identifier: (GPL-2.0+ OR MIT) >> +========================= >> +FWSEC (Firmware Security) >> +========================= >> +This document briefly/conceptually describes the FWSEC (Firmware >> Security) image +and its role in the GPU boot sequence. As such, this >> information is subject to +change in the future and is only current >> as of the Ampere GPU family. However, +hopefully the concepts >> described will be useful for understanding the kernel code +that >> deals with it. All the information is derived from publicly available >> +sources such as public drivers and documentation. + >> +The role of FWSEC to provide secure boot, it is running in >> Heavy-secure mode. It does +firmware verification after GPU reset and >> load various ucode images on to the other +microcontrollers on the >> GPU such as the PMU and GSP. + >> +FWSEC itself is an application stored in the VBIOS ROM in the FWSEC >> partition of +ROM (see vbios.rst for more details). It contains >> different commands like FRTS +(Firmware Runtime Services) and SB >> (Secure Booting other microcontrollers after +reset and loading them >> with other non-FWSEC ucode). The kernel driver only needs to +to do >> FRTS, since SB is already already after reset by the time the kernel >> driver +is loaded. + >> +The FRTS command carves out the WPR2 region (Write protected region) >> which contains +data data required for power management. Once setup, > > repetitive word "data" ^ > Fixed, thanks! - Joel
