Does Nouveau reimplement Falcon microcode due to particular deficiencies in NVIDIA's microcode, or because you couldn't get permission in the past to redistribute the firmware extracted from NVIDIA's proprietary driver? If the latter, I think we can get to the point of solving that with more amenable licensing. If the former, I'd like to report the deficiencies from your point of view back to NVIDIA's firmware team, so that we can improve the firmware for Nouveau use.
While I'm personally one of the guys who wouldn't like to see a binary blob in nouveau, no matter the terms, I've read the firmware blobs decompilation and I'm quite concerned about possible security implications.
The PGRAPH context switch microcode allows user to read/write arbitrary MMIO registers by submitting the firmware methods. The GF100+ video decoding etc. falcon microcodes allow you to just ask for physical instead of virtual addressing, and that includes physical system memory. Why did nVidia include such obviously security-breaking functionality in the firmware images? As I understand it, a user having access to just the FIFO submission interface should only have access to his own VM area, and not have enough power to take over the machine. Is there any security model for nVidia hardware/firmware/kernel driver system?
Marcin Kościelnicki _______________________________________________ Nouveau mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/nouveau
