Marcin Kościelnicki | 25 Sep 09:46 2013
Picon

Re: offer to help, DCB

> Does Nouveau reimplement Falcon microcode due to particular deficiencies
> in NVIDIA's microcode, or because you couldn't get permission in the past
> to redistribute the firmware extracted from NVIDIA's proprietary driver?
> If the latter, I think we can get to the point of solving that with more
> amenable licensing.  If the former, I'd like to report the deficiencies
> from your point of view back to NVIDIA's firmware team, so that we can
> improve the firmware for Nouveau use.

While I'm personally one of the guys who wouldn't like to see a binary 
blob in nouveau, no matter the terms, I've read the firmware blobs 
decompilation and I'm quite concerned about possible security implications.

The PGRAPH context switch microcode allows user to read/write arbitrary 
MMIO registers by submitting the firmware methods. The GF100+ video 
decoding etc. falcon microcodes allow you to just ask for physical 
instead of virtual addressing, and that includes physical system memory. 
Why did nVidia include such obviously security-breaking functionality in 
the firmware images? As I understand it, a user having access to just 
the FIFO submission interface should only have access to his own VM 
area, and not have enough power to take over the machine. Is there any 
security model for nVidia hardware/firmware/kernel driver system?

Marcin Kościelnicki
_______________________________________________
Nouveau mailing list
Nouveau <at> lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/nouveau

Gmane