Re: [PATCH v12 13/22] gpu: nova-core: Hopper/Blackwell: add FMC signature extraction

Next message: AnonymeMeow: "[PATCH v4 0/2] fanotify: lift pidfd reporting restrictions"
Previous message: Alison Schofield: "Re: [PATCH V3 6/9] dax/fsdev: fail probe on invalid pgmap offset"
In reply to: Timur Tabi: "Re: [PATCH v12 13/22] gpu: nova-core: Hopper/Blackwell: add FMC signature extraction"
Next in thread: Timur Tabi: "Re: [PATCH v12 13/22] gpu: nova-core: Hopper/Blackwell: add FMC signature extraction"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alexandre Courbot

Date: Tue Jun 02 2026 - 20:21:16 EST

On Wed Jun 3, 2026 at 9:04 AM JST, Timur Tabi wrote:
> On Mon, 2026-06-01 at 20:21 -0700, John Hubbard wrote:
>> +/// Size of the FSP SHA-384 hash, in bytes.
>> +const FSP_HASH_SIZE: usize = 48;
>> +/// Maximum size of the FSP public key (RSA-3072), in bytes.
>> +///
>> +/// The FMC ELF `publickey` section may be shorter, so the remaining bytes are zero-padded.
>> +const FSP_PKEY_SIZE: usize = 384;
>> +/// Maximum size of the FSP signature (RSA-3072), in bytes.
>> +///
>> +/// The FMC ELF `signature` section may be shorter, so the remaining bytes are zero-padded.
>> +const FSP_SIG_SIZE: usize = 384;
>
> How can we be certain that these lengths are really fixed? I can add these length restrictions to
> the script that generates the files, but I want to be really certain that they will be correct for
> all time.

These are RSA-3072 keys/signatures, which are by convention 384 bytes
(or 3072 bits), so I think we can rely on that assumption as long as the
content type doesn't change. I am actually surprised that the comment
says the section can be shorter - that doesn't sound possible with
RSA-30272 .

Does the script have a way to validate the length? If so, I agree it is
a good idea to do so, to flag the problem before it shows up in the
driver.