Easy. Gate critical API calls implemented in the hardware behind cryptographic signature verification. You sign the firmware using your private manufacturer's key. You validate with a public key burnt into the Silicon.
They apply the same type of gatekeeping to power management and reclocking in post-Maxwell GPU architectures. This is why the nouveau driver hasn't been able to maintain parity with the proprietary driver.
I can't quite remember the search engine contortions I did to home in on it the first time, but I think "Falcon high-security power-management reclocking firmware signature verification Maxwell 970 GPU driver" should get you in the right direction.
Basically, Nvidia cryptographically signs the firmware blob (digest), and I think uses asymmetric crypto implemented through a public key embedded in the silicon that can decrypt the firmware signature shipped with the driver for comparison by the Falcon microprocessor to gate access to what firmware code can gain access to the power management/reclocking API's that make modern gfx cards useful. I was doing some research on it at one point between jobs, but it's been a while. Long story short, if Nvidia doesn't bless your firmware, you can't get full use out of your card. Anti-competitive/anti-user as all hell, no network connection required, and you can technically still "use it" at a near useless base clock rate.
This practice is part of why there was all that controversy around that hash-rate limiter added to 3060/70 GPU firmware?
A signed development version of the driver without the hash-rate limiter was leaked, meaning all the miners just used that as their driver to get full performance cryptocurrency mining on the cheaper cards.
This is why, God as my witness, I will do everything in my power to never support Nvidia as a company ever again, and I have become increasingly vigilant against other actors trying to sneakily push cryptography based anti-features elsewhere.
I was never interested in hardware at this level of gory detail before, but now that I've seen it it can't be unseen; and I must protect open computing for those who come after me.
Nvidia already does this for things like DriveOS.
https://docs.nvidia.com/drive/drive-os-5.2.0.0L/drive-os/ind...
They apply the same type of gatekeeping to power management and reclocking in post-Maxwell GPU architectures. This is why the nouveau driver hasn't been able to maintain parity with the proprietary driver.
I can't quite remember the search engine contortions I did to home in on it the first time, but I think "Falcon high-security power-management reclocking firmware signature verification Maxwell 970 GPU driver" should get you in the right direction.
Basically, Nvidia cryptographically signs the firmware blob (digest), and I think uses asymmetric crypto implemented through a public key embedded in the silicon that can decrypt the firmware signature shipped with the driver for comparison by the Falcon microprocessor to gate access to what firmware code can gain access to the power management/reclocking API's that make modern gfx cards useful. I was doing some research on it at one point between jobs, but it's been a while. Long story short, if Nvidia doesn't bless your firmware, you can't get full use out of your card. Anti-competitive/anti-user as all hell, no network connection required, and you can technically still "use it" at a near useless base clock rate.
This practice is part of why there was all that controversy around that hash-rate limiter added to 3060/70 GPU firmware? A signed development version of the driver without the hash-rate limiter was leaked, meaning all the miners just used that as their driver to get full performance cryptocurrency mining on the cheaper cards.
This is why, God as my witness, I will do everything in my power to never support Nvidia as a company ever again, and I have become increasingly vigilant against other actors trying to sneakily push cryptography based anti-features elsewhere.
I was never interested in hardware at this level of gory detail before, but now that I've seen it it can't be unseen; and I must protect open computing for those who come after me.