0 users browsing Discussion. | 47 bots  
    Main » Discussion » Linux + FPGA + RISC-V = self-hosting libre hw/sw stack
    Pages: 1
    Posted on 19-11-19, 11:50
    Post: #109 of 205
    Since: 11-24-18

    Last post: 155 days
    Last view: 27 days
    This is freakingly freaking awesome!

    https://www.contrib.andrew.cmu.edu/~somlo/BTCP/

    "My goal is to build a Free/OpenSource computer from the ground up, so I may completely trust that the entire hardware+software system's behavior is 100% attributable to its fully available HDL (Hardware Description Language) and Software sources.
    More importantly, I need all the compilers and associated toolchains involved in building the overall system (from HDL and Software sources) to be Free/OpenSource, and to be themselves buildable and runnable on the computer system being described. In other words, I need a self-hosting Free/OpenSource hardware+software stack!"
    Posted on 19-11-19, 12:10
    Stirrer of Shit
    Post: #677 of 717
    Since: 01-26-19

    Last post: 1763 days
    Last view: 1761 days
    That's interesting, but how does he know the FPGA doesn't have any backdoors?

    There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
    Posted on 19-11-19, 12:21
    Post: #110 of 205
    Since: 11-24-18

    Last post: 155 days
    Last view: 27 days
    Posted by sureanem
    That's interesting, but how does he know the FPGA doesn't have any backdoors?


    ...

    You really have no clue how an FPGA works, right? It's pretty much impossible to put a back door into the FPGA itself, since it does not have any persistent silicon or memory. It does not even have an I/O die.

    Granted, you could do the good old compiler payload trick, but the FPGA in and of itself... Nope.
    Posted on 19-11-19, 12:34
    Stirrer of Shit
    Post: #680 of 717
    Since: 01-26-19

    Last post: 1763 days
    Last view: 1761 days
    How do you know that though? It's an integrated circuit, it's not possible to audit it. They could burn literally anything they please into it and you've have no way of telling, short of decapping it.


    There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
    Posted on 19-11-19, 13:03
    Post: #111 of 205
    Since: 11-24-18

    Last post: 155 days
    Last view: 27 days
    Posted by sureanem
    How do you know that though? It's an integrated circuit, it's not possible to audit it. They could burn literally anything they please into it and you've have no way of telling, short of decapping it.


    FTFA: "The FPGA is a regular grid of identical components, so (destructive) visual inspection (i.e., chemical ablation and TEM imaging) is more feasible than with a dedicated ASIC that has much less visual regularity and repeatability."

    You can never be 100% safe. But you can be reasonably safe FPGAs are tamper-proof.
    Posted on 19-11-19, 13:14
    Stirrer of Shit
    Post: #681 of 717
    Since: 01-26-19

    Last post: 1763 days
    Last view: 1761 days
    Yes, but it's hardly cheap to do so, and you could very well be prevented under legal limitations.

    There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
    Posted on 19-11-19, 16:30
    Post: #112 of 205
    Since: 11-24-18

    Last post: 155 days
    Last view: 27 days
    Posted by sureanem
    Yes, but it's hardly cheap to do so, and you could very well be prevented under legal limitations.


    Decaps are actually fairly cheap... For corporations and countries, both whom are interested in getting this kind of verifiability. For you and me, not so much. :)
    Posted on 19-11-20, 01:11
    Custom title here

    Post: #778 of 1164
    Since: 10-30-18

    Last post: 63 days
    Last view: 8 hours
    Also, hiding functionality inside an FPGA is more difficult than pretty much any other active part, because the end user can configure it virtually any way they want. Any channel for spying or tampering would require hardcoded behaviors and pinouts that are in direct opposition to FPGA usage.

    --- In UTF-16, where available. ---
    Posted on 19-11-20, 13:30
    Dinosaur

    Post: #595 of 1315
    Since: 10-30-18

    Last post: 58 days
    Last view: 18 hours
    Butbutbut the [insert your favorite villain here] spy machine could be deeply baked in silicon!
    THEY COULD BE SNOOPING ON MY PORN, Y'KNOW!?!??!?!



    There is a problem that remains to be solved for a fully free/libre/whatever SW/HW stack: how do you fab electronics at home? FPGAs are a step in the right direction, except that you still depend on your vendor toolchain to get started (how is Xilinx/Altera & pals toolchain support for non-Windows platformws nowadays?). And making custom ASICs not only is for the faint of heart, it also requires some serious cash backing that only a megacorp or Big Gub'mint could provide (mind you, all three Big Axis of Evil do have their homebrew CPU architectures, but zero intentions of playing the libre HW game due to the same paranoid bullshittery that turns people into paranoid loons).

    I could care less about theoretical backdoors/tinfoil hats, and more about printing CPUs at home.

    Licensed Pirate® since 2006, 100% Buttcoin™-free, enemy of All Things JavaScript™
    Posted on 19-11-20, 14:06 (revision 1)
    Post: #113 of 205
    Since: 11-24-18

    Last post: 155 days
    Last view: 27 days
    Well, it is possible to build an FPGA at home, thankfully. All the pieces are there, and sure the prototype will be freakishly large, but you can use that FPGA to validate the input and output of the smaller one: http://blog.notdot.net/2012/10/Build-your-own-FPGA

    Sure, it requires like ten breadboards and lots of cables and spare time. But if you are that paranoid, man gotta do what man gotta do! As for bootstrapping the FPGA, start with machine code and keep going from there. :)

    Thankfully, since the industry is trending more and more towards Linux, support for that OS is more and more common, as well. See for instance, Lattice: https://wiki.debian.org/FPGA/Lattice

    And of course, it is possible to print a CPU today already, it will just take a lot of space: https://www.researchgate.net/publication/282544864_3D-printed_microelectronics_for_integrated_circuitry_and_passive_wireless_sensors
    Posted on 19-11-20, 21:16
    Stirrer of Shit
    Post: #686 of 717
    Since: 01-26-19

    Last post: 1763 days
    Last view: 1761 days
    Posted by CaptainJistuce
    Also, hiding functionality inside an FPGA is more difficult than pretty much any other active part, because the end user can configure it virtually any way they want. Any channel for spying or tampering would require hardcoded behaviors and pinouts that are in direct opposition to FPGA usage.

    I can't imagine it would be too hard. If any IO pin receives some arbitrary (very long) bit pattern, then start loading firmware at the same frequency it was received. A competent actor could probably come up with a very clever scheme. Or just TEMPEST and stego over RF.
    Posted by tomman
    mind you, all three Big Axis of Evil do have their homebrew CPU architectures, but zero intentions of playing the libre HW game due to the same paranoid bullshittery that turns people into paranoid loons

    Why'd they care? They have safe CPUs and custom distros, why bother appeasing Stallman? Russia did open source her military Linux distro, as I recall it.

    There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
    Posted on 19-11-22, 08:52
    Post: #114 of 205
    Since: 11-24-18

    Last post: 155 days
    Last view: 27 days
    Posted by sureanem

    I can't imagine it would be too hard [to introduce hardware backdoors].


    You still do not understand what an FPGA is and how it works.

    An FPGA consists of two things. Transistors and memory (actually, registers). All memory is writable. Every last ounce of it. If it isn't, this is immediately detected. If there is anything else than transistors and writable memory in there, the pathways will be wired differently and again, it will stick out like a sore thumb when inspecting at factory, and any outside factory tampering is pretty easy to spot.

    Sure, you can do it. But it would be immediately noticed, and defeating computer security is all about being stealthy - else the hole will be immediately patched. What you are arguing for now is that US prisons aren't safe because earthquakes could tear the prison wall up. Or a bulldozer or wrecking ball could tear down the walls. That does not mean the prison is insecure.
    Posted on 19-11-23, 13:18
    Stirrer of Shit
    Post: #688 of 717
    Since: 01-26-19

    Last post: 1763 days
    Last view: 1761 days
    Well, yes. But that assumes the whole of the factory isn't adversarial. That's the case for Intel, and that's the case for TSMC. Are you going to start up your own fab or what?

    If decaps are so easy, then how come ME hasn't been RE'd yet? How come not a single die scan of any high-end CPU has leaked? It'd be trivial: <underdog company> gives Russian hackers a big envelope of cash to scan the chip and leak it online. The top company gains nothing as they already had that info. All the others can now leapfrog their gains and add their proprietary discoveries on top with the information in the public domain.

    There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
    Posted on 19-11-23, 14:03
    I was frozen today!

    Post: #450 of 599
    Since: 10-29-18

    Last post: 195 days
    Last view: 4 hours
    It's adversaries all the way down with you innit? You've made your point, repeatedly. It didn't get any better. Now keep your hands off the keyboard, in your pockets, and enjoy the idea of a guy making his own free/opensource computer.

    Seriously, I will shut you up if you won't.
    Pages: 1
      Main » Discussion » Linux + FPGA + RISC-V = self-hosting libre hw/sw stack
      Yes, it's an ad.