0 users browsing Discussion. | 2 guests | 1 bot  
Main » Discussion » Linux + FPGA + RISC-V = self-hosting libre hw/sw stack
Pages: 1
Posted on 19-11-19, 11:50
Post: #109 of 130
Since: 11-24-18

Last post: 21 days
Last view: 7 days
This is freakingly freaking awesome!

https://www.contrib.andrew.cmu.edu/~somlo/BTCP/

"My goal is to build a Free/OpenSource computer from the ground up, so I may completely trust that the entire hardware+software system's behavior is 100% attributable to its fully available HDL (Hardware Description Language) and Software sources.
More importantly, I need all the compilers and associated toolchains involved in building the overall system (from HDL and Software sources) to be Free/OpenSource, and to be themselves buildable and runnable on the computer system being described. In other words, I need a self-hosting Free/OpenSource hardware+software stack!"
Posted on 19-11-19, 12:10
Stirrer of Shit
Post: #677 of 717
Since: 01-26-19

Last post: 74 days
Last view: 72 days
That's interesting, but how does he know the FPGA doesn't have any backdoors?

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-11-19, 12:21
Post: #110 of 130
Since: 11-24-18

Last post: 21 days
Last view: 7 days
Posted by sureanem
That's interesting, but how does he know the FPGA doesn't have any backdoors?


...

You really have no clue how an FPGA works, right? It's pretty much impossible to put a back door into the FPGA itself, since it does not have any persistent silicon or memory. It does not even have an I/O die.

Granted, you could do the good old compiler payload trick, but the FPGA in and of itself... Nope.
Posted on 19-11-19, 12:34
Stirrer of Shit
Post: #680 of 717
Since: 01-26-19

Last post: 74 days
Last view: 72 days
How do you know that though? It's an integrated circuit, it's not possible to audit it. They could burn literally anything they please into it and you've have no way of telling, short of decapping it.


There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-11-19, 13:03
Post: #111 of 130
Since: 11-24-18

Last post: 21 days
Last view: 7 days
Posted by sureanem
How do you know that though? It's an integrated circuit, it's not possible to audit it. They could burn literally anything they please into it and you've have no way of telling, short of decapping it.


FTFA: "The FPGA is a regular grid of identical components, so (destructive) visual inspection (i.e., chemical ablation and TEM imaging) is more feasible than with a dedicated ASIC that has much less visual regularity and repeatability."

You can never be 100% safe. But you can be reasonably safe FPGAs are tamper-proof.
Posted on 19-11-19, 13:14
Stirrer of Shit
Post: #681 of 717
Since: 01-26-19

Last post: 74 days
Last view: 72 days
Yes, but it's hardly cheap to do so, and you could very well be prevented under legal limitations.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-11-19, 16:30
Post: #112 of 130
Since: 11-24-18

Last post: 21 days
Last view: 7 days
Posted by sureanem
Yes, but it's hardly cheap to do so, and you could very well be prevented under legal limitations.


Decaps are actually fairly cheap... For corporations and countries, both whom are interested in getting this kind of verifiability. For you and me, not so much. :)
Posted on 19-11-20, 01:11
Custom title here

Post: #778 of 866
Since: 10-30-18

Last post: 2 days
Last view: 14 hours
Also, hiding functionality inside an FPGA is more difficult than pretty much any other active part, because the end user can configure it virtually any way they want. Any channel for spying or tampering would require hardcoded behaviors and pinouts that are in direct opposition to FPGA usage.

--- In UTF-16, where available. ---
Posted on 19-11-20, 13:30
Not from my cellphone

Post: #595 of 664
Since: 10-30-18

Last post: 4 days
Last view: 3 hours
Butbutbut the [insert your favorite villain here] spy machine could be deeply baked in silicon!
THEY COULD BE SNOOPING ON MY PORN, Y'KNOW!?!??!?!



There is a problem that remains to be solved for a fully free/libre/whatever SW/HW stack: how do you fab electronics at home? FPGAs are a step in the right direction, except that you still depend on your vendor toolchain to get started (how is Xilinx/Altera & pals toolchain support for non-Windows platformws nowadays?). And making custom ASICs not only is for the faint of heart, it also requires some serious cash backing that only a megacorp or Big Gub'mint could provide (mind you, all three Big Axis of Evil do have their homebrew CPU architectures, but zero intentions of playing the libre HW game due to the same paranoid bullshittery that turns people into paranoid loons).

I could care less about theoretical backdoors/tinfoil hats, and more about printing CPUs at home.

Licensed Pirate® since 2006, 100% Buttcoin™-free
Posted on 19-11-20, 14:06 (revision 1)
Post: #113 of 130
Since: 11-24-18

Last post: 21 days
Last view: 7 days
Well, it is possible to build an FPGA at home, thankfully. All the pieces are there, and sure the prototype will be freakishly large, but you can use that FPGA to validate the input and output of the smaller one: http://blog.notdot.net/2012/10/Build-your-own-FPGA

Sure, it requires like ten breadboards and lots of cables and spare time. But if you are that paranoid, man gotta do what man gotta do! As for bootstrapping the FPGA, start with machine code and keep going from there. :)

Thankfully, since the industry is trending more and more towards Linux, support for that OS is more and more common, as well. See for instance, Lattice: https://wiki.debian.org/FPGA/Lattice

And of course, it is possible to print a CPU today already, it will just take a lot of space: https://www.researchgate.net/publication/282544864_3D-printed_microelectronics_for_integrated_circuitry_and_passive_wireless_sensors
Posted on 19-11-20, 21:16
Stirrer of Shit
Post: #686 of 717
Since: 01-26-19

Last post: 74 days
Last view: 72 days
Posted by CaptainJistuce
Also, hiding functionality inside an FPGA is more difficult than pretty much any other active part, because the end user can configure it virtually any way they want. Any channel for spying or tampering would require hardcoded behaviors and pinouts that are in direct opposition to FPGA usage.

I can't imagine it would be too hard. If any IO pin receives some arbitrary (very long) bit pattern, then start loading firmware at the same frequency it was received. A competent actor could probably come up with a very clever scheme. Or just TEMPEST and stego over RF.
Posted by tomman
mind you, all three Big Axis of Evil do have their homebrew CPU architectures, but zero intentions of playing the libre HW game due to the same paranoid bullshittery that turns people into paranoid loons

Why'd they care? They have safe CPUs and custom distros, why bother appeasing Stallman? Russia did open source her military Linux distro, as I recall it.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-11-22, 08:52
Post: #114 of 130
Since: 11-24-18

Last post: 21 days
Last view: 7 days
Posted by sureanem

I can't imagine it would be too hard [to introduce hardware backdoors].


You still do not understand what an FPGA is and how it works.

An FPGA consists of two things. Transistors and memory (actually, registers). All memory is writable. Every last ounce of it. If it isn't, this is immediately detected. If there is anything else than transistors and writable memory in there, the pathways will be wired differently and again, it will stick out like a sore thumb when inspecting at factory, and any outside factory tampering is pretty easy to spot.

Sure, you can do it. But it would be immediately noticed, and defeating computer security is all about being stealthy - else the hole will be immediately patched. What you are arguing for now is that US prisons aren't safe because earthquakes could tear the prison wall up. Or a bulldozer or wrecking ball could tear down the walls. That does not mean the prison is insecure.
Posted on 19-11-23, 13:18
Stirrer of Shit
Post: #688 of 717
Since: 01-26-19

Last post: 74 days
Last view: 72 days
Well, yes. But that assumes the whole of the factory isn't adversarial. That's the case for Intel, and that's the case for TSMC. Are you going to start up your own fab or what?

If decaps are so easy, then how come ME hasn't been RE'd yet? How come not a single die scan of any high-end CPU has leaked? It'd be trivial: <underdog company> gives Russian hackers a big envelope of cash to scan the chip and leak it online. The top company gains nothing as they already had that info. All the others can now leapfrog their gains and add their proprietary discoveries on top with the information in the public domain.

There was a certain photograph about which you had a hallucination. You believed that you had actually held it in your hands. It was a photograph something like this.
Posted on 19-11-23, 14:03
Why couldn't you put the bunny back in the box?

Post: #450 of 480
Since: 10-29-18

Last post: 1 day
Last view: 2 hours
It's adversaries all the way down with you innit? You've made your point, repeatedly. It didn't get any better. Now keep your hands off the keyboard, in your pockets, and enjoy the idea of a guy making his own free/opensource computer.

Seriously, I will shut you up if you won't.
Pages: 1
Main » Discussion » Linux + FPGA + RISC-V = self-hosting libre hw/sw stack
you need to wake up michael