Intel released patches for introducing the Intel FPGA Security Manager Class Drive. This open-source Intel Security Manager class driver provides a common API for user-space tools to manage updates for Secure FPGA devices.
Secure updates
Additionally, the patches provides the n3000bmc-secure mfd sub-driver for the MAX10 BMC in the n3000 Programmable Acceleration Cards (PAC). The n3000bmc-secure driver is implemented using the Intel Security Manager class driver.
The patches, which were sent out by Intel engineer Russ Weight, explain,
“The Intel Security Manager class driver provides a common API for user-space tools to manage updates for Secure FPGA devices. Device drivers that instantiate the Intel Security Manager class driver will interact with the HW secure update engine in order to transfer new FPGA and BMC images to FLASH so that they will be automatically loaded when the FPGA card reboots.”
The binary firmware images need to be loaded under /lib/firmware and user-space can request a secure update for the FPGA card. The status of the update can be queried via sysfs interfaces as well as for finding out about any errors.