Not quite. That's a board that contains both an FPGA and an ARM, what I meant was a board that just uses the FPGA for everything and an i386 or better core without any auxiliary processors. 100% clean hardware.

But thank you for the link, fascinating project.

Not really sure what you mean by "no auxiliary processors". Even the on the original IBM PC the CPU was not directly in charge of all the devices. That's generally undesirable because it means any IO ties up the CPU. I think that's what they're using the ARM core for, though I've only just heard of this board minutes ago.

That's a bit different. The whole idea I have revolves around a clean computer without any kind of 3rd party hidden tricks. Of course, the original PC already had several auxiliary processors in places that are important, such as drives, keyboard etc. But let's take those for granted. Adding a soft-core FPGA based i486 to a much more powerful ARM system opens up a massive can of worms: that ARM could do just about anything to the poor 486 without it ever being the wiser.

Anyway, this project may be useful (I've been digging around in it some more since making the previous comment) because the FPGA itself is fairly common and the i486 bits and pieces could probably be recycled in something much simpler.

You've probably seen this already, but just in case... You might be interested in Bunny Huang's work on Betrusted and Precursor. He's building a soft-core FPGA based on RiscV instead of i486, but it's a fascinating project:

https://betrusted.io/ - which includes an open source RiscV design that runs on an fpga

https://www.crowdsupply.com/sutajio-kosagi/precursor - an FPGA-based open hardware implementation you can buy and experiment with

Yes, I've seen it, in fact that's my major inspiration. I already have some software that I can run on an i486 so RiscV would come with substantial extra development cost.

>that ARM could do just about anything to the poor 486 without it ever being the wiser.

Any device with DMA has that same issue, though. You could plug in a hard drive that takes control of the CPU by writing new instructions when certain conditions are met. Even if it doesn't have DMA, it could fulfill a request with crafted data. You can't defend against an adversary in your own machine.

> You can't defend against an adversary in your own machine.

Not if you import large chunks of unknown hardware. But if you built the whole thing from scratch you could. And FPGA's with adversarial blocks in them (or a toolchain that would corrupt your own bitstream) are probably possible but I don't see these as realistic attacks against a one-off.

You can limit them with IOMMUs. It's reduced to the power of a hostile process.

Well, that's still bad if you're booted off it.

On i486?

An i486 certainly doesn't have an integrated iommu, and none of the chipsets for 486s had them either (afaik), but that doesn't mean you can't add one if you're building up your system from scratch.

Or you could forego DMA completely if you wanted. Almost all DMA capable devices have some kind of non-DMA route to access the data. It may be slower and it would of course still enable an adversary with access to your hardware to replace the device you boot from with one that has compromised data on it. But at that level it is usually game over anyway. I was thinking of just using an SD card, and if you're really paranoid about this (which I am!) you could glue it into the slot or make it physically impossible to replace it without damage to the case.

What's the goal here, out of curiosity?

Good question :)

Roughly what Bunny was after, not in laptop format, and running my own, recently revived OS.

Effectively a machine of which I know each and every byte.