Intel® Acceleration Stack for Intel® Xeon® CPU with FPGAs Version 1.2.1 Release Notes

Download PDF
ID 683480
Date 3/06/2020
Public

Intel® Acceleration Stack v1.2.1 Enhancements

Table 3.  New Feature List
Area Enhancement
Operating System Support
  • Ubuntu version 18.04, kernel 4.15
  • RHEL version 7.6, kernel 3.10
Security Enhancements
  • Root-of-Trust Implementation
  • Support for Intel® MAX® 10 BMC firmware, Intel® MAX® 10 FPGA images and FPGA static region user image signing
  • New OPAE tools:
    • FPGA one-time secure update (fpgaotsu): Upgrades from unsecured MAX10 to a secured MAX10
    • FPGA secure update (fpgasupdate): Remotely updates bitstreams securely. fpgasupdate replaces fpgaflash.
    • Super-RSU (super-rsu): Supports v1.2.1 package updates ( Intel® MAX® 10 BMC firmware and FPGA image).
    • PACSign: Enables signing of bitstreams. To use this tool, you must have the capability to generate a public/private key pair and your hardware security module (HSM) must support a Public-Key Cryptography Standards (PKCS)#11 compatible application programming interface (API) to the PACSign tool.
Sample AFUs Supported
The following unsigned AFU examples are provided with the Intel Acceleration Stack for Intel Xeon CPU with FPGAs:
  • dma_afu_unsigned.gbs
  • streaming_dma_afu_unsigned.gbs
  • eth_e2e_e10_unsigned.gbs
  • eth_e2e_e40_unsigned.gbs
  • hello_afu_unsigned.gbs
  • hello_intr_afu_unsigned.gbs
  • hello_mem_afu_unsigned.gbs
  • nlb_mode_0_unsigned.gbs
  • nlb_mode_0_stp_unsigned.gbs
  • nlb_mode_3_unsigned.gbs
Note: Each *_unsigned.gbs above is prepended with the necessary block0 and block1 headers but there are no hashes in these headers that have been signed with the root and code signing keys.
Level Two Title