PCILeech Firmware Generator
Generate authentic PCIe DMA firmware from real donor hardware with a single command. This tool extracts donor configurations from a local device and generates unique PCILeech FPGA bitstreams (and optionally flashes a DMA card over USB-JTAG).
Warning: This tool requires real hardware. The templates are built using the device identifiers directly from a donor card and placeholder values are explicitly avoided. Using your own donor device ensures your firmware will be unique.
β¨ Key Features
- Donor Hardware Analysis: Extract real PCIe device configurations and register maps from live hardware via VFIO
- Full 4KB Config-Space Shadow: Complete configuration space emulation with BRAM-based overlay memory
- MSI-X Table Replication: Exact replication of MSI-X tables from donor devices with interrupt delivery logic
- Deterministic Variance Seeding: Consistent hardware variance based on device serial number for unique firmware
- Advanced SystemVerilog Generation: Comprehensive PCIe device controller with modular template architecture
- Active Device Interrupts: MSI-X interrupt controller with timer-based and event-driven interrupt generation
- Memory Overlay Mapping: BAR dispatcher with configurable memory regions and custom PIO windows
- Interactive TUI: Modern Textual-based interface with real-time device monitoring and guided workflows
- Containerized Build Pipeline: Podman-based synthesis environment with automated VFIO setup
- Automated Testing and Validation: Comprehensive test suite with SystemVerilog assertions and Python unit tests
- USB-JTAG Flashing: Direct firmware deployment to DMA boards via integrated flash utilities
| π Complete Documentation | ποΈ Device Cloning Guide | π§ Development Setup |
π Quick Start
Installation
# Install with TUI support (recommended)
pip install pcileechfwgenerator[tui]
# Load required kernel modules
sudo modprobe vfio vfio-pci
Requirements
- Python β₯ 3.9
- Donor PCIe card (any inexpensive NIC, sound, or capture card)
- Linux OS (You need this)
Optional Requirements
- Podman (not Docker - required for proper PCIe device mounting) You use podman or run the python locally. *You must use linux for either option
- DMA board (pcileech_75t484_x1, pcileech_35t325_x4, or pcileech_100t484_x1) You donβt need to flash your firmware with this tooling but you can.
- Vivado Studio (2022.2+ for synthesis and bitstream generation) You can use a locally generated Vivado project or insert the files into an existing one.
Basic Usage
# Interactive TUI (recommended for first-time users)
sudo python3 pcileech.py tui
# CLI interface for scripted builds
sudo python3 pcileech.py build --bdf 0000:03:00.0 --board pcileech_35t325_x1
# Check VFIO configuration
sudo python3 pcileech.py check --device 0000:03:00.0
# Flash firmware to device
sudo python3 pcileech.py flash output/firmware.bin
Note: The legacy entrypoint has been removed, please see the steps above and update your scripts accordingly
Development from Repository
git clone https://github.com/ramseymcgrath/PCILeechFWGenerator.git
cd PCILeechFWGenerator
python3 -m venv .venv && source .venv/bin/activate
pip install -r requirements.txt
sudo -E python3 pcileech.py tui
π§ Troubleshooting
VFIO Setup Issues
Warning: Avoid using on-board devices (audio, graphics cards) for donor info. The VFIO process can lock the bus during extraction and cause system reboots.
The most common issues involve VFIO (Virtual Function I/O) configuration. Use the built-in diagnostic tool:
# Check VFIO setup and device compatibility
sudo python3 pcileech.py check
# Check a specific device
sudo python3 pcileech.py check --device 0000:03:00.0
# Interactive mode with guided fixes
sudo python3 pcileech.py check --interactive
# Attempt automatic fixes
sudo python3 pcileech.py check --fix
Common VFIO Problems
1. IOMMU not enabled in BIOS/UEFI
# Enable VT-d (Intel) or AMD-Vi (AMD) in BIOS settings
# Then add to /etc/default/grub GRUB_CMDLINE_LINUX:
# For Intel: intel_iommu=on
# For AMD: amd_iommu=on
sudo update-grub && sudo reboot
2. VFIO modules not loaded
sudo modprobe vfio vfio_pci vfio_iommu_type1
3. Device not in IOMMU group
# Check IOMMU groups
find /sys/kernel/iommu_groups/ -name '*' -type l | grep YOUR_DEVICE_BDF
4. Permission issues
# Add user to required groups
sudo usermod -a -G vfio $USER
sudo usermod -a -G dialout $USER # For USB-JTAG access
Installation Issues
# If pip installation fails
pip install --upgrade pip setuptools wheel
pip install pcileechfwgenerator[tui]
# For TUI dependencies
pip install textual rich psutil watchdog
# Container issues
podman --version
podman info | grep rootless
Note: If you run into issues with your vivado project file formatting, first clear out all your cached files and rerun. Otherwise try pulling a copy of the pcileech repo directly and then inserting the generator output in.
π Documentation
For detailed information, browse the sections below or visit our complete documentation:
- Device Cloning Process - Complete guide to the cloning workflow
- Firmware Uniqueness - How authenticity is achieved
- Manual Donor Dump - Step-by-step manual extraction
- Development Setup - Contributing and development guide
- TUI Documentation - Interactive interface guide
- Config space info - Config space shadow info
π§Ή Cleanup & Safety
- Rebind donors: Use TUI/CLI to rebind donor devices to original drivers
- Keep firmware private: Generated firmware contains real device identifiers
- Use isolated build environments: Never build on production systems
- Container cleanup:
podman rmi pcileechfwgenerator:latest
Important: This tool is intended for educational research and legitimate PCIe development purposes only. Users are responsible for ensuring compliance with all applicable laws and regulations. The authors assume no liability for misuse of this software.
π Acknowledgments
- PCILeech Community: For feedback and contributions
- @Simonrak for the writemask implementation
π License
This project is licensed under the Apache License - see the LICENSE file for details.
β οΈ Legal Notice
AGAIN This tool is intended for educational research and legitimate PCIe development purposes only. Users are responsible for ensuring compliance with all applicable laws and regulations. The authors assume no liability for misuse of this software.
Security Considerations:
- Never build firmware on systems used for production or sensitive operations
- Use isolated build environments (Seperate dedicated hardware)
- Keep generated firmware private and secure
- Follow responsible disclosure practices for any security research
- Use the SECURITY.md template to raise security concerns
ποΈ Site Navigation
- π Site Map - Complete index of all documentation pages
- π Search - Search all documentation content
- π API Documentation - Auto-generated Python API reference