IETF Logo Mail Archive

Re: [Suit] self-describing format vs fixed/binary manifest structure - pull parser

David Brown <david.brown@linaro.org> Thu, 03 January 2019 16:44 UTC

Return-Path: <david.brown@linaro.org>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E24A0131184 for <suit@ietfa.amsl.com>; Thu, 3 Jan 2019 08:44:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=linaro.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1w1O8-P-VH_q for <suit@ietfa.amsl.com>; Thu, 3 Jan 2019 08:44:19 -0800 (PST)
Received: from mail-qt1-x832.google.com (mail-qt1-x832.google.com [IPv6:2607:f8b0:4864:20::832]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 175AA131169 for <suit@ietf.org>; Thu, 3 Jan 2019 08:44:18 -0800 (PST)
Received: by mail-qt1-x832.google.com with SMTP id l11so37557197qtp.0 for <suit@ietf.org>; Thu, 03 Jan 2019 08:44:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=Tjv9ljZnCt95jOa7p7MlDIV4f3mjDwWQC+WzMyxPopU=; b=CSaD54BNzVcaEedCyY1xmQyHGOAy5RiGJ+WGdAK9ah754mlFL1/I+uFIa/2RGYhTv5 SNeUApy1SG8hcFsI/pKC9yIz+p5+tXuwRketYh3rNhGgG79f7GYblaFx8NvAMZnSlQic LLOQyV1/bz0j4JFcK6I95EnmOp0uXpxy/casU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=Tjv9ljZnCt95jOa7p7MlDIV4f3mjDwWQC+WzMyxPopU=; b=Gze0Hm+yJ1zzunRMDZG0/p0kNo1KtMluNbO1oOcZPGBI9O1I6U5zzoqf98S3i88NY9 7eGevYpHdXbBMLOSlBzpNaULFkANoS0ii9pPo5W9h6tBVrpBbZ/p1IIcEkqht+BBasih HfMbV/L//OO7v1Tae1CG6EcY9Pmh7A8LigEJ/zPHoumPCNmP9LiOjrqJjlaj+EATDJT+ UNxHwBGksgk/za0O7y0e22HqmvuAkJIjtFuFVA+E0759CIA7ybRSnqDf6GH9jy/W3oP6 SiqaQhozIpbKsu3mmbncMFKiljrveatEcrmLlmC4IWH16tEv6ITvcNCKaVQBK3ZP3fzP 2FMA==
X-Gm-Message-State: AJcUukfkxSVTCALjUsWqtKK1DT2Q36Lq+AHEveNrzHy3uDAkvTWF4XPl loYY3xakzVy+AIpiQglmRWyiZF1sZ6jDXA==
X-Google-Smtp-Source: ALg8bN7LApl7bD46xKfxKv6h5MoQuz6zb0fjyljqAKjOnEwgKw0rPOTdTIi8Uh4QBqIo9f29WL1GzQ==
X-Received: by 2002:a0c:88a8:: with SMTP id 37mr46243216qvn.63.1546533857614; Thu, 03 Jan 2019 08:44:17 -0800 (PST)
Received: from davidb.org (cn-co-b07400e8c3-142422-1.tingfiber.com. [64.98.48.55]) by smtp.gmail.com with ESMTPSA id z20sm22086418qkb.41.2019.01.03.08.44.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Jan 2019 08:44:16 -0800 (PST)
Date: Thu, 03 Jan 2019 09:44:08 -0700
From: David Brown <david.brown@linaro.org>
To: Martin Pagel <Martin.Pagel@microsoft.com>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, "suit@ietf.org" <suit@ietf.org>, "dev-mcuboot@lists.runtime.co" <dev-mcuboot@lists.runtime.co>
Message-ID: <20190103164408.GA956@davidb.org>
References: <DM5PR21MB06984CC3CF3075F362FB410A9DBF0@DM5PR21MB0698.namprd21.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Disposition: inline
In-Reply-To: <DM5PR21MB06984CC3CF3075F362FB410A9DBF0@DM5PR21MB0698.namprd21.prod.outlook.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/-cKvEJSnZkI3mR3QMvLCyLXLYmI>
Subject: Re: [Suit] self-describing format vs fixed/binary manifest structure - pull parser
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jan 2019 16:44:28 -0000

On Thu, Dec 20, 2018 at 02:05:14AM +0000, Martin Pagel wrote:

>Yes, I am familiar with pull parsers, thanks to Brendan's example,
>but I'm not sure what the advantage of CBOR encoding provides if you
>build a custom parser for a particular fixed CBOR encoding/schema.
>Seems more complicated (and therefore error-prone) to me than using a
>packed binary structure which apparently MCUboot uses. If I
>understand correctly, you believe that such encoding wouldn't be
>appropriate as a manifest. I proposed to use such binary encoding in
>https://tools.ietf.org/html/draft-pagel-suit-manifest-00.

MCUboot does not use a packed binary structure.  It uses its own
custom TLV encoding which is basically a very limited subset of what
can be described in CBOR.  Effectively, the data is a single map.  The
parser for this TLV format vs a decoder that could decode an actual
CBOR map are fairly insignificant.

>I agree that there will be powerful and flexible MCUs which have
>capabilities where a CBOR  based flexibility would provide benefits,
>but for simple constrained devices, I think there is a benefit to use
>the same simple lean packed encoding for both the boot and update
>process, or am I missing some important aspect? If so, can you
>provide an example?

In reality, MCUboot will likely continue to support its custom TLV
format for quite some time, since the parsing code will still be
smaller than a hand-written CBOR decoder.

I see little advantage to an overly-specialized packed encoding
format, especially if there is variation, especially when it comes to
processing by external tools.  I think most of the requirements for
restricted code size can be handled by merely restricting what
constitutes a valid manifest.

Even with the most memory constrained devices in MCUboot, it has been
useful to be able to extend the format of its manifest (by adding new
tags) without having to disrupt a fixed structure.

David

v2.23.0 | Report a Bug | By Email