IETF Logo Mail Archive

Re: [Suit] WG: WGLC on draft-ietf-suit-firmware-encryption-14 due on September 11, 2023

"Tschofenig, Hannes" <hannes.tschofenig@siemens.com> Fri, 15 September 2023 08:35 UTC

Return-Path: <hannes.tschofenig@siemens.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E89EC14CF1B for <suit@ietfa.amsl.com>; Fri, 15 Sep 2023 01:35:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 64bKFbmhOwy9 for <suit@ietfa.amsl.com>; Fri, 15 Sep 2023 01:35:30 -0700 (PDT)
Received: from EUR03-AM7-obe.outbound.protection.outlook.com (mail-am7eur03on2067.outbound.protection.outlook.com [40.107.105.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BD59C14CEFE for <suit@ietf.org>; Fri, 15 Sep 2023 01:35:29 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AY+VX+hxSpXKyZl2al+0muntZHsdQVySPj3KLAVsGomRVXi77RQEniBV/yoaBvPCTJhALgi9Kz7Wy4StdyDs7s197GBwXq8g+tueaKWTQrVWY7P7zqeGyf2gBwL/32kU8pQDrAZXDZlVn3uz7Abl4LaQ90JhlBbEed7JxvLDtXXMIqZADuwd23lwMo576ljWcQ05m+ZQgo38iarTZ/ojNNuTq9KsRXYI30cH8TFRxMr2CLLMIeyqQij+05EflRLL/l1O3E2VIhS7QiGypBtxnoV72eYlKbQuozBgs1FWkK67sAAefIphKV8lcZTvjRM2py+b1XpAujm+DJGY5+wosQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=owPM6uhsEnG32FsUgpefJ9txteK5xwLvqkIf2n4fDWc=; b=YZKwig1YEEZS57wzcFHV5EE5x4AW4lNot8PDWE8cR1il9ly5q8aaD4GNkiAh78WaFn4zurD4pAR8kQIlN3INxZY2OkTcV7lvymJr0xJY/uolcJaDycQjVyN3UV3FX667K7mUBrlCMj/F6BTS8ODvCyAikM3/q6V1anPZNU0OpjV5sNe3s8u7AEuIdzaWMFBDI6ahB90EDmkpmymYqX39/2A9eJmDg58Nqoclmuz7kmSN56Z2M/uBXfoholulT7zsqRLLAefqUD/KsC2U5v7su1Xp8UEN4iAmfLhU/U0aMgNHSufiN94D7WvlEeTuKDBVXirJgjbGk49hE+7q93Po6g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=owPM6uhsEnG32FsUgpefJ9txteK5xwLvqkIf2n4fDWc=; b=OxoYCQORUNDJ2kVWzRxk9pg15xhoMHXBzhOZh4ueiBmRQpyQ7uBzOHniG2fSF3GWenMIUAmac/8cu6+0LJBWV+zi1WaZut0WlLr1ojYyEmBNZrqd5Ja4trWFbfNnKX8+Hl8lv36cn5PdcVa89478isFzIBXRGOprWK/RvVi82F0cD7liAuFT1Uxqg8yyYL0D4yILeeSQNc4ZIC1P44xOLdcUR2znX1kDIQUl11BiOJTDm728oZeeBp+5H9Q/YrwnBb/Z7Y2kzc1rl2rxZ55yKLqPe7F1uooMJGYIneilb9t3gYfKynUnA9BQPGBUHTk6n91CmznOt47DBx6F+103rQ==
Received: from AS8PR10MB7427.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:5ab::22) by AS1PR10MB5531.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:476::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6768.30; Fri, 15 Sep 2023 08:35:27 +0000
Received: from AS8PR10MB7427.EURPRD10.PROD.OUTLOOK.COM ([fe80::ab86:5707:9f3c:87dd]) by AS8PR10MB7427.EURPRD10.PROD.OUTLOOK.COM ([fe80::ab86:5707:9f3c:87dd%4]) with mapi id 15.20.6792.021; Fri, 15 Sep 2023 08:35:27 +0000
From: "Tschofenig, Hannes" <hannes.tschofenig@siemens.com>
To: David Brown <david.brown@linaro.org>, Michael Richardson <mcr+ietf@sandelman.ca>
CC: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "suit@ietf.org" <suit@ietf.org>
Thread-Topic: [Suit] WG: WGLC on draft-ietf-suit-firmware-encryption-14 due on September 11, 2023
Thread-Index: AdnZ5hRK0EO6OP5hSBuCEB726Hf07QBYcS9gAjtOYgAAILougAALCbUAAJdG7QAAGf4tcA==
Date: Fri, 15 Sep 2023 08:35:27 +0000
Message-ID: <AS8PR10MB7427060AC05861DF0DAD3E05EEF6A@AS8PR10MB7427.EURPRD10.PROD.OUTLOOK.COM>
References: <MW4PR09MB988694F9A88981948F4290B4F0E0A@MW4PR09MB9886.namprd09.prod.outlook.com> <GV2PR10MB7438B53F9EA845B2B78BB17BEEE6A@GV2PR10MB7438.EURPRD10.PROD.OUTLOOK.COM> <23882.1694384458@localhost> <6ecb8ce2-95ff-4e49-497f-f21bfaf41306@gmx.net> <8856.1694459646@localhost> <ZQNeMg7HzGtjUce0@davidb.org>
In-Reply-To: <ZQNeMg7HzGtjUce0@davidb.org>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ActionId=e170e2c8-a4f5-4627-bf21-9df63cf36236; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_ContentBits=0; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Enabled=true; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Method=Standard; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_Name=restricted; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SetDate=2023-09-15T07:49:53Z; MSIP_Label_9d258917-277f-42cd-a3cd-14c4e9ee58bc_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: AS8PR10MB7427:EE_|AS1PR10MB5531:EE_
x-ms-office365-filtering-correlation-id: b0f0a27d-b732-4201-6efe-08dbb5c6b6ab
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: XtyhHX1wHjFCdqsFnegjKuzko5LalTlpXFiTvw79FfEjbxWy2tRHSLyT08I9WBOxtXGPIXRxZnxFDkDhtJb/6g9IHkhfjhGkB2UjjpbzRv1uYC7eYvHHHp0lYHn7mwUNlalL3goGCqQ/Z/0GL9SOC4LCpRhQPIE+nPwWz3pWr0ms+BA7N94TkJnWCqwPrknMr+N9JBBK1yEp4Rq4B7qyzldF14yBpMzRet1oSCiyEV0lwpOR7fPWaTqQA08yxx5ESClYvFo63rq9zb6Bm1zh5vXX66EAFKCFgMYpqxlT68l5UbbLjRCgTsi/Tf+rc39qTWxrRIqP+cnVq+Dc5Hi8qXoo395n11vdWaWEXAnWdK5sY1xlrbvbQkbbDUrrAYj5/G0EPb3NmrUShE700X51gwNRDHLUHT0uVQxBmgtMGNsTYZ5DAxC4mUOQ0ch+Mzjbz0CjJWUFMl2qznDdwtxlnBZzRIWOGtOAHaV+HrwnzGgIYAYhDLhGR27S6l8vMwNWJoSfWjK3kcHwD3hWxpNFdEEaH6on8idOXb1aZvTjSOYD2XyO4MPf4GGBL3GW7Nv6e6SeOIo0FLpTzxzuio4crZ2Aufg33nFeuK941DZD64hiP6T6vK9UcMD69M1gcFuv
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AS8PR10MB7427.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(136003)(346002)(39860400002)(396003)(376002)(366004)(1800799009)(186009)(451199024)(2906002)(6506007)(64756008)(8936002)(4326008)(8676002)(5660300002)(41300700001)(66446008)(52536014)(66556008)(66476007)(316002)(7696005)(110136005)(66946007)(9686003)(55236004)(71200400001)(76116006)(478600001)(54906003)(26005)(66574015)(38100700002)(55016003)(38070700005)(82960400001)(66899024)(122000001)(33656002)(86362001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: HnTw4DWvv6Ji6AXFTbOmWMcyhxYJkEEB5CRV6WNlkU9jdYk0nkqK25ZQFj9NEqbKFIFsJrN9xIMNLtakC/JrUZry938ZjMqxNn88mcODmOSqh/X0hAeWlRSo1xLutpE3u/KK3PxtdDHunlLuyk/oK7ti432IQUIQGH9p4HejUEZd+pQQhh5od64qp7KEznTn1U0y+hzi+KPesExph3DldjnRdc2kk7f409Dnm5jxfSdWLMLwXEWz8U76bHOvMbC/uvBk6+RP8bbxxiJqZCP98lkOdIUYGmNUGIqUUhQ9A490FjVXsf4L7LBtDOrRb/rhvcQcoWbI+YqAiswuxfNq5rTwv1Qff/WrS2/yaflyA4mjh+OP8pGAsHvSv1kY0TTmbU3eqfTU2xzuchk1Uu35ma2FhRWOWIy2KAlCX7EKHebi8U4QLdktljk5uSf6p3XS26aH6l4bHf8sl6aoEswHpcukbEyGnanSdDb6cuA/kbSTBaOTuKEbL5/2KUBuEc+u6VaWNTFzXkUQdj1NXMPqTFVFuwW1lbdUhUTDV6VeOHolHe2HfH3/Jt6PmDpXRlG3X5Qsi/aGZticgM3ozRiNZRD0H1RDuUjGOubkhYBgHkxjAbH8DlDEVuARRtk8x/eIfaEigzGMbVCY+J2cjPQ1AZBCq/dxGTV7G7Q8o7mhUnZG67taulfExISrwewzQFZtrzg0cw+/MX3GR0xgczw4BGfSb51X+hrAoCHyRay8sEvaqkY6Q5bSSJAnz7JnZk7GVHWh9jcqsZRICJNtmoURXO84FskM/qfJlTl1tTGAnj8weo0cFVpOhkj9/8+g0AND7kHd9i5xZlTNHxe4OkWoes+IEKJ4LLZ7Rovb7pQThhSSnhDeZTS8E+BcKm6zgx/fyN4yHDawQUVCubY9K3hwDHu+QJuyDF0TPr27h1vkl2sFZCE2HHXv+6U2rg5uaCSiI+EvO2fBw06Be/NQjBTvgYisirH3I+UJtQFSuu78Q9WiUm5Cp1SZkaOTkadiqzeIfvdKdA6nWOHocKLssXwyg4ZbDS1MS52vI7CngVHQI0mua6BcoGz9hFBUgV5GRzhn55ejC3OY1jB+9ODuXClpAhtVMND19/RsdHhTnrXXhocAofF6P3rRJcVVRqj/tTxdWsXEEeal9hm1+duzbRlXXBEdv1k2xa6miNM5cWOEBbK2LxOJDhz4Ft8+55muQpFzjcC6p3PY1oXKKaIOAfV/aaiCriwSf3hnuLoWllZo4n8H9ZUq0D42BFYjRvPTtTRZwazvM42slicAtWTzD0EzOWT+qdFRRIJb0ZQGf7yFdiXqTR5fG4YDeUxptON2d9yLupy1gf0eitwrZW4ovEebM92RpJGaQJ6W2s1F/DHsJCOpDRNq1DRqyX5yjyzni2qosG02munphQVYH1ct5gJAUAT/GFpNR8ieq+xxZ2Mjv3eZRN9oAMU88dkMqj0mLFMDtVy62G7lsHThhwavO5CEq9Os1jJySS4FYnmXd6HK6VrNNQNFMCvZ71YOUWQ3NiGFaeGdhBxlBsJwsBYgtnrLix20G19A1A3uSXhTi52FAixSXLwplUwCHeg078jmrCY3wSOBdvgc6S0rTBw6BnJvyQ==
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AS8PR10MB7427.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: b0f0a27d-b732-4201-6efe-08dbb5c6b6ab
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Sep 2023 08:35:27.5520 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 5Z6QqO4tGHLfnciM5Gm1u4Dx9B6SSzZ9ZjQem3qxgwX3rX9K29lm6zIpHJjkIzKZGyWJwBQjCfqx+86LqCGkybaWdMAnu24BDciSyUEcDyw=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS1PR10MB5531
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/HThetlax-eBdsCusQGNDlFSJvjk>
Subject: Re: [Suit] WG: WGLC on draft-ietf-suit-firmware-encryption-14 due on September 11, 2023
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Sep 2023 08:35:34 -0000

David,

I believe what you are saying is that regardless of PIC or not, we need to deal with image swap operations by the bootloader today.

I am wondering whether I should expand the text to make this more clear.

Ciao
Hannes

-----Ursprüngliche Nachricht-----
Von: Suit <suit-bounces@ietf.org> Im Auftrag von David Brown
Gesendet: Donnerstag, 14. September 2023 21:26
An: Michael Richardson <mcr+ietf@sandelman.ca>
Cc: Hannes Tschofenig <hannes.tschofenig@gmx.net>; suit@ietf.org
Betreff: Re: [Suit] WG: WGLC on draft-ietf-suit-firmware-encryption-14 due on September 11, 2023

On Mon, Sep 11, 2023 at 03:14:06PM -0400, Michael Richardson wrote:

> 6. Per-device-type ES. Singly Encrypted firmware.
> 
>     >> Ditto comment about PIC becoming more and more common, and anyway, compile to
>     >> two different slots.
> 
>     > Where is PIC becoming more popular? Which RTOS supports PIC?
> 
> My impression is that it is often default for RIOS-OS, and/or RISC-V.
> My impression is that the problem has usually been compiler support.

At least on Arm Cortex-M, PIC is pretty much the only way that the compiler will generate code. However, this is very distant from a particular application itself being position independent. That works for the code, but all pointers and such need to be made PIC as well, which usually involves code specifically to handle offset. For example, in Zephyr, we'd have to handle the vector tables, all function pointers, etc.

David

v2.23.0 | Report a Bug | By Email