Re: [Suit] [suit]: draft-moran-suit-manifest-02

David Brown <david.brown@linaro.org> Fri, 13 July 2018 16:18 UTC

Return-Path: <david.brown@linaro.org>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 99305130E52 for <suit@ietfa.amsl.com>; Fri, 13 Jul 2018 09:18:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=linaro.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J9O7MQG3iKWt for <suit@ietfa.amsl.com>; Fri, 13 Jul 2018 09:18:52 -0700 (PDT)
Received: from mail-io0-x22a.google.com (mail-io0-x22a.google.com [IPv6:2607:f8b0:4001:c06::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04EF9130E59 for <suit@ietf.org>; Fri, 13 Jul 2018 09:18:52 -0700 (PDT)
Received: by mail-io0-x22a.google.com with SMTP id e13-v6so31785113iof.6 for <suit@ietf.org>; Fri, 13 Jul 2018 09:18:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=IEH9/dR5E/dX5cUjprnhwCvUDowKwL+d2jVcIB/ppTQ=; b=HbeMrCckhij/hR9x7S8I9p0LovnX55iXTMgmGWfkbVgX9EBazE+MmxYWH9yk6CtIpe Ye9iNY+4G36zS5HUPMX1pU+t+nzVCsgrTYKmnx5rE7jyie6cTAmNFXwDSZiQN9+iEWxy QHyENnQG0AAlD4wgUQkuWnPsu6UyZ+dZLbayU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=IEH9/dR5E/dX5cUjprnhwCvUDowKwL+d2jVcIB/ppTQ=; b=OJW3LD2p6fw6lSw2+epQ8vDP6snVfPi3ep0PI6u8kedDURzJosGT7pRWXHRd6XH4Fb 1QS6w5NNtbaT287s2ohOXLbGaND4SgiGhjSiIBi1/V6mAsJfkRm7bQbgQFjzJ5nQ9zHA 0X2IlZ3d6IZZgXU6DtszGApDEXh3S5wCRPDzKf4OEzZKiprK7FTTXOwPU//8HDAgjxJe opIWY0ZiqNo5O5oDAGxRWa0vxEC7bN4Tzvw7wAzKPFYWTD1uq6HAQYGXpi4fj5F+lnie tg6eAWgUhc3CXKqJEEXIl2c5cxm9Q0JjIRI5q8luNdUGBpP+d6BsE5EXcBcsgQopBhvu Jb9g==
X-Gm-Message-State: AOUpUlGd57QIgFSDMm8OxaCnRdymwTQyPP5m3OiOBgWeZelSRB8s6tzF CUkDApGRkrLJCKscrJerkJ1hSw==
X-Google-Smtp-Source: AAOMgpfgXIslAszTYVNx1ZRxqwhdGgKzYl64Ed9gC5rxYFFkVQvcNwiUfkOwLsbpBylqoghZm4vJgA==
X-Received: by 2002:a6b:a313:: with SMTP id m19-v6mr31582283ioe.98.1531498731072; Fri, 13 Jul 2018 09:18:51 -0700 (PDT)
Received: from davidb.org ([2601:283:4300:987c:6245:cbff:fe6d:5400]) by smtp.gmail.com with ESMTPSA id k200-v6sm3692402ite.39.2018.07.13.09.18.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 13 Jul 2018 09:18:50 -0700 (PDT)
Date: Fri, 13 Jul 2018 10:18:48 -0600
From: David Brown <david.brown@linaro.org>
To: Brendan Moran <Brendan.Moran@arm.com>
Cc: suit <suit@ietf.org>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>
Message-ID: <20180713161848.GB27373@davidb.org>
References: <FDAB87B5-A7CB-4BBC-B7CF-763355B099D8@arm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <FDAB87B5-A7CB-4BBC-B7CF-763355B099D8@arm.com>
User-Agent: Mutt/1.9.4 (2018-02-28)
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/QCapvPfT7rEwuBHVTmSxhPzJsSA>
Subject: Re: [Suit] [suit]: draft-moran-suit-manifest-02
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Jul 2018 16:18:55 -0000

On Tue, Jul 03, 2018 at 09:08:02PM +0000, Brendan Moran wrote:

>This draft is a significant departure from previous drafts, so I think it is
>important to highlight the changes. The draft requires a lot of text that
>hasn’t been written yet, so I will try to put some of that here for discussion.
>
>[1]https://datatracker.ietf.org/doc/draft-moran-suit-manifest/

Yesterday, I spent some time going through this draft to try and
create an example manifest based on how MCUboot currently behaves.  I
found many things that I wasn't clear on the meaning of, and wasn't
quite certain how to structure the manifest for my, what I believe, is
a fairly simple case.

In addition, I feel there is an assumption in the manifest that the
processing will be done in two parts:

   1. Parse the CBOR into some kind of in-memory data structure.
   2. Traverse this structure in various ways, making decisions and
      performing processing.

This is a lot to ask of code on a resource-constrained device, where
we likely are going to only have tens of kB of code space available.
I would like to consider making the manifest in such a manner that it
is possible to construct at least a simple version that can be
processed linearly (in CBOR order).

## What MCUboot does

Targets using MCUboot currently use a manifest format that is combined
directly with the image.  It is formatted something like:

         -----------------------
         | Header
         |   ...
         |   Image length
         |   ...
         -----------------------
         | Padding
         -----------------------
         | Execute in place
         |   firmware image
         | ...
         -----------------------
         | Manifest header
         -----------------------
         | TLV encoded manifest
         +----------------------

The flash memory is divided as follows:

         +-------------------------
         | Bootloader
         +-------------------------
         | Slot 0
         |    XIP Application Code
         +-------------------------
         | Slot 1
         |    Update image
         +-------------------------
         | Scratch
         +-------------------------

The two actors involve that are running on the MCU are: 1. The update
application, and 2. MCUboot itself.

The update application is code combined with the normal application
running on the target.  It is responsible for downloading this image,
possibly verifying it, and writing it into flash in Slot 1.  This code
is part of the image running in slot 0.  Once this is written, it
reboots.

MCUboot, upon boot, checks slot 1 for a manifest, and if there is a
valid update present, performs either a "swap", exchanging the data in
slot 0 and slot 1 (using scratch to be robust against power loss), or
overwrites slot 1 onto slot 0 (depends on how it is configured).  It
then verifies the image in slot 0, and if valid transfers control into
the XIP image in slot 0.

The TLV manifest is currently quite simple, an essentialy consists of
a series of steps that MCUboot walks through.  These steps can consist
of:

    - Compute a hash of the image and compare with XXXXX
    - Verify a signature of the hash using a built-in public key.

There can be multiple signatures, generally to support either multiple
algorithms, or to support multiple signers.  When it completes the
processing, it checks that it did indeed verify a hash, and at least
one signature, at which point it will boot.

## Encoding this in a SUIT manifest.

My initial assumption was that we could place the SUIT manifest in the
above images where the current Manifest header and TLV manifest live.
It would not be difficult to distinguish between a COSE_Sign block and
the existing header, although it is unlikely that the code could be
compiled to include processing for both formats.

I envision the processing something along the lines of:

   1.  MCUboot decodes the COSE_Sign data.  Although COSE seems to
   also assume that it will be decoded into RAM and processed there,
   it isn't too difficult to simply record decoded offsets, and
   construct the Sig_structure virtually, invoking the hash algorithm
   incrementally.  My initial guess is that the code to process this
   would take perhaps 2-3 times as much code to process as the current
   TLV processing.  The result will be a pointer and length to the
   payload, which is the SUIT manifest.

   2.  MCUboot then decodes the SUIT manifest.  The goal is for it to
   determine: 1. Does this manifest describe the attached image, 2. Is
   the manifest applicable, and 3.  Should it do an image swap (for
   example if the newer image is in slot 1).

In light of this, I tried to come up with a sample manifest, but it
wasn't clear to me where and what things should be conveyed in it.
Keep in mind that ideally, the manifest could be processed in a single
pass, possibly with a small amount of RAM used to point back to key
information gained.  I came up with the following:

   - The preconditions would be one or more IdConditions to associated
     the image with a particular device.  This adds functionality to
     what MCUboot currently does.

   - Possibly a 'dependency' resource (functionality needed for future
     multiple image work).

   - A payload resource that describes the payload this manifest is
     attached to.

Perhaps this is sufficient for this use case.  Given that I don't
understand what the 'inode' and 'onode' fields represent, I'm not sure
how processors and targets would be configured to describe this.
Maybe they are intended for a more complex use case.  I will send
another email about my confusion in this regard.

Given the above, in the manifest, the 'digestInfo', 'textReference',
'nonce', and 'sequence' would have meaningful values.  There would
probably be some 'preConditions', and 'resources', but the rest of the
arrays would be blank.  Does my interpretation seem reasonable? Or
would it also be expected that the processing and/or directives be
involved in this case.

For our use case, the two actors perform different steps, and it may
not even be meaningful to encode that information in the manifest.  If
we do want to encode the steps to perform, something would need to be
added to indicate which actor is supposed to perform which steps.

David