From: Ulf Samuelsson <binutils@emagii.com>
To: Paul Koning <paulkoning@comcast.net>
Cc: Nick Clifton <nickc@redhat.com>, binutils@sourceware.org
Subject: Re: RFC: generating a header using the linker (CRC calculation)
Date: Wed, 15 Feb 2023 23:08:15 +0100 [thread overview]
Message-ID: <3D8C014D-966D-4129-82AC-AA04593A1F6B@emagii.com> (raw)
In-Reply-To: <8511B960-E529-47FB-9B17-55F666B58EE7@comcast.net>
The AUTOSARS says CRC-64 ECMA.
It is also popular in Linux.
I have not seen anyone using SHA algorithms or MD5 in any embedded project I have worked with to verify the flash contents.
My proposed implementation would make it easy to use the ISO or ECMA variants, but also allow a user defined polynom.
Best Regards
Ulf Samuelsson
>
> 15 feb. 2023 kl. 22:29 skrev Paul Koning <paulkoning@comcast.net>:
>
>
>
>> On Feb 15, 2023, at 4:01 PM, Ulf Samuelsson via Binutils <binutils@sourceware.org> wrote:
>>
>> Some argument for including CRC support in the linker.
>>
>> ============
>>
>> The AUTOSAR organisation publishes requirement for developing code for the Automotive industry.
>>
>> Protecting your code with a CRC is mandatory, and the chosen algorithm is CRC64 ECMA.
>> ...
>> You cannot get a Functional Safety device qualified, if the firmware is not protected by a CRC.
>> ...
>> So there is a significant part of the embedded industry that relies on CRC calculations for ensuring that their systems are not broken.
>>
>> What is important here is the "Hamming distance" which measures the quality of detection.
>>
>> The width of the CRC needs to grow as the program size grows.
>
> Indeed; CRC32 is not suitable for that reason.
>
> But what about other options? CRC64 is certainly one reasonable integrity check (if the assumption is that errors are unintentional as opposed to the result of active attack). But SHA-1, SHA-2, or even MD-5 are at least as good. Digital signatures provide protection against intentional modification. Does the standard recognize that those other options are also suitable?
>
> paul
>
next prev parent reply other threads:[~2023-02-15 22:08 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-08 17:36 RFC: generating a header using the linker (ASCII, ASCIZ commands) Ulf Samuelsson
2023-02-13 10:09 ` Nick Clifton
2023-02-13 11:12 ` Ulf Samuelsson
2023-02-13 12:33 ` Jan Beulich
2023-02-13 15:54 ` Ulf Samuelsson
2023-02-13 14:11 ` Nick Clifton
2023-02-13 16:04 ` Ulf Samuelsson
2023-02-14 16:06 ` Nick Clifton
2023-02-14 18:12 ` Ulf Samuelsson
2023-02-15 20:07 ` RFC: generating a header using the linker (CRC calculation) Ulf Samuelsson
2023-02-15 21:01 ` Ulf Samuelsson
2023-02-15 21:29 ` Paul Koning
2023-02-15 22:08 ` Ulf Samuelsson [this message]
2023-02-15 22:11 ` Paul Koning
2023-02-16 6:45 ` Ulf Samuelsson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3D8C014D-966D-4129-82AC-AA04593A1F6B@emagii.com \
--to=binutils@emagii.com \
--cc=binutils@sourceware.org \
--cc=nickc@redhat.com \
--cc=paulkoning@comcast.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).