From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=uLMA=6L=comcast.net=paulkoning@sourceware.org>
Received: from resqmta-a1p-077437.sys.comcast.net (resqmta-a1p-077437.sys.comcast.net [IPv6:2001:558:fd01:2bb4::8])
	by sourceware.org (Postfix) with ESMTPS id D9064385840D
	for <binutils@sourceware.org>; Wed, 15 Feb 2023 21:29:10 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org D9064385840D
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=comcast.net
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=comcast.net
Received: from resomta-a1p-076781.sys.comcast.net ([96.103.145.226])
	by resqmta-a1p-077437.sys.comcast.net with ESMTP
	id SIiIpZlLEKJmTSPKvpk5sN; Wed, 15 Feb 2023 21:29:09 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net;
	s=20190202a; t=1676496549;
	bh=WwMFwXRgkUjITcjCqNrfjK0YMxd8cfyPjN5vrYSeYjE=;
	h=Received:Received:Content-Type:Mime-Version:Subject:From:Date:
	 Message-Id:To:Xfinity-Spam-Result;
	b=b+XXjHt4lmTY/a/3KlDt/wBaTLB7aLhxati+OK/4zle5J5aI1XH7Fshc6MzsawdiP
	 WccGPUGmgNWMrco06BRUaLuhXOOgM1dNqng+klQntOU4XuhXS0bPTlD5M2Z9jxTTjL
	 TkXgPaJmS1/s2QSdcwuyie70dtB6GRtwcLmFSmIM+wdhq9TchVVlDOrrdGVJeITU9m
	 4H3jmjyYi3kV9ZLKZ2zDlMRkZaWAIDwtVET3IugMdG/PUNO7rHesOKOOyXGUtnnKax
	 8fV5KLxiK2aikWxuIXGeDp9m47x1Zg1azKhva06+f9TAEkystENsw0AmWv5VKqWQuE
	 +IxPRA24UJRIw==
Received: from smtpclient.apple ([73.60.223.101])
	by resomta-a1p-076781.sys.comcast.net with ESMTPSA
	id SPKspX5GSH2imSPKtpovgp; Wed, 15 Feb 2023 21:29:08 +0000
X-Xfinity-VAAS: gggruggvucftvghtrhhoucdtuddrgedvhedrudeihedgudegvdcutefuodetggdotefrodftvfcurfhrohhfihhlvgemucevohhmtggrshhtqdftvghsihdpqfgfvfdppffquffrtefokffrnecuuegrihhlohhuthemuceftddunecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpegtggfuhfgjffevgffkfhfvofesthhqmhdthhdtvdenucfhrhhomheprfgruhhlucfmohhnihhnghcuoehprghulhhkohhnihhnghestghomhgtrghsthdrnhgvtheqnecuggftrfgrthhtvghrnhepveekveelffeliefgiedufeehgeejtdfhgedujeehueekiedtgfetffevgffggfdvnecukfhppeejfedriedtrddvvdefrddutddunecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehhvghlohepshhmthhptghlihgvnhhtrdgrphhplhgvpdhinhgvthepjeefrdeitddrvddvfedruddtuddpmhgrihhlfhhrohhmpehprghulhhkohhnihhnghestghomhgtrghsthdrnhgvthdpnhgspghrtghpthhtohepfedprhgtphhtthhopegsihhnuhhtihhlshesvghmrghgihhirdgtohhmpdhrtghpthhtohepnhhitghktgesrhgvughhrghtrdgtohhmpdhrtghpthhtohepsghinhhuthhilhhssehsohhurhgtvgifrghrvgdrohhrgh
X-Xfinity-VMeta: sc=-100.00;st=legit
Content-Type: text/plain;
	charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.2\))
Subject: Re: RFC: generating a header using the linker (CRC calculation)
From: Paul Koning <paulkoning@comcast.net>
In-Reply-To: <e66359a9-1854-ac0a-133d-a51bfc2f5dcb@emagii.com>
Date: Wed, 15 Feb 2023 16:29:06 -0500
Cc: Nick Clifton <nickc@redhat.com>,
 binutils@sourceware.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <8511B960-E529-47FB-9B17-55F666B58EE7@comcast.net>
References: <da8ffd92-cb65-cb25-0981-ce03a995db7d@emagii.com>
 <5aa83cea-b8ad-5b36-12ec-6857a5c5541a@redhat.com>
 <73f54df1-c236-4c4a-c161-85ebe6d6f7b7@emagii.com>
 <7216fa28-4769-5bd2-a508-bf71184727fd@redhat.com>
 <4e60f02f-322e-f268-cb31-a4e52a419fc6@emagii.com>
 <e66359a9-1854-ac0a-133d-a51bfc2f5dcb@emagii.com>
To: Ulf Samuelsson <binutils@emagii.com>
X-Mailer: Apple Mail (2.3696.120.41.1.2)
X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,SPF_HELO_PASS,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <binutils.sourceware.org>



> On Feb 15, 2023, at 4:01 PM, Ulf Samuelsson via Binutils =
<binutils@sourceware.org> wrote:
>=20
> Some argument for including CRC support in the linker.
>=20
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>=20
> The AUTOSAR organisation publishes requirement for developing code for =
the Automotive industry.
>=20
> Protecting your code with a CRC is mandatory, and the chosen algorithm =
is CRC64 ECMA.
> ...
> You cannot get a Functional Safety device qualified, if the firmware =
is not protected by a CRC.
> ...
> So there is a significant part of the embedded industry that relies on =
CRC calculations for ensuring that their systems are not broken.
>=20
> What is important here is the "Hamming distance" which measures the =
quality of detection.
>=20
> The width of the CRC needs to grow as the program size grows.

Indeed; CRC32 is not suitable for that reason.

But what about other options?  CRC64 is certainly one reasonable =
integrity check (if the assumption is that errors are unintentional as =
opposed to the result of active attack).  But SHA-1, SHA-2, or even MD-5 =
are at least as good.  Digital signatures provide protection against =
intentional modification.  Does the standard recognize that those other =
options are also suitable?

	paul