Closed
Description
This is a place to document and discuss the roadmap for AppID. The goal is to ensure the mechanism supports varied use cases while making it robust and easy to use.
The AppID TRD does a great job of describing the intended use cases and general flexibility of Tock's AppID mechanism.
- Add async process loading. Add an Asynchronous Process Loader #3828 Add Asynchronous Process Loader, Split Credential Traits, Make Process Checking pre-Kernel Loop #3849
- Separate the credential checking policy trait from the AppID assignment traits. Add Asynchronous Process Loader, Split Credential Traits, Make Process Checking pre-Kernel Loop #3849
- This makes it straightforward to compose an app id policy with a credential policy.
- Support cryptographic signature credentials.
- Provide the framework (HIL support and a policy). HIL: Add Signature::verify with
const L:usizeand process checker for signatures #3878 Implement RSA2048 signatures.- Implement ECDSA signatures.
- For this task we really need a no_std (ie no alloc) signature implementation in Rust.
- Provide the framework (HIL support and a policy). HIL: Add Signature::verify with
- Add a Short ID TBF header. This allows developers to specify the Short ID used at app compilation time. AppID/TBF: Add
ShortIdheader #4026 - Resolve the tension between
write_idandShortID.- Both are 32 bit app identifiers. Write_id is designed for persistent storage. However, it is isn't clear why an app would want those to be different.
- TRD: Tock Storage Permissions #4021 attempts to do this.
- Rename the
ShortIDtype toShortId. This matchesProcessId. Add Asynchronous Process Loader, Split Credential Traits, Make Process Checking pre-Kernel Loop #3849 - Implement credential checking on a process loaded at runtime.
- Add components for AppID to make it easier for boards to use.