diff options
author | Bipin Ravi <bipin.ravi@arm.com> | 2022-05-19 21:33:32 +0200 |
---|---|---|
committer | TrustedFirmware Code Review <review@review.trustedfirmware.org> | 2022-05-19 21:33:32 +0200 |
commit | 453abc80b2eacbf2816c838e47e40f063227d934 (patch) | |
tree | 314ee1c019da48be947a6f1b63cb3cbee3e9e20c | |
parent | 4cafcc30ed9be5a7a55e993ef7148a3bbed395cc (diff) | |
parent | d08c496699ae4b9bd5c072615c134206e3edbad7 (diff) | |
download | arm-trusted-firmware-453abc80b2eacbf2816c838e47e40f063227d934.tar.gz |
Merge changes from topic "sb/threat-model" into integrationv2.7-rc0
* changes:
docs(threat-model): make measured boot out of scope
docs(threat-model): revamp threat #9
-rw-r--r-- | docs/threat_model/threat_model.rst | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/docs/threat_model/threat_model.rst b/docs/threat_model/threat_model.rst index 611e8a108..2e11a9479 100644 --- a/docs/threat_model/threat_model.rst +++ b/docs/threat_model/threat_model.rst @@ -36,6 +36,9 @@ assumptions: - There is no Secure-EL2. We don't consider threats that may come with Secure-EL2 software. +- Measured boot is disabled. We do not consider the threats nor the mitigations + that may come with it. + - No experimental features are enabled. We do not consider threats that may come from them. @@ -617,19 +620,18 @@ each diagram element of the data flow diagram. | Threat | | **Improperly handled SMC calls can leak register | | | contents** | | | | -| | | When switching between secure and non-secure | -| | states, register contents of Secure world or | -| | register contents of other normal world clients | -| | can be leaked. | +| | | When switching between worlds, TF-A register state | +| | can leak to software in different security | +| | contexts. | +------------------------+------------------------------------------------------+ -| Diagram Elements | DF5 | +| Diagram Elements | DF4, DF5 | +------------------------+------------------------------------------------------+ | Affected TF-A | BL31 | | Components | | +------------------------+------------------------------------------------------+ | Assets | Sensitive Data | +------------------------+------------------------------------------------------+ -| Threat Agent | NSCode | +| Threat Agent | NSCode, SecCode | +------------------------+------------------------------------------------------+ | Threat Type | Information Disclosure | +------------------------+-------------------+----------------+-----------------+ |