Merge changes from topic "sb/threat-model" into integration
* changes: docs(threat-model): make measured boot out of scope docs(threat-model): revamp threat #9
This commit is contained in:
Bipin Ravi
TrustedFirmware Code Review
commit
453abc80b2
|
|
@ -36,6 +36,9 @@ assumptions:
|
||||||
- There is no Secure-EL2. We don't consider threats that may come with
|
- There is no Secure-EL2. We don't consider threats that may come with
|
||||||
Secure-EL2 software.
|
Secure-EL2 software.
|
||||||
|
|
||||||
|
- Measured boot is disabled. We do not consider the threats nor the mitigations
|
||||||
|
that may come with it.
|
||||||
|
|
||||||
- No experimental features are enabled. We do not consider threats that may come
|
- No experimental features are enabled. We do not consider threats that may come
|
||||||
from them.
|
from them.
|
||||||
|
|
||||||
|
|
@ -617,19 +620,18 @@ each diagram element of the data flow diagram.
|
||||||
| Threat | | **Improperly handled SMC calls can leak register |
|
| Threat | | **Improperly handled SMC calls can leak register |
|
||||||
| | contents** |
|
| | contents** |
|
||||||
| | |
|
| | |
|
||||||
| | | When switching between secure and non-secure |
|
| | | When switching between worlds, TF-A register state |
|
||||||
| | states, register contents of Secure world or |
|
| | can leak to software in different security |
|
||||||
| | register contents of other normal world clients |
|
| | contexts. |
|
||||||
| | can be leaked. |
|
|
||||||
+------------------------+------------------------------------------------------+
|
+------------------------+------------------------------------------------------+
|
||||||
| Diagram Elements | DF5 |
|
| Diagram Elements | DF4, DF5 |
|
||||||
+------------------------+------------------------------------------------------+
|
+------------------------+------------------------------------------------------+
|
||||||
| Affected TF-A | BL31 |
|
| Affected TF-A | BL31 |
|
||||||
| Components | |
|
| Components | |
|
||||||
+------------------------+------------------------------------------------------+
|
+------------------------+------------------------------------------------------+
|
||||||
| Assets | Sensitive Data |
|
| Assets | Sensitive Data |
|
||||||
+------------------------+------------------------------------------------------+
|
+------------------------+------------------------------------------------------+
|
||||||
| Threat Agent | NSCode |
|
| Threat Agent | NSCode, SecCode |
|
||||||
+------------------------+------------------------------------------------------+
|
+------------------------+------------------------------------------------------+
|
||||||
| Threat Type | Information Disclosure |
|
| Threat Type | Information Disclosure |
|
||||||
+------------------------+-------------------+----------------+-----------------+
|
+------------------------+-------------------+----------------+-----------------+
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue