aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBipin Ravi <bipin.ravi@arm.com>2022-05-19 21:33:32 +0200
committerTrustedFirmware Code Review <review@review.trustedfirmware.org>2022-05-19 21:33:32 +0200
commit453abc80b2eacbf2816c838e47e40f063227d934 (patch)
tree314ee1c019da48be947a6f1b63cb3cbee3e9e20c
parent4cafcc30ed9be5a7a55e993ef7148a3bbed395cc (diff)
parentd08c496699ae4b9bd5c072615c134206e3edbad7 (diff)
downloadtrusted-firmware-a-2.7-rc0.tar.gz
Merge changes from topic "sb/threat-model" into integrationv2.7-rc0
* changes: docs(threat-model): make measured boot out of scope docs(threat-model): revamp threat #9
-rw-r--r--docs/threat_model/threat_model.rst14
1 files changed, 8 insertions, 6 deletions
diff --git a/docs/threat_model/threat_model.rst b/docs/threat_model/threat_model.rst
index 611e8a108b..2e11a94797 100644
--- a/docs/threat_model/threat_model.rst
+++ b/docs/threat_model/threat_model.rst
@@ -36,6 +36,9 @@ assumptions:
- There is no Secure-EL2. We don't consider threats that may come with
Secure-EL2 software.
+- Measured boot is disabled. We do not consider the threats nor the mitigations
+ that may come with it.
+
- No experimental features are enabled. We do not consider threats that may come
from them.
@@ -617,19 +620,18 @@ each diagram element of the data flow diagram.
| Threat | | **Improperly handled SMC calls can leak register |
| | contents** |
| | |
-| | | When switching between secure and non-secure |
-| | states, register contents of Secure world or |
-| | register contents of other normal world clients |
-| | can be leaked. |
+| | | When switching between worlds, TF-A register state |
+| | can leak to software in different security |
+| | contexts. |
+------------------------+------------------------------------------------------+
-| Diagram Elements | DF5 |
+| Diagram Elements | DF4, DF5 |
+------------------------+------------------------------------------------------+
| Affected TF-A | BL31 |
| Components | |
+------------------------+------------------------------------------------------+
| Assets | Sensitive Data |
+------------------------+------------------------------------------------------+
-| Threat Agent | NSCode |
+| Threat Agent | NSCode, SecCode |
+------------------------+------------------------------------------------------+
| Threat Type | Information Disclosure |
+------------------------+-------------------+----------------+-----------------+