aboutsummaryrefslogtreecommitdiff
path: root/docs/security/security.rst
blob: 0ec39bc1322c5f4c1bb349e0b914b12c87cc4b01 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
Security Handling
=================

Security Disclosures
--------------------

Trusted Firmware-M(TF-M) disclose all security vulnerabilities, or are advised
about, that are relevant to TF-M. TF-M encourage responsible disclosure of
vulnerabilities and try the best to inform users about all possible issues.

The TF-M vulnerabilities are disclosed as Security Advisories, all of which are
listed at the bottom of this page.

Found a Security Issue?
-----------------------

Although TF-M try to keep secure, it can only do so with the help of the
community of developers and security researchers.

.. warning::
   If any security vulnerability was found, please **do not**
   report it in the `issue tracker`_ or on the `mailing list`_. Instead, please
   follow the `TrustedFirmware.org security incident process`_.

One of the goals of this process is to ensure providers of products that use
TF-M have a chance to consider the implications of the vulnerability and its
remedy before it is made public. As such, please follow the disclosure plan
outlined in the `Security Incident Process`_. TF-M do the best to respond and
fix any issues quickly.

Afterwards, write-up all the findings about the TF-M source code is highly
encouraged.

Attribution
-----------

TF-M values researchers and community members who report vulnerabilities and
TF-M policy is to credit the contributor's name in the published security advisory.

Security Advisories
-------------------

+------------+-----------------------------------------------------------------+
| ID         | Title                                                           |
+============+=================================================================+
|  |TFMV-1|  | NS world may cause the CPU to perform an unexpected return      |
|            | operation due to unsealed stacks.                               |
+------------+-----------------------------------------------------------------+
|  |TFMV-2|  | Invoking Secure functions from handler mode may cause TF-M IPC  |
|            | model to behave unexpectedly.                                   |
+------------+-----------------------------------------------------------------+
|  |TFMV-3|  | ``abort()`` function may not take effect in TF-M Crypto         |
|            | multi-part MAC/hashing/cipher operations.                       |
+------------+-----------------------------------------------------------------+

.. _issue tracker: https://developer.trustedfirmware.org/project/view/2/
.. _mailing list: https://lists.trustedfirmware.org/mailman/listinfo/tf-m

.. |TFMV-1| replace:: :ref:`docs/security/security_advisories/stack_seal_vulnerability:Advisory TFMV-1`
.. |TFMV-2| replace:: :ref:`docs/security/security_advisories/svc_caller_sp_fetching_vulnerability:Advisory TFMV-2`
.. |TFMV-3| replace:: :ref:`docs/security/security_advisories/crypto_multi_part_ops_abort_fail:Advisory TFMV-3`

.. _TrustedFirmware.org security incident process: https://developer.trustedfirmware.org/w/collaboration/security_center/

.. _Security Incident Process: https://developer.trustedfirmware.org/w/collaboration/security_center/reporting/

--------------

*Copyright (c) 2020-2021, Arm Limited. All rights reserved.*