TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_docs / 12e8f23302b8f6ebc27a7b286a9df545d4ba975d
commit12e8f23302b8f6ebc27a7b286a9df545d4ba975d[log] [tgz]
authorJoakim Bech <joakim.bech@linaro.org>Thu Sep 26 10:56:07 2024 +0200
committerJoakim Bech <joakim.bech@linaro.org>Thu Sep 26 17:06:41 2024 +0200
treed4ec2b928d4fc26b5b93bb013c2565b345266384
parent2dd2d110cec4b6e6fdcd249cc18fae8aee6b36ee [diff]
ta: add warning about TA parameter checking

Fixes potential future security vulnerabilites by highlighting the
importance of verifying expected parameter types in Trusted
Applications, as discussed in the GlobalConfusion paper [1] by Marcel
Busch et al.

Note that a proposed fix (and a proof of concept using OP-TEE) is
suggested in the same paper, which involves requiring TA writers to
register expected function parameters. However, this change has not yet
been added to any GlobalPlatform specifications (there is a discussion
ongoing).

Link: [1] https://hexhive.epfl.ch/publications/files/24SEC4.pdf
Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
1 file changed
tree: d4ec2b928d4fc26b5b93bb013c2565b345266384
  1. .github/
  2. _static/
  3. architecture/
  4. building/
  5. debug/
  6. faq/
  7. general/
  8. images/
  9. .gitignore
  10. .readthedocs.yaml
  11. .travis.yml
  12. conf.py
  13. index.rst
  14. LICENSE
  15. Makefile
  16. README.md
  17. requirements.txt
README.md

OP-TEE documentation

This is official documentation for the OP-TEE project. Before OP-TEE v3.5.0 it used to be spread across all different OP-TEE gits making up the OP-TEE project as well as optee.org. But starting with OP-TEE v3.5.0 we have gathered all documentation at single place (i.e., this git).

Even though GitHub renders *.rst somewhat OK, you are not suppossed to browse the documentation there/here. Instead you should go to optee.readthedocs.io, where you will find the complete documentation rendered using Sphinx.