From fd0933516b10f5298f402c43677588b47a7d9a5e Mon Sep 17 00:00:00 2001 From: Sandrine Bailleux Date: Tue, 4 Apr 2023 16:36:08 +0200 Subject: [PATCH] docs(porting): refer the reader back to the threat model When porting TF-A to a new platform, it is essential to read the threat model documents in conjunction with the porting guide to understand the security responsibilities of each platform interface to implement. Add a note to highlight this in the porting guide. Change-Id: Icd1e41ae4b15032b72531690dd82a9ef95ca0db5 Signed-off-by: Sandrine Bailleux --- docs/porting-guide.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/porting-guide.rst b/docs/porting-guide.rst index 366734c43..bc9c00f3c 100644 --- a/docs/porting-guide.rst +++ b/docs/porting-guide.rst @@ -26,6 +26,13 @@ provide their own implementation if the default implementation is inadequate. defined. We intend to convert existing weak functions over time. Until then, you will find references to *weak* functions in this document. +Please review the :ref:`Threat Model` documents as part of the porting +effort. Some platform interfaces play a key role in mitigating against some of +the threats. Failing to fulfill these expectations could undermine the security +guarantees offered by TF-A. These platform responsibilities are highlighted in +the threat assessment section, under the "`Mitigations implemented?`" box for +each threat. + Some modifications are common to all Boot Loader (BL) stages. Section 2 discusses these in detail. The subsequent sections discuss the remaining modifications for each BL stage in detail.