mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-04-15 00:54:22 +00:00
40d553cfde
This change creates the following directories under docs/ in order to provide a grouping for the content: - components - design - getting_started - perf - process In each of these directories an index.rst file is created and this serves as an index / landing page for each of the groups when the pages are compiled. Proper layout of the top-level table of contents relies on this directory/index structure. Without this patch it is possible to build the documents correctly with Sphinx but the output looks messy because there is no overall hierarchy. Change-Id: I3c9f4443ec98571a56a6edf775f2c8d74d7f429f Signed-off-by: Paul Beesley <paul.beesley@arm.com>
103 lines
4.8 KiB
ReStructuredText
103 lines
4.8 KiB
ReStructuredText
Security Center
|
|
===============
|
|
|
|
Security Disclosures
|
|
--------------------
|
|
|
|
We disclose all security vulnerabilities we find or are advised about that are
|
|
relevant for ARM Trusted Firmware (TF). We encourage responsible disclosure of
|
|
vulnerabilities and inform users as best we can about all possible issues.
|
|
|
|
We disclose TF vulnerabilities as Security Advisories. These are listed at the
|
|
bottom of this page and announced as issues in the `GitHub issue tracker`_ with
|
|
the "security-advisory" tag. You can receive notification emails for these by
|
|
watching that project.
|
|
|
|
Found a Security Issue?
|
|
-----------------------
|
|
|
|
Although we try to keep TF secure, we can only do so with the help of the
|
|
community of developers and security researchers.
|
|
|
|
If you think you have found a security vulnerability, please *do not* report it
|
|
in the `GitHub issue tracker`_. Instead send an email to
|
|
trusted-firmware-security@arm.com
|
|
|
|
Please include:
|
|
|
|
* Trusted Firmware version (or commit) affected
|
|
|
|
* A description of the concern or vulnerability
|
|
|
|
* Details on how to replicate the vulnerability, including:
|
|
|
|
- Configuration details
|
|
|
|
- Proof of concept exploit code
|
|
|
|
- Any additional software or tools required
|
|
|
|
We recommend using `this PGP/GPG key`_ for encrypting the information. This key
|
|
is also available at http://keyserver.pgp.com and LDAP port 389 of the same
|
|
server. The fingerprint for this key is:
|
|
|
|
::
|
|
|
|
1309 2C19 22B4 8E87 F17B FE5C 3AB7 EFCB 45A0 DFD0
|
|
|
|
If you would like replies to be encrypted, please provide your public key.
|
|
|
|
Please give us the time to respond to you and fix the vulnerability before going
|
|
public. We do our best to respond and fix any issues quickly. We also need to
|
|
ensure providers of products that use TF have a chance to consider the
|
|
implications of the vulnerability and its remedy.
|
|
|
|
Afterwards, we encourage you to write-up your findings about the TF source code.
|
|
|
|
Attribution
|
|
-----------
|
|
|
|
We will name and thank you in the ``change-log.rst`` distributed with the source
|
|
code and in any published security advisory.
|
|
|
|
Security Advisories
|
|
-------------------
|
|
|
|
+-----------+------------------------------------------------------------------+
|
|
| ID | Title |
|
|
+===========+==================================================================+
|
|
| `TFV-1`_ | Malformed Firmware Update SMC can result in copy of unexpectedly |
|
|
| | large data into secure memory |
|
|
+-----------+------------------------------------------------------------------+
|
|
| `TFV-2`_ | Enabled secure self-hosted invasive debug interface can allow |
|
|
| | normal world to panic secure world |
|
|
+-----------+------------------------------------------------------------------+
|
|
| `TFV-3`_ | RO memory is always executable at AArch64 Secure EL1 |
|
|
+-----------+------------------------------------------------------------------+
|
|
| `TFV-4`_ | Malformed Firmware Update SMC can result in copy or |
|
|
| | authentication of unexpected data in secure memory in AArch32 |
|
|
| | state |
|
|
+-----------+------------------------------------------------------------------+
|
|
| `TFV-5`_ | Not initializing or saving/restoring PMCR_EL0 can leak secure |
|
|
| | world timing information |
|
|
+-----------+------------------------------------------------------------------+
|
|
| `TFV-6`_ | Arm Trusted Firmware exposure to speculative processor |
|
|
| | vulnerabilities using cache timing side-channels |
|
|
+-----------+------------------------------------------------------------------+
|
|
| `TFV-7`_ | Trusted Firmware-A exposure to cache speculation vulnerability |
|
|
| | Variant 4 |
|
|
+-----------+------------------------------------------------------------------+
|
|
| `TFV-8`_ | Not saving x0 to x3 registers can leak information from one |
|
|
| | Normal World SMC client to another |
|
|
+-----------+------------------------------------------------------------------+
|
|
|
|
.. _GitHub issue tracker: https://github.com/ARM-software/tf-issues/issues
|
|
.. _this PGP/GPG key: security-reporting.asc
|
|
.. _TFV-1: ./security_advisories/security-advisory-tfv-1.rst
|
|
.. _TFV-2: ./security_advisories/security-advisory-tfv-2.rst
|
|
.. _TFV-3: ./security_advisories/security-advisory-tfv-3.rst
|
|
.. _TFV-4: ./security_advisories/security-advisory-tfv-4.rst
|
|
.. _TFV-5: ./security_advisories/security-advisory-tfv-5.rst
|
|
.. _TFV-6: ./security_advisories/security-advisory-tfv-6.rst
|
|
.. _TFV-7: ./security_advisories/security-advisory-tfv-7.rst
|
|
.. _TFV-8: ./security_advisories/security-advisory-tfv-8.rst
|