arm-trusted-firmware

mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-15 17:14:21 +00:00

History

Sandrine Bailleux 446354122c docs(threat-model): add a threat model for TF-A with Arm CCA Arm Confidential Compute Architecture (Arm CCA) support, underpinned by Arm Realm Management Extension (RME) support, brings in a few important software and hardware architectural changes in TF-A, which warrants a new security analysis of the code base. Results of this analysis are captured in a new threat model document, provided in this patch. The main changes introduced in TF-A to support Arm CCA / RME are: - Presence of a new threat agent: realm world clients. - Availability of Arm CCA Hardware Enforced Security (HES) to support measured boot and trusted boot. - Configuration of the Granule Protection Tables (GPT) for inter-world memory protection. This is only an initial version of the threat model and we expect to enrich it in the future. Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com> Co-authored-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: Iab84dc724df694511508f90dc76b6d469c4cccd5	2023-11-14 09:21:31 +01:00
..
diagrams	docs(threat-model): add a threat model for TF-A with Arm CCA	2023-11-14 09:21:31 +01:00
TrustedFirmware-Logo_standard-white.png	doc: Add minimal Sphinx support	2019-05-21 12:31:25 +01:00

Sandrine Bailleux 446354122c docs(threat-model): add a threat model for TF-A with Arm CCA

Arm Confidential Compute Architecture (Arm CCA) support, underpinned by
Arm Realm Management Extension (RME) support, brings in a few important
software and hardware architectural changes in TF-A, which warrants a
new security analysis of the code base. Results of this analysis are
captured in a new threat model document, provided in this patch.

The main changes introduced in TF-A to support Arm CCA / RME are:

 - Presence of a new threat agent: realm world clients.

 - Availability of Arm CCA Hardware Enforced Security (HES) to support
   measured boot and trusted boot.

 - Configuration of the Granule Protection Tables (GPT) for
   inter-world memory protection.

This is only an initial version of the threat model and we expect to
enrich it in the future.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Co-authored-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Iab84dc724df694511508f90dc76b6d469c4cccd5

2023-11-14 09:21:31 +01:00

diagrams

docs(threat-model): add a threat model for TF-A with Arm CCA

2023-11-14 09:21:31 +01:00

TrustedFirmware-Logo_standard-white.png

doc: Add minimal Sphinx support

2019-05-21 12:31:25 +01:00