Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

specifications: Explicitly call out the unbinding flows #110

Merged
merged 1 commit into from
Apr 18, 2024
Merged

specifications: Explicitly call out the unbinding flows #110

merged 1 commit into from
Apr 18, 2024

Conversation

sameo
Copy link
Collaborator

@sameo sameo commented Apr 16, 2024

And refer to the threat model from the high level device and interface lifecycle section.

Fixes #89

@sameo sameo force-pushed the topic/lifecycle branch 7 times, most recently from bc02d1c to 74015b9 Compare April 16, 2024 07:38
@sameo sameo requested review from rsahita and jyao1 April 16, 2024 08:15
sameo
sameo commented Apr 16, 2024
View reviewed changes
specification/07-theory_operations.adoc Outdated
confidential data and abort any outstanding DMA requests, as described in the
xref:interface-unbinding[Interface Unbinding] section. Implicit TDI unbinding
from the host supervisor domain manager represents a security threat that is part
of the xref:05-security_model.adoc#security-model[CoVE-IO threat model] scope.
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Both TSM and DSM must guarantee TVM confidentiality

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jyao1 Changes applied. Let me know if that looks good to you.

@sameo
specification: Explicitly call out the unbinding flows
99b88cb 
And refer to the threat model from the high level device and interface
lifecycle section.

Fixes riscv-non-isa#89

Signed-off-by: Samuel Ortiz <[email protected]>
@sameo sameo merged commit 8ac5351 into riscv-non-isa:main Apr 18, 2024
2 checks passed
rsahita
rsahita reviewed Apr 18, 2024
View reviewed changes
specification/07-theory_operations.adoc
Comment on lines +903 to +904
situation, both the DSM and the TSM must protect the confidentiality and
integrity of the TVM assets.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

any ref/example on how that is done - e.g. on subsequent use of the TDI, the DSM would enforce it would transition into the error state; also what about in-flight transactions in that case?

rsahita
rsahita reviewed Apr 18, 2024
View reviewed changes
Copy link
Collaborator

@rsahita rsahita left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm - had one minor comment (sorry for delay)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rsahita rsahita rsahita left review comments

@jyao1 jyao1 jyao1 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Qualcomm feedback] 7.7. Device and Interface Lifecycle
3 participants
@sameo @rsahita @jyao1