From 8ac5351baa13dc9700a953993d204ca6e8f671ff Mon Sep 17 00:00:00 2001 From: Samuel Ortiz Date: Tue, 16 Apr 2024 09:04:10 +0200 Subject: [PATCH] specification: Explicitly call out the unbinding flows And refer to the threat model from the high level device and interface lifecycle section. Fixes #89 Signed-off-by: Samuel Ortiz --- specification/07-theory_operations.adoc | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/specification/07-theory_operations.adoc b/specification/07-theory_operations.adoc index 1300af7..c6bacba 100644 --- a/specification/07-theory_operations.adoc +++ b/specification/07-theory_operations.adoc @@ -561,7 +561,7 @@ host supervisor domain manager may bind a TDI and a TVM together, through the 1. The host supervisor domain manager initiates the interface binding flow by having the TSM move the TDI into the TDISP `CONFIG_LOCKED` state. This is achieved through the `sbi_covh_bind_interface()` `COVH` ABI. -2. The TVM xref:_tdi_acceptation[verifies and accepts the locked TDI] into its +2. The TVM xref:tdi-acceptation[verifies and accepts the locked TDI] into its TCB. 3. The TVM asks the TSM to move the TDI to the TDISP `RUN` state, by calling the `sbi_covg_start_interface()` `COVG` ABI. @@ -934,6 +934,15 @@ compromising any TVM confidential assets. As the platform resources owner, the host supervisor domain manager can assign a TDI to a TVM by binding them together (step 3). At any point in time, it can reclaim that physical resource by unbinding (step 8a) it from its TVM. +Graceful and explicit unbinding through the `COVH` ABI will clear all +confidential data and abort any outstanding DMA requests, as described in the +xref:interface-unbinding[Interface Unbinding] section. Implicit TDI unbinding, +i.e. attempts from the host supervisor domain manager to reclaim and remap a +TDI without explicitly notifying the corresponding TSM, represents a security +threat that is in the +xref:05-security_model.adoc#security-model[CoVE-IO threat model] scope. In that +situation, both the DSM and the TSM must protect the confidentiality and +integrity of the TVM assets. Before binding a TDI and a TVM together, the host supervisor domain manager must first require the TSM to connect (step 1) to the physical device through secured