Commit 16462516 authored by Ruben's avatar Ruben
Browse files

Merge branch 'patch-181171' into 'morello/mainline'

compartment-demo: clarify note on side-channel attacks

See merge request morello/android/vendor/arm/morello-examples!1
parents b2b70c4a b0de0aa2
...@@ -375,7 +375,9 @@ Security-related limitations ...@@ -375,7 +375,9 @@ Security-related limitations
compartment, thereby informing the kernel in an unforgeable manner. compartment, thereby informing the kernel in an unforgeable manner.
* SPECTRE-like (side-channel) attacks between compartments are not prevented. * SPECTRE-like (side-channel) attacks between compartments are not prevented.
Using ``CID_EL0`` as described above would help mitigate against such attacks. Morello does not include mitigations against such attacks. A future
architecture may include mitigations that rely on using ``CID_EL0`` as
described above to identify compartment contexts.
* Executable capabilities provided by the CM to compartments can be modified, * Executable capabilities provided by the CM to compartments can be modified,
and in particular their address can be changed, allowing compartments to jump and in particular their address can be changed, allowing compartments to jump
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment