docs(threat-model): add a notes related to the Measured Boot
TF-A currently does not have any TPM2 driver for extending
measurements into a discrete TPM chip. In TPM-based attestation
scheme, measurements are just stored into a TCG-compatible event
log buffer in secure memory.
In light of the fact that Event Log measurements are taken by BL1 and
BL2, we need to trust these components to store genuine measurements,
and the Generic Threat Model always mitigates against attacks on these
components, therefore, there is no explicit document for the Measured
Boot threat model at this time is needed.
Change-Id: I41b037b2f5956d327b53cd834345e5aefdcfb5ef
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
diff --git a/docs/glossary.rst b/docs/glossary.rst
index e6b0239..57fde2d 100644
--- a/docs/glossary.rst
+++ b/docs/glossary.rst
@@ -187,6 +187,9 @@
SPM
Secure Partition Manager
+ SRTM
+ Static Root of Trust for Measurement
+
SSBS
Speculative Store Bypass Safe. Introduced in Armv8.5, this configuration
bit can be set by software to allow or prevent the hardware from
@@ -204,6 +207,9 @@
TCB
Trusted Compute Base
+ TCG
+ Trusted Computing Group
+
TEE
Trusted Execution Environment
@@ -219,6 +225,9 @@
TLK
Trusted Little Kernel. A Trusted OS from NVIDIA.
+ TPM
+ Trusted Platform Module
+
TRNG
True Randon Number Generator (hardware based)