Skip to content

docs: add security model and clarify the diff-from-upstream convention#12

Merged
m4sterchain merged 1 commit into
apache:mainfrom
m4sterchain:docs/security-model
Jun 5, 2026
Merged

docs: add security model and clarify the diff-from-upstream convention#12
m4sterchain merged 1 commit into
apache:mainfrom
m4sterchain:docs/security-model

Conversation

@m4sterchain

Copy link
Copy Markdown
Contributor

What

Adds docs/security-model.md (a security model for this repository), adds a SECURITY.md, and cleans up the README.md. The repository previously had no SECURITY.md and no security-model documentation.

Why

This repository is special: it hosts dependency crates that are linked into the trusted side of TEE applications (SGX enclaves via the SGX SDK, TrustZone TAs via the TrustZone SDK). That means the entire repository is part of its consumers' Trusted Computing Base, and a weakness in any crate here propagates to every downstream application. A document that states this explicitly — and tells reviewers (human or LLM) what the review unit is — helps keep security review focused and avoids false positives from re-auditing unmodified upstream code.

Contents

docs/security-model.md covers:

  1. Trust model — the whole repository is TCB; there is no in-repo trust boundary, the adversary is inherited from the consuming SDK, plus a supply-chain adversary.
  2. What the repository is / the review unit — the two hosting approaches (patch bundle vs. full crate import) and, crucially, that the review unit is the diff from pristine upstream, not the whole crate.
  3. Trust-posture / what-to-scrutinize map — per-crate table pointing at the security-critical seam each port touches (getrandom randomness source, libc OP-TEE syscall surface, the Rust std patch, ring crypto + prebuilt artifacts).
  4. Target-dependent security primitives — randomness, untrusted filesystem, time, syscalls, panic/abort.
  5. Supply chain and provenance — upstream-fix drift, binary artifacts in the TCB, build-time code execution, publish provenance.
  6. Guidance for automated / LLM security review — where real findings concentrate, expected non-findings, and an explicit instruction to review only the adaptation diff.

README cleanup

  • Fixed the "Typical layout examples" block: it described a crates/ subdirectory that does not exist; crates actually live at the repository root.
  • Documented the directory-naming convention (<crate>-<version> for full imports, <crate>-<version>-<base-commit> for patch bundles).
  • Documented the per-approach diff conventions, including the full-import commit convention: a Download <crate> <version> from crates.io commit preserves the pristine upstream so the adaptation is git diff <download-commit> HEAD -- <crate-dir>/.

This is documentation only; no crate source or behavior changes.

🤖 Generated with Claude Code

Adds docs/security-model.md documenting that this repository is entirely
part of its consumers' Trusted Computing Base (every crate is linked into
the trusted side of an SGX enclave or TrustZone TA), that the review unit
is the diff from pristine upstream (the `Download ... from crates.io`
commit for full imports, the `*.patch` over a pinned `Base-Commit` for
patch bundles), the target-dependent security primitives to scrutinize
(randomness, untrusted filesystem, time, libc/syscalls, std), the
supply-chain and provenance considerations (upstream-fix drift, binary
artifacts, build-time code execution, publish provenance), and guidance
for both developers and automated security reviewers.

Also adds a SECURITY.md (reporting policy + link) and cleans up the
README: fixes the layout example to match the actual root-level directory
structure and documents the per-approach diff conventions.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@m4sterchain m4sterchain merged commit 54755a2 into apache:main Jun 5, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant