Commit dcdefc52 authored by Valerie Aurora (Bow Shock)'s avatar Valerie Aurora (Bow Shock)
Browse files

Move TODO requirements to notes

parent 84281c25

EN-304-626.md

+38 −34
Original line number Diff line number Diff line
@@ -1343,40 +1343,6 @@ Both kernel and userspace threads shall use hardware-supported memory tagging to 


* Activities: For each of kernel and userspace, allocate 2 adjacent memory regions with separate tags. Attempt to read and write memory with a positive offset into trailing region from leading region's tagged pointer. Attempt to read and write with negative offset into leading region using trailing region's tagged pointer. Free a region and read and write to the region using the original tagged pointer.



TODO:



#### Kernel and userspace memory safety mitigations



FIXME: Stack ASLR

FIXME: Exec ASLR



#### Kernel-specific memory safety mitigations



FIXME: Module ASLR

FIXME: JIT ASLR



#### Userspace-specific memory safety mitigations



FIXME: Sym-/Hard-Link restrictions

FIXME: FIFO restrictions

FIXME: Libs/mmap ASLR

FIXME: brk ASLR



##### Toolchain hardening



FIXME: PIE

FIXME: FORTIFY_SOURCE

FIXME: RELRO (merge below into "binary runtime metadata"?)

FIXME: BIND_NOW (merge above into "binary runtime metadata"?)

FIXME: -fstack-clash-protection (covered by "stack exhaustion"?)

FIXME: -fcf-protection (covered by "CFI"?)



#### Kernel provided userspace mitigations



FIXME: vDSO ASLR

FIXME: NULL-address protection

FIXME: ptrace scope



#### 5.2.X.x Mapping of mitigations to risk factors and security profiles



> FIXME: Figure out which risk factors/use cases require CFIN or else delete it.
@@ -2752,6 +2718,44 @@ https://cs.android.com/android/platform/superproject/+/android-latest-release:ct 
* Hardware Watchdog Timers: Detects and recovers from system hangs or malicious loops

* Secure Debug Interface Management: Disabling or restricting access through state-of-the-art security mechanisms debug access



## Suggested additional requirements



TODO:



#### Kernel and userspace memory safety mitigations



FIXME: Stack ASLR

FIXME: Exec ASLR



#### Kernel-specific memory safety mitigations



FIXME: Module ASLR

FIXME: JIT ASLR



#### Userspace-specific memory safety mitigations



FIXME: Sym-/Hard-Link restrictions

FIXME: FIFO restrictions

FIXME: Libs/mmap ASLR

FIXME: brk ASLR



##### Toolchain hardening



FIXME: PIE

FIXME: FORTIFY_SOURCE

FIXME: RELRO (merge below into "binary runtime metadata"?)

FIXME: BIND_NOW (merge above into "binary runtime metadata"?)

FIXME: -fstack-clash-protection (covered by "stack exhaustion"?)

FIXME: -fcf-protection (covered by "CFI"?)



#### Kernel provided userspace mitigations



FIXME: vDSO ASLR

FIXME: NULL-address protection

FIXME: ptrace scope







# Annex F (informative): Change history



The "Change history/Change request (history)" annex shall be included in every revised or amended harmonised standard and shall contain information concerning significant changes that have been introduced by it. It shall be presented as a table.