Re: [edk2-devel] [tianocore-docs EDK_II_Secure_Coding_Guide PATCH] Add Appendix: Threat Mode for EDK II.

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Vincent Zimmer" <vincent.zimmer@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>,
	"lersek@redhat.com" <lersek@redhat.com>,
	"Yao, Jiewen" <jiewen.yao@intel.com>
Cc: "Jarlstrom, Laurie" <laurie.jarlstrom@intel.com>
Subject: Re: [edk2-devel] [tianocore-docs EDK_II_Secure_Coding_Guide PATCH] Add Appendix: Threat Mode for EDK II.
Date: Wed, 7 Aug 2019 17:59:26 +0000	[thread overview]
Message-ID: <76DE84138CBE89489874B70B432D8F9BDA19CCE2@ORSMSX106.amr.corp.intel.com> (raw)
In-Reply-To: <7f352852-40b9-95a4-7474-6f0273ec1f66@redhat.com>

Laurie created https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Security-White-Papers for the security collateral.  

Vincent

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Laszlo Ersek
Sent: Wednesday, August 7, 2019 10:46 AM
To: Yao, Jiewen <jiewen.yao@intel.com>
Cc: devel@edk2.groups.io; Zimmer, Vincent <vincent.zimmer@intel.com>; Jarlstrom, Laurie <laurie.jarlstrom@intel.com>
Subject: Re: [edk2-devel] [tianocore-docs EDK_II_Secure_Coding_Guide PATCH] Add Appendix: Threat Mode for EDK II.

(+ Laurie)

On 08/05/19 09:47, Yao, Jiewen wrote:
> This patch adds "Threat model for EDK II" as the appendix section
> 
> of "EDK II secure coding guide" document.
> 
> 
> The threat model discussed here is a general guide and serves as the 
> baseline of
> 
> the EDK II firmware. For each specific feature in EDK II firmware, 
> there might be
> 
> additional feature-based threat models in addition to the general threat model.
> 
> 
> The full gitbook can be also avaiable at
> 
> https://github.com/jyao1/EDK_II_Secure_Coding_Guide/tree/Threat_model.
> 
> 
> Cc: Vincent Zimmer <vincent.zimmer@intel.com>
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> 
> Reviewed-by: Vincent Zimmer <vincent.zimmer@intel.com>
> 
> 
> ---
>  SUMMARY.md                                    |  6 ++
>  appendix_threat_model_for_edk_ii/README.md    | 70 +++++++++++++++++++
>  .../asset_boot_flow.md                        | 63 +++++++++++++++++
>  .../asset_build_tool.md                       | 39 +++++++++++
>  .../asset_flash_content.md                    | 59 ++++++++++++++++
>  .../asset_management_mode.md                  | 58 +++++++++++++++
>  .../asset_s3_resume.md                        | 61 ++++++++++++++++
>  7 files changed, 356 insertions(+)
>  create mode 100644 appendix_threat_model_for_edk_ii/README.md
>  create mode 100644 
> appendix_threat_model_for_edk_ii/asset_boot_flow.md
>  create mode 100644 
> appendix_threat_model_for_edk_ii/asset_build_tool.md
>  create mode 100644 
> appendix_threat_model_for_edk_ii/asset_flash_content.md
>  create mode 100644 
> appendix_threat_model_for_edk_ii/asset_management_mode.md
>  create mode 100644 
> appendix_threat_model_for_edk_ii/asset_s3_resume.md

It looks like we have at least two kinds of documents under <https://github.com/tianocore-docs/>, namely:
- specs (for edk2)
- guides

I know of the article at
<https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Specifications>,
which presents the specs very nicely.

Do we have a similar wiki article about the guides too?

(If I use the article search box to the right, and enter "guide", nothing relevant comes up.)

Thanks!
Laszlo

next prev parent reply	other threads:[~2019-08-07 17:59 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-08-05  7:47 [tianocore-docs EDK_II_Secure_Coding_Guide PATCH] Add Appendix: Threat Mode for EDK II Yao, Jiewen
2019-08-05 14:11 ` Vincent Zimmer
2019-08-07 17:46 ` [edk2-devel] " Laszlo Ersek
2019-08-07 17:59   ` Vincent Zimmer [this message]
2019-08-07 21:29     ` Yao, Jiewen
2019-08-08 18:51     ` Laszlo Ersek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=76DE84138CBE89489874B70B432D8F9BDA19CCE2@ORSMSX106.amr.corp.intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox