security/hakurei.app
security/hakurei.app
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

IOMMU integration is important too

Browse Source
This commit is contained in:
Daniel Micay 2019-07-18 07:31:06 -04:00
parent 44cf9578ac
commit f5e2d53c9b
1 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
static/index.html
View File

@ -112,7 +112,7 @@
security along with the longest future support time are the Pixel 3a, Pixel 3a XL, security along with the longest future support time are the Pixel 3a, Pixel 3a XL,
Pixel 3 and Pixel 3 XL.</strong> It will support other devices in the future, but Pixel 3 and Pixel 3 XL.</strong> It will support other devices in the future, but
devices are carefully chosen based on their merits rather than the project aiming to devices are carefully chosen based on their merits rather than the project aiming to
have broad device support. Broad device support is counter to the aims of the have broad device support. Broad device support is counter to the aims of the
project, and the project will eventually be engaging in hardware and firmware level project, and the project will eventually be engaging in hardware and firmware level
improvements rather than only offering suggestions and bug reports upstream for those improvements rather than only offering suggestions and bug reports upstream for those
areas. Much of the work on the project involves changes that are specific to different areas. Much of the work on the project involves changes that are specific to different
@ -124,11 +124,14 @@
potential targets. In addition to support for installing other operating systems, potential targets. In addition to support for installing other operating systems,
standard hardware-based security features like the hardware-backed keystores, verified standard hardware-based security features like the hardware-backed keystores, verified
boot, attestation and various hardware-based exploit mitigations need to be available. boot, attestation and various hardware-based exploit mitigations need to be available.
Devices with support for alternative operating systems as an afterthought will not be Devices also need to have decent integration of IOMMUs for isolating components such
considered. Devices need to have proper ongoing support for their firmware and as the GPU, radios (NFC, Wi-Fi, Bluetooth, Cellular), media decode / encode, image
software specific to the hardware like drivers in order to provide proper full processor, etc. as if the hardware / firmware support is missing or broken, there's
security updates too. Devices that are end-of-life and no longer receiving these not much that the OS can do to provide an alternative. Devices with support for
updates will not be supported.</p> alternative operating systems as an afterthought will not be considered. Devices need
to have proper ongoing support for their firmware and software specific to the
hardware like drivers in order to provide proper full security updates too. Devices
that are end-of-life and no longer receiving these updates will not be supported.</p>
<p>In order to support a device, the appropriate resources also need to be available <p>In order to support a device, the appropriate resources also need to be available
and dedicated towards it. Releases for each supported device need to be robust and and dedicated towards it. Releases for each supported device need to be robust and
stable, with all standard functionality working properly and testing for each of the stable, with all standard functionality working properly and testing for each of the