Cleanup documentation due to new TSK

Signed-off-by: Kai Renken <code@koffeinsucht.de>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
[Rebase on top of master]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

6 files changed, 12 insertions, 13 deletions

diff --git a/documentation/images/secure_storage/block_data_encryption.odg b/documentation/images/secure_storage/block_data_encryption.odg
index 5a0c930d..655c81d9 100644
--- a/documentation/images/secure_storage/block_data_encryption.odg
+++ b/documentation/images/secure_storage/block_data_encryption.odg
diff --git a/documentation/images/secure_storage/block_data_encryption.png b/documentation/images/secure_storage/block_data_encryption.png
index b8648bcf..b05f2c01 100644
--- a/documentation/images/secure_storage/block_data_encryption.png
+++ b/documentation/images/secure_storage/block_data_encryption.png
diff --git a/documentation/images/secure_storage/meta_data_encryption.odg b/documentation/images/secure_storage/meta_data_encryption.odg
index c3cd573d..f6785d4f 100644
--- a/documentation/images/secure_storage/meta_data_encryption.odg
+++ b/documentation/images/secure_storage/meta_data_encryption.odg
diff --git a/documentation/images/secure_storage/meta_data_encryption.png b/documentation/images/secure_storage/meta_data_encryption.png
index 53549727..9c7f8c48 100644
--- a/documentation/images/secure_storage/meta_data_encryption.png
+++ b/documentation/images/secure_storage/meta_data_encryption.png
diff --git a/documentation/secure_storage.md b/documentation/secure_storage.md
index dc31a889..9202325f 100644
--- a/documentation/secure_storage.md
+++ b/documentation/secure_storage.md
@@ -159,6 +159,17 @@ to encrypt/decrypt the FEK.
 TSK is derived by:
 > TSK = HMAC<sub>SHA256</sub> (SSK, TA_UUID)
 
+#### TA storage space isolation
+
+OP-TEE provides different folders for different TAs in Linux file system for
+storing their own TEE files, but OP-TEE cannot prevent an attacker from
+directly copying a TEE file from one TA's folder to another TA's folder in
+Linux file system.
+
+The TSK offers an effective protection against this kind of attack. If an
+attacker copies an TEE file from one TA's folder to another TA's folder,
+this TA would not be able to obtain the plaintext of the TEE file.
+
 ### File Encryption Key (FEK)
 
 When a new TEE file is created, key manager will generate a new FEK by
@@ -233,18 +244,6 @@ or crypto unit according to the method defined by your SoC vendor.
 
 ## Future Work
 
-- **TA storage space isolation**
-
-OP-TEE provides different folders for different TAs in Linux file system for
-storing their own TEE files, but OP-TEE cannot prevent an attacker from
-directly copying a TEE file from one TA's folder to another TA's folder in
-Linux file system. TEE OS should have the ability to detect those kind of
-attack, but for now OP-TEE secure storage doesn't meet the requirement.
-
-A simple solution to detect the attack is using TA's UUID as AAD
-when calculating the tag of meta file, so that OP-TEE will know if a TEE file
-belongs to a specific TA when the TA tries to open the TEE file.
-
 - **TEE file renaming attack detection**
 
 OP-TEE creates a specific folder under the TA's folder for each TEE file in
diff --git a/documentation/secure_storage_rpmb.md b/documentation/secure_storage_rpmb.md
index c88642cd..7ac2304a 100644
--- a/documentation/secure_storage_rpmb.md
+++ b/documentation/secure_storage_rpmb.md
@@ -127,7 +127,7 @@ file, as follows:
 ```
 
 
-SSK and FEK handling is common with the REE-based secure storage, while the AES
+SSK, TSK and FEK handling is common with the REE-based secure storage, while the AES
 CBC block encryption is used only for RPMB (the REE implementation uses GCM).
 
 The FAT is not encrypted.