From 17d92d96be1eab32d9e46f3f52c7b605b5a109ac Mon Sep 17 00:00:00 2001 From: Mario Limonciello Date: Tue, 10 Jan 2023 11:14:33 -0600 Subject: [PATCH] trivial: clarify documentation on PSP security processor (Fixes: #5394) --- .../org.fwupd.hsi.Amd.PlatformRollbackProtection.json | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/docs/hsi-tests.d/org.fwupd.hsi.Amd.PlatformRollbackProtection.json b/docs/hsi-tests.d/org.fwupd.hsi.Amd.PlatformRollbackProtection.json index b404ed1ef..68e10d1b2 100644 --- a/docs/hsi-tests.d/org.fwupd.hsi.Amd.PlatformRollbackProtection.json +++ b/docs/hsi-tests.d/org.fwupd.hsi.Amd.PlatformRollbackProtection.json @@ -5,6 +5,10 @@ "AMD SOCs include the ability to prevent a rollback attack by a rollback protection feature on the secure processor.", "This feature prevents an attacker from loading an older firmware onto the part after a security vulnerability has been fixed." ], + "more-information": [ + "This particular check is not for the Microsoft Pluton Security processor which is present on some chips.", + "End users are not able to modify rollback protection, this is controlled by the manufacturer." + ], "failure-impact": [ "SOCs without this feature may be attacked by an attacker installing an older firmware that takes advantage of a well-known vulnerability." ], @@ -16,7 +20,8 @@ }, "hsi-level": 4, "references": { - "https://www.psacertified.org/blog/anti-rollback-explained/": "Rollback protection" + "https://www.psacertified.org/blog/anti-rollback-explained/": "Rollback protection", + "https://www.amd.com/en/technologies/pro-security" : "AMD Secure Processor" }, "fwupd-version": "1.8.0" }