diff options
author | ramelg01 <ramy.elgammal@arm.com> | 2022-01-31 17:33:04 +0000 |
---|---|---|
committer | Ramy Elgammal <ramy.elgammal@arm.com> | 2022-02-22 12:45:02 +0000 |
commit | 82fe7d396e0951931f65e52f859617ce0a286c95 (patch) | |
tree | 605e7ba0608b6180952984d027cc09de3f3b74da /docs | |
parent | c9e519d2ea4780297d71e68cccc5de9c7bb7c0b4 (diff) | |
download | ComputeLibrary-82fe7d396e0951931f65e52f859617ce0a286c95.tar.gz |
Add disclaimer of ACL duty to protect the memory of the process using it from hacking
Signed-off-by: Ramy Elgammal <ramy.elgammal@arm.com>
Resolves: COMPMID-2132
Change-Id: I76945425244202edb4aad03c1269e69c9f2608ae
Reviewed-on: https://review.mlplatform.org/c/ml/ComputeLibrary/+/7036
Tested-by: Arm Jenkins <bsgcomp@arm.com>
Comments-Addressed: Arm Jenkins <bsgcomp@arm.com>
Reviewed-by: Michalis Spyrou <michalis.spyrou@arm.com>
Diffstat (limited to 'docs')
-rw-r--r-- | docs/user_guide/advanced.dox | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/docs/user_guide/advanced.dox b/docs/user_guide/advanced.dox index 86ee2ce756..806f4ea3b8 100644 --- a/docs/user_guide/advanced.dox +++ b/docs/user_guide/advanced.dox @@ -110,5 +110,19 @@ After the first run, the CLTuner's results can be exported to a file using the m This file can be also imported using the method "load_from_file("results.csv")". - tuner.load_from_file("results.csv"); +@section Security Concerns +Here are some security concerns that may affect Compute Library. + +@subsection A process running under the same uid could read another process memory + +Processes running under same user ID (UID) may be able to read each other memory and running state. Hence, This can +lead to information disclosure and sensitive data can be leaked, such as the weights of the model currently executing. +This mainly affects Linux systems and it's the responsibility of the system owner to make processes secure against +this vulnerability. Moreover, the YAMA security kernel module can be used to detect and stop such a trial of hacking, +it can be selected at the kernel compile time by CONFIG_SECURITY_YAMA and configured during runtime changing the +ptrace_scope in /proc/sys/kernel/yama. + +Please refer to: https://www.kernel.org/doc/html/v4.15/admin-guide/LSM/Yama.html for more information on this regard. + */ } // namespace
\ No newline at end of file |