Update the 'secure logging' claim (it's not really about security at …

…all) Bug: 379850380 Change-Id: Iab8db5a664e3a1ae62b926af5547f909b3eb462c
project-oak · Nov 26, 2024 · adc01b0 · adc01b0
1 parent f9cecf7
commit adc01b0
Showing 1 changed file with 16 additions and 6 deletions.
diff --git a/docs/tr/claim/75606.md b/docs/tr/claim/75606.md
@@ -1,10 +1,20 @@
-# Oak binaries with secure logging
+# Oak Functions binaries with logging from Wasm disabled
 
-Claim UUID: 75606\
+Claim ID: 75606\
 Link to self:
 https://github.com/project-oak/oak/blob/main/docs/tr/claim/75606.md
 
-An endorsement that doesn't have this claim means the underlying binary doesn't
-log securely. This is intended to discriminate between e.g.
-`oak_functions_container` (would have the claim) or
-`oak_functions_insecure_container` (would not have the claim).
+Oak Functions API provides a
+[`Log` method](https://github.com/project-oak/oak/blob/main/proto/oak_functions/sdk/oak_functions_wasm.proto#L56)
+that the (untrusted) Wasm code can use for arbitrary logging.
+
+As this can provide a way to exfiltrate data, Oak provides pairs of Oak
+Functions binaries:
+
+- `oak_functions_container` and `oak_functions_enclave_app` _disables_ logging
+  from Wasm code (`Log` calls are dropped)
+- `oak_functions_insecure_container` and `oak_functions_insecure_enclave_app`
+  forward `Log` calls to the system log, making them visible.
+
+Endorsements containing this claim assert that no logging from Wasm code happens
+in the underlyinb binary.