Commit d0c79147 authored by Mark Lodato's avatar Mark Lodato
Browse files

Clarify SLSA requirements.

Changes to requirements:
- Remove "Source Integrity", add immutable references to "Hermetic".
- Drop "Common" from SLSA 2 because it is likely expensive.

Clarifications:
- Split out "Ephemeral Environment" from "Isolation" (from #52).
- Explain that GH-generated merge commits meet Verified History (from #52).
- Clarify that all artifact references are immutable (from #52).
- Rename "Dependencies" to "Dependencies Complete" to avoid confusion.
- Define "SLSA level", "provenance", and "top-level source."
- Other minor cleanups.
parent 17b77918
...@@ -284,14 +284,23 @@ The following diagram shows the relationship between concepts. ...@@ -284,14 +284,23 @@ The following diagram shows the relationship between concepts.
Special cases: Special cases:
* A ZIP file is containing source code is package, not a source, because it is * A ZIP file is containing source code is a package, not a source, because it
built from some other source, such as a git commit. is built from some other source, such as a git commit.
## Proposed SLSA definitions ## Proposed SLSA definitions
_Reminder: The definitions below are not yet finalized and subject to change. In _Reminder: The definitions below are not yet finalized and subject to change. In
particular, the levels will be renumbered to be all integers._ particular, the levels will be renumbered to be all integers._
An artifact's **SLSA level** describes the integrity strength of its direct
supply chain, meaning its direct sources and build steps. To verify that the
artifact meets this level, **provenance** is required. This serves as evidence
that the level's requirements have been met.
### Level descriptions
_This section is non-normative._
There are four SLSA levels. SLSA 3 is the current highest level and represents There are four SLSA levels. SLSA 3 is the current highest level and represents
the ideal end state. SLSA 1–2 offer lower security guarantees but are easier the ideal end state. SLSA 1–2 offer lower security guarantees but are easier
to meet. In our experience, achieving SLSA 3 can take many years and significant to meet. In our experience, achieving SLSA 3 can take many years and significant
...@@ -324,7 +333,7 @@ effort, so intermediate milestones are important. ...@@ -324,7 +333,7 @@ effort, so intermediate milestones are important.
</tbody> </tbody>
</table> </table>
Each SLSA level has a set of requirements. ### Level requirements
<table> <table>
<thead> <thead>
...@@ -340,83 +349,81 @@ Each SLSA level has a set of requirements. ...@@ -340,83 +349,81 @@ Each SLSA level has a set of requirements.
<tr><td rowspan="6">Build <tr><td rowspan="6">Build
<td>Scripted <td><td><td><td></tr> <td>Scripted <td><td><td><td></tr>
<tr><td>Build Service <td> <td><td><td></tr> <tr><td>Build Service <td> <td><td><td></tr>
<tr><td>Ephemeral Environment <td> <td> <td><td></tr>
<tr><td>Isolated <td> <td> <td><td></tr> <tr><td>Isolated <td> <td> <td><td></tr>
<tr><td>Hermetic <td> <td> <td> <td></tr> <tr><td>Hermetic <td> <td> <td> <td></tr>
<tr><td>Reproducible <td> <td> <td> <td></tr> <tr><td>Reproducible <td> <td> <td> <td></tr>
<tr><td>Source Integrity <td> <td> <td>* <td></tr>
<tr><td rowspan="5">Provenance <tr><td rowspan="5">Provenance
<td>Available <td><td><td><td></tr> <td>Available <td><td><td><td></tr>
<tr><td>Authenticated <td> <td><td><td></tr> <tr><td>Authenticated <td> <td><td><td></tr>
<tr><td>Service Generated <td> <td><td><td></tr> <tr><td>Service Generated <td> <td><td><td></tr>
<tr><td>Non-Falsifiable <td> <td> <td><td></tr> <tr><td>Non-Falsifiable <td> <td> <td><td></tr>
<tr><td>Dependencies <td> <td> <td> <td></tr> <tr><td>Dependencies Complete <td> <td> <td> <td></tr>
<tr><td rowspan="3">Common <tr><td rowspan="3">Common
<td>Security <td> <td> <td> <td></tr> <td>Security <td> <td> <td> <td></tr>
<tr><td>Access <td> <td> <td> <td></tr> <tr><td>Access <td> <td> <td> <td></tr>
<tr><td>Superusers <td> <td> <td> <td></tr> <tr><td>Superusers <td> <td> <td> <td></tr>
</tbody> </tbody>
</table> </table>
Legend: _○ = required unless there is a justification_
* ✓ = required at this level
* ○ = required at this level unless there is a justification
*\* = required at this level, but best effort because it depends on
hermeticity, which is not required at this level
* ↓ = lower requirements (details TBD)
Note: The actual requirements will necessarily be much more detailed and Note: The actual requirements will necessarily be much more detailed and
nuanced. We only provide a brief summary here for clarity. nuanced. We only provide a brief summary here for clarity.
**[Source]** A source meets SLSA 3 if: **[Source]** Requirements for the artifact's top-level source (i.e. the one
containing the build script):
* **[Version Controlled]** Every change to the source is tracked in a version * **[Version Controlled]** Every change to the source is tracked in a version
control system that identifies who made the change, what the change was, and control system that identifies who made the change, what the change was, and
when that change occurred. when that change occurred.
* **[Verified History]** The version control history indicates which actor * **[Verified History]** The version control history indicates which actor
identities (author, uploader, reviewer, etc.) and timestamps were strongly identities (author, uploader, reviewer, etc.) and timestamps were strongly
authenticated. authenticated. For example, GitHub-generated merge commits for pull requests
meet this requirement.
* **[Retained Indefinitely]** The artifact and its change history are retained * **[Retained Indefinitely]** The artifact and its change history are retained
indefinitely and cannot be deleted. indefinitely and cannot be deleted.
* **[Two-Person Review]** At least two trusted persons agreed to every change * **[Two-Person Review]** At least two trusted persons agreed to every change
in the history. in the history.
**[Build]** A build process qualifies for SLSA 3 if: **[Build]** Requirements for the artifact's build process:
* **[Scripted]** All build steps were fully defined in some sort of "build * **[Scripted]** All build steps were fully defined in some sort of "build
script". The only manual command, if any, was to invoke the build script. script". The only manual command, if any, was to invoke the build script.
* **[Build Service]** All build steps ran using some build service, such as a * **[Build Service]** All build steps ran using some build service, such as a
Continuous Integration (CI) platform, not on a developer's workstation. Continuous Integration (CI) platform, not on a developer's workstation.
* **[Ephemeral Environment]** The build steps ran in an ephemeral environment,
such as a container or VM, provisioned solely for this build, and not reused
by other builds.
* **[Isolated]** The build steps ran in an isolated environment free of * **[Isolated]** The build steps ran in an isolated environment free of
influence from other build instances, whether prior or concurrent. influence from other build instances, whether prior or concurrent. Build
caches, if used, are purely content-addressable to prevent tampering.
* **[Hermetic]** All build steps, sources, and dependencies were fully * **[Hermetic]** All build steps, sources, and dependencies were fully
declared up front and the build steps ran with no network access. declared up front with immutable references, and the build steps ran with no
network access. All dependencies were fetched by the build service control
plane and checked for integrity.
* **[Reproducible]** Re-running the build steps with identical input artifacts * **[Reproducible]** Re-running the build steps with identical input artifacts
results in bit-for-bit identical output. (Builds that cannot meet this must results in bit-for-bit identical output. (Builds that cannot meet this must
provide a justification.) provide a justification.)
* **[Source Integrity]** All input artifacts were fetched in a manner that
prevents tampering, such as TLS.
**[Provenance]** An artifact's provenance qualifies for SLSA 3 if: **[Provenance]** Requirements for the artifact's provenance:
* **[Available]** Provenance is available to the consumer of the artifact, or * **[Available]** Provenance is available to the consumer of the artifact, or
to whomever is verifying the policy, and it contains at least the to whomever is verifying the policy, and it identifies at least the
cryptographic hash of the artifact, the identity of the system that artifact, the system that performed the build, and the top-level source. All
performed the build, and the top-level source repository (i.e. the one artifact references are immutable, such as via a cryptographic hash.
containing the build script).
* **[Authenticated]** Provenance's authenticity and integrity can be verified, * **[Authenticated]** Provenance's authenticity and integrity can be verified,
such as through a digital signature. such as through a digital signature.
* **[Service Generated]** Provenance is generated by the build service itself, * **[Service Generated]** Provenance is generated by the build service itself,
as opposed to user-provided tooling running on top of the service. as opposed to user-provided tooling running on top of the service.
* **[Non-Falsifiable]** Provenance cannot be falsified by the build service's * **[Non-Falsifiable]** Provenance cannot be falsified by the build service's
users. users.
* **[Dependencies]** Provenance records all build dependencies, meaning every * **[Dependencies Complete]** Provenance records all build dependencies,
artifact that was available to the build script. This includes the initial meaning every artifact that was available to the build script. This includes
state of the machine, VM, or container of the build worker. the initial state of the machine, VM, or container of the build worker.
**[Common]** In addition to the requirements above, every trusted system **[Common]** Common requirements for every trusted system involved in the supply
involved in the supply chain (source, build, distribution, etc.) must meet the chain (source, build, distribution, etc.):
following requirements:
* **[Security]** The system meets some TBD baseline security standard to * **[Security]** The system meets some TBD baseline security standard to
prevent compromise. (Patching, vulnerability scanning, user isolation, prevent compromise. (Patching, vulnerability scanning, user isolation,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment