Be more specific about what compiler options we consider legitimate

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2026-04-11 14:50:48 +02:00 · 2026-02-26 11:44:02 +01:00
parent 778ea0af9b
commit 168ac78034
1 changed files with 1 additions and 1 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -108,7 +108,7 @@ model, they need to be mitigated by physical countermeasures.

 Mbed TLS is mostly written in C. We use standard C except with known compilers, so we do not expect compilers to introduce direct vulnerabilities. However, compilers can introduce [timing side channels](#timing-attacks) in code that was intended to be constant-time. Mbed TLS includes countermeasures to try to prevent this. But given the diversity of compilers, compiler options and target platforms, this prevention may not be complete.

-We recommend compiling Mbed TLS with commonly used levels of optimizations, such as `-O2` or `-Os`. Higher levels of optimization such as `-O3` or `-Oz` are likely to be safe but are less scrutinized. We do not recommend using less vetted optimization options unless your system is physically isolated.
+We recommend compiling Mbed TLS with commonly used levels of optimizations, such as `-O2` or `-Os`. We will generally treat exploitable timing side channels as a vulnerability if they appear with a common compiler at a common level of optimization. Higher levels of optimization such as `-O3` or `-Oz` are still likely to be safe but are less scrutinized. We do not recommend using individual options that might introduce data-dependent timing, and we will not try to work around such optimizations if they are not part of a commonly used level.

 #### Out-of-scope countermeasures