Update documentation

LICENSE

@@ -0,0 +1,11 @@
+Copyright 2024 Nikita Travkin
+
+Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

README.md

@@ -10,6 +10,9 @@ Since the firmware would check that the payload PE is signed by Microsoft, and t
 Secure-Launch application, signed by MS is `tcblaunch.exe`, you are unlikely to use this
 with anything else...
 
+You can find an overview of the implemented process in [Theory of operation](theory_of_operation.md) document.
+
+
 Usage
 -----
 
@@ -74,6 +77,7 @@ fs0:\> dtbhack.efi path\to\your.dtb
 Please note that this will not fix every issue but only attempts to work around the most
 boot-critical ones.
 
+
 Build
 -----
 
@@ -89,3 +93,52 @@ Then build the project:
 make
 ```
 
+
+Frequently asked questions
+--------------------------
+
+### What are the security implications?
+
+A careful consideration was given to security implications of the results of the research
+leading to this implementation. However there is no apparent security issues within the
+current Secure-Launch process and to the best of the author's knowledge this implementation
+being public does not open any new attack vectors on the Microsoft Windows security.
+
+**There is no security problems in Qualcomm's firmware** - Qualcomm allows an third party
+OS to run in EL2. This means that the ability to run arbitrary code in EL2 is intended.
+
+**There is no security problems in tcblauch.exe** - Error handling is an intended and
+deliberately designed part of the Secure-Launch process. Being able to inflict an error in
+tcblaunch.exe initialization implies already controlling the system at that point. This
+means that the system and the TPM state is already compromised and is not trustworthy.
+Notably, reviewing [Microsoft Security Servicing Criteria for Windows](https://www.microsoft.com/en-us/msrc/windows-security-servicing-criteria)
+suggests that requiring UEFI Secure Boot to be disabled (Which is mandatory to run this app
+or to tamper with `winload.efi`) doesn't meet the servicing criteria since the security is
+manually broken by the user.
+
+Thus in both cases the only "Security" that could be broken is "Security of the vendor lock-in
+solution". Author assumes in good faith that no vendor lock-in was intended with Secure-Launch
+on general-purpose Qualcomm-based computers and thus doesn't feel the need to notify
+abovementioned parties for this non-issue.
+
+### Is this implementation perfectly correct?
+
+No. This implementation is a best effort attempt and might contain some oversignts compared
+to the intended Secure-Launch process. However the fact that slbounce works on multiple
+generations of Qualcomm based devices suggests that this implementation is very close to
+being correct. Nonetheless no correctness guarantees are given and using this software might
+have various issues on specific devices.
+
+
+License
+-------
+
+Source code files are marked with SPDX license identifiers. A license of choice for this
+project code is 3-Clause BSD License.
+
+Note that dependencies of this project may use different licesnses:
+
+- arm64-sysreg-lib: MIT License
+- gnu-efi: 2-Clause BSD License
+- dtc (libfdt): 2-Clause BSD License
+