Hi Dan and all,
I raised a topic for June TSC but looking at Abhishek minutes and as I was not able to join a couple of TSC meetings afterward, I propose to bring it back on the agenda:
-from June TSC minutes:
>Standard HW requirement for TF-M for PSA levels.
LD- Raising the topic based on Eric's email.
AP - As we have limited details possibly better to discuss next time when Eric joins.
May be TF-M tech forum comes up with proposal for TSC to ratify
-I also attached the email exchanged we had on the TSC list before June meeting on this topic
There was also in June a thread in the TF-A mailing list about an LTS version but I do not think the TSC discussed this topic and took a position on it so I propose to put on the agenda.
Regards,
Eric Finco
[Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: logo_big5]
Eric FINCO | Tel: +33 (0)2 4402 7154
MDG | Technical Specialist
From: TSC <tsc-bounces(a)lists.trustedfirmware.org> On Behalf Of Bill Fletcher via TSC
Sent: lundi 17 août 2020 15:56
To: Dan Handley <Dan.Handley(a)arm.com>
Cc: tsc(a)lists.trustedfirmware.org
Subject: Re: [TF-TSC] Request for TSC agenda topics 2020-08-20
Hi Dan
I can give an update on the website rework.
Regards
Bill
On Mon, 17 Aug 2020 at 12:47, Dan Handley via TSC <tsc(a)lists.trustedfirmware.org<mailto:tsc@lists.trustedfirmware.org>> wrote:
Hi all
I'll be chairing the TSC meeting this Thursday. Does anyone have any agenda topics for then?
So far I have:
* Continuation of Groups.io discussion
* Continuation of GitHub/GitLab discussion
Regards
Dan.
--
TSC mailing list
TSC(a)lists.trustedfirmware.org<mailto:TSC@lists.trustedfirmware.org>
https://lists.trustedfirmware.org/mailman/listinfo/tsc
--
[Linaro]<http://www.linaro.org/>
Bill Fletcher | Field Engineering
T: +44 7833 498336<tel:+44+7833+498336>
bill.fletcher(a)linaro.org<mailto:bill.fletcher@linaro.org> | Skype: billfletcher2020
On 8/18/2020 10:01 AM, Joakim Bech via TSC wrote:
> Hi,
>
> If there is enough time, then I would like to discuss OP-TEE release
> work, questions like: Who will make the release? When should it be done?
> Where should it be tracked? Currently, the answer to all of those are
> more or less "Linaro / Linaro decides", but our (Linaro's) impression is
> that we should try to get this transferred to TrustedFirmware in some
> way. Linaro will certainly be involved in that kind of work in the
> future also, but we believe that the directions should come from
> TrustedFirmware.org instead of Linaro. This might even be something to
> consider for all TF projects? I.e., not only OP-TEE? But again .. if
> time permits, otherwise we can push it to another call.
Thanks Joakim for bringing this up. I am interested in this topic.
If the proposal is to move the future direction role to TF.org, Would
like to understand how and if it will impact any decision making of the
OPTEE roadmap.
>
> A second topic is related to CHERI [1] and Hafnium. People working with
> the CHERI project asked me whether TrustedFirmware would be interested
> in an open-source CHERI adaptation of Hafnium? So I'd like to get the
> opinion from the TSC with regards to that. If the TSC is positive to it,
> then we have a few other things to consider like where it should go,
> separate CHERI branch(es), official tree with compile time flags? How to
> staff the activity? Legal aspects? Etc.
>
> [1] http://cheri-cpu.org/
>
> Regards,
> Joakim
>
>
> On Mon, 17 Aug 2020 at 15:55, Bill Fletcher via TSC
> <tsc(a)lists.trustedfirmware.org <mailto:tsc@lists.trustedfirmware.org>>
> wrote:
>
> Hi Dan
>
> I can give an update on the website rework.
>
> Regards
>
> Bill
>
> On Mon, 17 Aug 2020 at 12:47, Dan Handley via TSC
> <tsc(a)lists.trustedfirmware.org
> <mailto:tsc@lists.trustedfirmware.org>> wrote:
>
> Hi all____
>
> __ __
>
> I'll be chairing the TSC meeting this Thursday. Does anyone have
> any agenda topics for then?____
>
> __ __
>
> So far I have:____
>
> __ __
>
> * Continuation of Groups.io discussion____
>
> __ __
>
> * Continuation of GitHub/GitLab discussion____
>
> __ __
>
> Regards____
>
>
> Dan.____
>
> __ __
>
> --
> TSC mailing list
> TSC(a)lists.trustedfirmware.org <mailto:TSC@lists.trustedfirmware.org>
> https://lists.trustedfirmware.org/mailman/listinfo/tsc
>
>
>
> --
>
> Linaro <http://www.linaro.org/>
> *Bill Fletcher* | /Field Engineering/
> T: +44 7833 498336 <tel:+44+7833+498336>
> bill.fletcher(a)linaro.org <mailto:bill.fletcher@linaro.org> | Skype:
> billfletcher2020
>
>
> --
> TSC mailing list
> TSC(a)lists.trustedfirmware.org <mailto:TSC@lists.trustedfirmware.org>
> https://lists.trustedfirmware.org/mailman/listinfo/tsc
>
>
Hi,
If there is enough time, then I would like to discuss OP-TEE release work,
questions like: Who will make the release? When should it be done? Where
should it be tracked? Currently, the answer to all of those are more or
less "Linaro / Linaro decides", but our (Linaro's) impression is that we
should try to get this transferred to TrustedFirmware in some way. Linaro
will certainly be involved in that kind of work in the future also, but we
believe that the directions should come from TrustedFirmware.org instead of
Linaro. This might even be something to consider for all TF projects? I.e.,
not only OP-TEE? But again .. if time permits, otherwise we can push it to
another call.
A second topic is related to CHERI [1] and Hafnium. People working with the
CHERI project asked me whether TrustedFirmware would be interested in an
open-source CHERI adaptation of Hafnium? So I'd like to get the opinion
from the TSC with regards to that. If the TSC is positive to it, then we
have a few other things to consider like where it should go, separate CHERI
branch(es), official tree with compile time flags? How to staff the
activity? Legal aspects? Etc.
[1] http://cheri-cpu.org/
Regards,
Joakim
On Mon, 17 Aug 2020 at 15:55, Bill Fletcher via TSC <
tsc(a)lists.trustedfirmware.org> wrote:
> Hi Dan
>
> I can give an update on the website rework.
>
> Regards
>
> Bill
>
> On Mon, 17 Aug 2020 at 12:47, Dan Handley via TSC <
> tsc(a)lists.trustedfirmware.org> wrote:
>
>> Hi all
>>
>>
>>
>> I'll be chairing the TSC meeting this Thursday. Does anyone have any
>> agenda topics for then?
>>
>>
>>
>> So far I have:
>>
>>
>>
>> * Continuation of Groups.io discussion
>>
>>
>>
>> * Continuation of GitHub/GitLab discussion
>>
>>
>>
>> Regards
>>
>>
>> Dan.
>>
>>
>> --
>> TSC mailing list
>> TSC(a)lists.trustedfirmware.org
>> https://lists.trustedfirmware.org/mailman/listinfo/tsc
>>
>
>
> --
>
> [image: Linaro] <http://www.linaro.org/>
> *Bill Fletcher* | *Field Engineering*
> T: +44 7833 498336 <+44+7833+498336>
> bill.fletcher(a)linaro.org | Skype: billfletcher2020
>
> --
> TSC mailing list
> TSC(a)lists.trustedfirmware.org
> https://lists.trustedfirmware.org/mailman/listinfo/tsc
>
Hi Dan
I can give an update on the website rework.
Regards
Bill
On Mon, 17 Aug 2020 at 12:47, Dan Handley via TSC <
tsc(a)lists.trustedfirmware.org> wrote:
> Hi all
>
>
>
> I'll be chairing the TSC meeting this Thursday. Does anyone have any
> agenda topics for then?
>
>
>
> So far I have:
>
>
>
> * Continuation of Groups.io discussion
>
>
>
> * Continuation of GitHub/GitLab discussion
>
>
>
> Regards
>
>
> Dan.
>
>
> --
> TSC mailing list
> TSC(a)lists.trustedfirmware.org
> https://lists.trustedfirmware.org/mailman/listinfo/tsc
>
--
[image: Linaro] <http://www.linaro.org/>
*Bill Fletcher* | *Field Engineering*
T: +44 7833 498336 <+44+7833+498336>
bill.fletcher(a)linaro.org | Skype: billfletcher2020
Attendees
Abhishek Pandit (Arm)
Ashutosh Singh (Arm)
Kevin Townsend (Linaro)
Julius Werner (Google)
Erik Shreve (TI)
David Brown (Linaro)
Bill Fletcher (Linaro Community Projects)
Andrej Butok (NXP)
NB: there was not a quorum present. No binding decisions were made.
Agenda/Minutes
Migrating to GitLab - proposal
DB: Why GitLab (vs GitHub)
BF: Self hosting and some concerns vs GitHub direction
AP: Need to improve vs current infrastructure
Built-in docs, wiki and issue tracker vs current cgit
GitHub and GitLab
JW: How is the reviewing system on GitLab? Previously used GitHub and it
wasn’t great. Like Gerrit. Would be unfortunate to regress.
DB: Disadvantage vs GitHub - it’s (yet another) a separate system
KT: Same as for Gerrit today
DB: Is the aim for it to be an open source community project or just a
small group (mostly within Arm) just ‘dump it’ on the world?
Andrey: GitHub is a more popular choice for NXP for hosting open source -
SDK etc
Ashutosh: Most engineers like Gerrit. Only places we don’t like current
infrastructure is documentation and issue tracking.
DB: Split implementation is likely to be painful. Depends on what kind of a
community want to build.
AB: Internally NXP is using Jira for tracking but is moving projects to
GitHub
ES: Seems that we are missing requirements - have requirements for a code
review tool, issue tracking tool etc. If we resort to a survey to
developers, Arm view will outweigh everything else. From TI PoV, would not
recommend e.g. BitBucket. Code review is not good.
DB: Can’t make a decision unless we know what are the requirements and the
relative importance.
AP: Can set up a Phabricator page to collect and provide space to review
the requirements (action on Bill)
AOB
BF: Latest website mockup circulated based on previous feedback. Please
take a look. Will keep the window open for a few days for any comments
before we start implementing.
--
[image: Linaro] <http://www.linaro.org/>
*Bill Fletcher* | *Field Engineering*
T: +44 7833 498336 <+44+7833+498336>
bill.fletcher(a)linaro.org | Skype: billfletcher2020
Hi All,
The next TF-A Tech Forum is scheduled for Thu 16th July 2020 16:00 – 17:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know.
Agenda:
* Secure EL2 SPM (Secure Partition Manager) Hafnium-based
* In this TF-A Tech Forum session we present the status and open roadmap for the Secure Partition Manager firmware development. The TF-A SPM is the reference open source implementation for the PSA FF-A (Platform Security Architecture Firmware Framework for A-class) specification in the Secure world. It leverages the Armv8.4-Secure EL2 extension bringing virtualization technology in the Secure world (S-EL2 exception level). The development derives originally from the Google Hafnium project, which has been recently transitioned to https://www.trustedfirmware.org/ under the BSD 3-Clause license.
* Optional TF-A Mailing List Topic Discussions
If TF-A contributors have anything they wish to present at any future TF-A tech forum please contact me to have that scheduled.
Previous sessions, both recording and presentation material can be found on the trustedfirmware.org TF-A Technical meeting webpage: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/
A scheduling tracking page is also available to help track sessions suggested and being prepared: https://developer.trustedfirmware.org/w/tf_a/tf-a-tech-forum-scheduling/ Final decisions on what will be presented will be shared a few days before the next meeting and shared on the TF-A mailing list.
Thanks
Joanna
Attendees:
Dan Handley (Arm)
Ashutosh Singh (Arm)
Lionel Debieve (ST)
Julius Werner (Google)
Andrej Butok (NXP)
David Brown (Linaro)
Joakim Bech (Linaro)
Roman Baker (Cypress)
Mark Grosen (TI)
Abhishek Pandit (Arm)
Notes:
>Standard HW requirement for TF-M for PSA levels.
LD - Raising the topic based on Eric's email.
AP - As we have limited details possibly better to discuss next time when Eric joins.
May be TF-M tech forum comes up with proposal for TSC to ratify.
>Security Incident process update
AS - Logistics in place. Testing public and private keys. Process document on phabricator, about to open it and redirect website to point to it. Sub teams are ready to switch to new process.
AP - Does TSC come under Trusted stakeholder list?
DH - Member company's security teams may register as Trusted Stakeholders but not the TSC as a whole. As explained in the process, after the secondary embargo period but during the public embargo period, the embargoed information may be shared with others in the Trusted Stakeholders' organization. This would be the appropriate time to notify the TSC.
>Update on GP test suite.
JB - TF.org has purchased the GlobalPlatform test suite as agreed on a board vote earlier this year. Linaro will track enablement of the GP test suite in LOC-67 (https://projects.linaro.org/browse/LOC-67). End goal is to run both xtest and GP test automatically on every single patch sent to the OP-TEE project.
>Website improvement
AP - Offline update from Bill. Cost has been approved by board with a show of hands, and the attached slide contain the details of current status.
>Pending item / Coding standard
AP - TF-M coding conventions and industry standards related discussion.
MG - Coding standard should be influenced by industry standards that we want to target.
We should also discuss compiler support.
AP - Currently gcc, armclang and iar are supported. We need inputs from committee members.
LD - Coding convention, is there desire to have fully aligned conventions across projects?
JB - OPTEE follows Kernel
AP - Depends on the spec that we target but otherwise teams can decide.
AOB?
Hi all
The new TrustedFirmware.org security incident process is now live. This process is described here:
https://developer.trustedfirmware.org/w/collaboration/security_center/repor…
Initially the process will be used for the following projects: TF-A, TF-M, OP-TEE and Mbed TLS. The security documentation for each project will be updated soon to reflect this change.
If you are part of an organization that believes it should receive security vulnerability information before it is made public then please ask your relevant colleagues to register as Trusted Stakeholders as described here:
https://developer.trustedfirmware.org/w/collaboration/security_center/trust…
Note we prefer individuals in each organization to coordinate their registration requests with each other and to provide us with an email alias managed by your organization instead of us managing a long list of individual addresses.
Best regards
Dan.
(on behalf of the TrustedFirmware.org security team)
