Hi all,
As documented in the Release Cadence section of the TF-A documentation (https://trustedfirmware-a.readthedocs.io/en/latest/about/release-informatio…) the v2.8 release has an expected code freeze date of 3rd week of November 2022.
That equates to the start of that week Monday 14th November which is one calendar month away from tomorrow when the rc0 tag will be applied. Closing out the release takes around 6-10 working days normally over the last few releases.
We want to ensure that planned feature patches for the release are submitted in good time for the review process to conclude.
Preparations for v2.8 release is already underway.
Thanks
Joanna
Hi,
When a core is in debug recovery mode its caches are not invalidated
upon reset, so the L1 and L2 cache contents from before reset are
observable after reset. Similarly, debug recovery mode of DynamIQ
cluster ensures that contents of the shared L3 cache are also not
invalidated upon transition to On mode.
A common use case of booting cores in debug recovery mode is to boot
with caches disabled and preserve the caches until a point where
software can dump the caches and retrieve their contents. TF-A however
unconditionally cleans and invalidates caches at multiple points
during boot, e.g. in bl31_entrypoint when cleaning bss and .data
sections. This will not only lose the cache content needed for
debugging but will potentially corrupt memory as well, leading to bugs
when booting in recovery mode.
Can we make CMOs in lib/aarch64/cache_helpers.S conditional upon some
platform hook to address above scenario? Happy to work on a patch if
the idea of conditional CMOs makes sense.
Thanks,
Okash
This event has been canceled with a note:
"No topics received so cancelling this week."
TF-A Tech Forum
Thursday Nov 3, 2022 ⋅ 4pm – 5pm
United Kingdom Time
We run an open technical forum call for anyone to participate and it is not
restricted to Trusted Firmware project members. It will operate under the
guidance of the TF TSC. Feel free to forward this invite to
colleagues. Invites are via the TF-A mailing list and also published on the
Trusted Firmware website. Details are
here: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/Tr…
Firmware is inviting you to a scheduled Zoom meeting.Join Zoom
Meetinghttps://zoom.us/j/9159704974Meeting ID: 915 970 4974One tap
mobile+16465588656,,9159704974# US (New York)+16699009128,,9159704974# US
(San Jose)Dial by your location +1 646 558
8656 US (New York) +1 669 900
9128 US (San Jose) 877 853 5247 US
Toll-free 888 788 0099 US Toll-freeMeeting ID:
915 970 4974Find your local
number: https://zoom.us/u/ad27hc6t7h
Guests
marek.bykowski(a)gmail.com
okash.khawaja(a)gmail.com
tf-a(a)lists.trustedfirmware.org
~~//~~
Invitation from Google Calendar: https://calendar.google.com/calendar/
You are receiving this email because you are an attendee on the event. To
stop receiving future updates for this event, decline this event.
Forwarding this invitation could allow any recipient to send a response to
the organizer, be added to the guest list, invite others regardless of
their own invitation status, or modify your RSVP.
Learn more https://support.google.com/calendar/answer/37135#forwarding
Hi Everyone,
We have a TF-A Tech forum scheduled for this Thursday at 4pm GMT. Note the UK clocks moved to GMT from BST last weekend so the meeting may appear an hour different than in previous weeks in your calendar.
At this time I do not have any topics to present. Please do reach out to me if you have any topics you would like to present to the TF-A community.
If I do not find a topic or hear from the community that they have a topic I will cancel end of day this coming Wednesday 2nd November.
Thanks
Joanna
Hello,
Just a quick follow-up on this question of using an HSM (or in general, some form of Key Management Infrastructure) to sign TF-A images.
U-Boot has support for this with its mkimage utility (see https://github.com/u-boot/u-boot/blob/master/doc/uImage.FIT/signature.txt#L…). This appears to a custom engine in OpenSSL (and in this case, the pkcs11 engine). My questions are:
1. Does TF-A’s cert_create tool support using custom OpenSSL engines?
2. If so, is there a procedure for using this?
3. If not, is there a plan to add support for this in the roadmap somewhere?
* Or, in general, is there a plan to add HSM support for TF-A image signing?
Thanks,
Brian
Hello,
After learning the current implementation of plat_get_stack_protector_canary in TF-A, i am curious about why we not make the first byte of canary an NULL byte for better security?
Hello,
I am about to debug RME feature with ARM DS on
FVP_Base_RevC-2xAEMvA_11.19_14 platform. I am using the Trusted Firmware
with RME extension based on this description
https://trustedfirmware-a.readthedocs.io/en/latest/components/realm-managem…
My observation is running plainly the model, everything looks ok, the VFP
can run the SW without any problem. (I can see the consol windows with
normal booting procedure)
In case I would like to set up the ARM debugger in ARM DS, the simulation
immediately stops after start with a popup window: "Unable to connect to
device ARMAEM-a_MP_0 Error opening connection to device 16 Socket is
closed(E_io_error) Socket is closed"
Apparently my Debug settings are good: With the same settings I can
run/debug the complete ARM Reference Solution (Linux, u-boot,
TrustedFirmware) based on this description:
https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-docs…
but if I add additional flags for FVP: (-C cluster0.rme_support_level=2 -C
cluster1.rme_support_level=2) I still can run the model, but cannot debug
so when I activate the RME feature the ARM debugger do the previously
mentioned behavior (stops right after start)
How can I workaround this? What is the most efficient way to debug FVP with
RME support. Any help is welcome here.
Bye,
Adam
Hi Xin,
I my opion, it should base on product lifecyle phase.
In development phase, the SW engineer can use dev ROT keys & certificates. ATF have tools to generate them.
In deployment stage, use KMI to manage keys&certificates are more better.
BRs,Ben
----------回复的邮件信息----------
Xin.Xu--- via TF-A<tf-a(a)lists.trustedfirmware.xn--org> 2022-10-19-jw84b 周三 23:56写道:
product ROT private key is controlled by KMI team.
our plan is
(1) SW build engineer builds tf-a with a temporary development ROT key, save all other generated keys
(2) remove fip image and all certificates built, send build images and generated keys to KMI team
(3) KMI team uses cert_create to re-generate all certificates with product ROTK
(4) KMI team sends all images, certificates, ROTPK hash to SW build engineer
(5) SW build engineer uses fiptool to generate final fip image
my question: is there a better way to deal with this situation? (SW build engineer doesn't have control of ROT key)
Thanks
-Xin
--
TF-A mailing list -- tf-a(a)lists.trustedfirmware.org
To unsubscribe send an email to tf-a-leave(a)lists.trustedfirmware.org