Hello Team:
Audit Logging is a requirement for a number of e2e security schemes including Microsoft Azure. The implementation may need a bit of use case specific or customer steering to get back on track to demonstrating it will fit the bill for e2e usage. I would think carefully about the strategy here because I fully expect that the moment it is deprecated a business need for it to exist will be raised. Please carefully consider how to add support back in quickly if it is deprecated now, though I would personally like to see it retained.
All the best! Reed
From: TF-M tf-m-bounces@lists.trustedfirmware.org on behalf of Andrej Butok via TF-M tf-m@lists.trustedfirmware.org Reply-To: Andrej Butok andrey.butok@nxp.com Date: Wednesday, June 16, 2021 at 5:56 AM To: Ken Liu Ken.Liu@arm.com Cc: "tf-m@lists.trustedfirmware.org" tf-m@lists.trustedfirmware.org Subject: Re: [TF-M] Deprecate 'partitions/audit_logging' and its related tests
Hi Ken
Or any doubts about depreciating it?
It is not used because its implementation is not finished, the current implementation is only for PSA L1 and not supported by IPC. This is not enough for certification. The Log service is optimally required by the PSA Certification. If you going to deprecate it, first delete the requirement from the PSA L2&L3 Certification profiles.
Thanks, Andrej
From: TF-M tf-m-bounces@lists.trustedfirmware.org On Behalf Of Ken Liu via TF-M Sent: Wednesday, June 16, 2021 10:46 AM To: tf-m@lists.trustedfirmware.org Cc: nd nd@arm.com Subject: [TF-M] Deprecate 'partitions/audit_logging' and its related tests
Hi,
The component name under this folder is ‘Audit logging’, and:
* There is no explicit specification or requirements for it, and its functionality is as a simple log collector (and looks no one is using it). * It supported under the library model only. And it is meaningless to move to IPC because of this. * It costs extra maintenance effort in test cases and partition code.
So a plan is to deprecate this folder and its related test cases; will create a new one when the specification or requirements are explicitly defined.
Question here is: Anyone is using this service? Or any doubts about depreciating it?
Will collect the response and broadcast it at 25th Jun.
Thanks.
/Ken