Hi All,
The next release of the Firmware-A bundle of projects tagged v2.10 has an expected code freeze date of Nov, 7th 2023.
Refer to the Release Cadence section from TF-A documentation (https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/docs/about…).
Closing out the release takes around 6-10 working days after the code freeze.
Preparations tasks for v2.10 release should start in coming month.
We want to ensure that planned feature patches for the release are submitted in good time for the review process to conclude. As a kind recommendation and a matter of sharing CI resources, please launch CI jobs with care e.g.:
-For simple platform, docs changes, or one liners, use Allow-CI+1 label (no need for a full Allow-CI+2 run).
-For large patch stacks use Allow-CI+2 at top of the patch stack (and if required few individual Allow+CI+1 in the middle of the patch stack).
-Carefully analyze results and fix the change if required, before launching new jobs on the same change.
-If after issuing a Allow-CI+1 or Allow-CI+2 label a Build start notice is not added as a gerrit comment on the patch right away please be patient as under heavy load CI jobs can be queued and in extreme conditions it can be over an hour before the Build start notice is issued. Issuing another Allow-CI+1 or Allow-CI+2 label will just result in an additional job being queued.
Thanks & Regards,
Olivier.
Hi Everyone,
The EAC5 development branch has been merged back to the `main` and tagged (https://github.com/TF-RMM/tf-rmm/releases/tag/rmm-spec-v1.0-eac5) . TF-RMM is now RMM v1.0 EAC5 [1] compliant and all the corresponding Normal world software entities need to be updated to this version of ABI to work with RMM. The Normal world entities would be published later in due course, and we will update the list with relevant information as it becomes available.
The tf-a-tests changes have been merged to master and can be found here : https://git.trustedfirmware.org/TF-A/tf-a-tests.git/commit/?id=3dc2d746aa4b… . For TF-A, the master branch is compatible with EAC5 changes.
If you find any issues, please report them via mailing list, tf-rmm discord channel or github issues.
Best Regards
Soby Mathew
[1] https://developer.arm.com/documentation/den0137/1-0eac5/?lang=en
Hi,
I wonder if there is or there is a plan to develop a dedicated tool that allows a realm developer to calculate Realm Initial Measurements (RIMs) for realms(?)
As you know, the remote attestation mechanism requires a verifier to be provisioned with reference values. In this case, a realm verifier should have access to the initial reference measurement (RIM) of a realm that is intended to be run on a remote Arm CCA platform.
The algorithm that measures the initial state of realms (RIM) is higly sensitive to the content of a realm memory and the order of RMI operations. This means that not only the content of populated realm memory matters but also the implementation of the host components (e.g. kvm, kvmtool/qemu). For example, in the reference implementation of https://gitlab.arm.com/linux-arm/kvmtool-cca, the layout of memory and the content of DTB highly depend on the provided options (DTB is generated in run-time). Unfortunatelly, the content of DTB also depends on the linking order of object files (the order of DTB generation is imposed by __attribute__((constructor)) that is used to register devices). This complicates development of a separate tool for caclulating RIM, as the tool would have to emulate all quirks of the kvmtool.
One of the solution of retrieving Realm Initial Measurements seems to be running the whole firmware/software (e.g. kvmtool/Linux host/TF-RMM) stack on the FVP emulator and gathering the RIM directly from the TF-RMM. This would require a realm developer to have access to the whole firmware/software stack and the emulator of the CCA platform. This might not always be an option.
The other solution would require the implementation of a dedicated tool. For instance, a sensible approach could be to extend the functionality of kvmtool, which can be run on an ordinary Linux machine.
Is Arm going to develop a dedicated tool(-s) for calculating RIMs?
What is the recommended way of retrieving/calculating RIMs for realms?
Kind regards,
Piotr
