Hi all
We have these topics so far for the TSC meeting tomorrow. Please let me know if you have any more.
* Combined OP-TEE and Trusted Services roadmaps (Julianus and Shebu)
* Open CI Update
* Discussion on whether this should be a recurring topic
* Discussion on what board info should be shared with TSC
Regards
Dan.
Hi,
Please find Apr 21 minutes below:
Thanks - Sent on behalf of the TSC co-chairs
Don
Attendees: Kevin Oerton(NXM), David Brown(Linaro), Kangkang
Shen(Futurewei), Julius Werner(Google), Andrej Butok(NXP), Dan
Handley(Arm), Okash(Google)
Minutes:
-
TF-A Roadmap update: Matteo
-
Walked thru roadmap page
-
https://developer.trustedfirmware.org/w/tf_a/roadmap/
-
Don: Can be found from the https://www.trustedfirmware.org/faq/
page as well.
-
Plan to keep this page up-to-date
-
Note the in-development section that shares active engineering
activities.
-
Okash: Heard there was a push to make Hafnium compulsory. Is the EL3
SPMC a stop gap?
-
Matteo: Depends on use cases for TZ enablement. Google not
mandating FF-A to the best of my knowledge. From Arm POV, if
you want to
isolate the normal world from malicious TAs/TEEs, Arm recommends using
Hafnium Secure-EL2 reference.
-
Okash: S-EL2 adds code/architecture complexity. Need an IOMMU that
supports S-EL2. Must look at tradeoffs. If OEMs want other
secure VMs, I
can see the advantage. Would all vendors want this? Is there
an option not
to use this (secure EL2) solution?
-
Matteo: Yes, TF-A doesn’t impose mandatory Hafnium usage. Can
still use other SPM configs. From an upstream POV, there’s a
limit to the
long-term support for all the different configs. We can’t
promise that EL3
SPMC will still be supported upstream in 2-3 years (though it
can still be
used downstream).
-
DanH: If there’s partner demand for long term support of the EL3
SPMC, we’re open to other non-Arm maintainers helping out.
-
Okash: Deprecating EL3 SPMC would send the message that Arm thinks
partners should move to Hafnium (S-EL2). Not deprecating
implies partners
can choose.
-
Matteo: Some components in TF-A aren’t maintained by Arm.
-
Okash: Any discussions on long-term LTS releases?
-
Matteo: Has been discussed in the past, also in a previous tech
forum. This lost traction, but a recent security issue
(Spectre-BHB) has
brought it back. Arm isn’t in a position to maintain it
ourselves. We can
discuss lighter options, like hotfix releases to most recent tagged
release, as recently added to TF-M. Could do similar in TF-A.
Must consider
the cost of various options..
-
Okash: Can look at the phone ecosystem as an example starting
point for what is required. Could provide a rough gauge for
how many years
an LTS needs to be maintained.
-
Dan: The cost of emulating the phone ecosystem would be high, for
example you’d need to backport bug fixes to 3 year old
releases. As Matteo
says, this would be too much for Arm on its own. Partners
would need to
share those costs.
-
Okash: Google is interested but would also need other partners too.
-
Don: There’s a CI cost as well?
-
Dan: Yes
-
Matteo: Could this be a future TSC topic?
-
Dan: May be a good maillist topic so that non-members can chime
in.
-
Okash: I restart the thread on the TF-A mailing list.
-
Matteo: reviewed ongoing/future tasks
-
MISRA tool integration into OpenCI now planned. Arm will remove
reliance on internal instructure.
-
See tech forum recording on DRTM here:
https://www.trustedfirmware.org/meetings/tf-a-technical-forum/
-
KangKang: How often will the roadmap be updated?
-
Matteo: It’s a live doc. Will try to update every quarter, but at
least every 6 months. These roadmap presentations are roughly every 6
months.
-
Dan: TSC survey feedback: Should Open CI tasks be reviewed in TSC or
Board?
-
Matteo: Not much discussed in the Board meeting. Perhaps high level
strategy in Board and ticket/plans reviewed by TSC?
-
Dan: Should Board minutes be shared w/ TSC?
-
Don: Ask the Board?
-
Planned future TSC topics
-
OP-TEE
-
Action: Next session is an OP-TEE review. Don reach out to Rushika
-
Trusted Services: by Shebu
-
Open CI - a potential backlog/roadmap review in this round robin
review
<end>
