Present:
Dan Handley (Arm)
Antonio De Angelis (Arm)
Akanksha Jain (Arm)
Joanna Farley (Arm)
Olivier Deprez (Arm)
Matteo Carlini (Arm)
Eric Finco (ST)
Lionel Debieve (ST)
Moritz Fischer (Google)
Joakim Andersson (Nordic)
Dominik Ermel (Nordic)
David Brown (Linaro)
Ruchika Gupta (NXP)
Dan: This is the first time Akanksha joins this call
Dan: She a tech manager in Arm taking over from Matteo looking after roadmaps for Trusted Services and TF-A
Dan: No other topics but there will be some AOB later
Akanksha: Introduction (TF-A, Trusted Services and other A-class firmware are bundled now)
Akanksha: Description of deltas since last roadmap presentation that was a few quarters ago
Akanksha: TF v2.9 highlight: TF.org OpenCI, several improvements around Realms, Mbed TLS upgrades, additional platforms, EL3 arch feature enablement, CCA support to BET0 alignment
Akanksha: CCA upstream alignment describes the next steps for the RMM component mainly and Kernel and EDK II components
Dan: The CCA roadmap is a bit out of date. A few items in H1 are still ongoing in H2. Hope soon we can expand on what we're doing in 2024.
Dan: We should get RMM spec EAC5 aligned components into TF-A v2.10 release (backup plan is EAC2 components).
Akanksha: Recent Linaro presentations as additional resources on these topics are available in the slide deck
Akanksha: Trusted Services + OPTEE roadmap is shown as well
Eric: What's behind the requirement for Yocto support (TS roadmap)? Why are there 2 slots for that in roadmap?
Akanksha: Has been deprioritized in favour of platform support. It's going to happen but at a slower pace.
Akanksha: Not sure why it appears twice. We'll take that offline and respond later.
Akanksha: Getting ready for next releases (both normal and LTS) in 2024
Akanksha: Recap on LTS timelines -> requires strong partner support to make sure the branches get the proper support
Matteo: On the LTS side, this was mentioned at board meeting this week.
Matteo: Board says LTS OpenCI work to be in top 3 priority items
Matteo: But maintainers need to be prompt in opening these tickets
Matteo: Board asking for effort estimation on current LTS. Will report to TSC too.
Matteo: Can take figure for Arm make prediction of other companies' effort
Dan: I will ask Ilias (or someone in Linaro) for update on TS integration (e.g. FWU support) next month along with OP-TEE roadmap
Dan: Mbed TLS licensing was mentioned in redacted board slides
Dan: Plan is to re-introduce dual licensing (Apache-2.0 AND GPL-2.0-or-later)
Dan: Fortunately, can do this as we never changed the inbound license
Dan: Plan previously was to drop GPL support but this is needed for U-Boot to integrate Mbed TLS
Dan: Have now given all interested parties an opportunity to comment
Dan: Just awaiting final Arm legal approval then we'll do this
Dan: Migration of Phabricator is ongoing;
Dan: Now GitHub mirrors of all projects are available, can take advantage of tools there (e.g. issue tracking).
Dan: For consistency we want to use readthedocs for wiki content
Dan: Once done we can remove Phabricator
Hi All,
Please find redacted Board Slides from yesterday's meeting for reference.
Best regards,
Don Harbin
TrustedFirmware Community Manager
don.harbin(a)linaro.org
Attendees:
Dan Handley (Arm)
Antonio De Angelis (Arm)
Shebu Varghese Kuriakose (Arm)
Moritz Fisher (Google)
Julius Werner (Google)
Joakim Andersson (Nordic)
KangKang Shen (FutureWei)
Andrej Butok (NXP)
Ruchika Gupta (NXP)
(Linaro not available due to internal offsite meeting)
* Dan: No roadmap updates this month due to unavailability of Linaro and Arm technology manager
* Dan: Expecting combined TF-A + Trusted Services roadmap next month. OP-TEE roadmap is also due.
* Dan: Don wanted to raise again the risk of Phabricator being deprecated (that we use for wiki content)
* Dan: It's not getting security updates and we have had issues with rogue accounts being created
* Dan: Now the task to create GitHub mirrors for all projects (https://linaro.atlassian.net/browse/TFC-247) is mostly complete, we can progress with migrating wiki content there
* Dan: Propose that we ping maintainers to start migrating project information. Can also directly migrate generic content (e.g. community pages).
(No objections)
Action: Dan and Antonio to ping maintainers to start migrating project information. Also directly migrate generic content (e.g. community pages).
Shebu presented attached slides on TF-M LTS proposal.
* AndreJ: TF-M has a dependency on MCUBoot and MBedTLS. Will they have the same LTS policy?
* Shebu: Yes, Mbed TLS has similar LTS schedule that is proposed for TF-M (2 concurrent LTS, each with 3-year lifetime). Slide 6 shows integration plan.
* We thought about doing this for MCUBoot too but as it is a small project, we think we can live with backporting security fixes as required. No plans currently.
* Dan: So, no releases from main branch? Why not?
* Shebu: Such releases wouldn't be usable for PSA certification.
* Shebu: This would save effort, which could be used for LTS maintenance instead
* Shebu: One possible use-case is for RSS releases.
* Shebu: One consequence is that users would have to wait for the next LTS to get latest features in a release (up to 18 months)
* Shebu: Expect that we'll need to backport new platform ports to LTS branches
* Shebu: Platforms can't wait until next LTS release.
* Ruchika: I also think main branch releases would be good as not everyone will be consuming LTS. 18 month wait could be too long.
* Ruchika: Would help platforms that don't need certification but do need new features.
* Shebu: We would need to work out how we could resource main branch releases. Probably wouldn't have the same level of support as LTS releases.
* Shebu: We'll need help from TF-M users using PSA Certified to resource the LTS releases
* Shebu: Going to present this in TF-M Tech forum.
* Shebu: Have already mentioned it to the TF.org board.
* Shebu: This is only tentative until we get approval from certification lab
* Shebu: Need to know from members if this will break their distribution model somehow
* Dan: So the plan is to get feedback from the lab and members, then go to the TF-M tech forum?
* Shebu: Yes.
