Present:
Ilias Apalodimas (Linaro)
Antonio De Angelis (Arm)
Dan Handley (Arm)
Matteo Carlini (Arm)
KangKang Shen (FutureWei)
Frank Audun (Nordic)
LionelD (ST)
Michael Thomas (Renesas)
Julius Werner (Google)
(Ilias speaking unless otherwise stated)
There have been some activities around stability and working with the latest kernel.
Some work to improve secure data path support. How to deal with encrypted buffers in secure world.
Each vendor has its own way of doing this. Want to provide a common way.
Jens picked this up and is working with kernel maintainers to provide the common solution.
It works with both FF-A and direct SMC APIs.
He'll be sending v3 kernel patches next week. This should be merged soon.
fTPM:
Microsoft previously had 2 repos to support OP-TEE TA fTPM; a ref TPM library and an OP-TEE TA.
The latter is no longer available, so Linaro are going to host this alongside the other OP-TEE repos.
OP-TEE secure storage was previously under control of the kernel. It relied on a userspace supplicant to mediate access to RPMB.
That was OK when we needed to access secure storage late in the bootflow.
But there's a problem if you needed this early in the kernel bootflow (before userspace is loaded).
We have moved a big portion of the supplicant code inside the kernel itself.
This works much better than previously.
Lionel: Is it a standalone subsystem that can be used e.g. in UBoot?
Uboot already has direct access to flash.
The problem was early kernel code that needed access before userspace was up
Jens also working on dynamic configuration of OP-TEE for e.g. number of cores, amount of secure memory.
We plan to work on FF-A 1.2. We want this in OP-TEE and Xen.
We think the memory sharing interfaces and other APIs will be useful.
Expect this to land soon.
We're also doing some hardening.
Increasing test coverage, CI improvements , enabling QEMU-sbsa
Secure Partition support:
There's an implicit dependency on thread support, which we're trying to remove
We're thinking about how to launch S-EL0 SPs without an entity in S-EL1 (like Hafnium)
Also support for Logical SPs, which is not supported at the moment
Lionel: Not sure if you're planning to use Device Tree (DT) for the dynamic configuration?
We're trying to base OP-TEE config on DT format
The problem is DT is OP-TEE specific and embedded within the OP-TEE image
Have you thought about adding support for the kernel DT?
Why do we want to pass that to OP-TEE?
Lionel: We already have a number of drivers in OP-TEE. Would be good to be able to discover them.
Lionel: Have already mentioned it to Jens
I haven't discussed this with Jens but it's an interesting idea
Don't think we have a function in OP-TEE to handle DT
Lionel: We have made use of the embedded DT in OP-TEE image but it's not ideal as this is specific to OP-TEE
Could be a security risk.
Lionel: This could use existing support in TF-A
Lionel: Can discuss offline
Suggest using FW handoff protocol, which includes support for DT entries
https://github.com/FirmwareHandoff/firmware_handoff
Would prefer a standard method than every vendor doing their own thing
Dan: Maybe some additional Transfer Entries (TEs) are needed for OP-TEE?
Dan: The preference is to define TEs with specific fields for firmware use rather than generic container formats like DT
Dan: Though using the kernel DT in firmware is fine.
