Hi,
If there is enough time, then I would like to discuss OP-TEE release work,
questions like: Who will make the release? When should it be done? Where
should it be tracked? Currently, the answer to all of those are more or
less "Linaro / Linaro decides", but our (Linaro's) impression is that we
should try to get this transferred to TrustedFirmware in some way. Linaro
will certainly be involved in that kind of work in the future also, but we
believe that the directions should come from TrustedFirmware.org instead of
Linaro. This might even be something to consider for all TF projects? I.e.,
not only OP-TEE? But again .. if time permits, otherwise we can push it to
another call.
A second topic is related to CHERI [1] and Hafnium. People working with the
CHERI project asked me whether TrustedFirmware would be interested in an
open-source CHERI adaptation of Hafnium? So I'd like to get the opinion
from the TSC with regards to that. If the TSC is positive to it, then we
have a few other things to consider like where it should go, separate CHERI
branch(es), official tree with compile time flags? How to staff the
activity? Legal aspects? Etc.
[1] http://cheri-cpu.org/
Regards,
Joakim
On Mon, 17 Aug 2020 at 15:55, Bill Fletcher via TSC <
tsc(a)lists.trustedfirmware.org> wrote:
> Hi Dan
>
> I can give an update on the website rework.
>
> Regards
>
> Bill
>
> On Mon, 17 Aug 2020 at 12:47, Dan Handley via TSC <
> tsc(a)lists.trustedfirmware.org> wrote:
>
>> Hi all
>>
>>
>>
>> I'll be chairing the TSC meeting this Thursday. Does anyone have any
>> agenda topics for then?
>>
>>
>>
>> So far I have:
>>
>>
>>
>> * Continuation of Groups.io discussion
>>
>>
>>
>> * Continuation of GitHub/GitLab discussion
>>
>>
>>
>> Regards
>>
>>
>> Dan.
>>
>>
>> --
>> TSC mailing list
>> TSC(a)lists.trustedfirmware.org
>> https://lists.trustedfirmware.org/mailman/listinfo/tsc
>>
>
>
> --
>
> [image: Linaro] <http://www.linaro.org/>
> *Bill Fletcher* | *Field Engineering*
> T: +44 7833 498336 <+44+7833+498336>
> bill.fletcher(a)linaro.org | Skype: billfletcher2020
>
> --
> TSC mailing list
> TSC(a)lists.trustedfirmware.org
> https://lists.trustedfirmware.org/mailman/listinfo/tsc
>
Hi Dan
I can give an update on the website rework.
Regards
Bill
On Mon, 17 Aug 2020 at 12:47, Dan Handley via TSC <
tsc(a)lists.trustedfirmware.org> wrote:
> Hi all
>
>
>
> I'll be chairing the TSC meeting this Thursday. Does anyone have any
> agenda topics for then?
>
>
>
> So far I have:
>
>
>
> * Continuation of Groups.io discussion
>
>
>
> * Continuation of GitHub/GitLab discussion
>
>
>
> Regards
>
>
> Dan.
>
>
> --
> TSC mailing list
> TSC(a)lists.trustedfirmware.org
> https://lists.trustedfirmware.org/mailman/listinfo/tsc
>
--
[image: Linaro] <http://www.linaro.org/>
*Bill Fletcher* | *Field Engineering*
T: +44 7833 498336 <+44+7833+498336>
bill.fletcher(a)linaro.org | Skype: billfletcher2020
Attendees
Abhishek Pandit (Arm)
Ashutosh Singh (Arm)
Kevin Townsend (Linaro)
Julius Werner (Google)
Erik Shreve (TI)
David Brown (Linaro)
Bill Fletcher (Linaro Community Projects)
Andrej Butok (NXP)
NB: there was not a quorum present. No binding decisions were made.
Agenda/Minutes
Migrating to GitLab - proposal
DB: Why GitLab (vs GitHub)
BF: Self hosting and some concerns vs GitHub direction
AP: Need to improve vs current infrastructure
Built-in docs, wiki and issue tracker vs current cgit
GitHub and GitLab
JW: How is the reviewing system on GitLab? Previously used GitHub and it
wasn’t great. Like Gerrit. Would be unfortunate to regress.
DB: Disadvantage vs GitHub - it’s (yet another) a separate system
KT: Same as for Gerrit today
DB: Is the aim for it to be an open source community project or just a
small group (mostly within Arm) just ‘dump it’ on the world?
Andrey: GitHub is a more popular choice for NXP for hosting open source -
SDK etc
Ashutosh: Most engineers like Gerrit. Only places we don’t like current
infrastructure is documentation and issue tracking.
DB: Split implementation is likely to be painful. Depends on what kind of a
community want to build.
AB: Internally NXP is using Jira for tracking but is moving projects to
GitHub
ES: Seems that we are missing requirements - have requirements for a code
review tool, issue tracking tool etc. If we resort to a survey to
developers, Arm view will outweigh everything else. From TI PoV, would not
recommend e.g. BitBucket. Code review is not good.
DB: Can’t make a decision unless we know what are the requirements and the
relative importance.
AP: Can set up a Phabricator page to collect and provide space to review
the requirements (action on Bill)
AOB
BF: Latest website mockup circulated based on previous feedback. Please
take a look. Will keep the window open for a few days for any comments
before we start implementing.
--
[image: Linaro] <http://www.linaro.org/>
*Bill Fletcher* | *Field Engineering*
T: +44 7833 498336 <+44+7833+498336>
bill.fletcher(a)linaro.org | Skype: billfletcher2020
Hi All,
The next TF-A Tech Forum is scheduled for Thu 16th July 2020 16:00 – 17:00 (BST). A reoccurring meeting invite has been sent out to the subscribers of this TF-A mailing list. If you don’t have this please let me know.
Agenda:
* Secure EL2 SPM (Secure Partition Manager) Hafnium-based
* In this TF-A Tech Forum session we present the status and open roadmap for the Secure Partition Manager firmware development. The TF-A SPM is the reference open source implementation for the PSA FF-A (Platform Security Architecture Firmware Framework for A-class) specification in the Secure world. It leverages the Armv8.4-Secure EL2 extension bringing virtualization technology in the Secure world (S-EL2 exception level). The development derives originally from the Google Hafnium project, which has been recently transitioned to https://www.trustedfirmware.org/ under the BSD 3-Clause license.
* Optional TF-A Mailing List Topic Discussions
If TF-A contributors have anything they wish to present at any future TF-A tech forum please contact me to have that scheduled.
Previous sessions, both recording and presentation material can be found on the trustedfirmware.org TF-A Technical meeting webpage: https://www.trustedfirmware.org/meetings/tf-a-technical-forum/
A scheduling tracking page is also available to help track sessions suggested and being prepared: https://developer.trustedfirmware.org/w/tf_a/tf-a-tech-forum-scheduling/ Final decisions on what will be presented will be shared a few days before the next meeting and shared on the TF-A mailing list.
Thanks
Joanna
Attendees:
Dan Handley (Arm)
Ashutosh Singh (Arm)
Lionel Debieve (ST)
Julius Werner (Google)
Andrej Butok (NXP)
David Brown (Linaro)
Joakim Bech (Linaro)
Roman Baker (Cypress)
Mark Grosen (TI)
Abhishek Pandit (Arm)
Notes:
>Standard HW requirement for TF-M for PSA levels.
LD - Raising the topic based on Eric's email.
AP - As we have limited details possibly better to discuss next time when Eric joins.
May be TF-M tech forum comes up with proposal for TSC to ratify.
>Security Incident process update
AS - Logistics in place. Testing public and private keys. Process document on phabricator, about to open it and redirect website to point to it. Sub teams are ready to switch to new process.
AP - Does TSC come under Trusted stakeholder list?
DH - Member company's security teams may register as Trusted Stakeholders but not the TSC as a whole. As explained in the process, after the secondary embargo period but during the public embargo period, the embargoed information may be shared with others in the Trusted Stakeholders' organization. This would be the appropriate time to notify the TSC.
>Update on GP test suite.
JB - TF.org has purchased the GlobalPlatform test suite as agreed on a board vote earlier this year. Linaro will track enablement of the GP test suite in LOC-67 (https://projects.linaro.org/browse/LOC-67). End goal is to run both xtest and GP test automatically on every single patch sent to the OP-TEE project.
>Website improvement
AP - Offline update from Bill. Cost has been approved by board with a show of hands, and the attached slide contain the details of current status.
>Pending item / Coding standard
AP - TF-M coding conventions and industry standards related discussion.
MG - Coding standard should be influenced by industry standards that we want to target.
We should also discuss compiler support.
AP - Currently gcc, armclang and iar are supported. We need inputs from committee members.
LD - Coding convention, is there desire to have fully aligned conventions across projects?
JB - OPTEE follows Kernel
AP - Depends on the spec that we target but otherwise teams can decide.
AOB?
Hi all
The new TrustedFirmware.org security incident process is now live. This process is described here:
https://developer.trustedfirmware.org/w/collaboration/security_center/repor…
Initially the process will be used for the following projects: TF-A, TF-M, OP-TEE and Mbed TLS. The security documentation for each project will be updated soon to reflect this change.
If you are part of an organization that believes it should receive security vulnerability information before it is made public then please ask your relevant colleagues to register as Trusted Stakeholders as described here:
https://developer.trustedfirmware.org/w/collaboration/security_center/trust…
Note we prefer individuals in each organization to coordinate their registration requests with each other and to provide us with an email alias managed by your organization instead of us managing a long list of individual addresses.
Best regards
Dan.
(on behalf of the TrustedFirmware.org security team)
Hi Abhishek,
I would like to propose to discuss in the TSC the topic raised by ST during a TF-M open forum session and that I bring also in the TSC via the mailing list (see thread attached)
Unfortunately, I have a conflict between the TF TSC meeting tomorrow and another meeting that I cannot escape. Lionel will participate and represent ST also for TF-M topic.
Regards,
Eric Finco
[Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: logo_big5]
Eric FINCO | Tel: +33 (0)2 4402 7154
MDG | Technical Specialist
From: TSC <tsc-bounces(a)lists.trustedfirmware.org> On Behalf Of Abhishek Pandit via TSC
Sent: mardi 16 juin 2020 15:28
To: tsc(a)lists.trustedfirmware.org
Subject: [TF-TSC] TSC Agenda 18 Jun 2020
Hi All,
Any agenda items for the TSC meeting this week?
Thanks,
Abhishek
