- TSC - lists.trustedfirmware.org

Fwd: New Blog posts / website updates FYI

by Don Harbin

Dear TSC, I sent the summary below to the board yesterday and Dan suggested it would be good to share with the TSC as well. Let me know if you have any questions. :) Best regards, Don ---------- Forwarded message --------- From: Don Harbin <don.harbin(a)linaro.org> Date: Wed, 2 Dec 2020 at 16:18 Subject: New Blog posts / website updates FYI To: <board(a)lists.trustedfirmware.org> Hi all, I wanted to make sure you all were aware of some new content on the website and the Phabricator (wiki). Below are the items of note: - TF-M 1.2 release blog here: - https://www.trustedfirmware.org/blog/tfm-v1-2-blog/ - TF-A 2.4 release w/ Secure ELS here: - https://www.trustedfirmware.org/blog/TF-A-and-Hafnium-v2.4-release/ - You will see the updated TF Member list on the website now including our newest two members (NXM and OMP - Welcome!). - https://www.trustedfirmware.org/ - I've had our public meeting calendar integrated into the top of the meetings page. - This calendar will improve over time as we get all TF projects public meetings integrated in. It will also provide a quick way to get up-to-date dial in info for the meetings (some members have had issues getting the invites into their corporate email accounts) - https://www.trustedfirmware.org/meetings/ - Finally, per the last Board meeting, I had an action to provide Board access to the new Community Development project on Phabricator that has been proposed. It took me a bit of time to get the content to a place where it was ready to share; I think it's much closer now. Please take a look - Community Development Project Home: https://developer.trustedfirmware.org/project/profile/24/ - Tasks currently tracking: https://developer.trustedfirmware.org/maniphest/ - Wiki home page for this with content relevant to submitting and/or getting involved in TF ecosystem tasks: https://developer.trustedfirmware.org/w/collaboration/community_development/ NOTE: There were ~5 or so individuals subscribed to the TF Board maillist that I couldn't map emails to github accounts needed to provide access. So if you have problems accessing the above, just drop me a note with your github credentials that you use to log into the phabricator/wiki and I can add you. Note also that I gave access to the members of the TSC as requested by Dan H (again, only for those that I could find github credentials in phabricator). Please feel free to send me a note with any questions. We also have the board meeting Dec 9th, so we can have related discussions at that time as well (if time allows) Best regards, Don

5 years, 2 months

1
0
0 0

Trusted Firmware TSC 19 Nov - Minutes

by Abhishek Pandit

Attendees: Joakim Bech (Linaro) Dan Handley (Arm) Eric Finco (ST) Abhishek Pandit (Arm) David Brown (Linaro) Ashutosh Singh (Arm) Kevin Townsend (Linaro) Andrej Butok (NXP) Dave Cocca (Renesas) KangKang Shen (FutureWei) Julius Werner(Google) Lionel Debieve (ST) ACTION: AP to propose specific website updates to TSC that incorporates inclusive language text. ACTION: All to review Joakim's security incident flow diagrams ACTION: Dan to ask Don about opening up community project items in Phabricator Minutes: AP: Light agenda today. Just an update on previous approvals. AP: Trusted Services project is approved by TSC. There are some pending Arm internal approvals that have nearly completed. Expect to push first patches in the coming week. AP: Inclusive language proposal is approved by TSC. AP: Propose to have code of conduct page on website. Could be based on another org's policy. Zephyr looks a good candidate. AP: Also want to provide a short info about the organization structure on the main website AP: Inclusive language draft can then be incorporated into those pages. ACTION: AP to propose specific website updates to TSC that incorporates inclusive language text. AP: Expectation then will be that project leads will add the text to their own project specific documentation (e.g. coding guidelines). AP: AOB? KKS: Was looking for public meeting link for tech forums. Couldn't find them. AP: We can move the links somewhere more obvious if you want? KKS: Actually the link in "News & Blogs" is good enough. Just need to get used to the new site. https://www.trustedfirmware.org/meetings/ JB: We purchased GP test suite a while ago. Since about 3 weeks ago this is now integrated into OP-TEE CI system. https://optee.readthedocs.io/en/latest/building/gits/optee_test.html#extend… JB: Have been trying to supplement security incident process with diagrams. Have had early feedback from some (e.g. DH). Now would like to share with TSC for feedback. https://people.linaro.org/~joakim.bech/tf/ JB: Think this is necessary as the text is quite complex. https://developer.trustedfirmware.org/w/collaboration/security_center/repor… DH: Agree. Really useful to show default flow in 1st diagram. Text is complicated due to lots of potential caveats. Each project could show their own specific flow if needed. DH: Diagrams 2-3 are more linked to the process for security team members so could be added there https://developer.trustedfirmware.org/w/collaboration/security_center/setup… AP: Could also write a blog that uses these diagrams and explains the caveats in more detail. DH/JB: Might need to look at colour scheme before integrating to website ACTION: All to review Joakim's security incident flow diagrams AP: 2 other in-progress items: Migration to groups.io and prototyping GitHub/Gerrit integration. Was hoping for update from Don on that. DH: This and other board/TSC items are captured in Phabricator but visibility is limited at present. We should get those opened up, at least for all board/TSC members ACTION: Dan to ask Don about opening up community project items in Phabricator

5 years, 2 months

1
0
0 0

TSC Agenda 19 Nov 2020

by Abhishek Pandit

Hi All, Any agenda items for this week's meeting? Following are on my list currently * Inclusive Language guidelines * Trusted Services project Thanks Abhishek

5 years, 2 months

1
0
0 0

Oct 15 TrustedFirmware TSC Meeting Minutes

by Don Harbin

Hi all, Please find the mInutes from the October 15 TrusteFirmware TSC below. Best regards, Don Harbin TrustedFirmware Community Manager don.harbin(a)linaro.org Trusted Firmware TSC 15 October - MinutesAttendees *Abhishek (Arm)Julian Hall (Arm)Gyorgi Szing (Arm)Dan Handley (Arm)KangKang (FutureWei)Julius Werner (Google)Joakim Bech (Linaro)David Brown (Linaro)Don Harbin (Linaro)Andrew Butok (NXP)Dave Cocca (Renesas)Michael Thomas(Renesas)*Actions: *Abhishek: Send inclusive language email for voteAbhishek: Check to see if can share Trusted Service Project use casesAbhishek: Gather vote on Trusted Services Project request through emailDanH: Talk to Matteo / Shebu about requirements for continued support of s/w stacks on new h/w (in particular the 8.4 and beyond). Develop a migration plan.*Minutes: Trusted Services Project request - TSC needs to approve. No budgetary impacts - JH: Shared overview slides of Trusted Services Project - JH: Ready to re-publish the work. A build system is in place. Tests in place. - Need a public repo - Need tf.org front page update - Need Mail list - CI is a TBD - DanH: Plan to go to public CI from the start? - Gyorgy - an internal CI first would be easier. - DanH: Need to be aware of what upstream CI will require ahead of time - DC: How are CI requirements related to other ongoing projects - Gyorgy - currently no implementation, would need to do that and implement - DC: What about ongoing CI? - DanH: Should eventually migrate to TF CI - AB: Why not develop as part of TF-A Project? - Abhishek: Ideally would migrate TF-A services into this at some point. - JH: A stand-alone w/ dependencies makes sense - DanH: Within Arm, want to integrate the components in multiple configurations. - Abhishek: Would help if clarify TF-A vs TF-M. - JB: Do we have use cases defined on how these will be used - JH: For crypto services, yes. Device Identity, Audit Logs, building blocks to secure an IoT device are some examples. - JB: People ready to start using? - JH: Yes in the edge space - JB: Understanding the use cases on problem solving would be helpful - JH: Focus has been on Cortex A use cases - Abhishek: Will work to close this vote soon. Inclusive Language - Abhishek: Looks like sufficient support. - No budget required, so no formal vote required. Want a vote? - DC: Vote here is ok. - Don: Destination of wording? - JW: Propose into coding style guides - Abhishek: Could also be a developer wiki page. - I.e. Duplicate in each coding guidelines plus a common section on the wiki. - Maintainers would be asked to add these to the Projects Coding Guidelines. - DanH: Proposing having it in one place and pointing to it. - Abhishek: Formalize the decision. Then can decide how to deploy. - Don: Where is exact wording? - Abhishek: Propose an email vote and the email will include the exact wording in the email. Also that the maintainer for each project is responsible to integrate into their coding guidelines Arm V8 → 8.4 transition - JB: Member Companies have expressed concerns about Arm V8 and changes required to 84.. What should we tell people? - DanH: Don’t have to change S/W on 8.4. - Abhishek: How does Hafnium leverage it? - JB: Don’t want to forget this when making changes. All changes may not be backward compatible. - DanH: Take back to Matteo / Shebu a discussion about a migration plan - JB: Impacts to OP TEE components important to this. <end>

5 years, 3 months

1
0
0 0

Re: [TF-TSC] TSC Agenda 15 Oct 2020

by Andrej Butok

Hello, FYI: NXP has just started Inclusive Language Project to review sensitive terms and update terminology in alignment with industry changes: "After researching industry best practices, we've decided to replace the following words and to discontinue using them in documents. * Master/Slave -> replace with Leader/Follower, Primary/Replica or Primary/Standby * Blacklist/Whitelist -> replace with Denylist/Allowlist Additionally, * we will discontinue using other terms that are gender-related or discriminating in future materials, including technical, marketing and quality documents. * we are also updating our NXP Style Guide accordingly." So, according this new declaration, NXP supports the proposed TF Inclusive Language guideline. Best regards, Andrej Butok From: TSC <tsc-bounces(a)lists.trustedfirmware.org<mailto:tsc-bounces@lists.trustedfirmware.org>> On Behalf Of Abhishek Pandit via TSC Sent: mardi 13 octobre 2020 15:32 To: tsc(a)lists.trustedfirmware.org<mailto:tsc@lists.trustedfirmware.org> Subject: [TF-TSC] TSC Agenda 15 Oct 2020 Hi All, Any agenda items for this week's meeting? We have two existing topics which need to be decided by vote. Please do not reply to this email with your vote, there will be a separate email to the voting members. 1. Inclusive language guideline. This is based on the discussion in the previous TSC meeting and the follow up proposal from Julius. 2. Trusted services project creation. Arm team has been developing reference trusted services running in Secure EL0 that we plan to upstream in TF.org. This would form a new project to provide trusted services running on A profile devices. The topic has already been discussed in board and Arm engineering team will provide further details in the TSC meeting. Thanks Abhishek

5 years, 3 months

1
0
0 0

Re: [TF-TSC] TSC Agenda 15 Oct 2020

by Eric FINCO

Hi Abhishek, all I just answered to Julius's email concerning inclusive language No additional topics from my side I will be most likely not able to join this TSC meeting. Regards, Eric Finco [Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: logo_big5] Eric FINCO | Tel: +33 (0)2 4402 7154 MDG | Technical Specialist From: TSC <tsc-bounces(a)lists.trustedfirmware.org> On Behalf Of Abhishek Pandit via TSC Sent: mardi 13 octobre 2020 15:32 To: tsc(a)lists.trustedfirmware.org Subject: [TF-TSC] TSC Agenda 15 Oct 2020 Hi All, Any agenda items for this week's meeting? We have two existing topics which need to be decided by vote. Please do not reply to this email with your vote, there will be a separate email to the voting members. 1. Inclusive language guideline. This is based on the discussion in the previous TSC meeting and the follow up proposal from Julius. 2. Trusted services project creation. Arm team has been developing reference trusted services running in Secure EL0 that we plan to upstream in TF.org. This would form a new project to provide trusted services running on A profile devices. The topic has already been discussed in board and Arm engineering team will provide further details in the TSC meeting. Thanks Abhishek

5 years, 3 months

1
0
0 0

TSC Agenda 15 Oct 2020

by Abhishek Pandit

Hi All, Any agenda items for this week's meeting? We have two existing topics which need to be decided by vote. Please do not reply to this email with your vote, there will be a separate email to the voting members. 1. Inclusive language guideline. This is based on the discussion in the previous TSC meeting and the follow up proposal from Julius. 2. Trusted services project creation. Arm team has been developing reference trusted services running in Secure EL0 that we plan to upstream in TF.org. This would form a new project to provide trusted services running on A profile devices. The topic has already been discussed in board and Arm engineering team will provide further details in the TSC meeting. Thanks Abhishek

5 years, 3 months

1
0
0 0

Trusted Firmware TSC 17th September - Minutes

by Bill Fletcher

Attendees Dan Handley (Arm) Eric Finco (ST) Kangkang (Futurewei) Julius Werner (Google) Joakim Bech (Linaro) Kevin Townsend (Linaro) Praneeth Bajjuri (TI) David Brown (Linaro) Bill Fletcher (Linaro Community Projects) Don Harbin (Linaro Community Projects) Andrej Butok (NXP) Dave Cocca (Renesas) Minutes Inclusivity language JW: Proposing to follow lead of other open source projects in removing some terms seen as non inclusive. Same as Linux did recently. May have to make exception for some dependencies DB: Wait for documentation of a device to do it, or proceed with it and risk coming up with different terms. Seems suggesting to wait for upstream to come up with it. A lot of older protocols may not get changed. JW: Lowest common denominator to not update before internal dependencies. DB: If the community agrees on a consensus on new terminology worth moving to it. AP: No issue to declare intent on e.g. wiki page. AB: Some specifications are fixed and can’t change. Seems America centric. In NXP there are no emails on this. DanH: Can set a baseline for new work. Retrospective action can be more problematic in terms of specs but local documentation is easier. E.g. branch names possible - but has impact. AP: If some devices have named hardware registers changing it could be problematic vs pure software. Also it’s a personal thing. DanH: Have to consider company interest and also TF.org JW: Don’t think this is going to go away. Look at the volume of projects working on this. Believe we might as well get started now. EF: Agree should be a difference between internal company and tf.org. Similar situation in ST to NXP. No pressure from stakeholders. AP: Believe we look to cover the spirit of this and then look at the practicalities JW: Internal terminology vs from outside. Don’t believe we should set deadlines. Decide if want it for future submissions DC: Makes sense going forward to implement the intention for anything new and also to participate in arriving at some common new terminology in the industry. KS: Think this a political topic. If TF has a proposal then each members can take it back to their company. DC: I think we can accommodate better terminology moving forward. AP: Propose to stop the agenda here and it will be on the agenda for the next meeting. DanH: Changes to coding guidelines will need to be in several places AP: Wondering if have something similar to maintenance guideline on the wiki KK: Many of the alternatives will translate back to the same words in Chinese. Will take a proposal back to the company. AP: Note TSC mailing list is a public archive Project Release Strategy JB: How to make TF the source of information for projects (releases, roadmap etc)? Groups.io DanH: Expenditure approved in the Board AP: Have information from e.g. Zephyr project that they moved their archive to groups.io Standard Hardware requirements EF: Didn’t have the bandwidth to prepare something on this. Can close it for now Gitlab/Github DanH: Raised Linaro Lab ticket for prototyping. Appears easy. AP: Final decision based on a prototype? DanH: Goal to provide more community friendly front end - simple pull request mechanism. Everything would have a GitHub FE but Gerrit would be the ‘truth’ with respect to reviews. Also gives integrated issue tracker. AP: Current infrastructure seems ‘clunky’ to some people DanH: Need to get a suitable GH organization account. Website Improvements BF: Have had several rounds of review from Shebu/Matteo. OK with the current design. Want to synchronise the transition next week aligned with Connect presentation. BF: After it’s live, will be open for changes from members BF: Preview is available for review now. https://production-trustedfirmware-org-265.websitepreview.linaro.org/ Supporting X.519 AP: Proposal sent by Kevin at the start of the year. DB: Also involvement with SDO work AP: Generated a clear requirement on TF-M -- [image: Linaro] <http://www.linaro.org/> *Bill Fletcher* | *Field Engineering* T: +44 7833 498336 <+44+7833+498336> bill.fletcher(a)linaro.org | Skype: billfletcher2020

5 years, 4 months

1
0
0 0

Linaro Connect Sessions of Interest

by Don Harbin

Hi All, As Linaro Connect starts tomorrow, here are some pointers to sessions that will be of interest related to trustedfirmware.org. - *PSA Secure Partitions in OP-TEE* - Tuesday, September 22nd (1:25-1:50pm UTC) - Speaker: Miklos Balint - Slides available here <https://static.sched.com/hosted_files/lvc20/9a/LVC20-112_PSA_Secure_Partiti…> - *Trusted Firmware Project update* - Tuesday, Sept. 22nd (2:00-2:25pm UTC) - Spreaders: Matteo Carlini, Shebu Kuriakose - Slides available here <https://static.sched.com/hosted_files/lvc20/1e/LVC20-113-Trusted-Firmware-p…> - *Scalable Security Using Trusted Firmware-M Profiles* - Wednesday September 23rd (11.45am – 12.10pm UTC) - Speakers: Shebu Kuiakose, David Want - Slides available here <https://static.sched.com/hosted_files/lvc20/d0/ScalableSecurityUsingTrusted…> - *Enable UEFI Secure Boot using OP-TEE as Secure Partition* - Thursday September 24th (3.45-4.10pm UTC) - Speakers: Sahil Malhotra, Ilias Apalodimas - *Secure Partition Manager (SEL2 firmware) for Arm A-class devices* - Thursday September 24th (4.15-4.40pm UTC) - Speaker: Olivier Deprez - Slides are available here <https://static.sched.com/hosted_files/lvc20/09/LVC20-305-secure-partition-m…> Some general pointers to sessions of potential interest: - Security related topics can be viewed here - Boot architecture topics can be viewed here As a reminder, sign up for tomorrow's event is at Linaro Connect Registration <https://connect.linaro.org/> and is free, so feel free to forward this information on. :) The overall schedule is available at the same link as registration in case you may be interested in other sessions. Best regards, Don

5 years, 4 months

1
0
0 0

Re: [TF-TSC] Avoiding noninclusive language in Trusted Firmware code

by Julius Werner

Hi Andrej, > Hope it's a joke. > Are you going to create a list with "forbidden" worlds? No, this is not a joke. This is a development that is happening all over the industry, for example in Python (https://bugs.python.org/issue34605) or Git (https://sfconservancy.org/news/2020/jun/23/gitbranchname/) or MySQL (https://mysqlhighavailability.com/mysql-terminology-updates/). You can find a summary of the reasons in this IETF Memo (https://tools.ietf.org/html/rfc7704), and there's also some additional discussion and insight in the original patch submission that added this to Linux (https://lkml.org/lkml/2020/7/4/229). I know this is a pretty US-centric topic, and those words don't have the same strongly charged connotations for everyone around the world as they do for people who have been directly affected by the US' unique history of slavery and ongoing racial injustice. But Trusted Firmware is an international project with a substantial amount of contributors from the US. So even though this issue may not affect everyone, it may affect some of our contributors (and especially also potential contributors) strongly enough that I think we owe it to them to at least discuss options for improving the situation. We should strive to be an inclusive and welcoming open-source project for everyone. > Just opened our chip User Manual: > "master"- 1057 instances > "slave" - 1011 instances > We need to initialize "slave(s)" or "master(s)", so we have to use these words in our and Trusted Firmware code. Yes, like I mentioned, I am well aware that there are practical concerns with this. A lot of Trusted Firmware code is about accessing hardware, and the terminology of that hardware was usually set in stone when it was designed. In some cases these terms are even tied to a common hardware standard, like for SPI or I2C busses. In those cases the standard needs to change first before the hardware can change (and there are attempts to do that for example for SPI: https://www.oshwa.org/a-resolution-to-redefine-spi-signal-names), and it will take years before those changes actually result in new hardware avoiding these terms. I am not saying that we should stop calling hardware registers by the name that's written in the manual in the meantime -- we should absolutely make exceptions where necessary to keep things practical. I am just proposing that we slowly get started on this issue, put it in the style guide, clearly list the remaining necessary exceptions, and maybe start looking for low-hanging fruit where existing code uses these terms in cases that are not tied to hardware or other external dependencies and could be changed easily. The Linux rules codified this as "Exceptions for introducing new usage is to maintain a userspace ABI/API or when updating code for an existing (as of 2020) hardware or protocol specification that mandates those terms." -- I think we could aim for a similar guideline (minus the userspace ABI part which doesn't really apply to us). We should probably also consider exceptions for future hardware for a couple of years since these things take a long time to change. The hope is that over time companies will on their own start avoiding this terminology in hardware designs, with Linux leading the way as a forcing function that we can basically just follow (since it requires drivers for most of the stuff we access too, at least for TF-A).

5 years, 4 months

1
0
0 0

2026

2025

2024

2023

2022

2021

2020

2019

TSC