Hi All,
As I was doing some updates, I realized that the TF TSC maillists were out
of date. We also haven't been sending minutes to the list for archival
purposes. To that end, please see below:
- There are 2 maillists for the TSC.
- *tsc-private*: For the official TSC reps
- *tsc*: Includes the folks in *tsc-private* plus additional
developers interested in tracking the TSC activities.
- We've been sending TSC minutes to individuals in the TSC calendar
invite. I plan to change this so that the minutes are sent to TSC list to
be correctly archived.
- I've just updated both lists to represent what I believe is
correct. If you see anyone I've missed or other errors, please send me a
note and I'll correct. If a communication is for TSC Member Reps only,
please use TSC-private.
- Moving forward, we will send TSC Meeting minutes to the TSC maillist
to include the wider distribution..
- I plan to keep the invite to the meeting as-is with invites going out
to individuals.
Please review the snapshots of each list below and let me know if I've
missed anyone on your teams.
Thanks for your support/feedback in cleaning up,
Don
[image: TSC-private.png]
[image: TSC maillist.png]
Hi all
Please let me know if you have any topics for the TSC on Thursday. I won't be present at the meeting so Antonio will chair. I have the following topics so far:
* LTS discussion (see mailing list thread<https://lists.trustedfirmware.org/archives/list/tsc@lists.trustedfirmware.o…>) - Okash
* Hosting the firmware hand-off spec at tf.org (see TF-A mailing list thread<https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.…>). If no-one is comfortable leading this, I can do it next month.
Given it's holiday/vacation season, It would be helpful if you can let Don/Antonio know if you will be attending.
Regards
Dan.
Hi all,
Next TSC meeting is scheduled for Thursday 2022-07-21 9 AM PST. The only (tentative) item we have so far in agenda is:
1. Introduction to PSA FW handoff spec on TF.org (15 minutes)
This is the same discussion which happened in the last board meeting, and we could replicate it for TSC in case there are any TSC attendees who missed the board meeting.
To avoid replicating the presentation un-necessarily though, I would kindly ask you to confirm if you are interested in having this item discussed on the next TSC by replying to this email or directly to me in private by Wednesday 20th .
If I don't receive any reply for this (or for any other business you might want to discuss), I will cancel the upcoming TSC meeting.
Thanks,
Antonio
Hi All,
FYI, the Call For Participation(CFP) deadline for this year's OSFC in
Sweden is very near. If you or others on your team are interested,
the proposal
submission page is here <https://talks.osfc.io/osfc2022/cfp>.
The in-person conference is scheduled for mid-September.
Best regards,
Don Harbin
TrustedFirmware Community Manager
don.harbin(a)linaro.org
Hi All,
The CFP deadline for Arm Dev summit is in a couple days- Thursday 23 June.
I realize this is last minute, but still wanted to make sure you were all
aware in case you had a topic to present.
Here is the link to submit
<https://devsummit.arm.com/flow/arm/devsummit22/cfpinfo/page/details>,
Best regards,
Don
Attendees:
Glen Valante (Linaro)
Antonio de Angelis (Arm)
Matteo Carlini (Arm)
Kangkang Shen (FutureWei)
Andrej Butok (NXP)
Dan Handley (Arm)
Julius Werner (Google)
Bill Peckham (Google)
Kevin Oerton (NXM LABS)
Brandon Hussey (Renesas)
Eric Finco (STMicroelectronics)
Meeting start, Dan introduces.
- [Matteo] First we'll talk about CCA - same presentation already given to the board.
- Don't share roadmap slides normally, but we are not going to talk about anything confidential information anyway. We'll cover where we are and where we're going with the CCA architecture.
- Realm Management Extension (RME) in v9 - realm world is distrustful wrt NS and S, EL3 becomes the Root World. This is the Arm way of doing confidential compute, a well-known practice in the industry.
- Changes relating to RMI interfaces already happening in TF-A latest release. There will be changes in Linux kernel, in EDKII as the reference implementation of UEFI; focus on infrastructure systems first.
- TF-RMM will be our implementation of Realm Management Monitor software component: it will be a new project part of the TF.org family; already introduced to the board
- Outside of the application processor: RSS (runtime security subsystem) firmware will be upstreamed to TF-M project
- RSS is the HW root of trust that implements the HES (Hardware Enforced Security) requirements of the Arm CCA Security Model.
- RSS is going to appear on mobile client platform first (it will be enabled on its own without the rest of HES/CCA)
- [Kangkang]: We looked at CCA, 100% full implementation might be taking a long time. Stages and status of different software components?
- [Matteo] I will describe the various components and how we will start to demonstrate some of the components on a fast model platform soon.
- RME EL3 implementation first appeared in TF-Av2.6
- Specification will be public and published around end of June on developer.arm.com - if delay, beginning July
- [Dan]: This means the RMM spec for SW (the architecture specs are already out)
- [Matteo] All components and interfaces must be aligned towards the same interface version - currently non-public alpha, so that when beta goes public realigned work is needed
- (4-5 upstream components aligned against the public beta released spec)
- The timeline is roughly H2 2022 (CY22Q4 for upstreaming to start) kernel/kvm, edk2, rmm in tf-org]
- Quality level still not finalised (0.1, or better)
- Hafnium/TF-A EL3/TF-RMM will need to be aligned to be able to communicate
- Spec will be EAC end 22 beginning 23 - will need to realign components against EAC then
- In H2 2023 advanced 1.x features of the spec will start to be implemented
- [Kangkang]: Remember our experience in TrustZone, implementing Secure World (EL3), Trusted OS and secure applications one at a time.
- Why do you focus on the complete set of components instead of just picking a single use case / component and expand gradually on this?
- CCA looks like all components are planned and need to work together and be aligned and implemented. Why not just start with simple use case (CCA application) and then expand?
- [Matteo]: It's the architecture itself that has such extensive requirements. It's already an MVP. Very basic use case. You can't go simpler than this.
- [Matteo] You need to have several components in place otherwise it won't work, but we're just giving basic building blocks without trying to overstretch.
- [Dan]: Agree, it's a lot of components, but they are all needed for the key initial use-case: Boot guest VM from encrypted disk into a realm protected from host access.
- [Kangkang]: it's important to demonstrate how to use as soon as possible. Showing the full picture but implemented gradually
- [Matteo]: RME extension is available on latest publicly accessible architectural model (Base FVP) - allows you to play with these features.
- Qemu work ongoing (towards the end of the year). Emulation functionality is being assessed by virtualisation team of Linaro.
- Arm will provide publicly available solution FVPs, containing all System IP (CPU, GIC, interconnect, GPU for mobile for example)
- Infrastructure FVP will contain all IPs needed to demonstrate CCA.
- [Glen]: OpenCI status update; this has been moved from board to TSC to reduce technical details shared in board meeting.
- Boards going into lava lab. Rack still being built to add more boards; ST boards going in next week or two.
- After that it's Renesas, although still waiting on Renesas on the availability of the SW.
- Board meeting required to discuss other boards that need to be made available.
- [Eric]: as we discussed: additional candidate board coming from ST but no pressure. Any timing?
- [Glen] From a Sw point of view we're almost ready; but need to check latest readiness internally. Glen on standby for updated timeline to plan accordingly.
- Mbed TLS in openCI:. Some stability issues with Windows, need to upgrade the CI platform - will allow stability and performance increase
- PSA ACK tests enabled, but still have failures. Working with Arm to fix them.
- Code coverage: going through docs and code coverage reports to have source links (got completed last week)
- Will do MISRA enablement after code coverage and PSA ACK tests. Starting with TF-A. Create a series of milestones and estimates. Published plan and resourcing.
- Having biweekly meetings -> maybe going to weekly to keep up the pace.
- Getting licensing in place now. Discussions and emails ongoing for licensing infrastructure. Several weeks work for that before prototyping can start in staging.
- Then onto production. Several issues closed/fixed.
- [Dan]: Is the resource/plan public? I did not see numbers.
- [Glen]: Updated the plan two days ago with resource, check again. TFC-10 contains actual work tasks and first two milestones.
- [Dan] Is this waiting for review and approval?
- [Glen] Already reviewed from Arm and Linaro.
- [Dan]: What's the status of the ticket for read only mirrors on GitHub?
- [Glen]: need to check offline.
- [Dan]: The plan going forward is for OpenCI details to be in TSC and feedback from TSC back to board. Is there any feedback for the board yet? Anything offline is fine as well.
- [Dan]: Next time would be good to focus on what are the big things in the backlog, what are the next important things planned, etc (i.e. 6 months medium term roadmap).
- [Glen]: we presented that detail to the board meeting. will move from the board meeting to the TSC meeting next time.
- Any questions / AOB?
- None. Meeting end.
Hi all
We have these topics so far for the TSC meeting tomorrow. Please let me know if you have any more.
* Arm CCA roadmap update
* Open CI update
(Note, there is a plan to discuss the LTS topic in the TF-A and TF-M tech forums so I didn't put this as an agenda item here, but we can discuss this needed).
Regards
Dan.
Hi all
We have these topics so far for the TSC meeting tomorrow. Please let me know if you have any more.
* Combined OP-TEE and Trusted Services roadmaps (Julianus and Shebu)
* Open CI Update
* Discussion on whether this should be a recurring topic
* Discussion on what board info should be shared with TSC
Regards
Dan.
