Attendees: Don, Dan H, Abhishek, Kevin Oerton, David Brown, Julius Werner, Andrej Butok, Joakim Bech, KangKang Shen, Dave Cocca, Kevin Townsend, Michael Thomas
Actions:
ACTION: DavidB send a note to Brett and ask for details on Groups.io options. Ask about options
ACTION: Don to add DavidB to the Groups.io tickets (IT, and Tasks). Done
ACTION: Joakim to follow up with Kangkang for the use of multiple cores on the Secure World side.
Minutes:
AP: Introduce Kevin Oerton. Focus PSA Certs on ST and moving to Cortex-A. A self-defending security platform. Comes with “Cyber warranty” model. Incorporated in US, working out of Toronto
Brief intros from the rest of the team
Kevin Townsend - Linaro LITE
Dan H: Arm, TSC rep. TF-A history but interested in lots more.
KK: Futurewei. Chief F/W architect at Huawei before splitting out into Futurewei.
David Brown: Linaro - LITE. On Security Working Group but on Linaro LITE. MCUBoot Maintainer, Security Arch. for Zephyr
Dave C: Renesas: Interested in TF-M and M bed TLS to support Micro Controllers
Andrej B: NXP Czech republic. TSA, TF-M, and more. Support 4 platforms w/ SDK with more to come. Still needs to be upstreamed with limited resources. Plan to bring an intern on board to accelerate upstreaming.
AP: Is Zephyr team working w/ TF-M?
AB: No contributions at this time. Not enough resources to support upstream TF-M, hoping to change that
JoakimB: Sweden, Linaro. Started the Security Working Group. Now transitioned. An OP TEE Maintainer, but no longer reviewing all patches. Now focusing on DT, Boot Architecture, Provisioning, and Remote attention to name a few. Also handles Security Issues. Includes OP-TEE and more.
JuliusW: Google on ChromeOS. Using TF-A for 5 years now. Other Google teams interested in Hafnium
MichaelT: Renesas working for Dave Cocca. Focused on Renesas RA security solutions.
Abhishek: Arm, Cambridge. At Arm for 5 years, lead TF-M from the start. Manage all firmware teams including TF-A, TF-M, and more. Focus on all
Groups.io status
DanH: Started in May that Groups.io started as a good replacement for Mailman. Approved by the board to move forward. Included Domain support. Ended up not getting a non-profit discount. Since November, Don, Linaro IT, and I have been investigating. Used a Linaro Service Desk ticket.
DanH: Linaro IT (Philip) helped a lot with limitations. Migration not straight forward and getting very limited support
DanH: Archive migration may be a blocker. Also how to do the switchover with blackout periods but not getting support here. Potentially could do archive migration later but not sure if this is possible or what the behavior is when replying to a mail not in groups.io.
DavidB: On last point, got this working for Zephyr. Wasn’t very friendly. Was all settings adjustments that can be overridden per user.
DanH: Private groups can’t become public later. Limited support response but it may be because we are only evaluating (not paid any money). Linaro IT is not supportive of this so making the transition harder.
DavidB: Has a bulk suggest option where you can email people to ask them to sign up.
Don: How far was zephyr in when the transition happened? How many lists?
DavidB: Came in after and used David as Admin to go fix issues.
DavidB: Was this discussed with Zephyr to see how they transitioned.
ACTION: DavidB send a note to Brett and ask for details. Ask about options
Joakim: Maintain OP TEE list. Have added spam filters as we have moved along, but now going pretty well.
DavidB: Zephyr uses Groups.io for mailing lists and group calendars. A calendar is available that works ok. There is a bug on Daylight Savings so must use UTC. ~1000 people on the main mailing lists. Mostly was migrated.
Abhishek: Want to transfer Archives, and Groups.io has to do that.
DavidB: Do we get that support if enterprise?
ACTION: Don to add DavidB to the tickets (IT, and Tasks).
Joakim: Have a long list of senders filters; can we re-use this for other lists? Any automation on that?
Abhishek: Inclusive Language / Code of Conduct
Abhishek: Shared both Community Guideline and Code of Conduct
Abhishek: Text from what was agreed in the email
DaveC: Don’t see issues. Like the retrospective comments that don’t need to go back and correct existing content but only for new comments.
Abhishek to send out a note with Deadline.
KK: Like Coding Standard but no in Code of Conduct. A technical requirement when coding. But not a code of conduct
Abhishek: That’s in a different location. Started with Eclipse as an example for Code of Conduct. Lots of adopters using this - https://www.contributor-covenant.org/
There was consensus from many in the meeting
KK: Inclusive Language is a technical requirement.
ACTION: Abhishek Pandit to reach out Kangkang for a side discussion.
Abhishek: Should this go to vote or just do this?
Julius: who enforces is often changed?
Julius: Just have it so that TSC members make the decisions.
Who decides how to handle it?
Board or TSC.
Needs to come up to Board.
Breaches won’t decide when they happen
Conclusions: Leave as is and sending to enquiries@trustedfirmware.org is good for now.
No objections. No vote to occur on this.
KK: Can we load multi-core in Trusted Firmware? TF-A
DavidB: Do that already? Cypress?
DanH/Joakim: TF-A has always been multi-core
Runtime code is multi-core. PSCI Spec describes this.
DanH: It seems that KK is actually talking about the secure world spawning additional threads on other cores when servicing normal world requests. This may require discussion with the Firmware Framework-A spec people at Arm so that the normal world can account for this work..
ACTION: Joakim to follow up with KK on multiple cores on the Secure World side.