From Linaro Connect 2017 in San Francisco:
Digital signatures and the beginning of the world – SFO17-306
The bootloader is where it all begins. This session sums up our experiences with various signature types, data formats, implementations and how to choose.
Brian Richardson of Intel recently gave a presentation at ARM Ltd’s Linaro Connect on the subject of UEFI. Intel started UEFI but in recent years ARM is also using UEFI.
Al Stone of Red Hat has announced the next firmware mini-sumit at Linaro Connect, March in Bankok, Thailand. Excerpt of announcement:
Well, it’s that time of year again. If you’re going to be at Linaro Connect  in Bangkok, Thailand on the week of 7-11 March 2016, please drop in to the firmware mini-summit to be help Wednesday afternoon (9 March). The exact time and location at Connect are still to be determined. We’ll have an hour, and so far the topic list is:
* Update on current status of ACPI patches (PCI, NUMA, CPPC, plans for the next steps)
* The new FW_OS_Forum mailing list
* Progress in ACPI compliance testing in FWTS, and future plans
* _DSD usage yet again
Al Stone of Red Hat posted a summary of the recent Firmware Summit that took place at the recent Linaro Connect event.
There’s a discussion on the state of ACPI on ARMv8, and Linux support. “So, please tell Linaro if there is something needed from the ACPI spec. Call, write or send carrier pigeons, just let us know.”
There is a discussion on ACPI’s _DSD and Device Properties. A new firstname.lastname@example.org mailing list has been setup to help. A new repo of information — on how to submit, approve, and use device properties in a community approved manner:
Matthew Garret wrote a document on Secure Boot:
I omitted a few items from the workshop’s notes. Read the full status here:
LAVA is a Continuous Integration tool for testing firmware, pre-OS environment, and embedded OSes, including QEMU-based systems as well as live hardware. Linaro is refactoring the code, which will impact test code and their running validation service, as well as renaming Linaro-Validation to lava-devel. The lava-users and lava-announce lists still exist. Neil Williams of Linaro announced some changes to LAVA, after discussing things at last week’s Linaro Connect. Excerpts of anouncement:
The LAVA dispatcher is being refactored and this had led to advancements and modifications in the lava-server as well as a completely re-written job submission format. LAVA is retaining compatibility *only* with the Lava Test Shell Definitions (the YAML files people are currently using) and there can be no automated way of converting existing JSON job submissions to the new job submission format (which uses YAML to allow for comments, amongst other improvements). The refactoring introduces a lot of benefits, including much more robust communication between the workers and the master, removal of configuration on the workers so that admins only change things in one place, a lot of new methods within the dispatcher to support new types of test and a much cleaner, more modular, codebase for future development. The timetable for these changes is expected to cover most of 2016.
The LAVA developers would ask that everyone running LAVA would subscribe to at least the lava-announce mailing list, to help with the migration to the new support.
Linaro Connect is happening in San Francisco. They’ve got their presentations online, including a few firmware-related and security-related talks. I like the “Advanced Toolchain Usage” series.
At Linaro Connect, ARM’s CEO announced a new Linaro IoT group, LITE. More details here, including the video of the announcement:
In Youtube video of announcement, it ironic to see ARM exec keynote interrupted by an attendee’s smartphone, which was likely ARM-based.
Many other things are in keynote video, not just LITE, since this week’s Linaro Connect is “security-themed”.
“Security is starting to become important for everything we do.” –ARM CEO
Linaro Connect is happening in 4 days in San Francisco.
“The theme for the week is security.”
The security track:
* Security requirements on ARMv8-A boot architecture
* Linux kernel generic TEE driver
* OP-TEE Content Decryption with Microsoft PlayReady on ARM
* Expanding security choices: DRM & CA interoperability
* Expanding security choices panel
* Secure storage in OP-TEE
* Lessons learned on migrating open source Chromium-OPTEE to 96Boards