EBBR Notes 2023.03.13

Attendees

• Ivan T. Ivanov (Suse)
• Ilias Apalodimas (Linaro)
• Etienne Carrière (STMicroelectronics)
• Vincent Stehlé (Arm)

Agenda

• Review pull requests:
  • Pull request #102: File Format For Storing EFI Variables (Heinrich)
  • Pull request #104: Relax monotonic counter nonvolatility
  • Pull request #105: Recommend the firmware update protocol

Notes

• Ilias: will rework pages permissions if time permits
  • U-Boot maps everything RWX
  • UEFI 2.10 allows mem attributes
  • Ivan: for OS, world starts at GRUB
• Pull request #102: File Format For Storing EFI Variables (Heinrich)
  • Ilias: seems to get some traction, people seem happy
  • Ivan: store file on ESP? Ilias: no concurrent access
  • Should pass the file location to the OS in the Devicetree (use fstab UUID?)
• Pull request #104: Relax monotonic counter nonvolatility
  • Ilias: monotonic counter high part could be used for security
  • We could allow non-volatility in EBBR or even make it optional
  • We could fix U-Boot
  • Could we return device error? Would that break the OS boot
  • We need some more time to reflect on this one
  • We need hardware backing for this one
  • Storing a monotonic counter in a file would allow rollback
  • Leverage StMM?
    • U-Boot issues smc to call op-tee, op-tee uses FF-A to StMM
    • mm-communicate; could leverage for monotonic counter
    • Ilias: mm-communicate should be non-interruptible
• Pull request #105: Recommend the firmware update protocol
  • Ilias: should we require? Need to look at kernel, too
  • Let's postpone to next call

Links

• https://github.com/ARM-software/ebbr/pull/102
• https://github.com/ARM-software/ebbr/pull/104
• https://github.com/ARM-software/ebbr/pull/105