openbmc.lists.ozlabs.org archive mirror
 help / color / mirror / Atom feed
* Security Working Group meeting - Wednesday September 14 (on Discord voice)
@ 2022-09-14 14:09 Joseph Reynolds
  2022-09-14 19:31 ` Security Working Group meeting - Wednesday September 14 - results Joseph Reynolds
  0 siblings, 1 reply; 2+ messages in thread
From: Joseph Reynolds @ 2022-09-14 14:09 UTC (permalink / raw)
  To: openbmc

This is a reminder of the OpenBMC Security Working Group meeting 
scheduled for this Wednesday September 14 at 10:00am PDT.


ATTENTION - Venue Change.  The meeting recently moved to Discord voice.  
Please update your calendars.

=== MEETING ACCESS ON DISCORD VOICE  ===
First, join Discord via https://discord.gg/69Km47zH98 
<https://discord.gg/69Km47zH98> and confirm via email.
Then, to join: navigate Discord > OpenBMC > Voice channels >  Security ~ 
https://discord.com/channels/775381525260664832/1002376534377635860 
<https://discord.com/channels/775381525260664832/1002376534377635860>


We'll discuss the following items on the agenda 
<https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI>, 
and anything else that comes up:

1. Discuss alternate meeting times



Access, agenda and notes are in the wiki:
https://github.com/openbmc/openbmc/wiki/Security-working-group 
<https://github.com/openbmc/openbmc/wiki/Security-working-group>

- Joseph

^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: Security Working Group meeting - Wednesday September 14 - results
  2022-09-14 14:09 Security Working Group meeting - Wednesday September 14 (on Discord voice) Joseph Reynolds
@ 2022-09-14 19:31 ` Joseph Reynolds
  0 siblings, 0 replies; 2+ messages in thread
From: Joseph Reynolds @ 2022-09-14 19:31 UTC (permalink / raw)
  To: openbmc



On 9/14/22 9:09 AM, Joseph Reynolds wrote:
> This is a reminder of the OpenBMC Security Working Group meeting 
> scheduled for this Wednesday September 14 at 10:00am PDT.
>
>
> ATTENTION - Venue Change.  The meeting recently moved to Discord 
> voice.  Please update your calendars.
>
> === MEETING ACCESS ON DISCORD VOICE  ===
> First, join Discord via https://discord.gg/69Km47zH98 
> <https://discord.gg/69Km47zH98> and confirm via email.
> Then, to join: navigate Discord > OpenBMC > Voice channels >  Security 
> ~ https://discord.com/channels/775381525260664832/1002376534377635860 
> <https://discord.com/channels/775381525260664832/1002376534377635860>
>
>
> We'll discuss the following items on the agenda 
> <https://docs.google.com/document/d/1b7x9BaxsfcukQDqbvZsU2ehMq4xoJRQvLxxsDUWmAOI>, 
> and anything else that comes up:
>
> 1. Discuss alternate meeting times

1 Discuss alternate meeting times (continued from previous meeting).

DISCUSSION in discord indicated to use the Discord #security channel for 
security-focused discussions.  And feel free to set up a meeting on the 
Discord #security voice channel at any time.  We will continue with the 
regular security working group meetings (once every other week).


2 SELinux design and implementation progress.

DISCUSSION:

Ruud. How to approve the design? 
https://gerrit.openbmc.org/c/openbmc/docs/+/53205 
<https://gerrit.openbmc.org/c/openbmc/docs/+/53205>  Ideas to ask the 
docs repo maintainers for feedback 
https://github.com/openbmc/docs/blob/master/OWNERS 
<https://github.com/openbmc/docs/blob/master/OWNERS>

Yutaka Status: Working two areas:

  *

    Creating bitbake recipes to enable SELinux on AST2600 EVB in
    non-enforcing mode.

  *

    Working to get tests to pass
    <https://github.com/openbmc/openbmc-test-automation>before
    requesting to merge.  The tests fail on the AST2600 EVB because the
    CPU is not present.

The interim plan is to get SELinux working on the Witherspoon reference 
platform (which should be possible to get all tests to pass).  Then  
adapt the config to other models such as AST2600.


3 Measured Boot.   Sandhya K.

DISCUSSION:

Please review the design: 
https://gerrit.openbmc.org/c/openbmc/docs/+/57138 
<https://gerrit.openbmc.org/c/openbmc/docs/+/57138>

Still working on the design for the keylime agent which runs on the BMC.


Bonus topic: How does communication work?  Where is code reviewed?  
Which channels? For code changes: Note the Linux and U-boot pieces of 
OpenBMC use the email patch process.  Nearly all other OpenBMC repos use 
the Gerrit review process. https://gerrit.openbmc.org/dashboard/self 
<https://gerrit.openbmc.org/dashboard/self>

https://github.com/openbmc/docs/blob/master/CONTRIBUTING.md#submitting-changes 
<https://github.com/openbmc/docs/blob/master/CONTRIBUTING.md#submitting-changes>


4 BMC Secure boot.

Please review the design. 
https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/26169 
<https://gerrit.openbmc-project.xyz/c/openbmc/docs/+/26169>



Joseph

>
> Access, agenda and notes are in the wiki:
> https://github.com/openbmc/openbmc/wiki/Security-working-group 
> <https://github.com/openbmc/openbmc/wiki/Security-working-group>
>
> - Joseph


^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-09-14 19:32 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-09-14 14:09 Security Working Group meeting - Wednesday September 14 (on Discord voice) Joseph Reynolds
2022-09-14 19:31 ` Security Working Group meeting - Wednesday September 14 - results Joseph Reynolds

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).