# 2025-03-05 - coreboot Leadership Meeting
## Attendees
Mina Asante, Jon Murphy, Felix Singer, Benjamin Doron, Felix Held, Andre, Andy
Ebrahiem, Jeremy
Compostella, Martin Roth, Matt DeVillier, David Hendricks, Jay Talbott, Julius
Werner, Karthik R.
## Open Action Items
* 2024-11-27
* [Open] Send out poll with regards to LLM usage (requested by SFC)
* 2024-10-30
* [Open] Add clarification to docs, “do not use gerrit change-id or CB:
format in reference to
already-merged patches”.
* 2024-10-16
* [Open] Matt: Set up a meeting to discuss board status alternatives and
send out invites.
* Decouple data collection with uploading
* Require gerrit credentials or other auth to push
* Json format?
* https://github.com/chrultrabook/linux-tools/blob/main/debugging.sh
* 2024-09-18
* [Open] Jon: Schedule a dedicated meeting to discuss the Coverity defects
and action plan.
* Werner: Send out an invite for the meeting.
Sent out a poll to find a time slot:
https://rallly.co/invite/1c8J3azXAcje
* 2024-05-01
* [Open] Nick Van Der Harst volunteered for Dutch. "gogo gogo" would like
to translate to Russian
(?)
* 2024-01-10
* Nico: (https://review.coreboot.org/q/topic:enforce_region_api)
* [Open] Daniel: Look at how we want to localize (non-console)
strings for coreboot. Long term project.
## Minutes
### [Benjamin] Add support for sharing SMM with the payload
* To support UEFI secure boot effectively, we need to perform the verify and
write steps of its
variables together, in SMM. Consequently, we propose a solution where coreboot
‘owns’ SMM
(initialises and installs all its regular SMI handlers), and the payload is
permitted to install
its own SMI handlers within a dedicated SMRAM region that coreboot will call
into (and return from)
for payload-specific use-cases. While this was developed for EDK2, to support
secure boot, note
that it’s not UEFI-specific, and contains nothing specific to secure boot. This
is a superior
solution to one we proposed in 2023, called “[Add support for calling SMM
payloads.](https://docs.google.com/document/d/1S1hLGc7nhBIaD3wN3eylyjhMMqEoI44TGy0zHj_hbr4/edit#headng=h.6cl9g659glbl)”
* Earlier proposal handed SMM control to the payload, which caused issues
since some things like
suspend/resume and EC functionality needed to be provided in SMM controlled by
coreboot.
* This new approach allows EDK2 to read, verify, and potentially write
secure boot related
variables in an "atomic" manner (using coreboot's SPI driver on the backend?).
This solves a
problem from the earlier solution where secure boot variables could be changed
by an attacker in
between EDK2 and coreboot interactions.
* [A.I] Benjamin to publish a[ blog post at the 9E
blog](https://9elements.com/blog/) about this so that
we can review the design in more detail. (DFAD/ETA: unknown, probably after
university exams)
### [Martin] Updating website
* Privacy Policy
* Leadership page
* Trademark & logo
### [Martin] Email server
* As we agreed previously, the email service remained on Stefan’s server.
This includes the mailing
list
* Stefan, Patrick and myself are admins there.
### [Jon] cbmem updates
* Google is pursuing testing of coreboot with Android. As such, we do need
to make some changes to
coreboot mechanisms to facilitate a slightly different OS. Can we get review on
some cbmem changes
to add support in sysfs:
(https://review.coreboot.org/q/topic:%22cb
em-in-sysfs%22)
### [Martin] We can post blogs on the coreboot blog if people are interested in
writing things.
* Don’t want to make it an advertising area, but we’d like news about devices
using coreboot.
* Martin can write something about opensil with coreboot after the Phoenix &
Turin Proof-of-Concept (Non-production) openSIL releases.
# Next Leadership Meeting
* March 19, 2025.
* [coreboot Calendar](https://coreboot.org/calendar.html).
# Notice
Decisions shown here are not necessarily final, and are based on the current
information available.
If there are questions or comments about decisions made, or additional
information to present,
please put it on the leadership meeting agenda and show up if possible to
discuss it.
Of course, items may also be discussed on the mailing list, but as it's
difficult to interpret
tone over email, controversial topics frequently do not have good progress in
those discussions.
For particularly difficult issues, it may be best to try to schedule another
meeting.
# coreboot leadership meeting minutes
https://docs.google.com/document/d/1NRXqXcLBp5pFkHiJbrLdv3Spqh1Hu086HYkKrgKjeDQ
_______________________________________________
coreboot mailing list -- coreboot@coreboot.org
To unsubscribe send an email to coreboot-le...@coreboot.org
