Phriction Trusted Firmware Trusted Firmware-A (TF-A) TF-A, TF-RMM & Hafnium Roadmaps History Version 15 vs 50
Version 15 vs 50
Version 15 vs 50
Edits
Edits
- Edit by • aksjai112, Version 50
- Feb 4 2024 8:52 PM
- Edit by mcarlini, Version 15
- Apr 20 2022 4:55 PM
Edit Older Version 15... | Edit Current Version 50... |
Content Changes
Content Changes
If you are interested in collaborating on any of the roadmap features or other features, please mail [[ https://lists.trustedfirmware.org/mailman/listinfo/tf-a | TF-A mailing list ]]
**WARNING:**
All dates are provisional and subject to change without notice. Items beyond CQ3'21 will be planned in detail and confirmed at the start of the quarter depending on progress made in previous quarter and available bandwidth.
**TF-A-v2.6 Release features**
* Armv9 features support:
** Realm Management Extension (FEAT_RME): first prototype implementation (ENABLE_RME)
** Scalable Matrix Extension (FEAT_SME) enabled for Normal world use
** Trace Buffer Extension (FEAT_TRBE): enable access to trace buffer control registers from Normal world
** Embedded Trace Extension (FEAT_ETE, FEAT_ETEv1p1): enabled for Normal world use
* Armv8 features support:
** Activity Monitors Extension (FEAT_AMU): enable per-core AMU auxiliary counters
** Support for the HCRX_EL2 register (FEAT_HCX)
** Scalable Vector Extension (FEAT_SVE): enabled for the Secure world
** Self-hosted Trace Extensions (FEAT_TRF)
* Support for the Arm Firmware Update specification
* Hafnium SPM:
** Arm FF-A v1.1 notifications support
** Arm FF-A v1.1 interrupt handling (Hafnium para-virtualized interface)
** S-EL0 partitions support through VHE architecture extension in the SW
** Save/restore NW SVE live state on world switches
** SPs to use FP/SIMD while NW uses SVE/SIMD/FP on the same core
** Updated toolchain to LLVM/Clang 12
** Published new SPMC threat model
**TF-A-v2.5 Release features**
* TF-A Public Threat Model published
* Armv8.7: FEAT_MTE3, FEAT_PAN3
* Armv8.6: FEAT_AMUv1p1, FEAT_MTPMU
* Armv8.5: Speculation Barrier (SB) for non-Armv8.5 platforms starting from Armv8.0 (FEAT_SB)
* Helper functions for Random number generator registers (FEAT_RNG)
* Support for TRNG firmware interface service
* SiP service to configure Ethos-N NPU
* GPT Image Support aligned to Firmware update specification
* S-EL2 Hafnium/FF-A:
** PAuth & BTI support
** SMMUv3.2 S-EL2 driver for stage 2 translation
** FF-A Non-secure interrupt handling
** FF-A Power management support at boot time
** FF-A Direct message interfaces & Memory sharing interfaces
** Added SPMC support to Hafnium CI
** Save/restore of Normal world FP/NEON/SIMD state
**In Development features - TF-Av2.7 release readiness**
* Arm 2020 Arch. extensions (v8.7) support: FEAT_AFP, FEAT_RPRES, FEAT_SPE, FEAT_WFxT, FEAT_LS64
* Arm 2020 Arch. extensions (v9.2) support: FEAT_BRBE
* S-EL2 Hafnium/ SPM / FF-A:
** FF-A Power Management runtime support
** FF-A Secure Interrupts handling (Beta0 draft spec)
** MTE hardening
** Migration to arm64 native host compilation
** EL3 SPM FF-A support
* CCA (RME) enablement:
** Trusted boot new flow
** Context mgmt. for 4 worlds enhancements
** AP <-> RSS measured boot & attestation
**Ongoing / Future**
* MISRA scan integration into OpenCI
* Arm 2021 Arch. extensions (v8.8) support:
** FEAT_HPMN0
** FEAT_PACQARMA3, FEAT_CONSTPACFIELD
** FEAT_RNG_TRAP
* Arm DRTM spec support
** Phase 1: Standard services, Complete DMA protection
** Phase 2: Other SMCs, region-based DMA protection
* S-EL2 Hafnium/ SPM / FF-A:
** S-EL2 & EL3 SPM features alignment
** FF-A Indirect msg
** FF-A Secure Interrupts hand. (GIC emulation)
** FF-A SMMU guidance
** FF-A Memory sharing on RME
** FF-A Memory sharing to multiple borrowers
** Google Trusty TEE integration
** SPM + RME extension support
* GIC-600AE RAS: FMU initialization
* Armv8-R64 PSCI services
* Errata ABI spec support
* CCA (RME/RMM) enablement:
** RMM first revision upstream
** Beta/EAC spec alignment
** RAS for 4 worlds investigation
** SMMU GPT
If you are interested in collaborating on any of the roadmap features or other features, please mail [[ https://lists.trustedfirmware.org/mailman/listinfo/tf-a | TF-A mailing list ]]
**WARNING:**
All dates are provisional and subject to change without notice. Items in Ongoing/Future section will be planned in detail and confirmed in due course.
**Ongoing**
* CPU Errata Support
* Gearing up for TF-A next Release
* Firmware Handoff
* DSU PMU S/R support
* PSA Crypto API
* FF-A 1.2 enhanced Support
* Firmware Update live Activation BL31 II
* mbedTLS 2.x removal
* Firmware Update Improvements
**Future**
* GICv5 Investigation
* GIC v3 | NMI Support
* Firmware Handoff | Platform Support
* CCA Plane II/DI
* CCA DA II/DI
* Live FW Update
* CCA Granule Delegation
* 2023|2024 architecture Feature enablement
* FF-A 1.1 ACS Compliance
* Secure Timer Virtualization
____________________________________________________________________________________________
**2023 TF-A Releases**
**TF-Av2.10 release (Nov 2023)**
**Architecture extensions support :**
* Arm v8.9 | 2022 Architecture extension support enabled for FEAT_HAFT,RPRFM, LRCPC3, and MTE_PERM
* Non Secure SME support in RMM
* PAC+ BTI support enabled in RMM and Realm
* CPU support added for Gelas, Nevis and Travis cores
**TF-A | EL3 Root World :**
* Firmware handoff Library Support : transfer list APIs and Firmware Handoff build option
* Improvements to BL31 runtime exception handling
* Context management refactoring for RME/4 Worlds
**Boot Support :**
* Trusted Boot support for ECDSA (Elliptic Curve Digital Signature Algorithm) P- 384 keys
* Migrated to PSA crypto API’s (Except for authenticated decryption feature. Also, mbedTLS legacy crypto APIs will still be supported for some time)
* Improved the GUID Partition Table (GPT) parser
* Various security Improvements and threat Model updates for ARM CCA
* Completed PSA Attestation Support
**Hafnium | S-EL2 SPM :**
* Continued support for FF-A v1.2 - FFA_YIELD with time-out; EL3 SPMDs LSPs communication; memory sharing updates
* Memory region relative base address field support in SP manifests
* Interrupt re-configuration hypervisor calls
* Memory management: S2 PT NS/S IPA split
* SMCCCv1.2+ compliance fixes
* Feature parity test improvements for EL3 SPMC and Hafnium
**TF-RMM | R-EL2:**
* TF-RMM aligned to RMM 1.0 EAC5 spec
* Initial CBMC Support
* Added TF-RMM Threat Model to the documentation support
* Added capability to privately map the per-CPU stack in RMM
**TF-A Tests:**
* Added support for errata management firmware interface tests
* Added support for firmware hand-off tests
* Test support for SMCCCv1.2 extended GP register set
* Added PAC and PMU support in Realm tests
**Platform Support :**
* Support for Aspeed AST2700, NXP IMX93, Intel Agilex5,Nuvoton and ST platforms
**Errata ABI:**
* Added 13 CPU Errata mitigations(1xCortex-X2, 1xCortex-A710, 4xNeoverse N2, 4xNeoverse V2, 2xCortex- X3 CPU, 1xCortex-A510)
**Others :**
* Qemu Platform Support
* SDEI support added
* Firmware handoff support implemented
* QEMU virt platform is now supported in TF-RMM
* mbedTLS Update to 3.4.1
* Crypto-cell support for 712/713 removal ( deprecation announced in TF-A 2.9)
_______________________________________________________________________
**TF-Av2.9 release (May 2023)**
**Architecture extensions support:**
- Support for PSCI OS initiated mode
- Architecture support for FEAT_TCR2, Guarded Control Stack (FEAT_GCS), Config Register Support for FEAT_HCX
- Save/Restore Support for FEAT_PIE/POE, FEAT_SME | SME2, FEAT_MPAM: runtime check
- Added dynamic detection of architecture feature enablement
- System registers access trap handler
- Eighteen CPU Errata Mitigations for Cortex-A510, A-78, X2, Neoverse V1, N2 cores and GICv3 bug fixes
- Errata Management Firmware Interface implementation supported for version 1.0 of the public specification
- First release done solely relying on TrustedFirmware.org Open CI
- Ethos-N NPU Driver Added support for Protected Firmware Setup
- EL3 SPMC enhanced feature hardening (scan warning fixes, report execution stage in partition info etc)
**Arm CCA support:**
- Support for Trusted Boot rooted into RSS RoT
- Support for PSA attestation scheme with Measured Boot rooted into RSS.
- General improvements and hardening of the boot and attestation support.
- Hardening efforts in the X.509 certificate parser, including a security fix (TFV-10, CVE-2022-47630)
**TF-RMM Enhancements [0.3.0] :**
- Refactoring Stage 1 Translation Table to better fit RMM Usage
- PMU usage in Realms as per RMM v1.0 BET0 spec
- Realm support to leverage SVE hardware functionality, if enabled
- Improve dynamic config of RMM by adding support for DRAM info in RMM-EL3 interface
- RMM Unit test support for granule and slot-buffer components
- Mask MTE capability so that realms can see that MTE is not supported
- Build improvements in RMM comprising : build times, decouple dependencies during build cycle and support multi-config builds
**Hafnium SPM & FF-A enablement:**
* FF-A v1.2 Early Adoption
* FF-A v1.1 Enhanced Support
** Interrupt handling (S-EL0 partition signaling, allow a physical interrupt to be routed to a specified PE)
** Memory sharing (support for FF-A backward compatibility, share/lend/donate memory to multiple borrowers, normal/secure fragmented memory sharing)
** Power management (events relayed to the SPMC and removed limitations)
** Indirect messaging (buffer synchronization and ownership transfer rules)
** Hardened SP manifest memory regions boot time validation
** CI migration to LLVM/clang 15.0.6
** Removal of non-VHE build and test configurations
** Added EL3 SPMC test configurations using the Hafnium’s CI infrastructure
**TF-A Tests**
- support for 2021 Architecture Extensions
- new tests for FEAT_RME and RMM Testing
- support for FF-A v1.1 Feature testing
- New cores/platforms support:
- Arm TC3 CPU cores support
- Power Domain support for N1SDP and Morello hardware
- Allwinner T507 SoC support
- Legacy support for Nvidia Tegra 210
- MT8188 | MT8195 Platform support
**Qemu** : Enable Dynamic Feature Detection for Normal World
----------------------------------------------------------------------------------------------------------------------------------------
**Previous TF-A Releases**
**TF-RMMv01.0/v0.2.0 first releases (November 2022)**
* Reference implementation of the Arm Realm Management Monitor (RMM) [[ https://developer.arm.com/documentation/den0137/ | specification ]]
* Aligned against BETA revision of the specification
* Tested against TF-Av2.8
* All contributions accepted under DCO and BSD 3-Clause
**TF-Av2.8 release (November 2022)**
* Architecture extensions support:
** Added Pointer Authentication Extension helper support for QARMA3 (FEAT_PACQARMA3)
** Partial EL3 support for RNDR/RNDRRS (FEAT_RNG_TRAP)
** Added SVE fall back if SME not available (FEAT_SME)
** Support full SVE vector Length (FEAT_SVE)
** Added FEAT_BRBE and FEAT_TRBE under feature detection mechanism
* Added support for DRTM (Dynamic Root of Trust Measurement) Phase 1 (Standard services, Complete DMA protection)
* Various Errata Mitigations (Cortex-A710, A510, X3, X2, A76, A77, A78C, Neoverse N1, N2, GIC-600)
* Improved SVE support (as per SMCCCv1.3)
* Ethos-N Driver support for SMMU
* EL3 SPMC feature hardening
* FEAT_RME:
** Bootflow chain of trust support for AEM FVP
** Further developments to support TF-RMM upstreaming
** Tested interop against TF-RMM v0.2.0
* TF-A Tests support for 4 new platforms (N1SDP, RD-N2, RD-N2-Cfg1, RD-V1)
* TF-A Tests FEAT_RME Realm Payload Testing
* TF-A Tests FF-A v1.1 Secure interrupts Testing
* Hafnium SPM & FF-A enablement:
** FF-A v1.1 additions (Interrupt handling, Memory sharing, Framework notifications and indirect messaging)
** Added FF-A console log ABI, support for GICv3.1 extended INTID ranges
** Enhanced SVE by supporting up to the maximum vector length
** FF-A v1.0 ACS test suite integration in Open CI.
**TF-A-v2.7 Release features**
* Architecture support:
** Armv9.2 Branch Record Buffer Extension (FEAT_BRBE) for Non-secure World support
** Armv8.7 Statistical Profiling Extension (FEAT_SPEV1P2) TF-A-Tests support
** Armv8.7 WFE/WFI instructions with Timeout (FEAT_WFxT), Increased precision of Reciprocal Estimate and Reciprocal Square Root Estimate (FEAT_RPRES) & Alternate Floating-Point (FEAT_AFP) TF-A-Tests support
* *Armv8.3 Extended Cache Index (FEAT_CCIDX) support
* Spectre Branch History Buffer (BHB) Mitigations
* Various Software workarounds for Errata affecting Cortex-A710, A510, A78, X2
* New Architectural Features Detection Mechanism (Experimental Feature)
* SMMU Granule Protection Checks (GPC) for Secure and Non-secure world transactions
* FF-A & SPM:
** Secure Partition Manager (SPM) operating at EL3 (Experimental Feature)
** Hafnium: Memory Tagging Extension (MTE) stack tagging support at S-EL2
** Hafnium FF-A implementation:
** FF-A v1.1 EAC0: Boot protocol, Setup and discovery, Notifications
** FF-A v1.1 Beta0: Interrupt handling improvements
** FF-A v1.0 compliance fixes
**TF-A-v2.6 Release features**
* Armv9 features support:
** Realm Management Extension (FEAT_RME): first prototype implementation (ENABLE_RME)
** Scalable Matrix Extension (FEAT_SME) enabled for Normal world use
** Trace Buffer Extension (FEAT_TRBE): enable access to trace buffer control registers from Normal world
** Embedded Trace Extension (FEAT_ETE, FEAT_ETEv1p1): enabled for Normal world use
* Armv8 features support:
** Activity Monitors Extension (FEAT_AMU): enable per-core AMU auxiliary counters
** Support for the HCRX_EL2 register (FEAT_HCX)
** Scalable Vector Extension (FEAT_SVE): enabled for the Secure world
** Self-hosted Trace Extensions (FEAT_TRF)
* Support for the Arm Firmware Update specification
* Hafnium SPM:
** Arm FF-A v1.1 notifications support
** Arm FF-A v1.1 interrupt handling (Hafnium para-virtualized interface)
** S-EL0 partitions support through VHE architecture extension in the SW
** Save/restore NW SVE live state on world switches
** SPs to use FP/SIMD while NW uses SVE/SIMD/FP on the same core
** Updated toolchain to LLVM/Clang 12
** Published new SPMC threat model
**TF-A-v2.5 Release features**
* TF-A Public Threat Model published
* Armv8.7: FEAT_MTE3, FEAT_PAN3
* Armv8.6: FEAT_AMUv1p1, FEAT_MTPMU
* Armv8.5: Speculation Barrier (SB) for non-Armv8.5 platforms starting from Armv8.0 (FEAT_SB)
* Helper functions for Random number generator registers (FEAT_RNG)
* Support for TRNG firmware interface service
* SiP service to configure Ethos-N NPU
* GPT Image Support aligned to Firmware update specification
* S-EL2 Hafnium/FF-A:
** PAuth & BTI support
** SMMUv3.2 S-EL2 driver for stage 2 translation
** FF-A Non-secure interrupt handling
** FF-A Power management support at boot time
** FF-A Direct message interfaces & Memory sharing interfaces
** Added SPMC support to Hafnium CI
** Save/restore of Normal world FP/NEON/SIMD state
If you are interested in collaborating on any of the roadmap features or other features, please mail [[ https://lists.trustedfirmware.org/mailman/listinfo/tf-a | TF-A mailing list ]]
**WARNING:**
All dates are provisional and subject to change without notice. Items beyond CQ3'21in Ongoing/Future section will be planned in detail and confirmed at the start of the quarter depending on progress made in previous quarter and available bandwidthin due course.
**TF-A-v2.6 Release features****Ongoing**
* Armv9 features* CPU Errata Support
* Gearing up for TF-A next Release
* Firmware Handoff
* DSU PMU S/R support:
** Realm Management Extension (FEAT_RME): first prototype implementation (ENABLE_RME)* PSA Crypto API
* FF-A 1.2 enhanced Support
** Scalable Matrix Extension (FEAT_SME) enabled for Normal world use* Firmware Update live Activation BL31 II
** Trace Buffer Extension (FEAT_TRBE): enable access to trace buffer control registers from Normal world* mbedTLS 2.x removal
** Embedded Trace Extension (FEAT_ETE, FEAT_ETEv1p1): enabled for Normal world use* Firmware Update Improvements
**Future**
* Armv8 features support:* GICv5 Investigation
** Activity Monitors Extension (FEAT_AMU): enable per-core AMU auxiliary counters* GIC v3 | NMI Support
** Support for the HCRX_EL2 register (FEAT_HCX)* Firmware Handoff | Platform Support
** Scalable Vector Extension (FEAT_SVE): enabled for the Secure world* CCA Plane II/DI
* CCA DA II/DI
* Live FW Update
* CCA Granule Delegation
** Self-hosted Trace Extensions (FEAT_TRF)* 2023|2024 architecture Feature enablement
* Support for the Arm Firmware Update specification* FF-A 1.1 ACS Compliance
* Hafnium SPM:Secure Timer Virtualization
____________________________________________________________________________________________
**2023 TF-A Releases**
**TF-Av2.10 release (Nov 2023)**
**Architecture extensions support :**
*** Arm FF-A v1.1 notificationsv8.9 | 2022 Architecture extension support enabled for FEAT_HAFT,RPRFM, LRCPC3, and MTE_PERM
** Arm FF-A v1.1 interrupt handling (Hafnium para-virtualiz* Non Secure SME support in RMM
* PAC+ BTI support enabled interface) RMM and Realm
** S-EL0 partitions* CPU support through VHE architecture extension in the SWadded for Gelas, Nevis and Travis cores
** Save/restore NW SVE live state on w**TF-A | EL3 Root World switches:**
** SPs to use FP/SIMD while NW uses SVE/SIMD/FP on the same core* Firmware handoff Library Support : transfer list APIs and Firmware Handoff build option
** Updated toolchain to LLVM/Clang 12* Improvements to BL31 runtime exception handling
* Context management refactoring for RME/4 Worlds
**Boot Support :**
** Published new SPMC threat model Trusted Boot support for ECDSA (Elliptic Curve Digital Signature Algorithm) P- 384 keys
* Migrated to PSA crypto API’s (Except for authenticated decryption feature. Also, mbedTLS legacy crypto APIs will still be supported for some time)
* Improved the GUID Partition Table (GPT) parser
* Various security Improvements and threat Model updates for ARM CCA
* Completed PSA Attestation Support
**Hafnium | S-EL2 SPM :**
* Continued support for FF-A v1.2 - FFA_YIELD with time-out; EL3 SPMDs LSPs communication; memory sharing updates
* Memory region relative base address field support in SP manifests
* Interrupt re-configuration hypervisor calls
* Memory management: S2 PT NS/S IPA split
* SMCCCv1.2+ compliance fixes
* Feature parity test improvements for EL3 SPMC and Hafnium
**TF-A-v2.5 Release features**RMM | R-EL2:**
* TF-A Public Threat Model publishedRMM aligned to RMM 1.0 EAC5 spec
* Armv8.7: FEAT_MTE3, FEAT_PAN3* Initial CBMC Support
* Armv8.6: FEAT_AMUv1p1, FEAT_MTPMU* Added TF-RMM Threat Model to the documentation support
* Armv8.5: Speculation Barrier (SB) for non-Armv8.5 platforms* Added capability to privately map the per-CPU starting from Armv8.0 (FEAT_SB)ck in RMM
**TF-A Tests:**
* Helper functions* Added support for Random number generator registers (FEAT_RNG)errata management firmware interface tests
* S* Added support for TRNG firmware interface servicehand-off tests
* SiP service to configure Ethos-N NPU* Test support for SMCCCv1.2 extended GP register set
* GPT Image S* Added PAC and PMU support aligned to Firmware update specificationin Realm tests
**Platform Support :**
* S-EL2 Hafnium/FF-A:* Support for Aspeed AST2700, NXP IMX93, Intel Agilex5,Nuvoton and ST platforms
**Errata ABI:**
** PAuth & BTI support Added 13 CPU Errata mitigations(1xCortex-X2, 1xCortex-A710, 4xNeoverse N2, 4xNeoverse V2, 2xCortex- X3 CPU, 1xCortex-A510)
**Others :**
** SMMUv3.2 S-EL2 driver for stage 2 translation* Qemu Platform Support
** FF-A Non-secure interrupt handling* SDEI support added
* Firmware handoff support implemented
** FF-A Power management* QEMU virt platform is now support at boot timeed in TF-RMM
** FF-A Direct message interfaces & Memory sharing interfaces* mbedTLS Update to 3.4.1
** Added SPMC* Crypto-cell support to Hafnium CIfor 712/713 removal ( deprecation announced in TF-A 2.9)
** Save/restore of Normal world FP/NEON/SIMD state_______________________________________________________________________
**TF-Av2.9 release (May 2023)**
**In Development features - TF-Av2.7 release readiness**Architecture extensions support:**
- Support for PSCI OS initiated mode
- Architecture support for FEAT_TCR2, Guarded Control Stack (FEAT_GCS), Config Register Support for FEAT_HCX
- Save/Restore Support for FEAT_PIE/POE, FEAT_SME | SME2, FEAT_MPAM: runtime check
- Added dynamic detection of architecture feature enablement
- System registers access trap handler
- Eighteen CPU Errata Mitigations for Cortex-A510, A-78, X2, Neoverse V1, N2 cores and GICv3 bug fixes
- Errata Management Firmware Interface implementation supported for version 1.0 of the public specification
* Arm 2020 Arch. - First release done solely relying on TrustedFirmware.org Open CI
- Ethos-N NPU Driver Added support for Protected Firmware Setup
- EL3 SPMC enhanced feature hardening (scan warning fixes, extensions (v8.7) support: FEAT_AFPreport execution stage in partition info etc)
**Arm CCA support:**
- Support for Trusted Boot rooted into RSS RoT
- Support for PSA attestation scheme with Measured Boot rooted into RSS.
- General improvements and hardening of the boot and attestation support.
- Hardening efforts in the X.509 certificate parser, FEAT_RPRESincluding a security fix (TFV-10, FEAT_SPECVE-2022-47630)
**TF-RMM Enhancements [0.3.0] :**
- Refactoring Stage 1 Translation Table to better fit RMM Usage
- PMU usage in Realms as per RMM v1.0 BET0 spec
- Realm support to leverage SVE hardware functionality, FEAT_WFxTif enabled
- Improve dynamic config of RMM by adding support for DRAM info in RMM-EL3 interface
- RMM Unit test support for granule and slot-buffer components
- Mask MTE capability so that realms can see that MTE is not supported
- Build improvements in RMM comprising : build times, FEAT_LS64decouple dependencies during build cycle and support multi-config builds
**Hafnium SPM & FF-A enablement:**
* FF-A v1.2 Early Adoption
* FF-A v1.1 Enhanced Support
* Arm 2020 Arch. extensions (v9.2) support: FEAT_BRBE
* S-EL2 Hafnium/ SPM / FF-A: ** Interrupt handling (S-EL0 partition signaling, allow a physical interrupt to be routed to a specified PE)
** Memory sharing (support for FF-A backward compatibility, share/lend/donate memory to multiple borrowers, normal/secure fragmented memory sharing)
** FF-A ** Power Mmanagement runtime supportent (events relayed to the SPMC and removed limitations)
** FF-A Secure Interrupts handling (Beta0 draft spec ** Indirect messaging (buffer synchronization and ownership transfer rules)
** MTE hardening ** Hardened SP manifest memory regions boot time validation
** M ** CI migration to arm64 native host compilationLLVM/clang 15.0.6
** EL3 SPM FF-A support ** Removal of non-VHE build and test configurations
* CCA (RME) enablement: ** Added EL3 SPMC test configurations using the Hafnium’s CI infrastructure
**TF-A Tests**
** Trusted boot new flow - support for 2021 Architecture Extensions
** Context mgmt. - new tests for 4 worlds enhancementsFEAT_RME and RMM Testing
** AP <-> RSS measured boot & attestation
**Ongoing / Future** - support for FF-A v1.1 Feature testing
* MISRA scan integration into OpenCI - New cores/platforms support:
* Arm 2021 Arch. extensions (v8.8) - Arm TC3 CPU cores support:
** FEAT_HPMN0 - Power Domain support for N1SDP and Morello hardware
** FEAT_PACQARMA3, FEAT_CONSTPACFIELD - Allwinner T507 SoC support
** FEAT_RNG_TRAP - Legacy support for Nvidia Tegra 210
* Arm DRTM spec - MT8188 | MT8195 Platform support
** Phase 1: Standard services, Complete DMA protectionQemu** : Enable Dynamic Feature Detection for Normal World
----------------------------------------------------------------------------------------------------------------------------------------
**Previous TF-A Releases**
**TF-RMMv01.0/v0.2.0 first releases (November 2022)**
** Phase 2: Other SMCs, region-based DMA protection Reference implementation of the Arm Realm Management Monitor (RMM) [[ https://developer.arm.com/documentation/den0137/ | specification ]]
* S-EL2 Hafnium/ SPM / FF-A:Aligned against BETA revision of the specification
* Tested against TF-Av2.8
* All contributions accepted under DCO and BSD 3-Clause
**TF-Av2.8 release (November 2022)**
** S-EL2 & EL3 SPM features alignment* Architecture extensions support:
** FF-A Indirect msg** Added Pointer Authentication Extension helper support for QARMA3 (FEAT_PACQARMA3)
** FF-A Secure Interrupts hand. (GIC emulation** Partial EL3 support for RNDR/RNDRRS (FEAT_RNG_TRAP)
** FF-A SMMU guidance** Added SVE fall back if SME not available (FEAT_SME)
** FF-A Memory sharing on RME** Support full SVE vector Length (FEAT_SVE)
** FF-A Memory sharing to multiple borrowers** Added FEAT_BRBE and FEAT_TRBE under feature detection mechanism
** Google* Added support for DRTM (Dynamic Root of Trusty TEE integrast Measurement) Phase 1 (Standard services, Complete DMA protection)
** SPM + RME extension support* Various Errata Mitigations (Cortex-A710, A510, X3, X2, A76, A77, A78C, Neoverse N1, N2, GIC-600)
* GIC-600AE RAS: FMU initialization* Improved SVE support (as per SMCCCv1.3)
* Armv8-R64 PSCI services* Ethos-N Driver support for SMMU
* Errata ABI spec support* EL3 SPMC feature hardening
* CCA (RME/RMM) enablement:* FEAT_RME:
** RMM first revision upstream** Bootflow chain of trust support for AEM FVP
** Beta/EAC spec alignment** Further developments to support TF-RMM upstreaming
** RAS for 4 worlds investigation** Tested interop against TF-RMM v0.2.0
* TF-A Tests support for 4 new platforms (N1SDP, RD-N2, RD-N2-Cfg1, RD-V1)
* TF-A Tests FEAT_RME Realm Payload Testing
* TF-A Tests FF-A v1.1 Secure interrupts Testing
* Hafnium SPM & FF-A enablement:
** FF-A v1.1 additions (Interrupt handling, Memory sharing, Framework notifications and indirect messaging)
** Added FF-A console log ABI, support for GICv3.1 extended INTID ranges
** Enhanced SVE by supporting up to the maximum vector length
** FF-A v1.0 ACS test suite integration in Open CI.
**TF-A-v2.7 Release features**
* Architecture support:
** Armv9.2 Branch Record Buffer Extension (FEAT_BRBE) for Non-secure World support
** Armv8.7 Statistical Profiling Extension (FEAT_SPEV1P2) TF-A-Tests support
** Armv8.7 WFE/WFI instructions with Timeout (FEAT_WFxT), Increased precision of Reciprocal Estimate and Reciprocal Square Root Estimate (FEAT_RPRES) & Alternate Floating-Point (FEAT_AFP) TF-A-Tests support
* *Armv8.3 Extended Cache Index (FEAT_CCIDX) support
* Spectre Branch History Buffer (BHB) Mitigations
* Various Software workarounds for Errata affecting Cortex-A710, A510, A78, X2
* New Architectural Features Detection Mechanism (Experimental Feature)
* SMMU Granule Protection Checks (GPC) for Secure and Non-secure world transactions
* FF-A & SPM:
** Secure Partition Manager (SPM) operating at EL3 (Experimental Feature)
** Hafnium: Memory Tagging Extension (MTE) stack tagging support at S-EL2
** Hafnium FF-A implementation:
** FF-A v1.1 EAC0: Boot protocol, Setup and discovery, Notifications
** FF-A v1.1 Beta0: Interrupt handling improvements
** FF-A v1.0 compliance fixes
**TF-A-v2.6 Release features**
* Armv9 features support:
** Realm Management Extension (FEAT_RME): first prototype implementation (ENABLE_RME)
** Scalable Matrix Extension (FEAT_SME) enabled for Normal world use
** Trace Buffer Extension (FEAT_TRBE): enable access to trace buffer control registers from Normal world
** Embedded Trace Extension (FEAT_ETE, FEAT_ETEv1p1): enabled for Normal world use
* Armv8 features support:
** Activity Monitors Extension (FEAT_AMU): enable per-core AMU auxiliary counters
** Support for the HCRX_EL2 register (FEAT_HCX)
** Scalable Vector Extension (FEAT_SVE): enabled for the Secure world
** Self-hosted Trace Extensions (FEAT_TRF)
* Support for the Arm Firmware Update specification
* Hafnium SPM:
** Arm FF-A v1.1 notifications support
** Arm FF-A v1.1 interrupt handling (Hafnium para-virtualized interface)
** S-EL0 partitions support through VHE architecture extension in the SW
** Save/restore NW SVE live state on world switches
** SPs to use FP/SIMD while NW uses SVE/SIMD/FP on the same core
** Updated toolchain to LLVM/Clang 12
** Published new SPMC threat model
**TF-A-v2.5 Release features**
* TF-A Public Threat Model published
* Armv8.7: FEAT_MTE3, FEAT_PAN3
* Armv8.6: FEAT_AMUv1p1, FEAT_MTPMU
* Armv8.5: Speculation Barrier (SB) for non-Armv8.5 platforms starting from Armv8.0 (FEAT_SB)
* Helper functions for Random number generator registers (FEAT_RNG)
* Support for TRNG firmware interface service
* SiP service to configure Ethos-N NPU
* GPT Image Support aligned to Firmware update specification
* S-EL2 Hafnium/FF-A:
** PAuth & BTI support
** SMMUv3.2 S-EL2 driver for stage 2 translation
** FF-A Non-secure interrupt handling
** FF-A Power management support at boot time
** FF-A Direct message interfaces & Memory sharing interfaces
** Added SPMC support to Hafnium CI
** Save/restore of Normal world FP/NEON/SIMD state
** SMMU GPT