Phriction Trusted Firmware Trusted Firmware-A (TF-A) TF-A, TF-RMM & Hafnium Roadmaps History Version 17 vs 18
Version 17 vs 18
Version 17 vs 18
Content Changes
Content Changes
If you are interested in collaborating on any of the roadmap features or other features, please mail [[ https://lists.trustedfirmware.org/mailman/listinfo/tf-a | TF-A mailing list ]]
**WARNING:**
All dates are provisional and subject to change without notice. Items beyond CQ3'21 will be planned in detail and confirmed at the start of the quarter depending on progress made in previous quarter and available bandwidth.
**In Development features - TF-Av2.7 release readiness**
* Arm 2020 Arch. extensions (v8.7) support: FEAT_AFP, FEAT_RPRES, FEAT_SPE, FEAT_WFxT, FEAT_LS64
* Arm 2020 Arch. extensions (v9.2) support: FEAT_BRBE
* S-EL2 Hafnium/ SPM / FF-A:
** FF-A Power Management runtime support
** FF-A Secure Interrupts handling (Beta0 draft spec)
** MTE hardening
** Migration to arm64 native host compilation
** EL3 SPM FF-A support
* CCA (RME) enablement:
** Trusted boot new flow
** Context mgmt. for 4 worlds enhancements
** AP <-> RSS measured boot & attestation (see [[ https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/R364CS3ASCTVKDAHC7GFOJJJYJSZE6BB/ | msg ]])
**Ongoing / Future**
* MISRA scan integration into OpenCI
* Arm 2021 Arch. extensions (v8.8) support:
** FEAT_HPMN0
** FEAT_PACQARMA3, FEAT_CONSTPACFIELD
** FEAT_RNG_TRAP
* Arm DRTM spec support
** Phase 1: Standard services, Complete DMA protection
** Phase 2: Other SMCs, region-based DMA protection
* S-EL2 Hafnium/ SPM / FF-A:
** S-EL2 & EL3 SPM features alignment
** FF-A Indirect msg
** FF-A Secure Interrupts hand. (GIC emulation)
** FF-A SMMU guidance
** FF-A Memory sharing on RME
** FF-A Memory sharing to multiple borrowers
** Google Trusty TEE integration
** SPM + RME extension support
* GIC-600AE RAS: FMU initialization
* Armv8-R64 PSCI services
* Errata ABI spec support
* CCA (RME/RMM) enablement:
** RMM first revision upstream
** Beta/EAC spec alignment
** RAS for 4 worlds investigation
** SMMU GPT
**PREVIOUS RELEASES**
**TF-A-v2.6 Release features**
* Armv9 features support:
** Realm Management Extension (FEAT_RME): first prototype implementation (ENABLE_RME)
** Scalable Matrix Extension (FEAT_SME) enabled for Normal world use
** Trace Buffer Extension (FEAT_TRBE): enable access to trace buffer control registers from Normal world
** Embedded Trace Extension (FEAT_ETE, FEAT_ETEv1p1): enabled for Normal world use
* Armv8 features support:
** Activity Monitors Extension (FEAT_AMU): enable per-core AMU auxiliary counters
** Support for the HCRX_EL2 register (FEAT_HCX)
** Scalable Vector Extension (FEAT_SVE): enabled for the Secure world
** Self-hosted Trace Extensions (FEAT_TRF)
* Support for the Arm Firmware Update specification
* Hafnium SPM:
** Arm FF-A v1.1 notifications support
** Arm FF-A v1.1 interrupt handling (Hafnium para-virtualized interface)
** S-EL0 partitions support through VHE architecture extension in the SW
** Save/restore NW SVE live state on world switches
** SPs to use FP/SIMD while NW uses SVE/SIMD/FP on the same core
** Updated toolchain to LLVM/Clang 12
** Published new SPMC threat model
**TF-A-v2.5 Release features**
* TF-A Public Threat Model published
* Armv8.7: FEAT_MTE3, FEAT_PAN3
* Armv8.6: FEAT_AMUv1p1, FEAT_MTPMU
* Armv8.5: Speculation Barrier (SB) for non-Armv8.5 platforms starting from Armv8.0 (FEAT_SB)
* Helper functions for Random number generator registers (FEAT_RNG)
* Support for TRNG firmware interface service
* SiP service to configure Ethos-N NPU
* GPT Image Support aligned to Firmware update specification
* S-EL2 Hafnium/FF-A:
** PAuth & BTI support
** SMMUv3.2 S-EL2 driver for stage 2 translation
** FF-A Non-secure interrupt handling
** FF-A Power management support at boot time
** FF-A Direct message interfaces & Memory sharing interfaces
** Added SPMC support to Hafnium CI
** Save/restore of Normal world FP/NEON/SIMD state
If you are interested in collaborating on any of the roadmap features or other features, please mail [[ https://lists.trustedfirmware.org/mailman/listinfo/tf-a | TF-A mailing list ]]
**WARNING:**
All dates are provisional and subject to change without notice. Items in Ongoing/Future section will be planned in detail and confirmed in due course.
**TF-RMMv01.0/v0.2.0 first releases (November 2022)**
* Reference implementation of the Arm Realm Management Monitor (RMM) [[ https://developer.arm.com/documentation/den0137/ | specification ]]
* Tested against TF-Av2.8
* All contributions accepted under DCO and BSD 3-Clause
**TF-Av2.8 release (November 2022)**
* Architecture extensions support:
** Added Pointer Authentication Extension helper support for QARMA3 (FEAT_PACQARMA3)
** Partial EL3 support for RNDR/RNDRRS (FEAT_RNG_TRAP)
** Added SVE fall back if SME not available (FEAT_SME)
** Support full SVE vector Length (FEAT_SVE)
** Added FEAT_BRBE and FEAT_TRBE under feature detection mechanism
* Added support for DRTM (Dynamic Root of Trust Measurement) Phase 1 (Standard services, Complete DMA protection)
* Various Errata Mitigations (Cortex-A710, A510, X3, X2, A76, A77, A78C, Neoverse N1, N2, GIC-600)
* Improved SVE support (as per SMCCCv1.3)
* Ethos-N Driver support for SMMU
* EL3 SPMC feature hardening
* FEAT_RME:
** Bootflow chain of trust support for AEM FVP
** Further developments to support TF-RMM upstreaming
** Tested interop against TF-RMM v0.2.0
* TF-A Tests support for 4 new platforms (N1SDP, RD-N2, RD-N2-Cfg1, RD-V1)
* TF-A Tests FEAT_RME Realm Payload Testing
* TF-A Tests FF-A v1.1 Secure interrupts Testing
* Hafnium SPM & FF-A enablement:
** FF-A v1.1 additions (Interrupt handling, Memory sharing, Framework notifications and indirect messaging)
** Added FF-A console log ABI, support for GICv3.1 extended INTID ranges
** Enhanced SVE by supporting up to the maximum vector length
** FF-A v1.0 ACS test suite integration in Open CI.
**Ongoing**
* MISRA scan (Eclair tool) integration into OpenCI
* Arm 2021 Arch. extensions (v8.8) completion: FEAT_HPMN0, FEAT_RNG_TRAP, TF-A-Tests for all features
* Arm 2022 Arch. extensions (v8.9) investigation
* Errata ABI spec support
* mbedTLS v3.0 upgrade
* PSA Crypto APIs support
* S-EL2 Hafnium/ SPM / FF-A:
** S-EL2 & EL3 SPM features alignment
** Future**
* FWU Live Activation
* FW Handoff spec
* S-EL2 Hafnium/ SPM / FF-A:
** FF-A SMMU guidance
** FF-A Memory sharing on RME
** SPM + RME extension support
* Arm DRTM spec support Phase 2: Other SMCs, region-based DMA protection
* TF-RMM enablement:
** EAC spec alignment
** RAS & FWU review for 4 worlds
** SVE/SME enablement
** Device Assignement support
**PREVIOUS RELEASES**
**TF-A-v2.7 Release features**
* Architecture support:
** Armv9.2 Branch Record Buffer Extension (FEAT_BRBE) for Non-secure World support
** Armv8.7 Statistical Profiling Extension (FEAT_SPEV1P2) TF-A-Tests support
** Armv8.7 WFE/WFI instructions with Timeout (FEAT_WFxT), Increased precision of Reciprocal Estimate and Reciprocal Square Root Estimate (FEAT_RPRES) & Alternate Floating-Point (FEAT_AFP) TF-A-Tests support
* *Armv8.3 Extended Cache Index (FEAT_CCIDX) support
* Spectre Branch History Buffer (BHB) Mitigations
* Various Software workarounds for Errata affecting Cortex-A710, A510, A78, X2
* New Architectural Features Detection Mechanism (Experimental Feature)
* SMMU Granule Protection Checks (GPC) for Secure and Non-secure world transactions
* FF-A & SPM:
** Secure Partition Manager (SPM) operating at EL3 (Experimental Feature)
** Hafnium: Memory Tagging Extension (MTE) stack tagging support at S-EL2
** Hafnium FF-A implementation:
** FF-A v1.1 EAC0: Boot protocol, Setup and discovery, Notifications
** FF-A v1.1 Beta0: Interrupt handling improvements
**FF-A v1.0 compliance fixes
**TF-A-v2.6 Release features**
* Armv9 features support:
** Realm Management Extension (FEAT_RME): first prototype implementation (ENABLE_RME)
** Scalable Matrix Extension (FEAT_SME) enabled for Normal world use
** Trace Buffer Extension (FEAT_TRBE): enable access to trace buffer control registers from Normal world
** Embedded Trace Extension (FEAT_ETE, FEAT_ETEv1p1): enabled for Normal world use
* Armv8 features support:
** Activity Monitors Extension (FEAT_AMU): enable per-core AMU auxiliary counters
** Support for the HCRX_EL2 register (FEAT_HCX)
** Scalable Vector Extension (FEAT_SVE): enabled for the Secure world
** Self-hosted Trace Extensions (FEAT_TRF)
* Support for the Arm Firmware Update specification
* Hafnium SPM:
** Arm FF-A v1.1 notifications support
** Arm FF-A v1.1 interrupt handling (Hafnium para-virtualized interface)
** S-EL0 partitions support through VHE architecture extension in the SW
** Save/restore NW SVE live state on world switches
** SPs to use FP/SIMD while NW uses SVE/SIMD/FP on the same core
** Updated toolchain to LLVM/Clang 12
** Published new SPMC threat model
**TF-A-v2.5 Release features**
* TF-A Public Threat Model published
* Armv8.7: FEAT_MTE3, FEAT_PAN3
* Armv8.6: FEAT_AMUv1p1, FEAT_MTPMU
* Armv8.5: Speculation Barrier (SB) for non-Armv8.5 platforms starting from Armv8.0 (FEAT_SB)
* Helper functions for Random number generator registers (FEAT_RNG)
* Support for TRNG firmware interface service
* SiP service to configure Ethos-N NPU
* GPT Image Support aligned to Firmware update specification
* S-EL2 Hafnium/FF-A:
** PAuth & BTI support
** SMMUv3.2 S-EL2 driver for stage 2 translation
** FF-A Non-secure interrupt handling
** FF-A Power management support at boot time
** FF-A Direct message interfaces & Memory sharing interfaces
** Added SPMC support to Hafnium CI
** Save/restore of Normal world FP/NEON/SIMD state
If you are interested in collaborating on any of the roadmap features or other features, please mail [[ https://lists.trustedfirmware.org/mailman/listinfo/tf-a | TF-A mailing list ]]
**WARNING:**
All dates are provisional and subject to change without notice. Items beyond CQ3'21in Ongoing/Future section will be planned in detail and confirmed at the start of the quarter depending on progress made in previous quarter and available bandwidthin due course.
**In Development features - TF-Av2.7 release readiness****TF-RMMv01.0/v0.2.0 first releases (November 2022)**
* Arm 2020 Arch. extensions (v8.7) support: FEAT_AFP, FEAT_RPRES, FEAT_SPE, FEAT_WFxT, FEAT_LS64Reference implementation of the Arm Realm Management Monitor (RMM) [[ https://developer.arm.com/documentation/den0137/ | specification ]]
* Arm 2020 Arch. extens* Tested against TF-Av2.8
* All contributions (v9.2) support: FEAT_BRBE
* S-EL2 Hafnium/ SPM / FF-A:accepted under DCO and BSD 3-Clause
**TF-Av2.8 release (November 2022)**
** FF-A Power Management runtime* Architecture extensions support:
** FF-A Secure Interrupts handling (Beta0 draft spec** Added Pointer Authentication Extension helper support for QARMA3 (FEAT_PACQARMA3)
** MTE hardening** Partial EL3 support for RNDR/RNDRRS (FEAT_RNG_TRAP)
** Migration to arm64 native host compilation** Added SVE fall back if SME not available (FEAT_SME)
** EL3 SPM FF-A support** Support full SVE vector Length (FEAT_SVE)
* CCA (RME) enablement:** Added FEAT_BRBE and FEAT_TRBE under feature detection mechanism
*** Added support for DRTM (Dynamic Root of Trusted boot new flowst Measurement) Phase 1 (Standard services, Complete DMA protection)
** Context mgmt.* Various Errata Mitigations (Cortex-A710, A510, X3, X2, A76, A77, A78C, Neoverse N1, N2, for 4 worlds enhancementsGIC-600)
** AP <-> RSS measured boot & attestation (see [[ https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/R364CS3ASCTVKDAHC7GFOJJJYJSZE6BB/ | msg ]])
**Ongoing / Future** Improved SVE support (as per SMCCCv1.3)
* Ethos-N Driver support for SMMU
* MISRA scan integration into OpenCI* EL3 SPMC feature hardening
* Arm 2021 Arch. extensions (v8.8) support:* FEAT_RME:
** FEAT_HPMN0** Bootflow chain of trust support for AEM FVP
** FEAT_PACQARMA3, FEAT_CONSTPACFIELDurther developments to support TF-RMM upstreaming
** FEAT_RNG_TRAP** Tested interop against TF-RMM v0.2.0
* Arm DRTM spec support* TF-A Tests support for 4 new platforms (N1SDP, RD-N2, RD-N2-Cfg1, RD-V1)
** Phase 1: Standard services, Complete DMA protection* TF-A Tests FEAT_RME Realm Payload Testing
** Phase 2: Other SMCs, TF-A Tests FF-A v1.1 Secure interrupts Testing
* Hafnium SPM & FF-A enablement:
** FF-A v1.1 additions (Interrupt handling, Memory sharing, Framework notifications and indirect messaging)
** Added FF-A console log ABI, support for GICv3.1 extended INTID ranges
** Enhanced SVE by supporting up to the maximum vector length
** FF-A v1.0 ACS test suite integration in Open CI.
**Ongoing**
* MISRA scan (Eclair tool) integration into OpenCI
* Arm 2021 Arch. extensions (v8.8) completion: FEAT_HPMN0, FEAT_RNG_TRAP, TF-A-Tests for all features
* Arm 2022 Arch. region-based DMA protectionextensions (v8.9) investigation
* Errata ABI spec support
* mbedTLS v3.0 upgrade
* PSA Crypto APIs support
* S-EL2 Hafnium/ SPM / FF-A:
** S-EL2 & EL3 SPM features alignment
** Future**
** FF-A Indirect msg* FWU Live Activation
* FW Handoff spec
** FF-A Secure Interrupts hand. (GIC emulation)* S-EL2 Hafnium/ SPM / FF-A:
** FF-A SMMU guidance
** FF-A Memory sharing on RME
** FF-A Memory sharing to multiple borrowers** SPM + RME extension support
** Google Trusty TEE integra* Arm DRTM spec support Phase 2: Other SMCs, region-based DMA protection
** SPM + RME extension support* TF-RMM enablement:
* GIC-600AE RAS: FMU initialization** EAC spec alignment
* Armv8-R64 PSCI services** RAS & FWU review for 4 worlds
* Errata ABI spec** SVE/SME enablement
** Device Assignement supportt
**PREVIOUS RELEASES**
**TF-A-v2.7 Release features**
* CCA (RME/RMM) enablement:* Architecture support:
** RMM first revi** Armv9.2 Branch Record Buffer Extension upstream(FEAT_BRBE) for Non-secure World support
** Beta/EAC spec alignment** Armv8.7 Statistical Profiling Extension (FEAT_SPEV1P2) TF-A-Tests support
** RAS for 4 worlds investigationArmv8.7 WFE/WFI instructions with Timeout (FEAT_WFxT), Increased precision of Reciprocal Estimate and Reciprocal Square Root Estimate (FEAT_RPRES) & Alternate Floating-Point (FEAT_AFP) TF-A-Tests support
** SMMU GPT
**PREVIOUS RELEASES** *Armv8.3 Extended Cache Index (FEAT_CCIDX) support
* Spectre Branch History Buffer (BHB) Mitigations
* Various Software workarounds for Errata affecting Cortex-A710, A510, A78, X2
* New Architectural Features Detection Mechanism (Experimental Feature)
* SMMU Granule Protection Checks (GPC) for Secure and Non-secure world transactions
* FF-A & SPM:
** Secure Partition Manager (SPM) operating at EL3 (Experimental Feature)
** Hafnium: Memory Tagging Extension (MTE) stack tagging support at S-EL2
** Hafnium FF-A implementation:
** FF-A v1.1 EAC0: Boot protocol, Setup and discovery, Notifications
** FF-A v1.1 Beta0: Interrupt handling improvements
**FF-A v1.0 compliance fixes
**TF-A-v2.6 Release features**
* Armv9 features support:
** Realm Management Extension (FEAT_RME): first prototype implementation (ENABLE_RME)
** Scalable Matrix Extension (FEAT_SME) enabled for Normal world use
** Trace Buffer Extension (FEAT_TRBE): enable access to trace buffer control registers from Normal world
** Embedded Trace Extension (FEAT_ETE, FEAT_ETEv1p1): enabled for Normal world use
* Armv8 features support:
** Activity Monitors Extension (FEAT_AMU): enable per-core AMU auxiliary counters
** Support for the HCRX_EL2 register (FEAT_HCX)
** Scalable Vector Extension (FEAT_SVE): enabled for the Secure world
** Self-hosted Trace Extensions (FEAT_TRF)
* Support for the Arm Firmware Update specification
* Hafnium SPM:
** Arm FF-A v1.1 notifications support
** Arm FF-A v1.1 interrupt handling (Hafnium para-virtualized interface)
** S-EL0 partitions support through VHE architecture extension in the SW
** Save/restore NW SVE live state on world switches
** SPs to use FP/SIMD while NW uses SVE/SIMD/FP on the same core
** Updated toolchain to LLVM/Clang 12
** Published new SPMC threat model
**TF-A-v2.5 Release features**
* TF-A Public Threat Model published
* Armv8.7: FEAT_MTE3, FEAT_PAN3
* Armv8.6: FEAT_AMUv1p1, FEAT_MTPMU
* Armv8.5: Speculation Barrier (SB) for non-Armv8.5 platforms starting from Armv8.0 (FEAT_SB)
* Helper functions for Random number generator registers (FEAT_RNG)
* Support for TRNG firmware interface service
* SiP service to configure Ethos-N NPU
* GPT Image Support aligned to Firmware update specification
* S-EL2 Hafnium/FF-A:
** PAuth & BTI support
** SMMUv3.2 S-EL2 driver for stage 2 translation
** FF-A Non-secure interrupt handling
** FF-A Power management support at boot time
** FF-A Direct message interfaces & Memory sharing interfaces
** Added SPMC support to Hafnium CI
** Save/restore of Normal world FP/NEON/SIMD state