Page MenuHomePhabricator

TF-A, TF-RMM & Hafnium Roadmaps
Updated 321 Days AgoPublic

If you are interested in collaborating on any of the roadmap features or other features, please mail TF-A mailing list

WARNING:
All dates are provisional and subject to change without notice. Items in Ongoing/Future section will be planned in detail and confirmed in due course.

Ongoing

  • CPU Errata Support
  • Gearing up for TF-A next Release
  • Firmware Handoff
  • DSU PMU S/R support
  • PSA Crypto API
  • FF-A 1.2 enhanced Support
  • Firmware Update live Activation BL31 II
  • mbedTLS 2.x removal
  • Firmware Update Improvements

Future

  • GICv5 Investigation
  • GIC v3 | NMI Support
  • Firmware Handoff | Platform Support
  • CCA Plane II/DI
  • CCA DA II/DI
  • Live FW Update
  • CCA Granule Delegation
  • 2023|2024 architecture Feature enablement
  • FF-A 1.1 ACS Compliance
  • Secure Timer Virtualization

2023 TF-A Releases

TF-Av2.10 release (Nov 2023)

Architecture extensions support :

  • Arm v8.9 | 2022 Architecture extension support enabled for FEAT_HAFT,RPRFM, LRCPC3, and MTE_PERM
  • Non Secure SME support in RMM
  • PAC+ BTI support enabled in RMM and Realm
  • CPU support added for Gelas, Nevis and Travis cores

TF-A | EL3 Root World :

  • Firmware handoff Library Support : transfer list APIs and Firmware Handoff build option
  • Improvements to BL31 runtime exception handling
  • Context management refactoring for RME/4 Worlds

Boot Support :

  • Trusted Boot support for ECDSA (Elliptic Curve Digital Signature Algorithm) P- 384 keys
  • Migrated to PSA crypto API’s (Except for authenticated decryption feature. Also, mbedTLS legacy crypto APIs will still be supported for some time)
  • Improved the GUID Partition Table (GPT) parser
  • Various security Improvements and threat Model updates for ARM CCA
  • Completed PSA Attestation Support

Hafnium | S-EL2 SPM :

  • Continued support for FF-A v1.2 - FFA_YIELD with time-out; EL3 SPMDs LSPs communication; memory sharing updates
  • Memory region relative base address field support in SP manifests
  • Interrupt re-configuration hypervisor calls
  • Memory management: S2 PT NS/S IPA split
  • SMCCCv1.2+ compliance fixes
  • Feature parity test improvements for EL3 SPMC and Hafnium

TF-RMM | R-EL2:

  • TF-RMM aligned to RMM 1.0 EAC5 spec
  • Initial CBMC Support
  • Added TF-RMM Threat Model to the documentation support
  • Added capability to privately map the per-CPU stack in RMM

TF-A Tests:

  • Added support for errata management firmware interface tests
  • Added support for firmware hand-off tests
  • Test support for SMCCCv1.2 extended GP register set
  • Added PAC and PMU support in Realm tests

Platform Support :

  • Support for Aspeed AST2700, NXP IMX93, Intel Agilex5,Nuvoton and ST platforms

Errata ABI:

  • Added 13 CPU Errata mitigations(1xCortex-X2, 1xCortex-A710, 4xNeoverse N2, 4xNeoverse V2, 2xCortex- X3 CPU, 1xCortex-A510)

Others :

  • Qemu Platform Support
  • SDEI support added
  • Firmware handoff support implemented
  • QEMU virt platform is now supported in TF-RMM
  • mbedTLS Update to 3.4.1
  • Crypto-cell support for 712/713 removal ( deprecation announced in TF-A 2.9)

TF-Av2.9 release (May 2023)

Architecture extensions support:

  • Support for PSCI OS initiated mode
  • Architecture support for FEAT_TCR2, Guarded Control Stack (FEAT_GCS), Config Register Support for FEAT_HCX
  • Save/Restore Support for FEAT_PIE/POE, FEAT_SME | SME2, FEAT_MPAM: runtime check
  • Added dynamic detection of architecture feature enablement
  • System registers access trap handler
  • Eighteen CPU Errata Mitigations for Cortex-A510, A-78, X2, Neoverse V1, N2 cores and GICv3 bug fixes
  • Errata Management Firmware Interface implementation supported for version 1.0 of the public specification
  • First release done solely relying on TrustedFirmware.org Open CI
  • Ethos-N NPU Driver Added support for Protected Firmware Setup
  • EL3 SPMC enhanced feature hardening (scan warning fixes, report execution stage in partition info etc)

Arm CCA support:

  • Support for Trusted Boot rooted into RSS RoT
  • Support for PSA attestation scheme with Measured Boot rooted into RSS.
  • General improvements and hardening of the boot and attestation support.
  • Hardening efforts in the X.509 certificate parser, including a security fix (TFV-10, CVE-2022-47630)

TF-RMM Enhancements [0.3.0] :

  • Refactoring Stage 1 Translation Table to better fit RMM Usage
  • PMU usage in Realms as per RMM v1.0 BET0 spec
  • Realm support to leverage SVE hardware functionality, if enabled
  • Improve dynamic config of RMM by adding support for DRAM info in RMM-EL3 interface
  • RMM Unit test support for granule and slot-buffer components
  • Mask MTE capability so that realms can see that MTE is not supported
  • Build improvements in RMM comprising : build times, decouple dependencies during build cycle and support multi-config builds

Hafnium SPM & FF-A enablement:

  • FF-A v1.2 Early Adoption
  • FF-A v1.1 Enhanced Support
    • Interrupt handling (S-EL0 partition signaling, allow a physical interrupt to be routed to a specified PE)
    • Memory sharing (support for FF-A backward compatibility, share/lend/donate memory to multiple borrowers, normal/secure fragmented memory sharing)
    • Power management (events relayed to the SPMC and removed limitations)
    • Indirect messaging (buffer synchronization and ownership transfer rules)
    • Hardened SP manifest memory regions boot time validation
    • CI migration to LLVM/clang 15.0.6
    • Removal of non-VHE build and test configurations
    • Added EL3 SPMC test configurations using the Hafnium’s CI infrastructure

TF-A Tests

  • support for 2021 Architecture Extensions
  • new tests for FEAT_RME and RMM Testing
  • support for FF-A v1.1 Feature testing
  • New cores/platforms support:
  • Arm TC3 CPU cores support
  • Power Domain support for N1SDP and Morello hardware
  • Allwinner T507 SoC support
  • Legacy support for Nvidia Tegra 210
  • MT8188 | MT8195 Platform support

Qemu : Enable Dynamic Feature Detection for Normal World


Previous TF-A Releases

TF-RMMv01.0/v0.2.0 first releases (November 2022)

  • Reference implementation of the Arm Realm Management Monitor (RMM) specification
  • Aligned against BETA revision of the specification
  • Tested against TF-Av2.8
  • All contributions accepted under DCO and BSD 3-Clause

TF-Av2.8 release (November 2022)

  • Architecture extensions support:
    • Added Pointer Authentication Extension helper support for QARMA3 (FEAT_PACQARMA3)
    • Partial EL3 support for RNDR/RNDRRS (FEAT_RNG_TRAP)
    • Added SVE fall back if SME not available (FEAT_SME)
    • Support full SVE vector Length (FEAT_SVE)
    • Added FEAT_BRBE and FEAT_TRBE under feature detection mechanism
  • Added support for DRTM (Dynamic Root of Trust Measurement) Phase 1 (Standard services, Complete DMA protection)
  • Various Errata Mitigations (Cortex-A710, A510, X3, X2, A76, A77, A78C, Neoverse N1, N2, GIC-600)
  • Improved SVE support (as per SMCCCv1.3)
  • Ethos-N Driver support for SMMU
  • EL3 SPMC feature hardening
  • FEAT_RME:
    • Bootflow chain of trust support for AEM FVP
    • Further developments to support TF-RMM upstreaming
    • Tested interop against TF-RMM v0.2.0
  • TF-A Tests support for 4 new platforms (N1SDP, RD-N2, RD-N2-Cfg1, RD-V1)
  • TF-A Tests FEAT_RME Realm Payload Testing
  • TF-A Tests FF-A v1.1 Secure interrupts Testing
  • Hafnium SPM & FF-A enablement:
    • FF-A v1.1 additions (Interrupt handling, Memory sharing, Framework notifications and indirect messaging)
    • Added FF-A console log ABI, support for GICv3.1 extended INTID ranges
    • Enhanced SVE by supporting up to the maximum vector length 
    • FF-A v1.0 ACS test suite integration in Open CI.

TF-A-v2.7 Release features

  • Architecture support:
    • Armv9.2 Branch Record Buffer Extension (FEAT_BRBE) for Non-secure World support
    • Armv8.7 Statistical Profiling Extension (FEAT_SPEV1P2) TF-A-Tests support
    • Armv8.7 WFE/WFI instructions with Timeout (FEAT_WFxT), Increased precision of Reciprocal Estimate and Reciprocal Square Root Estimate (FEAT_RPRES) & Alternate Floating-Point (FEAT_AFP) TF-A-Tests support
  • *Armv8.3 Extended Cache Index (FEAT_CCIDX) support
  • Spectre Branch History Buffer (BHB) Mitigations
  • Various Software workarounds for Errata affecting Cortex-A710, A510, A78, X2 
  • New Architectural Features Detection Mechanism (Experimental Feature)
  • SMMU Granule Protection Checks (GPC) for Secure and Non-secure world transactions
  • FF-A & SPM:
    • Secure Partition Manager (SPM) operating at EL3 (Experimental Feature)
    • Hafnium: Memory Tagging Extension (MTE) stack tagging support at S-EL2
    • Hafnium FF-A implementation:
    • FF-A v1.1 EAC0: Boot protocol, Setup and discovery, Notifications
    • FF-A v1.1 Beta0: Interrupt handling improvements
    • FF-A v1.0 compliance fixes

TF-A-v2.6 Release features

  • Armv9 features support:
    • Realm Management Extension (FEAT_RME): first prototype implementation (ENABLE_RME)
    • Scalable Matrix Extension (FEAT_SME) enabled for Normal world use
    • Trace Buffer Extension (FEAT_TRBE): enable access to trace buffer control registers from Normal world
    • Embedded Trace Extension (FEAT_ETE, FEAT_ETEv1p1): enabled for Normal world use
  • Armv8 features support:
    • Activity Monitors Extension (FEAT_AMU): enable per-core AMU auxiliary counters
    • Support for the HCRX_EL2 register (FEAT_HCX)
    • Scalable Vector Extension (FEAT_SVE): enabled for the Secure world
    • Self-hosted Trace Extensions (FEAT_TRF)
  • Support for the Arm Firmware Update specification
  • Hafnium SPM:
    • Arm FF-A v1.1 notifications support
    • Arm FF-A v1.1 interrupt handling (Hafnium para-virtualized interface)
    • S-EL0 partitions support through VHE architecture extension in the SW
    • Save/restore NW SVE live state on world switches
    • SPs to use FP/SIMD while NW uses SVE/SIMD/FP on the same core
    • Updated toolchain to LLVM/Clang 12
    • Published new SPMC threat model

TF-A-v2.5 Release features

  • TF-A Public Threat Model published
  • Armv8.7: FEAT_MTE3, FEAT_PAN3
  • Armv8.6: FEAT_AMUv1p1, FEAT_MTPMU
  • Armv8.5: Speculation Barrier (SB) for non-Armv8.5 platforms starting from Armv8.0 (FEAT_SB)
  • Helper functions for Random number generator registers (FEAT_RNG)
  • Support for TRNG firmware interface service
  • SiP service to configure Ethos-N NPU
  • GPT Image Support aligned to Firmware update specification
  • S-EL2 Hafnium/FF-A:
    • PAuth & BTI support
    • SMMUv3.2 S-EL2 driver for stage 2 translation
    • FF-A Non-secure interrupt handling
    • FF-A Power management support at boot time
    • FF-A Direct message interfaces & Memory sharing interfaces
    • Added SPMC support to Hafnium CI
    • Save/restore of Normal world FP/NEON/SIMD state
Last Author
aksjai112
Last Edited
Feb 4 2024, 8:52 PM

Event Timeline

mcarlini edited the content of this document. (Show Details)Aug 16 2021, 12:55 PM
mcarlini created this object.
mcarlini created this object with visibility "Custom Policy".
mcarlini created this object with edit policy "Custom Policy".
mcarlini edited the content of this document. (Show Details)Sep 15 2021, 2:25 PM
mcarlini edited the content of this document. (Show Details)Sep 15 2021, 2:29 PM
mcarlini edited the content of this document. (Show Details)
mcarlini edited the content of this document. (Show Details)Sep 15 2021, 2:39 PM
mcarlini edited the content of this document. (Show Details)Sep 15 2021, 2:43 PM
mcarlini edited the content of this document. (Show Details)Sep 16 2021, 8:45 AM
mcarlini published a new version of this document.
mcarlini changed the visibility from "Custom Policy" to "Public (No Login Required)".Sep 28 2021, 3:49 PM
mcarlini edited the content of this document. (Show Details)Jan 4 2022, 4:32 PM
mcarlini edited the content of this document. (Show Details)
mcarlini edited the content of this document. (Show Details)Jan 4 2022, 4:37 PM
mcarlini published a new version of this document.
mcarlini edited the content of this document. (Show Details)Apr 20 2022, 3:05 PM
mcarlini edited the content of this document. (Show Details)Apr 20 2022, 3:20 PM
mcarlini edited the content of this document. (Show Details)Apr 20 2022, 4:25 PM
mcarlini edited the content of this document. (Show Details)Apr 20 2022, 4:55 PM
mcarlini edited the content of this document. (Show Details)
mcarlini edited the content of this document. (Show Details)Apr 21 2022, 10:21 AM
mcarlini published a new version of this document.
mcarlini changed the title from TF-A & Hafnium Roadmaps to TF-A, TF-RMM & Hafnium Roadmaps.Feb 9 2023, 2:21 PM
mcarlini edited the content of this document. (Show Details)
mcarlini changed the title from TF-A & Hafnium Roadmaps to TF-A, TF-RMM & Hafnium Roadmaps.Feb 9 2023, 2:28 PM
mcarlini edited the content of this document. (Show Details)
mcarlini changed the title from TF-A & Hafnium Roadmaps to TF-A, TF-RMM & Hafnium Roadmaps.Feb 9 2023, 2:35 PM
mcarlini edited the content of this document. (Show Details)
mcarlini published a new version of this document.
dbharbin changed the edit policy from "Custom Policy" to "Custom Policy".Oct 10 2023, 1:39 PM
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 10:58 AM
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 11:02 AM
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 12:02 PM
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 12:08 PM
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 12:11 PM
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 12:27 PM
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 12:30 PM
aksjai112 edited the content of this document. (Show Details)
aksjai112 edited the content of this document. (Show Details)
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 12:32 PM
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 12:35 PM
aksjai112 edited the content of this document. (Show Details)
aksjai112 edited the content of this document. (Show Details)
aksjai112 edited the content of this document. (Show Details)
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 12:39 PM
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 12:43 PM
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 1:16 PM
aksjai112 edited the content of this document. (Show Details)
aksjai112 edited the content of this document. (Show Details)
aksjai112 edited the content of this document. (Show Details)Jan 23 2024, 1:19 PM
aksjai112 edited the content of this document. (Show Details)
aksjai112 published a new version of this document.Jan 24 2024, 3:32 PM
aksjai112 edited the content of this document. (Show Details)Feb 4 2024, 8:24 PM
aksjai112 edited the content of this document. (Show Details)Feb 4 2024, 8:27 PM
aksjai112 edited the content of this document. (Show Details)
aksjai112 edited the content of this document. (Show Details)Feb 4 2024, 8:31 PM
aksjai112 edited the content of this document. (Show Details)
aksjai112 edited the content of this document. (Show Details)Feb 4 2024, 8:36 PM
aksjai112 edited the content of this document. (Show Details)Feb 4 2024, 8:48 PM
aksjai112 edited the content of this document. (Show Details)
aksjai112 edited the content of this document. (Show Details)Feb 4 2024, 8:52 PM
aksjai112 published a new version of this document.