Page MenuHomePhabricator
IndexNew Document
Phriction Trusted Firmware Trusted Firmware-A (TF-A) TF-A LTS Meeting Minutes LTS Tracking for v2.8.x

LTS Tracking for v2.8.x
Updated 628 Days AgoPublic
Actions

This document is used to track the commits that were merged to the integration branch of the trusted-firmware-a repo from the v2.8 release onwards. The patches were then analyzed to find candidates for the TF-A LTS branch. The analysis and the gerrit links for the cherry-picks were also documented.

The intent was to provide this information for the patches that were merged to the integration branch during the LTS grace period.

Now that the TF-A LTS v2.8.0 is formally released, we will start applying the entry criteria to identify candidate patches for the LTS branch and stop updating this page.

LTS Proposal

Guidelines for Cherry Picking

  • G1. No features will be backported.
  • G2. Security advisories: Any patch that makes it into TF-A security advisories qualifies for backporting. This includes patches to external components too, e.g. libfdt.
  • G3. Workarounds for CPU and other ARM IP errata qualify
  • G4. Workarounds for non-ARM IP errata, e.g. TI UART qualify
  • G5. Fixes for platform bugs qualify too. These patches must not modify any code outside of the specific publicly shared platform that the fix applies to.
  • G6. Patches can only be backported from the master branch. In other words, the master branch will be a superset of all the changes in any LTS branch.

Entry Criteria

  • E1. Does the commit implement a workaround published in a security advisory?
  • E2. Does the commit implement a workaround for a CPU erratum?
  • E3. Does the commit implement a workaround for a non-ARM IP errata, e.g. TI UART?
  • E4. Does the commit implement a fix for a platform bug? If yes, is the implementation confined to the platform code?
  • E5. Does the commit exist in the master branch? If not, do you have a waiver from the LTS maintainers?

Commit List
Generated using the following command: git log v2.8..integration --reverse --oneline --no-merges | grep "fix\|security\|cve"

Commit DescriptionEntry Criteria PassedAccepted for LTSAnalysisCommit link for lts-v2.8 branchStatus
c7e698cfd fix(cpus): workaround for Cortex-X3 erratum 2615812YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18862Merged
c45791b2f fix(layerscape): fix errata a008850YesYesPlatform fix for erratum. Affects NXP platforms only.https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18863Merged
fa0105693 fix(nxp-ddr): use CDDWW for write to read delayNoYesGeneral bug fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18911Merged
00bb8c37e fix(nxp-ddr): apply Max CDD values for warm bootNoYesGeneral bug fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18912Merged
5d599b71e fix(layerscape): fix nv_storage assert checkingNoNoGeneral bug fix for NXP platforms only
07d8e34fd fix(nxp-drivers): fix tzc380 memory regions configNoYesGeneral bug fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18914Merged
e0f58c7fb fix(docs): deprecate plat_convert_pk() in v2.9NoNoDocumentation fix for the next version
1a0bf6e1d fix(intel): fix print out ERROR when encounter SEU_ErrNoNoGeneral bug fix for Intel platforms only
e6c038909 fix(intel): fix pinmux handoff bug on AgilexNoNoGeneral bug fix for Intel platforms only
8de7167eb fix(intel): fix sp_timer0 is not disabled in firewall on AgilexNoNoGeneral bug fix for Intel platforms only
68ac5fe14 fix(intel): remove checking on TEMP and VOLT checking for HWMONNoNoGeneral bug fix for Intel platforms only
7f9e9e4b4 fix(intel): mailbox store QSPI ref clk in scratch regNoNoGeneral bug fix for Intel platforms only
4b3d323ac fix(intel): agilex bitstream pre-authenticateNoNoGeneral bug fix for Intel platforms only
5199b3b93 fix(nxp-drivers): fix fspi coverity issueNoNoGeneral bug fix for NXP platforms only
e49229911 fix(nxp-crypto): fix Coverity issueNoNoPlatform fix to avoid out-of-bounds acccesses. Affects NXP platforms only.
334badb50 fix(nxp-crypto): fix secure boot assert inclusionNoNoGeneral bug fix for NXP platforms only
c0c157a68 fix(ls1046a): 4 keys secureboot failure resolvedNoYesGeneral bug fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18913Merged
50aa0ea7a fix(lx2): init global data before using itYesYesThe commit description and the implementation point to a potential security fix for NXP platform.https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18915Merged
50aa0ea7a feat(lx2): support more variantsYesYesGeneral bug fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18916Merged
1c65e8798 feat(lx2): enable OCRAM ECCYesYesGeneral bug fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18917Merged
236ca5667 fix(nxp-drivers): fix sd secure boot failureNoNoGeneral bug fix for NXP platforms only
87612eaef fix(nxp-ddr): fix underrun coverity issueNoNoGeneral bug fix for NXP platforms only
2d541cbcb fix(nxp-ddr): fix coverity issueNoNoGeneral bug fix for NXP platforms only
4daeaf341 fix(sptool): add dependency to SP imageNoYesBug fix for the sptool that helps scenarios when the pkg file is not re-generated if the SP image is updatedhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18949Merged
cd73d62b0 fix(versal): initialize the variable with value 0 in pm codeNoNoGeneral bug fix for Xilinx platforms only
c92ad369c fix(zynqmp): check return status of pm_get_api_versionNoNoGeneral bug fix for Xilinx platforms only
85a14bc0a fix(rss): remove null-terminator from RSS metadataNoNoGeneral bug fix for lib/psa
5fb6946ad fix(console): fix crash on spin_unlock with cache disabledNoYesBug fix for the console driver that can result in potentially fatal errors or crasheshttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18950Merged
ff1d2ef38 fix(el3_runtime): restore SPSR/ELR/SCR after esbNoYesBug fix for lib/el3_runtime issue that can restore EA status from incorrect context causing further issues on the platforms that use ithttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18951Merged
e65584a01 fix(zynqmp): initialize uint32 with value 0U in pm codeNoNoGeneral bug fix for Xilinx platforms only
c42402cdf fix(intel): fix fcs_client crashed when increased param sizeYesYesFixes a security issue for Intel platformshttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18864Merged
55a7aa925 fix(rss): do not consider MHU_ERR_ALREADY_INIT as errorNoNoGeneral bug fix for drivers/arm/rss
4fa0f0973 fix(nxp-tools): fix coverity issueNoNoGeneral bug fix for NXP platforms only
e83812f11 fix(nxp-ddr): add checking return valueNoNoGeneral bug fix for NXP platforms only
0ca1d8fba fix(layerscape): unlock write access SMMU_CBn_ACTLRYesYesErrata fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18865Merged
b96253db0 fix(trp): preserve RMI SMC X4 when not used as returnNoNoGeneral bug fix for services/trp
be7195d06 fix(st-pmic): enclose macro parameter in parenthesesNoNoGeneral bug fix for ST platforms only
3cebeec2a fix(st-pmic): define pmic_regs table sizeNoNoGeneral bug fix for ST platforms only
68083e7ad fix(st-regulator): explicitly check operators precedenceNoNoGeneral bug fix for ST platforms only
6a3ffb539 fix(st-regulator): rework for_each_*rdev macrosNoNoGeneral bug fix for ST platforms only
91af163cb fix(st-regulator): enclose macro parameters in parenthesesNoNoGeneral bug fix for ST platforms only
9a00daf9d fix(st-regulator): use Boolean type for testsNoNoGeneral bug fix for ST platforms only
c3ae7da02 fix(st-clock): use Boolean type for testsNoNoGeneral bug fix for ST platforms only
69a2e320b fix(st-clock): remove useless switchNoNoGeneral bug fix for ST platforms only
ee21709e9 fix(st-clock): give the size for parent_mp13 and dividers_mp13 tablesNoNoGeneral bug fix for ST platforms only
4198fa1db fix(st-clock): avoid arithmetics on pointersNoNoGeneral bug fix for ST platforms only
56048fe21 fix(st): explicitly check operators precedenceNoNoGeneral bug fix for ST platforms only
9c1aa1253 fix(st): add U suffix for unsigned numbersNoNoGeneral bug fix for ST platforms only
e7d75448b fix(st): use indices when counting GPIOs in DTNoNoGeneral bug fix for ST platforms only
0ebaf2228 fix(st): rework secure-status check in fdt_get_status()NoNoGeneral bug fix for ST platforms only
45d2d495e fix(st): use Boolean type for testsNoNoGeneral bug fix for ST platforms only
d7f5bed90 fix(stm32mp1): add const for strings in stm32mp_get_soc_name()NoNoGeneral bug fix for ST platforms only
127ed0008 fix(stm32mp1): rework DWL buffer cache invalidationNoNoGeneral bug fix for ST platforms only
029f81e04 fix(st-sdmmc): check transfer size before filling registerNoNoGeneral bug fix for ST platforms only
5d942ff19 fix(st-gpio): define shift as uint32_tNoNoGeneral bug fix for ST platforms only
dc0ca64e4 fix(rmmd): add missing padding to RMM Boot Manifest and initialize itNoNoThis fix might be critical to the way EL3 and RMM interact.
b87b02cf1 fix(cpus): workaround for Cortex-A710 erratum 2768515YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18866Merged
1cfde8222 fix(cpus): workaround for Cortex-X2 erratum 2768515YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18867Merged
def7590b3 fix(el3-spmc): improve bound check for descriptorYesNoFixes potential buffer overflow or stack overflow issues
1543d17b9 fix(el3-spmc): fix coverity scan warningsYesNoFixes potential issue where emad descriptor might be compromised
3354915ff fix(tsp): use verbose for power logsNoNoMinor bug fix for TSP
3a3e0e537 fix(rdn1edge): change variable type to fix gcc sign conversion errorNoNoGeneral bug fix for Arm platforms
f0f2c9036 fix(scmi): change function prototype to fix gcc errorNoNoGeneral bug fix for SCMI driver
a0d5147b8 fix(gpt_rme): fix compilation error for gpt_rme.cNoNoFixes compilation error with gpt_rme.c
0ee07d796 fix(Xilinx): use lib/smccc.h macros instead of trusty spdNoNoGeneral bug fix for Xilinx platforms only
377846b65 fix(st): include utils.h to solve compilation errorNoYesFixes compilation error with stm32mp_crypto_lib.c. Confirmed by platform maintainer.https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18952Merged
e61713b00 fix(el3_runtime): do not save scr_el3 during EL3 entryNoNoGeneral bug fix for lib/el3_runtime
1cbe42a51 fix(el3_runtime): allow SErrors when executing in EL3NoYesCritical bug fix to keep EA enabled when executing in EL3https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18953Merged
1ee7c8232 fix(cpus): workaround for Neoverse N2 erratum 2743089YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18868Merged
b10afcce5 fix(cpus): workaround for Cortex-A78 erratum 2772019YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18869Merged
31747f057 fix(cpus): workaround for Neoverse V1 erratum 2743093YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18870Merged
2fff46c80 fix(tc): change the properties of optee reserved memoryNoNoGeneral bug fix for TotalCompute platform
95302e4b2 fix(arm): arm_rotpk_header undefined referenceNoNoFixes compilation error for Arm platforms
4e46db40f fix(Xilinx): resolve integer handling issueNoNoGeneral bug fix for Xilinx platforms only
76ed32236 fix(intel): add mailbox error return status for FCS_DECRYPTIONNoNoGeneral bug fix for Intel platforms only
b34a48c1c fix(intel): missing NCORE CCU snoop filter fix in BL2NoNeeds inputFixes a hardware issue with the snoop filtering on Intel platforms
62cd8f314 fix(el3-spmc): report execution state in partition info getNoNoGeneral bug fix
9bff7ce37 fix(qemu-sbsa): enable SVE and SMENoNoGeneral bug fix
d0b58c8a9 fix(zynqmp): remove redundant api_version checkNoNoGeneral bug fix. Fixes compilation warning
90c4b3b62 fix(renesas): align incompatible function pointersNoNoGeneral bug fix. Fixes compilation warning
9f58bfbbe fix(brcm): add braces around bodies of conditionalsNoNoGeneral bug fix. Fixes MISRA warning
02af589cf fix(st-usb): replace redundant checks with assertsNoNoGeneral bug fix
78fbb0ec8 fix(gic): wrap cache enabled assert under plat_can_cmoNoNeeds inputFixes a boot issue with dcache disabled
d1d8a9bad fix(st): make metadata_block_spec staticNoNoFixes sparse warning. Looks like a compilation fix.
6e55f9e2c fix(stm32mp1): add missing platform.h includeNoNoFixes sparse warning. Looks like a compilation fix.
70a422ba8 fix(st-crypto): set get_plain_pk_from_asn1() staticNoNoFixes sparse warning. Looks like a compilation fix.
6b3ca0a81 fix(st-crypto): remove platdata functionsNoNoFixes sparse warning
e9e4a2a6f fix(auth): only accept v3 X.509 certificatesNoNoGeneral bug fix
fd37982a1 fix(auth): forbid junk after extensionsYesYesFix for security advisory 10https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18871Merged
72460f50e fix(auth): require at least one extension to be presentYesYesFix for security advisory 10https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18872Merged
f47547b35 fix(auth): reject invalid padding in digestsNoNoGeneral bug fix
a8c8c5ef2 fix(auth): reject padding after BIT STRING in signaturesNoNoGeneral bug fix
8816dbb38 fix(auth): require bit strings to have no unused bitsNoNoGeneral bug fix
ca34dbc0c fix(auth): reject junk after certificatesNoNoGeneral bug fix
7e3f6a87d fix(plat/tc): increase TC_TZC_DRAM1_SIZENoNoGeneral bug fix
40e740dc1 fix(fconf): make struct fconf_populator staticNoNoFixes sparse warning
06c01b085 fix(libc): properly define SCHAR_MINNoYesFixes a potential security issue if not used correctlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18954Merged
0e0bd250e fix(mpam): remove unwanted param for "endfunc" macroNoNoGeneral bug fix
89d85ad0a fix(cpus): workaround for Cortex-A710 erratum 2282622YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18873Merged
8c23775e8 fix(versal-net): resolve misra 10.6 warningsNoNoGeneral bug fix
21d1966a2 fix(versal-net): resolve misra rule 20.7 warningsNoNoGeneral bug fix
2d056db4e fix(versal-net): clear power down interrupt status before enableNoNoGeneral bug fix
1f79bdfd9 fix(versal-net): fix setting power down stateNoNoGeneral bug fix
5f0f7e47e fix(versal-net): clear power down bit during wakeupNoNoGeneral bug fix
e663f09b3 fix(versal-net): disable wakeup interrupt during client wakeupNoNoGeneral bug fix
39fffe552 fix(versal-net): enable wake interrupt during client suspendNoNoGeneral bug fix
abb8f936f fix(auth): avoid out-of-bounds read in auth_nvctr()YesYesFix for security advisory 10https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18874Merged
f5c51855d fix(auth): properly validate X.509 extensionsYesYesFix for security advisory 10https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18875Merged
0fe002c9b fix(versal): print proper atf handoff sourceNoNoGeneral bug fix
f9c6301d7 fix(cpus): workaround for Cortex-X2 erratum 2282622YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18876Merged
81f525ecc fix(ti): fix typo in boot authentication message nameNoNoGeneral bug fix
60719e4e0 fix(plat/css): fix invalid redistributor poweroffNoYesGeneral bug fixhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18955Merged
f15659076 fix(zynqmp): fix xck24 silicon IDNoNoGeneral bug fix
600c8f7d9 fix(stm32mp15-fdts): use interrupts-extended for i2c2NoNoGeneral bug fix. Fixes compilation warning.
8406db14f fix: add parenthesis for tests in MIN, MAX and CLAMP macrosNoNoGeneral bug fix
e0c56fd71 fix(fdt-wrappers): use correct prototypesNoNoGeneral bug fix for sparse warnings
06d223cb4 fix(io): compare function pointers with NULLNoNoGeneral bug fix for sparse warnings
654b65b36 fix(auth): use NULL instead of 0 for pointer checkNoNoGeneral bug fix for sparse warnings
03bd48102 fix(console): correct scopes for console symbolsNoNoGeneral bug fix for sparse warnings
28dc82580 fix(libc): remove __putchar aliasNoNoGeneral bug fix for sparse warnings
7d1700c4d fix(cpus): workaround for Cortex-A78 erratum 2779479YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18956Merged
2757da061 fix(cpus): workaround for Neoverse V1 errata 2779461YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18957Merged
5a25a70fb fix(cpus): workaround for Cortex-A78 erratum 2779479YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18956Merged
129066203 fix(partition): add missing curly bracesNoNoGeneral bug fix for MISRA
d1c6c4955 fix(partition): add U suffix for unsigned numbersNoNoGeneral bug fix for MISRA
14cda5168 fix(mmc): explicitly check operators precedenceNoNoGeneral bug fix for MISRA
bf78a6504 fix(mmc): do not modify r_data in mmc_send_cmd()NoNoGeneral bug fix for MISRA
53cbc9496 fix(mmc): align part config typeNoNoGeneral bug fix for MISRA
00230e37e fix(cpus): workaround for Cortex-A78C erratum 2772121YesYesCPU errata fix qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19082Merged
695a48b5b fix(psci): tighten psci_power_down_wfi behaviourNoNoGeneral bug fix
aea4ccf8d fix(cpus): workaround for Cortex-A510 erratum 2684597YesYesCPU errata fix qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19083Merged
cca91b7ae docs(measured-boot): fix few typosNoNoGeneral bug fix for the documentation
d7156d412 docs(security): security advisory for CVE-2022-47630YesYesDocumentation for security advisory 10https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19090Merged
355dc3d4d fix(versal-net): populate gic v3 rdist data staticallyNoNoPlatform bug fix. Not a security issue.
Last Author
vwadekar
Last Edited
Feb 16 2023, 2:26 PM

Event Timeline

dbharbin created this object.Jan 12 2023, 9:16 PM
dbharbin edited the content of this document. (Show Details)Jan 18 2023, 8:58 PM
dbharbin changed the title from Tracking to LTS Tracking.Jan 18 2023, 9:03 PM
dbharbin edited the content of this document. (Show Details)
dbharbin edited the content of this document. (Show Details)
dbharbin edited the content of this document. (Show Details)
bipinravi-arm edited the content of this document. (Show Details)Jan 18 2023, 10:55 PM
vwadekar published a new version of this document.Jan 20 2023, 11:34 AM
vwadekar added a subscriber: vwadekar.
vwadekar changed the title from LTS Tracking to LTS Tracking for v2.8.x.Jan 20 2023, 12:39 PM
vwadekar edited the content of this document. (Show Details)
vwadekar edited the content of this document. (Show Details)Jan 20 2023, 11:02 PM
vwadekar edited the content of this document. (Show Details)Jan 20 2023, 11:36 PM
vwadekar edited the content of this document. (Show Details)Jan 20 2023, 11:39 PM
vwadekar edited the content of this document. (Show Details)Jan 20 2023, 11:47 PM
vwadekar edited the content of this document. (Show Details)Jan 25 2023, 8:51 PM
vwadekar edited the content of this document. (Show Details)Jan 30 2023, 9:48 AM
vwadekar edited the content of this document. (Show Details)Jan 31 2023, 2:13 PM
vwadekar edited the content of this document. (Show Details)Feb 1 2023, 4:57 PM
vwadekar edited the content of this document. (Show Details)Feb 3 2023, 9:40 AM
vwadekar edited the content of this document. (Show Details)Feb 4 2023, 11:36 AM
vwadekar edited the content of this document. (Show Details)Feb 6 2023, 10:30 AM
vwadekar edited the content of this document. (Show Details)Feb 16 2023, 2:21 PM
vwadekar edited the content of this document. (Show Details)Feb 16 2023, 2:23 PM
vwadekar edited the content of this document. (Show Details)Feb 16 2023, 2:26 PM