LTS Tracking for v2.8.x
This document is used to track the commits that were merged to the integration branch of the trusted-firmware-a repo from the v2.8 release onwards. The patches were then analyzed to find candidates for the TF-A LTS branch. The analysis and the gerrit links for the cherry-picks were also documented.
The intent was to provide this information for the patches that were merged to the integration branch during the LTS grace period.
Now that the TF-A LTS v2.8.0 is formally released, we will start applying the entry criteria to identify candidate patches for the LTS branch and stop updating this page.
LTS Proposal
Guidelines for Cherry Picking
- G1. No features will be backported.
- G2. Security advisories: Any patch that makes it into TF-A security advisories qualifies for backporting. This includes patches to external components too, e.g. libfdt.
- G3. Workarounds for CPU and other ARM IP errata qualify
- G4. Workarounds for non-ARM IP errata, e.g. TI UART qualify
- G5. Fixes for platform bugs qualify too. These patches must not modify any code outside of the specific publicly shared platform that the fix applies to.
- G6. Patches can only be backported from the master branch. In other words, the master branch will be a superset of all the changes in any LTS branch.
Entry Criteria
- E1. Does the commit implement a workaround published in a security advisory?
- E2. Does the commit implement a workaround for a CPU erratum?
- E3. Does the commit implement a workaround for a non-ARM IP errata, e.g. TI UART?
- E4. Does the commit implement a fix for a platform bug? If yes, is the implementation confined to the platform code?
- E5. Does the commit exist in the master branch? If not, do you have a waiver from the LTS maintainers?
Commit List
Generated using the following command: git log v2.8..integration --reverse --oneline --no-merges | grep "fix\|security\|cve"
Commit Description | Entry Criteria Passed | Accepted for LTS | Analysis | Commit link for lts-v2.8 branch | Status |
c7e698cfd fix(cpus): workaround for Cortex-X3 erratum 2615812 | Yes | Yes | CPU errata qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18862 | Merged |
c45791b2f fix(layerscape): fix errata a008850 | Yes | Yes | Platform fix for erratum. Affects NXP platforms only. | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18863 | Merged |
fa0105693 fix(nxp-ddr): use CDDWW for write to read delay | No | Yes | General bug fix for NXP platforms only | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18911 | Merged |
00bb8c37e fix(nxp-ddr): apply Max CDD values for warm boot | No | Yes | General bug fix for NXP platforms only | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18912 | Merged |
5d599b71e fix(layerscape): fix nv_storage assert checking | No | No | General bug fix for NXP platforms only | ||
07d8e34fd fix(nxp-drivers): fix tzc380 memory regions config | No | Yes | General bug fix for NXP platforms only | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18914 | Merged |
e0f58c7fb fix(docs): deprecate plat_convert_pk() in v2.9 | No | No | Documentation fix for the next version | ||
1a0bf6e1d fix(intel): fix print out ERROR when encounter SEU_Err | No | No | General bug fix for Intel platforms only | ||
e6c038909 fix(intel): fix pinmux handoff bug on Agilex | No | No | General bug fix for Intel platforms only | ||
8de7167eb fix(intel): fix sp_timer0 is not disabled in firewall on Agilex | No | No | General bug fix for Intel platforms only | ||
68ac5fe14 fix(intel): remove checking on TEMP and VOLT checking for HWMON | No | No | General bug fix for Intel platforms only | ||
7f9e9e4b4 fix(intel): mailbox store QSPI ref clk in scratch reg | No | No | General bug fix for Intel platforms only | ||
4b3d323ac fix(intel): agilex bitstream pre-authenticate | No | No | General bug fix for Intel platforms only | ||
5199b3b93 fix(nxp-drivers): fix fspi coverity issue | No | No | General bug fix for NXP platforms only | ||
e49229911 fix(nxp-crypto): fix Coverity issue | No | No | Platform fix to avoid out-of-bounds acccesses. Affects NXP platforms only. | ||
334badb50 fix(nxp-crypto): fix secure boot assert inclusion | No | No | General bug fix for NXP platforms only | ||
c0c157a68 fix(ls1046a): 4 keys secureboot failure resolved | No | Yes | General bug fix for NXP platforms only | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18913 | Merged |
50aa0ea7a fix(lx2): init global data before using it | Yes | Yes | The commit description and the implementation point to a potential security fix for NXP platform. | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18915 | Merged |
50aa0ea7a feat(lx2): support more variants | Yes | Yes | General bug fix for NXP platforms only | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18916 | Merged |
1c65e8798 feat(lx2): enable OCRAM ECC | Yes | Yes | General bug fix for NXP platforms only | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18917 | Merged |
236ca5667 fix(nxp-drivers): fix sd secure boot failure | No | No | General bug fix for NXP platforms only | ||
87612eaef fix(nxp-ddr): fix underrun coverity issue | No | No | General bug fix for NXP platforms only | ||
2d541cbcb fix(nxp-ddr): fix coverity issue | No | No | General bug fix for NXP platforms only | ||
4daeaf341 fix(sptool): add dependency to SP image | No | Yes | Bug fix for the sptool that helps scenarios when the pkg file is not re-generated if the SP image is updated | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18949 | Merged |
cd73d62b0 fix(versal): initialize the variable with value 0 in pm code | No | No | General bug fix for Xilinx platforms only | ||
c92ad369c fix(zynqmp): check return status of pm_get_api_version | No | No | General bug fix for Xilinx platforms only | ||
85a14bc0a fix(rss): remove null-terminator from RSS metadata | No | No | General bug fix for lib/psa | ||
5fb6946ad fix(console): fix crash on spin_unlock with cache disabled | No | Yes | Bug fix for the console driver that can result in potentially fatal errors or crashes | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18950 | Merged |
ff1d2ef38 fix(el3_runtime): restore SPSR/ELR/SCR after esb | No | Yes | Bug fix for lib/el3_runtime issue that can restore EA status from incorrect context causing further issues on the platforms that use it | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18951 | Merged |
e65584a01 fix(zynqmp): initialize uint32 with value 0U in pm code | No | No | General bug fix for Xilinx platforms only | ||
c42402cdf fix(intel): fix fcs_client crashed when increased param size | Yes | Yes | Fixes a security issue for Intel platforms | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18864 | Merged |
55a7aa925 fix(rss): do not consider MHU_ERR_ALREADY_INIT as error | No | No | General bug fix for drivers/arm/rss | ||
4fa0f0973 fix(nxp-tools): fix coverity issue | No | No | General bug fix for NXP platforms only | ||
e83812f11 fix(nxp-ddr): add checking return value | No | No | General bug fix for NXP platforms only | ||
0ca1d8fba fix(layerscape): unlock write access SMMU_CBn_ACTLR | Yes | Yes | Errata fix for NXP platforms only | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18865 | Merged |
b96253db0 fix(trp): preserve RMI SMC X4 when not used as return | No | No | General bug fix for services/trp | ||
be7195d06 fix(st-pmic): enclose macro parameter in parentheses | No | No | General bug fix for ST platforms only | ||
3cebeec2a fix(st-pmic): define pmic_regs table size | No | No | General bug fix for ST platforms only | ||
68083e7ad fix(st-regulator): explicitly check operators precedence | No | No | General bug fix for ST platforms only | ||
6a3ffb539 fix(st-regulator): rework for_each_*rdev macros | No | No | General bug fix for ST platforms only | ||
91af163cb fix(st-regulator): enclose macro parameters in parentheses | No | No | General bug fix for ST platforms only | ||
9a00daf9d fix(st-regulator): use Boolean type for tests | No | No | General bug fix for ST platforms only | ||
c3ae7da02 fix(st-clock): use Boolean type for tests | No | No | General bug fix for ST platforms only | ||
69a2e320b fix(st-clock): remove useless switch | No | No | General bug fix for ST platforms only | ||
ee21709e9 fix(st-clock): give the size for parent_mp13 and dividers_mp13 tables | No | No | General bug fix for ST platforms only | ||
4198fa1db fix(st-clock): avoid arithmetics on pointers | No | No | General bug fix for ST platforms only | ||
56048fe21 fix(st): explicitly check operators precedence | No | No | General bug fix for ST platforms only | ||
9c1aa1253 fix(st): add U suffix for unsigned numbers | No | No | General bug fix for ST platforms only | ||
e7d75448b fix(st): use indices when counting GPIOs in DT | No | No | General bug fix for ST platforms only | ||
0ebaf2228 fix(st): rework secure-status check in fdt_get_status() | No | No | General bug fix for ST platforms only | ||
45d2d495e fix(st): use Boolean type for tests | No | No | General bug fix for ST platforms only | ||
d7f5bed90 fix(stm32mp1): add const for strings in stm32mp_get_soc_name() | No | No | General bug fix for ST platforms only | ||
127ed0008 fix(stm32mp1): rework DWL buffer cache invalidation | No | No | General bug fix for ST platforms only | ||
029f81e04 fix(st-sdmmc): check transfer size before filling register | No | No | General bug fix for ST platforms only | ||
5d942ff19 fix(st-gpio): define shift as uint32_t | No | No | General bug fix for ST platforms only | ||
dc0ca64e4 fix(rmmd): add missing padding to RMM Boot Manifest and initialize it | No | No | This fix might be critical to the way EL3 and RMM interact. | ||
b87b02cf1 fix(cpus): workaround for Cortex-A710 erratum 2768515 | Yes | Yes | CPU errata qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18866 | Merged |
1cfde8222 fix(cpus): workaround for Cortex-X2 erratum 2768515 | Yes | Yes | CPU errata qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18867 | Merged |
def7590b3 fix(el3-spmc): improve bound check for descriptor | Yes | No | Fixes potential buffer overflow or stack overflow issues | ||
1543d17b9 fix(el3-spmc): fix coverity scan warnings | Yes | No | Fixes potential issue where emad descriptor might be compromised | ||
3354915ff fix(tsp): use verbose for power logs | No | No | Minor bug fix for TSP | ||
3a3e0e537 fix(rdn1edge): change variable type to fix gcc sign conversion error | No | No | General bug fix for Arm platforms | ||
f0f2c9036 fix(scmi): change function prototype to fix gcc error | No | No | General bug fix for SCMI driver | ||
a0d5147b8 fix(gpt_rme): fix compilation error for gpt_rme.c | No | No | Fixes compilation error with gpt_rme.c | ||
0ee07d796 fix(Xilinx): use lib/smccc.h macros instead of trusty spd | No | No | General bug fix for Xilinx platforms only | ||
377846b65 fix(st): include utils.h to solve compilation error | No | Yes | Fixes compilation error with stm32mp_crypto_lib.c. Confirmed by platform maintainer. | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18952 | Merged |
e61713b00 fix(el3_runtime): do not save scr_el3 during EL3 entry | No | No | General bug fix for lib/el3_runtime | ||
1cbe42a51 fix(el3_runtime): allow SErrors when executing in EL3 | No | Yes | Critical bug fix to keep EA enabled when executing in EL3 | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18953 | Merged |
1ee7c8232 fix(cpus): workaround for Neoverse N2 erratum 2743089 | Yes | Yes | CPU errata qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18868 | Merged |
b10afcce5 fix(cpus): workaround for Cortex-A78 erratum 2772019 | Yes | Yes | CPU errata qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18869 | Merged |
31747f057 fix(cpus): workaround for Neoverse V1 erratum 2743093 | Yes | Yes | CPU errata qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18870 | Merged |
2fff46c80 fix(tc): change the properties of optee reserved memory | No | No | General bug fix for TotalCompute platform | ||
95302e4b2 fix(arm): arm_rotpk_header undefined reference | No | No | Fixes compilation error for Arm platforms | ||
4e46db40f fix(Xilinx): resolve integer handling issue | No | No | General bug fix for Xilinx platforms only | ||
76ed32236 fix(intel): add mailbox error return status for FCS_DECRYPTION | No | No | General bug fix for Intel platforms only | ||
b34a48c1c fix(intel): missing NCORE CCU snoop filter fix in BL2 | No | Needs input | Fixes a hardware issue with the snoop filtering on Intel platforms | ||
62cd8f314 fix(el3-spmc): report execution state in partition info get | No | No | General bug fix | ||
9bff7ce37 fix(qemu-sbsa): enable SVE and SME | No | No | General bug fix | ||
d0b58c8a9 fix(zynqmp): remove redundant api_version check | No | No | General bug fix. Fixes compilation warning | ||
90c4b3b62 fix(renesas): align incompatible function pointers | No | No | General bug fix. Fixes compilation warning | ||
9f58bfbbe fix(brcm): add braces around bodies of conditionals | No | No | General bug fix. Fixes MISRA warning | ||
02af589cf fix(st-usb): replace redundant checks with asserts | No | No | General bug fix | ||
78fbb0ec8 fix(gic): wrap cache enabled assert under plat_can_cmo | No | Needs input | Fixes a boot issue with dcache disabled | ||
d1d8a9bad fix(st): make metadata_block_spec static | No | No | Fixes sparse warning. Looks like a compilation fix. | ||
6e55f9e2c fix(stm32mp1): add missing platform.h include | No | No | Fixes sparse warning. Looks like a compilation fix. | ||
70a422ba8 fix(st-crypto): set get_plain_pk_from_asn1() static | No | No | Fixes sparse warning. Looks like a compilation fix. | ||
6b3ca0a81 fix(st-crypto): remove platdata functions | No | No | Fixes sparse warning | ||
e9e4a2a6f fix(auth): only accept v3 X.509 certificates | No | No | General bug fix | ||
fd37982a1 fix(auth): forbid junk after extensions | Yes | Yes | Fix for security advisory 10 | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18871 | Merged |
72460f50e fix(auth): require at least one extension to be present | Yes | Yes | Fix for security advisory 10 | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18872 | Merged |
f47547b35 fix(auth): reject invalid padding in digests | No | No | General bug fix | ||
a8c8c5ef2 fix(auth): reject padding after BIT STRING in signatures | No | No | General bug fix | ||
8816dbb38 fix(auth): require bit strings to have no unused bits | No | No | General bug fix | ||
ca34dbc0c fix(auth): reject junk after certificates | No | No | General bug fix | ||
7e3f6a87d fix(plat/tc): increase TC_TZC_DRAM1_SIZE | No | No | General bug fix | ||
40e740dc1 fix(fconf): make struct fconf_populator static | No | No | Fixes sparse warning | ||
06c01b085 fix(libc): properly define SCHAR_MIN | No | Yes | Fixes a potential security issue if not used correctly | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18954 | Merged |
0e0bd250e fix(mpam): remove unwanted param for "endfunc" macro | No | No | General bug fix | ||
89d85ad0a fix(cpus): workaround for Cortex-A710 erratum 2282622 | Yes | Yes | CPU errata qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18873 | Merged |
8c23775e8 fix(versal-net): resolve misra 10.6 warnings | No | No | General bug fix | ||
21d1966a2 fix(versal-net): resolve misra rule 20.7 warnings | No | No | General bug fix | ||
2d056db4e fix(versal-net): clear power down interrupt status before enable | No | No | General bug fix | ||
1f79bdfd9 fix(versal-net): fix setting power down state | No | No | General bug fix | ||
5f0f7e47e fix(versal-net): clear power down bit during wakeup | No | No | General bug fix | ||
e663f09b3 fix(versal-net): disable wakeup interrupt during client wakeup | No | No | General bug fix | ||
39fffe552 fix(versal-net): enable wake interrupt during client suspend | No | No | General bug fix | ||
abb8f936f fix(auth): avoid out-of-bounds read in auth_nvctr() | Yes | Yes | Fix for security advisory 10 | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18874 | Merged |
f5c51855d fix(auth): properly validate X.509 extensions | Yes | Yes | Fix for security advisory 10 | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18875 | Merged |
0fe002c9b fix(versal): print proper atf handoff source | No | No | General bug fix | ||
f9c6301d7 fix(cpus): workaround for Cortex-X2 erratum 2282622 | Yes | Yes | CPU errata qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18876 | Merged |
81f525ecc fix(ti): fix typo in boot authentication message name | No | No | General bug fix | ||
60719e4e0 fix(plat/css): fix invalid redistributor poweroff | No | Yes | General bug fix | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18955 | Merged |
f15659076 fix(zynqmp): fix xck24 silicon ID | No | No | General bug fix | ||
600c8f7d9 fix(stm32mp15-fdts): use interrupts-extended for i2c2 | No | No | General bug fix. Fixes compilation warning. | ||
8406db14f fix: add parenthesis for tests in MIN, MAX and CLAMP macros | No | No | General bug fix | ||
e0c56fd71 fix(fdt-wrappers): use correct prototypes | No | No | General bug fix for sparse warnings | ||
06d223cb4 fix(io): compare function pointers with NULL | No | No | General bug fix for sparse warnings | ||
654b65b36 fix(auth): use NULL instead of 0 for pointer check | No | No | General bug fix for sparse warnings | ||
03bd48102 fix(console): correct scopes for console symbols | No | No | General bug fix for sparse warnings | ||
28dc82580 fix(libc): remove __putchar alias | No | No | General bug fix for sparse warnings | ||
7d1700c4d fix(cpus): workaround for Cortex-A78 erratum 2779479 | Yes | Yes | CPU errata qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18956 | Merged |
2757da061 fix(cpus): workaround for Neoverse V1 errata 2779461 | Yes | Yes | CPU errata qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18957 | Merged |
5a25a70fb fix(cpus): workaround for Cortex-A78 erratum 2779479 | Yes | Yes | CPU errata qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18956 | Merged |
129066203 fix(partition): add missing curly braces | No | No | General bug fix for MISRA | ||
d1c6c4955 fix(partition): add U suffix for unsigned numbers | No | No | General bug fix for MISRA | ||
14cda5168 fix(mmc): explicitly check operators precedence | No | No | General bug fix for MISRA | ||
bf78a6504 fix(mmc): do not modify r_data in mmc_send_cmd() | No | No | General bug fix for MISRA | ||
53cbc9496 fix(mmc): align part config type | No | No | General bug fix for MISRA | ||
00230e37e fix(cpus): workaround for Cortex-A78C erratum 2772121 | Yes | Yes | CPU errata fix qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19082 | Merged |
695a48b5b fix(psci): tighten psci_power_down_wfi behaviour | No | No | General bug fix | ||
aea4ccf8d fix(cpus): workaround for Cortex-A510 erratum 2684597 | Yes | Yes | CPU errata fix qualifies automatically | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19083 | Merged |
cca91b7ae docs(measured-boot): fix few typos | No | No | General bug fix for the documentation | ||
d7156d412 docs(security): security advisory for CVE-2022-47630 | Yes | Yes | Documentation for security advisory 10 | https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19090 | Merged |
355dc3d4d fix(versal-net): populate gic v3 rdist data statically | No | No | Platform bug fix. Not a security issue. |
- Last Author
- vwadekar
- Last Edited
- Feb 16 2023, 2:26 PM