Page MenuHomePhabricator

LTS Tracking for v2.8.x
Updated TodayPublic

This document is used to track the commits to the TF-A LTS.

LTS Proposal

Guidelines for Cherry Picking

  • G1. No features will be backported.
  • G2. Security advisories: Any patch that makes it into TF-A security advisories qualifies for backporting. This includes patches to external components too, e.g. libfdt.
  • G3. Workarounds for CPU and other ARM IP errata qualify
  • G4. Workarounds for non-ARM IP errata, e.g. TI UART qualify
  • G5. Fixes for platform bugs qualify too. These patches must not modify any code outside of the specific publicly shared platform that the fix applies to.
  • G6. Patches can only be backported from the master branch. In other words, the master branch will be a superset of all the changes in any LTS branch.

Entry Criteria

  • E1. Does the commit implement a workaround published in a security advisory?
  • E2. Does the commit implement a workaround for a CPU erratum?
  • E3. Does the commit implement a workaround for a non-ARM IP errata, e.g. TI UART?
  • E4. Does the commit implement a fix for a platform bug? If yes, is the implementation confined to the platform code?
  • E5. Does the commit exist in the master branch? If not, do you have a waiver from the LTS maintainers?

Commit List
Generated using the following command: git log v2.8..integration --reverse --oneline --no-merges | grep "fix\|security\|cve"

Commit DescriptionEntry Criteria PassedAccepted for LTSAnalysisCommit link for lts-v2.8 branch
c7e698cfd fix(cpus): workaround for Cortex-X3 erratum 2615812YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18862
c45791b2f fix(layerscape): fix errata a008850YesYesPlatform fix for erratum. Affects NXP platforms only.https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18863
fa0105693 fix(nxp-ddr): use CDDWW for write to read delayNoYesGeneral bug fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18911
00bb8c37e fix(nxp-ddr): apply Max CDD values for warm bootNoYesGeneral bug fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18912
5d599b71e fix(layerscape): fix nv_storage assert checkingNoNoGeneral bug fix for NXP platforms only
07d8e34fd fix(nxp-drivers): fix tzc380 memory regions configNoYesGeneral bug fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18914
e0f58c7fb fix(docs): deprecate plat_convert_pk() in v2.9NoNoDocumentation fix for the next version
1a0bf6e1d fix(intel): fix print out ERROR when encounter SEU_ErrNoNoGeneral bug fix for Intel platforms only
e6c038909 fix(intel): fix pinmux handoff bug on AgilexNoNoGeneral bug fix for Intel platforms only
8de7167eb fix(intel): fix sp_timer0 is not disabled in firewall on AgilexNoNoGeneral bug fix for Intel platforms only
68ac5fe14 fix(intel): remove checking on TEMP and VOLT checking for HWMONNoNoGeneral bug fix for Intel platforms only
7f9e9e4b4 fix(intel): mailbox store QSPI ref clk in scratch regNoNoGeneral bug fix for Intel platforms only
4b3d323ac fix(intel): agilex bitstream pre-authenticateNoNoGeneral bug fix for Intel platforms only
5199b3b93 fix(nxp-drivers): fix fspi coverity issueNoNoGeneral bug fix for NXP platforms only
e49229911 fix(nxp-crypto): fix Coverity issueNoNoPlatform fix to avoid out-of-bounds acccesses. Affects NXP platforms only.
334badb50 fix(nxp-crypto): fix secure boot assert inclusionNoNoGeneral bug fix for NXP platforms only
c0c157a68 fix(ls1046a): 4 keys secureboot failure resolvedNoYesGeneral bug fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18913
50aa0ea7a fix(lx2): init global data before using itYesYesThe commit description and the implementation point to a potential security fix for NXP platform.https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18915
236ca5667 fix(nxp-drivers): fix sd secure boot failureNoNoGeneral bug fix for NXP platforms only
87612eaef fix(nxp-ddr): fix underrun coverity issueNoNoGeneral bug fix for NXP platforms only
2d541cbcb fix(nxp-ddr): fix coverity issueNoNoGeneral bug fix for NXP platforms only
4daeaf341 fix(sptool): add dependency to SP imageNoYesBug fix for the sptool that helps scenarios when the pkg file is not re-generated if the SP image is updatedhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18949
cd73d62b0 fix(versal): initialize the variable with value 0 in pm codeNoNoGeneral bug fix for Xilinx platforms only
c92ad369c fix(zynqmp): check return status of pm_get_api_versionNoNoGeneral bug fix for Xilinx platforms only
85a14bc0a fix(rss): remove null-terminator from RSS metadataNoNoGeneral bug fix for lib/psa
5fb6946ad fix(console): fix crash on spin_unlock with cache disabledNoYesBug fix for the console driver that can result in potentially fatal errors or crasheshttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18950
ff1d2ef38 fix(el3_runtime): restore SPSR/ELR/SCR after esbNoYesBug fix for lib/el3_runtime issue that can restore EA status from incorrect context causing further issues on the platforms that use ithttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18951
e65584a01 fix(zynqmp): initialize uint32 with value 0U in pm codeNoNoGeneral bug fix for Xilinx platforms only
c42402cdf fix(intel): fix fcs_client crashed when increased param sizeYesYesFixes a security issue for Intel platformshttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18864
55a7aa925 fix(rss): do not consider MHU_ERR_ALREADY_INIT as errorNoNoGeneral bug fix for drivers/arm/rss
4fa0f0973 fix(nxp-tools): fix coverity issueNoNoGeneral bug fix for NXP platforms only
e83812f11 fix(nxp-ddr): add checking return valueNoNoGeneral bug fix for NXP platforms only
0ca1d8fba fix(layerscape): unlock write access SMMU_CBn_ACTLRYesYesErrata fix for NXP platforms onlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18865
b96253db0 fix(trp): preserve RMI SMC X4 when not used as returnNoNoGeneral bug fix for services/trp
be7195d06 fix(st-pmic): enclose macro parameter in parenthesesNoNoGeneral bug fix for ST platforms only
3cebeec2a fix(st-pmic): define pmic_regs table sizeNoNoGeneral bug fix for ST platforms only
68083e7ad fix(st-regulator): explicitly check operators precedenceNoNoGeneral bug fix for ST platforms only
6a3ffb539 fix(st-regulator): rework for_each_*rdev macrosNoNoGeneral bug fix for ST platforms only
91af163cb fix(st-regulator): enclose macro parameters in parenthesesNoNoGeneral bug fix for ST platforms only
9a00daf9d fix(st-regulator): use Boolean type for testsNoNoGeneral bug fix for ST platforms only
c3ae7da02 fix(st-clock): use Boolean type for testsNoNoGeneral bug fix for ST platforms only
69a2e320b fix(st-clock): remove useless switchNoNoGeneral bug fix for ST platforms only
ee21709e9 fix(st-clock): give the size for parent_mp13 and dividers_mp13 tablesNoNoGeneral bug fix for ST platforms only
4198fa1db fix(st-clock): avoid arithmetics on pointersNoNoGeneral bug fix for ST platforms only
56048fe21 fix(st): explicitly check operators precedenceNoNoGeneral bug fix for ST platforms only
9c1aa1253 fix(st): add U suffix for unsigned numbersNoNoGeneral bug fix for ST platforms only
e7d75448b fix(st): use indices when counting GPIOs in DTNoNoGeneral bug fix for ST platforms only
0ebaf2228 fix(st): rework secure-status check in fdt_get_status()NoNoGeneral bug fix for ST platforms only
45d2d495e fix(st): use Boolean type for testsNoNoGeneral bug fix for ST platforms only
d7f5bed90 fix(stm32mp1): add const for strings in stm32mp_get_soc_name()NoNoGeneral bug fix for ST platforms only
127ed0008 fix(stm32mp1): rework DWL buffer cache invalidationNoNoGeneral bug fix for ST platforms only
029f81e04 fix(st-sdmmc): check transfer size before filling registerNoNoGeneral bug fix for ST platforms only
5d942ff19 fix(st-gpio): define shift as uint32_tNoNoGeneral bug fix for ST platforms only
dc0ca64e4 fix(rmmd): add missing padding to RMM Boot Manifest and initialize itNoNoThis fix might be critical to the way EL3 and RMM interact.
b87b02cf1 fix(cpus): workaround for Cortex-A710 erratum 2768515YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18866
1cfde8222 fix(cpus): workaround for Cortex-X2 erratum 2768515YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18867
def7590b3 fix(el3-spmc): improve bound check for descriptorYesNoFixes potential buffer overflow or stack overflow issues
1543d17b9 fix(el3-spmc): fix coverity scan warningsYesNoFixes potential issue where emad descriptor might be compromised
3354915ff fix(tsp): use verbose for power logsNoNoMinor bug fix for TSP
3a3e0e537 fix(rdn1edge): change variable type to fix gcc sign conversion errorNoNoGeneral bug fix for Arm platforms
f0f2c9036 fix(scmi): change function prototype to fix gcc errorNoNoGeneral bug fix for SCMI driver
a0d5147b8 fix(gpt_rme): fix compilation error for gpt_rme.cNoNoFixes compilation error with gpt_rme.c
0ee07d796 fix(Xilinx): use lib/smccc.h macros instead of trusty spdNoNoGeneral bug fix for Xilinx platforms only
377846b65 fix(st): include utils.h to solve compilation errorNoYesFixes compilation error with stm32mp_crypto_lib.c. Confirmed by platform maintainer.https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18952
e61713b00 fix(el3_runtime): do not save scr_el3 during EL3 entryNoNoGeneral bug fix for lib/el3_runtime
1cbe42a51 fix(el3_runtime): allow SErrors when executing in EL3NoYesCritical bug fix to keep EA enabled when executing in EL3https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18953
1ee7c8232 fix(cpus): workaround for Neoverse N2 erratum 2743089YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18868
b10afcce5 fix(cpus): workaround for Cortex-A78 erratum 2772019YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18869
31747f057 fix(cpus): workaround for Neoverse V1 erratum 2743093YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18870
2fff46c80 fix(tc): change the properties of optee reserved memoryNoNoGeneral bug fix for TotalCompute platform
95302e4b2 fix(arm): arm_rotpk_header undefined referenceNoNoFixes compilation error for Arm platforms
4e46db40f fix(Xilinx): resolve integer handling issueNoNoGeneral bug fix for Xilinx platforms only
76ed32236 fix(intel): add mailbox error return status for FCS_DECRYPTIONNoNoGeneral bug fix for Intel platforms only
b34a48c1c fix(intel): missing NCORE CCU snoop filter fix in BL2NoNeeds inputFixes a hardware issue with the snoop filtering on Intel platforms
62cd8f314 fix(el3-spmc): report execution state in partition info getNoNoGeneral bug fix
9bff7ce37 fix(qemu-sbsa): enable SVE and SMENoNoGeneral bug fix
d0b58c8a9 fix(zynqmp): remove redundant api_version checkNoNoGeneral bug fix. Fixes compilation warning
90c4b3b62 fix(renesas): align incompatible function pointersNoNoGeneral bug fix. Fixes compilation warning
9f58bfbbe fix(brcm): add braces around bodies of conditionalsNoNoGeneral bug fix. Fixes MISRA warning
02af589cf fix(st-usb): replace redundant checks with assertsNoNoGeneral bug fix
78fbb0ec8 fix(gic): wrap cache enabled assert under plat_can_cmoNoNeeds inputFixes a boot issue with dcache disabled
d1d8a9bad fix(st): make metadata_block_spec staticNoNoFixes sparse warning. Looks like a compilation fix.
6e55f9e2c fix(stm32mp1): add missing platform.h includeNoNoFixes sparse warning. Looks like a compilation fix.
70a422ba8 fix(st-crypto): set get_plain_pk_from_asn1() staticNoNoFixes sparse warning. Looks like a compilation fix.
6b3ca0a81 fix(st-crypto): remove platdata functionsNoNoFixes sparse warning
e9e4a2a6f fix(auth): only accept v3 X.509 certificatesNoNoGeneral bug fix
fd37982a1 fix(auth): forbid junk after extensionsYesYesFix for security advisory 10https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18871
72460f50e fix(auth): require at least one extension to be presentYesYesFix for security advisory 10https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18872
f47547b35 fix(auth): reject invalid padding in digestsNoNoGeneral bug fix
a8c8c5ef2 fix(auth): reject padding after BIT STRING in signaturesNoNoGeneral bug fix
8816dbb38 fix(auth): require bit strings to have no unused bitsNoNoGeneral bug fix
ca34dbc0c fix(auth): reject junk after certificatesNoNoGeneral bug fix
7e3f6a87d fix(plat/tc): increase TC_TZC_DRAM1_SIZENoNoGeneral bug fix
40e740dc1 fix(fconf): make struct fconf_populator staticNoNoFixes sparse warning
06c01b085 fix(libc): properly define SCHAR_MINNoYesFixes a potential security issue if not used correctlyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18954
0e0bd250e fix(mpam): remove unwanted param for "endfunc" macroNoNoGeneral bug fix
89d85ad0a fix(cpus): workaround for Cortex-A710 erratum 2282622YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18873
8c23775e8 fix(versal-net): resolve misra 10.6 warningsNoNoGeneral bug fix
21d1966a2 fix(versal-net): resolve misra rule 20.7 warningsNoNoGeneral bug fix
2d056db4e fix(versal-net): clear power down interrupt status before enableNoNoGeneral bug fix
1f79bdfd9 fix(versal-net): fix setting power down stateNoNoGeneral bug fix
5f0f7e47e fix(versal-net): clear power down bit during wakeupNoNoGeneral bug fix
e663f09b3 fix(versal-net): disable wakeup interrupt during client wakeupNoNoGeneral bug fix
39fffe552 fix(versal-net): enable wake interrupt during client suspendNoNoGeneral bug fix
abb8f936f fix(auth): avoid out-of-bounds read in auth_nvctr()YesYesFix for security advisory 10https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18874
f5c51855d fix(auth): properly validate X.509 extensionsYesYesFix for security advisory 10https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18875
0fe002c9b fix(versal): print proper atf handoff sourceNoNoGeneral bug fix
f9c6301d7 fix(cpus): workaround for Cortex-X2 erratum 2282622YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18876
81f525ecc fix(ti): fix typo in boot authentication message nameNoNoGeneral bug fix
60719e4e0 fix(plat/css): fix invalid redistributor poweroffNoYesGeneral bug fixhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18955
f15659076 fix(zynqmp): fix xck24 silicon IDNoNoGeneral bug fix
600c8f7d9 fix(stm32mp15-fdts): use interrupts-extended for i2c2NoNoGeneral bug fix. Fixes compilation warning.
8406db14f fix: add parenthesis for tests in MIN, MAX and CLAMP macrosNoNoGeneral bug fix
e0c56fd71 fix(fdt-wrappers): use correct prototypesNoNoGeneral bug fix for sparse warnings
06d223cb4 fix(io): compare function pointers with NULLNoNoGeneral bug fix for sparse warnings
654b65b36 fix(auth): use NULL instead of 0 for pointer checkNoNoGeneral bug fix for sparse warnings
03bd48102 fix(console): correct scopes for console symbolsNoNoGeneral bug fix for sparse warnings
28dc82580 fix(libc): remove __putchar aliasNoNoGeneral bug fix for sparse warnings
7d1700c4d fix(cpus): workaround for Cortex-A78 erratum 2779479YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18956
2757da061 fix(cpus): workaround for Neoverse V1 errata 2779461YesYesCPU errata qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/18957
129066203 fix(partition): add missing curly bracesNoNoGeneral bug fix for MISRA
d1c6c4955 fix(partition): add U suffix for unsigned numbersNoNoGeneral bug fix for MISRA
14cda5168 fix(mmc): explicitly check operators precedenceNoNoGeneral bug fix for MISRA
bf78a6504 fix(mmc): do not modify r_data in mmc_send_cmd()NoNoGeneral bug fix for MISRA
53cbc9496 fix(mmc): align part config typeNoNoGeneral bug fix for MISRA
00230e37e fix(cpus): workaround for Cortex-A78C erratum 2772121YesYesCPU errata fix qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19082
695a48b5b fix(psci): tighten psci_power_down_wfi behaviourNoNoGeneral bug fix
aea4ccf8d fix(cpus): workaround for Cortex-A510 erratum 2684597YesYesCPU errata fix qualifies automaticallyhttps://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19083
cca91b7ae docs(measured-boot): fix few typosNoNoGeneral bug fix for the documentation
d7156d412 docs(security): security advisory for CVE-2022-47630YesYesDocumentation for security advisory 10https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/19090
355dc3d4d fix(versal-net): populate gic v3 rdist data staticallyNoNoPlatform bug fix. Not a security issue.
Last Author
vwadekar
Last Edited
Fri, Feb 3, 9:40 AM

Event Timeline

dbharbin created this object.Thu, Jan 12, 9:16 PM
dbharbin edited the content of this document. (Show Details)Wed, Jan 18, 8:58 PM
dbharbin changed the title from Tracking to LTS Tracking.Wed, Jan 18, 9:03 PM
dbharbin edited the content of this document. (Show Details)
dbharbin edited the content of this document. (Show Details)
dbharbin edited the content of this document. (Show Details)
bipinravi-arm edited the content of this document. (Show Details)Wed, Jan 18, 10:55 PM
vwadekar published a new version of this document.Fri, Jan 20, 11:34 AM
vwadekar added a subscriber: vwadekar.
vwadekar changed the title from LTS Tracking to LTS Tracking for v2.8.x.Fri, Jan 20, 12:39 PM
vwadekar edited the content of this document. (Show Details)
vwadekar edited the content of this document. (Show Details)Fri, Jan 20, 11:02 PM
vwadekar edited the content of this document. (Show Details)Fri, Jan 20, 11:36 PM
vwadekar edited the content of this document. (Show Details)Fri, Jan 20, 11:39 PM
vwadekar edited the content of this document. (Show Details)Fri, Jan 20, 11:47 PM
vwadekar edited the content of this document. (Show Details)Wed, Jan 25, 8:51 PM
vwadekar edited the content of this document. (Show Details)Mon, Jan 30, 9:48 AM
vwadekar edited the content of this document. (Show Details)Tue, Jan 31, 2:13 PM
vwadekar edited the content of this document. (Show Details)Wed, Feb 1, 4:57 PM
vwadekar edited the content of this document. (Show Details)Fri, Feb 3, 9:40 AM