Readme and Change-log updates for v1.6 release

Change-Id: I7855c9d3de104975bf3249bdf291c428f001d07a
Signed-off-by: Joanna Farley <joanna.farley@arm.com>
This commit is contained in:
Joanna Farley 2018-09-11 15:51:31 +01:00
parent d301b88b0e
commit d83bf0bc10
2 changed files with 315 additions and 22 deletions

View File

@ -4,6 +4,288 @@
.. contents::
Trusted Firmware-A - version 1.6
================================
New Features
------------
- Addressing Speculation Security Vunerabilities
- Implement static workaround for CVE-2018-3639 for AArch32 and AArch64
- Add support for dynamic mitigation for CVE-2018-3639
- Implement dynamic mitigation for CVE-2018-3639 on Cortex-A76
- Ensure SDEI handler executes with CVE-2018-3639 mitigation enabled
- Introduce RAS handling on AArch64
- Some RAS extensions are mandatory for ARMv8.2 CPUs, with others
mandatory for ARMv8.4 CPUs however, all extensions are also optional
extensions to the base ARMv8.0 architecture.
- The ARMv8 RAS Extensions introduced Standard Error Records which are a
set of standard registers to configure RAS node policy and allow RAS
Nodes to record and expose error information for error handling agents.
- Capabilities are provided to support RAS Node enumeration and iteration
along with individual interrupt registrations and fault injections
support.
- Introduce handlers for Uncontainable errors, Double Faults and EL3
External Aborts
- Enable Memory Partitioning And Monitoring (MPAM) for lower EL's
- Memory Partitioning And Monitoring is an Armv8.4 feature that enables
various memory system components and resources to define partitions.
Software running at various ELs can then assign themselves to the
desired partition to control their performance aspects.
- When ENABLE_MPAM_FOR_LOWER_ELS is set to 1, EL3 allows
lower ELs to access their own MPAM registers without trapping to EL3.
This patch however, doesn't make use of partitioning in EL3; platform
initialisation code should configure and use partitions in EL3 if
required.
- Introduce ROM Lib Feature
- Support combining several libraries into a self-called "romlib" image,
that may be shared across images to reduce memory footprint. The romlib
image is stored in ROM but is accessed through a jump-table that may be
stored in read-write memory, allowing for the library code to be patched.
- Introduce Backtrace Feature
- This function displays the backtrace, the current EL and security state
to allow a post-processing tool to choose the right binary to interpret
the dump.
- Print backtrace in assert() and panic() to the console.
- Code hygiene changes and alignment with MISRA C-2012 guideline with fixes
addressing issues complying to the following rules:
- MISRA rules 4.9, 5.1, 5.3, 5.7, 8.2-8.5, 8.8, 8.13, 9.3, 10.1,
10.3-10.4, 10.8, 11.3, 11.6, 12.1, 14.4, 15.7, 16.1-16.7, 17.7-17.8,
20.7, 20.10, 20.12, 21.1, 21.15, 22.7
- Clean up the usage of void pointers to access symbols
- Increase usage of static qualifier to locally used functions and data
- Migrated to use of u_register_t for register read/write to better
match AArch32 and AArch64 type sizes
- Use int-ll64 for both AArch32 and AArch64 to assist in consistent
format strings between architectures
- Clean up TF-A libc by removing non arm copyrighted implementations
and replacing them with modified FreeBSD and SCC implementations
- Various changes to support Clang linker and assembler
- The clang assembler/preprocessor is used when Clang is selected however,
the clang linker is not used because it is unable to link TF-A objects
due to immaturity of clang linker functionality at this time.
- Refactor support API's into Libraries
- Evolve libfdt, mbed TLS library and standard C library sources as
proper libraries that TF-A may be linked against.
- CPU Enhancements
- Add CPU support for Cortex-Ares and Cortex-A76
- Add AMU support for Cortex-Ares
- Add initial CPU support for Cortex-Deimos
- Add initial CPU support for Cortex-Helios
- Implement dynamic mitigation for CVE-2018-3639 on Cortex-A76
- Implement Cortex-Ares erratum 1043202 workaround
- Implement DSU erratum 936184 workaround
- Check presence of fix for errata 843419 in Cortex-A53
- Check presence of fix for errata 835769 in Cortex-A53
- Translation Tables Enhancements
- The xlat v2 library has been refactored in order to be reused by
different TF components at different EL's including the addition of EL2.
Some refactoring to make the code more generic and less specific to TF,
in order to reuse the library outside of this project.
- SPM Enhancements
- General cleanups and refactoring to pave the way to multiple partitions
support
- SDEI Enhancements
- Allow platforms to define explicit events
- Determine client EL from NS context's SCR_EL3
- Make dispatches synchronous
- Introduce jump primitives for BL31
- Mask events after CPU wakeup in SDEI dispatcher to conform to the
specification
- Misc TF-A Core Common Code Enhancements
- Add support for eXecute In Place (XIP) memory in BL2
- Add support for the SMC Calling Convention 2.0
- Introduce External Abort handling on AArch64
External Abort routed to EL3 was reported as an unhandled exception
and caused a panic. This change enables Arm Trusted Firmware-A to
handle External Aborts routed to EL3.
- Save value of ACTLR_EL1 implementation-defined register in the CPU
context structure rather than forcing it to 0.
- Introduce ARM_LINUX_KERNEL_AS_BL33 build option, which allows BL31 to
directly jump to a Linux kernel. This makes for a quicker and simpler
boot flow, which might be useful in some test environments.
- Add dynamic configurations for BL31, BL32 and BL33 enabling support for
Chain of Trust (COT).
- Make TF UUID RFC 4122 compliant
- New Platform Support
- Arm SGI-575
- Arm SGM-775
- Allwinner sun50i_64
- Allwinner sun50i_h6
- NXP ls1043
- NXP i.MX8QX
- NXP i.MX8QM
- TI K3
- Socionext Synquacer SC2A11
- Marvell Armada 8K
- STMicroelectronics STM32MP1
- Misc Generic Platform Common Code Enhancements
- Add MMC framework that supports both eMMC and SD card devices
- Misc Arm Platform Common Code Enhancements
- Demonstrate PSCI MEM_PROTECT from el3_runtime
- Provide RAS support
- Migrate AArch64 port to the multi console driver. The old API is
deprecated and will eventually be removed.
- Move BL31 below BL2 to enable BL2 overlay resulting in changes in the
layout of BL images in memory to enable more efficient use of available
space.
- Add cpp build processing for dtb that allows processing device tree
with external includes.
- Extend FIP io driver to support multiple FIP devices
- Add support for SCMI AP core configuration protocol v1.0
- Use SCMI AP core protocol to set the warm boot entrypoint
- Add support to Mbed TLS drivers for shared heap among different
BL images to help optimise memory usage
- Enable non-secure access to UART1 through a build option to support
a serial debug port for debugger connection
- Enhancements for Arm Juno Platform
- Add support for TrustZone Media Protection 1 (TZMP1)
- Enhancements for Arm FVP Platform
- Dynamic_config: remove the FVP dtb files
- Set DYNAMIC_WORKAROUND_CVE_2018_3639=1 on FVP by default
- Set the ability to dynamically disable Trusted Boot Board
authentication to be off by default with DYN_DISABLE_AUTH
- Add librom enhancement support in FVP
- Support shared Mbed TLS heap between BL1 and BL2 that allow a
reduction in BL2 size for FVP
- Enhancements for Arm SGI/SGM Platform
- Enable ARM_PLAT_MT flag for SGI-575
- Add dts files to enable support for dynamic config
- Add RAS support
- Support shared Mbed TLS heap for SGI and SGM between BL1 and BL2
- Enhancements for Non Arm Platforms
- Raspberry Pi Platform
- Hikey Platforms
- Xilinx Platforms
- QEMU Platform
- Rockchip rk3399 Platform
- TI Platforms
- Socionext Platforms
- Allwinner Platforms
- NXP Platforms
- NVIDIA Tegra Platform
- Marvell Platforms
- STMicroelectronics STM32MP1 Platform
Issues resolved since last release
----------------------------------
- No issues known at 1.5 release resolved in 1.6 release
Known Issues
------------
- DTB creation not supported when building on a Windows host. This step in the
build process is skipped when running on a Windows host. Known issue from
1.5 version.
Trusted Firmware-A - version 1.5
================================
@ -287,8 +569,8 @@ Issues resolved since last release
Known Issues
------------
- DTB creation not supported when building on a windows host. This step in the
build process is skipped when running on a windows host.
- DTB creation not supported when building on a Windows host. This step in the
build process is skipped when running on a Windows host.
Trusted Firmware-A - version 1.4
================================

View File

@ -1,4 +1,4 @@
Trusted Firmware-A - version 1.5
Trusted Firmware-A - version 1.6
================================
Trusted Firmware-A (TF-A) provides a reference implementation of secure world
@ -136,6 +136,11 @@ Functionality
- Support for the GCC, LLVM and Arm Compiler 6 toolchains.
- Support combining several libraries into a self-called "romlib" image, that
may be shared across images to reduce memory footprint. The romlib image
is stored in ROM but is accessed through a jump-table that may be stored
in read-write memory, allowing for the library code to be patched.
For a full description of functionality and implementation details, please
see the `Firmware Design`_ and supporting documentation. The `Change Log`_
provides details of changes made since the last release.
@ -147,34 +152,35 @@ Various AArch32 and AArch64 builds of this release has been tested on variants
r0, r1 and r2 of the `Juno Arm Development Platform`_.
Various AArch64 builds of this release have been tested on the following Arm
Fixed Virtual Platforms (`FVP`_) without shifted affinities, and that do not
Fixed Virtual Platforms (`FVP`_) without shifted affinities that do not
support threaded CPU cores (64-bit host machine only):
NOTE: Unless otherwise stated, the FVP Version is 11.2 Build 11.2.33.
NOTE: Unless otherwise stated, the model version is Version 11.4 Build 37.
- ``Foundation_Platform``
- ``FVP_Base_AEMv8A-AEMv8A`` (and also Version 9.0, Build 0.8.9005)
- ``FVP_Base_Aresx4``
- ``FVP_Base_AEMv8A-AEMv8A``
- ``FVP_Base_AEMv8A-AEMv8A-AEMv8A-AEMv8A-CCN502``
- ``FVP_Base_AEMv8A-AEMv8A``
- ``FVP_Base_RevC-2xAEMv8A``
- ``FVP_Base_Cortex-A32x4``
- ``FVP_Base_Cortex-A35x4``
- ``FVP_Base_Cortex-A53x4``
- ``FVP_Base_Cortex-A55x4+Cortex-A75x4``
- ``FVP_Base_Cortex-A55x4``
- ``FVP_Base_Cortex-A57x4-A53x4``
- ``FVP_Base_Cortex-A57x4``
- ``FVP_Base_Cortex-A72x4-A53x4``
- ``FVP_Base_Cortex-A72x4``
- ``FVP_Base_Cortex-A73x4-A53x4``
- ``FVP_Base_Cortex-A73x4``
- ``FVP_Base_Cortex-A75x4``
- ``FVP_Base_Cortex-A76x4``
- ``FVP_CSS_SGI-575`` (Version 11.3 build 40)
- ``Foundation_Platform``
Additionally, various AArch64 builds were tested on the following Arm `FVP`_ s
with shifted affinities, supporting threaded CPU cores (64-bit host machine
only).
- ``FVP_Base_Cortex-A55x4-A75x4`` (Version 0.0, build 0.0.4395)
- ``FVP_Base_Cortex-A55x4`` (Version 0.0, build 0.0.4395)
- ``FVP_Base_Cortex-A75x4`` (Version 0.0, build 0.0.4395)
- ``FVP_Base_RevC-2xAEMv8A``
Various AArch32 builds of this release has been tested on the following Arm
`FVP`_\ s without shifted affinities, and that do not support threaded CPU cores
(64-bit host machine only):
The latest version of the AArch32 build of TF-A has been tested on the following
Arm FVPs without shifted affinities that do not support threaded CPU cores
(64-bit host machine only).
- ``FVP_Base_AEMv8A-AEMv8A``
- ``FVP_Base_Cortex-A32x4``
@ -182,17 +188,22 @@ Various AArch32 builds of this release has been tested on the following Arm
The Foundation FVP can be downloaded free of charge. The Base FVPs can be
licensed from Arm. See the `Arm FVP website`_.
All the above platforms have been tested with `Linaro Release 17.10`_.
All the above platforms have been tested with `Linaro Release 18.04`_.
This release also contains the following platform support:
- Allwinner sun50i_64 and sun50i_h6
- ARM SGI-575 and SGM-775
- HiKey, HiKey960 and Poplar boards
- Marvell Amarda 8K
- MediaTek MT6795 and MT8173 SoCs
- NVidia T132, T186 and T210 SoCs
- NXP ls1043, i.MX8QX and i.MX8QM
- QEMU emulator
- Raspberry Pi 3 board
- RockChip RK3328, RK3368 and RK3399 SoCs
- Socionext UniPhier SoC family and SynQuacer SC2A11 SoCs
- STMicroelectronics STM32MP1
- Texas Instruments K3 SoCs
- Xilinx Zynq UltraScale + MPSoC
@ -201,7 +212,7 @@ Still to come
- More platform support.
- Improved dynamic configuration support.
- Position independent executable (PIE) support.
- Ongoing support for new architectural features, CPUs and System IP.
@ -262,7 +273,7 @@ Arm licensees may contact Arm directly via their partner managers.
.. _Juno Arm Development Platform: http://www.arm.com/products/tools/development-boards/versatile-express/juno-arm-development-platform.php
.. _Arm FVP website: FVP_
.. _FVP: https://developer.arm.com/products/system-design/fixed-virtual-platforms
.. _Linaro Release 17.10: https://community.arm.com/dev-platforms/b/documents/posts/linaro-release-notes-deprecated#LinaroRelease17.10
.. _Linaro Release 18.04: https://community.arm.com/dev-platforms/b/documents/posts/linaro-release-notes-deprecated#LinaroRelease18.04
.. _OP-TEE Secure OS: https://github.com/OP-TEE/optee_os
.. _NVidia Trusted Little Kernel: http://nv-tegra.nvidia.com/gitweb/?p=3rdparty/ote_partner/tlk.git;a=summary
.. _Trusty Secure OS: https://source.android.com/security/trusty