This document contains a summary of the new features, changes, fixes and known
issues in each release of Trusted Firmware-A.
- **Architecture**
- **Performance Monitors Extension (FEAT_PMUv3)**
- This patch explicitly breaks the EL2 entry path. It is
currently unsupported.
**See:** convert FEAT_MTPMU to C and move to persistent register init ([83a4dae](83a4dae1af))
- **Libraries**
- **EL3 Runtime**
- **Context Management**
- Initialisation code for handoff from EL3 to NS-EL1
disabled by default. Platforms which do that need to enable this macro
going forward
**See:** introduce INIT_UNUSED_NS_EL2 macro ([183329a](183329a584))
- **Drivers**
- **Authentication**
- remove CryptoCell-712/713 support
**See:** remove CryptoCell-712/713 support ([b65dfe4](b65dfe40ae))
- **Architecture**
- **CPU feature / ID register handling in general**
- add AArch32 PAN detection support ([d156c52](d156c5220a))
- add memory retention bit define for CLUSTERPWRDN ([278beb8](278beb894a))
- deny AArch64-only features when building for AArch32 ([733d112](733d112f05))
- initialize HFG*_EL2 registers ([4a530b4](4a530b4c65))
- **Memory Tagging Extension**
- adds feature detection for MTE_PERM ([4d0b663](4d0b66323b))
- **Performance Monitors Extension (FEAT_PMUv3)**
- introduce pmuv3 lib/extensions folder ([c73686a](c73686a11c))
- **Platforms**
- **Allwinner**
- use reset through scpi for warm/soft reset ([0cf5f08](0cf5f08a20))
- **Arm**
- add IO policy to use backup gpt header ([3e6d245](3e6d245772))
- ecdsa p384/p256 full key support ([b8ae689](b8ae68908d))
- enable FHI PPI interrupt to report CPU errors ([f1e4a28](f1e4a28d3f))
- reuse SPM_MM specific defines for SPMC_AT_EL3 ([5df1dcc](5df1dccd0b))
- save BL32 image base and size in entry point info ([821b01f](821b01fa75))
- add memory map entry for CPER memory region ([4dc91ac](4dc91ac906))
- firmware first error handling support for base RAMs ([5b77a0e](5b77a0e675))
- update common platform RAS implementation ([7f15131](7f15131df4))
- **FVP**
- add mbedtls_asn1_get_len symbol in ROMlib ([0605060](06050601d2))
- add public key-OID information in RSS metadata structure ([bfbb1cb](bfbb1cbaac))
- add spmd logical partition ([5cf311f](5cf311f3a4))
- allow configurable FVP Trusted SRAM size ([41e56f4](41e56f422d))
- capture timestamps in bl stages ([ed8f06d](ed8f06ddda))
- implement platform function to measure and publish Public Key ([db55d23](db55d23d34))
- increase BL1 RW area for PSA_CRYPTO implementation ([ce18938](ce189383dc))
- mock support for CCA NV ctr ([02552d4](02552d45e5))
- new SiP call to set an interrupt pending ([2032401](20324013b1))
- spmd logical partition smc handler ([a1a9a95](a1a9a95071))
- **Juno**
- add mbedtls_asn1_get_len symbol in ROMlib ([ec8ba97](ec8ba97e4f))
- **Morello**
- add cpuidle support ([4f7330d](4f7330dc78))
- add support for I2S audio ([6bcbe43](6bcbe43790))
- add TF-A version string to NT_FW_CONFIG ([f4e64d1](f4e64d1f5e))
- fdts: add CoreSight DeviceTree bindings ([3e6cfa7](3e6cfa7bd0))
- set NT_FW_CONFIG properties for MCC, PCC and SCP version ([10fd85d](10fd85d8f4))
- **RD**
- **RD-N2**
- enable base element RAM RAS support on RD-N2 platform ([0288632](0288632665))
- add defines needed for spmc-el3 ([b4bed4b](b4bed4b769))
- add plat hook for memory transaction ([f99dcba](f99dcbace7))
- enable Neoverse N2 CPU error handling support ([e802748](e80274880b))
- introduce accessor function to obtain datastore ([f458934](f458934265))
- introduce platform handler for Group0 interrupt ([c47d049](c47d0491ed))
- **SGI**
- remove RAS setup call from common code ([0f5e8eb](0f5e8eb453))
- firmware first error handling for Neoverse N2 CPU ([31d1e4f](31d1e4ff8d))
- increase sp memmap size ([7c33bca](7c33bcab59))
- **TC**
- define memory ranges for tc platform ([9be6b16](9be6b168fb))
- implement platform function to measure and publish Public Key ([eee9fb0](eee9fb02f7))
- deprecate Arm TC1 FVP platform ([6a2b11c](6a2b11c29d))
- **Aspeed**
- **AST2700**
- add Aspeed AST2700 platform support ([85f199b](85f199b774))
- **Intel**
- add intel_rsu_update() to sip_svc_v2 ([e3c3a48](e3c3a48c85))
- ccu driver for Agilex5 SoC FPGA ([02df499](02df499000))
- clock manager support for Agilex5 SoC FPGA ([1b1a3eb](1b1a3eb1ed))
- cold/warm reset and smp support for Agilex5 SoC FPGA ([79626f4](79626f460f))
- ddr driver for Agilex5 SoC FPGA ([29461e4](29461e4c88))
- mailbox and SMC support for Agilex5 SoC FPGA ([8e59b9f](8e59b9f423))
- memory controller support for Agilex5 SoC FPGA ([18adb4e](18adb4efa4))
- mmc support for Agilex5 SoC FPGA ([4a577da](4a577da661))
- pinmux, peripheral and Handoff support for Agilex5 SoC FPGA ([fcbb5cf](fcbb5cf7ea))
- platform enablement for Agilex5 SoC FPGA ([7931d33](7931d3322d))
- power manager for Agilex5 SoC FPGA ([a8bf898](a8bf898f02))
- reset manager support for Agilex5 SoC FPGA ([9b8d813](9b8d813cc9))
- restructure sys mgr for Agilex ([6197dc9](6197dc98fe))
- restructure sys mgr for S10/N5X ([b653f3c](b653f3caf0))
- sdmmc/nand/combo-phy/qspi driver for Agilex5 SoC FPGA ([ddaf02d](ddaf02d171))
- setup SEU ERR read interface for FP8 ([91239f2](91239f2c05))
- system manager support for Agilex5 SoC FPGA ([7618403](7618403110))
- uart support for Agilex5 SoC FPGA ([34971f8](34971f816a))
- vab support for Agilex5 SoC FPGA ([4754925](4754925057))
- **MediaTek**
- add APU bootup control smc call ([94a9e62](94a9e6243e))
- add APU watchdog timeout control ([baa0d45](baa0d45ced))
- **MT8188**
- add apusys ao devapc setting ([777e3b7](777e3b71bb))
- add backup/restore function when power on/off ([233d604](233d604f50))
- add devapc setting of apusys rcx ([5986ae5](5986ae57aa))
- add DSB before udelay ([b254b98](b254b9815e))
- add emi mpu protection for APU secure memory ([176846a](176846a50b))
- add EMI MPU support for SCP and DSP ([013006f](013006f1f8))
- add support for SMC from OP-TEE ([34d9d61](34d9d619f1))
- enable apusys domain remap ([b5900c9](b5900c92a1))
- enable apusys mailbox mpu protect ([ad7673a](ad7673adef))
- increase TZRAM_SIZE from 192KB to 256KB ([aa1cb27](aa1cb279b6))
- modify APU DAPC permission ([d06edab](d06edabfd1))
- update return value in mtk_emi_mpu_sip_handler ([d07eee2](d07eee245b))
- **MT8195**
- increase TZRAM ([4f79b67](4f79b67250))
- **NXP**
- **i.MX**
- add dummy 'plat_mboot_measure_key' function ([b9bceef](b9bceef8ee))
- **i.MX 8M**
- add more dram pll setting ([8947404](89474044a5))
- detect console base address during runtime ([df730d9](df730d94cb))
- enable snvs privileged registers access ([8d150c9](8d150c9524))
- move the gpc reg & macro to a separate header file ([2a6ffa9](2a6ffa99af))
- **i.MX 8M Nano**
- add workaround for errata ERR050362 ([8562564](8562564669))
- **i.MX 9**
- **i.MX93**
- add cpuidle and basic suspend support ([422d30c](422d30c626))
- add OPTEE support ([27a0be7](27a0be77a0))
- add reset & poweroff support ([cf7ef4c](cf7ef4c762))
- add the basic support ([2368d7b](2368d7b157))
- add the trdc driver ([2935291](2935291009))
- allow SoC masters access to system TCM ([3d3b769](3d3b769a7c))
- protect OPTEE memory to secure access only ([f560f84](f560f843bd))
- update the ocram trdc config for did10 ([eb76a24](eb76a2416a))
- **QEMU**
- add sdei support for QEMU ([cef76a7](cef76a7c5d))
- add "cortex-a710" cpu support ([4734a62](4734a62d2c))
- add "neoverse-n2" cpu support ([408f9cb](408f9cb485))
- add "neoverse-v1" cpu support ([6d8d7d2](6d8d7d2380))
- add "neoverse-v1" cpu support ([214de62](214de62c92))
- add A55 cpu support for virt ([409c20c](409c20c84d))
- add dummy plat_mboot_measure_key() BL1 function ([8e2fd6a](8e2fd6a84b))
- add dummy plat_mboot_measure_key() function ([f0f11ac](f0f11acd86))
- implement firmware handoff on qemu ([322af23](322af23445))
- **SBSA**
- handle platform version ([c681d02](c681d02c6c))
- handle GIC base ([1e67b1b](1e67b1b17a))
- handle GIC ITS address ([4171e98](4171e981d1))
- **QTI**
- **MSM8916**
- add port for MDM9607 ([78aac78](78aac78ad2))
- add port for MSM8909 ([cf0a75f](cf0a75f04d))
- add port for MSM8939 ([c28e96c](c28e96cd52))
- add SP_MIN port for AArch32 ([45b2bd0](45b2bd0acb))
- add Test Secure Payload (TSP) port ([6b8f9e1](6b8f9e16a7))
- allow selecting which UART to use ([aad23f1](aad23f1a2c))
- clear CACHE_LOCK for MMU-500 r2p0+ ([d9b0442](d9b04423cf))
- initialize CCI-400 for multiple clusters ([1240dc7](1240dc7ef1))
- power on L2 caches for secondary clusters ([c822d26](c822d26506))
- **ST**
- add RCC registers list ([4cfbb84](4cfbb84aeb))
- allow AARCH64 compilation for common code ([dad7181](dad7181698))
- introduce new platform STM32MP2 ([35527fb](35527fb418))
- support gcc as linker ([7762531](7762531216))
- update STM32MP DT files ([4c8e8ea](4c8e8ea772))
- **STM32MP1**
- add FWU with boot from NOR-SPI ([dfbadfd](dfbadfd96b))
- **STM32MP15**
- disable OP-TEE shared memory ([fb1d3bd](fb1d3bd933))
- **STM32MP2**
- add console configuration ([87a940e](87a940e027))
- generate stm32 file ([e5839ed](e5839ed79e))
- **Texas Instruments**
- add TI-SCI query firmware capabilities command support ([7ab7828](7ab782801f))
- query firmware for suspend capability ([ce1008f](ce1008fef1))
- remove extra core counts in cluster 2 and 3 ([e986845](e9868458e6))
- **Xilinx**
- add support to get chipid ([0563601](0563601f03))
- clean macro names ([bfd0626](bfd0626554))
- fix IPI calculation for Versal/NET ([69a5bee](69a5bee4c3))
- move IPI related macros to plat_ipi.h ([b2258ce](b2258ce30c))
- remove crash console unused macros ([473ada6](473ada6be6))
- setup local/remote id in header ([068b0bc](068b0bc6e3))
- switch boot console to runtime ([9c1c8f0](9c1c8f0101))
- sync macro names ([04a4833](04a483359f))
- used console also as crash console ([3e6b96e](3e6b96e869))
- **Versal**
- add support for SMCC ARCH SOC ID ([079c6e2](079c6e2403))
- add tsp support ([7ff4d4f](7ff4d4fbe5))
- ddr address reservation in dtb at runtime ([56d1857](56d1857efc))
- enable assertion ([0375188](0375188a3e))
- retrieval of console information from dtb ([7c36fbc](7c36fbcc13))
- **Versal NET**
- add cluster check in handoff parameters ([01c8c6a](01c8c6a554))
- add support for SMCC ARCH SOC ID ([1873e7f](1873e7f7d8))
- add the IPI CRC checksum macro support ([ba56b01](ba56b012c8))
- add tsp support ([639b367](639b3676cc))
- ddr address reservation in dtb at runtime ([46a08aa](46a08aab4c))
- enable assertion ([80cb4b1](80cb4b1404))
- get the handoff params using IPI ([a36ac40](a36ac40c4e))
- remove empty crash console setup ([6a14246](6a14246ad4))
- retrieval of console information from dtb ([a467e81](a467e813a3))
- **ZynqMP**
- enable assertion ([2243ba3](2243ba3c38))
- remove pm_ioctl_set_sgmii_mode api ([7414aaa](7414aaa1a1))
- retrieval of console information from dtb ([3923462](3923462239))
- **Nuvoton**
- added support for npcm845x chip ([edcece1](edcece15c7))
- **Bootloader Images**
- **BL2**
- add gpt support ([6ed98c4](6ed98c45db))
- **BL31**
- reuse SPM_MM specific defines for SPMC_AT_EL3 ([f5e1bed](f5e1bed266))
- **BL32**
- print entry point before exiting SP_MIN ([94e1be2](94e1be2b29))
- **Services**
- **RME**
- save PAuth context when RME is enabled ([13cc1aa](13cc1aa70a))
- **RMMD**
- enable SME for RMM ([f92eb7e](f92eb7e261))
- pass SMCCCv1.3 SVE hint bit to RMM ([6788963](678896301b))
- **RMM**
- update RMI VERSION command as per EAC5 ([ade6000](ade6000ff0))
- **SPM**
- separate StMM SP specifics to add support for a S-EL0 SP ([549bc04](549bc04f14))
- **EL3 SPMC**
- add a flag to enable support to load SEL0 SP ([801cd3c](801cd3c84a))
- **SPMD**
- add partition info get regs ([0b850e9](0b850e9e7c))
- add spmd logical partitions ([890b508](890b508820))
- el3 direct message API ([66bdfd6](66bdfd6e4e))
- get logical partitions info ([95f7f6d](95f7f6d86a))
- **ERRATA ABI**
- add support for Cortex-X3 ([9c16521](9c16521606))
- **Libraries**
- **CPU Support**
- add a concise way to implement AArch64 errata ([3f4c1e1](3f4c1e1e7b))
- add a way to automatically report errata ([4f748cc](4f748cc44c))
- add errata framework helpers ([445f7b5](445f7b5191))
- add more errata framework helpers ([94a75ad](94a75ad456))
- add support for Gelas CPU ([02586e0](02586e0e28))
- add support for hermes cpu ([a00e907](a00e907696))
- add support for Nevis CPU ([5497958](549795895c))
- add support for Travis CPU ([a0594ad](a0594add2e))
- conform DSU errata to errata framework PCS ([ee6d04d](ee6d04d449))
- make revision procedure call optional ([4d22b0e](4d22b0e5ba))
- wrappers to propagate AArch32 errata info ([34c51f3](34c51f327d))
- **EL3 Runtime**
- modify vector entry paths ([d04c04a](d04c04a4e8))
- **RAS**
- reuse SPM_MM specific defines for SPMC_AT_EL3 ([6e92a82](6e92a82c81))
- use FEAT_IESB for error synchronization ([6597fcf](6597fcf169))
- **Translation Tables**
- detect 4KB and 16KB page support when FEAT_LPA2 is present ([bff074d](bff074dd94))
- **C Standard Library**
- add %X to printf/snprintf ([483edc2](483edc207a))
- implement memcpy_s in lib ([f328bff](f328bff667))
- **PSA**
- interface with RSS for retrieving ROTPK ([50316e2](50316e226f))
- **Firmware Handoff**
- introduce firmware handoff library ([3ba2c15](3ba2c15147))
- port BL31-BL33 interface to fw handoff framework ([94c90ac](94c90ac816))
- **Drivers**
- **Authentication**
- add CCA NV ctr to CCA CoT ([e3b1cc0](e3b1cc0c51))
- add explicit entries for key OIDs ([0cffcdd](0cffcdd617))
- create a zero-OID for Subject Public Key ([9505d03](9505d03e36))
- ecdsa p384 key support ([557f7d8](557f7d806a))
- measure and publicise the Public Key ([9eaa5a0](9eaa5a09ed))
- **mbedTLS**
- update to 3.4.1 ([e686cdb](e686cdb450))
- add deprecation notice ([267c106](267c106f02))
- **mbedTLS-PSA**
- initialise mbedtls psa crypto ([4eaaaa1](4eaaaa1929))
- introduce PSA_CRYPTO build option ([5782b89](5782b890d2))
- mbedTLS PSA Crypto with ECDSA ([255ce97](255ce97d60))
- register an ad-hoc PSA crypto driver ([38f8936](38f893692a))
- use PSA crypto API during hash calculation ([484b586](484b58696d))
- use PSA crypto API during signature verification ([eaa62e8](eaa62e825e))
- use PSA crypto API for hash verification ([2ed061c](2ed061c435))
- **Measured Boot**
- introduce platform function to measure and publish Public Key ([2971bad](2971bad8d4))
- **GUID Partition Tables Support**
- add interface to init gpt ([f08460d](f08460dc08))
- add support to use backup GPT header ([ad2dd65](ad2dd65871))
- **Arm**
- **Ethos-N**
- update npu error handling ([4796d2d](4796d2d9bb))
- **RSS**
- set the signer-ID in the RSS metadata ([60861a0](60861a04e0))
- **ST**
- **Clock**
- allow aarch64 compilation of STGEN functions ([b1718c6](b1718c6382))
- stub fdt_get_rcc_secure_state ([19c3808](19c38081d3))
- **UART**
- add AARCH64 stm32_console driver ([c6d070c](c6d070cdba))
- **Miscellaneous**
- **AArch64**
- add stack debug information to assembly routines ([f832885](f832885303))
- **DT Bindings**
- add the STM32MP2 clock and reset bindings ([3ccb708](3ccb708ece))
- **FDTs**
- **Morello**
- add thermal framework ([0b22160](0b221603e9))
- **STM32MP2**
- add stm32mp257f-ev1 board ([9aa5371](9aa5371f2f))
- introduce stm32mp25 pinctrl files ([2c62cc4](2c62cc4a87))
- introduce stm32mp25 SoCs family ([0dc283d](0dc283d29e))
- **TBBR**
- add image id for backup GPT ([1051606](1051606c3d))
- update PK_DER_LEN for ECDSA P-384 keys ([c1ec23d](c1ec23dd60))
- **Documentation**
- introduce STM32MP2 doc ([ee5076f](ee5076f971))
- save BL32 image base and size in entry point info ([31dcf23](31dcf23451))
- add a threat model for TF-A with Arm CCA ([4463541](446354122c))
- cover threats inherent to receiving data over UART ([348446a](348446ad2a))
- add a section for experimental build options ([4885600](48856003bf))
- **Build System**
- include plat header in fdt build ([e03dcc8](e03dcc8f5e))
- manage patch version in Makefile ([055ebec](055ebeca1b))
- march option selection ([7794d6c](7794d6c8f8))
- pass CCA NV ctr option to cert_create ([0f19b7a](0f19b7aada))
- .gitignore to include memory tools ([82257de](82257de06d))
- allow gcc linker on Aarch32 platforms ([cfe6767](cfe6767f7d))
- bump certifi to version 2023.7.22 ([6cbf432](6cbf43204f))
- convert tabs and ifdef comparisons ([72f027c](72f027c335))
- convert tabs to spaces ([1ca73b4](1ca73b4f4a))
- disable ENABLE_FEAT_MPAM for Aarch32 ([a07b459](a07b4590dd))
- include Cortex-A78AE cpu file for FVP ([b996db1](b996db168d))
- pass parameters through response files ([430be43](430be4396b))
- remove duplicated include order ([c189adb](c189adbd55))
- remove handling of mandatory options ([1ca902a](1ca902a537))
- **Tools**
- **Firmware Image Package Tool**
- add ability to build statically ([4d4fec2](4d4fec2818))
- **Secure Partition Tool**
- generate `ARM_BL2_SP_LIST_DTS` file from `sp_layout.json` ([20629b3](20629b3153))
- **Certificate Creation Tool**
- add new option for CCA NV ctr ([60753a6](60753a6329))
- add pkcs11 engine support ([616b3ce](616b3ce27d))
- ecdsa p384 key support ([c512c89](c512c89cde))
- **Memory Mapping Tool**
- add tabular memory use data ([d9d5eb1](d9d5eb138d))
- add topological memory view ([cc60aba](cc60aba227))
- **Architecture**
- **CPU feature / ID register handling in general**
- move nested virtualization support to optionals ([8b2048c](8b2048c1c0))
- **Memory Partitioning and Monitoring (MPAM) Extension (FEAT_MPAM)**
- refine MPAM initialization and enablement process ([edebefb](edebefbcbc))
- **Performance Monitors Extension (FEAT_PMUv3)**
- make MDCR_EL3.MTPME=1 out of reset ([33815eb](33815eb719))
- **Platforms**
- register PLAT_SP_PRI only if not already registered ([bf01999](bf01999aba))
- **Arm**
- add Event Log area behind Trustzone Controller ([d836df7](d836df71ea))
- correct the SPMC_AT_EL3 condition ([a0ef1c0](a0ef1c0ef0))
- fix GIC macros for GICv4.1 support ([f1df8f1](f1df8f10c6))
- add RAS_FFH_SUPPORT check for RAS EHF priority ([1c01284](1c012840ca))
- do not program DSU CLUSTERPWRDN register ([3209b35](3209b35d2a))
- **FPGA**
- enable CPU features required for ARMv9.2 cores ([b321c24](b321c24342))
- **FVP**
- adjust BL2 maximum size as per total SRAM size ([965aace](965aacea91))
- adjust BL31 maximum size as per total SRAM size ([24e224b](24e224b41c))
- conditionally increase XLAT and MMAP table entries ([03cf4e9](03cf4e9aad))
- extract core id from mpidr for pwrc operations ([70bc744](70bc74441b))
- increase maximum MMAP and XLAT entries count ([12fe591](12fe591b3e))
- increase the maximum size of Event Log ([f1dfaa4](f1dfaa42cf))
- resolve broken workaround reference ([bcb3ea9](bcb3ea92f8))
- update pwr_domain_suspend ([f51d277](f51d277de3))
- update system suspend in OS-initiated mode ([e0ef05b](e0ef05bb2c))
- **Morello**
- configure platform specific secure SPIs ([80f8769](80f8769b26))
- **N1SDP**
- configure platform specific secure SPIs ([7b0c95a](7b0c95abc8))
- fix spi_ids range for n1sdp multichip boot ([31f60a9](31f60a9683))
- **SGI**
- update PLAT_SP_PRI macro definition ([6f689a5](6f689a51a5))
- **TC**
- Correct return type ([b0542b5](b0542b58ca))
- rename macro to match PSA spec ([1fc20d7](1fc20d7f52))
- **Corstone-1000**
- add cpu_helpers.S to platform.mk ([cb27274](cb27274c99))
- modify boot device dependencies ([3ff5fc2](3ff5fc2b35))
- removing the signature area ([5856a91](5856a91a64))
- **Aspeed**
- **AST2700**
- add device mapping for coherent memory ([cef2e92](cef2e92568))
- **Broadcom**
- fix misspelled header inclusion guard ([a9779c1](a9779c11da))
- **Cadence**
- update console flush uart driver ([e27bebb](e27bebb0fe))
- **Intel**
- fix ncore ccu snoop dvm enable bug ([106aa54](106aa54d92))
- resolved coverity checking ([1af7bf7](1af7bf71c0))
- update boot scratch cold register to use cold 8 ([655af4f](655af4f492))
- update checking for memcpy and memset ([c418064](c418064eb5))
- **MediaTek**
- support saving/restoring GICR registers ([f73466e](f73466e9a2))
- **NVIDIA**
- **Tegra**
- return correct error code for plat_core_pos_by_mpidr ([6bd79b1](6bd79b13f8))
- **NXP**
- **i.MX**
- **i.MX 8M**
- make IMX_BOOT_UART_BASE autodetection option more obvious ([101f070](101f07022a))
- map BL32 memory only if SPD_opteed or SPD_trusty is enabled ([4827613](4827613c9a))
- **QEMU**
- fix 32-bit builds with stack protector ([e57ca89](e57ca899ef))
- **SBSA**
- align FIP base to BL1 size ([408cde8](408cde8a59))
- **QTI**
- **SC7280**
- update pwr_domain_suspend ([a43be0f](a43be0f610))
- update system suspend in OS-initiated mode ([0a9270a](0a9270abe8))
- **Renesas**
- **R-Car**
- add mandatory fields in 'reserved-memory' node ([f945498](f945498faa))
- **R-Car 3**
- fix CPG register code comment ([69c371b](69c371bc16))
- update Draak and Eagle board IDs ([281edfe](281edfee02))
- **ST**
- allow crypto lib compilation in aarch64 ([76e4fab](76e4fab000))
- enable RTC clock before accessing nv counter ([77ce6a5](77ce6a561e))
- flush UART at the end of uart_read() ([a9cb7d0](a9cb7d002d))
- properly check LOADADDR ([9f72f5e](9f72f5eac8))
- reduce MMC block_buffer ([a2500ab](a2500ab7ab))
- setting default KEY_SIZE ([6f3ca8a](6f3ca8ada6))
- update comment on encryption key ([5c506c7](5c506c7375))
- update dt_get_ddr_size() type ([2a4abe0](2a4abe0b37))
- **STM32MP1**
- add void entry in plat_def_toc_entries ([8214ecd](8214ecdab2))
- properly check PSCI functions return ([241f874](241f874545))
- use the BSEC nodes compatible for stm32mp13 ([2171bd9](2171bd9511))
- **Texas Instruments**
- align static device region addresses to reduce MMU table count ([53a868f](53a868f676))
- fix TISCI API changes during refactor ([d7a7135](d7a7135d32))
- release lock in all TI-SCI xfer return paths ([e92375e](e92375e07c))
- remove check for zero value in BL31 boot args ([44edd3b](44edd3bd7c))
- **Xilinx**
- add headers to resolve compile time issue ([744d60a](744d60aab4))
- dcache flush for dtb region ([93ed138](93ed138006))
- don't reserve 1 more byte ([c3b69bf](c3b69bf17b))
- dynamic mmap region for dtb ([7ca7fb1](7ca7fb1bf0))
- remove clock_setrate and clock_getrate api ([e5955d7](e5955d7c63))
- remove console error message ([f9820f2](f9820f21b8))
- update dtb when dtb address and tf-a ddr flow is used ([fdf8f92](fdf8f929df))
- **DCC (Debug Communication Channel)**
- add dcc console unregister function ([0936abe](0936abe9b2))
- enable DCC also for crash console ([c6d9186](c6d9186f60))
- **Versal**
- add missing irq mapping for wakeup src ([06b9c4c](06b9c4c87d))
- fix BLXX memory limits for user defined values ([f123b91](f123b91fdd))
- make pmc ipi channel as secure ([96eaafa](96eaafa3f8))
- type cast addresses to fix integer overflow ([bfe82cf](bfe82cff6f))
- use correct macro name for ocm base address ([56afab7](56afab73a8))
- **Versal NET**
- add redundant call to avoid glitches ([cebb7cc](cebb7cc110))
- change flag to increase security ([e8efb65](e8efb65afb))
- correct device node indexes ([66b5620](66b5620c87))
- don't clear pending interrupts ([fb73ea6](fb73ea6cc3))
- fix BLXX memory limits for user defined values ([a80da38](a80da3899a))
- make pmc ipi channel as secure ([2c65b79](2c65b79e25))
- use correct macro name for uart baudrate ([e2ef1df](e2ef1dfcdb))
- **ZynqMP**
- do not export apu_ipi ([237c5a7](237c5a74a2))
- fix BLXX memory limits for user defined values ([8ce2fbf](8ce2fbffe3))
- fix prepare_dtb() memory description ([3efee73](3efee73d52))
- fix sdei arm_validate_ns_entrypoint() ([3b3c70a](3b3c70a418))
- handling of type el3 interrrupts ([e8d61f7](e8d61f7d91))
- make zynqmp_devices structure smaller ([7e3e799](7e3e79995a))
- remove unused headers ([6288636](62886363a1))
- resolve runtime error in TSP ([81ad3b1](81ad3b14b9))
- type cast addresses to fix overflow issue ([9129163](91291633a1))
- validate clock_id to avoid OOB variable access ([abc79c2](abc79c275b))
- **Nuvoton**
- fix typo in platform.mk ([c7efb78](c7efb78f8e))
- **Bootloader Images**
- **BL2**
- bl2 start address for RESET_TO_BL2+ENABLE_PIE ([d478ac1](d478ac16c9))
- **BL31**
- resolve runtime console garbage in next stage ([889e3d1](889e3d1c68))
- **BL32**
- always include arm_arch_svc in SP_MIN ([cd0786c](cd0786c73e))
- avoid clearing argument registers in RESET_TO_SP_MIN case ([56055e8](56055e87b0))
- **TSP**
- fix destination ID in direct request ([ed23d27](ed23d274fa))
- flush uart console ([ae074b3](ae074b369a))
- **Services**
- **RME**
- **RMMD**
- enable sme using sme_enable_per_world ([c0e16d3](c0e16d30ab))
- **SPM**
- **EL3 SPM**
- fix LSP direct message response ([c040621](c040621dba))
- improve direct messaging validation ([48fe24c](48fe24c50c))
- **EL3 SPMC**
- avoid descriptor size calc overflow ([27c0242](27c0242508))
- correctly account for emad_offset ([0c2583c](0c2583c6fb))
- fix incorrect CASSERT ([1dd79f9](1dd79f9e23))
- only call spmc_shm_check_obj() on complete objects ([d781959](d781959f81))
- prevent total_page_count overflow ([2d4da8e](2d4da8e265))
- remove experimental flag ([630a06c](630a06c4c6))
- use uint64_t for 64-bit type ([43318e4](43318e4a4d))
- use version-dependent minimum descriptor length ([52d8d50](52d8d506e7))
- validate descriptor headers ([56c052d](56c052d311))
- validate memory address alignment ([327b5b8](327b5b8b74))
- validate shmem descriptor alignment ([dd94372](dd94372d77))
- **SPMD**
- coverity scan issues ([b04343f](b04343f3c9))
- fix FFA_VERSION forwarding ([76d53ee](76d53ee1aa))
- perform G0 interrupt acknowledge and deactivation ([6c91fc4](6c91fc4458))
- relax use of EHF with SPMC at S-EL2 ([bb6d0a1](bb6d0a174f))
- **ERRATA ABI**
- added Neoverse N2 to Errata ABI list ([7e030b3](7e030b3763))
- fix the rev-var for Cortex-A710 ([5c8fcc0](5c8fcc0ca7))
- update the Cortex-A76 errata ABI struct ([92d5b50](92d5b501d4))
- update the Cortex-A78C errata ABI struct ([7f2caec](7f2caecdbc))
- update the neoverse-N1 errata ABI struct ([56747a5](56747a5caa))
- update the Neoverse-N2 errata ABI struct ([80af87e](80af87e476))
- **Libraries**
- **CPU Support**
- assert invalid cpu_ops obtained ([3f721c6](3f721c6edd))
- check for SME presence in Gelas ([0bbd432](0bbd4329bf))
- fix minor issue seen with a9 cpu ([af70470](af704705c1))
- fix the rev-var for Cortex-A710 ([2bf7939](2bf7939a7b))
- fix the rev-var of Cortex-X2 ([8ae66d6](8ae66d624e))
- fix the rev-var of Neoverse-V1 ([ab2b56d](ab2b56df26))
- flush L2 cache for Cortex-A7/12/15/17 ([c5c160c](c5c160cddd))
- integer suffix macro definition ([1a56ed4](1a56ed4b35))
- reduce generic_errata_report()'s size ([f43e09a](f43e09a12e))
- revert erroneous use of override_vector_table macro in Cortex-A73 ([9a0c812](9a0c81257f))
- update the fix for Cortex-A78AE erratum 1941500 ([67a2ad1](67a2ad171d))
- update the rev-var for Cortex-A78AE ([c814619](c814619a36))
- workaround for Cortex-A510 erratum 2080326 ([6e86475](6e86475d55))
- workaround for Cortex-A710 erratum 2742423 ([d7bc2cb](d7bc2cb430))
- workaround for Cortex-X2 erratum 2742423 ([fe06e11](fe06e118ab))
- workaround for Cortex-X3 erratum 2070301 ([2454316](2454316c2a))
- workaround for Cortex-X3 erratum 2742421 ([5b0e443](5b0e4438d0))
- workaround for Neoverse N2 erratum 2009478 ([74bfe31](74bfe31fd2))
- workaround for Neoverse N2 erratum 2340933 ([68085ad](68085ad482))
- workaround for Neoverse N2 erratum 2346952 ([6cb8be1](6cb8be17a5))
- workaround for Neoverse N2 erratum 2743014 ([eb44035](eb44035cde))
- workaround for Neoverse N2 erratum 2779511 ([12d2806](12d28067c9))
- workaround for Neoverse V2 erratum 2331132 ([8852fb5](8852fb5b7d))
- workaround for Neoverse V2 erratum 2719105 ([b011402](b01140256b))
- workaround for Neoverse V2 erratum 2743011 ([58dd153](58dd153cc8))
- workaround for Neoverse V2 erratum 2779510 ([ff34264](ff342643bc))
- workaround for Neoverse V2 erratum 2801372 ([40c81ed](40c81ed533))
- **EL3 Runtime**
- leverage generic interrupt controller helpers ([07f867b](07f867b122))
- restrict lower el EA handlers in FFH mode ([6d22b08](6d22b089ff))
- **Context Management**
- make ICC_SRE_EL2 fixup generic to all worlds ([5e8cc72](5e8cc72786))
- set MDCR_EL3.{NSPBE, STE} explicitly ([99506fa](99506face1))
- **RAS**
- remove RAS_FFH_SUPPORT and introduce FFH_SUPPORT ([f87e54f](f87e54f73c))
- restrict ENABLE_FEAT_RAS to have only two states ([970a4a8](970a4a8d8c))
- **PSCI**
- add optional pwr_domain_validate_suspend to plat_psci_ops_t ([d348861](d34886140c))
- **SMCCC**
- ensure that mpidr passed through SMC is valid ([e60c184](e60c18471f))
- pass SMCCCv1.3 SVE hint to internal flags ([b2d8517](b2d851785f))
- **Translation Tables**
- fix defects on the xlat library reported by coverity scan ([2974ad8](2974ad87b8))
- set MAX_PHYS_ADDR to total mapped physical region ([1a38aaf](1a38aafbff))
- **Drivers**
- **Authentication**
- allow hashes of different lengths ([22a5354](22a53545aa))
- don't overwrite pk with converted pk when rotpk is hash ([1046b41](1046b41808))
- **Measured Boot**
- don't strip last non-0 char ([b85bcb8](b85bcb8ec9))
- **MMC**
- initialises response buffer with zeros ([b1a2c51](b1a2c51a08))
- **MTD**
- **NAND**
- reset the SLC NAND ([f4d765a](f4d765a128))
- **SPI NAND**
- add Quad Enable management ([da7a33c](da7a33cf2f))
- **SCMI**
- add parameter for plat_scmi_clock_rates_array ([ca9d6ed](ca9d6edc89))
- **UFS**
- performs unsigned shift for doorbell ([e47d8a5](e47d8a58b0))
- set data segment length ([9d6786c](9d6786cace))
- **Arm**
- **GIC**
- **GICv3**
- map generic interrupt type to GICv3 group ([632e5ff](632e5ffeb8))
- move invocation of gicv3_get_multichip_base function ([36704d0](36704d09c6))
- **GIC-600**
- fix gic600 maximum SPI ID ([69ed7dc](69ed7dc2e9))
- **Renesas**
- **R-Car3**
- update DDR setting ([138ddcb](138ddcbf4d))
- **ST**
- **Clock**
- disabling CKPER clock is not functional on stm32mp13 ([1bbcb58](1bbcb58a69))
- **Crypto**
- do not read RNG data if it's not ready ([53092a7](53092a7780))
- use GENMASK_32 to define PKA registers masks ([379d77b](379d77b370))
- **DDR**
- express memory size with size_t type ([b4e1e8f](b4e1e8fbf0))
- **UART**
- allow 64 bit compilation ([6fef0f6](6fef0f67e4))
- correctly check UART enabled in flush fonction ([a527380](a5273808aa))
- skip console flush if UART is disabled ([b156d7b](b156d7b1cc))
- **Miscellaneous**
- **AArch32**
- disable workaround discovery on aarch32 for now ([d1f2748](d1f2748ed2))
- **FDTs**
- **STM32MP1**
- move /omit-if-no-ref/ to overlay files ([f351f91](f351f9110f))
- **STM32MP13**
- correct the BSEC nodes compatible ([85c2ea8](85c2ea8fd3))
- cosmetic fixes in PLL nodes ([8b82663](8b826636a3))
- **SDEI**
- ensure that interrupt ID is valid ([a7eff34](a7eff3477d))
- **TBBR**
- guard defines under MBEDTLS_CONFIG_FILE ([81c2e15](81c2e1566d))
- unrecognised 'tos-fw-key-cert' option ([f1cb5bd](f1cb5bd190))
- **Documentation**
- match boot-order size to implementation ([fd1479d](fd1479d919))
- add missing line in the fiptool command for stm32mp1 ([d526d00](d526d00a13))
- fix build errors for latexpdf ([443d6ea](443d6ea699))
- remove out-dated information about CI review comments ([74306b2](74306b2ac8))
- replace deprecated urls under tfa/docs ([5fdf198](5fdf198c11))
- update maintainers list ([9766f41](9766f41d3c))
- updated certain Neoverse N2 erratum status in docs ([d6d34b3](d6d34b3913))
- use rsvg-convert as the conversion backend ([c365476](c365476003))
- **Tools**
- **Firmware Image Package Tool**
- move juno plat_fiptool.mk ([570a230](570a23099c))
- **Certificate Creation Tool**
- fix key loading logic ([bb3b0c0](bb3b0c0b09))
- key: Avoid having a temporary value for pkey in key_load ([ea6f845](ea6f8452f6))
- **Memory Mapping Tool**
- reintroduce support for GNU map files ([d0e3053](d0e3053c4f))
