This document contains a summary of the new features, changes, fixes and known
issues in each release of Trusted Firmware-A.
- **Architecture**
- **Performance Monitors Extension (FEAT_PMUv3)**
- This patch explicitly breaks the EL2 entry path. It is
currently unsupported.
**See:** convert FEAT_MTPMU to C and move to persistent register init ([83a4dae](83a4dae1af))
- **Libraries**
- **EL3 Runtime**
- **Context Management**
- Initialisation code for handoff from EL3 to NS-EL1
disabled by default. Platforms which do that need to enable this macro
going forward
**See:** introduce INIT_UNUSED_NS_EL2 macro ([183329a](183329a584))
- **Drivers**
- **Authentication**
- remove CryptoCell-712/713 support
**See:** remove CryptoCell-712/713 support ([b65dfe4](b65dfe40ae))
- **Architecture**
- **CPU feature / ID register handling in general**
- add AArch32 PAN detection support ([d156c52](d156c5220a))
- add memory retention bit define for CLUSTERPWRDN ([278beb8](278beb894a))
- deny AArch64-only features when building for AArch32 ([733d112](733d112f05))
- initialize HFG*_EL2 registers ([4a530b4](4a530b4c65))
- **Memory Tagging Extension**
- adds feature detection for MTE_PERM ([4d0b663](4d0b66323b))
- **Performance Monitors Extension (FEAT_PMUv3)**
- introduce pmuv3 lib/extensions folder ([c73686a](c73686a11c))
- **Platforms**
- **Allwinner**
- use reset through scpi for warm/soft reset ([0cf5f08](0cf5f08a20))
- **Arm**
- add IO policy to use backup gpt header ([3e6d245](3e6d245772))
- ecdsa p384/p256 full key support ([b8ae689](b8ae68908d))
- enable FHI PPI interrupt to report CPU errors ([f1e4a28](f1e4a28d3f))
- reuse SPM_MM specific defines for SPMC_AT_EL3 ([5df1dcc](5df1dccd0b))
- save BL32 image base and size in entry point info ([821b01f](821b01fa75))
- add memory map entry for CPER memory region ([4dc91ac](4dc91ac906))
- firmware first error handling support for base RAMs ([5b77a0e](5b77a0e675))
- update common platform RAS implementation ([7f15131](7f15131df4))
- **FVP**
- add mbedtls_asn1_get_len symbol in ROMlib ([0605060](06050601d2))
- add public key-OID information in RSS metadata structure ([bfbb1cb](bfbb1cbaac))
- add spmd logical partition ([5cf311f](5cf311f3a4))
- allow configurable FVP Trusted SRAM size ([41e56f4](41e56f422d))
- capture timestamps in bl stages ([ed8f06d](ed8f06ddda))
- implement platform function to measure and publish Public Key ([db55d23](db55d23d34))
- increase BL1 RW area for PSA_CRYPTO implementation ([ce18938](ce189383dc))
- mock support for CCA NV ctr ([02552d4](02552d45e5))
- new SiP call to set an interrupt pending ([2032401](20324013b1))
- spmd logical partition smc handler ([a1a9a95](a1a9a95071))
- **Juno**
- add mbedtls_asn1_get_len symbol in ROMlib ([ec8ba97](ec8ba97e4f))
- **Morello**
- add cpuidle support ([4f7330d](4f7330dc78))
- add support for I2S audio ([6bcbe43](6bcbe43790))
- add TF-A version string to NT_FW_CONFIG ([f4e64d1](f4e64d1f5e))
- fdts: add CoreSight DeviceTree bindings ([3e6cfa7](3e6cfa7bd0))
- set NT_FW_CONFIG properties for MCC, PCC and SCP version ([10fd85d](10fd85d8f4))
- **RD**
- **RD-N2**
- enable base element RAM RAS support on RD-N2 platform ([0288632](0288632665))
- add defines needed for spmc-el3 ([b4bed4b](b4bed4b769))
- add plat hook for memory transaction ([f99dcba](f99dcbace7))
- enable Neoverse N2 CPU error handling support ([e802748](e80274880b))
- introduce accessor function to obtain datastore ([f458934](f458934265))
- introduce platform handler for Group0 interrupt ([c47d049](c47d0491ed))
- **SGI**
- remove RAS setup call from common code ([0f5e8eb](0f5e8eb453))
- firmware first error handling for Neoverse N2 CPU ([31d1e4f](31d1e4ff8d))
- increase sp memmap size ([7c33bca](7c33bcab59))
- **TC**
- define memory ranges for tc platform ([9be6b16](9be6b168fb))
- implement platform function to measure and publish Public Key ([eee9fb0](eee9fb02f7))
- deprecate Arm TC1 FVP platform ([6a2b11c](6a2b11c29d))
- **Aspeed**
- **AST2700**
- add Aspeed AST2700 platform support ([85f199b](85f199b774))
- **Intel**
- add intel_rsu_update() to sip_svc_v2 ([e3c3a48](e3c3a48c85))
- ccu driver for Agilex5 SoC FPGA ([02df499](02df499000))
- clock manager support for Agilex5 SoC FPGA ([1b1a3eb](1b1a3eb1ed))
- cold/warm reset and smp support for Agilex5 SoC FPGA ([79626f4](79626f460f))
- ddr driver for Agilex5 SoC FPGA ([29461e4](29461e4c88))
- mailbox and SMC support for Agilex5 SoC FPGA ([8e59b9f](8e59b9f423))
- memory controller support for Agilex5 SoC FPGA ([18adb4e](18adb4efa4))
- mmc support for Agilex5 SoC FPGA ([4a577da](4a577da661))
- pinmux, peripheral and Handoff support for Agilex5 SoC FPGA ([fcbb5cf](fcbb5cf7ea))
- platform enablement for Agilex5 SoC FPGA ([7931d33](7931d3322d))
- power manager for Agilex5 SoC FPGA ([a8bf898](a8bf898f02))
- reset manager support for Agilex5 SoC FPGA ([9b8d813](9b8d813cc9))
- restructure sys mgr for Agilex ([6197dc9](6197dc98fe))
- restructure sys mgr for S10/N5X ([b653f3c](b653f3caf0))
- sdmmc/nand/combo-phy/qspi driver for Agilex5 SoC FPGA ([ddaf02d](ddaf02d171))
- setup SEU ERR read interface for FP8 ([91239f2](91239f2c05))
- system manager support for Agilex5 SoC FPGA ([7618403](7618403110))
- uart support for Agilex5 SoC FPGA ([34971f8](34971f816a))
- vab support for Agilex5 SoC FPGA ([4754925](4754925057))
- **MediaTek**
- add APU bootup control smc call ([94a9e62](94a9e6243e))
- add APU watchdog timeout control ([baa0d45](baa0d45ced))
- **MT8188**
- add apusys ao devapc setting ([777e3b7](777e3b71bb))
- add backup/restore function when power on/off ([233d604](233d604f50))
- add devapc setting of apusys rcx ([5986ae5](5986ae57aa))
- add DSB before udelay ([b254b98](b254b9815e))
- add emi mpu protection for APU secure memory ([176846a](176846a50b))
- add EMI MPU support for SCP and DSP ([013006f](013006f1f8))
- add support for SMC from OP-TEE ([34d9d61](34d9d619f1))
- enable apusys domain remap ([b5900c9](b5900c92a1))
- enable apusys mailbox mpu protect ([ad7673a](ad7673adef))
- increase TZRAM_SIZE from 192KB to 256KB ([aa1cb27](aa1cb279b6))
- modify APU DAPC permission ([d06edab](d06edabfd1))
- update return value in mtk_emi_mpu_sip_handler ([d07eee2](d07eee245b))
- **MT8195**
- increase TZRAM ([4f79b67](4f79b67250))
- **NXP**
- **i.MX**
- add dummy 'plat_mboot_measure_key' function ([b9bceef](b9bceef8ee))
- **i.MX 8M**
- add more dram pll setting ([8947404](89474044a5))
- detect console base address during runtime ([df730d9](df730d94cb))
- enable snvs privileged registers access ([8d150c9](8d150c9524))
- move the gpc reg & macro to a separate header file ([2a6ffa9](2a6ffa99af))
- **i.MX 8M Nano**
- add workaround for errata ERR050362 ([8562564](8562564669))
- **i.MX 9**
- **i.MX93**
- add cpuidle and basic suspend support ([422d30c](422d30c626))
- add OPTEE support ([27a0be7](27a0be77a0))
- add reset & poweroff support ([cf7ef4c](cf7ef4c762))
- add the basic support ([2368d7b](2368d7b157))
- add the trdc driver ([2935291](2935291009))
- allow SoC masters access to system TCM ([3d3b769](3d3b769a7c))
- protect OPTEE memory to secure access only ([f560f84](f560f843bd))
- update the ocram trdc config for did10 ([eb76a24](eb76a2416a))
- **QEMU**
- add sdei support for QEMU ([cef76a7](cef76a7c5d))
- add "cortex-a710" cpu support ([4734a62](4734a62d2c))
- add "neoverse-n2" cpu support ([408f9cb](408f9cb485))
- add "neoverse-v1" cpu support ([6d8d7d2](6d8d7d2380))
- add "neoverse-v1" cpu support ([214de62](214de62c92))
- add A55 cpu support for virt ([409c20c](409c20c84d))
- add dummy plat_mboot_measure_key() BL1 function ([8e2fd6a](8e2fd6a84b))
- add dummy plat_mboot_measure_key() function ([f0f11ac](f0f11acd86))
- implement firmware handoff on qemu ([322af23](322af23445))
- **SBSA**
- handle platform version ([c681d02](c681d02c6c))
- handle GIC base ([1e67b1b](1e67b1b17a))
- handle GIC ITS address ([4171e98](4171e981d1))
- **QTI**
- **MSM8916**
- add port for MDM9607 ([78aac78](78aac78ad2))
- add port for MSM8909 ([cf0a75f](cf0a75f04d))
- add port for MSM8939 ([c28e96c](c28e96cd52))
- add SP_MIN port for AArch32 ([45b2bd0](45b2bd0acb))
- add Test Secure Payload (TSP) port ([6b8f9e1](6b8f9e16a7))
- allow selecting which UART to use ([aad23f1](aad23f1a2c))
- clear CACHE_LOCK for MMU-500 r2p0+ ([d9b0442](d9b04423cf))
- initialize CCI-400 for multiple clusters ([1240dc7](1240dc7ef1))
- power on L2 caches for secondary clusters ([c822d26](c822d26506))
- **ST**
- add RCC registers list ([4cfbb84](4cfbb84aeb))
- allow AARCH64 compilation for common code ([dad7181](dad7181698))
- introduce new platform STM32MP2 ([35527fb](35527fb418))
- support gcc as linker ([7762531](7762531216))
- update STM32MP DT files ([4c8e8ea](4c8e8ea772))
- **STM32MP1**
- add FWU with boot from NOR-SPI ([dfbadfd](dfbadfd96b))
- **STM32MP15**
- disable OP-TEE shared memory ([fb1d3bd](fb1d3bd933))
- **STM32MP2**
- add console configuration ([87a940e](87a940e027))
- generate stm32 file ([e5839ed](e5839ed79e))
- **Texas Instruments**
- add TI-SCI query firmware capabilities command support ([7ab7828](7ab782801f))
- query firmware for suspend capability ([ce1008f](ce1008fef1))
- remove extra core counts in cluster 2 and 3 ([e986845](e9868458e6))
- **Xilinx**
- add support to get chipid ([0563601](0563601f03))
- clean macro names ([bfd0626](bfd0626554))
- fix IPI calculation for Versal/NET ([69a5bee](69a5bee4c3))
- move IPI related macros to plat_ipi.h ([b2258ce](b2258ce30c))
- remove crash console unused macros ([473ada6](473ada6be6))
- setup local/remote id in header ([068b0bc](068b0bc6e3))
- switch boot console to runtime ([9c1c8f0](9c1c8f0101))
- sync macro names ([04a4833](04a483359f))
- used console also as crash console ([3e6b96e](3e6b96e869))
- **Versal**
- add support for SMCC ARCH SOC ID ([079c6e2](079c6e2403))
- add tsp support ([7ff4d4f](7ff4d4fbe5))
- ddr address reservation in dtb at runtime ([56d1857](56d1857efc))
- enable assertion ([0375188](0375188a3e))
- retrieval of console information from dtb ([7c36fbc](7c36fbcc13))
- **Versal NET**
- add cluster check in handoff parameters ([01c8c6a](01c8c6a554))
- add support for SMCC ARCH SOC ID ([1873e7f](1873e7f7d8))
- add the IPI CRC checksum macro support ([ba56b01](ba56b012c8))
- add tsp support ([639b367](639b3676cc))
- ddr address reservation in dtb at runtime ([46a08aa](46a08aab4c))
- enable assertion ([80cb4b1](80cb4b1404))
- get the handoff params using IPI ([a36ac40](a36ac40c4e))
- remove empty crash console setup ([6a14246](6a14246ad4))
- retrieval of console information from dtb ([a467e81](a467e813a3))
- **ZynqMP**
- enable assertion ([2243ba3](2243ba3c38))
- remove pm_ioctl_set_sgmii_mode api ([7414aaa](7414aaa1a1))
- retrieval of console information from dtb ([3923462](3923462239))
- **Nuvoton**
- added support for npcm845x chip ([edcece1](edcece15c7))
- **Bootloader Images**
- **BL2**
- add gpt support ([6ed98c4](6ed98c45db))
- **BL31**
- reuse SPM_MM specific defines for SPMC_AT_EL3 ([f5e1bed](f5e1bed266))
- **BL32**
- print entry point before exiting SP_MIN ([94e1be2](94e1be2b29))
- **Services**
- **RME**
- save PAuth context when RME is enabled ([13cc1aa](13cc1aa70a))
- **RMMD**
- enable SME for RMM ([f92eb7e](f92eb7e261))
- pass SMCCCv1.3 SVE hint bit to RMM ([6788963](678896301b))
- **RMM**
- update RMI VERSION command as per EAC5 ([ade6000](ade6000ff0))
- **SPM**
- separate StMM SP specifics to add support for a S-EL0 SP ([549bc04](549bc04f14))
- **EL3 SPMC**
- add a flag to enable support to load SEL0 SP ([801cd3c](801cd3c84a))
- **SPMD**
- add partition info get regs ([0b850e9](0b850e9e7c))
- add spmd logical partitions ([890b508](890b508820))
- el3 direct message API ([66bdfd6](66bdfd6e4e))
- get logical partitions info ([95f7f6d](95f7f6d86a))
- **ERRATA ABI**
- add support for Cortex-X3 ([9c16521](9c16521606))
- **Libraries**
- **CPU Support**
- add a concise way to implement AArch64 errata ([3f4c1e1](3f4c1e1e7b))
- add a way to automatically report errata ([4f748cc](4f748cc44c))
- add errata framework helpers ([445f7b5](445f7b5191))
- add more errata framework helpers ([94a75ad](94a75ad456))
- add support for Gelas CPU ([02586e0](02586e0e28))
- add support for hermes cpu ([a00e907](a00e907696))
- add support for Nevis CPU ([5497958](549795895c))
- add support for Travis CPU ([a0594ad](a0594add2e))
- conform DSU errata to errata framework PCS ([ee6d04d](ee6d04d449))
- make revision procedure call optional ([4d22b0e](4d22b0e5ba))
- wrappers to propagate AArch32 errata info ([34c51f3](34c51f327d))
- **EL3 Runtime**
- modify vector entry paths ([d04c04a](d04c04a4e8))
- **RAS**
- reuse SPM_MM specific defines for SPMC_AT_EL3 ([6e92a82](6e92a82c81))
- use FEAT_IESB for error synchronization ([6597fcf](6597fcf169))
- **Translation Tables**
- detect 4KB and 16KB page support when FEAT_LPA2 is present ([bff074d](bff074dd94))
- **C Standard Library**
- add %X to printf/snprintf ([483edc2](483edc207a))
- implement memcpy_s in lib ([f328bff](f328bff667))
- **PSA**
- interface with RSS for retrieving ROTPK ([50316e2](50316e226f))
- **Firmware Handoff**
- introduce firmware handoff library ([3ba2c15](3ba2c15147))
- port BL31-BL33 interface to fw handoff framework ([94c90ac](94c90ac816))
- **Drivers**
- **Authentication**
- add CCA NV ctr to CCA CoT ([e3b1cc0](e3b1cc0c51))
- add explicit entries for key OIDs ([0cffcdd](0cffcdd617))
- create a zero-OID for Subject Public Key ([9505d03](9505d03e36))
- ecdsa p384 key support ([557f7d8](557f7d806a))
- measure and publicise the Public Key ([9eaa5a0](9eaa5a09ed))
- **mbedTLS**
- update to 3.4.1 ([e686cdb](e686cdb450))
- add deprecation notice ([267c106](267c106f02))
- **mbedTLS-PSA**
- initialise mbedtls psa crypto ([4eaaaa1](4eaaaa1929))
- introduce PSA_CRYPTO build option ([5782b89](5782b890d2))
- mbedTLS PSA Crypto with ECDSA ([255ce97](255ce97d60))
- register an ad-hoc PSA crypto driver ([38f8936](38f893692a))
- use PSA crypto API during hash calculation ([484b586](484b58696d))
- use PSA crypto API during signature verification ([eaa62e8](eaa62e825e))
- use PSA crypto API for hash verification ([2ed061c](2ed061c435))
- **Measured Boot**
- introduce platform function to measure and publish Public Key ([2971bad](2971bad8d4))
- **GUID Partition Tables Support**
- add interface to init gpt ([f08460d](f08460dc08))
- add support to use backup GPT header ([ad2dd65](ad2dd65871))
- **Arm**
- **Ethos-N**
- update npu error handling ([4796d2d](4796d2d9bb))
- **RSS**
- set the signer-ID in the RSS metadata ([60861a0](60861a04e0))
- **ST**
- **Clock**
- allow aarch64 compilation of STGEN functions ([b1718c6](b1718c6382))
- stub fdt_get_rcc_secure_state ([19c3808](19c38081d3))
- **UART**
- add AARCH64 stm32_console driver ([c6d070c](c6d070cdba))
- **Miscellaneous**
- **AArch64**
- add stack debug information to assembly routines ([f832885](f832885303))
- **DT Bindings**
- add the STM32MP2 clock and reset bindings ([3ccb708](3ccb708ece))
- **FDTs**
- **Morello**
- add thermal framework ([0b22160](0b221603e9))
- **STM32MP2**
- add stm32mp257f-ev1 board ([9aa5371](9aa5371f2f))
- introduce stm32mp25 pinctrl files ([2c62cc4](2c62cc4a87))
- introduce stm32mp25 SoCs family ([0dc283d](0dc283d29e))
- **TBBR**
- add image id for backup GPT ([1051606](1051606c3d))
- update PK_DER_LEN for ECDSA P-384 keys ([c1ec23d](c1ec23dd60))
- **Documentation**
- introduce STM32MP2 doc ([ee5076f](ee5076f971))
- save BL32 image base and size in entry point info ([31dcf23](31dcf23451))
- add a threat model for TF-A with Arm CCA ([4463541](446354122c))
- cover threats inherent to receiving data over UART ([348446a](348446ad2a))
- add a section for experimental build options ([4885600](48856003bf))
- **Build System**
- include plat header in fdt build ([e03dcc8](e03dcc8f5e))
- manage patch version in Makefile ([055ebec](055ebeca1b))
- march option selection ([7794d6c](7794d6c8f8))
- pass CCA NV ctr option to cert_create ([0f19b7a](0f19b7aada))
- .gitignore to include memory tools ([82257de](82257de06d))
- allow gcc linker on Aarch32 platforms ([cfe6767](cfe6767f7d))
- bump certifi to version 2023.7.22 ([6cbf432](6cbf43204f))
- convert tabs and ifdef comparisons ([72f027c](72f027c335))
- convert tabs to spaces ([1ca73b4](1ca73b4f4a))
- disable ENABLE_FEAT_MPAM for Aarch32 ([a07b459](a07b4590dd))
- include Cortex-A78AE cpu file for FVP ([b996db1](b996db168d))
- pass parameters through response files ([430be43](430be4396b))
- remove duplicated include order ([c189adb](c189adbd55))
- remove handling of mandatory options ([1ca902a](1ca902a537))
- **Tools**
- **Firmware Image Package Tool**
- add ability to build statically ([4d4fec2](4d4fec2818))
- **Secure Partition Tool**
- generate `ARM_BL2_SP_LIST_DTS` file from `sp_layout.json` ([20629b3](20629b3153))
- **Certificate Creation Tool**
- add new option for CCA NV ctr ([60753a6](60753a6329))
- add pkcs11 engine support ([616b3ce](616b3ce27d))
- ecdsa p384 key support ([c512c89](c512c89cde))
- **Memory Mapping Tool**
- add tabular memory use data ([d9d5eb1](d9d5eb138d))
- add topological memory view ([cc60aba](cc60aba227))
- **Architecture**
- **CPU feature / ID register handling in general**
- move nested virtualization support to optionals ([8b2048c](8b2048c1c0))
- **Memory Partitioning and Monitoring (MPAM) Extension (FEAT_MPAM)**
- refine MPAM initialization and enablement process ([edebefb](edebefbcbc))
- **Performance Monitors Extension (FEAT_PMUv3)**
- make MDCR_EL3.MTPME=1 out of reset ([33815eb](33815eb719))
- **Platforms**
- register PLAT_SP_PRI only if not already registered ([bf01999](bf01999aba))
- **Arm**
- add Event Log area behind Trustzone Controller ([d836df7](d836df71ea))
- correct the SPMC_AT_EL3 condition ([a0ef1c0](a0ef1c0ef0))
- fix GIC macros for GICv4.1 support ([f1df8f1](f1df8f10c6))
- add RAS_FFH_SUPPORT check for RAS EHF priority ([1c01284](1c012840ca))
- do not program DSU CLUSTERPWRDN register ([3209b35](3209b35d2a))
- **FPGA**
- enable CPU features required for ARMv9.2 cores ([b321c24](b321c24342))
- **FVP**
- adjust BL2 maximum size as per total SRAM size ([965aace](965aacea91))
- adjust BL31 maximum size as per total SRAM size ([24e224b](24e224b41c))
- conditionally increase XLAT and MMAP table entries ([03cf4e9](03cf4e9aad))
- extract core id from mpidr for pwrc operations ([70bc744](70bc74441b))
- increase maximum MMAP and XLAT entries count ([12fe591](12fe591b3e))
- increase the maximum size of Event Log ([f1dfaa4](f1dfaa42cf))
- resolve broken workaround reference ([bcb3ea9](bcb3ea92f8))
- update pwr_domain_suspend ([f51d277](f51d277de3))
- update system suspend in OS-initiated mode ([e0ef05b](e0ef05bb2c))
- **Morello**
- configure platform specific secure SPIs ([80f8769](80f8769b26))
- **N1SDP**
- configure platform specific secure SPIs ([7b0c95a](7b0c95abc8))
- fix spi_ids range for n1sdp multichip boot ([31f60a9](31f60a9683))
- **SGI**
- update PLAT_SP_PRI macro definition ([6f689a5](6f689a51a5))
- **TC**
- Correct return type ([b0542b5](b0542b58ca))
- rename macro to match PSA spec ([1fc20d7](1fc20d7f52))
- **Corstone-1000**
- add cpu_helpers.S to platform.mk ([cb27274](cb27274c99))
- modify boot device dependencies ([3ff5fc2](3ff5fc2b35))
- removing the signature area ([5856a91](5856a91a64))
- **Aspeed**
- **AST2700**
- add device mapping for coherent memory ([cef2e92](cef2e92568))
- **Broadcom**
- fix misspelled header inclusion guard ([a9779c1](a9779c11da))
- **Cadence**
- update console flush uart driver ([e27bebb](e27bebb0fe))
- **Intel**
- fix ncore ccu snoop dvm enable bug ([106aa54](106aa54d92))
- resolved coverity checking ([1af7bf7](1af7bf71c0))
- update boot scratch cold register to use cold 8 ([655af4f](655af4f492))
- update checking for memcpy and memset ([c418064](c418064eb5))
- **MediaTek**
- support saving/restoring GICR registers ([f73466e](f73466e9a2))
- **NVIDIA**
- **Tegra**
- return correct error code for plat_core_pos_by_mpidr ([6bd79b1](6bd79b13f8))
- **NXP**
- **i.MX**
- **i.MX 8M**
- make IMX_BOOT_UART_BASE autodetection option more obvious ([101f070](101f07022a))
- map BL32 memory only if SPD_opteed or SPD_trusty is enabled ([4827613](4827613c9a))
- **QEMU**
- fix 32-bit builds with stack protector ([e57ca89](e57ca899ef))
- **SBSA**
- align FIP base to BL1 size ([408cde8](408cde8a59))
- **QTI**
- **SC7280**
- update pwr_domain_suspend ([a43be0f](a43be0f610))
- update system suspend in OS-initiated mode ([0a9270a](0a9270abe8))
- **Renesas**
- **R-Car**
- add mandatory fields in 'reserved-memory' node ([f945498](f945498faa))
- **R-Car 3**
- fix CPG register code comment ([69c371b](69c371bc16))
- update Draak and Eagle board IDs ([281edfe](281edfee02))
- **ST**
- allow crypto lib compilation in aarch64 ([76e4fab](76e4fab000))
- enable RTC clock before accessing nv counter ([77ce6a5](77ce6a561e))
- flush UART at the end of uart_read() ([a9cb7d0](a9cb7d002d))
- properly check LOADADDR ([9f72f5e](9f72f5eac8))
- reduce MMC block_buffer ([a2500ab](a2500ab7ab))
- setting default KEY_SIZE ([6f3ca8a](6f3ca8ada6))
- update comment on encryption key ([5c506c7](5c506c7375))
- update dt_get_ddr_size() type ([2a4abe0](2a4abe0b37))
- **STM32MP1**
- add void entry in plat_def_toc_entries ([8214ecd](8214ecdab2))
- properly check PSCI functions return ([241f874](241f874545))
- use the BSEC nodes compatible for stm32mp13 ([2171bd9](2171bd9511))
- **Texas Instruments**
- align static device region addresses to reduce MMU table count ([53a868f](53a868f676))
- fix TISCI API changes during refactor ([d7a7135](d7a7135d32))
- release lock in all TI-SCI xfer return paths ([e92375e](e92375e07c))
- remove check for zero value in BL31 boot args ([44edd3b](44edd3bd7c))
- **Xilinx**
- add headers to resolve compile time issue ([744d60a](744d60aab4))
- dcache flush for dtb region ([93ed138](93ed138006))
- don't reserve 1 more byte ([c3b69bf](c3b69bf17b))
- dynamic mmap region for dtb ([7ca7fb1](7ca7fb1bf0))
- remove clock_setrate and clock_getrate api ([e5955d7](e5955d7c63))
- remove console error message ([f9820f2](f9820f21b8))
- update dtb when dtb address and tf-a ddr flow is used ([fdf8f92](fdf8f929df))
- **DCC (Debug Communication Channel)**
- add dcc console unregister function ([0936abe](0936abe9b2))
- enable DCC also for crash console ([c6d9186](c6d9186f60))
- **Versal**
- add missing irq mapping for wakeup src ([06b9c4c](06b9c4c87d))
- fix BLXX memory limits for user defined values ([f123b91](f123b91fdd))
- make pmc ipi channel as secure ([96eaafa](96eaafa3f8))
- type cast addresses to fix integer overflow ([bfe82cf](bfe82cff6f))
- use correct macro name for ocm base address ([56afab7](56afab73a8))
- **Versal NET**
- add redundant call to avoid glitches ([cebb7cc](cebb7cc110))
- change flag to increase security ([e8efb65](e8efb65afb))
- correct device node indexes ([66b5620](66b5620c87))
- don't clear pending interrupts ([fb73ea6](fb73ea6cc3))
- fix BLXX memory limits for user defined values ([a80da38](a80da3899a))
- make pmc ipi channel as secure ([2c65b79](2c65b79e25))
- use correct macro name for uart baudrate ([e2ef1df](e2ef1dfcdb))
- **ZynqMP**
- do not export apu_ipi ([237c5a7](237c5a74a2))
- fix BLXX memory limits for user defined values ([8ce2fbf](8ce2fbffe3))
- fix prepare_dtb() memory description ([3efee73](3efee73d52))
- fix sdei arm_validate_ns_entrypoint() ([3b3c70a](3b3c70a418))
- handling of type el3 interrrupts ([e8d61f7](e8d61f7d91))
- make zynqmp_devices structure smaller ([7e3e799](7e3e79995a))
- remove unused headers ([6288636](62886363a1))
- resolve runtime error in TSP ([81ad3b1](81ad3b14b9))
- type cast addresses to fix overflow issue ([9129163](91291633a1))
- validate clock_id to avoid OOB variable access ([abc79c2](abc79c275b))
- **Nuvoton**
- fix typo in platform.mk ([c7efb78](c7efb78f8e))
- **Bootloader Images**
- **BL2**
- bl2 start address for RESET_TO_BL2+ENABLE_PIE ([d478ac1](d478ac16c9))
- **BL31**
- resolve runtime console garbage in next stage ([889e3d1](889e3d1c68))
- **BL32**
- always include arm_arch_svc in SP_MIN ([cd0786c](cd0786c73e))
- avoid clearing argument registers in RESET_TO_SP_MIN case ([56055e8](56055e87b0))
- **TSP**
- fix destination ID in direct request ([ed23d27](ed23d274fa))
- flush uart console ([ae074b3](ae074b369a))
- **Services**
- **RME**
- **RMMD**
- enable sme using sme_enable_per_world ([c0e16d3](c0e16d30ab))
- **SPM**
- **EL3 SPM**
- fix LSP direct message response ([c040621](c040621dba))
- improve direct messaging validation ([48fe24c](48fe24c50c))
- **EL3 SPMC**
- avoid descriptor size calc overflow ([27c0242](27c0242508))
- correctly account for emad_offset ([0c2583c](0c2583c6fb))
- fix incorrect CASSERT ([1dd79f9](1dd79f9e23))
- only call spmc_shm_check_obj() on complete objects ([d781959](d781959f81))
- prevent total_page_count overflow ([2d4da8e](2d4da8e265))
- remove experimental flag ([630a06c](630a06c4c6))
- use uint64_t for 64-bit type ([43318e4](43318e4a4d))
- use version-dependent minimum descriptor length ([52d8d50](52d8d506e7))
- validate descriptor headers ([56c052d](56c052d311))
- validate memory address alignment ([327b5b8](327b5b8b74))
- validate shmem descriptor alignment ([dd94372](dd94372d77))
- **SPMD**
- coverity scan issues ([b04343f](b04343f3c9))
- fix FFA_VERSION forwarding ([76d53ee](76d53ee1aa))
- perform G0 interrupt acknowledge and deactivation ([6c91fc4](6c91fc4458))
- relax use of EHF with SPMC at S-EL2 ([bb6d0a1](bb6d0a174f))
- **ERRATA ABI**
- added Neoverse N2 to Errata ABI list ([7e030b3](7e030b3763))
- fix the rev-var for Cortex-A710 ([5c8fcc0](5c8fcc0ca7))
- update the Cortex-A76 errata ABI struct ([92d5b50](92d5b501d4))
- update the Cortex-A78C errata ABI struct ([7f2caec](7f2caecdbc))
- update the neoverse-N1 errata ABI struct ([56747a5](56747a5caa))
- update the Neoverse-N2 errata ABI struct ([80af87e](80af87e476))
- **Libraries**
- **CPU Support**
- assert invalid cpu_ops obtained ([3f721c6](3f721c6edd))
- check for SME presence in Gelas ([0bbd432](0bbd4329bf))
- fix minor issue seen with a9 cpu ([af70470](af704705c1))
- fix the rev-var for Cortex-A710 ([2bf7939](2bf7939a7b))
- fix the rev-var of Cortex-X2 ([8ae66d6](8ae66d624e))
- fix the rev-var of Neoverse-V1 ([ab2b56d](ab2b56df26))
- flush L2 cache for Cortex-A7/12/15/17 ([c5c160c](c5c160cddd))
- integer suffix macro definition ([1a56ed4](1a56ed4b35))
- reduce generic_errata_report()'s size ([f43e09a](f43e09a12e))
- revert erroneous use of override_vector_table macro in Cortex-A73 ([9a0c812](9a0c81257f))
- update the fix for Cortex-A78AE erratum 1941500 ([67a2ad1](67a2ad171d))
- update the rev-var for Cortex-A78AE ([c814619](c814619a36))
- workaround for Cortex-A510 erratum 2080326 ([6e86475](6e86475d55))
- workaround for Cortex-A710 erratum 2742423 ([d7bc2cb](d7bc2cb430))
- workaround for Cortex-X2 erratum 2742423 ([fe06e11](fe06e118ab))
- workaround for Cortex-X3 erratum 2070301 ([2454316](2454316c2a))
- workaround for Cortex-X3 erratum 2742421 ([5b0e443](5b0e4438d0))
- workaround for Neoverse N2 erratum 2009478 ([74bfe31](74bfe31fd2))
- workaround for Neoverse N2 erratum 2340933 ([68085ad](68085ad482))
- workaround for Neoverse N2 erratum 2346952 ([6cb8be1](6cb8be17a5))
- workaround for Neoverse N2 erratum 2743014 ([eb44035](eb44035cde))
- workaround for Neoverse N2 erratum 2779511 ([12d2806](12d28067c9))
- workaround for Neoverse V2 erratum 2331132 ([8852fb5](8852fb5b7d))
- workaround for Neoverse V2 erratum 2719105 ([b011402](b01140256b))
- workaround for Neoverse V2 erratum 2743011 ([58dd153](58dd153cc8))
- workaround for Neoverse V2 erratum 2779510 ([ff34264](ff342643bc))
- workaround for Neoverse V2 erratum 2801372 ([40c81ed](40c81ed533))
- **EL3 Runtime**
- leverage generic interrupt controller helpers ([07f867b](07f867b122))
- restrict lower el EA handlers in FFH mode ([6d22b08](6d22b089ff))
- **Context Management**
- make ICC_SRE_EL2 fixup generic to all worlds ([5e8cc72](5e8cc72786))
- set MDCR_EL3.{NSPBE, STE} explicitly ([99506fa](99506face1))
- **RAS**
- remove RAS_FFH_SUPPORT and introduce FFH_SUPPORT ([f87e54f](f87e54f73c))
- restrict ENABLE_FEAT_RAS to have only two states ([970a4a8](970a4a8d8c))
- **PSCI**
- add optional pwr_domain_validate_suspend to plat_psci_ops_t ([d348861](d34886140c))
- **SMCCC**
- ensure that mpidr passed through SMC is valid ([e60c184](e60c18471f))
- pass SMCCCv1.3 SVE hint to internal flags ([b2d8517](b2d851785f))
- **Translation Tables**
- fix defects on the xlat library reported by coverity scan ([2974ad8](2974ad87b8))
- set MAX_PHYS_ADDR to total mapped physical region ([1a38aaf](1a38aafbff))
- **Drivers**
- **Authentication**
- allow hashes of different lengths ([22a5354](22a53545aa))
- don't overwrite pk with converted pk when rotpk is hash ([1046b41](1046b41808))
- **Measured Boot**
- don't strip last non-0 char ([b85bcb8](b85bcb8ec9))
- **MMC**
- initialises response buffer with zeros ([b1a2c51](b1a2c51a08))
- **MTD**
- **NAND**
- reset the SLC NAND ([f4d765a](f4d765a128))
- **SPI NAND**
- add Quad Enable management ([da7a33c](da7a33cf2f))
- **SCMI**
- add parameter for plat_scmi_clock_rates_array ([ca9d6ed](ca9d6edc89))
- **UFS**
- performs unsigned shift for doorbell ([e47d8a5](e47d8a58b0))
- set data segment length ([9d6786c](9d6786cace))
- **Arm**
- **GIC**
- **GICv3**
- map generic interrupt type to GICv3 group ([632e5ff](632e5ffeb8))
- move invocation of gicv3_get_multichip_base function ([36704d0](36704d09c6))
- **GIC-600**
- fix gic600 maximum SPI ID ([69ed7dc](69ed7dc2e9))
- **Renesas**
- **R-Car3**
- update DDR setting ([138ddcb](138ddcbf4d))
- **ST**
- **Clock**
- disabling CKPER clock is not functional on stm32mp13 ([1bbcb58](1bbcb58a69))
- **Crypto**
- do not read RNG data if it's not ready ([53092a7](53092a7780))
- use GENMASK_32 to define PKA registers masks ([379d77b](379d77b370))
- **DDR**
- express memory size with size_t type ([b4e1e8f](b4e1e8fbf0))
- **UART**
- allow 64 bit compilation ([6fef0f6](6fef0f67e4))
- correctly check UART enabled in flush fonction ([a527380](a5273808aa))
- skip console flush if UART is disabled ([b156d7b](b156d7b1cc))
- **Miscellaneous**
- **AArch32**
- disable workaround discovery on aarch32 for now ([d1f2748](d1f2748ed2))
- **FDTs**
- **STM32MP1**
- move /omit-if-no-ref/ to overlay files ([f351f91](f351f9110f))
- **STM32MP13**
- correct the BSEC nodes compatible ([85c2ea8](85c2ea8fd3))
- cosmetic fixes in PLL nodes ([8b82663](8b826636a3))
- **SDEI**
- ensure that interrupt ID is valid ([a7eff34](a7eff3477d))
- **TBBR**
- guard defines under MBEDTLS_CONFIG_FILE ([81c2e15](81c2e1566d))
- unrecognised 'tos-fw-key-cert' option ([f1cb5bd](f1cb5bd190))
- **Documentation**
- match boot-order size to implementation ([fd1479d](fd1479d919))
- add missing line in the fiptool command for stm32mp1 ([d526d00](d526d00a13))
- fix build errors for latexpdf ([443d6ea](443d6ea699))
- remove out-dated information about CI review comments ([74306b2](74306b2ac8))
- replace deprecated urls under tfa/docs ([5fdf198](5fdf198c11))
- update maintainers list ([9766f41](9766f41d3c))
- updated certain Neoverse N2 erratum status in docs ([d6d34b3](d6d34b3913))
- use rsvg-convert as the conversion backend ([c365476](c365476003))
- **Tools**
- **Firmware Image Package Tool**
- move juno plat_fiptool.mk ([570a230](570a23099c))
- **Certificate Creation Tool**
- fix key loading logic ([bb3b0c0](bb3b0c0b09))
- key: Avoid having a temporary value for pkey in key_load ([ea6f845](ea6f8452f6))
- **Memory Mapping Tool**
- reintroduce support for GNU map files ([d0e3053](d0e3053c4f))
set LDFLAGS="--no-warn-rwx-segments" for build of bl31.elf on iMX8, A64,
H5 and H6 socs. As the link fails with a non-zero exit code (because
of --fatal-warnings).
relevant commit:
- https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107
The ELF linker will now generate a warning message if the stack is made
executable. Similarly it will warn if the output binary contains a
segment with all three of the read, write and execute permission
bits set. These warnings are intended to help developers identify
programs which might be vulnerable to attack via these executable
memory regions. The warnings are enabled by default but can be
disabled via a command line option.
compile error:
LD atf-2.7/build/sun50i_a64/release/bl31/bl31.elf
aarch64-none-elf-ld.bfd: warning: atf-2.7/build/sun50i_a64/release/bl31/bl31.elf has a LOAD segment with RWX permissions
