docs/releases/1.3.0.rst

*************
Version 1.3.0
*************

New major features
==================

  - Support stateless RoT Service defined in FF-M 1.1 [1]_.
  - Support Second-Level Interrupt Handling (SLIH) defined in FF-M 1.1 [1]_.
  - Add Firmware Update (FWU) secure service, following Platform Security
    Architecture Firmware Update API [2]_.
  - Migrate to Mbed TLS v2.25.0.
  - Update MCUboot version to v1.7.2.
  - Add a TF-M generic threat model [3]_ .
  - Implement Fault Injection Handling library to mitigate physical attacks [4]_.
  - Add Profile Large [5]_.
  - Enable code sharing between boot loader and TF-M [6]_.
  - Support Armv8.1-M Privileged Execute Never (PXN) attribute and Thread
    reentrancy disabled (TRD) feature.
  - New platforms added.
    See :ref:`docs/releases/1.3.0:New platforms supported` for
    details.
  - Add a TF-M security landing page [7]_.
  - Enhance dual-cpu non-secure mailbox reference implementation.

New security advisories
=======================

Invoking secure functions from non-secure handler mode
------------------------------------------------------

Refer to :doc:`Advisory TFMV-2</docs/security/security_advisories/svc_caller_sp_fetching_vulnerability>`
for more details.
The mitigation is included in this release.

New platforms supported
=======================

  - Cortex-M23 based system:

    - `Nuvoton M2354.
      <https://www.nuvoton.com/board/numaker-m2354/>`_

  - Cortex-M55 based system:

    - `FPGA image loaded on MPS3 board (AN547).
      <https://developer.arm.com/products/system-design/development-boards/cortex-m-prototyping-systems/mps3>`_

  - Secure Enclave system:

    - :doc:`Musca-B1 Secure Enclave. </platform/ext/target/arm/musca_b1/secure_enclave/readme>`

Deprecated platforms
====================

The following platforms have been removed from TF-M code base.

  - SSE-200_AWS
  - AN539

See :doc:`Platform deprecation and removal </platform/ext/platform_deprecation>`
for other platforms under deprecation process.

Tested platforms
================

The following platforms are successfully tested in this release.

- AN519
- AN521
- AN524
- AN547
- LPCXpresso55S69
- MPS2 SSE300
- Musca-B1
- Musca-B1 Secure Enclave
- Musca-S1
- M2351
- M2354
- nrf5340dk
- nrf9160dk
- NUCLEO-L552ZE-Q
- PSoC 64
- STM32L562E-DK

Known issues
============

Some open issues exist and will not be fixed in this release.

.. list-table::

  * - **Descriptions**
    - **Issue links**

  * - | PSA Arch Crypto test suite have several known failures.
    - See this `link <https://developer.trustedfirmware.org/w/tf_m/release/psa_arch_crypto_test_failure_analysis_in_tf-m_v1.3_release/>`_
      for detailed analysis of the failures.

  * - | Protected Storage Regression test 4001 is stuck on SSE-300 in isolation
      | level 2 when PXN is enabled.
    - https://developer.trustedfirmware.org/T902

  * - | IPC Regression test fail when non-secure regression test is enabled and
      | secure regression test is disabled.
    - https://developer.trustedfirmware.org/T903

  * - | Panic test in PSA Arch IPC test suite generates inconsistent results
      | between Armclang and GNUARM.
    - https://developer.trustedfirmware.org/T909

Issues fixed since 1.2.0
========================

Issues fixed by TF-M since v1.2.0 are listed below.

.. list-table::

  * - **Descriptions**
    - **Issue links**

  * - | Dual-cpu NS mailbox initialization shall be executed after CMSIS-RTOS
      | RTX kernel initialization
    - https://developer.trustedfirmware.org/T904

Issues closed since 1.2.0
=========================

The following issues are closed since v1.2.0. These issues are related to
platform hardware limitations or 3rd-party tools and therefore won't be fixed by
TF-M.

.. list-table::

  * - **Descriptions**
    - **Issue links**

  * - | ``psa_verify_rsa()`` fails when PSA Crypto processes RSASSA-PSS
      | algorithm in CryptoCell-312.
      | Mbed TLS implementation of ``psa_verify_rsa()`` always passes
      | ``MBEDTLS_MD_NONE`` to ``mbedtls_rsa_rsassa_pss_verify()``.
      | However, CryptoCell-312 doesn't support MD5 and uses other algorithms
      | instead. Therefore, Mbed TLS implementation may fail when input
      | algorithm doesn't match other parameters.
    - https://github.com/ARMmbed/mbedtls/issues/3990

  * - | Regression tests fail with GNU Arm Embedded toolchain version
      | 10-2020-q4-major.
      | The support for CMSE feature is broken in version 10-2020-q4-major. The
      | fix will be available in future release version.
      | A note is added in :ref:`docs/getting_started/tfm_getting_started:Install a toolchain`.
    - https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99157

Reference
=========

  .. [1] `Arm Firmware Framework for M 1.1 Extensions <https://developer.arm.com/documentation/aes0039/latest>`_

  .. [2] `PSA Firmware Update API <https://developer.arm.com/documentation/ihi0093/latest/>`_

  .. [3] :doc:`TF-M generic threat model </docs/security/threat_models/generic_threat_model>`

  .. [4] :doc:`TF-M physical attack mitigation </docs/technical_references/tfm_physical_attack_mitigation>`

  .. [5] :doc:`TF-M Profile Large design </docs/technical_references/profiles/tfm_profile_large>`

  .. [6] :doc:`Code sharing between independently linked XIP binaries </docs/technical_references/code_sharing>`

  .. [7] :doc:`Security Handling </docs/security/security>`

--------------

*Copyright (c) 2021, Arm Limited. All rights reserved.*