Blame - docs/about/change-log.rst - TF-RMM/tf-rmm

blob: 168d304eb4d0a577e02be3b61589b291436abc41 [file] [log] [blame]

Soby Mathew	b4c6df4	2022-11-09 11:13:29 +0000	[diff] [blame]	1	.. SPDX-License-Identifier: BSD-3-Clause
				2	.. SPDX-FileCopyrightText: Copyright TF-RMM Contributors.
				3
				4	############################
				5	Change-log and Release notes
				6	############################
				7
				8	******
Soby Mathew	a7e3caf	2023-05-09 13:37:44 +0100	[diff] [blame]	9	v0.3.0
				10	******
				11
				12	The following sections have the details on the release. This release has been
				13	verified with `TF-A v2.9`_ release.
				14
				15	============================
				16	New features in this release
				17	============================
				18
				19	- Add support to create Realms which can make use of SVE, if present in
				20	hardware.
				21
				22	- Refactor the Stage 1 translation table library `lib/xlat` API to better
				23	fit RMM usage. Also harden dynamic mapping via slot buffer mechanism by
				24	use of ``TRANSIENT`` software defined attribute.
				25
				26	- Add PMU support for Realms as described by RMM v1.0 Beta0 specification.
				27
				28	- Support getting DRAM info from the Boot manifest dynamically at runtime.
				29
				30	* RMM can now support the 2nd DDR bank on FVP.
				31
				32	==========================
				33	Build/Testing improvements
				34	==========================
				35
				36	- Define a unit test framework using CppUTest for RMM.
				37
				38	- Add unittests for `granule`, `slot-buffer` and Stage 1 translation table lib
				39	`xlat`.
				40
				41	- Improve the ``fake-host`` mock capability by adding support for per PE sysreg
				42	emulation.
				43
				44	- Improve the VA to PA mock layer for ``fake-host``.
				45
				46	- Enable generation of gprof profiling data as part of ``fake-host`` runs.
				47
				48	- Improve the sample application on ``host-build`` platform by adding the cold
				49	attestation initialization flow. Also a sample minimal Realm create, run and
				50	destroy sequence is added to showcase the RMI calls involved.
				51
				52	- Further improvements to the the unit test framework :
				53
				54	* Restore the sysreg state between test runs so each test gets a known
				55	sysreg state.
				56	* Add capability to test assertions.
				57	* Support dynamic behaviour for test harness depending on requirement.
				58	* Add support for coverage report generation as part of unit test run.
				59
				60	- Build improvements in RMM:
				61
				62	* Move mbedTLS build from configure stage to build stage.
				63	* Simplify QCBOR build.
				64	* Fix build artefact directory path to better cater to multi-config builds.
				65
				66	=========================
				67	Bug fixes in this release
				68	=========================
				69
				70	- Remove HVC exit handling from RMI_REC_ENTER handler.
				71
				72	- Fix parameter in measurement_extend_sha512().
				73
				74	- Fix issues in `lib/xlat` for some corner cases.
				75
				76	- Mask MTE capability from `id_aa64pfr1_el1` so that Realms
				77	can see that MTE is not supported.
				78
				79	- Add isb() after writes to `cptr_el2` system register.
				80
				81	- Fix the granule alignment check on granule_addr.
				82
				83	- Fix some cppcheck warnings.
				84
				85	- Properly handle errors for granule (un)delegate calls.
				86
				87	- Fix the incorrect bit map manipulation for tracking VMID for realms.
				88
				89	- Fix some incorrect Block mapping cases in Stage 2 translation.
				90
				91	=================
				92	Upcoming features
				93	=================
				94
				95	- RMM EAC Specification alignment.
				96
				97	- Support Self-Hosted Debug Realms.
				98
				99	- Support FEAT_PAuth for Realms and utilize the same for RMM.
				100
				101	- Support LPA2 for Stage 2 Realm translation tables.
				102
				103	- Threat model covering RMM data flows.
				104
				105	- Enable Bounded Model Checker (CBMC) for source analysis.
				106
				107	- Save and restore SME/SME2 context belonging to NS Host. This allows NS Host
				108	to make use of SME/SME2 when Realms are scheduled.
				109
				110	============================
				111	Known issues and limitations
				112	============================
				113
				114	- The size of ``RsiHostCall`` structure is 256 bytes in the implementation
				115	and aligns to `RMM Beta1 specification`_ rather than the 4 KB size
				116	specified in `RMM Beta0 specification`_.
				117
				118	- The `RMM Beta0 specification`_ does not require to have a CBOR bytestream
				119	wrapper around the cca-platform-token and cca-realm-delegated-token, but
				120	the RMM implementation does so and this is aligned with later versions
				121	of the RMM specification (Beta2 onwards).
				122
				123	- The RMM config ``RMM_FPU_USE_AT_REL2`` does not work as intended and
				124	this config is disabled by default. This will be fixed in a future release.
				125
				126	.. _TF-A v2.9: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tag/?h=v2.9.0
				127
				128
				129	******
Soby Mathew	8fc82c5	2022-11-21 12:35:41 +0000	[diff] [blame]	130	v0.2.0
				131	******
				132
				133	- This release has been verified with `TF-A v2.8`_ release.
				134
				135	- The release has the following fixes and enhancements:
				136
				137	* Add support to render documentation on read-the-docs.
				138	* Fix the known issue with RSI_IPA_STATE_GET returning
				139	``RSI_ERROR_INPUT`` for a `destroyed` IPA instead of
				140	emulating data abort to NS Host.
				141	* Fix an issue with RSI_HOST_CALL not returning back to Host
				142	to emulate a stage2 data abort.
				143	* Harden an assertion check for ``do_host_call()``.
				144
				145	- The other known issues and limitations remain the same as
				146	listed for v0.1.0_.
				147
				148	.. _TF-A v2.8: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tag/?h=v2.8.0
				149
				150	******
Soby Mathew	b4c6df4	2022-11-09 11:13:29 +0000	[diff] [blame]	151	v0.1.0
				152	******
				153
				154	- First TF-RMM source release aligned to `RMM Beta0 specification`_.
				155	The specified interfaces : Realm Management Interface (RMI) and
				156	Realm Service Interface (RSI) are implemented which can attest
				157	and run Realm VMs as described by the `Arm CCA`_ Architecture.
				158
				159	=================
				160	Upcoming features
				161	=================
				162
				163	- Support SVE, Self-Hosted Debug and PMU in Realms
				164	- Support LPA2 for Stage 2 Realm translation tables.
				165	- Threat model covering RMM data flows.
				166	- Enable Bounded Model Checker (CBMC) for source analysis.
				167	- Unit test framework based on :ref:`RMM Fake host architecture`.
				168
				169	============================
				170	Known issues and limitations
				171	============================
				172
				173	The following is a list of issues which are expected to be fixed in the future
				174	releases of TF-RMM :
				175
				176	- The size of ``RsiHostCall`` structure is 256 bytes in the implementation
				177	and aligns to `RMM Beta1 specification`_ rather than the 4 KB size
				178	specified in `RMM Beta0 specification`_.
				179
				180	- The RSI_IPA_STATE_GET command returns error ``RSI_ERROR_INPUT`` for a
				181	`destroyed` IPA instead of emulating data abort to Host.
				182
				183	- The `RMM Beta0 specification`_ does not require to have a CBOR bytestream
				184	wrapper around the cca-platform-token and cca-realm-delegated-token, but
				185	the RMM implementation does so.
				186
				187	---------------------------
				188
				189	.. _RMM Beta0 specification: https://developer.arm.com/documentation/den0137/1-0bet0/?lang=en
				190	.. _RMM Beta1 specification: https://developer.arm.com/documentation/den0137/1-0bet1/?lang=en
				191	.. _Arm CCA: https://www.arm.com/architecture/security-features/arm-confidential-compute-architecture