docs/releases/1.5.0.rst - sandbox/pfalcon/trusted-firmware-m - TrustedFirmware Git Browser

 :orphan:

 *************
 Version 1.5.0
 *************

 New major features
 ==================

   - MCUboot updated to v1.8.0.
   - :doc:`Floating-Point(FP) support in SPE only </integration_guide/tfm_fpu_support>`.
   - Thread mode SPM.
   - Add Non-secure Client Extension (NSCE) for non-secure client ID management
     support.
   - Secure Function model support in framework.
   - Support Memory-mapped IOVECs.
   - Decouple documentation and binary builds.
   - Manifest tool skips disabled Secure Partitions.
   - Provisioning and OTP are supported.
   - PSA Protected Storage, Internal Trusted Storage, Initial Attestation
     services are converted to Stateless services.
   - Support out-of-tree build of Secure Partitions.
   - Support out-of-tree build of platform specific test suites.
   - Introduce platform binding HAL.
   - ITS enhancement for harden ITS module against invalid data in Flash.
   - Support to select/deselect single or multiple TF-M regression test cases.
   - Decouple regression test flag configuration from TF-M.
   - New platforms added.
     See :ref:`releases/1.5.0:New platforms supported` for details.

 New security advisories
 =======================

 Profile Small key ID encoding vulnerability
 -------------------------------------------

 NSPE may access secure keys stored in TF-M Crypto service in Profile Small with
 Crypto key ID encoding disabled.
 Refer to :doc:`Advisory TFMV-4 </security/security_advisories/profile_small_key_id_encoding_vulnerability>`
 for more details.
 The mitigation is included in this release.

 New platforms supported
 =======================

   - :doc:`Corstone-1000 </platform/arm/corstone1000/readme>`

   - :doc:`Corstone-Polaris </platform/arm/mps3/corstone310/README>`

   - :doc:`B-U585I-IOT02A </platform/stm/b_u585i_iot02a/readme>`

 Deprecated platforms
 ====================

 The following platform has been removed from TF-M code base.

   - arm/mps2/fvp_sse300

 See :doc:`/integration_guide/platform/platform_deprecation`
 for other platforms under deprecation process.

 Tested platforms
 ================

 The following platforms are successfully tested in this release.

 - AN519
 - AN521
 - AN547
 - Musca-B1
 - Musca-S1
 - STM32L562E-DK
 - PSoC 64
 - B-U585I-IOT02A
 - NUCLEO-L552ZE-Q
 - nRF5340
 - nRF9160

 Known issues
 ============

 Some open issues are not fixed in this release.

 .. list-table::

   * - **Descriptions**
     - **Issue links**

   * - | PSA Arch Crypto test suite have several known failures.
     - See this `link <https://developer.trustedfirmware.org/w/tf_m/release/psa_arch_crypto_test_failure_analysis_in_tf-m_v1.5_release/>`_
       for detailed analysis of the failures.

   * - | Armclang 6.17 generates STRBT instead of STRB in privileged code.
       | MemManage fault occurs when the privileged code calls STRBT to access
       | a memory location only for privileged access.
       | The root cause is still under analysis by Armclang. Please use other
       | Armclang versions instead.
     - https://developer.trustedfirmware.org/T979

 Issues closed since v1.4.0
 ==========================

 The following issues in v1.4.0 known issues list are closed. These issues are
 related to platform hardware limitations or deprecated platforms and therefore
 won't be fixed by TF-M.

 .. list-table::

   * - **Descriptions**
     - **Issue links**

   * - | Protected Storage Regression test 4001 is stuck on SSE-300 in isolation
       | level 2 when PXN is enabled.
     - https://developer.trustedfirmware.org/T902

   * - | Image size overflow on Musca-B1 PSA Arch test suite debug build.
     - https://developer.trustedfirmware.org/T952

   * - | Build errors in PSA api tests for initial attestation.
     - https://developer.trustedfirmware.org/T953

   * - | Non Secure Image size overflow on STM32L562E-DK PSA Arch Crypto.
     - https://developer.trustedfirmware.org/T954

 --------------

 *Copyright (c) 2021-2022, Arm Limited. All rights reserved.*
	:orphan:

	*************
	Version 1.5.0
	*************

	New major features
	==================

	- MCUboot updated to v1.8.0.
	- :doc:`Floating-Point(FP) support in SPE only </integration_guide/tfm_fpu_support>`.
	- Thread mode SPM.
	- Add Non-secure Client Extension (NSCE) for non-secure client ID management
	support.
	- Secure Function model support in framework.
	- Support Memory-mapped IOVECs.
	- Decouple documentation and binary builds.
	- Manifest tool skips disabled Secure Partitions.
	- Provisioning and OTP are supported.
	- PSA Protected Storage, Internal Trusted Storage, Initial Attestation
	services are converted to Stateless services.
	- Support out-of-tree build of Secure Partitions.
	- Support out-of-tree build of platform specific test suites.
	- Introduce platform binding HAL.
	- ITS enhancement for harden ITS module against invalid data in Flash.
	- Support to select/deselect single or multiple TF-M regression test cases.
	- Decouple regression test flag configuration from TF-M.
	- New platforms added.
	See :ref:`releases/1.5.0:New platforms supported` for details.

	New security advisories
	=======================

	Profile Small key ID encoding vulnerability
	-------------------------------------------

	NSPE may access secure keys stored in TF-M Crypto service in Profile Small with
	Crypto key ID encoding disabled.
	Refer to :doc:`Advisory TFMV-4 </security/security_advisories/profile_small_key_id_encoding_vulnerability>`
	for more details.
	The mitigation is included in this release.

	New platforms supported
	=======================

	- :doc:`Corstone-1000 </platform/arm/corstone1000/readme>`

	- :doc:`Corstone-Polaris </platform/arm/mps3/corstone310/README>`

	- :doc:`B-U585I-IOT02A </platform/stm/b_u585i_iot02a/readme>`

	Deprecated platforms
	====================

	The following platform has been removed from TF-M code base.

	- arm/mps2/fvp_sse300

	See :doc:`/integration_guide/platform/platform_deprecation`
	for other platforms under deprecation process.

	Tested platforms
	================

	The following platforms are successfully tested in this release.

	- AN519
	- AN521
	- AN547
	- Musca-B1
	- Musca-S1
	- STM32L562E-DK
	- PSoC 64
	- B-U585I-IOT02A
	- NUCLEO-L552ZE-Q
	- nRF5340
	- nRF9160

	Known issues
	============

	Some open issues are not fixed in this release.

	.. list-table::

	* - Descriptions
	- Issue links

	* - \| PSA Arch Crypto test suite have several known failures.
	- See this `link <https://developer.trustedfirmware.org/w/tf_m/release/psa_arch_crypto_test_failure_analysis_in_tf-m_v1.5_release/>`_
	for detailed analysis of the failures.

	* - \| Armclang 6.17 generates STRBT instead of STRB in privileged code.
	\| MemManage fault occurs when the privileged code calls STRBT to access
	\| a memory location only for privileged access.
	\| The root cause is still under analysis by Armclang. Please use other
	\| Armclang versions instead.
	- https://developer.trustedfirmware.org/T979

	Issues closed since v1.4.0
	==========================

	The following issues in v1.4.0 known issues list are closed. These issues are
	related to platform hardware limitations or deprecated platforms and therefore
	won't be fixed by TF-M.

	.. list-table::

	* - Descriptions
	- Issue links

	* - \| Protected Storage Regression test 4001 is stuck on SSE-300 in isolation
	\| level 2 when PXN is enabled.
	- https://developer.trustedfirmware.org/T902

	* - \| Image size overflow on Musca-B1 PSA Arch test suite debug build.
	- https://developer.trustedfirmware.org/T952

	* - \| Build errors in PSA api tests for initial attestation.
	- https://developer.trustedfirmware.org/T953

	* - \| Non Secure Image size overflow on STM32L562E-DK PSA Arch Crypto.
	- https://developer.trustedfirmware.org/T954

	--------------

	Copyright (c) 2021-2022, Arm Limited. All rights reserved.