| Galanakis, Minos | 6ccf7ec | 2019-11-07 15:15:05 +0000 | [diff] [blame] | 1 | ################## |
| 2 | Trusted Firmware M |
| 3 | ################## |
| 4 | Trusted Firmware M provides a reference implementation of secure world software |
| 5 | for ARMv8-M. |
| 6 | |
| 7 | .. Note:: |
| 8 | The software implementation contained in this project is designed to be a |
| 9 | reference implementation of the Platform Security Architecture (PSA). |
| 10 | It currently does not implement all the features of that architecture, |
| 11 | however we expect the code to evolve along with the specifications. |
| 12 | |
| 13 | Terms ``TFM`` and ``TF-M`` are commonly used in documents and code and both |
| 14 | refer to ``Trusted Firmware M.`` :doc:`Glossary </docs/glossary>` has the list |
| 15 | of terms and abbreviations. |
| 16 | |
| 17 | ####### |
| 18 | License |
| 19 | ####### |
| 20 | The software is provided under a BSD-3-Clause :doc:`License </docs/lic>`. |
| 21 | Contributions to this project are accepted under the same license with developer |
| Galanakis, Minos | 0c1ad78 | 2019-11-08 11:28:40 +0000 | [diff] [blame] | 22 | sign-off as described in the :doc:`Contributing Guidelines </docs/processes/contributing>`. |
| Galanakis, Minos | 6ccf7ec | 2019-11-07 15:15:05 +0000 | [diff] [blame] | 23 | |
| 24 | This project contains code from other projects as listed below. The code from |
| 25 | external projects is limited to ``app`` and ``platform`` folders. |
| 26 | The original license text is included in those source files. |
| 27 | |
| 28 | - The ``platform`` folder currently contains drivers imported from external |
| 29 | project and the files have Apache 2.0 license. |
| 30 | - The ``app`` folder contains files imported from CMSIS_5 project and the files |
| 31 | have Apache 2.0 license. |
| 32 | - The ``bl2`` folder contains files imported from MCUBoot project and the files |
| 33 | have Apache 2.0 license. |
| 34 | |
| 35 | .. Note:: |
| 36 | Any code that has license other than BSD-3-Clause is kept in specific sub |
| 37 | folders named ``ext`` so that it can isolated if required. |
| 38 | |
| 39 | ############ |
| 40 | This Release |
| 41 | ############ |
| 42 | This release includes: |
| 43 | |
| 44 | - A Secure FW with support for PSA Level 1 and 2 isolation on Armv8-M. |
| 45 | - The Interfaces exposed by the Secure FW to NS side. |
| 46 | - A secure fw model with NS application example. |
| 47 | - Secure services running within this SPE: |
| 48 | |
| 49 | - Secure Storage Service (PSA Protected Storage API - 1.0-beta-2) |
| 50 | - Attestation (PSA API 1.0-beta-0) |
| 51 | - Crypto Service (PSA API 1.0-beta-1) |
| 52 | - TF-M Audit Log |
| 53 | - Platform Service |
| 54 | - Internal Trusted Storage (PSA API 1.0.0) |
| 55 | |
| 56 | - PSA IPC support |
| 57 | - Support for Armv8-M mainline and baseline |
| 58 | - Testcases running baremetal and with RTX to test the functionality. |
| 59 | - BL2 bootloader for image authentication based on SHA256 and RSA-3072 |
| 60 | digital signature. |
| 61 | - Build system based on cmake, supporting armclang and GNU Arm. |
| Tamas Ban | ece0307 | 2019-11-26 12:17:50 +0000 | [diff] [blame^] | 62 | - Support for integrated CryptoCell-312 cryptographic hardware accelerator |
| 63 | on Musca-B1 platform. |
| Galanakis, Minos | 6ccf7ec | 2019-11-07 15:15:05 +0000 | [diff] [blame] | 64 | |
| 65 | ********* |
| 66 | Platforms |
| 67 | ********* |
| 68 | Current release has been tested on: |
| 69 | |
| 70 | - Cortex M33 based SSE-200 system: |
| 71 | |
| 72 | - `FPGA image loaded on MPS2 board. |
| 73 | <https://developer.arm.com/products/system-design/development-boards/cortex-m-prototyping-systems/mps2>`__ |
| 74 | - `Fast model FVP_MPS2_AEMv8M. |
| 75 | <https://developer.arm.com/products/system-design/fixed-virtual-platforms>`__ |
| 76 | - `Musca-A test chip board. |
| 77 | <https://developer.arm.com/products/system-design/development-boards/iot-test-chips-and-boards/musca-a-test-chip-board>`__ |
| 78 | - `Musca-B1 test chip board. |
| 79 | <https://developer.arm.com/products/system-design/development-boards/iot-test-chips-and-boards/musca-b-test-chip-board>`__ |
| Tamas Ban | ece0307 | 2019-11-26 12:17:50 +0000 | [diff] [blame^] | 80 | - `Musca-S1 test chip board.` |
| Galanakis, Minos | 6ccf7ec | 2019-11-07 15:15:05 +0000 | [diff] [blame] | 81 | - `FPGA image loaded on MPS3 board. |
| 82 | <https://developer.arm.com/tools-and-software/development-boards/fpga-prototyping-boards/mps3>`__ |
| 83 | |
| 84 | - Cortex M23 based IoT Kit system: |
| 85 | |
| 86 | - `FPGA image loaded on MPS2 board. |
| 87 | <https://developer.arm.com/products/system-design/development-boards/cortex-m-prototyping-systems/mps2>`__ |
| 88 | |
| 89 | ############### |
| 90 | Getting Started |
| 91 | ############### |
| 92 | |
| 93 | ************ |
| 94 | Prerequisite |
| 95 | ************ |
| 96 | Trusted Firmware M provides a reference implementation of PSA specifications. |
| 97 | It is assumed that the reader is familiar with PSA concepts and terms. PSA |
| 98 | specifications are currently not available in the public domain. |
| 99 | |
| 100 | The current TF-M implementation specifically targets TrustZone for ARMv8-M so a |
| 101 | good understanding of the v8-M architecture is also necessary. A good place to |
| 102 | get started with ARMv8-M is |
| 103 | `developer.arm.com <https://developer.arm.com/technologies/trustzone>`__. |
| 104 | |
| 105 | ********************** |
| 106 | Really getting started |
| 107 | ********************** |
| 108 | Trusted Firmware M source code is available on `git.trustedfirmware.org |
| 109 | <https://git.trustedfirmware.org/trusted-firmware-m.git/>`__ |
| 110 | |
| 111 | To build & run TF-M: |
| 112 | |
| 113 | - Follow the :doc:`SW requirements guide </docs/user_guides/tfm_sw_requirement>` |
| 114 | to set up your environment. |
| 115 | - Follow the |
| 116 | :doc:`Build instructions </docs/user_guides/tfm_build_instruction>` to compile |
| 117 | and build the TF-M source. |
| 118 | - Follow the :doc:`User guide </docs/user_guides/tfm_user_guide>` for information |
| 119 | on running the example. |
| 120 | |
| 121 | To port TF-M to a another system or OS, follow the |
| 122 | :doc:`OS Integration Guide </docs/user_guides/tfm_integration_guide>` |
| 123 | |
| 124 | Please also see the :doc:`glossary </docs/glossary>` of terms used in the project. |
| 125 | |
| Galanakis, Minos | 0c1ad78 | 2019-11-08 11:28:40 +0000 | [diff] [blame] | 126 | :doc:`Contributing Guidelines </docs/processes/contributing>` contains guidance on how to |
| Galanakis, Minos | 6ccf7ec | 2019-11-07 15:15:05 +0000 | [diff] [blame] | 127 | contribute to this project. |
| 128 | |
| 129 | Further documents can be found in the ``docs`` folder. |
| 130 | |
| 131 | |
| 132 | #################### |
| 133 | Feedback and support |
| 134 | #################### |
| 135 | For this early access release, feedback is requested via email to |
| 136 | `support-trustedfirmware-m@arm.com <support-trustedfirmware-m@arm.com>`__. |
| 137 | |
| 138 | ############### |
| 139 | Version history |
| 140 | ############### |
| 141 | +-------------+--------------+--------------------+ |
| 142 | | Version | Date | Description | |
| 143 | +=============+==============+====================+ |
| 144 | | v1.0-beta | 2019-02-15 | 1.0-beta release | |
| 145 | +-------------+--------------+--------------------+ |
| 146 | | v1.0-RC1 | 2019-05-31 | 1.0-RC1 release | |
| 147 | +-------------+--------------+--------------------+ |
| 148 | | v1.0-RC2 | 2019-10-09 | 1.0-RC2 release | |
| 149 | +-------------+--------------+--------------------+ |
| Tamas Ban | ece0307 | 2019-11-26 12:17:50 +0000 | [diff] [blame^] | 150 | | v1.0-RC3 | 2019-11-29 | 1.0-RC3 release | |
| 151 | +-------------+--------------+--------------------+ |
| Galanakis, Minos | 6ccf7ec | 2019-11-07 15:15:05 +0000 | [diff] [blame] | 152 | |
| 153 | -------------- |
| 154 | |
| 155 | *Copyright (c) 2017-2019, Arm Limited. All rights reserved.* |