Merge "docs: Updating Change log for v2.3 Release" into integration

5 years ago · f9b546f652
2 changed files with 532 additions and 26 deletions
--- a/docs/change-log-upcoming.rst
+++ b/docs/change-log-upcoming.rst
@ -7,7 +7,7 @@ of this file will be moved to the collective change-log.rst file at the time of
 release code freeze.
-Upcoming Release Version 2.3
+Upcoming Release Version 2.4
 ----------------------------
 **Trusted Firmware-A Contributors,
@ -20,56 +20,35 @@ New Features
 ^^^^^^^^^^^^
 - Arm Architecture
   - Add support for Armv8.4-SecEL2 extension through the SPCI defined SPMD/SPMC
     components.
   - Build option to support EL2 context save and restore in the secure world
     (CTX_INCLUDE_EL2_REGS).
   - Example: "Add support for Branch Target Identification (BTI)"
 - BL-specific
-   - Enhanced BL2 bootloader flow to load secure partitions based on firmware
+   - Example: "Enhanced BL2 bootloader flow to load secure partitions based
-     configuration data (fconf).
+     on firmware configuration data (fconf)."
 - Build System
-   - Add support for documentation build as a target in Makefile
+   - Example: "Modify FVP makefile for CPUs that support both AArch64/32"
   - Add ``COT`` build option to select the chain of trust to use when the
     Trusted Boot feature is enabled (default: ``tbbr``).
   - Added creation and injection of secure partition packages into the FIP.
   - Build option to support SPMC component loading and run at S-EL1
     or S-EL2 (SPMD_SPM_AT_SEL2).
 - CPU Support
   - Example: "cortex-a55: Workaround for erratum 1221012"
   - Use Speculation Barrier instruction for v8.5+ cores
 - Drivers
   - Example: "console: Allow the console to register multiple times"
 - Libraries
   - Example: "Introduce BTI support in Library at ROM (romlib)"
   - Add Firmware Configuration Framework (fconf).
   - Add DebugFS functionality
 - New Platforms Support
   - Example: "qemu/qemu_sbsa: New platform support added for QEMU SBSA platform"
 - Platforms
   - Example: "arm/common: Introduce wrapper functions to setup secure watchdog"
   - plat/arm: Add support for the new `dualroot` chain of trust.
   - plat/arm/fvp: Add support for fconf in BL31 and SP_MIN. Populate power
     domain desciptor dynamically by leveraging fconf APIs.
 - PSCI
   - Example: "Adding new optional PSCI hook ``pwr_domain_on_finish_late``"
 - Security
   - Example: "UBSAN support and handlers"
   - Add support for optional firmware encryption feature (experimental).
   - Introduce a new `dualroot` chain of trust.
   - aarch32: stop speculative execution past exception returns.
 - SPCI
   - Introduced the SPM Dispatcher (SPMD) component as a new standard service.
 - Tools
   - Example: "fiptool: Add support to build fiptool on Windows."
@ -103,7 +82,6 @@ Changed
   - Example: "Refactor SPSR initialisation code"
 - Tools
   - sptool updated to accomodate building secure partition packages.
   - Example: "cert_create: Remove RSA PKCS#1 v1.5 support"
--- a/docs/change-log.rst
+++ b/docs/change-log.rst
@ -4,6 +4,534 @@ Change Log & Release Notes
 This document contains a summary of the new features, changes, fixes and known
 issues in each release of Trusted Firmware-A.
 Version 2.3
 -----------
 New Features
 ^^^^^^^^^^^^
 - Arm Architecture
   - Add support for Armv8.4-SecEL2 extension through the SPCI defined SPMD/SPMC
     components.
   - Build option to support EL2 context save and restore in the secure world
     (CTX_INCLUDE_EL2_REGS).
   - Add support for SMCCC v1.2 (introducing the new SMCCC_ARCH_SOC_ID SMC).
     Note that the support is compliant, but the SVE registers save/restore will
     be done as part of future S-EL2/SPM development.
 - BL-specific
   - Enhanced BL2 bootloader flow to load secure partitions based on firmware
     configuration data (fconf).
   - Changes necessary to support SEPARATE_NOBITS_REGION feature
   - TSP and BL2_AT_EL3: Add Position Independent Execution ``PIE`` support
 - Build System
   - Add support for documentation build as a target in Makefile
   - Add ``COT`` build option to select the chain of trust to use when the
     Trusted Boot feature is enabled (default: ``tbbr``).
   - Added creation and injection of secure partition packages into the FIP.
   - Build option to support SPMC component loading and run at S-EL1
     or S-EL2 (SPMD_SPM_AT_SEL2).
   - Enable MTE support
   - Enable Link Time Optimization in GCC
   - Enable -Wredundant-decls warning check
   - Makefile: Add support to optionally encrypt BL31 and BL32
   - Add support to pass the nt_fw_config DTB to OP-TEE.
   - Introduce per-BL ``CPPFLAGS``, ``ASFLAGS``, and ``LDFLAGS``
   - build_macros: Add CREATE_SEQ function to generate sequence of numbers
 - CPU Support
   - cortex-a57: Enable higher performance non-cacheable load forwarding
   - Hercules: Workaround for Errata 1688305
   - Klein: Support added for Klein CPU
   - Matterhorn: Support added for Matterhorn CPU
 - Drivers
   - auth: Add ``calc_hash`` function for hash calculation. Used for
     authentication of images when measured boot is enabled.
   - cryptocell: Add authenticated decryption framework, and support
     for CryptoCell-713 and CryptoCell-712 RSA 3K
   - gic600: Add support for multichip configuration and Clayton
   - gicv3: Introduce makefile, Add extended PPI and SPI range,
     Add support for probing multiple GIC Redistributor frames
   - gicv4: Add GICv4 extension for GIC driver
   - io: Add an IO abstraction layer to load encrypted firmwares
   - mhu: Derive doorbell base address
   - mtd: Add SPI-NOR, SPI-NAND, SPI-MEM, and raw NAND framework
   - scmi: Allow use of multiple SCMI channels
   - scu: Add a driver for snoop control unit
 - Libraries
   - coreboot: Add memory range parsing and use generic base address
   - compiler_rt: Import popcountdi2.c and popcountsi2.c files,
     aeabi_ldivmode.S file and dependencies
   - debugFS: Add DebugFS functionality
   - el3_runtime: Add support for enabling S-EL2
   - fconf: Add Firmware Configuration Framework (fconf) (experimental).
   - libc: Add memrchr function
   - locks: bakery: Use is_dcache_enabled() helper and add a DMB to
     the 'read_cache_op' macro
   - psci: Add support to enable different personality of the same soc.
   - xlat_tables_v2: Add support to pass shareability attribute for
     normal memory region, use get_current_el_maybe_constant() in
     is_dcache_enabled(), read-only xlat tables for BL31 memory, and
     add enable_mmu()
 - New Platforms Support
   - arm/arm_fpga: New platform support added for FPGA
   - arm/rddaniel: New platform support added for rd-daniel platform
   - brcm/stingray: New platform support added for Broadcom stingray platform
   - nvidia/tegra194: New platform support for Nvidia Tegra194 platform
 - Platforms
   - allwinner: Implement PSCI system suspend using SCPI, add a msgbox
     driver for use with SCPI, and reserve and map space for the SCP firmware
   - allwinner: axp: Add AXP805 support
   - allwinner: power: Add DLDO4 power rail
   - amlogic: axg: Add a build flag when using ATOS as BL32 and support for
     the A113D (AXG) platform
   - arm/a5ds: Add ethernet node and L2 cache node in devicetree
   - arm/common: Add support for the new `dualroot` chain of trust
   - arm/common: Add support for SEPARATE_NOBITS_REGION
   - arm/common: Re-enable PIE when RESET_TO_BL31=1
   - arm/common: Allow boards to specify second DRAM Base address
     and to define PLAT_ARM_TZC_FILTERS
   - arm/cornstone700: Add support for mhuv2 and stack protector
   - arm/fvp: Add support for fconf in BL31 and SP_MIN. Populate power
     domain desciptor dynamically by leveraging fconf APIs.
   - arm/fvp: Add Cactus/Ivy Secure Partition information and use two
     instances of Cactus at S-EL1
   - arm/fvp: Add support to run BL32 in TDRAM and BL31 in secure DRAM
   - arm/fvp: Add support for GICv4 extension and BL2 hash calculation in BL1
   - arm/n1sdp: Setup multichip gic routing table, update platform macros
     for dual-chip setup, introduce platform information SDS region, add
     support to update presence of External LLC, and enable the
     NEOVERSE_N1_EXTERNAL_LLC flag
   - arm/rdn1edge: Add support for dual-chip configuration and use
     CREATE_SEQ helper macro to compare chip count
   - arm/sgm: Always use SCMI for SGM platforms
   - arm/sgm775: Add support for dynamic config using fconf
   - arm/sgi: Add multi-chip mode parameter in HW_CONFIG dts, macros for
     remote chip device region, chip_id and multi_chip_mode to platform
     variant info, and introduce number of chips macro
   - brcm: Add BL2 and BL31 support common across Broadcom platforms
   - brcm: Add iproc SPI Nor flash support, spi driver, emmc driver,
     and support to retrieve plat_toc_flags
   - hisilicon: hikey960: Enable system power off callback
   - intel: Enable bridge access, SiP SMC secure register access, and uboot
     entrypoint support
   - intel: Implement platform specific system reset 2
   - intel: Introduce mailbox response length handling
   - imx: console: Use CONSOLE_T_BASE for UART base address and generic console_t
     data structure
   - imx8mm: Provide uart base as build option and add the support for opteed spd
     on imx8mq/imx8mm
   - imx8qx: Provide debug uart num as build
   - imx8qm: Apply clk/pinmux configuration for DEBUG_CONSOLE and provide debug
     uart num as build param
   - marvell: a8k: Implement platform specific power off and add support
     for loading MG CM3 images
   - mediatek: mt8183: Add Vmodem/Vcore DVS init level
   - qemu: Support optional encryption of BL31 and BL32 images
     and ARM_LINUX_KERNEL_AS_BL33 to pass FDT address
   - qemu: Define ARMV7_SUPPORTS_VFP
   - qemu: Implement PSCI_CPU_OFF and qemu_system_off via semihosting
   - renesas: rcar_gen3: Add new board revision for M3ULCB
   - rockchip: Enable workaround for erratum 855873, claim a macro to enable
     hdcp feature for DP, enable power domains of rk3399 before reset, add
     support for UART3 as serial output, and initialize reset and poweroff
     GPIOs with known invalid value
   - rpi: Implement PSCI CPU_OFF, use MMIO accessor, autodetect Mini-UART
     vs. PL011 configuration, and allow using PL011 UART for RPi3/RPi4
   - rpi3: Include GPIO driver in all BL stages and use same "clock-less"
     setup scheme as RPi4
   - rpi3/4: Add support for offlining CPUs
   - st: stm32mp1: platform.mk: Support generating multiple images in one build,
     migrate to implicit rules, derive map file name from target name, generate
     linker script with fixed name, and use PHONY for the appropriate targets
   - st: stm32mp1: Add support for SPI-NOR, raw NAND, and SPI-NAND boot device,
     QSPI, FMC2 driver
   - st: stm32mp1: Use stm32mp_get_ddr_ns_size() function, set XN attribute for
     some areas in BL2, dynamically map DDR later and non-cacheable during its
     test, add a function to get non-secure DDR size, add DT helper for reg by
     name, and add compilation flags for boot devices
   - socionext: uniphier: Turn on ENABLE_PIE
   - ti: k3: Add PIE support
   - xilinx: versal: Add set wakeup source, client wakeup, query data, request
     wakeup, PM_INIT_FINALIZE, PM_GET_TRUSTZONE_VERSION, PM IOCTL, support for
     suspend related, and Get_ChipID APIs
   - xilinx: versal: Implement power down/restart related EEMI, SMC handler for
     EEMI, PLL related PM, clock related PM, pin control related PM, reset related
     PM, device related PM , APIs
   - xilinx: versal: Enable ipi mailbox service
   - xilinx: versal: Add get_api_version support and support to send PM API to PMC
     using IPI
   - xilinx: zynqmp: Add checksum support for IPI data, GET_CALLBACK_DATA
     function, support to query max divisor, CLK_SET_RATE_PARENT in gem clock
     node, support for custom type flags, LPD WDT clock to the pm_clock structure,
     idcodes for new RFSoC silicons ZU48DR and ZU49DR, and id for new RFSoC device
     ZU39DR
 - Security
   - Use Speculation Barrier instruction for v8.5+ cores
   - Add support for optional firmware encryption feature (experimental).
   - Introduce a new `dualroot` chain of trust.
   - aarch64: Prevent speculative execution past ERET
   - aarch32: Stop speculative execution past exception returns.
 - SPCI
   - Introduced the Secure Partition Manager Dispatcher (SPMD) component as a
     new standard service.
 - Tools
   - cert_create: Introduce CoT build option and TBBR CoT makefile,
     and define the dualroot CoT
   - encrypt_fw: Add firmware authenticated encryption tool
   - memory: Add show_memory script that prints a representation
     of the memory layout for the latest build
 Changed
 ^^^^^^^
 - Arm Architecture
   - PIE: Make call to GDT relocation fixup generalized
 - BL-Specific
   - Increase maximum size of BL2 image
   - BL31: Discard .dynsym .dynstr .hash sections to make ENABLE_PIE work
   - BL31: Split into two separate memory regions
   - Unify BL linker scripts and reduce code duplication.
 - Build System
   - Changes to drive cert_create for dualroot CoT
   - Enable -Wlogical-op always
   - Enable -Wshadow always
   - Refactor the warning flags
   - PIE: Pass PIE options only to BL31
   - Reduce space lost to object alignment
   - Set lld as the default linker for Clang builds
   - Remove -Wunused-const-variable and -Wpadded warning
   - Remove -Wmissing-declarations warning from WARNING1 level
 - Drivers
   - authentication: Necessary fix in drivers to upgrade to mbedtls-2.18.0
   - console: Integrate UART base address in generic console_t
   - gicv3: Change API for GICR_IPRIORITYR accessors and separate
     GICD and GICR accessor functions
   - io: Change seek offset to signed long long and panic in case
     of io setup failure
   - smmu: SMMUv3: Changed retry loop to delay timer
   - tbbr: Reduce size of hash and ECDSA key buffers when possible
 - Library Code
   - libc: Consolidate the size_t, unified, and NULL definitions,
     and unify intmax_t and uintmax_t on AArch32/64
   - ROMLIB: Optimize memory layout when ROMLIB is used
   - xlat_tables_v2: Use ARRAY_SIZE in REGISTER_XLAT_CONTEXT_FULL_SPEC,
     merge REGISTER_XLAT_CONTEXT_{FULL_SPEC,RO_BASE_TABLE},
     and simplify end address checks in mmap_add_region_check()
 - Platforms
   - allwinner: Adjust SRAM A2 base to include the ARISC vectors, clean up MMU
     setup, reenable USE_COHERENT_MEM, remove unused include path, move the
     NOBITS region to SRAM A1, convert AXP803 regulator setup code into a driver,
     enable clock before resetting I2C/RSB
   - allwinner: h6: power: Switch to using the AXP driver
   - allwinner: a64: power: Use fdt_for_each_subnode, remove obsolete register
     check, remove duplicate DT check, and make sunxi_turn_off_soc static
   - allwinner: Build PMIC bus drivers only in BL31, clean up PMIC-related error
     handling, and synchronize PMIC enumerations
   - arm/a5ds: Change boot address to point to DDR address
   - arm/common: Check for out-of-bound accesses in the platform io policies
   - arm/corstone700: Updating the kernel arguments to support initramfs,
     use fdts DDR memory and XIP rootfs, and set UART clocks to 32MHz
   - arm/fvp: Modify multithreaded dts file of DynamIQ FVPs, slightly bump
     the stack size for bl1 and bl2, remove re-definition of topology related
     build options, stop reclaiming init code with Clang builds, and map only
     the needed DRAM region statically in BL31/SP_MIN
   - arm/juno: Maximize space allocated to SCP_BL2
   - arm/sgi: Bump bl1 RW limit, mark remote chip shared ram as non-cacheable,
     move GIC related constants to board files, include AFF3 affinity in core
     position calculation, move bl31_platform_setup to board file, and move
     topology information to board folder
   - common: Refactor load_auth_image_internal().
   - hisilicon: Remove uefi-tools in hikey and hikey960 documentation
   - intel: Modify non secure access function, BL31 address mapping, mailbox's
     get_config_status, and stratix10 BL31 parameter handling
   - intel: Remove un-needed checks for qspi driver r/w and s10 unused source code
   - intel: Change all global sip function to static
   - intel: Refactor common platform code
   - intel: Create SiP service header file
   - marvell: armada: scp_bl2: Allow loading up to 8 images
   - marvell: comphy-a3700: Support SGMII COMPHY power off and fix USB3
     powering on when on lane 2
   - marvell: Consolidate console register calls
   - mediatek: mt8183: Protect 4GB~8GB dram memory, refine GIC driver for
     low power scenarios, and switch PLL/CLKSQ/ck_off/axi_26m control to SPM
   - qemu: Update flash address map to keep FIP in secure FLASH0
   - renesas: rcar_gen3: Update IPL and Secure Monitor Rev.2.0.6, update DDR
     setting for H3, M3, M3N, change fixed destination address of BL31 and BL32,
     add missing #{address,size}-cells into generated DT, pass DT to OpTee OS,
     and move DDR drivers out of staging
   - rockchip: Make miniloader ddr_parameter handling optional, cleanup securing
     of ddr regions, move secure init to separate file, use base+size for secure
     ddr regions, bring TZRAM_SIZE values in lined, and prevent macro expansion
     in paths
   - rpi: Move plat_helpers.S to common
   - rpi3: gpio: Simplify GPIO setup
   - rpi4: Skip UART initialisation
   - st: stm32m1: Use generic console_t data structure, remove second
     QSPI flash instance, update for FMC2 pin muxing, and reduce MAX_XLAT_TABLES
     to 4
   - socionext: uniphier: Make on-chip SRAM and I/O register regions configurable
   - socionext: uniphier: Make PSCI related, counter control, UART, pinmon, NAND
     controller, and eMMC controller base addresses configurable
   - socionext: uniphier: Change block_addressing flag and the return value type
     of .is_usb_boot() to bool
   - socionext: uniphier: Run BL33 at EL2, call uniphier_scp_is_running() only
     when on-chip STM is supported, define PLAT_XLAT_TABLES_DYNAMIC only for BL2,
     support read-only xlat tables, use enable_mmu() in common function, shrink
     UNIPHIER_ROM_REGION_SIZE, prepare uniphier_soc_info() for next SoC, extend
     boot device detection for future SoCs, make all BL images completely
     position-independent, make uniphier_mmap_setup() work with PIE, pass SCP
     base address as a function parameter, set buffer offset and length for
     io_block dynamically, and use more mmap_add_dynamic_region() for loading
     images
   - spd/trusty: Disable error messages seen during boot, allow gic base to be
     specified with GICD_BASE, and allow getting trusty memsize from BL32_MEM_SIZE
     instead of TSP_SEC_MEM_SIZE
   - ti: k3: common: Enable ARM cluster power down and rename device IDs to
     be more consistent
   - ti: k3: drivers: ti_sci: Put sequence number in coherent memory and
     remove indirect structure of const data
   - xilinx: Move ipi mailbox svc to xilinx common
   - xilinx: zynqmp: Use GIC framework for warm restart
   - xilinx: zynqmp: pm: Move custom clock flags to typeflags, remove
     CLK_TOPSW_LSBUS from invalid clock list and rename FPD WDT clock ID
   - xilinx: versal: Increase OCM memory size for DEBUG builds and adjust
     cpu clock, Move versal_def.h and versal_private to include directory
 - Tools
   - sptool: Updated sptool to accomodate building secure partition packages.
 Resolved Issues
 ^^^^^^^^^^^^^^^
 - Arm Architecture
   - Fix crash dump for lower EL
 - BL-Specific
   - Bug fix: Protect TSP prints with lock
   - Fix boot failures on some builds linked with ld.lld.
 - Build System
   - Fix clang build if CC is not in the path.
   - Fix 'BL stage' comment for build macros
 - Code Quality
   - coverity: Fix various MISRA violations including null pointer violations,
     C issues in BL1/BL2/BL31 and FDT helper functions, using boolean essential,
     type, and removing unnecessary header file and comparisons to LONG_MAX in
     debugfs devfip
   - Based on coding guidelines, replace all `unsigned long` depending on if
     fixed based on AArch32 or AArch64.
   - Unify type of "cpu_idx" and Platform specific defines across PSCI module.
 - Drivers
   - auth: Necessary fix in drivers to upgrade to mbedtls-2.18.0
   - delay_timer: Fix non-standard frequency issue in udelay
   - gicv3: Fix compiler dependent behavior
   - gic600: Fix include ordering according to the coding style and power up sequence
 - Library Code
   - el3_runtime: Fix stack pointer maintenance on EA handling path,
     fixup 'cm_setup_context' prototype, and adds TPIDR_EL2 register
     to the context save restore routines
   - libc: Fix SIZE_MAX on AArch32
   - locks: T589: Fix insufficient ordering guarantees in bakery lock
   - pmf: Fix 'tautological-constant-compare' error, Make the runtime
     instrumentation work on AArch32, and Simplify PMF helper macro
     definitions across header files
   - xlat_tables_v2: Fix assembler warning of PLAT_RO_XLAT_TABLES
 - Platforms
   - allwinner: Fix H6 GPIO and CCU memory map addresses and incorrect ARISC
     code patch offset check
   - arm/a5ds: Correct system freq and Cache Writeback Granule, and cleanup
     enable-method in devicetree
   - arm/fvp: Fix incorrect GIC mapping, BL31 load address and image size
     for RESET_TO_BL31=1, topology description of cpus for DynamIQ based
     FVP, and multithreaded FVP power domain tree
   - arm/fvp: spm-mm: Correcting instructions to build SPM for FVP
   - arm/common: Fix ROTPK hash generation for ECDSA encryption, BL2 bug in
     dynamic configuration initialisation, and current RECLAIM_INIT_CODE behavior
   - arm/rde1edge: Fix incorrect topology tree description
   - arm/sgi: Fix the incorrect check for SCMI channel ID
   - common: Flush dcache when storing timestamp
   - intel: Fix UEFI decompression issue, memory calibration, SMC SIP service,
     mailbox config return status, mailbox driver logic, FPGA manager on
     reconfiguration, and mailbox send_cmd issue
   - imx: Fix shift-overflow errors, the rdc memory region slot's offset,
     multiple definition of ipc_handle, missing inclusion of cdefs.h, and
     correct the SGIs that used for secure interrupt
   - mediatek: mt8183: Fix AARCH64 init fail on CPU0
   - rockchip: Fix definition of struct param_ddr_usage
   - rpi4: Fix documentation of armstub config entry
   - st: Correct io possible NULL pointer dereference and device_size type,
     nand xor_ecc.val assigned value, static analysis tool issues, and fix
     incorrect return value and correctly check pwr-regulators node
   - xilinx: zynqmp: Correct syscnt freq for QEMU and fix clock models
     and IDs of GEM-related clocks
 Known Issues
 ^^^^^^^^^^^^
 - Build System
   - dtb: DTB creation not supported when building on a Windows host.
     This step in the build process is skipped when running on a Windows host. A
     known issue from the 1.6 release.
   - Intermittent assertion firing `ASSERT: services/spd/tspd/tspd_main.c:105`
 - Coverity
   - Intermittent Race condition in Coverity Jenkins Build Job
 - Platforms
   - arm/juno: System suspend from Linux does not function as documented in the
     user guide
     Following the instructions provided in the user guide document does not
     result in the platform entering system suspend state as expected. A message
     relating to the hdlcd driver failing to suspend will be emitted on the
     Linux terminal.
   - mediatek/mt6795: This platform does not build in this release
 Version 2.2
 -----------