123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128 |
- Feature Overview
- ================
- This page provides an overview of the current |TF-A| feature set. For a full
- description of these features and their implementation details, please see
- the documents that are part of the *Components* and *System Design* chapters.
- The :ref:`Change Log & Release Notes` provides details of changes made since the
- last release.
- Current features
- ----------------
- - Initialization of the secure world, for example exception vectors, control
- registers and interrupts for the platform.
- - Library support for CPU specific reset and power down sequences. This
- includes support for errata workarounds and the latest Arm DynamIQ CPUs.
- - Drivers to enable standard initialization of Arm System IP, for example
- Generic Interrupt Controller (GIC), Cache Coherent Interconnect (CCI),
- Cache Coherent Network (CCN), Network Interconnect (NIC) and TrustZone
- Controller (TZC).
- - A generic |SCMI| driver to interface with conforming power controllers, for
- example the Arm System Control Processor (SCP).
- - SMC (Secure Monitor Call) handling, conforming to the `SMC Calling
- Convention`_ using an EL3 runtime services framework.
- - |PSCI| library support for CPU, cluster and system power management
- use-cases.
- This library is pre-integrated with the AArch64 EL3 Runtime Software, and
- is also suitable for integration with other AArch32 EL3 Runtime Software,
- for example an AArch32 Secure OS.
- - A minimal AArch32 Secure Payload (*SP_MIN*) to demonstrate |PSCI| library
- integration with AArch32 EL3 Runtime Software.
- - Secure Monitor library code such as world switching, EL1 context management
- and interrupt routing.
- When a Secure-EL1 Payload (SP) is present, for example a Secure OS, the
- AArch64 EL3 Runtime Software must be integrated with a Secure Payload
- Dispatcher (SPD) component to customize the interaction with the SP.
- - A Test SP and SPD to demonstrate AArch64 Secure Monitor functionality and SP
- interaction with PSCI.
- - SPDs for the `OP-TEE Secure OS`_, `NVIDIA Trusted Little Kernel`_,
- `Trusty Secure OS`_ and `ProvenCore Secure OS`_.
- - A Trusted Board Boot implementation, conforming to all mandatory TBBR
- requirements. This includes image authentication, Firmware Update (or
- recovery mode), and packaging of the various firmware images into a
- Firmware Image Package (FIP).
- - Pre-integration of TBB with the Arm CryptoCell product, to take advantage of
- its hardware Root of Trust and crypto acceleration services.
- - Reliability, Availability, and Serviceability (RAS) functionality, including
- - A Secure Partition Manager (SPM) to manage Secure Partitions in
- Secure-EL0, which can be used to implement simple management and
- security services.
- - An |SDEI| dispatcher to route interrupt-based |SDEI| events.
- - An Exception Handling Framework (EHF) that allows dispatching of EL3
- interrupts to their registered handlers, to facilitate firmware-first
- error handling.
- - A dynamic configuration framework that enables each of the firmware images
- to be configured at runtime if required by the platform. It also enables
- loading of a hardware configuration (for example, a kernel device tree)
- as part of the FIP, to be passed through the firmware stages.
- This feature is now incorporated inside the firmware configuration framework
- (fconf).
- - Support for alternative boot flows, for example to support platforms where
- the EL3 Runtime Software is loaded using other firmware or a separate
- secure system processor, or where a non-TF-A ROM expects BL2 to be loaded
- at EL3.
- - Support for the GCC, LLVM and Arm Compiler 6 toolchains.
- - Support for combining several libraries into a "romlib" image that may be
- shared across images to reduce memory footprint. The romlib image is stored
- in ROM but is accessed through a jump-table that may be stored
- in read-write memory, allowing for the library code to be patched.
- - Support for the Secure Partition Manager Dispatcher (SPMD) component as a
- new standard service.
- - Support for ARMv8.3 pointer authentication in the normal and secure worlds.
- The use of pointer authentication in the normal world is enabled whenever
- architectural support is available, without the need for additional build
- flags.
- - Position-Independent Executable (PIE) support. Currently for BL2, BL31, and
- TSP, with further support to be added in a future release.
- Still to come
- -------------
- - Support for additional platforms.
- - Refinements to Position Independent Executable (PIE) support.
- - Continued support for the FF-A v1.0 (formally known as SPCI) specification, to enable the
- use of secure partition management in the secure world.
- - Documentation enhancements.
- - Ongoing support for new architectural features, CPUs and System IP.
- - Ongoing support for new Arm system architecture specifications.
- - Ongoing security hardening, optimization and quality improvements.
- .. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest
- .. _OP-TEE Secure OS: https://github.com/OP-TEE/optee_os
- .. _NVIDIA Trusted Little Kernel: http://nv-tegra.nvidia.com/gitweb/?p=3rdparty/ote_partner/tlk.git;a=summary
- .. _Trusty Secure OS: https://source.android.com/security/trusty
- .. _ProvenCore Secure OS: https://provenrun.com/products/provencore/
- --------------
- *Copyright (c) 2019-2021, Arm Limited. All rights reserved.*
|