diff --git a/readme.rst b/readme.rst index fdce8c0..a83338f 100644 --- a/readme.rst +++ b/readme.rst @@ -1,16 +1,20 @@ -ARM Trusted Firmware - version 1.3 +ARM Trusted Firmware - version 1.4 ================================== ARM Trusted Firmware provides a reference implementation of secure world software for `ARMv8-A`_, including a `Secure Monitor`_ executing at -Exception Level 3 (EL3). It implements various ARM interface standards, such as -the Power State Coordination Interface (`PSCI`_), Trusted Board Boot Requirements -(TBBR, ARM DEN0006C-1) and `SMC Calling Convention`_. As far as possible -the code is designed for reuse or porting to other ARMv8-A model and hardware -platforms. +Exception Level 3 (EL3). It implements various ARM interface standards, such as: + +- The `Power State Coordination Interface (PSCI)`_ +- Trusted Board Boot Requirements (TBBR, ARM DEN0006C-1) +- `SMC Calling Convention`_ +- `System Control and Management Interface`_ + +As far as possible the code is designed for reuse or porting to other ARMv8-A +model and hardware platforms. ARM will continue development in collaboration with interested parties to -provide a full reference implementation of PSCI, TBBR and Secure Monitor code +provide a full reference implementation of Secure Monitor code and ARM standards to the benefit of all developers working with ARMv8-A TrustZone technology. License @@ -28,12 +32,15 @@ - The libfdt source code is dual licensed. It is used by this project under the terms of the BSD-2-Clause license. +- The LLVM compiler-rt source code is dual licensed. It is used by this + project under the terms of the University of Illinois "BSD-Like" license. + This Release ------------ This release provides a suitable starting point for productization of secure -world boot and runtime firmware, executing in either the AArch32 or AArch64 -execution state. +world boot and runtime firmware, in either the AArch32 or AArch64 execution +state. Users are encouraged to do their own security validation, including penetration testing, on any secure world code derived from ARM Trusted Firmware. @@ -41,57 +48,57 @@ Functionality ~~~~~~~~~~~~~ -- Initialization of the secure world (for example, exception vectors, control - registers, interrupt controller and interrupts for the platform), before - transitioning into the normal world at the Exception Level and Register - Width specified by the platform. +- Initialization of the secure world, for example exception vectors, control + registers and interrupts for the platform. - Library support for CPU specific reset and power down sequences. This - includes support for errata workarounds. - -- Drivers for both versions 2.0 and 3.0 of the ARM Generic Interrupt - Controller specifications (GICv2 and GICv3). The latter also enables GICv3 - hardware systems that do not contain legacy GICv2 support. + includes support for errata workarounds and the latest ARM DynamIQ CPUs. - Drivers to enable standard initialization of ARM System IP, for example - Cache Coherent Interconnect (CCI), Cache Coherent Network (CCN), Network - Interconnect (NIC) and TrustZone Controller (TZC). + Generic Interrupt Controller (GIC), Cache Coherent Interconnect (CCI), + Cache Coherent Network (CCN), Network Interconnect (NIC) and TrustZone + Controller (TZC). -- SMC (Secure Monitor Call) handling, conforming to the - `SMC Calling Convention`_ using an EL3 runtime services framework. +- A generic `SCMI`_ driver to interface with conforming power controllers, for + example the ARM System Control Processor (SCP). -- `PSCI`_ library support for the Secondary CPU Boot, CPU Hotplug, CPU Idle - and System Shutdown/Reset/Suspend use-cases. - This library is pre-integrated with the provided AArch64 EL3 Runtime - Software, and is also suitable for integration into other EL3 Runtime - Software. +- SMC (Secure Monitor Call) handling, conforming to the `SMC Calling + Convention`_ using an EL3 runtime services framework. -- A minimal AArch32 Secure Payload to demonstrate `PSCI`_ library integration - on platforms with AArch32 EL3 Runtime Software. +- `PSCI`_ library support for CPU, cluster and system power management + use-cases. + This library is pre-integrated with the AArch64 EL3 Runtime Software, and + is also suitable for integration with other AArch32 EL3 Runtime Software, + for example an AArch32 Secure OS. + +- A minimal AArch32 Secure Payload (SP\_MIN) to demonstrate `PSCI`_ library + integration with AArch32 EL3 Runtime Software. - Secure Monitor library code such as world switching, EL1 context management and interrupt routing. - When using the provided AArch64 EL3 Runtime Software, this must be - integrated with a Secure-EL1 Payload Dispatcher (SPD) component to - customize the interaction with a Secure-EL1 Payload (SP), for example a - Secure OS. + When a Secure-EL1 Payload (SP) is present, for example a Secure OS, the + AArch64 EL3 Runtime Software must be integrated with a dispatcher component + (SPD) to customize the interaction with the SP. -- A Test Secure-EL1 Payload and Dispatcher to demonstrate AArch64 Secure - Monitor functionality and Secure-EL1 interaction with PSCI. +- A Test SP/SPD to demonstrate AArch64 Secure Monitor functionality and SP + interaction with PSCI. -- AArch64 SPDs for the `OP-TEE Secure OS`_ and `NVidia Trusted Little Kernel`_. +- SPDs for the `OP-TEE Secure OS`_, `NVidia Trusted Little Kernel`_ + and `Trusty Secure OS`_. - A Trusted Board Boot implementation, conforming to all mandatory TBBR - requirements. This includes image authentication using certificates, a - Firmware Update (or recovery mode) boot flow, and packaging of the various - firmware images into a Firmware Image Package (FIP) to be loaded from - non-volatile storage. - The TBBR implementation is currently only supported in the AArch64 build. + requirements. This includes image authentication, Firmware Update (or + recovery mode), and packaging of the various firmware images into a + Firmware Image Package (FIP). -- Support for alternative boot flows. Some platforms have their own boot - firmware and only require the AArch64 EL3 Runtime Software provided by this - project. Other platforms require minimal initialization before booting - into an arbitrary EL3 payload. +- Pre-integration of TBB with the ARM TrustZone CryptoCell product, to take + advantage of its hardware Root of Trust and crypto acceleration services. + +- Support for alternative boot flows, for example to support platforms where + the EL3 Runtime Software is loaded using other firmware or a separate + secure system processor. + +- Support for the GCC, LLVM and ARM Compiler 6 toolchains. For a full description of functionality and implementation details, please see the `Firmware Design`_ and supporting documentation. The `Change Log`_ @@ -100,61 +107,70 @@ Platforms ~~~~~~~~~ -The AArch64 build of this release has been tested on variants r0, r1 and r2 -of the `Juno ARM Development Platform`_ with `Linaro Release 16.06`_. +Various AArch32 and AArch64 builds of this release has been tested on variants +r0, r1 and r2 of the `Juno ARM Development Platform`_. -The AArch64 build of this release has been tested on the following ARM -`FVP`_\ s (64-bit host machine only, with `Linaro Release 16.06`_): +Various AArch64 builds of this release have been tested on the following ARM +`FVP`_\ s (64-bit host machine only): -- ``Foundation_Platform`` (Version 10.1, Build 10.1.32) -- ``FVP_Base_AEMv8A-AEMv8A`` (Version 7.7, Build 0.8.7701) -- ``FVP_Base_Cortex-A57x4-A53x4`` (Version 7.7, Build 0.8.7701) -- ``FVP_Base_Cortex-A57x1-A53x1`` (Version 7.7, Build 0.8.7701) -- ``FVP_Base_Cortex-A57x2-A53x4`` (Version 7.7, Build 0.8.7701) +NOTE: Unless otherwise stated, the FVP Version is 11.0, Build 11.0.34. -The AArch32 build of this release has been tested on the following ARM -`FVP`_\ s (64-bit host machine only, with `Linaro Release 16.06`_): +- ``Foundation_Platform`` +- ``FVP_Base_AEMv8A-AEMv8A`` (Version 8.5, Build 0.8.8502) +- ``FVP_Base_Cortex-A35x4`` +- ``FVP_Base_Cortex-A53x4`` +- ``FVP_Base_Cortex-A57x4-A53x4`` +- ``FVP_Base_Cortex-A57x4`` +- ``FVP_Base_Cortex-A72x4-A53x4`` +- ``FVP_Base_Cortex-A72x4`` +- ``FVP_Base_Cortex-A73x4-A53x4`` +- ``FVP_Base_Cortex-A73x4`` +- ``FVP_CSS_SGM-775`` (Version 11.0, Build 11.0.36) -- ``FVP_Base_AEMv8A-AEMv8A`` (Version 7.7, Build 0.8.7701) -- ``FVP_Base_Cortex-A32x4`` (Version 10.1, Build 10.1.32) +Various AArch32 builds of this release has been tested on the following ARM +`FVP`_\ s (64-bit host machine only): + +- ``FVP_Base_AEMv8A-AEMv8A`` (Version 8.5, Build 0.8.8502) +- ``FVP_Base_Cortex-A32x4`` The Foundation FVP can be downloaded free of charge. The Base FVPs can be -licensed from ARM: see `www.arm.com/fvp`_. +licensed from ARM. See the `ARM FVP website`_. + +All the above platforms have been tested with `Linaro Release 17.04`_. This release also contains the following platform support: +- HiKey and HiKey960 boards - MediaTek MT6795 and MT8173 SoCs -- NVidia T210 and T132 SoCs +- NVidia T132, T186 and T210 SoCs - QEMU emulator -- RockChip RK3368 and RK3399 SoCs +- RockChip RK3328, RK3368 and RK3399 SoCs +- Socionext UniPhier SoC family - Xilinx Zynq UltraScale + MPSoC Still to Come ~~~~~~~~~~~~~ -- AArch32 TBBR support and ongoing TBBR alignment. - - More platform support. - Ongoing support for new architectural features, CPUs and System IP. -- Ongoing `PSCI`_ alignment and feature support. +- Ongoing support for new `PSCI`_, `SCMI`_ and TBBR features. - Ongoing security hardening, optimization and quality improvements. -For a full list of detailed issues in the current code, please see the -`Change Log`_ and the `GitHub issue tracker`_. +For a full list of detailed issues in the current code, please see the `Change +Log`_ and the `GitHub issue tracker`_. Getting Started --------------- -Get the Trusted Firmware source code from -`GitHub`_. +Get the Trusted Firmware source code from `GitHub`_. See the `User Guide`_ for instructions on how to install, build and use the Trusted Firmware with the ARM `FVP`_\ s. -See the `Firmware Design`_ for information on how the ARM Trusted Firmware works. +See the `Firmware Design`_ for information on how the Trusted Firmware works. See the `Porting Guide`_ as well for information about how to use this software on another ARMv8-A platform. @@ -166,31 +182,38 @@ Feedback and support ~~~~~~~~~~~~~~~~~~~~ -ARM welcomes any feedback on the Trusted Firmware. Please send feedback using -the `GitHub issue tracker`_. +ARM welcomes any feedback on Trusted Firmware. If you think you have found a +security vulnerability, please report this using the process defined in the +Trusted Firmware `Security Centre`_. For all other feedback, please use the +`GitHub issue tracker`_. ARM licensees may contact ARM directly via their partner managers. -------------- -*Copyright (c) 2013-2016, ARM Limited and Contributors. All rights reserved.* +*Copyright (c) 2013-2017, ARM Limited and Contributors. All rights reserved.* .. _ARMv8-A: http://www.arm.com/products/processors/armv8-architecture.php .. _Secure Monitor: http://www.arm.com/products/processors/technologies/trustzone/tee-smc.php -.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022c/DEN0022C_Power_State_Coordination_Interface.pdf -.. _SMC Calling Convention: http://infocenter.arm.com/help/topic/com.arm.doc.den0028a/index.html -.. _license: ./license.rst -.. _Contributing Guidelines: ./contributing.rst +.. _Power State Coordination Interface (PSCI): PSCI_ +.. _PSCI: http://infocenter.arm.com/help/topic/com.arm.doc.den0022d/Power_State_Coordination_Interface_PDD_v1_1_DEN0022D.pdf +.. _SMC Calling Convention: http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf +.. _System Control and Management Interface: SCMI_ +.. _SCMI: http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf +.. _Juno ARM Development Platform: http://www.arm.com/products/tools/development-boards/versatile-express/juno-arm-development-platform.php +.. _ARM FVP website: FVP_ +.. _FVP: https://developer.arm.com/products/system-design/fixed-virtual-platforms +.. _Linaro Release 17.04: https://community.arm.com/dev-platforms/b/documents/posts/linaro-release-notes-deprecated#LinaroRelease17.04 .. _OP-TEE Secure OS: https://github.com/OP-TEE/optee_os .. _NVidia Trusted Little Kernel: http://nv-tegra.nvidia.com/gitweb/?p=3rdparty/ote_partner/tlk.git;a=summary +.. _Trusty Secure OS: https://source.android.com/security/trusty +.. _GitHub: https://www.github.com/ARM-software/arm-trusted-firmware +.. _GitHub issue tracker: https://github.com/ARM-software/tf-issues/issues +.. _Security Centre: https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Centre +.. _license: ./license.rst +.. _Contributing Guidelines: ./contributing.rst +.. _Acknowledgments: ./acknowledgements.rst .. _Firmware Design: ./docs/firmware-design.rst .. _Change Log: ./docs/change-log.rst -.. _Juno ARM Development Platform: http://www.arm.com/products/tools/development-boards/versatile-express/juno-arm-development-platform.php -.. _Linaro Release 16.06: https://community.arm.com/docs/DOC-10952#jive_content_id_Linaro_Release_1606 -.. _FVP: http://www.arm.com/fvp -.. _www.arm.com/fvp: http://www.arm.com/fvp -.. _GitHub issue tracker: https://github.com/ARM-software/tf-issues/issues -.. _GitHub: https://www.github.com/ARM-software/arm-trusted-firmware .. _User Guide: ./docs/user-guide.rst .. _Porting Guide: ./docs/porting-guide.rst -.. _Acknowledgments: ./acknowledgements.rst