18eb9490bSPaul BeesleyFeature Overview 28eb9490bSPaul Beesley================ 38eb9490bSPaul Beesley 48eb9490bSPaul BeesleyThis page provides an overview of the current |TF-A| feature set. For a full 58eb9490bSPaul Beesleydescription of these features and their implementation details, please see 6bbf0a1e4SPaul Beesleythe documents that are part of the *Components* and *System Design* chapters. 78eb9490bSPaul Beesley 88eb9490bSPaul BeesleyThe :ref:`Change Log & Release Notes` provides details of changes made since the 98eb9490bSPaul Beesleylast release. 108eb9490bSPaul Beesley 118eb9490bSPaul BeesleyCurrent features 128eb9490bSPaul Beesley---------------- 138eb9490bSPaul Beesley 148eb9490bSPaul Beesley- Initialization of the secure world, for example exception vectors, control 158eb9490bSPaul Beesley registers and interrupts for the platform. 168eb9490bSPaul Beesley 178eb9490bSPaul Beesley- Library support for CPU specific reset and power down sequences. This 188eb9490bSPaul Beesley includes support for errata workarounds and the latest Arm DynamIQ CPUs. 198eb9490bSPaul Beesley 208eb9490bSPaul Beesley- Drivers to enable standard initialization of Arm System IP, for example 218eb9490bSPaul Beesley Generic Interrupt Controller (GIC), Cache Coherent Interconnect (CCI), 228eb9490bSPaul Beesley Cache Coherent Network (CCN), Network Interconnect (NIC) and TrustZone 238eb9490bSPaul Beesley Controller (TZC). 248eb9490bSPaul Beesley 259494de07SManish Pandey- Secure Monitor library code such as world switching, EL2/EL1 context 269494de07SManish Pandey management and interrupt routing. 278eb9490bSPaul Beesley 288eb9490bSPaul Beesley- SMC (Secure Monitor Call) handling, conforming to the `SMC Calling 298eb9490bSPaul Beesley Convention`_ using an EL3 runtime services framework. 308eb9490bSPaul Beesley 318eb9490bSPaul Beesley- |PSCI| library support for CPU, cluster and system power management 328eb9490bSPaul Beesley use-cases. 338eb9490bSPaul Beesley This library is pre-integrated with the AArch64 EL3 Runtime Software, and 348eb9490bSPaul Beesley is also suitable for integration with other AArch32 EL3 Runtime Software, 358eb9490bSPaul Beesley for example an AArch32 Secure OS. 368eb9490bSPaul Beesley 379494de07SManish Pandey- A generic |SCMI| driver to interface with conforming power controllers, for 389494de07SManish Pandey example the Arm System Control Processor (SCP). 399494de07SManish Pandey 40bbf0a1e4SPaul Beesley- A minimal AArch32 Secure Payload (*SP_MIN*) to demonstrate |PSCI| library 418eb9490bSPaul Beesley integration with AArch32 EL3 Runtime Software. 428eb9490bSPaul Beesley 439494de07SManish Pandey- Secure partition manager dispatcher(SPMD) with following two configurations: 449494de07SManish Pandey 459494de07SManish Pandey - S-EL2 SPMC implementation, widely compliant with FF-A v1.1 EAC0 and initial 469494de07SManish Pandey support of FF-A v1.2. 479494de07SManish Pandey 489494de07SManish Pandey - EL3 SPMC implementation, compliant with a subset of FF-A v1.1 EAC0. 499494de07SManish Pandey 509494de07SManish Pandey- Support for Arm CCA based on FEAT_RME which supports authenticated boot and 519494de07SManish Pandey execution of RMM with the necessary routing of RMI commands as specified in 529494de07SManish Pandey RMM Beta 0 Specification. 538eb9490bSPaul Beesley 548eb9490bSPaul Beesley- A Test SP and SPD to demonstrate AArch64 Secure Monitor functionality and SP 558eb9490bSPaul Beesley interaction with PSCI. 568eb9490bSPaul Beesley 57b0980e58SFlorian Lugou- SPDs for the `OP-TEE Secure OS`_, `NVIDIA Trusted Little Kernel`_, 58b0980e58SFlorian Lugou `Trusty Secure OS`_ and `ProvenCore Secure OS`_. 598eb9490bSPaul Beesley 608eb9490bSPaul Beesley- A Trusted Board Boot implementation, conforming to all mandatory TBBR 619494de07SManish Pandey requirements. This includes image authentication, Firmware recovery, 629494de07SManish Pandey Firmware encryption and packaging of the various firmware images into a 638eb9490bSPaul Beesley Firmware Image Package (FIP). 648eb9490bSPaul Beesley 659494de07SManish Pandey- Measured boot support with PoC to showcase its interaction with firmware TPM 669494de07SManish Pandey (fTPM) service implemneted on top of OP-TEE. 679494de07SManish Pandey 689494de07SManish Pandey- Support for Dynamic Root of Trust for Measurement (DRTM). 699494de07SManish Pandey 709494de07SManish Pandey- Following firmware update mechanisms available: 719494de07SManish Pandey 729494de07SManish Pandey - PSA Firmware Update (PSA FWU) 739494de07SManish Pandey 749494de07SManish Pandey - TBBR Firmware Update (TBBR FWU) 758eb9490bSPaul Beesley 768eb9490bSPaul Beesley- Reliability, Availability, and Serviceability (RAS) functionality, including 778eb9490bSPaul Beesley 788eb9490bSPaul Beesley - A Secure Partition Manager (SPM) to manage Secure Partitions in 798eb9490bSPaul Beesley Secure-EL0, which can be used to implement simple management and 808eb9490bSPaul Beesley security services. 818eb9490bSPaul Beesley 828eb9490bSPaul Beesley - An |SDEI| dispatcher to route interrupt-based |SDEI| events. 838eb9490bSPaul Beesley 848eb9490bSPaul Beesley - An Exception Handling Framework (EHF) that allows dispatching of EL3 858eb9490bSPaul Beesley interrupts to their registered handlers, to facilitate firmware-first 868eb9490bSPaul Beesley error handling. 878eb9490bSPaul Beesley 888eb9490bSPaul Beesley- A dynamic configuration framework that enables each of the firmware images 898eb9490bSPaul Beesley to be configured at runtime if required by the platform. It also enables 908eb9490bSPaul Beesley loading of a hardware configuration (for example, a kernel device tree) 918eb9490bSPaul Beesley as part of the FIP, to be passed through the firmware stages. 92c2c150e7SLouis Mayencourt This feature is now incorporated inside the firmware configuration framework 93700e7685SManish Pandey (fconf). 948eb9490bSPaul Beesley 958eb9490bSPaul Beesley- Support for alternative boot flows, for example to support platforms where 968eb9490bSPaul Beesley the EL3 Runtime Software is loaded using other firmware or a separate 978eb9490bSPaul Beesley secure system processor, or where a non-TF-A ROM expects BL2 to be loaded 988eb9490bSPaul Beesley at EL3. 998eb9490bSPaul Beesley 1009494de07SManish Pandey- Support for Errata management firmware interface. 1019494de07SManish Pandey 1028eb9490bSPaul Beesley- Support for the GCC, LLVM and Arm Compiler 6 toolchains. 1038eb9490bSPaul Beesley 1048eb9490bSPaul Beesley- Support for combining several libraries into a "romlib" image that may be 1058eb9490bSPaul Beesley shared across images to reduce memory footprint. The romlib image is stored 1068eb9490bSPaul Beesley in ROM but is accessed through a jump-table that may be stored 1078eb9490bSPaul Beesley in read-write memory, allowing for the library code to be patched. 1088eb9490bSPaul Beesley 1099494de07SManish Pandey- Position-Independent Executable (PIE) support. 1108eb9490bSPaul Beesley 11148856003SOlivier DeprezExperimental features 11248856003SOlivier Deprez--------------------- 11348856003SOlivier Deprez 11448856003SOlivier DeprezA feature is considered experimental when still in development or isn't known 11548856003SOlivier Deprezto the TF-A team as widely deployed or proven on end products. It is generally 11648856003SOlivier Deprezadvised such options aren't pulled into real deployments, or done with the 11748856003SOlivier Deprezappropriate level of supplementary integration testing. 11848856003SOlivier Deprez 11948856003SOlivier DeprezA feature is no longer considered experimental when it is generally agreed 12048856003SOlivier Deprezthe said feature has reached a level of maturity and quality comparable to 12148856003SOlivier Deprezother features that have been integrated into products. 12248856003SOlivier Deprez 12348856003SOlivier DeprezExperimental build options are found in following section 12448856003SOlivier Deprez:ref:`build_options_experimental`. Their use through the build emits a warning 12548856003SOlivier Deprezmessage. 12648856003SOlivier Deprez 12748856003SOlivier DeprezAdditionally the following libraries are marked experimental when included 12848856003SOlivier Deprezin a platform: 12948856003SOlivier Deprez 130624c9a0bSTamas Ban- RSE comms driver ``drivers/arm/rse`` 1318cef63d6SBoyan Karatotev- GICv5 driver ``drivers/arm/gicv5`` via ``USE_GIC_DRIVER=5`` 132*f396aec8SArvind Ram Prakash- FEAT_IDTE3 ``lib/extensions/idte/`` via ``ENABLE_FEAT_IDTE3`` 13348856003SOlivier Deprez 1348eb9490bSPaul BeesleyStill to come 1358eb9490bSPaul Beesley------------- 1368eb9490bSPaul Beesley 1378eb9490bSPaul Beesley- Support for additional platforms. 1388eb9490bSPaul Beesley 1398eb9490bSPaul Beesley- Documentation enhancements. 1408eb9490bSPaul Beesley 1418eb9490bSPaul Beesley- Ongoing support for new architectural features, CPUs and System IP. 1428eb9490bSPaul Beesley 1438eb9490bSPaul Beesley- Ongoing support for new Arm system architecture specifications. 1448eb9490bSPaul Beesley 1458eb9490bSPaul Beesley- Ongoing security hardening, optimization and quality improvements. 1468eb9490bSPaul Beesley 1473ba55a3cSlaurenw-arm.. _SMC Calling Convention: https://developer.arm.com/docs/den0028/latest 1488eb9490bSPaul Beesley.. _OP-TEE Secure OS: https://github.com/OP-TEE/optee_os 149854d199bSGovindraj Raja.. _NVIDIA Trusted Little Kernel: https://nv-tegra.nvidia.com/r/plugins/gitiles/3rdparty/ote_partner/tlk 1508eb9490bSPaul Beesley.. _Trusty Secure OS: https://source.android.com/security/trusty 151b0980e58SFlorian Lugou.. _ProvenCore Secure OS: https://provenrun.com/products/provencore/ 1528eb9490bSPaul Beesley 1538eb9490bSPaul Beesley-------------- 1548eb9490bSPaul Beesley 15523302d4aSBoyan Karatotev*Copyright (c) 2019-2025, Arm Limited. All rights reserved.* 156