1Feature Overview 2================ 3 4This page provides an overview of the current |TF-A| feature set. For a full 5description of these features and their implementation details, please see 6the documents that are part of the *Components* and *System Design* chapters. 7 8The :ref:`Change Log & Release Notes` provides details of changes made since the 9last release. 10 11Current features 12---------------- 13 14- Initialization of the secure world, for example exception vectors, control 15 registers and interrupts for the platform. 16 17- Library support for CPU specific reset and power down sequences. This 18 includes support for errata workarounds and the latest Arm DynamIQ CPUs. 19 20- Drivers to enable standard initialization of Arm System IP, for example 21 Generic Interrupt Controller (GIC), Cache Coherent Interconnect (CCI), 22 Cache Coherent Network (CCN), Network Interconnect (NIC) and TrustZone 23 Controller (TZC). 24 25- A generic |SCMI| driver to interface with conforming power controllers, for 26 example the Arm System Control Processor (SCP). 27 28- SMC (Secure Monitor Call) handling, conforming to the `SMC Calling 29 Convention`_ using an EL3 runtime services framework. 30 31- |PSCI| library support for CPU, cluster and system power management 32 use-cases. 33 This library is pre-integrated with the AArch64 EL3 Runtime Software, and 34 is also suitable for integration with other AArch32 EL3 Runtime Software, 35 for example an AArch32 Secure OS. 36 37- A minimal AArch32 Secure Payload (*SP_MIN*) to demonstrate |PSCI| library 38 integration with AArch32 EL3 Runtime Software. 39 40- Secure Monitor library code such as world switching, EL1 context management 41 and interrupt routing. 42 When a Secure-EL1 Payload (SP) is present, for example a Secure OS, the 43 AArch64 EL3 Runtime Software must be integrated with a Secure Payload 44 Dispatcher (SPD) component to customize the interaction with the SP. 45 46- A Test SP and SPD to demonstrate AArch64 Secure Monitor functionality and SP 47 interaction with PSCI. 48 49- SPDs for the `OP-TEE Secure OS`_, `NVIDIA Trusted Little Kernel`_ 50 and `Trusty Secure OS`_. 51 52- A Trusted Board Boot implementation, conforming to all mandatory TBBR 53 requirements. This includes image authentication, Firmware Update (or 54 recovery mode), and packaging of the various firmware images into a 55 Firmware Image Package (FIP). 56 57- Pre-integration of TBB with the Arm CryptoCell product, to take advantage of 58 its hardware Root of Trust and crypto acceleration services. 59 60- Reliability, Availability, and Serviceability (RAS) functionality, including 61 62 - A Secure Partition Manager (SPM) to manage Secure Partitions in 63 Secure-EL0, which can be used to implement simple management and 64 security services. 65 66 - An |SDEI| dispatcher to route interrupt-based |SDEI| events. 67 68 - An Exception Handling Framework (EHF) that allows dispatching of EL3 69 interrupts to their registered handlers, to facilitate firmware-first 70 error handling. 71 72- A dynamic configuration framework that enables each of the firmware images 73 to be configured at runtime if required by the platform. It also enables 74 loading of a hardware configuration (for example, a kernel device tree) 75 as part of the FIP, to be passed through the firmware stages. 76 77- Support for alternative boot flows, for example to support platforms where 78 the EL3 Runtime Software is loaded using other firmware or a separate 79 secure system processor, or where a non-TF-A ROM expects BL2 to be loaded 80 at EL3. 81 82- Support for the GCC, LLVM and Arm Compiler 6 toolchains. 83 84- Support for combining several libraries into a "romlib" image that may be 85 shared across images to reduce memory footprint. The romlib image is stored 86 in ROM but is accessed through a jump-table that may be stored 87 in read-write memory, allowing for the library code to be patched. 88 89- A prototype implementation of a Secure Partition Manager (SPM) that is based 90 on the SPCI Alpha 1 and SPRT draft specifications. 91 92- Support for ARMv8.3 pointer authentication in the normal and secure worlds. 93 The use of pointer authentication in the normal world is enabled whenever 94 architectural support is available, without the need for additional build 95 flags. Use of pointer authentication in the secure world remains an 96 experimental configuration at this time and requires the 97 ``BRANCH_PROTECTION`` option to be set to non-zero. 98 99- Position-Independent Executable (PIE) support. Initially for BL31 only, with 100 further support to be added in a future release. 101 102Still to come 103------------- 104 105- Support for additional platforms. 106 107- Refinements to Position Independent Executable (PIE) support. 108 109- Continued support for the draft SPCI specification, to enable the use of 110 secure partition management in the secure world. 111 112- Documentation enhancements. 113 114- Ongoing support for new architectural features, CPUs and System IP. 115 116- Ongoing support for new Arm system architecture specifications. 117 118- Ongoing security hardening, optimization and quality improvements. 119 120.. _SMC Calling Convention: http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf 121.. _OP-TEE Secure OS: https://github.com/OP-TEE/optee_os 122.. _NVIDIA Trusted Little Kernel: http://nv-tegra.nvidia.com/gitweb/?p=3rdparty/ote_partner/tlk.git;a=summary 123.. _Trusty Secure OS: https://source.android.com/security/trusty 124 125-------------- 126 127*Copyright (c) 2019, Arm Limited. All rights reserved.* 128