3. Change-log and Release notes

3.1. v0.2.0

  • This release has been verified with TF-A v2.8 release.

  • The release has the following fixes and enhancements:

    • Add support to render documentation on read-the-docs.

    • Fix the known issue with RSI_IPA_STATE_GET returning RSI_ERROR_INPUT for a destroyed IPA instead of emulating data abort to NS Host.

    • Fix an issue with RSI_HOST_CALL not returning back to Host to emulate a stage2 data abort.

    • Harden an assertion check for do_host_call().

  • The other known issues and limitations remain the same as listed for v0.1.0.

3.2. v0.1.0

  • First TF-RMM source release aligned to RMM Beta0 specification. The specified interfaces : Realm Management Interface (RMI) and Realm Service Interface (RSI) are implemented which can attest and run Realm VMs as described by the Arm CCA Architecture.

3.2.1. Upcoming features

  • Support SVE, Self-Hosted Debug and PMU in Realms

  • Support LPA2 for Stage 2 Realm translation tables.

  • Threat model covering RMM data flows.

  • Enable Bounded Model Checker (CBMC) for source analysis.

  • Unit test framework based on RMM Fake host architecture.

3.2.2. Known issues and limitations

The following is a list of issues which are expected to be fixed in the future releases of TF-RMM :

  • The size of RsiHostCall structure is 256 bytes in the implementation and aligns to RMM Beta1 specification rather than the 4 KB size specified in RMM Beta0 specification.

  • The RSI_IPA_STATE_GET command returns error RSI_ERROR_INPUT for a destroyed IPA instead of emulating data abort to Host.

  • The RMM Beta0 specification does not require to have a CBOR bytestream wrapper around the cca-platform-token and cca-realm-delegated-token, but the RMM implementation does so.