Version 2.3.0

New major features

  • Use TF-PSA-Crypto 1.1.0 in place of Mbed-TLS

  • New Clang/LLVM Toolchain Support

  • (TF-M Tests) RTX OS is built from source

Other relevant changes and fixes

  • Fixes and improvements for FPU context flushing

  • Allow PSA calls before RTOS ready

  • Hardening Protected Storage partition

  • Improve mailbox vectors handling

  • Add GPT library

  • SCMI: Reorganization and add support for more protocols

  • Crypto: improvements, fixes and support the use of opaque keys

  • Crypto: enable SP800-108 Counter CMAC support in runtime

  • Build: Unify use of ATfE toolchain with GCC

  • SPM: Introduce cookie for ISR scheduling attempts

  • Lib: Use upstream libTPM

  • Static checks: Various MISRA violations fixes

  • SPM: various improvements for connection_pool, mailbox, mmiovec, backends, psa_calls, thread, boot_data, spm_ipc, psa_irq_api, rom_loader, interrupt

  • Lib: tfm_utils: Use stdint from standard

  • BL1_2, BL2: Various improvements and switch to MCUboot feature branch v2.4.0-rc1

  • Crypto: add FIH support to PSA cipher APIs

  • Build: Upgrade all toolchains to C11 standard

  • Build: Remove crt0 and libc from secure binaries

  • SPM: ns_agent_tz: Introduce reentrancy checks for NSPE calls

  • SPM: Introduce API to ensure shared metadata section is protected correctly

  • Build: Update TF-M versioning logic, fix IAR build and optional patching of by platform code

  • dma350: various improvements and fixes

Other relevant platforms changes

  • STM32WBA/H5/U5: update for TF-PSA-Crypto 1.0.0

  • IFX/PSE84: Various updates

  • CS1000: Updates for TF-PSA-Crypto

  • fix broken an524 platform build

  • RSE: Various fixes and updates, add support for COD generation

  • nordic_nrf: Align to nrfx 4.0

New security advisories

None. Introduced a Security Recommendations section.

New platforms support

  • STM32: Add support of nucleo_u3c5zi_q

  • Add support of nxp frdmmca577

  • nordic_nrf: add support for nRF54LM20B

  • Add support for mcimx93evk

Deprecated platforms

None.

Tested platforms

The following platforms are successfully tested in this release.

  • Arm - corstone1000 - mps2/an519 - mps2/an521 - mps3/an524 - mps3/corstone300 - mps3/corstone310 - mps4/corstone315 - mps4/corstone320 - musca_b1 - rse/css-aspen - rse/rd1ae - rse/rdv3 - rse/rdv3r1 - rse/tc4

  • Infineon - pse4

  • NXP - frdmmcxn947 - lpcxpresso55s69

  • RPi - rp2350

  • STM - b_u585i_iot02a - nucleo_u3c5zi_q - stm32h573i_dk - stm32wba65i_dk

Reference memory footprint

All measurements below are made for AN521 platform, built TF-Mv2.3.0-RC1 on Windows 10 using Armclang v6.21 and build type MinSizeRel.

All modules are measured in bytes. Some minor modules are not shown in the table below.

Note

Profile Medium-ARoT-less built with disabled Firmware Update service to align with other TF-M Profiles.

Module

Module

Base

Small

ARoT-less

Medium

Large

Base

RAM

Small

RAM

ARoT

RAM

Med.

RAM

Large

RAM

Generated

112

3184

208

3184

224

3184

272

3184

272

3184

Objects

978

1056

1298

5188

1399

5872

1541

1492

1613

1492

c_w.l

206

0

522

0

522

0

522

0

762

0

platform_s.a

5322

281

5618

281

6016

281

6392

281

6522

281

spm.a

3606

173

4480

173

3986

173

6616

1409

6818

1414

sprt.a

238

0

1346

0

1310

0

2500

4

2520

4

tfpsacrypto.a

0

0

26296

1780

33542

1780

33542

1780

75539

1660

PROT_attestation.a

0

0

1664

557

1641

1153

1641

3201

1757

3201

PROT_crypto.a

0

0

3534

2048

4032

16004

4032

22148

4680

28228

PROT_its.a

0

0

4796

80

4864

112

5034

1988

5042

2468

PROT_platform.a

0

0

0

0

528

0

528

1280

528

1280

AROT_ps.a

0

0

0

0

0

0

3372

4344

3372

4344

Padding

30

34

104

37

104

37

124

49

163

44

platform_crypto_keys.a

0

0

258

0

276

0

276

0

276

0

qcbor.a

0

0

852

0

1070

0

1070

0

1070

0

t_cose_s.a

0

0

1028

0

2186

0

2186

0

2186

0

Total inc. Padding

10492

4728

52004

13328

61700

28596

69648

41160

113120

47600

Known issues

Some open issues are not fixed in this release.

Descriptions

Issue links

Some DPE tests (DPE_S_TEST) in RSE fail

<None>

SPM does not automatically unmap mm-iovecs.

https://github.com/TrustedFirmware-M/trusted-firmware-m/issues/20

Long paths in Windows builds prevent successful builds

<None>

Issues fixed since v2.2.2

The following tracked issues have been fixed since the v2.2.2 release.

Descriptions

Issue links

create_provisioning_data.py outputs incorrectly when using EC-P384

https://github.com/TrustedFirmware-M/trusted-firmware-m/issues/42

Race condition in SPM scheduler lock logic

https://lists.trustedfirmware.org/archives/list/tf-m@lists.trustedfirmware.org/thread/JO5T75SNGBZMIQYGTSAEZFB4HKQSQF7E/

Reference

None

SPDX-License-Identifier: BSD-3-Clause

SPDX-FileCopyrightText: Copyright The TrustedFirmware-M Contributors