:orphan: ************* Version 1.5.0 ************* New major features ================== - MCUboot updated to v1.8.0. - :doc:`Floating-Point(FP) support in SPE only `. - Thread mode SPM. - Add Non-secure Client Extension (NSCE) for non-secure client ID management support. - Secure Function model support in framework. - Support Memory-mapped IOVECs. - Decouple documentation and binary builds. - Manifest tool skips disabled Secure Partitions. - Provisioning and OTP are supported. - PSA Protected Storage, Internal Trusted Storage, Initial Attestation services are converted to Stateless services. - Support out-of-tree build of Secure Partitions. - Support out-of-tree build of platform specific test suites. - Introduce platform binding HAL. - ITS enhancement for harden ITS module against invalid data in Flash. - Support to select/deselect single or multiple TF-M regression test cases. - Decouple regression test flag configuration from TF-M. - New platforms added. See :ref:`releases/1.5.0:New platforms supported` for details. New security advisories ======================= Profile Small key ID encoding vulnerability ------------------------------------------- NSPE may access secure keys stored in TF-M Crypto service in Profile Small with Crypto key ID encoding disabled. Refer to :doc:`Advisory TFMV-4 ` for more details. The mitigation is included in this release. New platforms supported ======================= - :doc:`Corstone-1000 ` - :doc:`Corstone-Polaris ` - :doc:`B-U585I-IOT02A ` Deprecated platforms ==================== The following platform has been removed from TF-M code base. - arm/mps2/fvp_sse300 See :doc:`/integration_guide/platform/platform_deprecation` for other platforms under deprecation process. Tested platforms ================ The following platforms are successfully tested in this release. - AN519 - AN521 - AN547 - Musca-B1 - Musca-S1 - STM32L562E-DK - PSoC 64 - B-U585I-IOT02A - NUCLEO-L552ZE-Q - nRF5340 - nRF9160 Known issues ============ Some open issues are not fixed in this release. .. list-table:: * - **Descriptions** - **Issue links** * - | PSA Arch Crypto test suite have several known failures. - See this `link `_ for detailed analysis of the failures. * - | Armclang 6.17 generates STRBT instead of STRB in privileged code. | MemManage fault occurs when the privileged code calls STRBT to access | a memory location only for privileged access. | The root cause is still under analysis by Armclang. Please use other | Armclang versions instead. - https://developer.trustedfirmware.org/T979 Issues closed since v1.4.0 ========================== The following issues in v1.4.0 known issues list are closed. These issues are related to platform hardware limitations or deprecated platforms and therefore won't be fixed by TF-M. .. list-table:: * - **Descriptions** - **Issue links** * - | Protected Storage Regression test 4001 is stuck on SSE-300 in isolation | level 2 when PXN is enabled. - https://developer.trustedfirmware.org/T902 * - | Image size overflow on Musca-B1 PSA Arch test suite debug build. - https://developer.trustedfirmware.org/T952 * - | Build errors in PSA api tests for initial attestation. - https://developer.trustedfirmware.org/T953 * - | Non Secure Image size overflow on STM32L562E-DK PSA Arch Crypto. - https://developer.trustedfirmware.org/T954 -------------- *Copyright (c) 2021-2022, Arm Limited. All rights reserved.*