1*************
2Version 2.0.0
3*************
4
5New major features
6==================
7
8  - TF-M secure build process and non-secure build process are split to simplify
9    and enhance non-secure integration with TF-M.
10
11    - Refer to :doc:`TF-M Build Instruction </building/tfm_build_instruction>` to build SPE image.
12    - Refer to :doc:`Building Tests </building/tests_build_instruction>` to build non-secure tests.
13
14  - :doc:`Update new Mailbox agent API </design_docs/dual-cpu/mailbox_ns_agent_update>`.
15
16    - Decouple the specific application Mailbox from SPM, make it an application in Secure Partition.
17    - Unify the interfaces between partitions and SPM, and reduces the interaction interface between them.
18
19  - Multi-core support in the Secure Function (SFN) model.
20  - Optimize SPM critical section implementation to reduce time cost in isolation level 2&3.
21  - Use local variables for connection handles instead of dynamic allocation when there is only synchronous service
22    access routine in the SFN model.
23  - P256-M [1]_ component is enabled on the TF-M side in profile medium which has a much smaller code size and RAM
24    footprint.
25  - MCUboot upgrade to v2.0.0.
26  - Mbed TLS upgrade to v3.5.0.
27  - TF-M PSA client API performance profiling is tracked in SQUAD [2]_ and the profiling tool [3]_ is updated.
28  - TF-M integrates Read the Docs [4]_ to support finding documentation versions by the released tags and downloading
29    PDFs. External links are supported for documentation in TF-M Tests, Tools and Extras repositories.
30
31New security advisories
32=======================
33
34A Security vulnerability fixed in v1.8.1
35Refer to :doc:`TFMV-6 </security/security_advisories/cc3xx_partial_tag_compare_on_chacha20_poly1305>` for more details.
36The mitigation is included in this release.
37
38New platforms supported
39=======================
40
41 - :doc:`stm32h573i_dk. </platform/stm/stm32h573i_dk/readme>`
42
43Tested platforms
44================
45
46The following platforms are successfully tested in this release.
47
48- **Arm**
49
50  - AN519
51  - AN521
52  - AN555
53  - Corstone-1000
54  - Corstone-300
55  - Corstone-310
56  - Musca-B1
57  - Musca-S1
58
59- **Infineon/Cypress**
60
61  - PSoC 64
62
63- **STM**
64
65  - B-U585I-IOT02A
66  - NUCLEO-L552ZE-Q
67  - STM32H573idk
68
69- **Nordic**
70
71  - nRF5340
72  - nRF9160
73
74- **NuMaker-PFM**
75
76  - M2351
77  - M2354
78
79- **NXP**
80
81  - LPCXpresso55S69
82
83Reference memory footprint
84==========================
85
86All measurements below are made for *AN521* platform, built `TF-Mv2.0.0-RC2
87<https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tag/?h=TF-Mv2.0.0-RC2>`_
88on Windows 10 using Armclang v6.18 and build type MinSizeRel.
89
90All modules are measured in bytes. Some minor modules are not shown in the table below.
91
92.. note::
93
94  Profile `Medium-ARoT-less` built with disabled Firmware Update service to align with other
95  TF-M Profiles.
96
97+----------------------+---------------+---------------+---------------+---------------+---------------+
98| Module               |      Base     |     Small     |   ARoT-less   |    Medium     |    Large      |
99+                      +-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
100|                      | Flash |  RAM  | Flash |  RAM  | Flash |  RAM  | Flash |  RAM  | Flash |  RAM  |
101+======================+=======+=======+=======+=======+=======+=======+=======+=======+=======+=======+
102|Generated (stack, stc)|  112  |  3184 |  160  |  3184 |  160  |  3184 |  208  |  3184 |  272  | 3184  |
103+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
104|Objects               |  940  |  1064 |  1224 |  5464 |  1313 |  6152 |  1443 |  1496 |  1518 | 1496  |
105+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
106|c_w.l                 |  190  |   0   |  690  |   0   |  690  |   0   |  690  |   0   |  930  |   0   |
107+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
108|platform (Secure)     |  5098 |  284  |  5430 |  284  |  5782 |  284  |  6154 |  284  |  6284 |  284  |
109+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
110|SPM                   |  3574 |  165  |  4456 |  165  |  3946 |  165  |  6330 |  1353 |  6484 | 1358  |
111+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
112|sprt                  |  274  |   0   |  1470 |   0   |  1308 |   0   |  2470 |   4   |  2454 |   4   |
113+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
114|MbedCrypto            |  N/A  |  N/A  | 25220 |  2108 | 29964 |  2104 | 29968 |  2104 | 78938 | 1996  |
115+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
116|PROT_attestation      |  N/A  |  N/A  |  2341 |  557  |  2571 |  1218 |  2571 |  3010 | 2687  | 3010  |
117+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
118|PROT_crypto           |  N/A  |  N/A  |  3866 |  2070 |  4420 | 16026 |  4420 | 22938 | 4552  | 25818 |
119+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
120|PROT_ITS              |  N/A  |  N/A  |  4830 |   80  |  4894 |  112  |  5064 |  1988 | 5068  | 2498  |
121+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
122|PROT_platform         |  N/A  |  N/A  |  N/A  |  N/A  |  478  |   0   |  520  |  1280 |  520  | 1280  |
123+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
124|AROT_PS               |  N/A  |  N/A  |  N/A  |  N/A  |  N/A  |  N/A  |  3276 |  4364 |  3276 | 4364  |
125+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
126|platform_crypto_keys  |  N/A  |  N/A  |  248  |   0   |  256  |   0   |  256  |   0   |  256  |   0   |
127+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
128|qcbor                 |  N/A  |  N/A  |  854  |   0   |  854  |   0   |  854  |   0   |  854  |   0   |
129+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
130|crypto_service_p256m  |  N/A  |  N/A  |  N/A  |  N/A  |  3534 |   0   |  3534 |   0   |  N/A  |  N/A  |
131+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
132|Padding               |   32  |   39  |  111  |   16  |  118  |   19  |  126  |  47   |  187  |  38   |
133+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
134|Total incl. padding   | 10220 |  4736 | 50900 | 13928 | 60288 | 29264 | 67884 | 42052 | 114280| 45300 |
135+----------------------+-------+-------+-------+-------+-------+-------+-------+-------+-------+-------+
136
137Known issues
138============
139
140Some open issues are not fixed in this release.
141
142.. list-table::
143  :header-rows: 1
144
145  * - Descriptions
146    - Issue links
147  * - TF-M Kconfig is broken due to build split. It will be recovered in a future release.
148    - Not tracked
149
150Issues fixed since v1.8.0
151=========================
152
153The following issues have been fixed since the v1.8.0 release.
154
155.. list-table::
156  :header-rows: 1
157
158  * - Descriptions
159    - Issue links
160  * - Arm GNU toolchain version greater than *11.2* has a linker issue in `syscall`.
161    - https://developer.trustedfirmware.org/T1029
162
163Reference
164=========
165
166.. [1] `P256-M <https://github.com/mpg/p256-m>`_
167.. [2] `TF-M QA Reports SQUAD <https://qa-reports.linaro.org/tf/tf-m/metrics>`_
168.. [3] `TF-M performance profiling tool <https://git.trustedfirmware.org/TF-M/tf-m-tools.git/tree/profiling>`_
169.. [4] `Read the Docs <https://docs.readthedocs.io/en/stable/#>`_
170
171--------------
172
173*Copyright (c) 2023, Arm Limited. All rights reserved.*
174